[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [RFR] templates://iptables-persistent/{iptables-persistent.templates}



Christian PERRIER wrote:
>  _Description: Save current IPv4 rules?
> - The installer can save your current iptables rules to the configuration
> + Current iptables rules can be saved to the configuration
>   file /etc/iptables/rules.v4. These rules will then be loaded next time
>   the machine is started.

And all subsequent times (or even if I do a kexec reload without the
machine powering down at all).  Make it "loaded automatically during
system startup"? 

(And ditto for v6)

>   Rules are only saved automatically during package installation. See the
>   manual page of iptables-save(8) for instructions on keeping the rules file
>   up-to-date.

Well, or during dpkg-reconfigure runs?  Maybe it should say:

    Any subsequent iptables setup will not be saved to this file, so see the
    manual page of iptables-save(8) for instructions on keeping the persistent
    rules up-to-date.

but I'll leave that out of my patch.

> --- control	2011-01-04 06:46:06.315004391 +0100
> +++ control.bubulle	2011-01-04 06:47:12.179048425 +0100
> @@ -10,9 +10,9 @@
>  Package: iptables-persistent
>  Architecture: all
>  Depends: iptables, lsb-base, ${misc:Depends}
> -Description: simple package to set up iptables on boot
> +Description: set up iptables on boot

Is a verb phrase.  I agree "package" seems a somewhat redundant word
for a package synopsis (and once you're comparing it to non-package
solutions like a pre-up line in /etc/network/interfaces, an
initscript isn't obviously simpler), but it needs to be something
like:

   Description: mechanism for setting up iptables on boot             

We might say "setting up a firewall", though the most recent thing I
used iptables for was setting up NAT with no packet filtering...

Oh, and how about changing...

>  This package provides a system startup script that restores iptables
>  rules from a configuration file.

...to say "iptables/ip6tables rules"?  Again, not in the patch.
-- 
JBR	with qualifications in linguistics, experience as a Debian
	sysadmin, and probably no clue about this particular package
Source: iptables-persistent
Section: admin
Priority: optional
Maintainer: Jonathan Wiltshire <jmw@debian.org>
Build-Depends: debhelper (>= 7.0.50~), po-debconf
Standards-Version: 3.9.1
Vcs-Browser: http://robin.powdarrmonkey.net/cgi-bin/gitweb.cgi?p=iptables-persistent
Vcs-Git: git://robin.powdarrmonkey.net/git/iptables-persistent/

Package: iptables-persistent
Architecture: all
Depends: iptables, lsb-base, ${misc:Depends}
Description: mechanism for setting up iptables on boot
 This package provides a system startup script that restores iptables
 rules from a configuration file.
 .
 Since this is aimed at experienced administrators, there is no configuration
 wizard.
Template: iptables-persistent/autosave_v4
Type: boolean
Default: false
_Description: Save current IPv4 rules?
 Current iptables rules can be saved to the configuration
 file /etc/iptables/rules.v4. These rules will then be loaded automatically
 during system startup.
 .
 Rules are only saved automatically during package installation. See the
 manual page of iptables-save(8) for instructions on keeping the rules file
 up-to-date.

Template: iptables-persistent/autosave_v6
Type: boolean
Default: false
_Description: Save current IPv6 rules?
 Current ip6tables rules can be saved to the configuration
 file /etc/iptables/rules.v6. These rules will then be loaded automatically
 during system startup.
 .
 Rules are only saved automatically during package installation. See the
 manual page of ip6tables-save(8) for instructions on keeping the rules file
 up-to-date.
diff -ru old/control new/control
--- old/control	2011-01-04 10:32:12.000000000 +0000
+++ new/control	2011-01-04 10:44:04.000000000 +0000
@@ -10,9 +10,9 @@
 Package: iptables-persistent
 Architecture: all
 Depends: iptables, lsb-base, ${misc:Depends}
-Description: simple package to set up iptables on boot
- This package just contains a system startup script that restores iptables
+Description: mechanism for setting up iptables on boot
+ This package provides a system startup script that restores iptables
  rules from a configuration file.
  .
- Since this is aimed at experienced adminstrators, there is no configuration
+ Since this is aimed at experienced administrators, there is no configuration
  wizard.
Only in new: iptables-persistent.patch
diff -ru old/iptables-persistent.templates new/iptables-persistent.templates
--- old/iptables-persistent.templates	2011-01-04 10:32:10.000000000 +0000
+++ new/iptables-persistent.templates	2011-01-04 10:31:17.000000000 +0000
@@ -2,9 +2,9 @@
 Type: boolean
 Default: false
 _Description: Save current IPv4 rules?
- The installer can save your current iptables rules to the configuration
- file /etc/iptables/rules.v4. These rules will then be loaded next time
- the machine is started.
+ Current iptables rules can be saved to the configuration
+ file /etc/iptables/rules.v4. These rules will then be loaded automatically
+ during system startup.
  .
  Rules are only saved automatically during package installation. See the
  manual page of iptables-save(8) for instructions on keeping the rules file
@@ -14,9 +14,9 @@
 Type: boolean
 Default: false
 _Description: Save current IPv6 rules?
- The installer can save your current iptables rules to the configuration
- file /etc/iptables/rules.v6. These rules will then be loaded next time
- the machine is started.
+ Current ip6tables rules can be saved to the configuration
+ file /etc/iptables/rules.v6. These rules will then be loaded automatically
+ during system startup.
  .
  Rules are only saved automatically during package installation. See the
  manual page of ip6tables-save(8) for instructions on keeping the rules file

Reply to: