Re: [RFR] fwsnort package
Franck Joncourt wrote:
> ---- debian/control file
> Description: makes use of Snort rules in an iptables-based firewall
That's a perfectly good verb phrase (saying what the package does);
but synopsis lines should be noun phrases (saying what it is).
Something like:
Description: Snort rules converter for iptables
Description: firewall builder using Snort rules
Description: Snort-to-iptables rule translator
> Fwsnort translates Snort rules into iptables rule approximations and
> generates a Bourne shell script that implements the resulting iptables
> commands.
When you say "iptables rule approximations", are they in fact only
approximate or should it be "equivalent iptables rules"?
(It's possible that the pedantically correct term is "Netfilter
rules", or even "Xtables rules"...)
What does it mean these days to say something is a _Bourne_ shell
script? After all, it'll probably be dash that executes it...
> .
> This ruleset allows network traffic that exhibits Snort signatures
> to be logged and/or dropped by iptables directly without putting any
> interface into promiscuous mode or queuing packets from kernel to
> user space.
What ruleset is "This ruleset" referring to? The simplest fix would
be to take out the word "ruleset" and leave a vague "this" pointing
at the whole previous paragraph.
Saying that traffic "exhibits" signatures seems obscure; couldn't it
just say it "matches" them?
> ---- debian/README.Debian
...
> ---- debian/fwsnort.templates
These look fine to me.
--
JBR with qualifications in linguistics, experience as a Debian
sysadmin, and probably no clue about this particular package
Reply to: