On Tue, Jan 04, 2011 at 10:52:35AM +0000, Justin B Rye wrote:
> > Rules are only saved automatically during package installation. See the
> > manual page of iptables-save(8) for instructions on keeping the rules file
> > up-to-date.
>
> Well, or during dpkg-reconfigure runs? Maybe it should say:
No, not during dpkg-reconfigure nor upgrades (well, as of the next
release-to-be, anyway). This is so that the comment in the file, which
includes the date it was saved, isn't touched so the file isn't needlessly
modified.
> > --- control 2011-01-04 06:46:06.315004391 +0100
> > +++ control.bubulle 2011-01-04 06:47:12.179048425 +0100
> > @@ -10,9 +10,9 @@
> > Package: iptables-persistent
> > Architecture: all
> > Depends: iptables, lsb-base, ${misc:Depends}
> > -Description: simple package to set up iptables on boot
> > +Description: set up iptables on boot
>
> Is a verb phrase. I agree "package" seems a somewhat redundant word
> for a package synopsis (and once you're comparing it to non-package
> solutions like a pre-up line in /etc/network/interfaces, an
> initscript isn't obviously simpler), but it needs to be something
> like:
>
> Description: mechanism for setting up iptables on boot
>
> We might say "setting up a firewall", though the most recent thing I
> used iptables for was setting up NAT with no packet filtering...
I wonder about "mechanism for loading iptables/ip6tables rules on boot"?
"on boot" feels awkward though, "during system startup" would make it
consistent with the templates.
--
Jonathan Wiltshire jmw@debian.org
Debian Developer http://people.debian.org/~jmw
4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51
Attachment:
signature.asc
Description: Digital signature