aboutsummaryrefslogtreecommitdiff
path: root/network/arno-iptables-firewall
diff options
context:
space:
mode:
authorB. Watson <yalhcru@gmail.com>2022-03-13 17:30:12 -0400
committerB. Watson <yalhcru@gmail.com>2022-03-13 17:30:12 -0400
commite427fa33b4c7eaf6a52c01eca7c8ae3dce4b738b (patch)
tree6250ac76059816c28e3e96c73c52d5bf3413e35d /network/arno-iptables-firewall
parent965549a552b4d4197671219753575dca191ffbc0 (diff)
network/arno-iptables-firewall: Wrap README at 72 columns.
Signed-off-by: B. Watson <yalhcru@gmail.com>
Diffstat (limited to 'network/arno-iptables-firewall')
-rw-r--r--network/arno-iptables-firewall/README52
1 files changed, 28 insertions, 24 deletions
diff --git a/network/arno-iptables-firewall/README b/network/arno-iptables-firewall/README
index 23ad6f4255c5b..8c697817da30d 100644
--- a/network/arno-iptables-firewall/README
+++ b/network/arno-iptables-firewall/README
@@ -1,30 +1,33 @@
-arno-iptables-firewall is a front-end for iptables. Its configuration script
-will set up a secure and restrictive firewall by just asking a few questions.
-This includes configuring internal networks for Internet access via NAT, and
-potential network services like http or ssh. Moreover, it provides advanced
-additional features that can be enabled in the well documented configuration
-file.
+arno-iptables-firewall is a front-end for iptables. Its configuration
+script will set up a secure and restrictive firewall by just asking
+a few questions. This includes configuring internal networks for
+Internet access via NAT, and potential network services like http or
+ssh. Moreover, it provides advanced additional features that can be
+enabled in the well documented configuration file.
-NOTE - The setup script will NOT run automatically after the package has been
-installed. In order to run the script, the following command has to be issued:
+NOTE - The setup script will NOT run automatically after the package
+has been installed. In order to run the script, the following command
+has to be issued:
# arno-iptables-firewall-configure
-In order to start the firewall automatically at boot-time, an "rc.firewall"
-symlink to the startup script has to be created in /etc/rc.d/ and of course
-the startup script itself should be executable:
+In order to start the firewall automatically at boot-time, an
+"rc.firewall" symlink to the startup script has to be created
+in /etc/rc.d/ and of course the startup script itself should be
+executable:
# cd /etc/rc.d/
# ln -sv rc.arno-iptables-firewall rc.firewall
# chmod +x rc.arno-iptables-firewall
-In order to disable startup of the firewall at boot time, remove the symlink or
-the executable bit from the startup script:
+In order to disable startup of the firewall at boot time, remove the
+symlink or the executable bit from the startup script:
# rm /etc/rc.d/rc.firewall
# chmod -x /etc/rc.d/rc.arno-iptables-firewall
-The firewall can also be started manually with one of the following commands:
+The firewall can also be started manually with one of the following
+commands:
# arno-iptables-firewall start
# /etc/rc.d/rc.arno-iptables-firewall start
@@ -34,15 +37,16 @@ Please refer to the man page for more details.
IMPORTANT - A few security notes from the upstream author:
-1) If possible make sure that the firewall is started before the (ADSL) Internet
-connection is enabled. For a ppp-interface that doesn't exist yet, you can use
-the wildcard device called "ppp+" (but you can only use ppp+ if there aren't any
-other ppp interfaces).
+1) If possible make sure that the firewall is started before the
+(ADSL) Internet connection is enabled. For a ppp-interface that
+doesn't exist yet, you can use the wildcard device called "ppp+" (but
+you can only use ppp+ if there aren't any other ppp interfaces).
-2) Don't change any (security) settings ('EXPERT SETTINGS') if you don't really
-understand what they mean. Changing them anyway could have a big impact on the
-security of your machine.
+2) Don't change any (security) settings ('EXPERT SETTINGS') if you
+don't really understand what they mean. Changing them anyway could
+have a big impact on the security of your machine.
-3) A lot of people complain that their server stopped working after installing
-the firewall. This is the correct behaviour for a firewall: blocking all
-incoming traffic by default. Configure your OPEN_TCP (e.g.) accordingly.
+3) A lot of people complain that their server stopped working after
+installing the firewall. This is the correct behaviour for a firewall:
+blocking all incoming traffic by default. Configure your OPEN_TCP
+(e.g.) accordingly.