diff options
author | Mohit Mehta <mohit.mehta@vyatta.com> | 2010-07-21 14:09:16 -0700 |
---|---|---|
committer | Mohit Mehta <mohit.mehta@vyatta.com> | 2010-07-21 14:09:16 -0700 |
commit | ec4aae6176eaea28a5ec9cd8200f4de791fdb5f2 (patch) | |
tree | d7f255133ba3c96a52e9b55da48408608b302ad0 | |
parent | 3ad5af523f8086d71508d30e0c3f95ea73faf546 (diff) | |
download | vyatta-cfg-firewall-ec4aae6176eaea28a5ec9cd8200f4de791fdb5f2.tar.gz vyatta-cfg-firewall-ec4aae6176eaea28a5ec9cd8200f4de791fdb5f2.zip |
undo verb usage at the start of help strings
266 files changed, 266 insertions, 266 deletions
diff --git a/templates/firewall/all-ping/node.def b/templates/firewall/all-ping/node.def index 40962c7..3b7de60 100644 --- a/templates/firewall/all-ping/node.def +++ b/templates/firewall/all-ping/node.def @@ -4,7 +4,7 @@ type: txt -help: Set handling of all IPv4 ICMP echo requests +help: Policy for handling of all IPv4 ICMP echo requests comp_help:Possible completions: disable\tDisable processing of all IPv4 ICMP echo requests diff --git a/templates/firewall/broadcast-ping/node.def b/templates/firewall/broadcast-ping/node.def index 03f0bd2..bded462 100644 --- a/templates/firewall/broadcast-ping/node.def +++ b/templates/firewall/broadcast-ping/node.def @@ -5,7 +5,7 @@ type: txt -help: Set handling of broadcast IPv4 ICMP echo and timestamp requests +help: Policy for handling broadcast IPv4 ICMP echo and timestamp requests comp_help:Possible completions: disable\tDisable processing of broadcast IPv4 ICMP echo/timestamp requests diff --git a/templates/firewall/conntrack-expect-table-size/node.def b/templates/firewall/conntrack-expect-table-size/node.def index 12d7884..1fb060c 100644 --- a/templates/firewall/conntrack-expect-table-size/node.def +++ b/templates/firewall/conntrack-expect-table-size/node.def @@ -13,7 +13,7 @@ type: u32 -help: Set size of netfilter connection tracking expect table +help: Size of connection tracking expect table default: 4096 diff --git a/templates/firewall/conntrack-hash-size/node.def b/templates/firewall/conntrack-hash-size/node.def index 0d11fae..6f9f85a 100644 --- a/templates/firewall/conntrack-hash-size/node.def +++ b/templates/firewall/conntrack-hash-size/node.def @@ -1,4 +1,4 @@ -help: Set hash size for connection tracking table +help: Hash size for connection tracking table type: u32 default: 4096 diff --git a/templates/firewall/conntrack-options/node.def b/templates/firewall/conntrack-options/node.def index 2a80cee..e596a1b 100644 --- a/templates/firewall/conntrack-options/node.def +++ b/templates/firewall/conntrack-options/node.def @@ -1 +1 @@ -help: Set conntrack options +help: Connection tracking options diff --git a/templates/firewall/conntrack-options/sip/enable-indirect-media/node.def b/templates/firewall/conntrack-options/sip/enable-indirect-media/node.def index 777e16d..c29389e 100644 --- a/templates/firewall/conntrack-options/sip/enable-indirect-media/node.def +++ b/templates/firewall/conntrack-options/sip/enable-indirect-media/node.def @@ -1 +1 @@ -help: Enable support for indirect media streams +help: Option to support for indirect media streams diff --git a/templates/firewall/conntrack-options/sip/enable-indirect-signalling/node.def b/templates/firewall/conntrack-options/sip/enable-indirect-signalling/node.def index d705bb3..82782ff 100644 --- a/templates/firewall/conntrack-options/sip/enable-indirect-signalling/node.def +++ b/templates/firewall/conntrack-options/sip/enable-indirect-signalling/node.def @@ -1 +1 @@ -help: Enable support for indirect signalling streams +help: Option to support for indirect signalling streams diff --git a/templates/firewall/conntrack-options/sip/node.def b/templates/firewall/conntrack-options/sip/node.def index 38add57..ee79af1 100644 --- a/templates/firewall/conntrack-options/sip/node.def +++ b/templates/firewall/conntrack-options/sip/node.def @@ -1,4 +1,4 @@ -help: Set SIP conntrack options +help: SIP conntrack options end: reload=0 sdm=2 diff --git a/templates/firewall/conntrack-options/sip/port/node.def b/templates/firewall/conntrack-options/sip/port/node.def index ef09321..7fe05fb 100644 --- a/templates/firewall/conntrack-options/sip/port/node.def +++ b/templates/firewall/conntrack-options/sip/port/node.def @@ -1,6 +1,6 @@ multi: -help: Set port number that SIP traffic is carried on +help: Port number that SIP traffic is carried on comp_help: Possible completions: 1 - 65535\tSIP port number diff --git a/templates/firewall/conntrack-table-size/node.def b/templates/firewall/conntrack-table-size/node.def index c0a7e9c..6974c7a 100644 --- a/templates/firewall/conntrack-table-size/node.def +++ b/templates/firewall/conntrack-table-size/node.def @@ -17,7 +17,7 @@ type: u32 -help: Set size of netfilter connection tracking table +help: Size of connection tracking table default: 32768 diff --git a/templates/firewall/conntrack-tcp-loose/node.def b/templates/firewall/conntrack-tcp-loose/node.def index b261052..a2b2aba 100644 --- a/templates/firewall/conntrack-tcp-loose/node.def +++ b/templates/firewall/conntrack-tcp-loose/node.def @@ -14,7 +14,7 @@ type: txt -help: Set tracking of previously established connections +help: Policy to track previously established connections comp_help:Possible completions: enable\tAllow tracking of previously established connections diff --git a/templates/firewall/group/address-group/node.def b/templates/firewall/group/address-group/node.def index 2b25a54..a19d9ff 100644 --- a/templates/firewall/group/address-group/node.def +++ b/templates/firewall/group/address-group/node.def @@ -1,7 +1,7 @@ tag: priority: 200 type: txt -help: Set a firewall address-group +help: Firewall address-group syntax:expression: exec " \ if [ `echo $VAR(@) | wc -c` -gt 31 ]; then \ diff --git a/templates/firewall/group/address-group/node.tag/address/node.def b/templates/firewall/group/address-group/node.tag/address/node.def index ff743f9..2e8edcd 100644 --- a/templates/firewall/group/address-group/node.tag/address/node.def +++ b/templates/firewall/group/address-group/node.tag/address/node.def @@ -1,6 +1,6 @@ multi: type: txt -help: Set a address-group member +help: Address-group member syntax:expression: exec "sudo /opt/vyatta/sbin/vyatta-ipset.pl \ --action=check-member \ diff --git a/templates/firewall/group/address-group/node.tag/description/node.def b/templates/firewall/group/address-group/node.tag/description/node.def index 05f7e51..0293fdc 100644 --- a/templates/firewall/group/address-group/node.tag/description/node.def +++ b/templates/firewall/group/address-group/node.tag/description/node.def @@ -1,2 +1,2 @@ type: txt -help: Set address-group description +help: Address-group description diff --git a/templates/firewall/group/network-group/node.def b/templates/firewall/group/network-group/node.def index b34dfe6..e407b0a 100644 --- a/templates/firewall/group/network-group/node.def +++ b/templates/firewall/group/network-group/node.def @@ -1,7 +1,7 @@ tag: priority: 200 type: txt -help: Set a firewall network-group +help: Firewall network-group syntax:expression: exec " \ if [ `echo $VAR(@) | wc -c` -gt 31 ]; then \ diff --git a/templates/firewall/group/network-group/node.tag/description/node.def b/templates/firewall/group/network-group/node.tag/description/node.def index 3c50208..52bb8e4 100644 --- a/templates/firewall/group/network-group/node.tag/description/node.def +++ b/templates/firewall/group/network-group/node.tag/description/node.def @@ -1,2 +1,2 @@ type: txt -help: Set network-group description +help: Network-group description diff --git a/templates/firewall/group/network-group/node.tag/network/node.def b/templates/firewall/group/network-group/node.tag/network/node.def index da09d0c..8899450 100644 --- a/templates/firewall/group/network-group/node.tag/network/node.def +++ b/templates/firewall/group/network-group/node.tag/network/node.def @@ -1,6 +1,6 @@ multi: type: ipv4net -help: Set a network-group member +help: Network-group member syntax:expression: exec "sudo /opt/vyatta/sbin/vyatta-ipset.pl \ --action=check-member \ diff --git a/templates/firewall/group/node.def b/templates/firewall/group/node.def index 3bd65ae..81afdd6 100644 --- a/templates/firewall/group/node.def +++ b/templates/firewall/group/node.def @@ -1,4 +1,4 @@ -help: Set a firewall group +help: Firewall group comp_help: possible completions: <txt> Set the name of the firewall group diff --git a/templates/firewall/group/port-group/node.def b/templates/firewall/group/port-group/node.def index fb3a403..ee655ee 100644 --- a/templates/firewall/group/port-group/node.def +++ b/templates/firewall/group/port-group/node.def @@ -1,7 +1,7 @@ tag: priority: 200 type: txt -help: Set a firewall port-group +help: Firewall port-group syntax:expression: exec " \ if [ `echo $VAR(@) | wc -c` -gt 31 ]; then \ diff --git a/templates/firewall/group/port-group/node.tag/description/node.def b/templates/firewall/group/port-group/node.tag/description/node.def index 90124a9..7036aea 100644 --- a/templates/firewall/group/port-group/node.tag/description/node.def +++ b/templates/firewall/group/port-group/node.tag/description/node.def @@ -1,2 +1,2 @@ type: txt -help: Set port-group description +help: Port-group description diff --git a/templates/firewall/group/port-group/node.tag/port/node.def b/templates/firewall/group/port-group/node.tag/port/node.def index 3394325..ae7d944 100644 --- a/templates/firewall/group/port-group/node.tag/port/node.def +++ b/templates/firewall/group/port-group/node.tag/port/node.def @@ -1,6 +1,6 @@ multi: type: txt -help: Set a port-group member +help: Port-group member syntax:expression: exec "sudo /opt/vyatta/sbin/vyatta-ipset.pl \ --action=check-member \ diff --git a/templates/firewall/ip-src-route/node.def b/templates/firewall/ip-src-route/node.def index 07d1ab2..af8162c 100644 --- a/templates/firewall/ip-src-route/node.def +++ b/templates/firewall/ip-src-route/node.def @@ -6,7 +6,7 @@ type: txt -help: Set policy for handling IPv4 packets with source route option +help: Policy for handling IPv4 packets with source route option comp_help:Possible completions: enable\tEnable processing of IPv4 packets with source route option diff --git a/templates/firewall/ipv6-modify/node.def b/templates/firewall/ipv6-modify/node.def index 733f989..9a4b487 100644 --- a/templates/firewall/ipv6-modify/node.def +++ b/templates/firewall/ipv6-modify/node.def @@ -27,4 +27,4 @@ end: if sudo /opt/vyatta/sbin/vyatta-firewall.pl --update-rules ipv6-modify "$VA create: sudo /opt/vyatta/sbin/vyatta-firewall.pl --setup ip6tables ipv6-modify -help: Set IPv6 modify rule set name +help: IPv6 modify rule-set name diff --git a/templates/firewall/ipv6-modify/node.tag/default-action/node.def b/templates/firewall/ipv6-modify/node.tag/default-action/node.def index 6c514b0..34ed318 100644 --- a/templates/firewall/ipv6-modify/node.tag/default-action/node.def +++ b/templates/firewall/ipv6-modify/node.tag/default-action/node.def @@ -1,6 +1,6 @@ type: txt -help: Set firewall default-action +help: Default-action for rule-set default: "drop" diff --git a/templates/firewall/ipv6-modify/node.tag/description/node.def b/templates/firewall/ipv6-modify/node.tag/description/node.def index cbd090b..e8e221b 100644 --- a/templates/firewall/ipv6-modify/node.tag/description/node.def +++ b/templates/firewall/ipv6-modify/node.tag/description/node.def @@ -1,3 +1,3 @@ type: txt -help: Set IPv6 modify rule set description +help: Rule-set description diff --git a/templates/firewall/ipv6-modify/node.tag/enable-default-log/node.def b/templates/firewall/ipv6-modify/node.tag/enable-default-log/node.def index 96b37ea..e540d3f 100644 --- a/templates/firewall/ipv6-modify/node.tag/enable-default-log/node.def +++ b/templates/firewall/ipv6-modify/node.tag/enable-default-log/node.def @@ -1 +1 @@ -help: Set logging on default-action +help: Option to log packets hitting default-action diff --git a/templates/firewall/ipv6-modify/node.tag/rule/node.def b/templates/firewall/ipv6-modify/node.tag/rule/node.def index 33fa91b..e2dc34e 100644 --- a/templates/firewall/ipv6-modify/node.tag/rule/node.def +++ b/templates/firewall/ipv6-modify/node.tag/rule/node.def @@ -2,6 +2,6 @@ tag: type: u32 -help: Set IPv6 modify rule number (1-9999) +help: Rule number (1-9999) syntax:expression: $VAR(@) > 0 && $VAR(@) <= 9999; "firewall rule number must be between 1 and 9999" diff --git a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/action/node.def b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/action/node.def index d5e7408..25a9069 100644 --- a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/action/node.def +++ b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/action/node.def @@ -1,6 +1,6 @@ type: txt -help: Set firewall rule action +help: Rule action syntax:expression: $VAR(@) in "drop", "accept", "modify"; "action must be one of drop, accept, or modify" diff --git a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/description/node.def b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/description/node.def index b49b91e..90bf88b 100644 --- a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/description/node.def +++ b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/description/node.def @@ -1,3 +1,3 @@ type: txt -help: Set rule description +help: Rule description diff --git a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/destination/address/node.def b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/destination/address/node.def index 5c7f5e9..1adbe8d 100644 --- a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/destination/address/node.def +++ b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/destination/address/node.def @@ -1,6 +1,6 @@ type: txt -help: Set source IPv6 address, prefix or range to match +help: Destination IPv6 address, prefix or range comp_help: Possible completions: <x:x:x:x:x:x:x:x> IPv6 address to match diff --git a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/destination/node.def b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/destination/node.def index 500e0bb..dc227b7 100644 --- a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/destination/node.def +++ b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/destination/node.def @@ -1 +1 @@ -help: Set firewall destination parameters +help: Destination parameters diff --git a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/destination/port/node.def b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/destination/port/node.def index b292864..760c0e8 100644 --- a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/destination/port/node.def +++ b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/destination/port/node.def @@ -1,6 +1,6 @@ type: txt -help: Set destination port +help: Destination port comp_help: Destination port(s) can be specified as a comma-separated list of: <port name> Named port (any name in /etc/services, e.g., http) diff --git a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/disable/node.def b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/disable/node.def index 498a027..70565eb 100644 --- a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/disable/node.def +++ b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/disable/node.def @@ -1 +1 @@ -help: Set firewall rule disabled
\ No newline at end of file +help: Option to disable rule diff --git a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/icmpv6/node.def b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/icmpv6/node.def index d4dc9c0..7032b30 100644 --- a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/icmpv6/node.def +++ b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/icmpv6/node.def @@ -1 +1 @@ -help: Set rule ICMPv6 type and code information +help: ICMPv6 type and code information diff --git a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/icmpv6/type/node.def b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/icmpv6/type/node.def index 13ff654..a066647 100644 --- a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/icmpv6/type/node.def +++ b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/icmpv6/type/node.def @@ -1,6 +1,6 @@ type: txt -help: Set ICMPv6 type/code +help: ICMPv6 type/code comp_help: Possible completions: destination-unreachable ICMPv6 type/code name diff --git a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/ipsec/match-ipsec/node.def b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/ipsec/match-ipsec/node.def index 8d4bf12..96ada47 100644 --- a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/ipsec/match-ipsec/node.def +++ b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/ipsec/match-ipsec/node.def @@ -1 +1 @@ -help: Match inbound IPsec packets +help: Inbound IPsec packets diff --git a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/ipsec/match-none/node.def b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/ipsec/match-none/node.def index cfcbc8a..2d717d5 100644 --- a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/ipsec/match-none/node.def +++ b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/ipsec/match-none/node.def @@ -1 +1 @@ -help: Match inbound non-IPsec packets +help: Inbound non-IPsec packets diff --git a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/ipsec/node.def b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/ipsec/node.def index c905e2d..96ada47 100644 --- a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/ipsec/node.def +++ b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/ipsec/node.def @@ -1 +1 @@ -help: Set inbound IPsec packet matching +help: Inbound IPsec packets diff --git a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/limit/burst/node.def b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/limit/burst/node.def index 307e602..9097370 100644 --- a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/limit/burst/node.def +++ b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/limit/burst/node.def @@ -1,4 +1,4 @@ type: u32 default: 1 -help: Set maximum number of packets to allow in excess of rate +help: Maximum number of packets to allow in excess of rate syntax:expression: ($VAR(@) >0) ; "Burst should be a value greater then zero" diff --git a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/limit/node.def b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/limit/node.def index 42081fe..75460b1 100644 --- a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/limit/node.def +++ b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/limit/node.def @@ -1 +1 @@ -help: Set to match rule at a limited rate using a token bucket filter +help: Rate limit using a token bucket filter diff --git a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/limit/rate/node.def b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/limit/rate/node.def index 7a3b7d0..cd108f4 100644 --- a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/limit/rate/node.def +++ b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/limit/rate/node.def @@ -1,5 +1,5 @@ type: txt -help: Set maximum average matching rate +help: Maximum average matching rate syntax:expression: pattern $VAR(@) "^[[:digit:]]+/(second|minute|hour|day)$" ; \ "Invalid value for rate. Rate should be specified as an integer followed by a forward slash '/' and either of these time units - second, minute, hour or day diff --git a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/log/node.def b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/log/node.def index 5023547..ba0e74b 100644 --- a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/log/node.def +++ b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/log/node.def @@ -1,3 +1,3 @@ type: txt; "firwall logging must be enable or disable" -help: Set firewall logging +help: Option to log packets matching rule syntax:expression: $VAR(@) in "enable", "disable"; "firwall logging must be enable or disable" diff --git a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/modify/dscp/node.def b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/modify/dscp/node.def index b20f58c..3ed8f0d 100644 --- a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/modify/dscp/node.def +++ b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/modify/dscp/node.def @@ -1,4 +1,4 @@ type: u32 -help: Set packet Differentiated Services Codepoint (DSCP) +help: Packet Differentiated Services Codepoint (DSCP) syntax:expression: $VAR(@) >= 0 && $VAR(@) < 64; "DSCP must be between 0 and 63" diff --git a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/modify/mark/node.def b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/modify/mark/node.def index 0830b9b..0776b34 100644 --- a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/modify/mark/node.def +++ b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/modify/mark/node.def @@ -1,2 +1,2 @@ type: u32 -help: Set packet marking +help: Packet marking diff --git a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/modify/node.def b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/modify/node.def index f629b92..c61402f 100644 --- a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/modify/node.def +++ b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/modify/node.def @@ -1 +1 @@ -help: Set packet modifications +help: Packet modifications diff --git a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/p2p/all/node.def b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/p2p/all/node.def index 3359454..bd61a90 100644 --- a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/p2p/all/node.def +++ b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/p2p/all/node.def @@ -1 +1 @@ -help: Match AppleJuice/BitTorrent/Direct Connect/eDonkey/eMule/Gnutella/KaZaA application packets +help: AppleJuice/BitTorrent/Direct Connect/eDonkey/eMule/Gnutella/KaZaA application packets diff --git a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/p2p/applejuice/node.def b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/p2p/applejuice/node.def index 35c2182..8e9f704 100644 --- a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/p2p/applejuice/node.def +++ b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/p2p/applejuice/node.def @@ -1 +1 @@ -help: Match AppleJuice application packets +help: AppleJuice application packets diff --git a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/p2p/bittorrent/node.def b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/p2p/bittorrent/node.def index a6330de..1a56963 100644 --- a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/p2p/bittorrent/node.def +++ b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/p2p/bittorrent/node.def @@ -1 +1 @@ -help: Match BitTorrent application packets +help: BitTorrent application packets diff --git a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/p2p/directconnect/node.def b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/p2p/directconnect/node.def index ab11805..eb84108 100644 --- a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/p2p/directconnect/node.def +++ b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/p2p/directconnect/node.def @@ -1 +1 @@ -help: Match Direct Connect application packets +help: Direct Connect application packets diff --git a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/p2p/edonkey/node.def b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/p2p/edonkey/node.def index 25a97e5..255e618 100644 --- a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/p2p/edonkey/node.def +++ b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/p2p/edonkey/node.def @@ -1 +1 @@ -help: Match eDonkey/eMule application packets +help: eDonkey/eMule application packets diff --git a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/p2p/gnutella/node.def b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/p2p/gnutella/node.def index 52d9d6c..f21b60b 100644 --- a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/p2p/gnutella/node.def +++ b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/p2p/gnutella/node.def @@ -1 +1 @@ -help: Match Gnutella application packets +help: Gnutella application packets diff --git a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/p2p/kazaa/node.def b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/p2p/kazaa/node.def index a6eab48..44c3156 100644 --- a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/p2p/kazaa/node.def +++ b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/p2p/kazaa/node.def @@ -1 +1 @@ -help: Match KaZaA application packets +help: KaZaA application packets diff --git a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/p2p/node.def b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/p2p/node.def index 9013fe5..5959d3d 100644 --- a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/p2p/node.def +++ b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/p2p/node.def @@ -1 +1 @@ -help: Set P2P application packet matching +help: P2P application packets diff --git a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/protocol/node.def b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/protocol/node.def index b8a0c55..0ea2382 100644 --- a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/protocol/node.def +++ b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/protocol/node.def @@ -1,6 +1,6 @@ type: txt -help: Set IPv6 protocol to match (protocol name, number, or "all") +help: IPv6 protocol to match (protocol name, number, or "all") syntax:expression: exec " param=$VAR(@) diff --git a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/recent/count/node.def b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/recent/count/node.def index 7f72b46..efd8dd8 100644 --- a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/recent/count/node.def +++ b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/recent/count/node.def @@ -1,3 +1,3 @@ type: u32 -help: Set to N to only match source addresses seen more than N times +help: Source addresses seen more than N times syntax:expression: $VAR(@) >=1 && $VAR(@) <= 255; "recent count value must be between 1 and 255" diff --git a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/recent/node.def b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/recent/node.def index e1be0a3..3acc871 100644 --- a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/recent/node.def +++ b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/recent/node.def @@ -1 +1 @@ -help: Set parameters for matching recently seen sources +help: Parameters for matching recently seen sources diff --git a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/recent/time/node.def b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/recent/time/node.def index b84a0b7..9c49ed8 100644 --- a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/recent/time/node.def +++ b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/recent/time/node.def @@ -1,2 +1,2 @@ type: u32 -help: Set to N to only match source addresses seen in the last N seconds +help: Source addresses seen in the last N seconds diff --git a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/source/address/node.def b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/source/address/node.def index 81f2b03..01a7b99 100644 --- a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/source/address/node.def +++ b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/source/address/node.def @@ -1,7 +1,7 @@ type: txt -help: Set source IPv6 address, prefix or range to match +help: Source IPv6 address, prefix or range comp_help: Possible completions: <x:x:x:x:x:x:x:x> IPv6 address to match diff --git a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/source/mac-address/node.def b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/source/mac-address/node.def index fd10e26..ad07881 100644 --- a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/source/mac-address/node.def +++ b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/source/mac-address/node.def @@ -1,3 +1,3 @@ type: txt -help: Set source MAC address +help: Source MAC address syntax:expression: exec "/opt/vyatta/sbin/vyatta-validate-type.pl macaddr_negate '$VAR(@)'" ; "invalid MAC address \"$VAR(@)\"" diff --git a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/source/node.def b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/source/node.def index 16ab3ad..84cdc1f 100644 --- a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/source/node.def +++ b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/source/node.def @@ -1 +1 @@ -help: Set firewall source parameters +help: Source parameters diff --git a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/source/port/node.def b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/source/port/node.def index e65cbfd..4cec3cf 100644 --- a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/source/port/node.def +++ b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/source/port/node.def @@ -1,5 +1,5 @@ type: txt -help: Set source port +help: Source port comp_help: Source port(s) can be specified as a comma-separated list of: <port name> Named port (any name in /etc/services, e.g., http) <1-65535> Numbered port diff --git a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/state/established/node.def b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/state/established/node.def index 802e35d..a4f3120 100644 --- a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/state/established/node.def +++ b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/state/established/node.def @@ -1,3 +1,3 @@ type: txt -help: Set established state +help: Established state syntax:expression: $VAR(@) in "enable", "disable" ; "state value must be enable or disable" diff --git a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/state/invalid/node.def b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/state/invalid/node.def index ddba99f..dc6110d 100644 --- a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/state/invalid/node.def +++ b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/state/invalid/node.def @@ -1,3 +1,3 @@ type: txt -help: Set invalid state +help: Invalid state syntax:expression: $VAR(@) in "enable", "disable" ; "state value must be enable or disable" diff --git a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/state/new/node.def b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/state/new/node.def index 23854e7..6ef1f7a 100644 --- a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/state/new/node.def +++ b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/state/new/node.def @@ -1,3 +1,3 @@ type: txt -help: Set new state +help: New state syntax:expression: $VAR(@) in "enable", "disable" ; "state value must be enable or disable" diff --git a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/state/node.def b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/state/node.def index 3b7b383..0e38df4 100644 --- a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/state/node.def +++ b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/state/node.def @@ -1 +1 @@ -help: Set session state +help: Session state diff --git a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/state/related/node.def b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/state/related/node.def index acddc3b..2364c31 100644 --- a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/state/related/node.def +++ b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/state/related/node.def @@ -1,3 +1,3 @@ type: txt -help: Set related state +help: Related state syntax:expression: $VAR(@) in "enable", "disable" ; "state value must be enable or disable" diff --git a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/tcp/flags/node.def b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/tcp/flags/node.def index 95f6a68..b86e707 100644 --- a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/tcp/flags/node.def +++ b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/tcp/flags/node.def @@ -1,5 +1,5 @@ type: txt -help: Set TCP flags to match +help: TCP flags to match syntax:expression: pattern $VAR(@) "^((!?ALL)|((!?(SYN|ACK|FIN|RST|PSH|URG),)*(!?(SYN|ACK|FIN|RST|PSH|URG))))$" ; \ "Invalid value for TCP flags. Allowed values : SYN ACK FIN RST URG PSH ALL When specifying more than one flag, flags should be comma-separated. diff --git a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/tcp/node.def b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/tcp/node.def index 636f4a2..66bc295 100644 --- a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/tcp/node.def +++ b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/tcp/node.def @@ -1 +1 @@ -help: Set tcp flags to match +help: TCP flags to match diff --git a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/time/monthdays/node.def b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/time/monthdays/node.def index 025a2a9..14c1d5c 100644 --- a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/time/monthdays/node.def +++ b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/time/monthdays/node.def @@ -1,5 +1,5 @@ type: txt -help: Set monthdays on which to apply rule +help: Monthdays to match rule on syntax:expression: pattern $VAR(@) "^!?([[:digit:]]\{1,2\}\,)*[[:digit:]]\{1,2\}$" ; \ "Incorrect value for monthdays. Monthdays should be specified as 2,12,21 For negation, add ! in front eg. !2,12,21" diff --git a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/time/node.def b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/time/node.def index 8061ba6..238acd2 100644 --- a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/time/node.def +++ b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/time/node.def @@ -1 +1 @@ -help: Set time during which to apply rule +help: Time to match rule diff --git a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/time/startdate/node.def b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/time/startdate/node.def index a971375..46f9eb9 100644 --- a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/time/startdate/node.def +++ b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/time/startdate/node.def @@ -1,5 +1,5 @@ type: txt -help: Set to apply rule starting from specified date +help: Date to start matching rule syntax:expression: pattern $VAR(@) "^[[:digit:]]\{4\}[-][[:digit:]]\{2\}[-][[:digit:]]\{2\}(T[[:digit:]]\{2\}[:][[:digit:]]\{2\}[:][[:digit:]]\{2\})?$" ; \ "Invalid value for startdate. Date should use yyyy-mm-dd format. To specify time of date with startdate, append 'T' to date followed by time in 24 hour notation diff --git a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/time/starttime/node.def b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/time/starttime/node.def index 7e34510..ab69c45 100644 --- a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/time/starttime/node.def +++ b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/time/starttime/node.def @@ -1,5 +1,5 @@ type: txt -help: Set to apply rule starting from specified time +help: Time of day to start matching rule syntax:expression: pattern $VAR(@) "^[[:digit:]]\{2\}[:][[:digit:]]\{2\}[:][[:digit:]]\{2\}$" ; \ "Incorrect value for starttime. Time should be entered using 24 hour notation - hh:mm:ss" diff --git a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/time/stopdate/node.def b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/time/stopdate/node.def index c99dd7b..93fc8b6 100644 --- a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/time/stopdate/node.def +++ b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/time/stopdate/node.def @@ -1,5 +1,5 @@ type: txt -help: Set to apply rule till specified date +help: Date to stop matching rule syntax:expression: pattern $VAR(@) "^[[:digit:]]\{4\}[-][[:digit:]]\{2\}[-][[:digit:]]\{2\}(T[[:digit:]]\{2\}[:][[:digit:]]\{2\}[:][[:digit:]]\{2\})?$" ; \ "Invalid value for stopdate. Date should use yyyy-mm-dd format. To specify time of date with stopdate, append 'T' to date followed by time in 24 hour notation diff --git a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/time/stoptime/node.def b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/time/stoptime/node.def index 5047259..4a42ca3 100644 --- a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/time/stoptime/node.def +++ b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/time/stoptime/node.def @@ -1,5 +1,5 @@ type: txt -help: Set to apply rule till specified time +help: Time of day to stop matching rule syntax:expression: pattern $VAR(@) "^[[:digit:]]\{2\}[:][[:digit:]]\{2\}[:][[:digit:]]\{2\}$" ; \ "Incorrect value for stoptime. Time should be entered using 24 hour notation - hh:mm:ss" diff --git a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/time/utc/node.def b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/time/utc/node.def index 68a0689..167f191 100644 --- a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/time/utc/node.def +++ b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/time/utc/node.def @@ -1 +1 @@ -help: Set to interpret the times given for startdate, stopdate, starttime and stoptime to be UTC +help: Interpret times for startdate, stopdate, starttime and stoptime to be U$ diff --git a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/time/weekdays/node.def b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/time/weekdays/node.def index aea3e22..dd2649b 100644 --- a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/time/weekdays/node.def +++ b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/time/weekdays/node.def @@ -1,5 +1,5 @@ type: txt -help: Set weekdays on which to apply rules on +help: Weekdays to match rule on syntax:expression: pattern $VAR(@) "^!?([[:upper:]][[:lower:]]\{2\}\,)*[[:upper:]][[:lower:]]\{2\}$" ; \ "Incorrect value for weekdays. Weekdays should be specified using the first three characters of the day with the first character capitalized eg. Mon,Thu,Sat diff --git a/templates/firewall/ipv6-name/node.def b/templates/firewall/ipv6-name/node.def index e9e539c..3a151d9 100644 --- a/templates/firewall/ipv6-name/node.def +++ b/templates/firewall/ipv6-name/node.def @@ -27,4 +27,4 @@ end: if sudo /opt/vyatta/sbin/vyatta-firewall.pl --update-rules ipv6-name "$VAR( create: sudo /opt/vyatta/sbin/vyatta-firewall.pl --setup ip6tables ipv6-name -help: Set IPv6 firewall rule set name +help: IPv6 firewall rule-set name diff --git a/templates/firewall/ipv6-name/node.tag/default-action/node.def b/templates/firewall/ipv6-name/node.tag/default-action/node.def index 000b3ce..db160f0 100644 --- a/templates/firewall/ipv6-name/node.tag/default-action/node.def +++ b/templates/firewall/ipv6-name/node.tag/default-action/node.def @@ -1,6 +1,6 @@ type: txt -help: Set firewall default-action +help: Default-action for rule-set default: "drop" diff --git a/templates/firewall/ipv6-name/node.tag/description/node.def b/templates/firewall/ipv6-name/node.tag/description/node.def index faa5b85..e8e221b 100644 --- a/templates/firewall/ipv6-name/node.tag/description/node.def +++ b/templates/firewall/ipv6-name/node.tag/description/node.def @@ -1,3 +1,3 @@ type: txt -help: Set IPv6 firewall rule set description +help: Rule-set description diff --git a/templates/firewall/ipv6-name/node.tag/enable-default-log/node.def b/templates/firewall/ipv6-name/node.tag/enable-default-log/node.def index 96b37ea..e540d3f 100644 --- a/templates/firewall/ipv6-name/node.tag/enable-default-log/node.def +++ b/templates/firewall/ipv6-name/node.tag/enable-default-log/node.def @@ -1 +1 @@ -help: Set logging on default-action +help: Option to log packets hitting default-action diff --git a/templates/firewall/ipv6-name/node.tag/rule/node.def b/templates/firewall/ipv6-name/node.tag/rule/node.def index 08a7488..e2dc34e 100644 --- a/templates/firewall/ipv6-name/node.tag/rule/node.def +++ b/templates/firewall/ipv6-name/node.tag/rule/node.def @@ -2,6 +2,6 @@ tag: type: u32 -help: Set firewall rule number (1-9999) +help: Rule number (1-9999) syntax:expression: $VAR(@) > 0 && $VAR(@) <= 9999; "firewall rule number must be between 1 and 9999" diff --git a/templates/firewall/ipv6-name/node.tag/rule/node.tag/action/node.def b/templates/firewall/ipv6-name/node.tag/rule/node.tag/action/node.def index 21abb04..f2abdc4 100644 --- a/templates/firewall/ipv6-name/node.tag/rule/node.tag/action/node.def +++ b/templates/firewall/ipv6-name/node.tag/rule/node.tag/action/node.def @@ -1,6 +1,6 @@ type: txt -help: Set firewall rule action +help: Rule action syntax:expression: $VAR(@) in "drop", "reject", "accept", "inspect"; "action must be one of drop, reject, accept, or inspect" diff --git a/templates/firewall/ipv6-name/node.tag/rule/node.tag/description/node.def b/templates/firewall/ipv6-name/node.tag/rule/node.tag/description/node.def index b49b91e..90bf88b 100644 --- a/templates/firewall/ipv6-name/node.tag/rule/node.tag/description/node.def +++ b/templates/firewall/ipv6-name/node.tag/rule/node.tag/description/node.def @@ -1,3 +1,3 @@ type: txt -help: Set rule description +help: Rule description diff --git a/templates/firewall/ipv6-name/node.tag/rule/node.tag/destination/address/node.def b/templates/firewall/ipv6-name/node.tag/rule/node.tag/destination/address/node.def index 5c7f5e9..1adbe8d 100644 --- a/templates/firewall/ipv6-name/node.tag/rule/node.tag/destination/address/node.def +++ b/templates/firewall/ipv6-name/node.tag/rule/node.tag/destination/address/node.def @@ -1,6 +1,6 @@ type: txt -help: Set source IPv6 address, prefix or range to match +help: Destination IPv6 address, prefix or range comp_help: Possible completions: <x:x:x:x:x:x:x:x> IPv6 address to match diff --git a/templates/firewall/ipv6-name/node.tag/rule/node.tag/destination/node.def b/templates/firewall/ipv6-name/node.tag/rule/node.tag/destination/node.def index 500e0bb..dc227b7 100644 --- a/templates/firewall/ipv6-name/node.tag/rule/node.tag/destination/node.def +++ b/templates/firewall/ipv6-name/node.tag/rule/node.tag/destination/node.def @@ -1 +1 @@ -help: Set firewall destination parameters +help: Destination parameters diff --git a/templates/firewall/ipv6-name/node.tag/rule/node.tag/destination/port/node.def b/templates/firewall/ipv6-name/node.tag/rule/node.tag/destination/port/node.def index b292864..760c0e8 100644 --- a/templates/firewall/ipv6-name/node.tag/rule/node.tag/destination/port/node.def +++ b/templates/firewall/ipv6-name/node.tag/rule/node.tag/destination/port/node.def @@ -1,6 +1,6 @@ type: txt -help: Set destination port +help: Destination port comp_help: Destination port(s) can be specified as a comma-separated list of: <port name> Named port (any name in /etc/services, e.g., http) diff --git a/templates/firewall/ipv6-name/node.tag/rule/node.tag/disable/node.def b/templates/firewall/ipv6-name/node.tag/rule/node.tag/disable/node.def index 498a027..70565eb 100644 --- a/templates/firewall/ipv6-name/node.tag/rule/node.tag/disable/node.def +++ b/templates/firewall/ipv6-name/node.tag/rule/node.tag/disable/node.def @@ -1 +1 @@ -help: Set firewall rule disabled
\ No newline at end of file +help: Option to disable rule diff --git a/templates/firewall/ipv6-name/node.tag/rule/node.tag/icmpv6/node.def b/templates/firewall/ipv6-name/node.tag/rule/node.tag/icmpv6/node.def index d4dc9c0..7032b30 100644 --- a/templates/firewall/ipv6-name/node.tag/rule/node.tag/icmpv6/node.def +++ b/templates/firewall/ipv6-name/node.tag/rule/node.tag/icmpv6/node.def @@ -1 +1 @@ -help: Set rule ICMPv6 type and code information +help: ICMPv6 type and code information diff --git a/templates/firewall/ipv6-name/node.tag/rule/node.tag/icmpv6/type/node.def b/templates/firewall/ipv6-name/node.tag/rule/node.tag/icmpv6/type/node.def index b50e31a..3454ac1 100644 --- a/templates/firewall/ipv6-name/node.tag/rule/node.tag/icmpv6/type/node.def +++ b/templates/firewall/ipv6-name/node.tag/rule/node.tag/icmpv6/type/node.def @@ -1,6 +1,6 @@ type: txt -help: Set ICMPv6 type/code +help: ICMPv6 type/code comp_help: Possible completions: destination-unreachable ICMPv6 type/code name diff --git a/templates/firewall/ipv6-name/node.tag/rule/node.tag/ipsec/match-ipsec/node.def b/templates/firewall/ipv6-name/node.tag/rule/node.tag/ipsec/match-ipsec/node.def index 8d4bf12..96ada47 100644 --- a/templates/firewall/ipv6-name/node.tag/rule/node.tag/ipsec/match-ipsec/node.def +++ b/templates/firewall/ipv6-name/node.tag/rule/node.tag/ipsec/match-ipsec/node.def @@ -1 +1 @@ -help: Match inbound IPsec packets +help: Inbound IPsec packets diff --git a/templates/firewall/ipv6-name/node.tag/rule/node.tag/ipsec/match-none/node.def b/templates/firewall/ipv6-name/node.tag/rule/node.tag/ipsec/match-none/node.def index cfcbc8a..2d717d5 100644 --- a/templates/firewall/ipv6-name/node.tag/rule/node.tag/ipsec/match-none/node.def +++ b/templates/firewall/ipv6-name/node.tag/rule/node.tag/ipsec/match-none/node.def @@ -1 +1 @@ -help: Match inbound non-IPsec packets +help: Inbound non-IPsec packets diff --git a/templates/firewall/ipv6-name/node.tag/rule/node.tag/ipsec/node.def b/templates/firewall/ipv6-name/node.tag/rule/node.tag/ipsec/node.def index c905e2d..96ada47 100644 --- a/templates/firewall/ipv6-name/node.tag/rule/node.tag/ipsec/node.def +++ b/templates/firewall/ipv6-name/node.tag/rule/node.tag/ipsec/node.def @@ -1 +1 @@ -help: Set inbound IPsec packet matching +help: Inbound IPsec packets diff --git a/templates/firewall/ipv6-name/node.tag/rule/node.tag/limit/burst/node.def b/templates/firewall/ipv6-name/node.tag/rule/node.tag/limit/burst/node.def index 307e602..9097370 100644 --- a/templates/firewall/ipv6-name/node.tag/rule/node.tag/limit/burst/node.def +++ b/templates/firewall/ipv6-name/node.tag/rule/node.tag/limit/burst/node.def @@ -1,4 +1,4 @@ type: u32 default: 1 -help: Set maximum number of packets to allow in excess of rate +help: Maximum number of packets to allow in excess of rate syntax:expression: ($VAR(@) >0) ; "Burst should be a value greater then zero" diff --git a/templates/firewall/ipv6-name/node.tag/rule/node.tag/limit/node.def b/templates/firewall/ipv6-name/node.tag/rule/node.tag/limit/node.def index 42081fe..75460b1 100644 --- a/templates/firewall/ipv6-name/node.tag/rule/node.tag/limit/node.def +++ b/templates/firewall/ipv6-name/node.tag/rule/node.tag/limit/node.def @@ -1 +1 @@ -help: Set to match rule at a limited rate using a token bucket filter +help: Rate limit using a token bucket filter diff --git a/templates/firewall/ipv6-name/node.tag/rule/node.tag/limit/rate/node.def b/templates/firewall/ipv6-name/node.tag/rule/node.tag/limit/rate/node.def index 7a3b7d0..cd108f4 100644 --- a/templates/firewall/ipv6-name/node.tag/rule/node.tag/limit/rate/node.def +++ b/templates/firewall/ipv6-name/node.tag/rule/node.tag/limit/rate/node.def @@ -1,5 +1,5 @@ type: txt -help: Set maximum average matching rate +help: Maximum average matching rate syntax:expression: pattern $VAR(@) "^[[:digit:]]+/(second|minute|hour|day)$" ; \ "Invalid value for rate. Rate should be specified as an integer followed by a forward slash '/' and either of these time units - second, minute, hour or day diff --git a/templates/firewall/ipv6-name/node.tag/rule/node.tag/log/node.def b/templates/firewall/ipv6-name/node.tag/rule/node.tag/log/node.def index 5023547..ba0e74b 100644 --- a/templates/firewall/ipv6-name/node.tag/rule/node.tag/log/node.def +++ b/templates/firewall/ipv6-name/node.tag/rule/node.tag/log/node.def @@ -1,3 +1,3 @@ type: txt; "firwall logging must be enable or disable" -help: Set firewall logging +help: Option to log packets matching rule syntax:expression: $VAR(@) in "enable", "disable"; "firwall logging must be enable or disable" diff --git a/templates/firewall/ipv6-name/node.tag/rule/node.tag/p2p/all/node.def b/templates/firewall/ipv6-name/node.tag/rule/node.tag/p2p/all/node.def index 3359454..bd61a90 100644 --- a/templates/firewall/ipv6-name/node.tag/rule/node.tag/p2p/all/node.def +++ b/templates/firewall/ipv6-name/node.tag/rule/node.tag/p2p/all/node.def @@ -1 +1 @@ -help: Match AppleJuice/BitTorrent/Direct Connect/eDonkey/eMule/Gnutella/KaZaA application packets +help: AppleJuice/BitTorrent/Direct Connect/eDonkey/eMule/Gnutella/KaZaA application packets diff --git a/templates/firewall/ipv6-name/node.tag/rule/node.tag/p2p/applejuice/node.def b/templates/firewall/ipv6-name/node.tag/rule/node.tag/p2p/applejuice/node.def index 35c2182..8e9f704 100644 --- a/templates/firewall/ipv6-name/node.tag/rule/node.tag/p2p/applejuice/node.def +++ b/templates/firewall/ipv6-name/node.tag/rule/node.tag/p2p/applejuice/node.def @@ -1 +1 @@ -help: Match AppleJuice application packets +help: AppleJuice application packets diff --git a/templates/firewall/ipv6-name/node.tag/rule/node.tag/p2p/bittorrent/node.def b/templates/firewall/ipv6-name/node.tag/rule/node.tag/p2p/bittorrent/node.def index a6330de..1a56963 100644 --- a/templates/firewall/ipv6-name/node.tag/rule/node.tag/p2p/bittorrent/node.def +++ b/templates/firewall/ipv6-name/node.tag/rule/node.tag/p2p/bittorrent/node.def @@ -1 +1 @@ -help: Match BitTorrent application packets +help: BitTorrent application packets diff --git a/templates/firewall/ipv6-name/node.tag/rule/node.tag/p2p/directconnect/node.def b/templates/firewall/ipv6-name/node.tag/rule/node.tag/p2p/directconnect/node.def index ab11805..eb84108 100644 --- a/templates/firewall/ipv6-name/node.tag/rule/node.tag/p2p/directconnect/node.def +++ b/templates/firewall/ipv6-name/node.tag/rule/node.tag/p2p/directconnect/node.def @@ -1 +1 @@ -help: Match Direct Connect application packets +help: Direct Connect application packets diff --git a/templates/firewall/ipv6-name/node.tag/rule/node.tag/p2p/edonkey/node.def b/templates/firewall/ipv6-name/node.tag/rule/node.tag/p2p/edonkey/node.def index 25a97e5..255e618 100644 --- a/templates/firewall/ipv6-name/node.tag/rule/node.tag/p2p/edonkey/node.def +++ b/templates/firewall/ipv6-name/node.tag/rule/node.tag/p2p/edonkey/node.def @@ -1 +1 @@ -help: Match eDonkey/eMule application packets +help: eDonkey/eMule application packets diff --git a/templates/firewall/ipv6-name/node.tag/rule/node.tag/p2p/gnutella/node.def b/templates/firewall/ipv6-name/node.tag/rule/node.tag/p2p/gnutella/node.def index 52d9d6c..f21b60b 100644 --- a/templates/firewall/ipv6-name/node.tag/rule/node.tag/p2p/gnutella/node.def +++ b/templates/firewall/ipv6-name/node.tag/rule/node.tag/p2p/gnutella/node.def @@ -1 +1 @@ -help: Match Gnutella application packets +help: Gnutella application packets diff --git a/templates/firewall/ipv6-name/node.tag/rule/node.tag/p2p/kazaa/node.def b/templates/firewall/ipv6-name/node.tag/rule/node.tag/p2p/kazaa/node.def index a6eab48..44c3156 100644 --- a/templates/firewall/ipv6-name/node.tag/rule/node.tag/p2p/kazaa/node.def +++ b/templates/firewall/ipv6-name/node.tag/rule/node.tag/p2p/kazaa/node.def @@ -1 +1 @@ -help: Match KaZaA application packets +help: KaZaA application packets diff --git a/templates/firewall/ipv6-name/node.tag/rule/node.tag/p2p/node.def b/templates/firewall/ipv6-name/node.tag/rule/node.tag/p2p/node.def index 9013fe5..5959d3d 100644 --- a/templates/firewall/ipv6-name/node.tag/rule/node.tag/p2p/node.def +++ b/templates/firewall/ipv6-name/node.tag/rule/node.tag/p2p/node.def @@ -1 +1 @@ -help: Set P2P application packet matching +help: P2P application packets diff --git a/templates/firewall/ipv6-name/node.tag/rule/node.tag/protocol/node.def b/templates/firewall/ipv6-name/node.tag/rule/node.tag/protocol/node.def index b8a0c55..0ea2382 100644 --- a/templates/firewall/ipv6-name/node.tag/rule/node.tag/protocol/node.def +++ b/templates/firewall/ipv6-name/node.tag/rule/node.tag/protocol/node.def @@ -1,6 +1,6 @@ type: txt -help: Set IPv6 protocol to match (protocol name, number, or "all") +help: IPv6 protocol to match (protocol name, number, or "all") syntax:expression: exec " param=$VAR(@) diff --git a/templates/firewall/ipv6-name/node.tag/rule/node.tag/recent/count/node.def b/templates/firewall/ipv6-name/node.tag/rule/node.tag/recent/count/node.def index 7f72b46..efd8dd8 100644 --- a/templates/firewall/ipv6-name/node.tag/rule/node.tag/recent/count/node.def +++ b/templates/firewall/ipv6-name/node.tag/rule/node.tag/recent/count/node.def @@ -1,3 +1,3 @@ type: u32 -help: Set to N to only match source addresses seen more than N times +help: Source addresses seen more than N times syntax:expression: $VAR(@) >=1 && $VAR(@) <= 255; "recent count value must be between 1 and 255" diff --git a/templates/firewall/ipv6-name/node.tag/rule/node.tag/recent/node.def b/templates/firewall/ipv6-name/node.tag/rule/node.tag/recent/node.def index e1be0a3..3acc871 100644 --- a/templates/firewall/ipv6-name/node.tag/rule/node.tag/recent/node.def +++ b/templates/firewall/ipv6-name/node.tag/rule/node.tag/recent/node.def @@ -1 +1 @@ -help: Set parameters for matching recently seen sources +help: Parameters for matching recently seen sources diff --git a/templates/firewall/ipv6-name/node.tag/rule/node.tag/recent/time/node.def b/templates/firewall/ipv6-name/node.tag/rule/node.tag/recent/time/node.def index b84a0b7..9c49ed8 100644 --- a/templates/firewall/ipv6-name/node.tag/rule/node.tag/recent/time/node.def +++ b/templates/firewall/ipv6-name/node.tag/rule/node.tag/recent/time/node.def @@ -1,2 +1,2 @@ type: u32 -help: Set to N to only match source addresses seen in the last N seconds +help: Source addresses seen in the last N seconds diff --git a/templates/firewall/ipv6-name/node.tag/rule/node.tag/source/address/node.def b/templates/firewall/ipv6-name/node.tag/rule/node.tag/source/address/node.def index 81f2b03..0d07f99 100644 --- a/templates/firewall/ipv6-name/node.tag/rule/node.tag/source/address/node.def +++ b/templates/firewall/ipv6-name/node.tag/rule/node.tag/source/address/node.def @@ -1,7 +1,7 @@ type: txt -help: Set source IPv6 address, prefix or range to match +help: Source IPv6 address, prefix or range to match comp_help: Possible completions: <x:x:x:x:x:x:x:x> IPv6 address to match diff --git a/templates/firewall/ipv6-name/node.tag/rule/node.tag/source/mac-address/node.def b/templates/firewall/ipv6-name/node.tag/rule/node.tag/source/mac-address/node.def index fd10e26..ad07881 100644 --- a/templates/firewall/ipv6-name/node.tag/rule/node.tag/source/mac-address/node.def +++ b/templates/firewall/ipv6-name/node.tag/rule/node.tag/source/mac-address/node.def @@ -1,3 +1,3 @@ type: txt -help: Set source MAC address +help: Source MAC address syntax:expression: exec "/opt/vyatta/sbin/vyatta-validate-type.pl macaddr_negate '$VAR(@)'" ; "invalid MAC address \"$VAR(@)\"" diff --git a/templates/firewall/ipv6-name/node.tag/rule/node.tag/source/node.def b/templates/firewall/ipv6-name/node.tag/rule/node.tag/source/node.def index 16ab3ad..84cdc1f 100644 --- a/templates/firewall/ipv6-name/node.tag/rule/node.tag/source/node.def +++ b/templates/firewall/ipv6-name/node.tag/rule/node.tag/source/node.def @@ -1 +1 @@ -help: Set firewall source parameters +help: Source parameters diff --git a/templates/firewall/ipv6-name/node.tag/rule/node.tag/source/port/node.def b/templates/firewall/ipv6-name/node.tag/rule/node.tag/source/port/node.def index e65cbfd..4cec3cf 100644 --- a/templates/firewall/ipv6-name/node.tag/rule/node.tag/source/port/node.def +++ b/templates/firewall/ipv6-name/node.tag/rule/node.tag/source/port/node.def @@ -1,5 +1,5 @@ type: txt -help: Set source port +help: Source port comp_help: Source port(s) can be specified as a comma-separated list of: <port name> Named port (any name in /etc/services, e.g., http) <1-65535> Numbered port diff --git a/templates/firewall/ipv6-name/node.tag/rule/node.tag/state/established/node.def b/templates/firewall/ipv6-name/node.tag/rule/node.tag/state/established/node.def index 802e35d..a4f3120 100644 --- a/templates/firewall/ipv6-name/node.tag/rule/node.tag/state/established/node.def +++ b/templates/firewall/ipv6-name/node.tag/rule/node.tag/state/established/node.def @@ -1,3 +1,3 @@ type: txt -help: Set established state +help: Established state syntax:expression: $VAR(@) in "enable", "disable" ; "state value must be enable or disable" diff --git a/templates/firewall/ipv6-name/node.tag/rule/node.tag/state/invalid/node.def b/templates/firewall/ipv6-name/node.tag/rule/node.tag/state/invalid/node.def index ddba99f..dc6110d 100644 --- a/templates/firewall/ipv6-name/node.tag/rule/node.tag/state/invalid/node.def +++ b/templates/firewall/ipv6-name/node.tag/rule/node.tag/state/invalid/node.def @@ -1,3 +1,3 @@ type: txt -help: Set invalid state +help: Invalid state syntax:expression: $VAR(@) in "enable", "disable" ; "state value must be enable or disable" diff --git a/templates/firewall/ipv6-name/node.tag/rule/node.tag/state/new/node.def b/templates/firewall/ipv6-name/node.tag/rule/node.tag/state/new/node.def index 23854e7..6ef1f7a 100644 --- a/templates/firewall/ipv6-name/node.tag/rule/node.tag/state/new/node.def +++ b/templates/firewall/ipv6-name/node.tag/rule/node.tag/state/new/node.def @@ -1,3 +1,3 @@ type: txt -help: Set new state +help: New state syntax:expression: $VAR(@) in "enable", "disable" ; "state value must be enable or disable" diff --git a/templates/firewall/ipv6-name/node.tag/rule/node.tag/state/node.def b/templates/firewall/ipv6-name/node.tag/rule/node.tag/state/node.def index 3b7b383..0e38df4 100644 --- a/templates/firewall/ipv6-name/node.tag/rule/node.tag/state/node.def +++ b/templates/firewall/ipv6-name/node.tag/rule/node.tag/state/node.def @@ -1 +1 @@ -help: Set session state +help: Session state diff --git a/templates/firewall/ipv6-name/node.tag/rule/node.tag/state/related/node.def b/templates/firewall/ipv6-name/node.tag/rule/node.tag/state/related/node.def index acddc3b..2364c31 100644 --- a/templates/firewall/ipv6-name/node.tag/rule/node.tag/state/related/node.def +++ b/templates/firewall/ipv6-name/node.tag/rule/node.tag/state/related/node.def @@ -1,3 +1,3 @@ type: txt -help: Set related state +help: Related state syntax:expression: $VAR(@) in "enable", "disable" ; "state value must be enable or disable" diff --git a/templates/firewall/ipv6-name/node.tag/rule/node.tag/tcp/flags/node.def b/templates/firewall/ipv6-name/node.tag/rule/node.tag/tcp/flags/node.def index 95f6a68..b86e707 100644 --- a/templates/firewall/ipv6-name/node.tag/rule/node.tag/tcp/flags/node.def +++ b/templates/firewall/ipv6-name/node.tag/rule/node.tag/tcp/flags/node.def @@ -1,5 +1,5 @@ type: txt -help: Set TCP flags to match +help: TCP flags to match syntax:expression: pattern $VAR(@) "^((!?ALL)|((!?(SYN|ACK|FIN|RST|PSH|URG),)*(!?(SYN|ACK|FIN|RST|PSH|URG))))$" ; \ "Invalid value for TCP flags. Allowed values : SYN ACK FIN RST URG PSH ALL When specifying more than one flag, flags should be comma-separated. diff --git a/templates/firewall/ipv6-name/node.tag/rule/node.tag/tcp/node.def b/templates/firewall/ipv6-name/node.tag/rule/node.tag/tcp/node.def index 636f4a2..66bc295 100644 --- a/templates/firewall/ipv6-name/node.tag/rule/node.tag/tcp/node.def +++ b/templates/firewall/ipv6-name/node.tag/rule/node.tag/tcp/node.def @@ -1 +1 @@ -help: Set tcp flags to match +help: TCP flags to match diff --git a/templates/firewall/ipv6-name/node.tag/rule/node.tag/time/monthdays/node.def b/templates/firewall/ipv6-name/node.tag/rule/node.tag/time/monthdays/node.def index 025a2a9..14c1d5c 100644 --- a/templates/firewall/ipv6-name/node.tag/rule/node.tag/time/monthdays/node.def +++ b/templates/firewall/ipv6-name/node.tag/rule/node.tag/time/monthdays/node.def @@ -1,5 +1,5 @@ type: txt -help: Set monthdays on which to apply rule +help: Monthdays to match rule on syntax:expression: pattern $VAR(@) "^!?([[:digit:]]\{1,2\}\,)*[[:digit:]]\{1,2\}$" ; \ "Incorrect value for monthdays. Monthdays should be specified as 2,12,21 For negation, add ! in front eg. !2,12,21" diff --git a/templates/firewall/ipv6-name/node.tag/rule/node.tag/time/node.def b/templates/firewall/ipv6-name/node.tag/rule/node.tag/time/node.def index 8061ba6..238acd2 100644 --- a/templates/firewall/ipv6-name/node.tag/rule/node.tag/time/node.def +++ b/templates/firewall/ipv6-name/node.tag/rule/node.tag/time/node.def @@ -1 +1 @@ -help: Set time during which to apply rule +help: Time to match rule diff --git a/templates/firewall/ipv6-name/node.tag/rule/node.tag/time/startdate/node.def b/templates/firewall/ipv6-name/node.tag/rule/node.tag/time/startdate/node.def index a971375..46f9eb9 100644 --- a/templates/firewall/ipv6-name/node.tag/rule/node.tag/time/startdate/node.def +++ b/templates/firewall/ipv6-name/node.tag/rule/node.tag/time/startdate/node.def @@ -1,5 +1,5 @@ type: txt -help: Set to apply rule starting from specified date +help: Date to start matching rule syntax:expression: pattern $VAR(@) "^[[:digit:]]\{4\}[-][[:digit:]]\{2\}[-][[:digit:]]\{2\}(T[[:digit:]]\{2\}[:][[:digit:]]\{2\}[:][[:digit:]]\{2\})?$" ; \ "Invalid value for startdate. Date should use yyyy-mm-dd format. To specify time of date with startdate, append 'T' to date followed by time in 24 hour notation diff --git a/templates/firewall/ipv6-name/node.tag/rule/node.tag/time/starttime/node.def b/templates/firewall/ipv6-name/node.tag/rule/node.tag/time/starttime/node.def index 7e34510..ab69c45 100644 --- a/templates/firewall/ipv6-name/node.tag/rule/node.tag/time/starttime/node.def +++ b/templates/firewall/ipv6-name/node.tag/rule/node.tag/time/starttime/node.def @@ -1,5 +1,5 @@ type: txt -help: Set to apply rule starting from specified time +help: Time of day to start matching rule syntax:expression: pattern $VAR(@) "^[[:digit:]]\{2\}[:][[:digit:]]\{2\}[:][[:digit:]]\{2\}$" ; \ "Incorrect value for starttime. Time should be entered using 24 hour notation - hh:mm:ss" diff --git a/templates/firewall/ipv6-name/node.tag/rule/node.tag/time/stopdate/node.def b/templates/firewall/ipv6-name/node.tag/rule/node.tag/time/stopdate/node.def index c99dd7b..93fc8b6 100644 --- a/templates/firewall/ipv6-name/node.tag/rule/node.tag/time/stopdate/node.def +++ b/templates/firewall/ipv6-name/node.tag/rule/node.tag/time/stopdate/node.def @@ -1,5 +1,5 @@ type: txt -help: Set to apply rule till specified date +help: Date to stop matching rule syntax:expression: pattern $VAR(@) "^[[:digit:]]\{4\}[-][[:digit:]]\{2\}[-][[:digit:]]\{2\}(T[[:digit:]]\{2\}[:][[:digit:]]\{2\}[:][[:digit:]]\{2\})?$" ; \ "Invalid value for stopdate. Date should use yyyy-mm-dd format. To specify time of date with stopdate, append 'T' to date followed by time in 24 hour notation diff --git a/templates/firewall/ipv6-name/node.tag/rule/node.tag/time/stoptime/node.def b/templates/firewall/ipv6-name/node.tag/rule/node.tag/time/stoptime/node.def index 5047259..4a42ca3 100644 --- a/templates/firewall/ipv6-name/node.tag/rule/node.tag/time/stoptime/node.def +++ b/templates/firewall/ipv6-name/node.tag/rule/node.tag/time/stoptime/node.def @@ -1,5 +1,5 @@ type: txt -help: Set to apply rule till specified time +help: Time of day to stop matching rule syntax:expression: pattern $VAR(@) "^[[:digit:]]\{2\}[:][[:digit:]]\{2\}[:][[:digit:]]\{2\}$" ; \ "Incorrect value for stoptime. Time should be entered using 24 hour notation - hh:mm:ss" diff --git a/templates/firewall/ipv6-name/node.tag/rule/node.tag/time/utc/node.def b/templates/firewall/ipv6-name/node.tag/rule/node.tag/time/utc/node.def index 68a0689..89c17f7 100644 --- a/templates/firewall/ipv6-name/node.tag/rule/node.tag/time/utc/node.def +++ b/templates/firewall/ipv6-name/node.tag/rule/node.tag/time/utc/node.def @@ -1 +1 @@ -help: Set to interpret the times given for startdate, stopdate, starttime and stoptime to be UTC +help: Interpret times for startdate, stopdate, starttime and stoptime to be UTC diff --git a/templates/firewall/ipv6-name/node.tag/rule/node.tag/time/weekdays/node.def b/templates/firewall/ipv6-name/node.tag/rule/node.tag/time/weekdays/node.def index aea3e22..dd2649b 100644 --- a/templates/firewall/ipv6-name/node.tag/rule/node.tag/time/weekdays/node.def +++ b/templates/firewall/ipv6-name/node.tag/rule/node.tag/time/weekdays/node.def @@ -1,5 +1,5 @@ type: txt -help: Set weekdays on which to apply rules on +help: Weekdays to match rule on syntax:expression: pattern $VAR(@) "^!?([[:upper:]][[:lower:]]\{2\}\,)*[[:upper:]][[:lower:]]\{2\}$" ; \ "Incorrect value for weekdays. Weekdays should be specified using the first three characters of the day with the first character capitalized eg. Mon,Thu,Sat diff --git a/templates/firewall/ipv6-receive-redirects/node.def b/templates/firewall/ipv6-receive-redirects/node.def index a7bd2c8..f837322 100644 --- a/templates/firewall/ipv6-receive-redirects/node.def +++ b/templates/firewall/ipv6-receive-redirects/node.def @@ -4,7 +4,7 @@ type: txt -help: Set policy for handling received ICMPv6 redirect messages +help: Policy for handling received ICMPv6 redirect messages comp_help:Possible completions: enable\tEnable processing of received ICMPv6 redirect messages diff --git a/templates/firewall/ipv6-src-route/node.def b/templates/firewall/ipv6-src-route/node.def index ec88393..ce182e4 100644 --- a/templates/firewall/ipv6-src-route/node.def +++ b/templates/firewall/ipv6-src-route/node.def @@ -9,7 +9,7 @@ type: txt -help: Set policy for handling IPv6 packets with routing extension header +help: Policy for handling IPv6 packets with routing extension header comp_help:Possible completions: enable\tEnable processing of IPv6 packets with routing header type 2 diff --git a/templates/firewall/log-martians/node.def b/templates/firewall/log-martians/node.def index 4d38903..bb3234b 100644 --- a/templates/firewall/log-martians/node.def +++ b/templates/firewall/log-martians/node.def @@ -6,7 +6,7 @@ type: txt -help: Set policy for logging IPv4 packets with invalid addresses +help: Policy for logging IPv4 packets with invalid addresses comp_help:Possible completions: enable\tEnable logging of IPv4 packets with invalid addresses diff --git a/templates/firewall/modify/node.def b/templates/firewall/modify/node.def index d75a615..becde92 100644 --- a/templates/firewall/modify/node.def +++ b/templates/firewall/modify/node.def @@ -27,4 +27,4 @@ end: if sudo /opt/vyatta/sbin/vyatta-firewall.pl --update-rules modify "$VAR(@)" create: sudo /opt/vyatta/sbin/vyatta-firewall.pl --setup iptables modify -help: Set IPv4 modify rule set name +help: IPv4 modify rule-set name diff --git a/templates/firewall/modify/node.tag/default-action/node.def b/templates/firewall/modify/node.tag/default-action/node.def index 6c514b0..34ed318 100644 --- a/templates/firewall/modify/node.tag/default-action/node.def +++ b/templates/firewall/modify/node.tag/default-action/node.def @@ -1,6 +1,6 @@ type: txt -help: Set firewall default-action +help: Default-action for rule-set default: "drop" diff --git a/templates/firewall/modify/node.tag/description/node.def b/templates/firewall/modify/node.tag/description/node.def index ee0a94c..e8e221b 100644 --- a/templates/firewall/modify/node.tag/description/node.def +++ b/templates/firewall/modify/node.tag/description/node.def @@ -1,3 +1,3 @@ type: txt -help: Set IPv4 modify rule set description +help: Rule-set description diff --git a/templates/firewall/modify/node.tag/enable-default-log/node.def b/templates/firewall/modify/node.tag/enable-default-log/node.def index 96b37ea..697719d 100644 --- a/templates/firewall/modify/node.tag/enable-default-log/node.def +++ b/templates/firewall/modify/node.tag/enable-default-log/node.def @@ -1 +1 @@ -help: Set logging on default-action +help: Option to log packets hitting default-action diff --git a/templates/firewall/modify/node.tag/rule/node.def b/templates/firewall/modify/node.tag/rule/node.def index b7366f9..9df6ef4 100644 --- a/templates/firewall/modify/node.tag/rule/node.def +++ b/templates/firewall/modify/node.tag/rule/node.def @@ -2,6 +2,6 @@ tag: type: u32 -help: Set modify rule number (1-9999) +help: Rule number (1-9999) syntax:expression: $VAR(@) > 0 && $VAR(@) <= 9999; "modify rule number must be between 1 and 9999" diff --git a/templates/firewall/modify/node.tag/rule/node.tag/action/node.def b/templates/firewall/modify/node.tag/rule/node.tag/action/node.def index 1bb7d43..ccf5675 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/action/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/action/node.def @@ -1,5 +1,5 @@ type: txt -help: Set modify rule action +help: Rule action syntax:expression: $VAR(@) in "drop", "accept", "modify"; "action must be one of drop, accept, or modify" diff --git a/templates/firewall/modify/node.tag/rule/node.tag/description/node.def b/templates/firewall/modify/node.tag/rule/node.tag/description/node.def index 9c0c2bb..dd2f535 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/description/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/description/node.def @@ -1,2 +1,2 @@ type: txt -help: Set rule description +help: Rule description diff --git a/templates/firewall/modify/node.tag/rule/node.tag/destination/address/node.def b/templates/firewall/modify/node.tag/rule/node.tag/destination/address/node.def index e25da77..1bb5321 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/destination/address/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/destination/address/node.def @@ -1,5 +1,5 @@ type: txt -help: Set destination IP address, subnet, or range +help: Destination IP address, subnet, or range comp_help: Possible completions: <x.x.x.x> IP address to match <x.x.x.x/x> Subnet to match diff --git a/templates/firewall/modify/node.tag/rule/node.tag/destination/group/address-group/node.def b/templates/firewall/modify/node.tag/rule/node.tag/destination/group/address-group/node.def index 32084d8..b768dee 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/destination/group/address-group/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/destination/group/address-group/node.def @@ -1,5 +1,5 @@ type: txt -help: Set group of addresses +help: Group of addresses commit:expression: exec "sudo /opt/vyatta/sbin/vyatta-ipset.pl \ --action=check-set-type \ diff --git a/templates/firewall/modify/node.tag/rule/node.tag/destination/group/network-group/node.def b/templates/firewall/modify/node.tag/rule/node.tag/destination/group/network-group/node.def index 5fa4b9f..77a8e81 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/destination/group/network-group/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/destination/group/network-group/node.def @@ -1,5 +1,5 @@ type: txt -help: Set group of networks +help: Group of networks commit:expression: exec "sudo /opt/vyatta/sbin/vyatta-ipset.pl \ --action=check-set-type \ diff --git a/templates/firewall/modify/node.tag/rule/node.tag/destination/group/node.def b/templates/firewall/modify/node.tag/rule/node.tag/destination/group/node.def index f3d9347..bb11dae 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/destination/group/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/destination/group/node.def @@ -1 +1 @@ -help: Set group to match +help: Destination group diff --git a/templates/firewall/modify/node.tag/rule/node.tag/destination/group/port-group/node.def b/templates/firewall/modify/node.tag/rule/node.tag/destination/group/port-group/node.def index d7187cd..f6a6844 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/destination/group/port-group/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/destination/group/port-group/node.def @@ -1,5 +1,5 @@ type: txt -help: Set group of ports +help: Group of ports commit:expression: exec "sudo /opt/vyatta/sbin/vyatta-ipset.pl \ --action=check-set-type \ diff --git a/templates/firewall/modify/node.tag/rule/node.tag/destination/node.def b/templates/firewall/modify/node.tag/rule/node.tag/destination/node.def index 500e0bb..dc227b7 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/destination/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/destination/node.def @@ -1 +1 @@ -help: Set firewall destination parameters +help: Destination parameters diff --git a/templates/firewall/modify/node.tag/rule/node.tag/destination/port/node.def b/templates/firewall/modify/node.tag/rule/node.tag/destination/port/node.def index 65170b2..8989f99 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/destination/port/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/destination/port/node.def @@ -1,5 +1,5 @@ type: txt -help: Set destination port +help: Destination port comp_help: Destination port(s) can be specified as a comma-separated list of: <port name> Named port (any name in /etc/services, e.g., http) <1-65535> Numbered port diff --git a/templates/firewall/modify/node.tag/rule/node.tag/disable/node.def b/templates/firewall/modify/node.tag/rule/node.tag/disable/node.def index d46d0c9..70565eb 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/disable/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/disable/node.def @@ -1 +1 @@ -help: Set firewall rule disabled +help: Option to disable rule diff --git a/templates/firewall/modify/node.tag/rule/node.tag/fragment/match-frag/node.def b/templates/firewall/modify/node.tag/rule/node.tag/fragment/match-frag/node.def index 75338e3..2f830a1 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/fragment/match-frag/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/fragment/match-frag/node.def @@ -1 +1 @@ -help: Match second and further fragments of fragmented packets +help: Second and further fragments of fragmented packets diff --git a/templates/firewall/modify/node.tag/rule/node.tag/fragment/match-non-frag/node.def b/templates/firewall/modify/node.tag/rule/node.tag/fragment/match-non-frag/node.def index 3105271..3590869 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/fragment/match-non-frag/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/fragment/match-non-frag/node.def @@ -1 +1 @@ -help: Match head fragments or unfragmented packets +help: Head fragments or unfragmented packets diff --git a/templates/firewall/modify/node.tag/rule/node.tag/fragment/node.def b/templates/firewall/modify/node.tag/rule/node.tag/fragment/node.def index c532d49..c3d9f02 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/fragment/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/fragment/node.def @@ -1 +1 @@ -help: Set IP fragment matching +help: IP fragment match diff --git a/templates/firewall/modify/node.tag/rule/node.tag/icmp/code/node.def b/templates/firewall/modify/node.tag/rule/node.tag/icmp/code/node.def index 71bacfc..b102b99 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/icmp/code/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/icmp/code/node.def @@ -1,3 +1,3 @@ type: u32; "ICMP code must be between 0 and 255" -help: Set ICMP code (0-255) +help: ICMP code (0-255) syntax:expression: $VAR(@) >=0 && $VAR(@) <= 255; "ICMP code must be between 0 and 255" diff --git a/templates/firewall/modify/node.tag/rule/node.tag/icmp/node.def b/templates/firewall/modify/node.tag/rule/node.tag/icmp/node.def index dcf9fcc..33a8e89 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/icmp/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/icmp/node.def @@ -1 +1 @@ -help: Set rule ICMP type and code information +help: ICMP type and code information diff --git a/templates/firewall/modify/node.tag/rule/node.tag/icmp/type-name/node.def b/templates/firewall/modify/node.tag/rule/node.tag/icmp/type-name/node.def index f61945c..b71c23a 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/icmp/type-name/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/icmp/type-name/node.def @@ -1,5 +1,5 @@ type: txt -help: Set icmp type-name to match +help: ICMP type-name allowed: array=(any echo-reply destination-unreachable network-unreachable host-unreachable protocol-unreachable port-unreachable diff --git a/templates/firewall/modify/node.tag/rule/node.tag/icmp/type/node.def b/templates/firewall/modify/node.tag/rule/node.tag/icmp/type/node.def index 6275a64..9d879e1 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/icmp/type/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/icmp/type/node.def @@ -1,3 +1,3 @@ type: u32; "ICMP type must be between 0 and 255" -help: Set ICMP type (0-255) +help: ICMP type (0-255) syntax:expression: $VAR(@) >=0 && $VAR(@) <= 255; "ICMP type must be between 0 and 255" diff --git a/templates/firewall/modify/node.tag/rule/node.tag/ipsec/match-ipsec/node.def b/templates/firewall/modify/node.tag/rule/node.tag/ipsec/match-ipsec/node.def index 8d4bf12..96ada47 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/ipsec/match-ipsec/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/ipsec/match-ipsec/node.def @@ -1 +1 @@ -help: Match inbound IPsec packets +help: Inbound IPsec packets diff --git a/templates/firewall/modify/node.tag/rule/node.tag/ipsec/match-none/node.def b/templates/firewall/modify/node.tag/rule/node.tag/ipsec/match-none/node.def index cfcbc8a..2d717d5 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/ipsec/match-none/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/ipsec/match-none/node.def @@ -1 +1 @@ -help: Match inbound non-IPsec packets +help: Inbound non-IPsec packets diff --git a/templates/firewall/modify/node.tag/rule/node.tag/ipsec/node.def b/templates/firewall/modify/node.tag/rule/node.tag/ipsec/node.def index c905e2d..96ada47 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/ipsec/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/ipsec/node.def @@ -1 +1 @@ -help: Set inbound IPsec packet matching +help: Inbound IPsec packets diff --git a/templates/firewall/modify/node.tag/rule/node.tag/limit/burst/node.def b/templates/firewall/modify/node.tag/rule/node.tag/limit/burst/node.def index 307e602..9097370 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/limit/burst/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/limit/burst/node.def @@ -1,4 +1,4 @@ type: u32 default: 1 -help: Set maximum number of packets to allow in excess of rate +help: Maximum number of packets to allow in excess of rate syntax:expression: ($VAR(@) >0) ; "Burst should be a value greater then zero" diff --git a/templates/firewall/modify/node.tag/rule/node.tag/limit/node.def b/templates/firewall/modify/node.tag/rule/node.tag/limit/node.def index 42081fe..75460b1 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/limit/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/limit/node.def @@ -1 +1 @@ -help: Set to match rule at a limited rate using a token bucket filter +help: Rate limit using a token bucket filter diff --git a/templates/firewall/modify/node.tag/rule/node.tag/limit/rate/node.def b/templates/firewall/modify/node.tag/rule/node.tag/limit/rate/node.def index 7a3b7d0..cd108f4 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/limit/rate/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/limit/rate/node.def @@ -1,5 +1,5 @@ type: txt -help: Set maximum average matching rate +help: Maximum average matching rate syntax:expression: pattern $VAR(@) "^[[:digit:]]+/(second|minute|hour|day)$" ; \ "Invalid value for rate. Rate should be specified as an integer followed by a forward slash '/' and either of these time units - second, minute, hour or day diff --git a/templates/firewall/modify/node.tag/rule/node.tag/log/node.def b/templates/firewall/modify/node.tag/rule/node.tag/log/node.def index 5023547..ba0e74b 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/log/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/log/node.def @@ -1,3 +1,3 @@ type: txt; "firwall logging must be enable or disable" -help: Set firewall logging +help: Option to log packets matching rule syntax:expression: $VAR(@) in "enable", "disable"; "firwall logging must be enable or disable" diff --git a/templates/firewall/modify/node.tag/rule/node.tag/modify/dscp/node.def b/templates/firewall/modify/node.tag/rule/node.tag/modify/dscp/node.def index b20f58c..3ed8f0d 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/modify/dscp/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/modify/dscp/node.def @@ -1,4 +1,4 @@ type: u32 -help: Set packet Differentiated Services Codepoint (DSCP) +help: Packet Differentiated Services Codepoint (DSCP) syntax:expression: $VAR(@) >= 0 && $VAR(@) < 64; "DSCP must be between 0 and 63" diff --git a/templates/firewall/modify/node.tag/rule/node.tag/modify/mark/node.def b/templates/firewall/modify/node.tag/rule/node.tag/modify/mark/node.def index 0830b9b..0776b34 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/modify/mark/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/modify/mark/node.def @@ -1,2 +1,2 @@ type: u32 -help: Set packet marking +help: Packet marking diff --git a/templates/firewall/modify/node.tag/rule/node.tag/modify/node.def b/templates/firewall/modify/node.tag/rule/node.tag/modify/node.def index f629b92..c61402f 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/modify/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/modify/node.def @@ -1 +1 @@ -help: Set packet modifications +help: Packet modifications diff --git a/templates/firewall/modify/node.tag/rule/node.tag/p2p/all/node.def b/templates/firewall/modify/node.tag/rule/node.tag/p2p/all/node.def index 3359454..bd61a90 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/p2p/all/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/p2p/all/node.def @@ -1 +1 @@ -help: Match AppleJuice/BitTorrent/Direct Connect/eDonkey/eMule/Gnutella/KaZaA application packets +help: AppleJuice/BitTorrent/Direct Connect/eDonkey/eMule/Gnutella/KaZaA application packets diff --git a/templates/firewall/modify/node.tag/rule/node.tag/p2p/applejuice/node.def b/templates/firewall/modify/node.tag/rule/node.tag/p2p/applejuice/node.def index 35c2182..8e9f704 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/p2p/applejuice/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/p2p/applejuice/node.def @@ -1 +1 @@ -help: Match AppleJuice application packets +help: AppleJuice application packets diff --git a/templates/firewall/modify/node.tag/rule/node.tag/p2p/bittorrent/node.def b/templates/firewall/modify/node.tag/rule/node.tag/p2p/bittorrent/node.def index a6330de..1a56963 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/p2p/bittorrent/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/p2p/bittorrent/node.def @@ -1 +1 @@ -help: Match BitTorrent application packets +help: BitTorrent application packets diff --git a/templates/firewall/modify/node.tag/rule/node.tag/p2p/directconnect/node.def b/templates/firewall/modify/node.tag/rule/node.tag/p2p/directconnect/node.def index ab11805..eb84108 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/p2p/directconnect/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/p2p/directconnect/node.def @@ -1 +1 @@ -help: Match Direct Connect application packets +help: Direct Connect application packets diff --git a/templates/firewall/modify/node.tag/rule/node.tag/p2p/edonkey/node.def b/templates/firewall/modify/node.tag/rule/node.tag/p2p/edonkey/node.def index 25a97e5..255e618 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/p2p/edonkey/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/p2p/edonkey/node.def @@ -1 +1 @@ -help: Match eDonkey/eMule application packets +help: eDonkey/eMule application packets diff --git a/templates/firewall/modify/node.tag/rule/node.tag/p2p/gnutella/node.def b/templates/firewall/modify/node.tag/rule/node.tag/p2p/gnutella/node.def index 52d9d6c..f21b60b 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/p2p/gnutella/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/p2p/gnutella/node.def @@ -1 +1 @@ -help: Match Gnutella application packets +help: Gnutella application packets diff --git a/templates/firewall/modify/node.tag/rule/node.tag/p2p/kazaa/node.def b/templates/firewall/modify/node.tag/rule/node.tag/p2p/kazaa/node.def index a6eab48..44c3156 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/p2p/kazaa/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/p2p/kazaa/node.def @@ -1 +1 @@ -help: Match KaZaA application packets +help: KaZaA application packets diff --git a/templates/firewall/modify/node.tag/rule/node.tag/p2p/node.def b/templates/firewall/modify/node.tag/rule/node.tag/p2p/node.def index 9013fe5..5959d3d 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/p2p/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/p2p/node.def @@ -1 +1 @@ -help: Set P2P application packet matching +help: P2P application packets diff --git a/templates/firewall/modify/node.tag/rule/node.tag/protocol/node.def b/templates/firewall/modify/node.tag/rule/node.tag/protocol/node.def index b739bff..66a5634 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/protocol/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/protocol/node.def @@ -1,5 +1,5 @@ type: txt -help: Set protocol to match (protocol name in /etc/protocols or protocol number or "all") +help: Protocol to match (protocol name in /etc/protocols or protocol number or "all") comp_help:Possible completions: <text> An IP protocol name from /etc/protocols (e.g. "tcp" or "udp") diff --git a/templates/firewall/modify/node.tag/rule/node.tag/recent/count/node.def b/templates/firewall/modify/node.tag/rule/node.tag/recent/count/node.def index 767f42c..28dc2cc 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/recent/count/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/recent/count/node.def @@ -1,4 +1,4 @@ type: u32 -help: Set to N to only match source addresses seen more than N times +help: Source addresses seen more than N times syntax:expression: $VAR(@) >=1 && $VAR(@) <= 255; "recent count value must be between 1 and 255" diff --git a/templates/firewall/modify/node.tag/rule/node.tag/recent/node.def b/templates/firewall/modify/node.tag/rule/node.tag/recent/node.def index e1be0a3..3acc871 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/recent/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/recent/node.def @@ -1 +1 @@ -help: Set parameters for matching recently seen sources +help: Parameters for matching recently seen sources diff --git a/templates/firewall/modify/node.tag/rule/node.tag/recent/time/node.def b/templates/firewall/modify/node.tag/rule/node.tag/recent/time/node.def index b84a0b7..9c49ed8 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/recent/time/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/recent/time/node.def @@ -1,2 +1,2 @@ type: u32 -help: Set to N to only match source addresses seen in the last N seconds +help: Source addresses seen in the last N seconds diff --git a/templates/firewall/modify/node.tag/rule/node.tag/source/address/node.def b/templates/firewall/modify/node.tag/rule/node.tag/source/address/node.def index a11b2ba..2bee1b7 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/source/address/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/source/address/node.def @@ -1,5 +1,5 @@ type: txt -help: Set source IP address, subnet, or range +help: Source IP address, subnet, or range\ comp_help: Possible completions: <x.x.x.x> IP address to match <x.x.x.x/x> Subnet to match diff --git a/templates/firewall/modify/node.tag/rule/node.tag/source/group/address-group/node.def b/templates/firewall/modify/node.tag/rule/node.tag/source/group/address-group/node.def index 163c068..d70ba0f 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/source/group/address-group/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/source/group/address-group/node.def @@ -1,5 +1,5 @@ type: txt -help: Set group of addresses +help: Group of addresses commit:expression: exec "sudo /opt/vyatta/sbin/vyatta-ipset.pl \ --action=check-set-type \ diff --git a/templates/firewall/modify/node.tag/rule/node.tag/source/group/network-group/node.def b/templates/firewall/modify/node.tag/rule/node.tag/source/group/network-group/node.def index 5fa4b9f..77a8e81 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/source/group/network-group/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/source/group/network-group/node.def @@ -1,5 +1,5 @@ type: txt -help: Set group of networks +help: Group of networks commit:expression: exec "sudo /opt/vyatta/sbin/vyatta-ipset.pl \ --action=check-set-type \ diff --git a/templates/firewall/modify/node.tag/rule/node.tag/source/group/node.def b/templates/firewall/modify/node.tag/rule/node.tag/source/group/node.def index f3d9347..7b36071 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/source/group/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/source/group/node.def @@ -1 +1 @@ -help: Set group to match +help: Source group diff --git a/templates/firewall/modify/node.tag/rule/node.tag/source/group/port-group/node.def b/templates/firewall/modify/node.tag/rule/node.tag/source/group/port-group/node.def index d7187cd..f6a6844 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/source/group/port-group/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/source/group/port-group/node.def @@ -1,5 +1,5 @@ type: txt -help: Set group of ports +help: Group of ports commit:expression: exec "sudo /opt/vyatta/sbin/vyatta-ipset.pl \ --action=check-set-type \ diff --git a/templates/firewall/modify/node.tag/rule/node.tag/source/mac-address/node.def b/templates/firewall/modify/node.tag/rule/node.tag/source/mac-address/node.def index fd10e26..ad07881 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/source/mac-address/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/source/mac-address/node.def @@ -1,3 +1,3 @@ type: txt -help: Set source MAC address +help: Source MAC address syntax:expression: exec "/opt/vyatta/sbin/vyatta-validate-type.pl macaddr_negate '$VAR(@)'" ; "invalid MAC address \"$VAR(@)\"" diff --git a/templates/firewall/modify/node.tag/rule/node.tag/source/node.def b/templates/firewall/modify/node.tag/rule/node.tag/source/node.def index 16ab3ad..84cdc1f 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/source/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/source/node.def @@ -1 +1 @@ -help: Set firewall source parameters +help: Source parameters diff --git a/templates/firewall/modify/node.tag/rule/node.tag/source/port/node.def b/templates/firewall/modify/node.tag/rule/node.tag/source/port/node.def index e65cbfd..4cec3cf 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/source/port/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/source/port/node.def @@ -1,5 +1,5 @@ type: txt -help: Set source port +help: Source port comp_help: Source port(s) can be specified as a comma-separated list of: <port name> Named port (any name in /etc/services, e.g., http) <1-65535> Numbered port diff --git a/templates/firewall/modify/node.tag/rule/node.tag/state/established/node.def b/templates/firewall/modify/node.tag/rule/node.tag/state/established/node.def index 802e35d..a4f3120 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/state/established/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/state/established/node.def @@ -1,3 +1,3 @@ type: txt -help: Set established state +help: Established state syntax:expression: $VAR(@) in "enable", "disable" ; "state value must be enable or disable" diff --git a/templates/firewall/modify/node.tag/rule/node.tag/state/invalid/node.def b/templates/firewall/modify/node.tag/rule/node.tag/state/invalid/node.def index ddba99f..dc6110d 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/state/invalid/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/state/invalid/node.def @@ -1,3 +1,3 @@ type: txt -help: Set invalid state +help: Invalid state syntax:expression: $VAR(@) in "enable", "disable" ; "state value must be enable or disable" diff --git a/templates/firewall/modify/node.tag/rule/node.tag/state/new/node.def b/templates/firewall/modify/node.tag/rule/node.tag/state/new/node.def index 23854e7..6ef1f7a 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/state/new/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/state/new/node.def @@ -1,3 +1,3 @@ type: txt -help: Set new state +help: New state syntax:expression: $VAR(@) in "enable", "disable" ; "state value must be enable or disable" diff --git a/templates/firewall/modify/node.tag/rule/node.tag/state/node.def b/templates/firewall/modify/node.tag/rule/node.tag/state/node.def index 3b7b383..0e38df4 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/state/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/state/node.def @@ -1 +1 @@ -help: Set session state +help: Session state diff --git a/templates/firewall/modify/node.tag/rule/node.tag/state/related/node.def b/templates/firewall/modify/node.tag/rule/node.tag/state/related/node.def index acddc3b..2364c31 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/state/related/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/state/related/node.def @@ -1,3 +1,3 @@ type: txt -help: Set related state +help: Related state syntax:expression: $VAR(@) in "enable", "disable" ; "state value must be enable or disable" diff --git a/templates/firewall/modify/node.tag/rule/node.tag/tcp/flags/node.def b/templates/firewall/modify/node.tag/rule/node.tag/tcp/flags/node.def index 95f6a68..b86e707 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/tcp/flags/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/tcp/flags/node.def @@ -1,5 +1,5 @@ type: txt -help: Set TCP flags to match +help: TCP flags to match syntax:expression: pattern $VAR(@) "^((!?ALL)|((!?(SYN|ACK|FIN|RST|PSH|URG),)*(!?(SYN|ACK|FIN|RST|PSH|URG))))$" ; \ "Invalid value for TCP flags. Allowed values : SYN ACK FIN RST URG PSH ALL When specifying more than one flag, flags should be comma-separated. diff --git a/templates/firewall/modify/node.tag/rule/node.tag/tcp/node.def b/templates/firewall/modify/node.tag/rule/node.tag/tcp/node.def index 636f4a2..66bc295 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/tcp/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/tcp/node.def @@ -1 +1 @@ -help: Set tcp flags to match +help: TCP flags to match diff --git a/templates/firewall/modify/node.tag/rule/node.tag/time/monthdays/node.def b/templates/firewall/modify/node.tag/rule/node.tag/time/monthdays/node.def index b5d3285..14c1d5c 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/time/monthdays/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/time/monthdays/node.def @@ -1,5 +1,5 @@ type: txt -help: Set monthdays on which to match rule +help: Monthdays to match rule on syntax:expression: pattern $VAR(@) "^!?([[:digit:]]\{1,2\}\,)*[[:digit:]]\{1,2\}$" ; \ "Incorrect value for monthdays. Monthdays should be specified as 2,12,21 For negation, add ! in front eg. !2,12,21" diff --git a/templates/firewall/modify/node.tag/rule/node.tag/time/node.def b/templates/firewall/modify/node.tag/rule/node.tag/time/node.def index b7e283b..238acd2 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/time/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/time/node.def @@ -1 +1 @@ -help: Set to match rule at a specified time +help: Time to match rule diff --git a/templates/firewall/modify/node.tag/rule/node.tag/time/startdate/node.def b/templates/firewall/modify/node.tag/rule/node.tag/time/startdate/node.def index b54ff51..25e02e8 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/time/startdate/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/time/startdate/node.def @@ -1,5 +1,5 @@ type: txt -help: Set to match rule starting from the given date +help: Date to start matching rule syntax:expression: pattern $VAR(@) "^[[:digit:]]\{4\}[-][[:digit:]]\{2\}[-][[:digit:]]\{2\}(T[[:digit:]]\{2\}[:][[:digit:]]\{2\}[:][[:digit:]]\{2\})?$" ; \ "Invalid value for startdate. Date should use yyyy-mm-dd format. To specify time of date with startdate, append 'T' to date followed by time in 24 hour notation diff --git a/templates/firewall/modify/node.tag/rule/node.tag/time/starttime/node.def b/templates/firewall/modify/node.tag/rule/node.tag/time/starttime/node.def index b5b149d..ab69c45 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/time/starttime/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/time/starttime/node.def @@ -1,5 +1,5 @@ type: txt -help: Set to match rule starting from the given time of day +help: Time of day to start matching rule syntax:expression: pattern $VAR(@) "^[[:digit:]]\{2\}[:][[:digit:]]\{2\}[:][[:digit:]]\{2\}$" ; \ "Incorrect value for starttime. Time should be entered using 24 hour notation - hh:mm:ss" diff --git a/templates/firewall/modify/node.tag/rule/node.tag/time/stopdate/node.def b/templates/firewall/modify/node.tag/rule/node.tag/time/stopdate/node.def index 1fd9d8e..8fdf6e0 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/time/stopdate/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/time/stopdate/node.def @@ -1,5 +1,5 @@ type: txt -help: Set to match rule until the given date +help: Date to stop matching rule syntax:expression: pattern $VAR(@) "^[[:digit:]]\{4\}[-][[:digit:]]\{2\}[-][[:digit:]]\{2\}(T[[:digit:]]\{2\}[:][[:digit:]]\{2\}[:][[:digit:]]\{2\})?$" ; \ "Invalid value for stopdate. Date should use yyyy-mm-dd format. To specify time of date with stopdate, append 'T' to date followed by time in 24 hour notation diff --git a/templates/firewall/modify/node.tag/rule/node.tag/time/stoptime/node.def b/templates/firewall/modify/node.tag/rule/node.tag/time/stoptime/node.def index a3afce3..4a42ca3 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/time/stoptime/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/time/stoptime/node.def @@ -1,5 +1,5 @@ type: txt -help: Set to match rule to the given time of day +help: Time of day to stop matching rule syntax:expression: pattern $VAR(@) "^[[:digit:]]\{2\}[:][[:digit:]]\{2\}[:][[:digit:]]\{2\}$" ; \ "Incorrect value for stoptime. Time should be entered using 24 hour notation - hh:mm:ss" diff --git a/templates/firewall/modify/node.tag/rule/node.tag/time/utc/node.def b/templates/firewall/modify/node.tag/rule/node.tag/time/utc/node.def index 68a0689..89c17f7 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/time/utc/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/time/utc/node.def @@ -1 +1 @@ -help: Set to interpret the times given for startdate, stopdate, starttime and stoptime to be UTC +help: Interpret times for startdate, stopdate, starttime and stoptime to be UTC diff --git a/templates/firewall/modify/node.tag/rule/node.tag/time/weekdays/node.def b/templates/firewall/modify/node.tag/rule/node.tag/time/weekdays/node.def index fe167ac..dd2649b 100644 --- a/templates/firewall/modify/node.tag/rule/node.tag/time/weekdays/node.def +++ b/templates/firewall/modify/node.tag/rule/node.tag/time/weekdays/node.def @@ -1,5 +1,5 @@ type: txt -help: Set weekdays on which to match rules on +help: Weekdays to match rule on syntax:expression: pattern $VAR(@) "^!?([[:upper:]][[:lower:]]\{2\}\,)*[[:upper:]][[:lower:]]\{2\}$" ; \ "Incorrect value for weekdays. Weekdays should be specified using the first three characters of the day with the first character capitalized eg. Mon,Thu,Sat diff --git a/templates/firewall/name/node.def b/templates/firewall/name/node.def index 88e01c2..2f2d05b 100644 --- a/templates/firewall/name/node.def +++ b/templates/firewall/name/node.def @@ -27,4 +27,4 @@ end: if sudo /opt/vyatta/sbin/vyatta-firewall.pl --update-rules name "$VAR(@)" ; create: sudo /opt/vyatta/sbin/vyatta-firewall.pl --setup iptables name -help: Set IPv4 firewall rule set name +help: IPv4 firewall rule-set name diff --git a/templates/firewall/name/node.tag/default-action/node.def b/templates/firewall/name/node.tag/default-action/node.def index 000b3ce..db160f0 100644 --- a/templates/firewall/name/node.tag/default-action/node.def +++ b/templates/firewall/name/node.tag/default-action/node.def @@ -1,6 +1,6 @@ type: txt -help: Set firewall default-action +help: Default-action for rule-set default: "drop" diff --git a/templates/firewall/name/node.tag/description/node.def b/templates/firewall/name/node.tag/description/node.def index f56909a..e8e221b 100644 --- a/templates/firewall/name/node.tag/description/node.def +++ b/templates/firewall/name/node.tag/description/node.def @@ -1,3 +1,3 @@ type: txt -help: Set IPv4 firewall rule set description +help: Rule-set description diff --git a/templates/firewall/name/node.tag/enable-default-log/node.def b/templates/firewall/name/node.tag/enable-default-log/node.def index 96b37ea..e540d3f 100644 --- a/templates/firewall/name/node.tag/enable-default-log/node.def +++ b/templates/firewall/name/node.tag/enable-default-log/node.def @@ -1 +1 @@ -help: Set logging on default-action +help: Option to log packets hitting default-action diff --git a/templates/firewall/name/node.tag/rule/node.def b/templates/firewall/name/node.tag/rule/node.def index 08a7488..e2dc34e 100644 --- a/templates/firewall/name/node.tag/rule/node.def +++ b/templates/firewall/name/node.tag/rule/node.def @@ -2,6 +2,6 @@ tag: type: u32 -help: Set firewall rule number (1-9999) +help: Rule number (1-9999) syntax:expression: $VAR(@) > 0 && $VAR(@) <= 9999; "firewall rule number must be between 1 and 9999" diff --git a/templates/firewall/name/node.tag/rule/node.tag/action/node.def b/templates/firewall/name/node.tag/rule/node.tag/action/node.def index 88c9b53..d2af3c7 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/action/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/action/node.def @@ -1,6 +1,6 @@ type: txt -help: Set firewall rule action [REQUIRED] +help: Rule action [REQUIRED] syntax:expression: $VAR(@) in "drop", "reject", "accept", "inspect"; "action must be one of drop, reject, accept, or inspect" diff --git a/templates/firewall/name/node.tag/rule/node.tag/description/node.def b/templates/firewall/name/node.tag/rule/node.tag/description/node.def index b49b91e..90bf88b 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/description/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/description/node.def @@ -1,3 +1,3 @@ type: txt -help: Set rule description +help: Rule description diff --git a/templates/firewall/name/node.tag/rule/node.tag/destination/address/node.def b/templates/firewall/name/node.tag/rule/node.tag/destination/address/node.def index e78fd70..99d7b8a 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/destination/address/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/destination/address/node.def @@ -1,6 +1,6 @@ type: txt -help: Set destination IP address, subnet, or range +help: Destination IP address, subnet, or range comp_help: Possible completions: <x.x.x.x> IPv4 address to match diff --git a/templates/firewall/name/node.tag/rule/node.tag/destination/group/address-group/node.def b/templates/firewall/name/node.tag/rule/node.tag/destination/group/address-group/node.def index 32084d8..b768dee 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/destination/group/address-group/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/destination/group/address-group/node.def @@ -1,5 +1,5 @@ type: txt -help: Set group of addresses +help: Group of addresses commit:expression: exec "sudo /opt/vyatta/sbin/vyatta-ipset.pl \ --action=check-set-type \ diff --git a/templates/firewall/name/node.tag/rule/node.tag/destination/group/network-group/node.def b/templates/firewall/name/node.tag/rule/node.tag/destination/group/network-group/node.def index 5fa4b9f..77a8e81 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/destination/group/network-group/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/destination/group/network-group/node.def @@ -1,5 +1,5 @@ type: txt -help: Set group of networks +help: Group of networks commit:expression: exec "sudo /opt/vyatta/sbin/vyatta-ipset.pl \ --action=check-set-type \ diff --git a/templates/firewall/name/node.tag/rule/node.tag/destination/group/node.def b/templates/firewall/name/node.tag/rule/node.tag/destination/group/node.def index f3d9347..bb11dae 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/destination/group/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/destination/group/node.def @@ -1 +1 @@ -help: Set group to match +help: Destination group diff --git a/templates/firewall/name/node.tag/rule/node.tag/destination/group/port-group/node.def b/templates/firewall/name/node.tag/rule/node.tag/destination/group/port-group/node.def index d7187cd..f6a6844 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/destination/group/port-group/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/destination/group/port-group/node.def @@ -1,5 +1,5 @@ type: txt -help: Set group of ports +help: Group of ports commit:expression: exec "sudo /opt/vyatta/sbin/vyatta-ipset.pl \ --action=check-set-type \ diff --git a/templates/firewall/name/node.tag/rule/node.tag/destination/node.def b/templates/firewall/name/node.tag/rule/node.tag/destination/node.def index 500e0bb..dc227b7 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/destination/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/destination/node.def @@ -1 +1 @@ -help: Set firewall destination parameters +help: Destination parameters diff --git a/templates/firewall/name/node.tag/rule/node.tag/destination/port/node.def b/templates/firewall/name/node.tag/rule/node.tag/destination/port/node.def index b292864..760c0e8 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/destination/port/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/destination/port/node.def @@ -1,6 +1,6 @@ type: txt -help: Set destination port +help: Destination port comp_help: Destination port(s) can be specified as a comma-separated list of: <port name> Named port (any name in /etc/services, e.g., http) diff --git a/templates/firewall/name/node.tag/rule/node.tag/disable/node.def b/templates/firewall/name/node.tag/rule/node.tag/disable/node.def index 498a027..5c2cdfd 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/disable/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/disable/node.def @@ -1 +1 @@ -help: Set firewall rule disabled
\ No newline at end of file +help: Option to disable firewall rule diff --git a/templates/firewall/name/node.tag/rule/node.tag/fragment/match-frag/node.def b/templates/firewall/name/node.tag/rule/node.tag/fragment/match-frag/node.def index 75338e3..2f830a1 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/fragment/match-frag/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/fragment/match-frag/node.def @@ -1 +1 @@ -help: Match second and further fragments of fragmented packets +help: Second and further fragments of fragmented packets diff --git a/templates/firewall/name/node.tag/rule/node.tag/fragment/match-non-frag/node.def b/templates/firewall/name/node.tag/rule/node.tag/fragment/match-non-frag/node.def index 3105271..3590869 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/fragment/match-non-frag/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/fragment/match-non-frag/node.def @@ -1 +1 @@ -help: Match head fragments or unfragmented packets +help: Head fragments or unfragmented packets diff --git a/templates/firewall/name/node.tag/rule/node.tag/fragment/node.def b/templates/firewall/name/node.tag/rule/node.tag/fragment/node.def index c532d49..c3d9f02 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/fragment/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/fragment/node.def @@ -1 +1 @@ -help: Set IP fragment matching +help: IP fragment match diff --git a/templates/firewall/name/node.tag/rule/node.tag/icmp/code/node.def b/templates/firewall/name/node.tag/rule/node.tag/icmp/code/node.def index 8ff1c09..84f77b4 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/icmp/code/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/icmp/code/node.def @@ -1,5 +1,5 @@ type: u32; "ICMP code must be between 0 and 255" -help: Set ICMP code (0-255) +help: ICMP code (0-255) syntax:expression: $VAR(@) >=0 && $VAR(@) <= 255; "ICMP code must be between 0 and 255" diff --git a/templates/firewall/name/node.tag/rule/node.tag/icmp/node.def b/templates/firewall/name/node.tag/rule/node.tag/icmp/node.def index dcf9fcc..33a8e89 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/icmp/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/icmp/node.def @@ -1 +1 @@ -help: Set rule ICMP type and code information +help: ICMP type and code information diff --git a/templates/firewall/name/node.tag/rule/node.tag/icmp/type-name/node.def b/templates/firewall/name/node.tag/rule/node.tag/icmp/type-name/node.def index 4669142..c3d4420 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/icmp/type-name/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/icmp/type-name/node.def @@ -1,5 +1,5 @@ type: txt -help: Set icmp type-name to match +help: ICMP type-name allowed: array=(any echo-reply pong destination-unreachable network-unreachable host-unreachable protocol-unreachable port-unreachable diff --git a/templates/firewall/name/node.tag/rule/node.tag/icmp/type/node.def b/templates/firewall/name/node.tag/rule/node.tag/icmp/type/node.def index 9cd72b3..ce69c45 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/icmp/type/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/icmp/type/node.def @@ -1,5 +1,5 @@ type: u32; "ICMP type must be between 0 and 255" -help: Set ICMP type (0-255) +help: ICMP type (0-255) syntax:expression: $VAR(@) >=0 && $VAR(@) <= 255; "ICMP type must be between 0 and 255" diff --git a/templates/firewall/name/node.tag/rule/node.tag/ipsec/match-ipsec/node.def b/templates/firewall/name/node.tag/rule/node.tag/ipsec/match-ipsec/node.def index 8d4bf12..96ada47 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/ipsec/match-ipsec/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/ipsec/match-ipsec/node.def @@ -1 +1 @@ -help: Match inbound IPsec packets +help: Inbound IPsec packets diff --git a/templates/firewall/name/node.tag/rule/node.tag/ipsec/match-none/node.def b/templates/firewall/name/node.tag/rule/node.tag/ipsec/match-none/node.def index cfcbc8a..2d717d5 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/ipsec/match-none/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/ipsec/match-none/node.def @@ -1 +1 @@ -help: Match inbound non-IPsec packets +help: Inbound non-IPsec packets diff --git a/templates/firewall/name/node.tag/rule/node.tag/ipsec/node.def b/templates/firewall/name/node.tag/rule/node.tag/ipsec/node.def index c905e2d..96ada47 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/ipsec/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/ipsec/node.def @@ -1 +1 @@ -help: Set inbound IPsec packet matching +help: Inbound IPsec packets diff --git a/templates/firewall/name/node.tag/rule/node.tag/limit/burst/node.def b/templates/firewall/name/node.tag/rule/node.tag/limit/burst/node.def index 307e602..9097370 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/limit/burst/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/limit/burst/node.def @@ -1,4 +1,4 @@ type: u32 default: 1 -help: Set maximum number of packets to allow in excess of rate +help: Maximum number of packets to allow in excess of rate syntax:expression: ($VAR(@) >0) ; "Burst should be a value greater then zero" diff --git a/templates/firewall/name/node.tag/rule/node.tag/limit/node.def b/templates/firewall/name/node.tag/rule/node.tag/limit/node.def index 42081fe..75460b1 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/limit/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/limit/node.def @@ -1 +1 @@ -help: Set to match rule at a limited rate using a token bucket filter +help: Rate limit using a token bucket filter diff --git a/templates/firewall/name/node.tag/rule/node.tag/limit/rate/node.def b/templates/firewall/name/node.tag/rule/node.tag/limit/rate/node.def index 7a3b7d0..cd108f4 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/limit/rate/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/limit/rate/node.def @@ -1,5 +1,5 @@ type: txt -help: Set maximum average matching rate +help: Maximum average matching rate syntax:expression: pattern $VAR(@) "^[[:digit:]]+/(second|minute|hour|day)$" ; \ "Invalid value for rate. Rate should be specified as an integer followed by a forward slash '/' and either of these time units - second, minute, hour or day diff --git a/templates/firewall/name/node.tag/rule/node.tag/log/node.def b/templates/firewall/name/node.tag/rule/node.tag/log/node.def index 5023547..ba0e74b 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/log/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/log/node.def @@ -1,3 +1,3 @@ type: txt; "firwall logging must be enable or disable" -help: Set firewall logging +help: Option to log packets matching rule syntax:expression: $VAR(@) in "enable", "disable"; "firwall logging must be enable or disable" diff --git a/templates/firewall/name/node.tag/rule/node.tag/p2p/all/node.def b/templates/firewall/name/node.tag/rule/node.tag/p2p/all/node.def index 3359454..bd61a90 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/p2p/all/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/p2p/all/node.def @@ -1 +1 @@ -help: Match AppleJuice/BitTorrent/Direct Connect/eDonkey/eMule/Gnutella/KaZaA application packets +help: AppleJuice/BitTorrent/Direct Connect/eDonkey/eMule/Gnutella/KaZaA application packets diff --git a/templates/firewall/name/node.tag/rule/node.tag/p2p/applejuice/node.def b/templates/firewall/name/node.tag/rule/node.tag/p2p/applejuice/node.def index 35c2182..8e9f704 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/p2p/applejuice/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/p2p/applejuice/node.def @@ -1 +1 @@ -help: Match AppleJuice application packets +help: AppleJuice application packets diff --git a/templates/firewall/name/node.tag/rule/node.tag/p2p/bittorrent/node.def b/templates/firewall/name/node.tag/rule/node.tag/p2p/bittorrent/node.def index a6330de..1a56963 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/p2p/bittorrent/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/p2p/bittorrent/node.def @@ -1 +1 @@ -help: Match BitTorrent application packets +help: BitTorrent application packets diff --git a/templates/firewall/name/node.tag/rule/node.tag/p2p/directconnect/node.def b/templates/firewall/name/node.tag/rule/node.tag/p2p/directconnect/node.def index ab11805..eb84108 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/p2p/directconnect/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/p2p/directconnect/node.def @@ -1 +1 @@ -help: Match Direct Connect application packets +help: Direct Connect application packets diff --git a/templates/firewall/name/node.tag/rule/node.tag/p2p/edonkey/node.def b/templates/firewall/name/node.tag/rule/node.tag/p2p/edonkey/node.def index 25a97e5..255e618 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/p2p/edonkey/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/p2p/edonkey/node.def @@ -1 +1 @@ -help: Match eDonkey/eMule application packets +help: eDonkey/eMule application packets diff --git a/templates/firewall/name/node.tag/rule/node.tag/p2p/gnutella/node.def b/templates/firewall/name/node.tag/rule/node.tag/p2p/gnutella/node.def index 52d9d6c..f21b60b 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/p2p/gnutella/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/p2p/gnutella/node.def @@ -1 +1 @@ -help: Match Gnutella application packets +help: Gnutella application packets diff --git a/templates/firewall/name/node.tag/rule/node.tag/p2p/kazaa/node.def b/templates/firewall/name/node.tag/rule/node.tag/p2p/kazaa/node.def index a6eab48..44c3156 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/p2p/kazaa/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/p2p/kazaa/node.def @@ -1 +1 @@ -help: Match KaZaA application packets +help: KaZaA application packets diff --git a/templates/firewall/name/node.tag/rule/node.tag/p2p/node.def b/templates/firewall/name/node.tag/rule/node.tag/p2p/node.def index 9013fe5..5959d3d 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/p2p/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/p2p/node.def @@ -1 +1 @@ -help: Set P2P application packet matching +help: P2P application packets diff --git a/templates/firewall/name/node.tag/rule/node.tag/protocol/node.def b/templates/firewall/name/node.tag/rule/node.tag/protocol/node.def index 21a58eb..1e9bf89 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/protocol/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/protocol/node.def @@ -1,6 +1,6 @@ type: txt -help: Set protocol to match (protocol name in /etc/protocols or protocol number or "all") +help: Protocol to match (protocol name in /etc/protocols or protocol number or "all") comp_help:Possible completions: <text> An IP protocol name from /etc/protocols (e.g. "tcp" or "udp") diff --git a/templates/firewall/name/node.tag/rule/node.tag/recent/count/node.def b/templates/firewall/name/node.tag/rule/node.tag/recent/count/node.def index 7f72b46..efd8dd8 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/recent/count/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/recent/count/node.def @@ -1,3 +1,3 @@ type: u32 -help: Set to N to only match source addresses seen more than N times +help: Source addresses seen more than N times syntax:expression: $VAR(@) >=1 && $VAR(@) <= 255; "recent count value must be between 1 and 255" diff --git a/templates/firewall/name/node.tag/rule/node.tag/recent/node.def b/templates/firewall/name/node.tag/rule/node.tag/recent/node.def index e1be0a3..3acc871 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/recent/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/recent/node.def @@ -1 +1 @@ -help: Set parameters for matching recently seen sources +help: Parameters for matching recently seen sources diff --git a/templates/firewall/name/node.tag/rule/node.tag/recent/time/node.def b/templates/firewall/name/node.tag/rule/node.tag/recent/time/node.def index b84a0b7..9c49ed8 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/recent/time/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/recent/time/node.def @@ -1,2 +1,2 @@ type: u32 -help: Set to N to only match source addresses seen in the last N seconds +help: Source addresses seen in the last N seconds diff --git a/templates/firewall/name/node.tag/rule/node.tag/source/address/node.def b/templates/firewall/name/node.tag/rule/node.tag/source/address/node.def index a11b2ba..eab1cb8 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/source/address/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/source/address/node.def @@ -1,5 +1,5 @@ type: txt -help: Set source IP address, subnet, or range +help: Source IP address, subnet, or range comp_help: Possible completions: <x.x.x.x> IP address to match <x.x.x.x/x> Subnet to match diff --git a/templates/firewall/name/node.tag/rule/node.tag/source/group/address-group/node.def b/templates/firewall/name/node.tag/rule/node.tag/source/group/address-group/node.def index 163c068..d70ba0f 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/source/group/address-group/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/source/group/address-group/node.def @@ -1,5 +1,5 @@ type: txt -help: Set group of addresses +help: Group of addresses commit:expression: exec "sudo /opt/vyatta/sbin/vyatta-ipset.pl \ --action=check-set-type \ diff --git a/templates/firewall/name/node.tag/rule/node.tag/source/group/network-group/node.def b/templates/firewall/name/node.tag/rule/node.tag/source/group/network-group/node.def index 5fa4b9f..77a8e81 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/source/group/network-group/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/source/group/network-group/node.def @@ -1,5 +1,5 @@ type: txt -help: Set group of networks +help: Group of networks commit:expression: exec "sudo /opt/vyatta/sbin/vyatta-ipset.pl \ --action=check-set-type \ diff --git a/templates/firewall/name/node.tag/rule/node.tag/source/group/node.def b/templates/firewall/name/node.tag/rule/node.tag/source/group/node.def index f3d9347..7b36071 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/source/group/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/source/group/node.def @@ -1 +1 @@ -help: Set group to match +help: Source group diff --git a/templates/firewall/name/node.tag/rule/node.tag/source/group/port-group/node.def b/templates/firewall/name/node.tag/rule/node.tag/source/group/port-group/node.def index d7187cd..f6a6844 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/source/group/port-group/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/source/group/port-group/node.def @@ -1,5 +1,5 @@ type: txt -help: Set group of ports +help: Group of ports commit:expression: exec "sudo /opt/vyatta/sbin/vyatta-ipset.pl \ --action=check-set-type \ diff --git a/templates/firewall/name/node.tag/rule/node.tag/source/mac-address/node.def b/templates/firewall/name/node.tag/rule/node.tag/source/mac-address/node.def index fd10e26..ad07881 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/source/mac-address/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/source/mac-address/node.def @@ -1,3 +1,3 @@ type: txt -help: Set source MAC address +help: Source MAC address syntax:expression: exec "/opt/vyatta/sbin/vyatta-validate-type.pl macaddr_negate '$VAR(@)'" ; "invalid MAC address \"$VAR(@)\"" diff --git a/templates/firewall/name/node.tag/rule/node.tag/source/node.def b/templates/firewall/name/node.tag/rule/node.tag/source/node.def index 16ab3ad..84cdc1f 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/source/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/source/node.def @@ -1 +1 @@ -help: Set firewall source parameters +help: Source parameters diff --git a/templates/firewall/name/node.tag/rule/node.tag/source/port/node.def b/templates/firewall/name/node.tag/rule/node.tag/source/port/node.def index e65cbfd..4cec3cf 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/source/port/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/source/port/node.def @@ -1,5 +1,5 @@ type: txt -help: Set source port +help: Source port comp_help: Source port(s) can be specified as a comma-separated list of: <port name> Named port (any name in /etc/services, e.g., http) <1-65535> Numbered port diff --git a/templates/firewall/name/node.tag/rule/node.tag/state/established/node.def b/templates/firewall/name/node.tag/rule/node.tag/state/established/node.def index 802e35d..a4f3120 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/state/established/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/state/established/node.def @@ -1,3 +1,3 @@ type: txt -help: Set established state +help: Established state syntax:expression: $VAR(@) in "enable", "disable" ; "state value must be enable or disable" diff --git a/templates/firewall/name/node.tag/rule/node.tag/state/invalid/node.def b/templates/firewall/name/node.tag/rule/node.tag/state/invalid/node.def index ddba99f..dc6110d 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/state/invalid/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/state/invalid/node.def @@ -1,3 +1,3 @@ type: txt -help: Set invalid state +help: Invalid state syntax:expression: $VAR(@) in "enable", "disable" ; "state value must be enable or disable" diff --git a/templates/firewall/name/node.tag/rule/node.tag/state/new/node.def b/templates/firewall/name/node.tag/rule/node.tag/state/new/node.def index 23854e7..6ef1f7a 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/state/new/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/state/new/node.def @@ -1,3 +1,3 @@ type: txt -help: Set new state +help: New state syntax:expression: $VAR(@) in "enable", "disable" ; "state value must be enable or disable" diff --git a/templates/firewall/name/node.tag/rule/node.tag/state/node.def b/templates/firewall/name/node.tag/rule/node.tag/state/node.def index 3b7b383..0e38df4 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/state/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/state/node.def @@ -1 +1 @@ -help: Set session state +help: Session state diff --git a/templates/firewall/name/node.tag/rule/node.tag/state/related/node.def b/templates/firewall/name/node.tag/rule/node.tag/state/related/node.def index acddc3b..2364c31 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/state/related/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/state/related/node.def @@ -1,3 +1,3 @@ type: txt -help: Set related state +help: Related state syntax:expression: $VAR(@) in "enable", "disable" ; "state value must be enable or disable" diff --git a/templates/firewall/name/node.tag/rule/node.tag/tcp/flags/node.def b/templates/firewall/name/node.tag/rule/node.tag/tcp/flags/node.def index 95f6a68..b86e707 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/tcp/flags/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/tcp/flags/node.def @@ -1,5 +1,5 @@ type: txt -help: Set TCP flags to match +help: TCP flags to match syntax:expression: pattern $VAR(@) "^((!?ALL)|((!?(SYN|ACK|FIN|RST|PSH|URG),)*(!?(SYN|ACK|FIN|RST|PSH|URG))))$" ; \ "Invalid value for TCP flags. Allowed values : SYN ACK FIN RST URG PSH ALL When specifying more than one flag, flags should be comma-separated. diff --git a/templates/firewall/name/node.tag/rule/node.tag/tcp/node.def b/templates/firewall/name/node.tag/rule/node.tag/tcp/node.def index 636f4a2..66bc295 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/tcp/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/tcp/node.def @@ -1 +1 @@ -help: Set tcp flags to match +help: TCP flags to match diff --git a/templates/firewall/name/node.tag/rule/node.tag/time/monthdays/node.def b/templates/firewall/name/node.tag/rule/node.tag/time/monthdays/node.def index b5d3285..14c1d5c 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/time/monthdays/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/time/monthdays/node.def @@ -1,5 +1,5 @@ type: txt -help: Set monthdays on which to match rule +help: Monthdays to match rule on syntax:expression: pattern $VAR(@) "^!?([[:digit:]]\{1,2\}\,)*[[:digit:]]\{1,2\}$" ; \ "Incorrect value for monthdays. Monthdays should be specified as 2,12,21 For negation, add ! in front eg. !2,12,21" diff --git a/templates/firewall/name/node.tag/rule/node.tag/time/node.def b/templates/firewall/name/node.tag/rule/node.tag/time/node.def index b7e283b..238acd2 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/time/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/time/node.def @@ -1 +1 @@ -help: Set to match rule at a specified time +help: Time to match rule diff --git a/templates/firewall/name/node.tag/rule/node.tag/time/startdate/node.def b/templates/firewall/name/node.tag/rule/node.tag/time/startdate/node.def index 09a2f19..46f9eb9 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/time/startdate/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/time/startdate/node.def @@ -1,5 +1,5 @@ type: txt -help: Set to match rule starting from the given date +help: Date to start matching rule syntax:expression: pattern $VAR(@) "^[[:digit:]]\{4\}[-][[:digit:]]\{2\}[-][[:digit:]]\{2\}(T[[:digit:]]\{2\}[:][[:digit:]]\{2\}[:][[:digit:]]\{2\})?$" ; \ "Invalid value for startdate. Date should use yyyy-mm-dd format. To specify time of date with startdate, append 'T' to date followed by time in 24 hour notation diff --git a/templates/firewall/name/node.tag/rule/node.tag/time/starttime/node.def b/templates/firewall/name/node.tag/rule/node.tag/time/starttime/node.def index b5b149d..ab69c45 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/time/starttime/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/time/starttime/node.def @@ -1,5 +1,5 @@ type: txt -help: Set to match rule starting from the given time of day +help: Time of day to start matching rule syntax:expression: pattern $VAR(@) "^[[:digit:]]\{2\}[:][[:digit:]]\{2\}[:][[:digit:]]\{2\}$" ; \ "Incorrect value for starttime. Time should be entered using 24 hour notation - hh:mm:ss" diff --git a/templates/firewall/name/node.tag/rule/node.tag/time/stopdate/node.def b/templates/firewall/name/node.tag/rule/node.tag/time/stopdate/node.def index 5e58b2a..93fc8b6 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/time/stopdate/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/time/stopdate/node.def @@ -1,5 +1,5 @@ type: txt -help: Set to match rule until the given date +help: Date to stop matching rule syntax:expression: pattern $VAR(@) "^[[:digit:]]\{4\}[-][[:digit:]]\{2\}[-][[:digit:]]\{2\}(T[[:digit:]]\{2\}[:][[:digit:]]\{2\}[:][[:digit:]]\{2\})?$" ; \ "Invalid value for stopdate. Date should use yyyy-mm-dd format. To specify time of date with stopdate, append 'T' to date followed by time in 24 hour notation diff --git a/templates/firewall/name/node.tag/rule/node.tag/time/stoptime/node.def b/templates/firewall/name/node.tag/rule/node.tag/time/stoptime/node.def index a3afce3..4a42ca3 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/time/stoptime/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/time/stoptime/node.def @@ -1,5 +1,5 @@ type: txt -help: Set to match rule to the given time of day +help: Time of day to stop matching rule syntax:expression: pattern $VAR(@) "^[[:digit:]]\{2\}[:][[:digit:]]\{2\}[:][[:digit:]]\{2\}$" ; \ "Incorrect value for stoptime. Time should be entered using 24 hour notation - hh:mm:ss" diff --git a/templates/firewall/name/node.tag/rule/node.tag/time/utc/node.def b/templates/firewall/name/node.tag/rule/node.tag/time/utc/node.def index 68a0689..89c17f7 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/time/utc/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/time/utc/node.def @@ -1 +1 @@ -help: Set to interpret the times given for startdate, stopdate, starttime and stoptime to be UTC +help: Interpret times for startdate, stopdate, starttime and stoptime to be UTC diff --git a/templates/firewall/name/node.tag/rule/node.tag/time/weekdays/node.def b/templates/firewall/name/node.tag/rule/node.tag/time/weekdays/node.def index fe167ac..dd2649b 100644 --- a/templates/firewall/name/node.tag/rule/node.tag/time/weekdays/node.def +++ b/templates/firewall/name/node.tag/rule/node.tag/time/weekdays/node.def @@ -1,5 +1,5 @@ type: txt -help: Set weekdays on which to match rules on +help: Weekdays to match rule on syntax:expression: pattern $VAR(@) "^!?([[:upper:]][[:lower:]]\{2\}\,)*[[:upper:]][[:lower:]]\{2\}$" ; \ "Incorrect value for weekdays. Weekdays should be specified using the first three characters of the day with the first character capitalized eg. Mon,Thu,Sat diff --git a/templates/firewall/node.def b/templates/firewall/node.def index 4b825c6..5054f23 100644 --- a/templates/firewall/node.def +++ b/templates/firewall/node.def @@ -1,5 +1,5 @@ priority: 215 -help: Configure firewall +help: Firewall delete: # set conntrack table size to standard 16384 entries if fw disabled sudo sh -c "echo 16384 > /proc/sys/net/nf_conntrack_max" diff --git a/templates/firewall/receive-redirects/node.def b/templates/firewall/receive-redirects/node.def index e72fed7..ffc1649 100644 --- a/templates/firewall/receive-redirects/node.def +++ b/templates/firewall/receive-redirects/node.def @@ -14,7 +14,7 @@ type: txt -help: Set policy for handling received IPv4 ICMP redirect messages +help: Policy for handling received IPv4 ICMP redirect messages comp_help:Possible completions: enable\tEnable processing of received IPv4 ICMP redirect messages diff --git a/templates/firewall/send-redirects/node.def b/templates/firewall/send-redirects/node.def index 0a34a15..8acd4bf 100644 --- a/templates/firewall/send-redirects/node.def +++ b/templates/firewall/send-redirects/node.def @@ -6,7 +6,7 @@ type: txt -help: Set policy for sending IPv4 ICMP redirect messages +help: Policy for sending IPv4 ICMP redirect messages comp_help:Possible completions: enable\tEnable sending IPv4 ICMP redirect messages diff --git a/templates/firewall/source-validation/node.def b/templates/firewall/source-validation/node.def index 2e9fa1c..7853bec 100644 --- a/templates/firewall/source-validation/node.def +++ b/templates/firewall/source-validation/node.def @@ -6,7 +6,7 @@ type: txt -help: Set policy for source validation by reversed path, as specified in RFC3704 +help: Policy for source validation by reversed path, as specified in RFC3704 comp_help:Possible completions: strict\tEnable Strict Reverse Path Forwarding as defined in RFC3704 diff --git a/templates/firewall/syn-cookies/node.def b/templates/firewall/syn-cookies/node.def index d823ab0..282a350 100644 --- a/templates/firewall/syn-cookies/node.def +++ b/templates/firewall/syn-cookies/node.def @@ -5,7 +5,7 @@ type: txt -help: Set policy for using TCP SYN cookies with IPv4 +help: Policy for using TCP SYN cookies with IPv4 comp_help:Possible completions: enable\tEnable use of TCP SYN cookies with IPv4 |