Re: [RFR] templates://ufw/{templates}

To: debian-l10n-english@lists.debian.org
Cc: ufw@packages.debian.org
Subject: Re: [RFR] templates://ufw/{templates}
From: Justin B Rye <jbr@edlug.org.uk>
Date: Thu, 21 May 2009 11:14:41 +0100
Message-id: <[🔎] 20090521101441.GA15864@xibalba.demon.co.uk>
Mail-followup-to: debian-l10n-english@lists.debian.org, ufw@packages.debian.org
In-reply-to: <[🔎] 20090520230830.GA25822@lupin.powdarrmonkey.net>
References: <SmithReviewDebconf-ufw-intent-1242754254@lupin.powdarrmonkey.net> <[🔎] 20090520230830.GA25822@lupin.powdarrmonkey.net>

Jonathan Wiltshire wrote:
> Your review should be sent as an answer to this mail.

>  Template: ufw/existing_configuration
>  Type: error
> +_Description: Existing configuration found
> 
> I can't explain why (I'm sure Justin can) but I think this reads better.

Agreed.  ("Found X" is active, with the subject omitted; "X found"
makes it passive, and can do that vagueness more naturally.)

>  Template: ufw/enable
[...] 
> + If you answer yes, the rules you set in this installer will take immediate
> + effect, and will be enabled during startup so that this host is protected
> + as early as possible. If you answer no, you must start ufw manually.

(Are we okay with implying that the answers are "yes" and "no" or is
that making some sort of invalid assumption?)
 
>  Template: ufw/allow_known_ports
>  Type: multiselect
>  _Choices: Cups, DNS, Imap (Secure), Pop3 (Secure), SSH, Samba, Smtp, WWW, WWW (Secure)

(Some inconsistent capitalisation there...)

>  _Description: Allow the following services:
> - Selecting an item from this list allows all traffic to the specified service.
> + The appropriate ports will be opened for each service you select in this list.
> + .
> + If you want to allow a service that is not in this list, you may do so later
> + in this installer.
> 
> Make it clearer exactly what's going to happen. Reassure the user that
> this isn't an absolute list; s/he can add other things in a minute.

s/later in this installer/later in this installation process/?

Talking about the installer might be confusing if it's a routine
version-upgrade; I'm not sure if my version's any better.
Alternatively we could turn it into something like "Allowing extra
services that are not on this list will be handled by a subsequent
question"?

>  Template: ufw/allow_custom_ports
>  Type: string
> -_Description: Allow additional ports:
> +_Description: Allow these additional ports:
> 
> Reads like a boolean - make it definitely not.

"Additional ports to be allowed:"?
 
>   Please enter a space separated list of any additional ports you would like to
> - have open. These may either be a service name as found in /etc/services, a
> - port number, or a port number/protocol combination. Eg, to allow http, port 53
> - and tcp port 22, use 'http 53 22/tcp'.
> + open. You may use a service name (as found in /etc/services), a
> + port number, or a port number with protocol.
> + .
> + Example: to allow http, port 53
> + and tcp port 22, enter 'http 53 22/tcp'.
> 
> Give the example its own paragraph for clarity. One can't 'have open',
> it's a verb (though I'm not a linguist :)

Sorry, I don't get it - you can have a window open, can't you?  But
yes, the "have" is redundant, now you mention it.

Hang on - "http" isn't in /etc/services (port 80 is "www").  Will
ufw in fact accept it? 

In the control file:
>  Package: ufw         
>  Architecture: all
[...]
>  Description: program for managing a netfilter firewall
                                      
Capitalised "Netfilter", though upstream don't seem to insist.

> + The Uncomplicated FireWall is a front-end for iptables, to make managing a
> + netfilter firewall easier. It provides a command line interface with packet
> + filter-style syntax. It is particularly well-suited as a host-based firewall.
> 
> This is quite a big rewrite. Start off spelling out what ufw is, and PF
> (I /presume/ it's packet filter, maintainer?)

Yes, Packet Filter rather than PostFix or PageFault or Pink Floyd!
There's a reference somewhere on their homepage.  I was thinking it
might read better as "with syntax similar to OpenBSD's Packet
Filter".  Which reminds me - should that Architecture: line now say
all-except-the-kfreebsds?
-- 
JBR	with qualifications in linguistics, experience as a Debian
	sysadmin, and probably no clue about this particular package

--- ../ufw-0.27.1.pristine/debian/templates	2009-05-19 14:16:07.000000000 +0100
+++ debian/templates	2009-05-21 11:09:14.000000000 +0100
@@ -1,28 +1,32 @@
 Template: ufw/existing_configuration
 Type: error
-_Description: Found existing configuration
- An existing configuration was found. Please use the ufw command to manage your
- firewall rules. See 'man ufw' for details.
+_Description: Existing configuration found
+ You must adjust your existing rules by hand. See the 'man ufw' command
+ for details.
 
 Template: ufw/enable
 Type: boolean
 Default: false
-_Description: Enable ufw
- If you enable ufw now, it will block incoming connections and will be started
- the next time you reboot. If it is disabled, ufw will not be started on boot.
- To start or stop ufw without rebooting, please use '/etc/init.d/ufw start' or
- '/etc/init.d/ufw stop'.
+_Description: Start ufw automatically?
+ If you answer yes, the rules you set in this installer will take immediate
+ effect, and will be enabled during startup so that this host is protected
+ as early as possible. If you answer no, you must start ufw manually.
 
 Template: ufw/allow_known_ports
 Type: multiselect
 _Choices: Cups, DNS, Imap (Secure), Pop3 (Secure), SSH, Samba, Smtp, WWW, WWW (Secure)
 _Description: Allow the following services:
- Selecting an item from this list allows all traffic to the specified service.
+ The appropriate ports will be opened for each service you select in this list.
+ .
+ If you want to allow a service that is not in this list, you may do so later
+ in this installation process.
 
 Template: ufw/allow_custom_ports
 Type: string
-_Description: Allow additional ports:
+_Description: Additional ports to be allowed:
  Please enter a space separated list of any additional ports you would like to
- have open. These may either be a service name as found in /etc/services, a
- port number, or a port number/protocol combination. Eg, to allow http, port 53
- and tcp port 22, use 'http 53 22/tcp'.
+ open. You may use a service name (as found in /etc/services), a
+ port number, or a port number with protocol.
+ .
+ Example: to allow http, port 53
+ and tcp port 22, enter 'http 53 22/tcp'.
--- ../ufw-0.27.1.pristine/debian/control	2009-05-19 14:16:07.000000000 +0100
+++ debian/control	2009-05-21 11:10:32.000000000 +0100
@@ -13,7 +13,8 @@
 Architecture: all
 Depends: debconf, ${python:Depends}, ${misc:Depends}, iptables (>= 1.4.0), ucf
 XB-Python-Version: ${python:Versions}
-Description: program for managing a netfilter firewall
- Ufw is a tool to manage a netfilter firewall. It provides a command line
- interface with PF-style syntax and aims to be uncomplicated and easy to use.
- It is particularly well-suited for use as a host-based firewall.
+Description: program for managing a Netfilter firewall
+ The Uncomplicated FireWall is a front-end for iptables, to make managing a
+ Netfilter firewall easier. It provides a command line interface with
+ syntax similar to OpenBSD's Packet Filter. It is particularly well-suited
+ as a host-based firewall.

Template: ufw/existing_configuration
Type: error
_Description: Existing configuration found
 You must adjust your existing rules by hand. See the 'man ufw' command
 for details.

Template: ufw/enable
Type: boolean
Default: false
_Description: Start ufw automatically?
 If you answer yes, the rules you set in this installer will take immediate
 effect, and will be enabled during startup so that this host is protected
 as early as possible. If you answer no, you must start ufw manually.

Template: ufw/allow_known_ports
Type: multiselect
_Choices: Cups, DNS, Imap (Secure), Pop3 (Secure), SSH, Samba, Smtp, WWW, WWW (Secure)
_Description: Allow the following services:
 The appropriate ports will be opened for each service you select in this list.
 .
 If you want to allow a service that is not in this list, you may do so later
 in this installation process.

Template: ufw/allow_custom_ports
Type: string
_Description: Additional ports to be allowed:
 Please enter a space separated list of any additional ports you would like to
 open. You may use a service name (as found in /etc/services), a
 port number, or a port number with protocol.
 .
 Example: to allow http, port 53
 and tcp port 22, enter 'http 53 22/tcp'.

Source: ufw
Section: admin
XS-Python-Version: >= 2.5
Priority: optional
Maintainer: Jamie Strandboge <jamie@ubuntu.com>
Build-Depends-Indep: python-central (>= 0.5.6), sed (>= 3.95), netbase, iptables
Build-Depends: debhelper (>= 5.0.38), po-debconf
Standards-Version: 3.8.1
Homepage: https://launchpad.net/ufw
Vcs-Bzr: https://bazaar.launchpad.net/~jdstrand/ufw/trunk

Package: ufw
Architecture: all
Depends: debconf, ${python:Depends}, ${misc:Depends}, iptables (>= 1.4.0), ucf
XB-Python-Version: ${python:Versions}
Description: program for managing a Netfilter firewall
 The Uncomplicated FireWall is a front-end for iptables, to make managing a
 Netfilter firewall easier. It provides a command line interface with
 syntax similar to OpenBSD's Packet Filter. It is particularly well-suited
 as a host-based firewall.

Reply to:

Follow-Ups:
- Re: [RFR] templates://ufw/{templates}
  - From: Christian Perrier <bubulle@debian.org>
- [RFR2] templates://ufw/{templates}
  - From: Jonathan Wiltshire <debian@jwiltshire.org.uk>

References:
- [RFR] templates://ufw/{templates}
  - From: Jonathan Wiltshire <debian@jwiltshire.org.uk>

Prev by Date: Re: Request for review of a new package's description
Next by Date: Re: [RFR] templates://ufw/{templates}
Previous by thread: [RFR] templates://ufw/{templates}
Next by thread: Re: [RFR] templates://ufw/{templates}
Index(es):
- Date
- Thread