Merge pull request #166 from micha137/patch-1

2015-07-22 11:06:08 -04:00 · 2015-07-22 11:06:08 -04:00 · dff7b82daf
commit dff7b82daf
parent 89b2e8f477 0ac52b9b4d
1 changed files with 15 additions and 15 deletions
--- a/server/fwknopd.conf
+++ b/server/fwknopd.conf
@ -13,13 +13,13 @@
 # You will need to edit the access.conf file in order for fwknop to function
 # correctly.
 #
-# Most of these can remain commented out unless you need to overide the
+# Most of these can remain commented out unless you need to override the
 # default setting.
 #
 # It is also important to note that there are some subtle (and some not
 # so subtle) differences between this configuration file, its parameters
 # and valid values and the configuration file used by the legacy Perl
-# version  of fwknopd.  Please pay careful attention to the format and
+# version of fwknopd.  Please pay careful attention to the format and
 # values used in this file if you are migrating from the legacy Perl
 # version.
 #
@ -28,8 +28,8 @@

 #
 # Define the default verbosity level the fwknop server should use.
-# A value of "0" is the default verbosity level. Setting it up to "1" or
-# higher will allow debugging messges be displayed.
+# A value of "0" is the default verbosity level. Setting it up to "1" or
+# higher will allow debugging messages to be displayed.
 #
 #VERBOSE                     0;

@ -81,7 +81,7 @@
 # man page.
 #PCAP_DISPATCH_COUNT            0;

-# Sets the number of microseconds to passed as an argument to usleep() in
+# Sets the number of microseconds to pass as an argument to usleep() in
 # the pcap loop.  The default is 100000 microseconds, or 1/10th of a second.
 #PCAP_LOOP_SLEEP                100000;

@ -111,8 +111,8 @@

 # Enable the fwknopd TCP server.  This is a "dummy" TCP server that will
 # accept TCP connection requests on the specified TCPSERV_PORT.
-# If set to "Y", fwknopd will fork off a child process to listen for, and
-# accept incoming TCP request.  This server only accepts the
+# If set to "Y", fwknopd will fork off a child process to listen for and
+# accept incoming TCP requests.  This server only accepts the
 # request.  It does not otherwise communicate. This is only to allow the
 # incoming SPA over TCP packet which is detected via PCAP. The connection
 # is closed after 1 second regardless.
@ -142,7 +142,7 @@

 # This variable controls whether fwknopd is permitted to sniff SPA packets
 # regardless of whether they are received on the sniffing interface or sent
-# from the sniffing interface.  In the later case, this can be useful to have
+# from the sniffing interface.  In the latter case, this can be useful to have
 # fwknopd sniff SPA packets that are forwarded through a system and destined
 # for a different network.  If the sniffing interface is the egress interface
 # for such packets, then this variable will need to be set to "Y" in order for
@ -167,7 +167,7 @@
 #       This is a possible future feature of fwknopd.
 #
 # The following four variables control whether a global set of "open" and
-# "close" commands are executed after receving a valid SPA packet.  These
+# "close" commands are executed after receiving a valid SPA packet.  These
 # variables are used only if FIREWALL_TYPE is set to "external_cmd", but
 # the same variables can also exist within the access.conf file so that
 # mixed deployments are possible - that is, some SPA packets will operate
@ -216,7 +216,7 @@
 #FLUSH_FIREWD_AT_EXIT           Y;
 #

-# Allow SPA clients to request access to services through an firewalld
+# Allow SPA clients to request access to services through a firewalld
 # firewall instead of just to it (i.e. access through the FWKNOP_FORWARD
 # chain instead of the INPUT chain).
 #
@ -240,7 +240,7 @@
 # when ENABLE_FIREWD_SNAT is set to "Y", and by default SNAT rules are built
 # with the MASQUERADE target (since then the internal IP does not have to be
 # defined here in the fwknop.conf file), but if you want fwknopd to use the
-# SNAT target then also defined an IP address with the SNAT_TRANSLATE_IP
+# SNAT target then also define an IP address with the SNAT_TRANSLATE_IP
 # variable.
 #
 #ENABLE_FIREWD_SNAT             N;
@ -283,7 +283,7 @@
 #   where fwknop rules are added.
 #
 # "Rule_position":
-#   Defines the position where rule are added within the To_chain.
+#   Defines the position where rules are added within the To_chain.
 #
 #FIREWD_INPUT_ACCESS        ACCEPT, filter, INPUT, 1, FWKNOP_INPUT, 1;

@ -309,7 +309,7 @@
 # firewalld 'comment' match at start up.  If it's not found, then fwknopd will
 # exit and throw an error.  This variable is enabled by default, but can be
 # disabled if you want fwknopd to run without being sure that the comment match
-# if available (not recommended, since the comment match enables new SPA rules
+# is available (not recommended, since the comment match enables new SPA rules
 # to be timed out).
 #
 #ENABLE_FIREWD_COMMENT_CHECK        Y;
@ -348,7 +348,7 @@
 # when ENABLE_IPT_SNAT is set to "Y", and by default SNAT rules are built
 # with the MASQUERADE target (since then the internal IP does not have to be
 # defined here in the fwknop.conf file), but if you want fwknopd to use the
-# SNAT target then also defined an IP address with the SNAT_TRANSLATE_IP
+# SNAT target then also define an IP address with the SNAT_TRANSLATE_IP
 # variable.
 #
 #ENABLE_IPT_SNAT             N;
@ -417,7 +417,7 @@
 # iptables 'comment' match at start up.  If it's not found, then fwknopd will
 # exit and throw an error.  This variable is enabled by default, but can be
 # disabled if you want fwknopd to run without being sure that the comment match
-# if available (not recommended, since the comment match enables new SPA rules
+# is available (not recommended, since the comment match enables new SPA rules
 # to be timed out).
 #
 #ENABLE_IPT_COMMENT_CHECK        Y;