# HG changeset patch # User Paul Issott # Date 1374172525 -3600 # Node ID 72c2ef5c57e7ab5f26f35348d6929bc2a5706ec3 # Parent 8e208c31ad8e3323b593230ea98f62667167d36e Tiny edits diff -r 8e208c31ad8e -r 72c2ef5c57e7 etc/slitaz/firewall.conf --- a/etc/slitaz/firewall.conf Thu Jul 18 03:32:28 2013 +0300 +++ b/etc/slitaz/firewall.conf Thu Jul 18 19:35:25 2013 +0100 @@ -2,14 +2,14 @@ # Sourced by: /etc/init.d/firewall and /etc/slitaz/firewall.sh # -# Network interfaces (separate by space) +# Network interfaces (separated by space). INTERFACES="eth0" -# Enable/disable kernel security +# Enable/disable kernel security. KERNEL_SECURITY="yes" # Enable/disable iptables rules (iptables package must be installed). IPTABLES_RULES="no" -# Accept input on the local network +# Accept input on the local network. LOCAL_NETWORK="192.168.0.0/24" diff -r 8e208c31ad8e -r 72c2ef5c57e7 etc/slitaz/firewall.sh --- a/etc/slitaz/firewall.sh Thu Jul 18 03:32:28 2013 +0300 +++ b/etc/slitaz/firewall.sh Thu Jul 18 19:35:25 2013 +0100 @@ -19,33 +19,33 @@ # Accept input on the local network iptables -A INPUT -s $LOCAL_NETWORK -j ACCEPT -# Accept near all output trafic. +# Accept (nearly) all output trafic iptables -A OUTPUT -m conntrack --ctstate NEW,ESTABLISHED,RELATED -j ACCEPT -# Accept input trafic only for connections initialized by user. +# Accept input trafic only for connections initialized by user iptables -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT # If you manage a HTTP/SSH/FTP/IRC server you can accept input for -# non-established connections an some ports. Else you can disable the -# lines below for more secured setup. +# non-established connections on some ports. Else you can disable the +# lines below for a more secure setup for iface in $INTERFACES do - # Accept input on port 80 for the HTTP server. + # Accept input on port 80 for the HTTP server iptables -A INPUT -i $iface -p tcp --source-port 80 -j ACCEPT - # Accept input on port 22 for SSH. + # Accept input on port 22 for SSH iptables -A INPUT -i $iface -p tcp --destination-port 22 -j ACCEPT - # Accept port 21 and, 1024 to 60310 for FTP. + # Accept port 21 and 1024 to 60310 for FTP iptables -A INPUT -i $iface -p tcp --destination-port 21 -j ACCEPT iptables -A INPUT -i $iface -p tcp --destination-port 1024:60310 -j ACCEPT - # Accept port 6667 for IRC chat. + # Accept port 6667 for IRC chat iptables -A INPUT -i $iface -p tcp --source-port 6667 -j ACCEPT - # Accept unprivileged ports. + # Accept unprivileged ports iptables -A INPUT -i $iface -p udp --destination-port 1024:65535 -j ACCEPT - # Accept ping. + # Accept ping iptables -A INPUT -i $iface -p icmp -j ACCEPT done diff -r 8e208c31ad8e -r 72c2ef5c57e7 tinyutils/file-manager --- a/tinyutils/file-manager Thu Jul 18 03:32:28 2013 +0300 +++ b/tinyutils/file-manager Thu Jul 18 19:35:25 2013 +0100 @@ -1,5 +1,5 @@ #!/bin/sh -# Lauch SliTaz default File manager. +# Launch SliTaz default File manager. # . /etc/slitaz/applications.conf diff -r 8e208c31ad8e -r 72c2ef5c57e7 tinyutils/tazhw --- a/tinyutils/tazhw Thu Jul 18 03:32:28 2013 +0300 +++ b/tinyutils/tazhw Thu Jul 18 19:35:25 2013 +0100 @@ -50,7 +50,7 @@ { if [ -x /usr/bin/get-$mod-firmware ]; then if [ ! -d /var/lib/tazpkg/installed/$mod-firmware ]; then - # We need and active connection to install firmware and we + # We need an active connection to install firmware and we # only install firmware if specified from cmdline. if ifconfig | grep -q "inet addr"; then # Ensure module is not loaded and get files. diff -r 8e208c31ad8e -r 72c2ef5c57e7 tinyutils/terminal --- a/tinyutils/terminal Thu Jul 18 03:32:28 2013 +0300 +++ b/tinyutils/terminal Thu Jul 18 19:35:25 2013 +0100 @@ -15,7 +15,7 @@ -help --help $(gettext 'Print out this message') -geometry --geometry $(eval_gettext 'Width and height of terminal window ($GEOMETRY)') -t -title -T --title $(eval_gettext 'Title name for window ("$TITLE")') --h -hold $(gettext "Dont't close terminal after command finished") +-h -hold $(gettext "Don't close terminal after command finished") -e --xterm-execute $(gettext 'Command to execute (must be last in line)')