> Christian, can you please check if Michael's templates are conforming with > the dev-ref?
Here are my suggestions. I limited to basic things. There are several things I would probably have written differently but I'm not sure enough of my English skills to turn them into recommendations.
--- /home/bubulle/tmp/templates 2006-04-05 07:38:32.032272888 +0200 +++ /home/bubulle/tmp/templates.new 2006-04-05 07:43:29.769010024 +0200 @@ -6,7 +6,7 @@ Type: string _description: External network interfaces: The external network interfaces connect this machine - to untrusted networks (e.g. the internet). The firewall will only permit + to untrusted networks (e.g. the Internet). The firewall will only permit connections attempts with explicitly allowed source/destination-port combinations on these interfaces. You have to specify all external interfaces (e.g. eth0 and/or ppp0). @@ -24,12 +24,12 @@ Type: boolean _description: Is DHCP used on external interfaces? This machine might use DHCP to dynamically obtain its IP address from - your internet service provider (ISP). This will be almost always the case + your Internet service provider (ISP). This will be almost always the case if you have a non-permanent (e.g. dialup) connection. . If DHCP is not explicitly enabled, the firewall will block all DHCP-related network traffic. - . + . Leave this enabled, if you are unsure. Default: true @@ -38,7 +38,7 @@ _description: Open external TCP-ports: The default firewall policy is to deny all incoming traffic on the external interfaces. If this machine provides services to the outside - world (e.g. the internet) they have to be explicitly enabled. + world (e.g. the Internet) they have to be explicitly enabled. . Please specify the TCP-ports numbers associated with the services that shall be accessible from the outside world. Some frequently used ports are: 80 @@ -54,7 +54,7 @@ _description: Open external UDP-ports: The default firewall policy is to deny all incoming traffic on the external interfaces. If this machine provides services for the outside - world (e.g. the internet) they have to be explicitly enabled. + world (e.g. the Internet) they have to be explicitly enabled. . Please specify the UDP-ports numbers associated with the services that shall be accessible from the outside world. @@ -67,26 +67,26 @@ Template: arno-iptables-firewall/restart Type: boolean _description: Should the firewall be (re)started now? - For security reasons the (new) firewall setup is not applied - automatically. You might want to perform a manual inspection of the - firewall configuration at /etc/default/arno-iptables-firewall, especially - when upgrading to a new version as configuration variables might have changed. + For security reasons the new firewall setup is not applied + automatically. You might want to perform a manual inspection of the + firewall configuration in /etc/default/arno-iptables-firewall, especially + when upgrading to a new version, as configuration variables might have changed. . In order to later manually apply the new firewall settings before the next reboot, invoke 'invoke-rc.d arno-iptables-firewall start'. . - If you do not need manual inspection the firewall-setup can be applied now. + If you do not need manual inspection, the firewall-setup can be applied now. Default: true Template: arno-iptables-firewall/nat Type: boolean _description: Do you want to enable NAT? If the connected internal networks should be able to access the outside - world (e.g. the internet) through the firewall, masquerading (NAT) has + world (e.g. the Internet) through the firewall, masquerading (NAT) has to be enabled. . - If you don't know what that means, you can safely leave this disabled. + When in doubt, you can safely leave this disabled. Default: false Template: arno-iptables-firewall/config-int-if @@ -95,7 +95,7 @@ The internal network interfaces connect this machine to trusted networks (e.g. the office or home LAN). The firewall will permit all connection attempts on these interfaces. If you specify such interfaces, - you will be able to permit the internal networks to access internet through + you will be able to permit the internal networks to access the Internet through this host. If there are no such interfaces, leave this empty. . Multiple interfaces should be entered space separated. @@ -118,7 +118,7 @@ also possible to specify single hosts by their IP addresses. If you have multiple internal networks and/or hosts, they should be given space separated. . - If you leave this empty the value is automatically set to equal the internal + If you leave this empty, the value is automatically set to equal the internal network. Therefore the WHOLE internal network will have access to the external networks, so be careful to only specify networks that should have access to the outside world. @@ -139,11 +139,11 @@ Template: arno-iptables-firewall/debconf-wanted Type: boolean _description: Do you want to manage the firewall setup with debconf? - A basic firewall setup that is suitable for most purposes can be created by - answering a few questions. This should be the prefered option for all who are + A basic firewall setup that is suitable for most purposes can be created by + answering a few questions. This should be the prefered option for all who are not familiar with firewall related topics. . - If you do not want that, the firewall will not work before you have edited + If you do not want that, the firewall will not work before you have edited the configuration manually. Default: true
signature.asc
Description: Digital signature
