On Tue, Jan 04, 2011 at 10:52:35AM +0000, Justin B Rye wrote: > > Rules are only saved automatically during package installation. See the > > manual page of iptables-save(8) for instructions on keeping the rules file > > up-to-date. > > Well, or during dpkg-reconfigure runs? Maybe it should say: No, not during dpkg-reconfigure nor upgrades (well, as of the next release-to-be, anyway). This is so that the comment in the file, which includes the date it was saved, isn't touched so the file isn't needlessly modified. > > --- control 2011-01-04 06:46:06.315004391 +0100 > > +++ control.bubulle 2011-01-04 06:47:12.179048425 +0100 > > @@ -10,9 +10,9 @@ > > Package: iptables-persistent > > Architecture: all > > Depends: iptables, lsb-base, ${misc:Depends} > > -Description: simple package to set up iptables on boot > > +Description: set up iptables on boot > > Is a verb phrase. I agree "package" seems a somewhat redundant word > for a package synopsis (and once you're comparing it to non-package > solutions like a pre-up line in /etc/network/interfaces, an > initscript isn't obviously simpler), but it needs to be something > like: > > Description: mechanism for setting up iptables on boot > > We might say "setting up a firewall", though the most recent thing I > used iptables for was setting up NAT with no packet filtering... I wonder about "mechanism for loading iptables/ip6tables rules on boot"? "on boot" feels awkward though, "during system startup" would make it consistent with the templates. -- Jonathan Wiltshire jmw@debian.org Debian Developer http://people.debian.org/~jmw 4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51
Attachment:
signature.asc
Description: Digital signature