debian/0000755000000000000000000000000012063601445007167 5ustar debian/arno-iptables-firewall.examples0000644000000000000000000000002611436206053015267 0ustar contrib/adsl-failover debian/source/0000755000000000000000000000000011436206053010466 5ustar debian/source/format0000644000000000000000000000001411436206053011674 0ustar 3.0 (quilt) debian/TODO0000644000000000000000000000006311436206053007655 0ustar * Make /etc/arno-iptables-firewall root:adm o-rx debian/templates0000644000000000000000000001361511740774073011127 0ustar Template: arno-iptables-firewall/title Type: title _description: arno-iptables-firewall configuration Template: arno-iptables-firewall/config-ext-if Type: string _description: External network interfaces: The external network interfaces connect this machine to untrusted networks (e.g. the Internet). The firewall will only permit connections attempts with explicitly allowed source/destination-port combinations on these interfaces. You have to specify all external interfaces (e.g. eth0 and/or ppp0). . For a ppp-interface that doesn't exist yet you can use the wildcard device called "ppp+", but you can only use ppp+ if there aren't any other ppp interfaces! . If no interfaces are specified here, no firewall setup will be performed. . Multiple interfaces should be specified space separated. Template: arno-iptables-firewall/dynamic-ip Type: boolean _description: Is DHCP used on external interfaces? This machine might use DHCP to dynamically obtain its IP address from your Internet service provider (ISP). This will be almost always the case if you have a non-permanent (e.g. dialup) connection. . If DHCP is not explicitly enabled, the firewall will block all DHCP-related network traffic. . Leave this enabled, if you are unsure. Default: true Template: arno-iptables-firewall/services-tcp Type: string _description: Open external TCP-ports: The default firewall policy is to deny all incoming traffic on the external interfaces. If this machine provides services to the outside world (e.g. the Internet) they have to be explicitly enabled. . Please specify the TCP-ports numbers associated with the services that shall be accessible from the outside world. Some frequently used ports are: 80 (http), 443 (https) or 22 (ssh). . In addition to single port numbers you may also specify port ranges (e.g. 10000:11000). Multiple entries should be entered space separated. . If unsure, leave this empty. Template: arno-iptables-firewall/services-udp Type: string _description: Open external UDP-ports: The default firewall policy is to deny all incoming traffic on the external interfaces. If this machine provides services for the outside world (e.g. the Internet) they have to be explicitly enabled. . Please specify the UDP-ports numbers associated with the services that shall be accessible from the outside world. . In addition to single port numbers you may also specify port ranges (e.g. 10000:11000). Multiple entries should be entered space separated. . If unsure, leave this empty. Template: arno-iptables-firewall/restart Type: boolean _description: Should the firewall be (re)started now? For security reasons the new firewall setup is not applied automatically. You might want to perform a manual inspection of the firewall configuration in /etc/arno-iptables-firewall/firewall.conf, especially when upgrading to a new version, as configuration variables might have changed. . In order to later manually apply the new firewall settings before the next reboot, invoke 'invoke-rc.d arno-iptables-firewall start'. . If you do not need manual inspection, the firewall-setup can be applied now. Default: true Template: arno-iptables-firewall/nat Type: boolean _description: Do you want to enable NAT? If the connected internal networks should be able to access the outside world (e.g. the Internet) through the firewall, masquerading (NAT) has to be enabled. . When in doubt, you can safely leave this disabled. Default: false Template: arno-iptables-firewall/config-int-if Type: string _description: Internal network interfaces: The internal network interfaces connect this machine to trusted networks (e.g. the office or home LAN). The firewall will permit all connection attempts on these interfaces. If you specify such interfaces, you will be able to permit the internal networks to access the Internet through this host. If there are no such interfaces, leave this empty. . Multiple interfaces should be entered space separated. Template: arno-iptables-firewall/config-int-net Type: string _description: Internal subnets: You have to specify which subnets are connected to the internal network interfaces. Hosts in the internal networks can connect to all the services on this machine. . Give subnets in CIDR notation (e.g. 192.168.1.0/24). If you have multiple internal networks, they should be space separated. Template: arno-iptables-firewall/config-int-nat-net Type: string _description: Internal networks with access to external networks: If you want to restrict the access to the external networks, you can specify the allowed internal subnets in CIDR notation (e.g. 192.168.1.0/24). It is also possible to specify single hosts by their IP addresses. If you have multiple internal networks and/or hosts, they should be given space separated. . If you leave this empty, the value is automatically set to equal the internal network. Therefore the WHOLE internal network will have access to the external networks, so be careful to only specify networks that should have access to the outside world. . If you are unsure, leave this empty. Template: arno-iptables-firewall/icmp-echo Type: boolean _description: Should the machine be pingable from the outside world? For increased security the firewall can be setup to ignore ICMP echo requests (pings). While this is generally a good idea (the host seems to be down at a first glance), this is sometimes not useful (e.g. failure diagnostics). . If you are not sure, leave this disabled. Default: false Template: arno-iptables-firewall/debconf-wanted Type: boolean _description: Do you want to manage the firewall setup with debconf? A basic firewall setup that is suitable for most purposes can be created by answering a few questions. This should be the preferred option for all who are not familiar with firewall-related topics. . If you do not want that, the firewall will not work before you have edited the configuration manually. Default: true debian/po/0000755000000000000000000000000012063601444007604 5ustar debian/po/es.po0000644000000000000000000003562611537203521010566 0ustar # arno-iptables-firewall translation to spanish # Copyright (C) 2004, 2007, 2009 Software in the Public Interest # This file is distributed under the same license as the arno-iptables-firewall package. # # Changes: # - Initial translation # Alberto Rivera , 2007 # # - Updates # Francisco Javier Cuadrado , 2009 # # Traductores, si no conocen el formato PO, merece la pena leer la # documentación de gettext, especialmente las secciones dedicadas a este # formato, por ejemplo ejecutando: # info -n '(gettext)PO Files' # info -n '(gettext)Header Entry' # # Equipo de traducción al español, por favor lean antes de traducir # los siguientes documentos: # # - El proyecto de traducción de Debian al español # http://www.debian.org/intl/spanish/coordinacion # especialmente las notas de traducción en # http://www.debian.org/intl/spanish/notas # # - La guía de traducción de po's de debconf: # /usr/share/doc/po-debconf/README-trans # o http://www.debian.org/intl/l10n/po-debconf/README-trans # msgid "" msgstr "" "Project-Id-Version: arno-iptables-firewall 1.9.0.b-1\n" "Report-Msgid-Bugs-To: michael.hanke@gmail.com\n" "POT-Creation-Date: 2006-10-05 13:39+0200\n" "PO-Revision-Date: 2009-04-01 09:26+0100\n" "Last-Translator: Francisco Javier Cuadrado \n" "Language-Team: Debian l10n Spanish \n" "Language: \n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" #. Type: title #. description #: ../templates:1001 msgid "arno-iptables-firewall configuration" msgstr "Configuración de arno-iptables-firewall" #. Type: string #. description #: ../templates:2001 msgid "External network interfaces:" msgstr "Interfaces externas de red:" #. Type: string #. description #: ../templates:2001 msgid "" "The external network interfaces connect this machine to untrusted networks " "(e.g. the Internet). The firewall will only permit connections attempts with " "explicitly allowed source/destination-port combinations on these interfaces. " "You have to specify all external interfaces (e.g. eth0 and/or ppp0)." msgstr "" "Las interfaces externas de red conectan la máquina con redes inseguras (por " "ejemplo: Internet). El cortafuegos sólo permitirá los intentos de conexión " "con combinaciones de origen/puerto-destino explícitamente permitidas para " "estas interfaces. Debe especificar todas las interfaces externas (por " "ejemplo: eth0 y/o ppp0)." #. Type: string #. description #: ../templates:2001 msgid "" "For a ppp-interface that doesn't exist yet you can use the wildcard device " "called \"ppp+\", but you can only use ppp+ if there aren't any other ppp " "interfaces!" msgstr "" "Para una interfaz ppp que todavía no exista, puede utilizar un dispositivo " "comodín llamado «ppp+», pero solamente se puede utilizar «ppp+» si no " "existe ninguna otra interfaz ppp." #. Type: string #. description #: ../templates:2001 msgid "" "If no interfaces are specified here, no firewall setup will be performed." msgstr "" "Si no se introduce ninguna interfaz aquí, no se realizará ninguna " "configuración del cortafuegos." #. Type: string #. description #: ../templates:2001 msgid "Multiple interfaces should be specified space separated." msgstr "Las interfaces se deben introducir separadas por espacios." #. Type: boolean #. description #: ../templates:3001 msgid "Is DHCP used on external interfaces?" msgstr "¿El servicio DHCP se utiliza en interfaces externas?" #. Type: boolean #. description #: ../templates:3001 msgid "" "This machine might use DHCP to dynamically obtain its IP address from your " "Internet service provider (ISP). This will be almost always the case if you " "have a non-permanent (e.g. dialup) connection." msgstr "" "Esta máquina podría utilizar DHCP para obtener dinámicamente su dirección IP " "desde el proveedor de servicios de internet (ISP). Éste casi siempre será el " "caso, si tiene una conexión dinámica (por ejemplo: una conexión de marcado)." #. Type: boolean #. description #: ../templates:3001 msgid "" "If DHCP is not explicitly enabled, the firewall will block all DHCP-related " "network traffic." msgstr "" "Si el servicio DHCP no está activado explícitamente, el cortafuegos " "bloqueará todo el tráfico de la red relacionado con DHCP." #. Type: boolean #. description #: ../templates:3001 msgid "Leave this enabled, if you are unsure." msgstr "Deje esto activado, si no está seguro." #. Type: string #. description #: ../templates:4001 msgid "Open external TCP-ports:" msgstr "Puertos TCP externos a abrir:" #. Type: string #. description #: ../templates:4001 msgid "" "The default firewall policy is to deny all incoming traffic on the external " "interfaces. If this machine provides services to the outside world (e.g. the " "Internet) they have to be explicitly enabled." msgstr "" "La política predeterminada del cortafuegos es denegar todo el tráfico " "entrante por las interfaces externas. Si esta máquina proporciona servicios " "al exterior (por ejemplo: Internet) tiene que activarlos explícitamente." #. Type: string #. description #: ../templates:4001 msgid "" "Please specify the TCP-ports numbers associated with the services that shall " "be accessible from the outside world. Some frequently used ports are: 80 " "(http), 443 (https) or 22 (ssh)." msgstr "" "Especifique los números de los puertos TCP asociados a los servicios que " "serán accesibles desde el exterior. Algunos de los puertos que se utilizan " "más frecuentemente son: 80 (HTTP), 443 (HTTPS), 22 (SSH)." #. Type: string #. description #. Type: string #. description #: ../templates:4001 ../templates:5001 msgid "" "In addition to single port numbers you may also specify port ranges (e.g. " "10000:11000). Multiple entries should be entered space separated." msgstr "" "Además de los números de los puertos, puede especificar un rango de puertos " "(por ejemplo: «10000:11000»). Las entradas se deben introducir separadas por " "espacios." #. Type: string #. description #. Type: string #. description #: ../templates:4001 ../templates:5001 msgid "If unsure, leave this empty." msgstr "Si no está seguro, deje esto vacío." #. Type: string #. description #: ../templates:5001 msgid "Open external UDP-ports:" msgstr "Puertos UDP externos a abrir:" #. Type: string #. description #: ../templates:5001 msgid "" "The default firewall policy is to deny all incoming traffic on the external " "interfaces. If this machine provides services for the outside world (e.g. " "the Internet) they have to be explicitly enabled." msgstr "" "La política predeterminada del cortafuegos es denegar todo el tráfico " "entrante por las interfaces externas. Si esta máquina proporciona servicios " "al exterior (por ejemplo: Internet) tiene que activarlos explícitamente." #. Type: string #. description #: ../templates:5001 msgid "" "Please specify the UDP-ports numbers associated with the services that shall " "be accessible from the outside world." msgstr "" "Especifique los números de los puertos UDP asociados a los servicios que " "serán accesibles desde el exterior." #. Type: boolean #. description #: ../templates:6001 msgid "Should the firewall be (re)started now?" msgstr "¿Desea que el cortafuegos se (re)inicie ahora?" #. Type: boolean #. description #: ../templates:6001 msgid "" "For security reasons the new firewall setup is not applied automatically. " "You might want to perform a manual inspection of the firewall configuration " "in /etc/arno-iptables-firewall/firewall.conf, especially when upgrading to a " "new version, as configuration variables might have changed." msgstr "" "Por motivos de seguridad la configuración del nuevo cortafuegos no se aplica " "automáticamente. Puede que desee realizar una inspección manual de la " "configuración en el archivo «/etc/arno-iptables-firewall/firewall.conf», " "especialmente cuando se actualice a una nueva versión, ya que pueden haber " "cambiado algunas variables de la configuración." #. Type: boolean #. description #: ../templates:6001 msgid "" "In order to later manually apply the new firewall settings before the next " "reboot, invoke 'invoke-rc.d arno-iptables-firewall start'." msgstr "" "Para aplicar manualmente las configuraciones nuevas del cortafuegos antes " "del siguiente reinicio, ejecute «invoke-rc.d arno-iptables-firewall start»." #. Type: boolean #. description #: ../templates:6001 msgid "" "If you do not need manual inspection, the firewall-setup can be applied now." msgstr "" "Si no necesita revisar las configuraciones manualmente, la configuración del " "cortafuegos se puede aplicar ahora." #. Type: boolean #. description #: ../templates:7001 msgid "Do you want to enable NAT?" msgstr "¿Desea habilitar NAT?" #. Type: boolean #. description #: ../templates:7001 msgid "" "If the connected internal networks should be able to access the outside " "world (e.g. the Internet) through the firewall, masquerading (NAT) has to be " "enabled." msgstr "" "Si las redes internas conectadas deberían tener acceso al exterior (por " "ejemplo: Internet) a través del cortafuegos, el enmascaramiento (NAT) tiene " "que estar activo." #. Type: boolean #. description #: ../templates:7001 msgid "When in doubt, you can safely leave this disabled." msgstr "Si tiene alguna duda, puede dejar esto deshabilitado con seguridad." #. Type: string #. description #: ../templates:8001 msgid "Internal network interfaces:" msgstr "Interfaces internas de red:" #. Type: string #. description #: ../templates:8001 msgid "" "The internal network interfaces connect this machine to trusted networks (e." "g. the office or home LAN). The firewall will permit all connection attempts " "on these interfaces. If you specify such interfaces, you will be able to " "permit the internal networks to access the Internet through this host. If " "there are no such interfaces, leave this empty." msgstr "" "Las interfaces internas de red conectan esta máquina con las redes de " "confianza (por ejemplo: la LAN casera o la de la oficina). El cortafuegos " "permitirá todos los intentos de conexión a estas interfaces. Si especifica " "dichas interfaces, podrá permitir que las redes internas tengan acceso a " "Internet a través de esta máquina. Si no existen estas interfaces, deje esto " "vacío." #. Type: string #. description #: ../templates:8001 msgid "Multiple interfaces should be entered space separated." msgstr "Las interfaces se deben introducir separadas por espacios." #. Type: string #. description #: ../templates:9001 msgid "Internal subnets:" msgstr "Subredes internas:" #. Type: string #. description #: ../templates:9001 msgid "" "You have to specify which subnets are connected to the internal network " "interfaces. Hosts in the internal networks can connect to all the services " "on this machine." msgstr "" "Tiene que especificar qué subredes están conectadas a las interfaces de " "redes internas. Los servidores en las redes internas pueden conectar con " "todos los servicios de esta máquina." #. Type: string #. description #: ../templates:9001 msgid "" "Give subnets in CIDR notation (e.g. 192.168.1.0/24). If you have multiple " "internal networks, they should be space separated." msgstr "" "Introduzca las subredes en notación CIDR (por ejemplo: 192.168.1.0/24). Si " "tiene varias redes internas, debe introducirlas separadas por espacios." #. Type: string #. description #: ../templates:10001 msgid "Internal networks with access to external networks:" msgstr "Redes internas con acceso a redes externas:" #. Type: string #. description #: ../templates:10001 msgid "" "If you want to restrict the access to the external networks, you can specify " "the allowed internal subnets in CIDR notation (e.g. 192.168.1.0/24). It is " "also possible to specify single hosts by their IP addresses. If you have " "multiple internal networks and/or hosts, they should be given space " "separated." msgstr "" "Si desea restringir el acceso a las redes externas, puede especificar las " "subredes internas permitidas en notación CIDR (por ejemplo: " "«192.168.1.0/24»). También puede especificar sólo los servidores por sus " "direcciones IP. Si tiene varias redes internas y/o servidores, se deben " "introducir separadas por espacios." #. Type: string #. description #: ../templates:10001 msgid "" "If you leave this empty, the value is automatically set to equal the " "internal network. Therefore the WHOLE internal network will have access to " "the external networks, so be careful to only specify networks that should " "have access to the outside world." msgstr "" "Si deja este valor vacío, el valor se fijará automáticamente para igualar la " "red interna. Por lo tanto, las redes internas en CONJUNTO tendrán acceso a " "las redes externas, así que tenga cuidado y especifique sólo las redes que " "tendrán acceso al exterior." #. Type: string #. description #: ../templates:10001 msgid "If you are unsure, leave this empty." msgstr "Si no está seguro, deje esto en blanco." #. Type: boolean #. description #: ../templates:11001 msgid "Should the machine be pingable from the outside world?" msgstr "¿Desea que se le puedan hacer «pings» a la máquina desde el exterior?" #. Type: boolean #. description #: ../templates:11001 msgid "" "For increased security the firewall can be setup to ignore ICMP echo " "requests (pings). While this is generally a good idea (the host seems to be " "down at a first glance), this is sometimes not useful (e.g. failure " "diagnostics)." msgstr "" "Para incrementar la seguridad del cortafuegos se puede configurar para que " "ignore las solicitudes «echo» de ICMP («pings»). Aunque esto generalmente es " "una buena idea (el servidor parece esta abajo a primera vista), no siempre " "es útil (por ejemplo: en el diagnóstico de un fallo)." #. Type: boolean #. description #: ../templates:11001 msgid "If you are not sure, leave this disabled." msgstr "Si no está seguro, deje esto desactivado." #. Type: boolean #. description #: ../templates:12001 msgid "Do you want to manage the firewall setup with debconf?" msgstr "¿Desea gestionar la configuración del cortafuegos con debconf?" #. Type: boolean #. description #: ../templates:12001 msgid "" "A basic firewall setup that is suitable for most purposes can be created by " "answering a few questions. This should be the preferred option for all who " "are not familiar with firewall-related topics." msgstr "" "La configuración de un cortafuegos básico, que es conveniente para la " "mayoría de los propósitos, se puede crear contestando a unas pocas " "preguntas. Ésta debería ser la opción preferida para todos los que no estén " "familiarizados con asuntos relacionados a los cortafuegos." #. Type: boolean #. description #: ../templates:12001 msgid "" "If you do not want that, the firewall will not work before you have edited " "the configuration manually." msgstr "" "Si no desea esto, el cortafuegos no funcionará hasta que haya editado la " "configuración manualmente." debian/po/pt_BR.po0000644000000000000000000003363211537203521011160 0ustar # translation of arno-iptables-firewall # This file is distributed under the same license as the arno-iptables-firewall # package. # Felipe Augusto van de Wiel (faw) , 2006. # # msgid "" msgstr "" "Project-Id-Version: arno-iptables-firewall\n" "Report-Msgid-Bugs-To: michael.hanke@gmail.com\n" "POT-Creation-Date: 2006-10-05 13:39+0200\n" "PO-Revision-Date: 2006-10-01 01:07-0300\n" "Last-Translator: Felipe Augusto van de Wiel (faw) \n" "Language-Team: l10n portuguese \n" "Language: \n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=utf-8\n" "Content-Transfer-Encoding: 8bit\n" "pt_BR utf8\n" #. Type: title #. description #: ../templates:1001 msgid "arno-iptables-firewall configuration" msgstr "configuração arno-iptables-firewall" #. Type: string #. description #: ../templates:2001 msgid "External network interfaces:" msgstr "Interfaces de rede externas:" #. Type: string #. description #: ../templates:2001 msgid "" "The external network interfaces connect this machine to untrusted networks " "(e.g. the Internet). The firewall will only permit connections attempts with " "explicitly allowed source/destination-port combinations on these interfaces. " "You have to specify all external interfaces (e.g. eth0 and/or ppp0)." msgstr "" "As interfaces de rede externas conectam esta máquina a redes não confiáveis " "(p.ex. a Internet). O firewall permitirá apenas tentativas de conexão com " "combinações de origem/porta-destino explicitamente autorizadas nestas " "interfaces. Você tem que especificar todas as interfaces externas (p.ex. " "eth0 e/ou ppp0)." #. Type: string #. description #: ../templates:2001 msgid "" "For a ppp-interface that doesn't exist yet you can use the wildcard device " "called \"ppp+\", but you can only use ppp+ if there aren't any other ppp " "interfaces!" msgstr "" "Para uma interface ppp que ainda não existe você pode usar o dispositivo " "genérico chamado \"ppp+\", mas você só pode usar ppp+ se não há nenhuma " "outra interface ppp!" #. Type: string #. description #: ../templates:2001 msgid "" "If no interfaces are specified here, no firewall setup will be performed." msgstr "" "Se nenhuma interface for especificada aqui, nenhuma configuração de firewall " "será realizada." #. Type: string #. description #: ../templates:2001 msgid "Multiple interfaces should be specified space separated." msgstr "Múltiplas interfaces devem ser especificadas separadas por espaço." #. Type: boolean #. description #: ../templates:3001 msgid "Is DHCP used on external interfaces?" msgstr "O DHCP é usado em interfaces externas?" #. Type: boolean #. description #: ../templates:3001 msgid "" "This machine might use DHCP to dynamically obtain its IP address from your " "Internet service provider (ISP). This will be almost always the case if you " "have a non-permanent (e.g. dialup) connection." msgstr "" "Esta máquina pode usar DHCP para obter um IP dinamicamente do seu provedor " "de serviços de Internet (ISP). Este será na maioria das vezes o caso se você " "tem uma conexão não permanente (p.ex. linha discada)." #. Type: boolean #. description #: ../templates:3001 msgid "" "If DHCP is not explicitly enabled, the firewall will block all DHCP-related " "network traffic." msgstr "" "Se o DHCP não está explicitamente habilitado, o firewall bloqueará todo o " "tráfego de rede relacionado ao DHCP." #. Type: boolean #. description #: ../templates:3001 msgid "Leave this enabled, if you are unsure." msgstr "Deixe isto habilitado, se você está em dúvida." #. Type: string #. description #: ../templates:4001 msgid "Open external TCP-ports:" msgstr "Abrir portas TCP externas:" #. Type: string #. description #: ../templates:4001 msgid "" "The default firewall policy is to deny all incoming traffic on the external " "interfaces. If this machine provides services to the outside world (e.g. the " "Internet) they have to be explicitly enabled." msgstr "" "A política padrão do firewall é negar todo o tráfego que chega nas " "interfaces externas. Se esta máquina fornece serviços para o mundo externo " "(p.ex. a Internet) eles precisam ser explicitamente habilitados." #. Type: string #. description #: ../templates:4001 msgid "" "Please specify the TCP-ports numbers associated with the services that shall " "be accessible from the outside world. Some frequently used ports are: 80 " "(http), 443 (https) or 22 (ssh)." msgstr "" "Por favor especifique quais os números de portas TCP associados com o " "serviço que estará acessível para o mundo externo. Algumas portas " "freqüentemente usadas são: 80 (http), 443 (https) ou 22 (ssh)." #. Type: string #. description #. Type: string #. description #: ../templates:4001 ../templates:5001 msgid "" "In addition to single port numbers you may also specify port ranges (e.g. " "10000:11000). Multiple entries should be entered space separated." msgstr "" "Em adição ao números de porta individuais, você também pode especificar " "intervalos de portas (p.ex. 10000:11000). Múltiplas entradas devem ser " "informadas separadas por espaço." #. Type: string #. description #. Type: string #. description #: ../templates:4001 ../templates:5001 msgid "If unsure, leave this empty." msgstr "Se estiver em dúvida, deixe em branco." #. Type: string #. description #: ../templates:5001 msgid "Open external UDP-ports:" msgstr "Abrir portas UDP externas:" #. Type: string #. description #: ../templates:5001 msgid "" "The default firewall policy is to deny all incoming traffic on the external " "interfaces. If this machine provides services for the outside world (e.g. " "the Internet) they have to be explicitly enabled." msgstr "" "A política padrão do firewall é negar todo o tráfego que chega nas " "interfaces externas. Se esta máquina fornece serviços para o mundo externo " "(p.ex. a Internet) eles precisam ser explicitamente habilitados." #. Type: string #. description #: ../templates:5001 msgid "" "Please specify the UDP-ports numbers associated with the services that shall " "be accessible from the outside world." msgstr "" "Por favor especifique quais os números de portas UDP associados com o " "serviço que estará acessível para o mundo." #. Type: boolean #. description #: ../templates:6001 msgid "Should the firewall be (re)started now?" msgstr "O firewall deve ser (re)iniciado agora?" #. Type: boolean #. description #: ../templates:6001 msgid "" "For security reasons the new firewall setup is not applied automatically. " "You might want to perform a manual inspection of the firewall configuration " "in /etc/arno-iptables-firewall/firewall.conf, especially when upgrading to a " "new version, as configuration variables might have changed." msgstr "" "Por razões de segurança a nova configuração do firewall não é aplicada " "automaticamente. Você pode querer realizar uma inspeção manual da " "configuração do firewall em /etc/arno-iptables-firewall/firewall.conf, " "especialmente quando atualizando para uma nova versão, pois variáveis de " "configuração podem ter mudado." #. Type: boolean #. description #: ../templates:6001 msgid "" "In order to later manually apply the new firewall settings before the next " "reboot, invoke 'invoke-rc.d arno-iptables-firewall start'." msgstr "" "Para posteriormente aplicar manualmente as novas configurações do firewall " "antes da próxima reinicialização, execute 'invoke-rc.d arno-iptables-" "firewall start'." #. Type: boolean #. description #: ../templates:6001 msgid "" "If you do not need manual inspection, the firewall-setup can be applied now." msgstr "" "Se você não precisa de inspeção manual, a configuração do firewall pode ser " "aplicada agora." #. Type: boolean #. description #: ../templates:7001 msgid "Do you want to enable NAT?" msgstr "Você quer habilitar NAT?" #. Type: boolean #. description #: ../templates:7001 msgid "" "If the connected internal networks should be able to access the outside " "world (e.g. the Internet) through the firewall, masquerading (NAT) has to be " "enabled." msgstr "" "Se as redes internas conectadas podem estar aptas a acessar o mundo externo " "(p.ex. a Internet) através do firewall, mascaramento (\"masquerading\" - " "NAT) precisa ser habilitado." #. Type: boolean #. description #: ../templates:7001 msgid "When in doubt, you can safely leave this disabled." msgstr "Quando em dúvida, você pode seguramente deixar isto desabilitado." #. Type: string #. description #: ../templates:8001 msgid "Internal network interfaces:" msgstr "Interfaces de rede internas:" #. Type: string #. description #: ../templates:8001 msgid "" "The internal network interfaces connect this machine to trusted networks (e." "g. the office or home LAN). The firewall will permit all connection attempts " "on these interfaces. If you specify such interfaces, you will be able to " "permit the internal networks to access the Internet through this host. If " "there are no such interfaces, leave this empty." msgstr "" "As interfaces de rede internas conectam esta máquina a redes confiáveis (p." "ex. o escritório ou uma rede caseira). O firewall permitirá todas as " "tentativas de conexão nestas interfaces. Se você especificar tais " "interfaces, você poderá permitir que redes internas acessem a Internet " "através desta máquina. Se não há tais interfaces, deixe em branco." #. Type: string #. description #: ../templates:8001 msgid "Multiple interfaces should be entered space separated." msgstr "Múltiplas interfaces devem ser informadas separadas por espaço." #. Type: string #. description #: ../templates:9001 msgid "Internal subnets:" msgstr "Sub-redes internas:" #. Type: string #. description #: ../templates:9001 msgid "" "You have to specify which subnets are connected to the internal network " "interfaces. Hosts in the internal networks can connect to all the services " "on this machine." msgstr "" "Você tem que especificar quais sub-redes estão conectadas nas interfaces de " "rede internas. Máquinas nas redes internas podem conectar-se a todos os " "serviços nesta máquina." #. Type: string #. description #: ../templates:9001 msgid "" "Give subnets in CIDR notation (e.g. 192.168.1.0/24). If you have multiple " "internal networks, they should be space separated." msgstr "" "Informe sub-redes na notação CIDR (p.ex. 192.168.1.0/24). Se você tem " "múltiplas redes internas, elas devem ser separadas por espaço." #. Type: string #. description #: ../templates:10001 msgid "Internal networks with access to external networks:" msgstr "Redes internas com acesso a redes externas:" #. Type: string #. description #: ../templates:10001 msgid "" "If you want to restrict the access to the external networks, you can specify " "the allowed internal subnets in CIDR notation (e.g. 192.168.1.0/24). It is " "also possible to specify single hosts by their IP addresses. If you have " "multiple internal networks and/or hosts, they should be given space " "separated." msgstr "" "Se você quer restringir o acesso a redes externas, você pode especificar as " "sub-redes internas autorizadas na notação CIDR (por exemplo, " "192.168.1.0/24). Também é possível especificar máquinas através de seus " "endereços IP. Se você tem múltiplas redes internas e/ou máquinas, elas podem " "ser informadas separadas por espaço." #. Type: string #. description #: ../templates:10001 msgid "" "If you leave this empty, the value is automatically set to equal the " "internal network. Therefore the WHOLE internal network will have access to " "the external networks, so be careful to only specify networks that should " "have access to the outside world." msgstr "" "Se você deixar este campo em branco, o valor é automaticamente definido como " "sendo o mesmo da rede interna. Sendo assim a rede interna INTEIRA terá " "acesso a redes externas, portanto tenha o cuidado de especificar apenas as " "redes que podem acessar o mundo externo." #. Type: string #. description #: ../templates:10001 msgid "If you are unsure, leave this empty." msgstr "Se você está em dúvida, deixe em branco." #. Type: boolean #. description #: ../templates:11001 msgid "Should the machine be pingable from the outside world?" msgstr "A máquina deve aceitar pings do mundo externo?" #. Type: boolean #. description #: ../templates:11001 msgid "" "For increased security the firewall can be setup to ignore ICMP echo " "requests (pings). While this is generally a good idea (the host seems to be " "down at a first glance), this is sometimes not useful (e.g. failure " "diagnostics)." msgstr "" "Para aumentar a segurança o firewall pode ser configurado para ignorar " "requisições \"ICMP echo\" (pings). Enquanto isto é geralmente uma boa idéia " "(a máquina parece estar desligada num primeiro momento), algumas vezes isto " "pode não ser útil (por exemplo, diagnóstico de falhas)." #. Type: boolean #. description #: ../templates:11001 msgid "If you are not sure, leave this disabled." msgstr "Se você estiver em dúvida, deixe desabilitado." #. Type: boolean #. description #: ../templates:12001 msgid "Do you want to manage the firewall setup with debconf?" msgstr "Você gostaria de gerenciar a configuração do firewall com o debconf?" #. Type: boolean #. description #: ../templates:12001 msgid "" "A basic firewall setup that is suitable for most purposes can be created by " "answering a few questions. This should be the preferred option for all who " "are not familiar with firewall-related topics." msgstr "" "Uma configuração básica de firewall que é adequada para a maioria dos casos " "pode ser criada respondendo algumas questões. Esta deve ser a opção " "preferida para todos que não estão familiarizados com tópicos relacionados a " "firewall." #. Type: boolean #. description #: ../templates:12001 msgid "" "If you do not want that, the firewall will not work before you have edited " "the configuration manually." msgstr "" "Se você não quer isto, o firewall não funcionará até que você tenha editado " "a configuração manualmente." debian/po/da.po0000644000000000000000000003331011741023423010525 0ustar # Danish translation arno-iptables-firewall. # Copyright (C) 2012 arno-iptables-firewall & nedenstående oversættere. # This file is distributed under the same license as the arno-iptables-firewall package. # Joe Hansen (joedalton2@yahoo.dk), 2012. # msgid "" msgstr "" "Project-Id-Version: arno-iptables-firewall\n" "Report-Msgid-Bugs-To: michael.hanke@gmail.com\n" "POT-Creation-Date: 2006-10-05 13:39+0200\n" "PO-Revision-Date: 2012-02-11 12:42+0000\n" "Last-Translator: Joe Hansen \n" "Language-Team: Danish \n" "Language: da\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" #. Type: title #. description #: ../templates:1001 msgid "arno-iptables-firewall configuration" msgstr "konfiguration af arno-iptables-firewall" #. Type: string #. description #: ../templates:2001 msgid "External network interfaces:" msgstr "Eksterne netværksgrænseflader:" #. Type: string #. description #: ../templates:2001 msgid "" "The external network interfaces connect this machine to untrusted networks " "(e.g. the Internet). The firewall will only permit connections attempts with " "explicitly allowed source/destination-port combinations on these interfaces. " "You have to specify all external interfaces (e.g. eth0 and/or ppp0)." msgstr "" "De eksterne netværksgrænseflader forbinder denne maskine med utroværdige " "netværk (f.eks. internettet). Brandmuren vil kun tillade forbindelsesforsøg " "med eksplicit tilladte portkombinationer for kilde/destination på disse " "grænseflader. Du skal angive alle eksterne grænseflader (f.eks. eth0 og/" "eller ppp0)." #. Type: string #. description #: ../templates:2001 msgid "" "For a ppp-interface that doesn't exist yet you can use the wildcard device " "called \"ppp+\", but you can only use ppp+ if there aren't any other ppp " "interfaces!" msgstr "" "For en ppp-grænseflade som endnu ikke findes, kan du bruge jokertegnsenheden " "kaldt »ppp+«, men du kan kun bruge ppp+ hvis der ikke er andre ppp-" "grænseflader!" #. Type: string #. description #: ../templates:2001 msgid "" "If no interfaces are specified here, no firewall setup will be performed." msgstr "" "Hvis ingen grænseflader er angivet her, så vil der ikke blive udført en " "brandmursopsætning." #. Type: string #. description #: ../templates:2001 msgid "Multiple interfaces should be specified space separated." msgstr "Flere grænseflader skal angives adskilt med mellemrum." #. Type: boolean #. description #: ../templates:3001 msgid "Is DHCP used on external interfaces?" msgstr "Bruges DHCP på eksterne grænseflader?" #. Type: boolean #. description #: ../templates:3001 msgid "" "This machine might use DHCP to dynamically obtain its IP address from your " "Internet service provider (ISP). This will be almost always the case if you " "have a non-permanent (e.g. dialup) connection." msgstr "" "Denne maskine bruger måske DHCP til dynamisk at indhente sin IP-adresse fra " "din internettjenesteleverandør (ISP). Dette vil næsten altid være tilfældet " "hvis du har en forbindelse (f.eks. en opkaldsforbindelse), der ikke er " "permanent." #. Type: boolean #. description #: ../templates:3001 msgid "" "If DHCP is not explicitly enabled, the firewall will block all DHCP-related " "network traffic." msgstr "" "Hvis DHCP ikke eksplicit er aktiveret, så vil brandmuren blokere al DHCP-" "relateret netværkstrafik." #. Type: boolean #. description #: ../templates:3001 msgid "Leave this enabled, if you are unsure." msgstr "Efterlad denne aktiveret hvis du er i tvivl." #. Type: string #. description #: ../templates:4001 msgid "Open external TCP-ports:" msgstr "Åbn eksterne TCP-porte:" #. Type: string #. description #: ../templates:4001 msgid "" "The default firewall policy is to deny all incoming traffic on the external " "interfaces. If this machine provides services to the outside world (e.g. the " "Internet) they have to be explicitly enabled." msgstr "" "Standardpolitiken for brandmuren er at afvise al indgående trafik på de " "eksterne grænseflader. Hvis denne maskine tilbyder tjenester til den " "omkringliggende verden (f.eks. internettet) så skal de være eksplicit " "aktiveret." #. Type: string #. description #: ../templates:4001 msgid "" "Please specify the TCP-ports numbers associated with the services that shall " "be accessible from the outside world. Some frequently used ports are: 80 " "(http), 443 (https) or 22 (ssh)." msgstr "" "Angiv venligst TCP-portnumrene forbundet med tjenesterne som skal kunne " "tilgås fra den omkringliggende verden. Nogle ofte brugte porte er: 80 " "(http), 443 (https) eller 22 (ssh)." #. Type: string #. description #. Type: string #. description #: ../templates:4001 ../templates:5001 msgid "" "In addition to single port numbers you may also specify port ranges (e.g. " "10000:11000). Multiple entries should be entered space separated." msgstr "" "Udover enkelte portnumre kan du også angive portintervaller (f.eks. " "10000:11000). Flere punkter skal indtastes adskilt af mellemrum." #. Type: string #. description #. Type: string #. description #: ../templates:4001 ../templates:5001 msgid "If unsure, leave this empty." msgstr "Hvis usikker, så efterlad tom." #. Type: string #. description #: ../templates:5001 msgid "Open external UDP-ports:" msgstr "Åbn eksterne UDP-porte:" #. Type: string #. description #: ../templates:5001 msgid "" "The default firewall policy is to deny all incoming traffic on the external " "interfaces. If this machine provides services for the outside world (e.g. " "the Internet) they have to be explicitly enabled." msgstr "" "Standardpolitikken for brandmuren er at nægte al indgående trafik på " "eksterne grænseflader. Hvis denne maskine betjener tjenester for den " "omkringliggende verden (f.eks. internettet) så skal de være eksplicit " "aktiveret." #. Type: string #. description #: ../templates:5001 msgid "" "Please specify the UDP-ports numbers associated with the services that shall " "be accessible from the outside world." msgstr "" "Angiv venligst UDP-portnumre associeret med tjenesterne som skal være " "tilgængelige fra den omkringliggende verden." #. Type: boolean #. description #: ../templates:6001 msgid "Should the firewall be (re)started now?" msgstr "Skal brandmuren genstartes nu?" #. Type: boolean #. description #: ../templates:6001 msgid "" "For security reasons the new firewall setup is not applied automatically. " "You might want to perform a manual inspection of the firewall configuration " "in /etc/arno-iptables-firewall/firewall.conf, especially when upgrading to a " "new version, as configuration variables might have changed." msgstr "" "Af sikkerhedsmæssige årsager bliver den nye brandmursopsætning ikke anvendt " "automatisk. Du skal nok udføre en manuel inspektion af " "brandmurskonfigurationen i /etc/arno-iptables-firewall/firewall.conf, " "specielt når du opgraderer til en ny version, da konfigurationsvariabler " "måske har ændret sig." #. Type: boolean #. description #: ../templates:6001 msgid "" "In order to later manually apply the new firewall settings before the next " "reboot, invoke 'invoke-rc.d arno-iptables-firewall start'." msgstr "" "For senere manuelt at anvende de nye indstillinger for brandmuren før den " "næste genstart så kør »invoke-rc.d arno-iptables-firewall start«." #. Type: boolean #. description #: ../templates:6001 msgid "" "If you do not need manual inspection, the firewall-setup can be applied now." msgstr "" "Hvis du ikke har behov for manuel inspektion, så kan brandmursopsætningen " "tilføjes nu." #. Type: boolean #. description #: ../templates:7001 msgid "Do you want to enable NAT?" msgstr "Ønsker du at aktivere NAT?" #. Type: boolean #. description #: ../templates:7001 msgid "" "If the connected internal networks should be able to access the outside " "world (e.g. the Internet) through the firewall, masquerading (NAT) has to be " "enabled." msgstr "" "Hvis de forbundne interne netværk skal kunne tilgå den omkringliggende " "verden (f.eks. internettet) via brandmuren, så skal masquerading (NAT) være " "aktiveret." #. Type: boolean #. description #: ../templates:7001 msgid "When in doubt, you can safely leave this disabled." msgstr "Hvis i tvivl, så kan du uden problemer efterlade denne deaktiveret." #. Type: string #. description #: ../templates:8001 msgid "Internal network interfaces:" msgstr "Interne netværksgrænseflader:" #. Type: string #. description #: ../templates:8001 msgid "" "The internal network interfaces connect this machine to trusted networks (e." "g. the office or home LAN). The firewall will permit all connection attempts " "on these interfaces. If you specify such interfaces, you will be able to " "permit the internal networks to access the Internet through this host. If " "there are no such interfaces, leave this empty." msgstr "" "De interne netværksgrænseflader forbinder denne maskine med troværdige " "netværk (f.eks. kontoret eller hjemme-LAN). Brandmuren vil tillade alle " "forbindelsesforsøg på disse grænseflader. Hvis du angiver sådanne " "grænseflader, så vil du kunne tillade at de interne netværk tilgår " "internettet via denne vært. Hvis der ikke er sådanne grænseflader, så " "efterlad denne tom." #. Type: string #. description #: ../templates:8001 msgid "Multiple interfaces should be entered space separated." msgstr "Flere grænseflader skal indtastes mellemrumsadskilt." #. Type: string #. description #: ../templates:9001 msgid "Internal subnets:" msgstr "Interne undernet:" #. Type: string #. description #: ../templates:9001 msgid "" "You have to specify which subnets are connected to the internal network " "interfaces. Hosts in the internal networks can connect to all the services " "on this machine." msgstr "" "Du skal angive hvilke undernet der er forbundet til de interne " "netværksgrænseflader. Værter i det interne netværk kan forbinde til alle " "tjenesterne på denne maskine." #. Type: string #. description #: ../templates:9001 msgid "" "Give subnets in CIDR notation (e.g. 192.168.1.0/24). If you have multiple " "internal networks, they should be space separated." msgstr "" "Angiv undernet i CIDR-notation (f.eks. 192.168.1.0/24). Hvis du har flere " "interne netværk, så skal de være adskilt af mellemrum." #. Type: string #. description #: ../templates:10001 msgid "Internal networks with access to external networks:" msgstr "Interne netværk med adgang til eksterne netværk:" #. Type: string #. description #: ../templates:10001 msgid "" "If you want to restrict the access to the external networks, you can specify " "the allowed internal subnets in CIDR notation (e.g. 192.168.1.0/24). It is " "also possible to specify single hosts by their IP addresses. If you have " "multiple internal networks and/or hosts, they should be given space " "separated." msgstr "" "Hvis du ønsker at begrænse adgangen til de eksterne netværk, så kan du " "angive de tilladte undernet i CIDR-notation (f.eks. 192.168.1.0/24). Det er " "også muligt at angive enkelte værter ved deres IP-adresser. Hvis du har " "flere interne netværk og/eller værter, så skal de angives adskilt af " "mellemrum." #. Type: string #. description #: ../templates:10001 msgid "" "If you leave this empty, the value is automatically set to equal the " "internal network. Therefore the WHOLE internal network will have access to " "the external networks, so be careful to only specify networks that should " "have access to the outside world." msgstr "" "Hvis du efterlader denne tom, så sættes værdien automatisk til værdien for " "det interne netværk. Derfor vil HELE det interne netværk have adgang til det " "eksterne netværk, så vær forsigtig med kun at angive netværk som skal have " "adgang til den omkringliggende verden." #. Type: string #. description #: ../templates:10001 msgid "If you are unsure, leave this empty." msgstr "Hvis du er usikker, så efterlad denne tom." #. Type: boolean #. description #: ../templates:11001 msgid "Should the machine be pingable from the outside world?" msgstr "Skal maskinen kunne pinges fra den omkringliggende verden?" #. Type: boolean #. description #: ../templates:11001 msgid "" "For increased security the firewall can be setup to ignore ICMP echo " "requests (pings). While this is generally a good idea (the host seems to be " "down at a first glance), this is sometimes not useful (e.g. failure " "diagnostics)." msgstr "" "For øget sikkerhed kan brandmuren opsættes til at ignorere ICMP echo-" "forespørgsler (ping). Selvom dette normalt er en god ide (så ser værten ud " "til at være ned ved første øjekast), så er dette undertiden ikke optimalt f." "eks. ved fejldiagnostikker)." #. Type: boolean #. description #: ../templates:11001 msgid "If you are not sure, leave this disabled." msgstr "Hvis du er usikker, så efterlad denne deaktiveret." #. Type: boolean #. description #: ../templates:12001 msgid "Do you want to manage the firewall setup with debconf?" msgstr "Ønsker du at håndtere brandmursopsætningen med debconf?" #. Type: boolean #. description #: ../templates:12001 msgid "" "A basic firewall setup that is suitable for most purposes can be created by " "answering a few questions. This should be the preferred option for all who " "are not familiar with firewall-related topics." msgstr "" "En grundlæggende brandmursopsætning som er egnet til de fleste formål kan " "oprettes ved at svare på nogle få spørgsmål. Dette bør være den foretrukne " "indstilling for alle som ikke er bekendte med brandmursrelaterede emner." #. Type: boolean #. description #: ../templates:12001 msgid "" "If you do not want that, the firewall will not work before you have edited " "the configuration manually." msgstr "" "Hvis du ikke ønsker dette, så vil brandmuren ikke virke, før du har " "redigeret konfigurationen manuelt." debian/po/sv.po0000644000000000000000000003324011537203521010575 0ustar # Translators, if you are not familiar with the PO format, gettext documentation is worth reading, especially sections dedicated to this format, e.g. by running: info -n '(gettext)PO Files' info -n '(gettext)Header Entry' Some information specific to po-debconf are available at /usr/share/doc/po-debconf/README-trans or http://www.debian.org/intl/l10n/po-debconf/README-trans Developers do not need to manually edit POT or PO files. msgid "" msgstr "" "Project-Id-Version: arno-iptables-firewall\n" "Report-Msgid-Bugs-To: michael.hanke@gmail.com\n" "POT-Creation-Date: 2006-10-05 13:39+0200\n" "PO-Revision-Date: 2006-04-05 20:44+0100\n" "Last-Translator: Daniel Nylander \n" "Language-Team: Swedish \n" "Language: sv\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=iso-8859-1\n" "Content-Transfer-Encoding: 8bit\n" #. Type: title #. description #: ../templates:1001 msgid "arno-iptables-firewall configuration" msgstr "Konfiguration av arno-iptables-firewall" #. Type: string #. description #: ../templates:2001 msgid "External network interfaces:" msgstr "Externa ntverksgrnssnitt:" #. Type: string #. description #: ../templates:2001 msgid "" "The external network interfaces connect this machine to untrusted networks " "(e.g. the Internet). The firewall will only permit connections attempts with " "explicitly allowed source/destination-port combinations on these interfaces. " "You have to specify all external interfaces (e.g. eth0 and/or ppp0)." msgstr "" "De externa ntverksgrnssnitten ansluter denna maskin till icke-plitliga " "ntverk (exempelvis Internet). Brandvggen kommer endast att tillta " "anslutningsfrsk med uttryckligen tilltna kombinationer av kll-/" "destinationsport p dessa grnssnitt. Du mste ange alla externa grnssnitt " "(exempelvis eth0 och/eller ppp0)." #. Type: string #. description #: ../templates:2001 msgid "" "For a ppp-interface that doesn't exist yet you can use the wildcard device " "called \"ppp+\", but you can only use ppp+ if there aren't any other ppp " "interfaces!" msgstr "" "Fr ett ppp-grnssnitt som nnu inte existerar kan du anvnda jokerenheten " "kallad \"ppp+\", men du kan endast anvnda ppp+ om det inte redan finns " "ngra andra ppp-grnssnitt!" #. Type: string #. description #: ../templates:2001 msgid "" "If no interfaces are specified here, no firewall setup will be performed." msgstr "" "Om inga grnssnitt anges hr kommer ingen brandvggskonfiguration att " "genomfras." #. Type: string #. description #: ../templates:2001 msgid "Multiple interfaces should be specified space separated." msgstr "Flera grnssnitt mste separeras med blanksteg." #. Type: boolean #. description #: ../templates:3001 msgid "Is DHCP used on external interfaces?" msgstr "Anvnds DHCP p externa grnssnitt?" #. Type: boolean #. description #: ../templates:3001 msgid "" "This machine might use DHCP to dynamically obtain its IP address from your " "Internet service provider (ISP). This will be almost always the case if you " "have a non-permanent (e.g. dialup) connection." msgstr "" "Denna maskin kanske anvnder DHCP fr att dynamiskt hmta sin IP-adress frn " "din Internetleverantr (ISP). Detta r nstan alltid fallet om du har en " "icke-permanent anslutning (exempelvis uppringt modem)." #. Type: boolean #. description #: ../templates:3001 msgid "" "If DHCP is not explicitly enabled, the firewall will block all DHCP-related " "network traffic." msgstr "" "Om DHCP inte uttryckligen r aktiverad, kommer brandvggen att blockera all " "DHCP-relaterad ntverkstrafik." #. Type: boolean #. description #: ../templates:3001 msgid "Leave this enabled, if you are unsure." msgstr "Lmna denna aktiverad, om du r osker." #. Type: string #. description #: ../templates:4001 msgid "Open external TCP-ports:" msgstr "ppna externa TCP-portar:" #. Type: string #. description #: ../templates:4001 msgid "" "The default firewall policy is to deny all incoming traffic on the external " "interfaces. If this machine provides services to the outside world (e.g. the " "Internet) they have to be explicitly enabled." msgstr "" "Standardbrandvggspolicyn r att vgra all inkommande trafik p de externa " "grnssnitten. Om denna maskin tillhandahller tjnster till vrlden utanfr " "(exempelvis Internet) mste de uttryckligen vara aktiverade." #. Type: string #. description #: ../templates:4001 msgid "" "Please specify the TCP-ports numbers associated with the services that shall " "be accessible from the outside world. Some frequently used ports are: 80 " "(http), 443 (https) or 22 (ssh)." msgstr "" "Ange de TCP-portnummer som associerade med tjnsterna som ska kommas t frn " "vrlden utanfr. Ngra frekvent anvnda portar r: 80 (http), 443 (https) " "eller 22 (ssh)." #. Type: string #. description #. Type: string #. description #: ../templates:4001 ../templates:5001 msgid "" "In addition to single port numbers you may also specify port ranges (e.g. " "10000:11000). Multiple entries should be entered space separated." msgstr "" "I tillgg till enstaka portnummer kan du ven ange portintervall (exempelvis " "10000:11000). Flera poster mste separeras med blanksteg." #. Type: string #. description #. Type: string #. description #: ../templates:4001 ../templates:5001 msgid "If unsure, leave this empty." msgstr "Om du r osker, lmna denna blank." #. Type: string #. description #: ../templates:5001 msgid "Open external UDP-ports:" msgstr "ppna externa UDP-portar:" #. Type: string #. description #: ../templates:5001 msgid "" "The default firewall policy is to deny all incoming traffic on the external " "interfaces. If this machine provides services for the outside world (e.g. " "the Internet) they have to be explicitly enabled." msgstr "" "Standardbrandvggspolicyn r att vgra all inkommande trafik p de externa " "grnssnitten. Om denna maskin tillhandahller tjnster fr vrlden utanfr " "(exempelvis Internet) mste de uttryckligen vara aktiverade." #. Type: string #. description #: ../templates:5001 msgid "" "Please specify the UDP-ports numbers associated with the services that shall " "be accessible from the outside world." msgstr "" "Ange de UDP-portnummer som associerade med tjnsterna som ska kommas t frn " "vrlden utanfr." #. Type: boolean #. description #: ../templates:6001 msgid "Should the firewall be (re)started now?" msgstr "Ska brandvggen startas om nu?" #. Type: boolean #. description #: ../templates:6001 msgid "" "For security reasons the new firewall setup is not applied automatically. " "You might want to perform a manual inspection of the firewall configuration " "in /etc/arno-iptables-firewall/firewall.conf, especially when upgrading to a " "new version, as configuration variables might have changed." msgstr "" "Av skerhetsskl kommer den nya brandvggskonfigurationen inte att " "automatiskt verkstllas. Du kanske vill genomfra en manuell inspektion av " "brandvggskonfigurationen i /etc/arno-iptables-firewall/firewall.conf, " "speciellt vid uppgradering till en ny version eftersom " "konfigurationsvariabler kan ha ndrats." #. Type: boolean #. description #: ../templates:6001 msgid "" "In order to later manually apply the new firewall settings before the next " "reboot, invoke 'invoke-rc.d arno-iptables-firewall start'." msgstr "" "Fr att senare manuellt verkstlla de nya brandvggsinstllningarna fre " "nsta omstart, kr \"invoke-rc.d arno-iptables-firewall start\"." #. Type: boolean #. description #: ../templates:6001 msgid "" "If you do not need manual inspection, the firewall-setup can be applied now." msgstr "" "Om du inte behver gra en manuell inspektion kan brandvggskonfigurationen " "verkstllas nu." #. Type: boolean #. description #: ../templates:7001 msgid "Do you want to enable NAT?" msgstr "Vill du aktivera NAT?" #. Type: boolean #. description #: ../templates:7001 msgid "" "If the connected internal networks should be able to access the outside " "world (e.g. the Internet) through the firewall, masquerading (NAT) has to be " "enabled." msgstr "" "Om de anslutna interna ntverken ska kunna komma t vrlden utanfr " "(exempelvis Internet) genom brandvggen, mste maskering (NAT) vara " "aktiverad." #. Type: boolean #. description #: ../templates:7001 msgid "When in doubt, you can safely leave this disabled." msgstr "Nr du r osker, kan du med skerhet lmna denna inaktiverad." #. Type: string #. description #: ../templates:8001 msgid "Internal network interfaces:" msgstr "Interna ntverksgrnssnitt:" #. Type: string #. description #: ../templates:8001 msgid "" "The internal network interfaces connect this machine to trusted networks (e." "g. the office or home LAN). The firewall will permit all connection attempts " "on these interfaces. If you specify such interfaces, you will be able to " "permit the internal networks to access the Internet through this host. If " "there are no such interfaces, leave this empty." msgstr "" "De interna ntverksgrnssnitten ansluter denna maskin till plitliga ntverk " "(exempelvis kontoret eller hemntverket). Brandvggen kommer att tillta " "alla anslutningsfrsk p dessa grnssnitt. Om du anger sdan grnssnitt, " "kommer du kunna tillta interna ntverk att komma t Internet genom denna " "vrd. Om det inte finns ngra sdan grnssnitt, lmna denna blank." #. Type: string #. description #: ../templates:8001 msgid "Multiple interfaces should be entered space separated." msgstr "Flera grnssnitt mste separeras med blanksteg." #. Type: string #. description #: ../templates:9001 msgid "Internal subnets:" msgstr "Interna subnt:" #. Type: string #. description #: ../templates:9001 msgid "" "You have to specify which subnets are connected to the internal network " "interfaces. Hosts in the internal networks can connect to all the services " "on this machine." msgstr "" "Du mste ange vilka subnt som r anslutna till de interna " "ntverksgrnssnitten. Vrdar p de interna ntverken kan ansluta till alla " "tjnster p denna maskin." #. Type: string #. description #: ../templates:9001 msgid "" "Give subnets in CIDR notation (e.g. 192.168.1.0/24). If you have multiple " "internal networks, they should be space separated." msgstr "" "Ange subnt i CIDR-notation (exempelvis 192.168.1.0/24). Om du har flera " "interna ntverk, br de separeras med blanksteg." #. Type: string #. description #: ../templates:10001 msgid "Internal networks with access to external networks:" msgstr "Interna ntverk med tillgng till externa ntverk:" #. Type: string #. description #: ../templates:10001 msgid "" "If you want to restrict the access to the external networks, you can specify " "the allowed internal subnets in CIDR notation (e.g. 192.168.1.0/24). It is " "also possible to specify single hosts by their IP addresses. If you have " "multiple internal networks and/or hosts, they should be given space " "separated." msgstr "" "Om du vill begrnsa tillgngen till de externa ntverken, kan du ange de " "tilltna interna subnten i CIDR-notation (exempelvis 192.168.1.0/24). Det " "r ocks mjligt att ange enstaka vrdar efter deras IP-adresser. Om du har " "flera interna ntverk och/eller vrdar, mste de separeras med blanksteg." #. Type: string #. description #: ../templates:10001 msgid "" "If you leave this empty, the value is automatically set to equal the " "internal network. Therefore the WHOLE internal network will have access to " "the external networks, so be careful to only specify networks that should " "have access to the outside world." msgstr "" "Om du lmnar denna blank, kommer vrdet att automatiskt stllas in till " "samma som det interna ntverket. Drfr kommer HELA det interna ntverket " "att ha tkomst till de externa ntverken, s var frsiktig och ange endast " "ntverk som ska komma t vrlden utanfr." #. Type: string #. description #: ../templates:10001 msgid "If you are unsure, leave this empty." msgstr "Om du r osker, lmna denna blank." #. Type: boolean #. description #: ../templates:11001 msgid "Should the machine be pingable from the outside world?" msgstr "Ska maskinen vara nbar via ping frn vrlden utanfr?" #. Type: boolean #. description #: ../templates:11001 msgid "" "For increased security the firewall can be setup to ignore ICMP echo " "requests (pings). While this is generally a good idea (the host seems to be " "down at a first glance), this is sometimes not useful (e.g. failure " "diagnostics)." msgstr "" "Fr kad skerhet kan brandvggen konfigureras att ignorera ekobegran via " "ICMP (ping). D detta normalt sett r en bra id (vrden verkar vara nere " "nr man frst ser den), kan detta inte alltid vara anvndbart (exempelvis " "vid feldiagnoser)." #. Type: boolean #. description #: ../templates:11001 msgid "If you are not sure, leave this disabled." msgstr "Om du inte r sker, lmna denna inaktiverad." #. Type: boolean #. description #: ../templates:12001 msgid "Do you want to manage the firewall setup with debconf?" msgstr "Vill du hantera brandvggskonfigurationen med debconf?" #. Type: boolean #. description #: ../templates:12001 msgid "" "A basic firewall setup that is suitable for most purposes can be created by " "answering a few questions. This should be the preferred option for all who " "are not familiar with firewall-related topics." msgstr "" "En grundlggande brandvggskonfiguration som r lmplig fr de vanligaste " "ndamlen kan skapas genom att svara p ett antal frgor. Detta br vara det " "alternativ som fredras av alla som inte knner till brandvggar." #. Type: boolean #. description #: ../templates:12001 msgid "" "If you do not want that, the firewall will not work before you have edited " "the configuration manually." msgstr "" "Om du inte vill det kommer brandvggen inte att fungera frrn du har " "redigerat konfigurationen manuellt." debian/po/vi.po0000644000000000000000000003502111537203521010562 0ustar # Vietnamese translation for arno-iptables-firewall. Copyright © 2006 Free Software Foundation, Inc. Clytie Siddall , 2006. msgid "" msgstr "" "Project-Id-Version: arno-iptables-firewall\n" "Report-Msgid-Bugs-To: michael.hanke@gmail.com\n" "POT-Creation-Date: 2006-10-05 13:39+0200\n" "PO-Revision-Date: 2006-04-06 21:35+0930\n" "Last-Translator: Clytie Siddall \n" "Language-Team: Vietnamese \n" "Language: vi\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=utf-8\n" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=1; plural=0\n" "X-Generator: LocFactoryEditor 1.6b36\n" #. Type: title #. description #: ../templates:1001 msgid "arno-iptables-firewall configuration" msgstr "Cấu hình arno-iptables-firewall" #. Type: string #. description #: ../templates:2001 msgid "External network interfaces:" msgstr "Giao diện mạng bên ngoài:" #. Type: string #. description #: ../templates:2001 msgid "" "The external network interfaces connect this machine to untrusted networks " "(e.g. the Internet). The firewall will only permit connections attempts with " "explicitly allowed source/destination-port combinations on these interfaces. " "You have to specify all external interfaces (e.g. eth0 and/or ppp0)." msgstr "" "Những giao diện mạng bên ngoài kết nối máy này với mạng không đáng tin (v.d. " "Mạng). Bức tường lửa sẽ cho phép chỉ những việc cố kết nối mà kết hợp cổng " "nguồn/đích đã đặt chính xác trên những giao diện này. Bạn sẽ phải xác định " "mọi giao diện bên ngoài (v.d. eth0 và/hay ppp0)." #. Type: string #. description #: ../templates:2001 msgid "" "For a ppp-interface that doesn't exist yet you can use the wildcard device " "called \"ppp+\", but you can only use ppp+ if there aren't any other ppp " "interfaces!" msgstr "" "Đối với giao diện PPP chưa tồn tại, bạn có thể sử dụng thiết bị đại diện tên " "« ppp+ », nhưng mà chỉ nếu không có giao diện PPP khác nào thôi." #. Type: string #. description #: ../templates:2001 msgid "" "If no interfaces are specified here, no firewall setup will be performed." msgstr "" "Nếu không có giao diện nào được xác định vào đây, bức tường lửa sẽ không " "được thiết lập." #. Type: string #. description #: ../templates:2001 msgid "Multiple interfaces should be specified space separated." msgstr "Nên xác định nhiều giao diện định giới bằng dấu cách." #. Type: boolean #. description #: ../templates:3001 msgid "Is DHCP used on external interfaces?" msgstr "Có sử dụng DHCP trên giao diện bên ngoài không?" #. Type: boolean #. description #: ../templates:3001 msgid "" "This machine might use DHCP to dynamically obtain its IP address from your " "Internet service provider (ISP). This will be almost always the case if you " "have a non-permanent (e.g. dialup) connection." msgstr "" "Máy này có lẽ sử dụng DHCP để lấy động địa chỉ IP của chính nó từ nhà cung " "cấp dịch vụ Mạng (ISP) của bạn. Gần luôn làm như thế, nếu bạn có kết nối " "không chạy luôn, v.d. quay số." #. Type: boolean #. description #: ../templates:3001 msgid "" "If DHCP is not explicitly enabled, the firewall will block all DHCP-related " "network traffic." msgstr "" "Nếu DHCP không phải được bật dứt khoát, bức tường lửa sẽ chặn toàn bộ viễn " "thông trên mạng liên quan đến DHCP." #. Type: boolean #. description #: ../templates:3001 msgid "Leave this enabled, if you are unsure." msgstr "Hãy để lại đã bật, nếu chưa chắc." #. Type: string #. description #: ../templates:4001 msgid "Open external TCP-ports:" msgstr "Mở cổng TCP bên ngoài:" #. Type: string #. description #: ../templates:4001 msgid "" "The default firewall policy is to deny all incoming traffic on the external " "interfaces. If this machine provides services to the outside world (e.g. the " "Internet) they have to be explicitly enabled." msgstr "" "Chính sách bức tường lửa mặc định là từ chối toàn bộ viễn thông trên giao " "diện bên ngoài. Nếu máy này cung cấp dịch vụ cho người khác bên ngoài (v.d. " "qua Mạng), mỗi dịch vụ phải được bật dứt khoát." #. Type: string #. description #: ../templates:4001 msgid "" "Please specify the TCP-ports numbers associated with the services that shall " "be accessible from the outside world. Some frequently used ports are: 80 " "(http), 443 (https) or 22 (ssh)." msgstr "" "Vui lòng xác định những số hiệu cổng TCP tương ứng với dịch vụ sẽ cho phép " "truy cập bên ngoài. Một số cổng thường dụng là 80 (http), 443 (https) or 22 " "(ssh)." #. Type: string #. description #. Type: string #. description #: ../templates:4001 ../templates:5001 msgid "" "In addition to single port numbers you may also specify port ranges (e.g. " "10000:11000). Multiple entries should be entered space separated." msgstr "" "Thêm vào mỗi số hiệu cổng riêng, bạn có thể xác định phạm vị cổng (v.d. " "10000:11000). Hãy định giới nhiều mục nhập bằng dấu cách." #. Type: string #. description #. Type: string #. description #: ../templates:4001 ../templates:5001 msgid "If unsure, leave this empty." msgstr "Nếu chưa chắc, hãy bỏ trống." #. Type: string #. description #: ../templates:5001 msgid "Open external UDP-ports:" msgstr "Mở cổng UDP bên ngoài :" #. Type: string #. description #: ../templates:5001 msgid "" "The default firewall policy is to deny all incoming traffic on the external " "interfaces. If this machine provides services for the outside world (e.g. " "the Internet) they have to be explicitly enabled." msgstr "" "Chính sách bức tường lửa mặc định là từ chối toàn bộ viễn thông gởi đến trên " "giao diện bên ngoài. Nếu máy này cung cấp dịch vụ cho người khác bên ngoài " "(v.d. qua Mạng), mỗi dịch vụ phải được bật dứt khoát." #. Type: string #. description #: ../templates:5001 msgid "" "Please specify the UDP-ports numbers associated with the services that shall " "be accessible from the outside world." msgstr "" "Vui lòng xác định những số hiệu cổng UDP tương ứng với dịch vụ sẽ cho phép " "truy cập bên ngoài." #. Type: boolean #. description #: ../templates:6001 msgid "Should the firewall be (re)started now?" msgstr "Có nên khởi chạy lại bức tường lửa ngay bây giờ không?" #. Type: boolean #. description #: ../templates:6001 msgid "" "For security reasons the new firewall setup is not applied automatically. " "You might want to perform a manual inspection of the firewall configuration " "in /etc/arno-iptables-firewall/firewall.conf, especially when upgrading to a " "new version, as configuration variables might have changed." msgstr "" "Vì lý do bảo mật, thiết lập bức tường lửa mới không được áp dụng tự động. Có " "lẽ bạn muốn xem lại cấu hình bức tường lửa trong , nhất là khi nâng cấp lên phiên bản mới, vì biến cấu " "hình có thể thay đổi." #. Type: boolean #. description #: ../templates:6001 msgid "" "In order to later manually apply the new firewall settings before the next " "reboot, invoke 'invoke-rc.d arno-iptables-firewall start'." msgstr "" "Lúc sau, để tự áp dụng thiết lập bức tường lửa mới trước khi khởi động lại, " "hãy sử dụng lệnh « invoke-rc.d arno-iptables-firewall start »." #. Type: boolean #. description #: ../templates:6001 msgid "" "If you do not need manual inspection, the firewall-setup can be applied now." msgstr "" "Nếu bạn không muốn tự xem lại, thiết lập bức tường lửa có thể được áp dụng " "ngay bây giờ." #. Type: boolean #. description #: ../templates:7001 msgid "Do you want to enable NAT?" msgstr "Bạn có muốn bật chạy NAT không?" #. Type: boolean #. description #: ../templates:7001 msgid "" "If the connected internal networks should be able to access the outside " "world (e.g. the Internet) through the firewall, masquerading (NAT) has to be " "enabled." msgstr "" "Nếu những mạng nội bộ đã kết nối nên có khả năng truy cập thế giới bên ngoài " "(v.d. Mạng) qua bức tường lửa, phải hiệu lực khả năng NAT." #. Type: boolean #. description #: ../templates:7001 msgid "When in doubt, you can safely leave this disabled." msgstr "Khi chưa chắc, bạn có thể để lại đã tắt một cách an toàn." #. Type: string #. description #: ../templates:8001 msgid "Internal network interfaces:" msgstr "Giao diện mạng nội bộ :" #. Type: string #. description #: ../templates:8001 msgid "" "The internal network interfaces connect this machine to trusted networks (e." "g. the office or home LAN). The firewall will permit all connection attempts " "on these interfaces. If you specify such interfaces, you will be able to " "permit the internal networks to access the Internet through this host. If " "there are no such interfaces, leave this empty." msgstr "" "Những giao diện mạng nội bộ kết nối máy này đến mạng đáng tin (v.d. LAN văn " "phòng hay ở nhà). Bức tường lửa sẽ cho phép mọi việc cố kết nối trên những " "giao diện này. Nếu bạn xác định giao diện như vậy, bạn sẽ có khả năng cho " "phép những mạng nội bộ truy cập Mạng qua máy này. Nếu không có giao diện như " "vậy, hãy bỏ trống." #. Type: string #. description #: ../templates:8001 msgid "Multiple interfaces should be entered space separated." msgstr "Hãy định giới bằng dấu cách nhiều giao diện." #. Type: string #. description #: ../templates:9001 msgid "Internal subnets:" msgstr "Mạng phụ nội bộ :" #. Type: string #. description #: ../templates:9001 msgid "" "You have to specify which subnets are connected to the internal network " "interfaces. Hosts in the internal networks can connect to all the services " "on this machine." msgstr "" "Bạn phải xác định những mạng phụ nào được kết nối đến giao diện mạng nội bộ. " "Máy trên giao diện nội bộ có khả năng kết nối đến mọi dịch vụ trên máy này." #. Type: string #. description #: ../templates:9001 msgid "" "Give subnets in CIDR notation (e.g. 192.168.1.0/24). If you have multiple " "internal networks, they should be space separated." msgstr "" "Hãy nhập mạng phụ bằng cách ghi CIDR (v.d. 192.168.1.0/24). Hãy định giới " "nhiều mạng nội bộ bằng dấu cách." #. Type: string #. description #: ../templates:10001 msgid "Internal networks with access to external networks:" msgstr "Mạng nội bộ có truy cập được mạng bên ngoài :" #. Type: string #. description #: ../templates:10001 msgid "" "If you want to restrict the access to the external networks, you can specify " "the allowed internal subnets in CIDR notation (e.g. 192.168.1.0/24). It is " "also possible to specify single hosts by their IP addresses. If you have " "multiple internal networks and/or hosts, they should be given space " "separated." msgstr "" "Nếu bạn muốn hạn chế truy cập mạng bên ngoài, bạn có thể xác định những mạng " "phụ nội bộ được phép bằng cách ghi CIDR (v.d. 192.168.1.0/24). Cũng có thể " "xác định máy riêng bằng địa chỉ IP. Nếu bạn có nhiều mạng nội bộ và/hay máy, " "hãy định giới bằng dấu cách." #. Type: string #. description #: ../templates:10001 msgid "" "If you leave this empty, the value is automatically set to equal the " "internal network. Therefore the WHOLE internal network will have access to " "the external networks, so be careful to only specify networks that should " "have access to the outside world." msgstr "" "Nếu bạn bỏ trống, giá trị này được đặt tự động để bằng mạng nội bộ. Như thế " "thì TOÀN BỘ mạng nội bộ sẽ có truy cập được những mạng bên ngoài, vậy bạn " "hãy cẩn thận, chỉ xác định mạng nên có truy cập được thế giới bên ngoài." #. Type: string #. description #: ../templates:10001 msgid "If you are unsure, leave this empty." msgstr "Nếu chưa chắc, hãy bỏ trống." #. Type: boolean #. description #: ../templates:11001 msgid "Should the machine be pingable from the outside world?" msgstr "Máy nên nhận tín hiệu ping từ thế giới bên ngoài không?" #. Type: boolean #. description #: ../templates:11001 msgid "" "For increased security the firewall can be setup to ignore ICMP echo " "requests (pings). While this is generally a good idea (the host seems to be " "down at a first glance), this is sometimes not useful (e.g. failure " "diagnostics)." msgstr "" "Để bảo mật hơn, có thể thiết lập bức tường lửa để bỏ qua yêu cầu tiếng vọng " "ECMP (ping). Dù thiết lập thường là ý kiến tốt (đầu tiên máy có vẻ không " "trực tuyến), thỉng thoảng không có ích (v.d. khi chẩn đoán lỗi)." #. Type: boolean #. description #: ../templates:11001 msgid "If you are not sure, leave this disabled." msgstr "Nếu chưa chắc, hãy để lại đã tắt." #. Type: boolean #. description #: ../templates:12001 msgid "Do you want to manage the firewall setup with debconf?" msgstr "" "Bạn có muốn quản lý tiến trình thiết lập bức tường lửa bằng debconf không?" #. Type: boolean #. description #: ../templates:12001 msgid "" "A basic firewall setup that is suitable for most purposes can be created by " "answering a few questions. This should be the preferred option for all who " "are not familiar with firewall-related topics." msgstr "" "Thiết lập bức tường lửa cơ bản mà thích hợp với phần lớn mục đích có thể " "được tạo bằng cách trả lời vài câu hỏi. Người nào không quen với chủ đề liên " "quan đến bức tường lửa nên sử dụng tùy chọn này." #. Type: boolean #. description #: ../templates:12001 msgid "" "If you do not want that, the firewall will not work before you have edited " "the configuration manually." msgstr "" "Nếu bạn không chọn làm như thế, bạn phải tự hiệu chỉnh cấu hình để làm cho " "bức tường lửa hoạt động." debian/po/POTFILES.in0000644000000000000000000000004411436206053011357 0ustar [type: gettext/rfc822deb] templates debian/po/fr.po0000644000000000000000000003451611537203521010563 0ustar # translation of fr.po to French # # Translators, if you are not familiar with the PO format, gettext # documentation is worth reading, especially sections dedicated to # this format, e.g. by running: # info -n '(gettext)PO Files' # info -n '(gettext)Header Entry' # Some information specific to po-debconf are available at # /usr/share/doc/po-debconf/README-trans # or http://www.debian.org/intl/l10n/po-debconf/README-trans# # Developers do not need to manually edit POT or PO files. # # Florentin Duneau , 2006. msgid "" msgstr "" "Project-Id-Version: arno-iptables-firewall\n" "Report-Msgid-Bugs-To: michael.hanke@gmail.com\n" "POT-Creation-Date: 2006-10-05 13:39+0200\n" "PO-Revision-Date: 2006-05-10 17:45+0200\n" "Last-Translator: Florentin Duneau \n" "Language-Team: French \n" "Language: fr\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=ISO-8859-15\n" "Content-Transfer-Encoding: 8bit\n" "X-Generator: KBabel 1.11.2\n" #. Type: title #. description #: ../templates:1001 msgid "arno-iptables-firewall configuration" msgstr "Configuration d'arno-iptables-firewall" #. Type: string #. description #: ../templates:2001 msgid "External network interfaces:" msgstr "Interfaces rseau externes:" #. Type: string #. description #: ../templates:2001 msgid "" "The external network interfaces connect this machine to untrusted networks " "(e.g. the Internet). The firewall will only permit connections attempts with " "explicitly allowed source/destination-port combinations on these interfaces. " "You have to specify all external interfaces (e.g. eth0 and/or ppp0)." msgstr "" "Les interfaces rseau externes sont celles qui relient cette machine des " "rseaux inconnus (par exemple, l'internet). Le pare-feu n'autorisera que les " "tentatives de connexion avec des ports source et destination explicitement " "autoriss sur ces interfaces. Vous devez indiquer toutes les interfaces " "externes (par exemple eth0 et/ou ppp0)." #. Type: string #. description #: ../templates:2001 msgid "" "For a ppp-interface that doesn't exist yet you can use the wildcard device " "called \"ppp+\", but you can only use ppp+ if there aren't any other ppp " "interfaces!" msgstr "" "Pour une interface ppp qui n'existe pas encore, vous pouvez utiliser le " "priphrique ppp+, mais vous ne pouvez l'utiliser que si vous ne " "mentionnez pas d'autres interfaces ppp!" #. Type: string #. description #: ../templates:2001 msgid "" "If no interfaces are specified here, no firewall setup will be performed." msgstr "" "Si aucune interface n'est indique ici, le pare-feu ne sera pas configur." #. Type: string #. description #: ../templates:2001 msgid "Multiple interfaces should be specified space separated." msgstr "Les interfaces multiples doivent tre spares par des espaces." #. Type: boolean #. description #: ../templates:3001 msgid "Is DHCP used on external interfaces?" msgstr "Faut-il activer DHCP sur les interfaces externes?" #. Type: boolean #. description #: ../templates:3001 msgid "" "This machine might use DHCP to dynamically obtain its IP address from your " "Internet service provider (ISP). This will be almost always the case if you " "have a non-permanent (e.g. dialup) connection." msgstr "" "Veuillez indiquer si cette machine obtient ses adresses IP dynamiquement " "depuis le serveur DHCP de votre fournisseur d'accs internet (FAI). C'est " "presque toujours le cas si vous possdez une connexion non-permanente (par " "exemple, les connexions RTC)." #. Type: boolean #. description #: ../templates:3001 msgid "" "If DHCP is not explicitly enabled, the firewall will block all DHCP-related " "network traffic." msgstr "" "Si DHCP n'est pas activ, le pare-feu bloquera tout le trafic relatif au " "protocole DHCP." #. Type: boolean #. description #: ../templates:3001 msgid "Leave this enabled, if you are unsure." msgstr "Dans le doute, vous devriez l'activer." #. Type: string #. description #: ../templates:4001 msgid "Open external TCP-ports:" msgstr "Ports TCP ouverts vers l'extrieur:" #. Type: string #. description #: ../templates:4001 msgid "" "The default firewall policy is to deny all incoming traffic on the external " "interfaces. If this machine provides services to the outside world (e.g. the " "Internet) they have to be explicitly enabled." msgstr "" "La politique par dfaut du pare-feu est de refuser tout trafic entrant sur " "les interfaces externes. Si cette machine fournit des services vers " "l'extrieur (par exemple, l'internet), ils doivent tre explicitement " "autoriss." #. Type: string #. description #: ../templates:4001 msgid "" "Please specify the TCP-ports numbers associated with the services that shall " "be accessible from the outside world. Some frequently used ports are: 80 " "(http), 443 (https) or 22 (ssh)." msgstr "" "Veuillez indiquer les numros de port TCP associs aux services qui pourront " "tre accessibles depuis l'extrieur. Quelques ports frquemment utiliss " "sont: 80 (http), 443 (https) ou 22 (ssh)." #. Type: string #. description #. Type: string #. description #: ../templates:4001 ../templates:5001 msgid "" "In addition to single port numbers you may also specify port ranges (e.g. " "10000:11000). Multiple entries should be entered space separated." msgstr "" "Vous pouvez aussi choisir un intervalle de ports (par exemple 10000:11000) " "la place d'un numro de port unique. De multiples entres doivent tre " "spares par des espaces." #. Type: string #. description #. Type: string #. description #: ../templates:4001 ../templates:5001 msgid "If unsure, leave this empty." msgstr "Dans le doute, vous devriez laisser ce champ vide." #. Type: string #. description #: ../templates:5001 msgid "Open external UDP-ports:" msgstr "Ports UDP ouverts vers l'extrieur:" #. Type: string #. description #: ../templates:5001 msgid "" "The default firewall policy is to deny all incoming traffic on the external " "interfaces. If this machine provides services for the outside world (e.g. " "the Internet) they have to be explicitly enabled." msgstr "" "La politique par dfaut du pare-feu est de refuser tout trafic entrant sur " "les interfaces externes. Si cette machine fournit des services vers " "l'extrieur (par exemple, l'internet), ils doivent tre explicitement " "autoriss." #. Type: string #. description #: ../templates:5001 msgid "" "Please specify the UDP-ports numbers associated with the services that shall " "be accessible from the outside world." msgstr "" "Veuillez indiquer les numros de ports UDP associs aux services qui " "pourront tre accessibles depuis l'extrieur." #. Type: boolean #. description #: ../templates:6001 msgid "Should the firewall be (re)started now?" msgstr "Faut-il (re)dmarrer le pare-feu maintenant?" #. Type: boolean #. description #: ../templates:6001 msgid "" "For security reasons the new firewall setup is not applied automatically. " "You might want to perform a manual inspection of the firewall configuration " "in /etc/arno-iptables-firewall/firewall.conf, especially when upgrading to a " "new version, as configuration variables might have changed." msgstr "" "Pour des raisons de scurit, la nouvelle configuration du pare-feu n'est " "pas automatiquement mise en oeuvre. Vous voulez probablement raliser une " "vrification manuelle du fichier de configuration du pare-feu /etc/arno-" "iptables-firewall/firewall.conf, en particulier lors d'une mise jour car " "les variables de configuration pourraient avoir t modifies." #. Type: boolean #. description #: ../templates:6001 msgid "" "In order to later manually apply the new firewall settings before the next " "reboot, invoke 'invoke-rc.d arno-iptables-firewall start'." msgstr "" "Afin d'appliquer ultrieurement la nouvelle configuration avant le " "redmarrage, utilisez la commande invoke-rc.d arno-iptables-firewall " "start." #. Type: boolean #. description #: ../templates:6001 msgid "" "If you do not need manual inspection, the firewall-setup can be applied now." msgstr "" "Si vous ne souhaitez pas vrifier vous-mme la configuration du pare-feu, " "elle peut tre appliqu immdiatement." #. Type: boolean #. description #: ../templates:7001 msgid "Do you want to enable NAT?" msgstr "Faut-il activer la traduction d'adresses (NAT)?" #. Type: boolean #. description #: ../templates:7001 msgid "" "If the connected internal networks should be able to access the outside " "world (e.g. the Internet) through the firewall, masquerading (NAT) has to be " "enabled." msgstr "" "Si les rseaux internes connects doivent tre capables d'accder " "l'extrieur (par exemple, l'internet) travers le pare-feu, la traduction " "d'adresse (NAT) doit tre active." #. Type: boolean #. description #: ../templates:7001 msgid "When in doubt, you can safely leave this disabled." msgstr "Dans le doute, vous pouvez sans danger dsactiver cette option." #. Type: string #. description #: ../templates:8001 msgid "Internal network interfaces:" msgstr "Interfaces rseau internes:" #. Type: string #. description #: ../templates:8001 msgid "" "The internal network interfaces connect this machine to trusted networks (e." "g. the office or home LAN). The firewall will permit all connection attempts " "on these interfaces. If you specify such interfaces, you will be able to " "permit the internal networks to access the Internet through this host. If " "there are no such interfaces, leave this empty." msgstr "" "Les interfaces rseau internes connectent cette machine des rseaux srs " "(par exemple, un rseau d'entreprise ou familial). Le pare-feu autorise " "toutes les connexions sur ces interfaces. Si vous indiquez de telles " "interfaces, vous autoriserez les rseaux internes accder l'extrieur " "travers cet hte. Si vous n'utilisez pas de telles interfaces, veuillez " "laisser ce champ vide." #. Type: string #. description #: ../templates:8001 msgid "Multiple interfaces should be entered space separated." msgstr "Les interfaces multiples doivent tre spares par des espaces." #. Type: string #. description #: ../templates:9001 msgid "Internal subnets:" msgstr "Sous-rseaux internes:" #. Type: string #. description #: ../templates:9001 msgid "" "You have to specify which subnets are connected to the internal network " "interfaces. Hosts in the internal networks can connect to all the services " "on this machine." msgstr "" "Veuillez indiquer les sous-rseaux connects aux interfaces rseau internes. " "Les htes de ces rseaux internes pourront se connecter tous les services " "de cette machine." #. Type: string #. description #: ../templates:9001 msgid "" "Give subnets in CIDR notation (e.g. 192.168.1.0/24). If you have multiple " "internal networks, they should be space separated." msgstr "" "Veuillez indiquer les sous-rseaux avec la notation CIDR (par exemple, " "192.168.1.0/24). Les entres multiples doivent tre spars par des espaces." #. Type: string #. description #: ../templates:10001 msgid "Internal networks with access to external networks:" msgstr "Rseaux internes autoriss accder aux rseaux extrieurs:" #. Type: string #. description #: ../templates:10001 msgid "" "If you want to restrict the access to the external networks, you can specify " "the allowed internal subnets in CIDR notation (e.g. 192.168.1.0/24). It is " "also possible to specify single hosts by their IP addresses. If you have " "multiple internal networks and/or hosts, they should be given space " "separated." msgstr "" "Si vous voulez restreindre l'accs aux rseaux extrieurs, vous pouvez " "indiquer les sous-rseaux internes autoriss avec la notation CIDR (par " "exemple, 192.168.1.0/24). Il est aussi possible d'indiquer des htes uniques " "par leurs adresses IP. Pour choisir plusieurs rseaux internes ou htes, " "vous devez les spars par des espaces" #. Type: string #. description #: ../templates:10001 msgid "" "If you leave this empty, the value is automatically set to equal the " "internal network. Therefore the WHOLE internal network will have access to " "the external networks, so be careful to only specify networks that should " "have access to the outside world." msgstr "" "Si vous laissez ce champ vide, il aura pour valeur le rseau interne. Par " "consquent, le rseau interne ENTIER aura accs aux rseaux extrieurs, vous " "devez donc veillez indiquer seulement les rseaux qui ont besoin d'un " "accs au monde extrieur." #. Type: string #. description #: ../templates:10001 msgid "If you are unsure, leave this empty." msgstr "Dans le doute, vous devriez laisser ce champ vide." #. Type: boolean #. description #: ../templates:11001 msgid "Should the machine be pingable from the outside world?" msgstr "Faut-il autoriser les rponses ping vers l'extrieur?" #. Type: boolean #. description #: ../templates:11001 msgid "" "For increased security the firewall can be setup to ignore ICMP echo " "requests (pings). While this is generally a good idea (the host seems to be " "down at a first glance), this is sometimes not useful (e.g. failure " "diagnostics)." msgstr "" "Pour amliorer la scurit, le pare-feu peut tre configur pour ignorer les " "requtes ICMP. Mme si c'est en gnral conseill, (l'hte apparat comme " "inactif), cela peut parfois tre gnant en interdisant des diagnostics " "rapides." #. Type: boolean #. description #: ../templates:11001 msgid "If you are not sure, leave this disabled." msgstr "Dans le doute, vous devriez dsactiver cette option." #. Type: boolean #. description #: ../templates:12001 msgid "Do you want to manage the firewall setup with debconf?" msgstr "Faut-il grer automatiquement la configuration du pare-feu?" #. Type: boolean #. description #: ../templates:12001 msgid "" "A basic firewall setup that is suitable for most purposes can be created by " "answering a few questions. This should be the preferred option for all who " "are not familiar with firewall-related topics." msgstr "" "Une configuration simple du pare-feu qui convient pour la plupart des cas " "peut tre cre en rpondant quelques questions. Choisissez cette option " "si vous n'tes pas familier avec la configuration d'un pare-feu." #. Type: boolean #. description #: ../templates:12001 msgid "" "If you do not want that, the firewall will not work before you have edited " "the configuration manually." msgstr "" "Sinon le pare-feu ne fonctionnera pas avant que vous n'ayez dit vous-mme " "le fichier de configuration." debian/po/ja.po0000644000000000000000000003667511600727660010564 0ustar # Copyright (C) 2011 Michael Hanke # This file is distributed under the same license as arno-iptables-firewall package. # Hideki Yamane , 2011. # msgid "" msgstr "" "Project-Id-Version: arno-iptables-firewall 2.0.0.a-2\n" "Report-Msgid-Bugs-To: michael.hanke@gmail.com\n" "POT-Creation-Date: 2006-10-05 13:39+0200\n" "PO-Revision-Date: 2011-05-04 22:26+0900\n" "Last-Translator: Hideki Yamane \n" "Language-Team: Japanese \n" "Language: ja\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" #. Type: title #. description #: ../templates:1001 msgid "arno-iptables-firewall configuration" msgstr "arno-iptables-firewall の設定" #. Type: string #. description #: ../templates:2001 msgid "External network interfaces:" msgstr "外部ネットワークインターフェイス:" #. Type: string #. description #: ../templates:2001 msgid "" "The external network interfaces connect this machine to untrusted networks " "(e.g. the Internet). The firewall will only permit connections attempts with " "explicitly allowed source/destination-port combinations on these interfaces. " "You have to specify all external interfaces (e.g. eth0 and/or ppp0)." msgstr "" "外部ネットワークインターフェイスは、このマシンを信頼していないネットワーク " "(例えばインターネット) へ接続します。ファイアウォールは、これらのインターフェ" "イス上で明示的に許可された接続元 (source)/接続先 (destination) ポートの組み" "合わせの接続のみを許可します。すべての外部インターフェイスを指定する必要があ" "ります (例: eth0、ppp0 など)。" #. Type: string #. description #: ../templates:2001 msgid "" "For a ppp-interface that doesn't exist yet you can use the wildcard device " "called \"ppp+\", but you can only use ppp+ if there aren't any other ppp " "interfaces!" msgstr "" "まだ存在していない ppp インターフェイスについては、「ppp+」のようなワイルド" "カードデバイスを使えますが、ppp+ を使えるのは他に ppp インターフェイスが存在" "していない場合のみです!" #. Type: string #. description #: ../templates:2001 msgid "" "If no interfaces are specified here, no firewall setup will be performed." msgstr "" "ここでインターフェイスが何も指定されない場合は、ファイアウォールの設定は行わ" "れません。" #. Type: string #. description #: ../templates:2001 msgid "Multiple interfaces should be specified space separated." msgstr "複数のインターフェイスは、空白で区切る必要があります。" #. Type: boolean #. description #: ../templates:3001 msgid "Is DHCP used on external interfaces?" msgstr "外部インターフェイスで DHCP を使いますか?" #. Type: boolean #. description #: ../templates:3001 msgid "" "This machine might use DHCP to dynamically obtain its IP address from your " "Internet service provider (ISP). This will be almost always the case if you " "have a non-permanent (e.g. dialup) connection." msgstr "" "このマシンはインターネットサービスプロバイダ (ISP) から IP アドレスを動的に取" "得するのに DHCP を使っているようです。これは、永続的では無い接続 (例: ダイヤ" "ルアップ) でしている場合などでは一般的です。" #. Type: boolean #. description #: ../templates:3001 msgid "" "If DHCP is not explicitly enabled, the firewall will block all DHCP-related " "network traffic." msgstr "" "DHCP が明示的に有効になっていない場合、ファイアウォールは DHCP 関連のネット" "ワークトラフィックをブロックします。" #. Type: boolean #. description #: ../templates:3001 msgid "Leave this enabled, if you are unsure." msgstr "よく分からない場合は有効のままにしておいてください。" #. Type: string #. description #: ../templates:4001 msgid "Open external TCP-ports:" msgstr "外部に開放する TCP ポート:" #. Type: string #. description #: ../templates:4001 msgid "" "The default firewall policy is to deny all incoming traffic on the external " "interfaces. If this machine provides services to the outside world (e.g. the " "Internet) they have to be explicitly enabled." msgstr "" "デフォルトのファイアウォールポリシーは、外部インターフェイス上の入ってくるト" "ラフィックすべてを拒否します。このマシンが外部 (例:インターネット) にサービス" "を提供している場合、明示的に有効にする必要があります。" #. Type: string #. description #: ../templates:4001 msgid "" "Please specify the TCP-ports numbers associated with the services that shall " "be accessible from the outside world. Some frequently used ports are: 80 " "(http), 443 (https) or 22 (ssh)." msgstr "" "外部からアクセス可能にするサービスに関連する TCP ポート番号を指定してくださ" "い。よく使われるポート: 80 (http)、443 (https)、22 (ssh)" #. Type: string #. description #. Type: string #. description #: ../templates:4001 ../templates:5001 msgid "" "In addition to single port numbers you may also specify port ranges (e.g. " "10000:11000). Multiple entries should be entered space separated." msgstr "" "単一のポート番号に加えて、ポートの範囲を指定することもできます (例: " "10000:11000)。複数のエントリは、空白で区切る必要があります。" #. Type: string #. description #. Type: string #. description #: ../templates:4001 ../templates:5001 msgid "If unsure, leave this empty." msgstr "よく分からない場合は、この欄を空白のままにしておいてください。" #. Type: string #. description #: ../templates:5001 msgid "Open external UDP-ports:" msgstr "オープンにする外部 UDP ポート:" #. Type: string #. description #: ../templates:5001 msgid "" "The default firewall policy is to deny all incoming traffic on the external " "interfaces. If this machine provides services for the outside world (e.g. " "the Internet) they have to be explicitly enabled." msgstr "" "デフォルトのファイアウォールポリシーは、外部インターフェイス上の入ってくるト" "ラフィックすべてを拒否します。このマシンが外部 (例:インターネット) にサービス" "を提供している場合、明示的に有効にする必要があります。" #. Type: string #. description #: ../templates:5001 msgid "" "Please specify the UDP-ports numbers associated with the services that shall " "be accessible from the outside world." msgstr "" "外界からアクセスできるサービスに関連する UDP ポート番号を指定してください。" #. Type: boolean #. description #: ../templates:6001 msgid "Should the firewall be (re)started now?" msgstr "すぐにファイアウォールを (再度) 起動しますか?" #. Type: boolean #. description #: ../templates:6001 msgid "" "For security reasons the new firewall setup is not applied automatically. " "You might want to perform a manual inspection of the firewall configuration " "in /etc/arno-iptables-firewall/firewall.conf, especially when upgrading to a " "new version, as configuration variables might have changed." msgstr "" "セキュリティ上の理由から、新しいファイアウォール設定は自動的に適用されませ" "ん。特に新しいバージョンへアップグレードする場合、設定の変数が変わっているか" "もしれないので、/etc/arno-iptables-firewall/firewall.conf にあるファイア" "ウォール設定の手動検査をするのが良いでしょう。" #. Type: boolean #. description #: ../templates:6001 msgid "" "In order to later manually apply the new firewall settings before the next " "reboot, invoke 'invoke-rc.d arno-iptables-firewall start'." msgstr "" "後ほど手動で、新しいファイアウォール設定を次回の再起動前に適用するには、" "「invoke-rc.d arno-iptables-firewall start」を実行してください。" #. Type: boolean #. description #: ../templates:6001 msgid "" "If you do not need manual inspection, the firewall-setup can be applied now." msgstr "" "手動での検査が必要ない場合、ファイアウォール設定をここで適用することができま" "す。" #. Type: boolean #. description #: ../templates:7001 msgid "Do you want to enable NAT?" msgstr "NAT を有効にしますか?" #. Type: boolean #. description #: ../templates:7001 msgid "" "If the connected internal networks should be able to access the outside " "world (e.g. the Internet) through the firewall, masquerading (NAT) has to be " "enabled." msgstr "" "接続した内部ネットワークを、ファイアウォールを通して外界 (例: インターネッ" "ト) に接続できるようにしなければならない場合は、IP マスカレード (NAT) を有効" "にする必要があります。" #. Type: boolean #. description #: ../templates:7001 msgid "When in doubt, you can safely leave this disabled." msgstr "不明な場合は、これは無効にしたままでいるのが安全です。" #. Type: string #. description #: ../templates:8001 msgid "Internal network interfaces:" msgstr "内部ネットワークインターフェイス:" #. Type: string #. description #: ../templates:8001 msgid "" "The internal network interfaces connect this machine to trusted networks (e." "g. the office or home LAN). The firewall will permit all connection attempts " "on these interfaces. If you specify such interfaces, you will be able to " "permit the internal networks to access the Internet through this host. If " "there are no such interfaces, leave this empty." msgstr "" "内部ネットワークインターフェイスは、このマシンを信頼するネットワーク (例: オ" "フィス LAN や家庭内 LAN) に接続します。ファイアウォールはこのインターフェイス" "上で試みられたすべての接続を許可します。このインターフェイスを指定する場合" "は、内部ネットワークがこのホストを通じてインターネットにアクセスできるように" "します。そのようなインターフェイスが無い場合は、これは空白にしておいてくださ" "い。" #. Type: string #. description #: ../templates:8001 msgid "Multiple interfaces should be entered space separated." msgstr "複数のインターフェイスは、空白で区切って入力する必要があります。" #. Type: string #. description #: ../templates:9001 msgid "Internal subnets:" msgstr "内部サブネット:" #. Type: string #. description #: ../templates:9001 msgid "" "You have to specify which subnets are connected to the internal network " "interfaces. Hosts in the internal networks can connect to all the services " "on this machine." msgstr "" "どのサブネットが内部ネットワークインターフェイスに接続するかを指定する必要が" "あります。内部ネットワーク内のホストは、このマシン上のすべてのサービスに接続" "できます。" #. Type: string #. description #: ../templates:9001 msgid "" "Give subnets in CIDR notation (e.g. 192.168.1.0/24). If you have multiple " "internal networks, they should be space separated." msgstr "" "サブネットを CIDR 記法 (例: 192.168.1.0/24) で指定してください。複数の内部" "ネットワークがある場合は、空白で区切る必要があります。" #. Type: string #. description #: ../templates:10001 msgid "Internal networks with access to external networks:" msgstr "外部ネットワークにアクセスする内部ネットワーク:" #. Type: string #. description #: ../templates:10001 msgid "" "If you want to restrict the access to the external networks, you can specify " "the allowed internal subnets in CIDR notation (e.g. 192.168.1.0/24). It is " "also possible to specify single hosts by their IP addresses. If you have " "multiple internal networks and/or hosts, they should be given space " "separated." msgstr "" "外部ネットワークへのアクセスを制限したい場合、許可する内部サブネットを CIDR " "記法で指定することができます (例: 192.168.1.0/24)。単一のホストを IP アドレス" "を指定することも可能です。複数の内部ネットワークや複数のホストがある場合は、" "空白で区切る必要があります。" #. Type: string #. description #: ../templates:10001 msgid "" "If you leave this empty, the value is automatically set to equal the " "internal network. Therefore the WHOLE internal network will have access to " "the external networks, so be careful to only specify networks that should " "have access to the outside world." msgstr "" "これは空白のままにしておくと、内部ネットワークと同じ値が自動的に設定されま" "す。そのため、「すべての」内部ネットワークが外部ネットワークに接続できるよう" "になります。ですので、外部に接続できるネットワークだけを指定するように注意し" "てください。" #. Type: string #. description #: ../templates:10001 msgid "If you are unsure, leave this empty." msgstr "よく分からない場合は、この欄は空白にしておいてください。" #. Type: boolean #. description #: ../templates:11001 msgid "Should the machine be pingable from the outside world?" msgstr "外部からマシンへ ping が通るようにしますか?" #. Type: boolean #. description #: ../templates:11001 msgid "" "For increased security the firewall can be setup to ignore ICMP echo " "requests (pings). While this is generally a good idea (the host seems to be " "down at a first glance), this is sometimes not useful (e.g. failure " "diagnostics)." msgstr "" "セキュリティを高めるため、ファイアウォールで ICMP echo リクエスト (ping) を無" "視するように設定することができます。これは大抵の場合良い考え (ホストが一見ダ" "ウンして居るように見える) ですが、有用ではない場合もあります (例: 診断が失敗" "する)。" #. Type: boolean #. description #: ../templates:11001 msgid "If you are not sure, leave this disabled." msgstr "よく分からない場合は、これは無効にしておいてください。" #. Type: boolean #. description #: ../templates:12001 msgid "Do you want to manage the firewall setup with debconf?" msgstr "ファイアウォールの設定を debconf で管理しますか?" #. Type: boolean #. description #: ../templates:12001 msgid "" "A basic firewall setup that is suitable for most purposes can be created by " "answering a few questions. This should be the preferred option for all who " "are not familiar with firewall-related topics." msgstr "" "ほとんどの目的に合った基本のファイアウォール設定は、いくつかの質問に答えれば" "作成することができます。これは、ファイアウォール関連の問題にあまり詳しくない" "人すべてにお勧めの選択です。" #. Type: boolean #. description #: ../templates:12001 msgid "" "If you do not want that, the firewall will not work before you have edited " "the configuration manually." msgstr "" "お勧めに従いたくない場合ですが、ファイアウォールは手動で設定を編集するまで動" "作しません。" debian/po/pt.po0000644000000000000000000003365011537203521010575 0ustar # translation of arno-iptables-firewall debconf to Portuguese # Copyright (C) 2007 Américo Monteiro # This file is distributed under the same license as the arno-iptables-firewall package. # # Américo Monteiro , 2007. msgid "" msgstr "" "Project-Id-Version: arno-iptables-firewall 1.8.8.i-1\n" "Report-Msgid-Bugs-To: michael.hanke@gmail.com\n" "POT-Creation-Date: 2006-10-05 13:39+0200\n" "PO-Revision-Date: 2007-07-28 02:16+0100\n" "Last-Translator: Américo Monteiro \n" "Language-Team: Portuguese \n" "Language: pt\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "X-Generator: KBabel 1.11.4\n" #. Type: title #. description #: ../templates:1001 msgid "arno-iptables-firewall configuration" msgstr "Configuração do arno-iptables-firewall" #. Type: string #. description #: ../templates:2001 msgid "External network interfaces:" msgstr "Interfaces de rede externas:" #. Type: string #. description #: ../templates:2001 msgid "" "The external network interfaces connect this machine to untrusted networks " "(e.g. the Internet). The firewall will only permit connections attempts with " "explicitly allowed source/destination-port combinations on these interfaces. " "You have to specify all external interfaces (e.g. eth0 and/or ppp0)." msgstr "" "As interfaces de rede internas ligam esta máquina a redes onde não há " "confiança (ex. a Internet). A firewall só irá permitir tentativas de ligação " "a combinações fonte/destino-porto explicitamente permitidas nestas " "interfaces. Você tem que especificar todas as interfaces externas (ex. eth0 " "e/ou ppp0)." #. Type: string #. description #: ../templates:2001 msgid "" "For a ppp-interface that doesn't exist yet you can use the wildcard device " "called \"ppp+\", but you can only use ppp+ if there aren't any other ppp " "interfaces!" msgstr "" "Para um interface-ppp que ainda não exista, você pode usar o dispositivo " "variável chamado \"ppp+\", mas só pode usar ppp+ se não existir mais nenhuma " "interface ppp!" #. Type: string #. description #: ../templates:2001 msgid "" "If no interfaces are specified here, no firewall setup will be performed." msgstr "" "Se não forem especificadas interfaces aqui, nenhuma configuração de firewall " "será executada." #. Type: string #. description #: ../templates:2001 msgid "Multiple interfaces should be specified space separated." msgstr "Múltiplas interfaces devem ser especificadas separando-as com espaços." #. Type: boolean #. description #: ../templates:3001 msgid "Is DHCP used on external interfaces?" msgstr "DHCP é usado nas interfaces externas?" #. Type: boolean #. description #: ../templates:3001 msgid "" "This machine might use DHCP to dynamically obtain its IP address from your " "Internet service provider (ISP). This will be almost always the case if you " "have a non-permanent (e.g. dialup) connection." msgstr "" "Esta máquina pode usar DHCP para dinamicamente obter o seu endereço IP do " "seu provedor de serviço internet (ISP). Isto é quase sempre o caso se você " "tem uma ligação não-permanente (ex. ligação por marcação)." #. Type: boolean #. description #: ../templates:3001 msgid "" "If DHCP is not explicitly enabled, the firewall will block all DHCP-related " "network traffic." msgstr "" "Se o DHCP não estiver explicitamente activo, a firewall irá bloquear todo o " "tráfego de rede relacionado com DHCP." #. Type: boolean #. description #: ../templates:3001 msgid "Leave this enabled, if you are unsure." msgstr "Deixe activado, se não tem certeza." #. Type: string #. description #: ../templates:4001 msgid "Open external TCP-ports:" msgstr "Portos TCP externos abertos:" #. Type: string #. description #: ../templates:4001 msgid "" "The default firewall policy is to deny all incoming traffic on the external " "interfaces. If this machine provides services to the outside world (e.g. the " "Internet) they have to be explicitly enabled." msgstr "" "A politica de omissão da firewall é de negar todo o tráfego de entrada nas " "interfaces externas. Se esta máquina providencia serviços para o mundo " "externo (ex: a internet), têm que ser explicitamente activados." #. Type: string #. description #: ../templates:4001 msgid "" "Please specify the TCP-ports numbers associated with the services that shall " "be accessible from the outside world. Some frequently used ports are: 80 " "(http), 443 (https) or 22 (ssh)." msgstr "" "Por favor especifique os números de portos-TCP associados aos serviços que " "estarão acessíveis ao mundo externo. Alguns portos frequentemente usados " "são: 80 (http), 443 (https) ou 22 (ssh)." #. Type: string #. description #. Type: string #. description #: ../templates:4001 ../templates:5001 msgid "" "In addition to single port numbers you may also specify port ranges (e.g. " "10000:11000). Multiple entries should be entered space separated." msgstr "" "Em adição a números de porto singulares, você também pode especificar " "alcances de portos (ex. 10000:11000). Múltiplas entradas devem ser indicadas " "separadas por espaços." #. Type: string #. description #. Type: string #. description #: ../templates:4001 ../templates:5001 msgid "If unsure, leave this empty." msgstr "Se tem dúvidas, deixe este campo vazio." #. Type: string #. description #: ../templates:5001 msgid "Open external UDP-ports:" msgstr "Portos UDP externos abertos:" #. Type: string #. description #: ../templates:5001 msgid "" "The default firewall policy is to deny all incoming traffic on the external " "interfaces. If this machine provides services for the outside world (e.g. " "the Internet) they have to be explicitly enabled." msgstr "" "A politica de omissão da firewall é de negar todo o tráfego de entrada nas " "interfaces externas. Se esta máquina providencia serviços para o mundo " "externo (ex: a internet), têm que ser explicitamente activados." #. Type: string #. description #: ../templates:5001 msgid "" "Please specify the UDP-ports numbers associated with the services that shall " "be accessible from the outside world." msgstr "" "Por favor especifique os números de portos-UDP associados aos serviços que " "estarão acessíveis ao mundo externo." #. Type: boolean #. description #: ../templates:6001 msgid "Should the firewall be (re)started now?" msgstr "Deverá a firewall ser (re)iniciada agora?" #. Type: boolean #. description #: ../templates:6001 msgid "" "For security reasons the new firewall setup is not applied automatically. " "You might want to perform a manual inspection of the firewall configuration " "in /etc/arno-iptables-firewall/firewall.conf, especially when upgrading to a " "new version, as configuration variables might have changed." msgstr "" "Por razões de segurança, a nova configuração da firewall não é aplicada " "automaticamente. Você pode querer inspeccionar manualmente a configuração da " "firewall em /etc/arno-iptables-firewall/firewall.conf, especialmente quando " "actualiza para uma nova versão, porque algumas variáveis de configuração " "podem ter alterado." #. Type: boolean #. description #: ../templates:6001 msgid "" "In order to later manually apply the new firewall settings before the next " "reboot, invoke 'invoke-rc.d arno-iptables-firewall start'." msgstr "" "Para depois poder aplicar manualmente a nova configuração de firewall antes " "do próximo reiniciar da máquina, invoque 'invoke-rc.d arno-iptables-firewall " "start'." #. Type: boolean #. description #: ../templates:6001 msgid "" "If you do not need manual inspection, the firewall-setup can be applied now." msgstr "" "Se você não precisa de inspecção manual, a configuração da firewall pode ser " "aplicada agora." #. Type: boolean #. description #: ../templates:7001 msgid "Do you want to enable NAT?" msgstr "Você quer activar NAT?" #. Type: boolean #. description #: ../templates:7001 msgid "" "If the connected internal networks should be able to access the outside " "world (e.g. the Internet) through the firewall, masquerading (NAT) has to be " "enabled." msgstr "" "Se as redes internas ligadas deverão ser capazes de aceder ao mundo exterior " "(ex à internet) através da firewall, tem que ser activada a função " "'masquerading' (NAT)." #. Type: boolean #. description #: ../templates:7001 msgid "When in doubt, you can safely leave this disabled." msgstr "Quando em dúvida, você pode seguramente deixar isto desactivado." #. Type: string #. description #: ../templates:8001 msgid "Internal network interfaces:" msgstr "Interfaces de rede internas:" #. Type: string #. description #: ../templates:8001 msgid "" "The internal network interfaces connect this machine to trusted networks (e." "g. the office or home LAN). The firewall will permit all connection attempts " "on these interfaces. If you specify such interfaces, you will be able to " "permit the internal networks to access the Internet through this host. If " "there are no such interfaces, leave this empty." msgstr "" "As interfaces de rede internas ligam esta máquina a redes de confiança (ex. " "a rede LAN de escritório ou de casa). A firewall irá permitir todas as " "tentativas de ligação nestas interfaces. Se você especificar quais " "interfaces, você vai poder permitir às redes internas de aceder à internet " "através desta máquina. Se não existem tais interfaces, deixe este campo " "vazio." #. Type: string #. description #: ../templates:8001 msgid "Multiple interfaces should be entered space separated." msgstr "Múltiplas interfaces devem ser inseridas separadas por espaços." #. Type: string #. description #: ../templates:9001 msgid "Internal subnets:" msgstr "Sub-redes internas:" #. Type: string #. description #: ../templates:9001 msgid "" "You have to specify which subnets are connected to the internal network " "interfaces. Hosts in the internal networks can connect to all the services " "on this machine." msgstr "" "Você tem que especificar quais sub-redes estão ligadas às interfaces de rede " "interna. As máquinas na rede interna podem ligar a todos os serviços desta " "máquina." #. Type: string #. description #: ../templates:9001 msgid "" "Give subnets in CIDR notation (e.g. 192.168.1.0/24). If you have multiple " "internal networks, they should be space separated." msgstr "" "Indique as sub-redes em notação CIDR (ex. 192.168.1.0/24), se você tem " "múltiplas redes internas, elas devem ficar separadas por espaços." #. Type: string #. description #: ../templates:10001 msgid "Internal networks with access to external networks:" msgstr "Redes internas que irão aceder a redes externas:" #. Type: string #. description #: ../templates:10001 msgid "" "If you want to restrict the access to the external networks, you can specify " "the allowed internal subnets in CIDR notation (e.g. 192.168.1.0/24). It is " "also possible to specify single hosts by their IP addresses. If you have " "multiple internal networks and/or hosts, they should be given space " "separated." msgstr "" "Se você quer restringir o acesso às redes externas, você pode especificar as " "sub-redes internas com permissão em notação CIDR (ex. 192.168.1.0/24). É " "também possível especificar máquinas singulares pelo seu endereço IP. Se " "você tem múltiplas redes internas e/ou máquinas, elas deverão ser indicadas " "separadas por espaços." #. Type: string #. description #: ../templates:10001 msgid "" "If you leave this empty, the value is automatically set to equal the " "internal network. Therefore the WHOLE internal network will have access to " "the external networks, so be careful to only specify networks that should " "have access to the outside world." msgstr "" "Se você deixar este campo vazio, o valor é automaticamente regulado para " "igualar a rede interna. Então TODA a rede interna irá ter acesso às redes " "externas, portanto tenha o cuidado de apenas especificar redes que deverão " "ter acesso ao mundo externo." #. Type: string #. description #: ../templates:10001 msgid "If you are unsure, leave this empty." msgstr "Se não tem certeza, deixe este campo vazio." #. Type: boolean #. description #: ../templates:11001 msgid "Should the machine be pingable from the outside world?" msgstr "Deverá a máquina deixar-se pingar desde o mundo exterior?" #. Type: boolean #. description #: ../templates:11001 msgid "" "For increased security the firewall can be setup to ignore ICMP echo " "requests (pings). While this is generally a good idea (the host seems to be " "down at a first glance), this is sometimes not useful (e.g. failure " "diagnostics)." msgstr "" "Para aumento de segurança a firewall pode ser configurada para ignorar " "pedidos de eco ICMP (pings). Apesar de isto ser geralmente uma boa ideia (a " "máquina parece estar desligada à primeira vista), isto por vezes não é útil " "(ex. diagnósticos falhados)." #. Type: boolean #. description #: ../templates:11001 msgid "If you are not sure, leave this disabled." msgstr "Se não tem certeza, deixe isto desactivado." #. Type: boolean #. description #: ../templates:12001 msgid "Do you want to manage the firewall setup with debconf?" msgstr "Você deseja gerir a configuração da firewall com o debconf?" #. Type: boolean #. description #: ../templates:12001 msgid "" "A basic firewall setup that is suitable for most purposes can be created by " "answering a few questions. This should be the preferred option for all who " "are not familiar with firewall-related topics." msgstr "" "Uma configuração básica de firewall que é suficiente para a maioria dos " "propósitos pode ser criada respondendo a algumas perguntas. Esta deve ser a " "opção preferida para todos que não estão familiarizados com tópicos " "relacionados com a firewall." #. Type: boolean #. description #: ../templates:12001 msgid "" "If you do not want that, the firewall will not work before you have edited " "the configuration manually." msgstr "" "Se você não quer isto, a firewall não irá funcionar antes que você tenha " "editado a configuração manualmente." debian/po/ru.po0000644000000000000000000004241711537203521010601 0ustar # translation of arno-iptables-firewall_1.9.2.a-1_ru.po to Russian # Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER # This file is distributed under the same license as the PACKAGE package. # # Yuri Kozlov , 2009. msgid "" msgstr "" "Project-Id-Version: arno-iptables-firewall 1.9.2.a-1\n" "Report-Msgid-Bugs-To: michael.hanke@gmail.com\n" "POT-Creation-Date: 2006-10-05 13:39+0200\n" "PO-Revision-Date: 2009-08-04 21:03+0400\n" "Last-Translator: Yuri Kozlov \n" "Language-Team: Russian \n" "Language: ru\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "X-Generator: KBabel 1.11.4\n" "Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n" "%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n" #. Type: title #. description #: ../templates:1001 msgid "arno-iptables-firewall configuration" msgstr "Настройка arno-iptables-firewall" #. Type: string #. description #: ../templates:2001 msgid "External network interfaces:" msgstr "Внешние сетевые интерфейсы:" #. Type: string #. description #: ../templates:2001 msgid "" "The external network interfaces connect this machine to untrusted networks " "(e.g. the Internet). The firewall will only permit connections attempts with " "explicitly allowed source/destination-port combinations on these interfaces. " "You have to specify all external interfaces (e.g. eth0 and/or ppp0)." msgstr "" "Через внешние сетевые интерфейсы компьютер подключается к недоверительным " "сетям (например, к интернету). Межсетевой экран будет пропускать только " "подключения, для которых явно указаны разрешённые на этих интерфейсах " "комбинации портов источника/приёмника. Вы должны указать все внешние " "интерфейсы (например, eth0 и/или ppp0)." #. Type: string #. description #: ../templates:2001 msgid "" "For a ppp-interface that doesn't exist yet you can use the wildcard device " "called \"ppp+\", but you can only use ppp+ if there aren't any other ppp " "interfaces!" msgstr "" "Для указания несуществующих в данный момент интерфейсов ppp, вы можете " "использовать шаблон устройства \"ppp+\", но ppp+ можно использовать, если " "нет никаких других интерфейсов ppp!" #. Type: string #. description #: ../templates:2001 msgid "" "If no interfaces are specified here, no firewall setup will be performed." msgstr "" "Если интерфейсы не указать, то настройка межсетевого экрана выполняться не " "будет." #. Type: string #. description #: ../templates:2001 msgid "Multiple interfaces should be specified space separated." msgstr "Несколько интерфейсов нужно указывать через пробел." #. Type: boolean #. description #: ../templates:3001 msgid "Is DHCP used on external interfaces?" msgstr "Разрешить DHCP на внешних интерфейсах?" #. Type: boolean #. description #: ../templates:3001 msgid "" "This machine might use DHCP to dynamically obtain its IP address from your " "Internet service provider (ISP). This will be almost always the case if you " "have a non-permanent (e.g. dialup) connection." msgstr "" "Данный компьютер может использовать DHCP для динамического получения IP-" "адреса от провайдера интернета (ISP). Это почти всегда верно, если вы " "используете непостоянное (например, модем с коммутируемым доступом) " "соединение." #. Type: boolean #. description #: ../templates:3001 msgid "" "If DHCP is not explicitly enabled, the firewall will block all DHCP-related " "network traffic." msgstr "" "Если использование протокола DHCP не указать, то межсетевой экран будет " "блокировать весь сетевой обмен по DHCP." #. Type: boolean #. description #: ../templates:3001 msgid "Leave this enabled, if you are unsure." msgstr "Если не уверены, оставьте включённым." #. Type: string #. description #: ../templates:4001 msgid "Open external TCP-ports:" msgstr "Открытые вовне порты TCP:" #. Type: string #. description #: ../templates:4001 msgid "" "The default firewall policy is to deny all incoming traffic on the external " "interfaces. If this machine provides services to the outside world (e.g. the " "Internet) they have to be explicitly enabled." msgstr "" "Политикой по умолчанию в межсетевом экране является блокировка всего " "входящего трафика с внешних интерфейсов. Если компьютер предоставляет службы " "для внешнего мира (например, для интернета), то они должны быть явным " "образом разрешены." #. Type: string #. description #: ../templates:4001 msgid "" "Please specify the TCP-ports numbers associated with the services that shall " "be accessible from the outside world. Some frequently used ports are: 80 " "(http), 443 (https) or 22 (ssh)." msgstr "" "Укажите номера портов TCP для служб, которые должны быть доступны извне. " "Наиболее часто используемые порты: 80 (http), 443 (https) или 22 (ssh)." #. Type: string #. description #. Type: string #. description #: ../templates:4001 ../templates:5001 msgid "" "In addition to single port numbers you may also specify port ranges (e.g. " "10000:11000). Multiple entries should be entered space separated." msgstr "" "Кроме указания одиночных портов, также возможно указывать диапазоны портов " "(например, 10000:11000). Можно вводить несколько элементов через пробел." #. Type: string #. description #. Type: string #. description #: ../templates:4001 ../templates:5001 msgid "If unsure, leave this empty." msgstr "Если не уверены, ничего не вводите." #. Type: string #. description #: ../templates:5001 msgid "Open external UDP-ports:" msgstr "Открытые вовне порты UDP:" #. Type: string #. description #: ../templates:5001 msgid "" "The default firewall policy is to deny all incoming traffic on the external " "interfaces. If this machine provides services for the outside world (e.g. " "the Internet) they have to be explicitly enabled." msgstr "" "Политикой по умолчанию в межсетевом экране является блокировка всего " "входящего трафика с внешних интерфейсов. Если компьютер предоставляет службы " "для внешнего мира (например, для интернета), то они должны быть явным " "образом разрешены." #. Type: string #. description #: ../templates:5001 msgid "" "Please specify the UDP-ports numbers associated with the services that shall " "be accessible from the outside world." msgstr "" "Укажите номера портов UDP для служб, которые должны быть доступны извне." #. Type: boolean #. description #: ../templates:6001 msgid "Should the firewall be (re)started now?" msgstr "Пере(запустить) межсетевой экран прямо сейчас?" #. Type: boolean #. description #: ../templates:6001 msgid "" "For security reasons the new firewall setup is not applied automatically. " "You might want to perform a manual inspection of the firewall configuration " "in /etc/arno-iptables-firewall/firewall.conf, especially when upgrading to a " "new version, as configuration variables might have changed." msgstr "" "С целью усиления безопасности новые настройки межсетевого экрана " "автоматически не применяются. Вы можете захотеть провести осмотр настроек " "межсетевого экрана в файле /etc/arno-iptables-firewall/firewall.conf, " "особенно если устанавливаете новую версию, так как настроечные переменные " "могли измениться." #. Type: boolean #. description #: ../templates:6001 msgid "" "In order to later manually apply the new firewall settings before the next " "reboot, invoke 'invoke-rc.d arno-iptables-firewall start'." msgstr "" "Позднее, чтобы вручную применить новые настройки межсетевого экрана перед " "следующей перезагрузкой, запустите 'invoke-rc.d arno-iptables-firewall " "start'." #. Type: boolean #. description #: ../templates:6001 msgid "" "If you do not need manual inspection, the firewall-setup can be applied now." msgstr "" "Если не хотите проверять настройки, то firewall-setup можно запустить прямо " "сейчас." #. Type: boolean #. description #: ../templates:7001 msgid "Do you want to enable NAT?" msgstr "Включить NAT?" #. Type: boolean #. description #: ../templates:7001 msgid "" "If the connected internal networks should be able to access the outside " "world (e.g. the Internet) through the firewall, masquerading (NAT) has to be " "enabled." msgstr "" "Если подключённым внутренним сетям требуется доступ к внешнему миру " "(например, к интернету) через межсетевой экран, то нужно включить " "маскарадинг (NAT)." #. Type: boolean #. description #: ../templates:7001 msgid "When in doubt, you can safely leave this disabled." msgstr "Если сомневаетесь, то оставьте выключенным." #. Type: string #. description #: ../templates:8001 msgid "Internal network interfaces:" msgstr "Внутренние сетевые интерфейсы:" #. Type: string #. description #: ../templates:8001 msgid "" "The internal network interfaces connect this machine to trusted networks (e." "g. the office or home LAN). The firewall will permit all connection attempts " "on these interfaces. If you specify such interfaces, you will be able to " "permit the internal networks to access the Internet through this host. If " "there are no such interfaces, leave this empty." msgstr "" "Через внутренние сетевые интерфейсы компьютер подключается к доверительным " "сетям (например, к офисной или домашней сети). Межсетевой экран будет " "пропускать все подключения из этих интерфейсов. Если вы укажите интерфейсы, " "то сможете разрешить доступ из внутренних сетей в интернет через этот " "компьютер. Если таких интерфейсов нет, то оставьте поле пустым." #. Type: string #. description #: ../templates:8001 msgid "Multiple interfaces should be entered space separated." msgstr "Несколько интерфейсов нужно указывать через пробел." #. Type: string #. description #: ../templates:9001 msgid "Internal subnets:" msgstr "Внутренние подсети:" #. Type: string #. description #: ../templates:9001 msgid "" "You have to specify which subnets are connected to the internal network " "interfaces. Hosts in the internal networks can connect to all the services " "on this machine." msgstr "" "Вам нужно указать какие внутренние подсети доступны через внутренние сетевые " "интерфейсы. Компьютеры из внутренних сетей смогут подключаться ко всем " "службам этой машины." #. Type: string #. description #: ../templates:9001 msgid "" "Give subnets in CIDR notation (e.g. 192.168.1.0/24). If you have multiple " "internal networks, they should be space separated." msgstr "" "Подсети задаются в формате CIDR (например, 192.168.1.0/24). Несколько " "подсетей можно указать через пробел." #. Type: string #. description #: ../templates:10001 msgid "Internal networks with access to external networks:" msgstr "Внутренние сети, которым разрешён доступ во внешние сети:" #. Type: string #. description #: ../templates:10001 msgid "" "If you want to restrict the access to the external networks, you can specify " "the allowed internal subnets in CIDR notation (e.g. 192.168.1.0/24). It is " "also possible to specify single hosts by their IP addresses. If you have " "multiple internal networks and/or hosts, they should be given space " "separated." msgstr "" "Если вы хотите ограничить доступ во внешние сети, то можете указать " "внутренние подсети в формате CIDR (например, 192.168.1.0/24), которым это " "разрешено. Также можно разрешить доступ отдельным машинам, указав их IP-" "адреса. Несколько внутренних подсетей или машин можно указать через пробел." #. Type: string #. description #: ../templates:10001 msgid "" "If you leave this empty, the value is automatically set to equal the " "internal network. Therefore the WHOLE internal network will have access to " "the external networks, so be careful to only specify networks that should " "have access to the outside world." msgstr "" "Если оставить поле пустым, то значение автоматически станет равным " "внутренней сети. По этой причине ВСЕЙ внутренней сети будут доступны внешние " "сети, так что лучше аккуратно указать сети, которым нужно разрешить доступ к " "внешнему миру." #. Type: string #. description #: ../templates:10001 msgid "If you are unsure, leave this empty." msgstr "Если не уверены, то оставьте поле пустым." #. Type: boolean #. description #: ../templates:11001 msgid "Should the machine be pingable from the outside world?" msgstr "Должна ли машины откликаться на ping извне?" #. Type: boolean #. description #: ../templates:11001 msgid "" "For increased security the firewall can be setup to ignore ICMP echo " "requests (pings). While this is generally a good idea (the host seems to be " "down at a first glance), this is sometimes not useful (e.g. failure " "diagnostics)." msgstr "" "Для повышения безопасности, межсетевой экран может блокировать ICMP echo " "запросы (ping-и). Обычно, это нормально (машина кажется всем выключенной), " "но иногда не очень полезно (например, при поиске причины неработоспособности " "сети)." #. Type: boolean #. description #: ../templates:11001 msgid "If you are not sure, leave this disabled." msgstr "Если не уверены, оставьте заблокированным." #. Type: boolean #. description #: ../templates:12001 msgid "Do you want to manage the firewall setup with debconf?" msgstr "Управлять настройками межсетевого экрана с помощью debconf?" #. Type: boolean #. description #: ../templates:12001 msgid "" "A basic firewall setup that is suitable for most purposes can be created by " "answering a few questions. This should be the preferred option for all who " "are not familiar with firewall-related topics." msgstr "" "Простую настройку межсетевого экрана, подходящую для большинства задач, " "можно получить ответив на несколько вопросов. Рекомендуется всем, кто не " "разбирается в межсетевых экранах." #. Type: boolean #. description #: ../templates:12001 msgid "" "If you do not want that, the firewall will not work before you have edited " "the configuration manually." msgstr "" "Если ответить отрицательно, то межсетевой экран не заработает пока не будут " "выполнены настройки вручную." debian/po/nb.po0000644000000000000000000003302011537203521010540 0ustar # translation of arno-iptables-firewall.po to Norwegian Bokmål Translators, if you are not familiar with the PO format, gettext documentation is worth reading, especially sections dedicated to this format, e.g. by running: info -n '(gettext)PO Files' info -n '(gettext)Header Entry' Some information specific to po-debconf are available at /usr/share/doc/po-debconf/README-trans or http://www.debian.org/intl/l10n/po-debconf/README-trans# Developers do not need to manually edit POT or PO files. Bjørn Steensrud , 2006. msgid "" msgstr "" "Project-Id-Version: arno-iptables-firewall\n" "Report-Msgid-Bugs-To: michael.hanke@gmail.com\n" "POT-Creation-Date: 2006-10-05 13:39+0200\n" "PO-Revision-Date: 2006-04-06 12:25+0200\n" "Last-Translator: Bjørn Steensrud \n" "Language-Team: Norwegian Bokmål \n" "Language: \n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "X-Generator: KBabel 1.10\n" #. Type: title #. description #: ../templates:1001 msgid "arno-iptables-firewall configuration" msgstr "Oppsett av arno-iptables-brannmur" #. Type: string #. description #: ../templates:2001 msgid "External network interfaces:" msgstr "Grensesnitt mot ytre nett:" #. Type: string #. description #: ../templates:2001 msgid "" "The external network interfaces connect this machine to untrusted networks " "(e.g. the Internet). The firewall will only permit connections attempts with " "explicitly allowed source/destination-port combinations on these interfaces. " "You have to specify all external interfaces (e.g. eth0 and/or ppp0)." msgstr "" "Grensesnitt mot ytre nett kobler denne maskinen til usikre nettverk (f.eks. " "Internett). På disse grensesnittene vil brannmuren bare tillate " "tilkoblingsforsøk fra oppgitte kilde/mål/port-kombinasjoner. Du må oppgi " "alle ytre grensesnitt (f.eks. eth0 og/eller ppp0)." #. Type: string #. description #: ../templates:2001 msgid "" "For a ppp-interface that doesn't exist yet you can use the wildcard device " "called \"ppp+\", but you can only use ppp+ if there aren't any other ppp " "interfaces!" msgstr "" "Du kan bruke jokertegnet «ppp+» for et ppp-grensesnitt som ikke finnes ennå, " "men du kan bare bruke ppp+ hvis det ikke er noen andre ppp-grensesnitt!" #. Type: string #. description #: ../templates:2001 msgid "" "If no interfaces are specified here, no firewall setup will be performed." msgstr "" "Hvis ingen grensesnitt er oppgitt her, så blir det ikke satt opp noen " "brannmur." #. Type: string #. description #: ../templates:2001 msgid "Multiple interfaces should be specified space separated." msgstr "Bruk mellomrom som skilletegn mellom grensesnittene." #. Type: boolean #. description #: ../templates:3001 msgid "Is DHCP used on external interfaces?" msgstr "Brukes DHCP på ytre grensesnitt?" #. Type: boolean #. description #: ../templates:3001 msgid "" "This machine might use DHCP to dynamically obtain its IP address from your " "Internet service provider (ISP). This will be almost always the case if you " "have a non-permanent (e.g. dialup) connection." msgstr "" "Denne maskinen vil kanskje bruke DHCP for å finne en dynamisk IP-adresse fra " "nettleverandøren (ISP). Dette er nesten alltid tilfelle hvis du har en ikke-" "permanent forbindelse (f.eks. oppringt)." #. Type: boolean #. description #: ../templates:3001 msgid "" "If DHCP is not explicitly enabled, the firewall will block all DHCP-related " "network traffic." msgstr "" "Hvis DHCP ikke er uttrykkelig slått på, vil brannmuren blokkere all DHCP-" "trafikk fra/til det ytre nettet." #. Type: boolean #. description #: ../templates:3001 msgid "Leave this enabled, if you are unsure." msgstr "Er du usikker, så la det stå på." #. Type: string #. description #: ../templates:4001 msgid "Open external TCP-ports:" msgstr "Åpne ytre TCP-porter:" #. Type: string #. description #: ../templates:4001 msgid "" "The default firewall policy is to deny all incoming traffic on the external " "interfaces. If this machine provides services to the outside world (e.g. the " "Internet) they have to be explicitly enabled." msgstr "" "Standard brannmurpraksis er å avvise all innkommende trafikk på de ytre " "grensesnittene. Hvis denne maskinen tilbyr tjenester til utenverdenen (f." "eks. Internett) så må disse uttrykkelig slås på." #. Type: string #. description #: ../templates:4001 msgid "" "Please specify the TCP-ports numbers associated with the services that shall " "be accessible from the outside world. Some frequently used ports are: 80 " "(http), 443 (https) or 22 (ssh)." msgstr "" "Oppgi TCP portnumre tilordnet de tjenestene som skal være tilgjengelige " "utenfra. Noen ofte brukte porter er 80 (http), 443 (https) eller 22 (ssh)." #. Type: string #. description #. Type: string #. description #: ../templates:4001 ../templates:5001 msgid "" "In addition to single port numbers you may also specify port ranges (e.g. " "10000:11000). Multiple entries should be entered space separated." msgstr "" "I tillegg til portnumre enkeltvis kan du også oppgi intervaller (f.eks.) " "10000:11000). Flere oppføringer atskilles med mellomrom." #. Type: string #. description #. Type: string #. description #: ../templates:4001 ../templates:5001 msgid "If unsure, leave this empty." msgstr "Er du usikker, så la det være tomt." #. Type: string #. description #: ../templates:5001 msgid "Open external UDP-ports:" msgstr "Åpne ytre UDP-porter:" #. Type: string #. description #: ../templates:5001 msgid "" "The default firewall policy is to deny all incoming traffic on the external " "interfaces. If this machine provides services for the outside world (e.g. " "the Internet) they have to be explicitly enabled." msgstr "" "Standard brannmurpraksis er å avvise all innkommende trafikk på de ytre " "grensesnittene. Hvis denne maskinen tilbyr tjenester til utenverdenen (f." "eks. Internett) så må disse uttrykkelig slås på." #. Type: string #. description #: ../templates:5001 msgid "" "Please specify the UDP-ports numbers associated with the services that shall " "be accessible from the outside world." msgstr "" "Oppgi UDP portnumre tilordnet de tjenestene som skal være tilgjengelige " "utenfra." #. Type: boolean #. description #: ../templates:6001 msgid "Should the firewall be (re)started now?" msgstr "Skal brannmuren (om)startes nå?" #. Type: boolean #. description #: ../templates:6001 msgid "" "For security reasons the new firewall setup is not applied automatically. " "You might want to perform a manual inspection of the firewall configuration " "in /etc/arno-iptables-firewall/firewall.conf, especially when upgrading to a " "new version, as configuration variables might have changed." msgstr "" "Av sikkerhetsgrunner blir det nye brannmuroppsettet ikke brukt automatisk. " "Du bør kanskje undersøke manuelt innstillingene i /etc/arno-iptables-" "firewall/firewall.conf, spesielt når det oppgraderes til en nyere versjon, " "siden oppsettsvariabler kan ha blitt endret." #. Type: boolean #. description #: ../templates:6001 msgid "" "In order to later manually apply the new firewall settings before the next " "reboot, invoke 'invoke-rc.d arno-iptables-firewall start'." msgstr "" "For å bruke de nye brannmurinnstillingene før neste omstart av systemet, " "kjør «invoke-rc.d arno-iptables-firewall start»." #. Type: boolean #. description #: ../templates:6001 msgid "" "If you do not need manual inspection, the firewall-setup can be applied now." msgstr "" "Hvis du ikke trenger å undersøke manuelt, så kan brannmuroppsettet brukes nå." #. Type: boolean #. description #: ../templates:7001 msgid "Do you want to enable NAT?" msgstr "Vil du slå på NAT?" #. Type: boolean #. description #: ../templates:7001 msgid "" "If the connected internal networks should be able to access the outside " "world (e.g. the Internet) through the firewall, masquerading (NAT) has to be " "enabled." msgstr "" "Hvis systemer på det interne nettet skal kunne få tilgang til utenverdenen " "(f.eks. Internett) gjennom brannmuren, så må NAT (masquerading) slås på." #. Type: boolean #. description #: ../templates:7001 msgid "When in doubt, you can safely leave this disabled." msgstr "Er du i tvil kan dette trygt være slått av." #. Type: string #. description #: ../templates:8001 msgid "Internal network interfaces:" msgstr "Interne nettverksgrensesnitt:" #. Type: string #. description #: ../templates:8001 msgid "" "The internal network interfaces connect this machine to trusted networks (e." "g. the office or home LAN). The firewall will permit all connection attempts " "on these interfaces. If you specify such interfaces, you will be able to " "permit the internal networks to access the Internet through this host. If " "there are no such interfaces, leave this empty." msgstr "" "De interne nettverksgrensesnittene forbinder denne maskinen med nettverk den " "stoler på (f.eks. kontornettet eller hjemmenettet). Brannmuren tillater all " "tilkobling på disse grensesnittene. Hvis du oppgir slike grensesnitt, så kan " "du la maskiner på det interne nettet få tilgang til det ytre nettet gjennom " "denne maskinen. Er det ingen slike grensesnitt, så la dette være tomt." #. Type: string #. description #: ../templates:8001 msgid "Multiple interfaces should be entered space separated." msgstr "Flere grensesnitt atskilles med mellomrom." #. Type: string #. description #: ../templates:9001 msgid "Internal subnets:" msgstr "Interne subnett:" #. Type: string #. description #: ../templates:9001 msgid "" "You have to specify which subnets are connected to the internal network " "interfaces. Hosts in the internal networks can connect to all the services " "on this machine." msgstr "" "Du må oppgi hvilke subnett som er koblet til de interne " "nettverksgrensesnittene. Verter i de interne nettverkene har tilgang til " "alle tjenester på denne maskinen." #. Type: string #. description #: ../templates:9001 msgid "" "Give subnets in CIDR notation (e.g. 192.168.1.0/24). If you have multiple " "internal networks, they should be space separated." msgstr "" "Oppgi subnett med CIDR-notasjon (f.eks. 192.168.1.0/24). Hvis du har flere " "interne nettverk må de atskilles med mellomrom." #. Type: string #. description #: ../templates:10001 msgid "Internal networks with access to external networks:" msgstr "Interne nettverk med tilgang til ytre nettverk:" #. Type: string #. description #: ../templates:10001 msgid "" "If you want to restrict the access to the external networks, you can specify " "the allowed internal subnets in CIDR notation (e.g. 192.168.1.0/24). It is " "also possible to specify single hosts by their IP addresses. If you have " "multiple internal networks and/or hosts, they should be given space " "separated." msgstr "" "Hvis du vil innskrenke adgangen til de ytre nettverkene kan du oppgi de " "tillatte indre subnettene med CIDR-notasjon (f.eks. 192.168.1.0/24). Det er " "også mulig å oppgi enkeltmaskiner ved deres IP-adresser. Er det flere " "interne nettverk og/eller verter må de atskilles med mellomrom." #. Type: string #. description #: ../templates:10001 msgid "" "If you leave this empty, the value is automatically set to equal the " "internal network. Therefore the WHOLE internal network will have access to " "the external networks, so be careful to only specify networks that should " "have access to the outside world." msgstr "" "Hvis dette er tomt blir det automatisk satt til å være lik det interne " "nettverket. Derfor får HELE det interne nettverket tilgang til de ytre " "nettverkene, så pass på at du bare oppgir nettverk som skal ha tilgang til " "verden utenfor." #. Type: string #. description #: ../templates:10001 msgid "If you are unsure, leave this empty." msgstr "Er du usikker, så la dette være tomt." #. Type: boolean #. description #: ../templates:11001 msgid "Should the machine be pingable from the outside world?" msgstr "Skal maskinen kunne pinges utenfra?" #. Type: boolean #. description #: ../templates:11001 msgid "" "For increased security the firewall can be setup to ignore ICMP echo " "requests (pings). While this is generally a good idea (the host seems to be " "down at a first glance), this is sometimes not useful (e.g. failure " "diagnostics)." msgstr "" "For å øke sikkerheten kan brannmuren stilles inn til å ignorere ICMP ekko-" "pakker (ping). Oppgi TCP portnumre tilordnet de tjenestene som skal være " "tilgjengelige utenfra. Vanligvis er dette nyttig (verten ser ut til å være " "nede ved første øyekast), men ikke alltid (f.eks. ved feilsøking)." #. Type: boolean #. description #: ../templates:11001 msgid "If you are not sure, leave this disabled." msgstr "Er du usikker, så la det være slått av." #. Type: boolean #. description #: ../templates:12001 msgid "Do you want to manage the firewall setup with debconf?" msgstr "Vil du styre brannmuroppsettet med debconf?" #. Type: boolean #. description #: ../templates:12001 msgid "" "A basic firewall setup that is suitable for most purposes can be created by " "answering a few questions. This should be the preferred option for all who " "are not familiar with firewall-related topics." msgstr "" "Du kan svare på noen spørsmål og få laget et enkelt brannmuroppsett som " "passer de fleste tilfeller. Alle som ikke er kjent med brannmurer bør velge " "dette." #. Type: boolean #. description #: ../templates:12001 msgid "" "If you do not want that, the firewall will not work before you have edited " "the configuration manually." msgstr "" "Hvis det ikke er det du vil, så virker ikke brannmuren før du har redigert " "innstillingene manuelt." debian/po/it.po0000644000000000000000000003445311537203521010570 0ustar # # Translators, if you are not familiar with the PO format, gettext # documentation is worth reading, especially sections dedicated to # this format, e.g. by running: # info -n '(gettext)PO Files' # info -n '(gettext)Header Entry' # # Some information specific to po-debconf are available at # /usr/share/doc/po-debconf/README-trans # or http://www.debian.org/intl/l10n/po-debconf/README-trans# # Developers do not need to manually edit POT or PO files. # msgid "" msgstr "" "Project-Id-Version: it\n" "Report-Msgid-Bugs-To: michael.hanke@gmail.com\n" "POT-Creation-Date: 2006-10-05 13:39+0200\n" "PO-Revision-Date: 2006-04-07 16:33+0200\n" "Last-Translator: Gianluca Ficarelli \n" "Language-Team: Italian \n" "Language: it\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "X-Generator: KBabel 1.10.2\n" #. Type: title #. description #: ../templates:1001 msgid "arno-iptables-firewall configuration" msgstr "Configurazione di arno-iptables-firewall" #. Type: string #. description #: ../templates:2001 msgid "External network interfaces:" msgstr "Interfacce di rete esterne:" #. Type: string #. description #: ../templates:2001 msgid "" "The external network interfaces connect this machine to untrusted networks " "(e.g. the Internet). The firewall will only permit connections attempts with " "explicitly allowed source/destination-port combinations on these interfaces. " "You have to specify all external interfaces (e.g. eth0 and/or ppp0)." msgstr "" "Le interfacce di rete esterne connettono questa macchina a reti non sicure " "(per es. Internet). Su queste interfacce, gli unici tentativi di connessione " "accettati saranno quelli esplicitamente consentiti. Devi specificare tutte " "le interfacce esterne (per es. eth0 e/o ppp0). " #. Type: string #. description #: ../templates:2001 msgid "" "For a ppp-interface that doesn't exist yet you can use the wildcard device " "called \"ppp+\", but you can only use ppp+ if there aren't any other ppp " "interfaces!" msgstr "" "Per un'interfaccia ppp che non esiste ancora, puoi usare il nome di " "dispositivo \"ppp+\", ma soltanto se non sono attive altre interfacce ppp!" #. Type: string #. description #: ../templates:2001 msgid "" "If no interfaces are specified here, no firewall setup will be performed." msgstr "" "Se non specifichi nessuna interfaccia, il firewall non verrà configurato." #. Type: string #. description #: ../templates:2001 msgid "Multiple interfaces should be specified space separated." msgstr "Se sono presenti diverse interfacce, devono essere separate da spazi." #. Type: boolean #. description #: ../templates:3001 msgid "Is DHCP used on external interfaces?" msgstr "Viene utilizzato il DHCP sulle interfacce di rete esterne?" #. Type: boolean #. description #: ../templates:3001 msgid "" "This machine might use DHCP to dynamically obtain its IP address from your " "Internet service provider (ISP). This will be almost always the case if you " "have a non-permanent (e.g. dialup) connection." msgstr "" "Questa macchina potrebbe utilizzare il DHCP per ottenere dinamicamente il " "suo indirizzo IP dal tuo Internet Service Provider (ISP). Se utilizzi una " "connessione non permanente (per es. dialup), allora molto probabilmente è " "così." #. Type: boolean #. description #: ../templates:3001 msgid "" "If DHCP is not explicitly enabled, the firewall will block all DHCP-related " "network traffic." msgstr "" "Se l'opzione riguardante il DHCP non è abilitata, allora il firewall " "bloccherà tutto il traffico di rete relativo al DHCP." #. Type: boolean #. description #: ../templates:3001 msgid "Leave this enabled, if you are unsure." msgstr "Lascia abilitata questa opzione se non sei sicuro." #. Type: string #. description #: ../templates:4001 msgid "Open external TCP-ports:" msgstr "Porte TCP aperte sulle interfacce esterne:" #. Type: string #. description #: ../templates:4001 msgid "" "The default firewall policy is to deny all incoming traffic on the external " "interfaces. If this machine provides services to the outside world (e.g. the " "Internet) they have to be explicitly enabled." msgstr "" "Le impostazioni predefinite del firewall bloccano tutto il traffico in " "entrata sulle interfacce esterne. Se questa macchina fornisce servizi verso " "la rete esterna (per es. Internet), questi devono essere abilitati " "esplicitamente." #. Type: string #. description #: ../templates:4001 msgid "" "Please specify the TCP-ports numbers associated with the services that shall " "be accessible from the outside world. Some frequently used ports are: 80 " "(http), 443 (https) or 22 (ssh)." msgstr "" "Specifica i numeri delle porte TCP dei servizi che dovranno essere " "accessibili dalla rete esterna. Alcune porte usate frequentemente sono: 80 " "(http), 443 (https) o 22 (ssh)." #. Type: string #. description #. Type: string #. description #: ../templates:4001 ../templates:5001 msgid "" "In addition to single port numbers you may also specify port ranges (e.g. " "10000:11000). Multiple entries should be entered space separated." msgstr "" "Oltre a singoli numeri di porta, puoi anche specificare intervalli di porte " "(per es. 10000:11000). Puoi inserire più voci separate tra loro da uno " "spazio." #. Type: string #. description #. Type: string #. description #: ../templates:4001 ../templates:5001 msgid "If unsure, leave this empty." msgstr "Se non sei sicuro, lascia vuoto questo campo." #. Type: string #. description #: ../templates:5001 msgid "Open external UDP-ports:" msgstr "Porte UDP aperte sulle interfacce esterne:" #. Type: string #. description #: ../templates:5001 msgid "" "The default firewall policy is to deny all incoming traffic on the external " "interfaces. If this machine provides services for the outside world (e.g. " "the Internet) they have to be explicitly enabled." msgstr "" "Le impostazioni predefinite del firewall bloccano tutto il traffico in " "entrata sulle interfacce esterne. Se questa macchina fornisce servizi verso " "la rete esterna (per es. Internet), questi devono essere abilitati " "esplicitamente." #. Type: string #. description #: ../templates:5001 msgid "" "Please specify the UDP-ports numbers associated with the services that shall " "be accessible from the outside world." msgstr "" "Specifica i numeri delle porte UDP dei servizi che dovranno essere " "accessibili dalla rete esterna." #. Type: boolean #. description #: ../templates:6001 msgid "Should the firewall be (re)started now?" msgstr "Il firewall deve essere (ri)avviato ora?" #. Type: boolean #. description #: ../templates:6001 msgid "" "For security reasons the new firewall setup is not applied automatically. " "You might want to perform a manual inspection of the firewall configuration " "in /etc/arno-iptables-firewall/firewall.conf, especially when upgrading to a " "new version, as configuration variables might have changed." msgstr "" "Per motivi di sicurezza, la nuova configurazione del firewall non è " "applicata automaticamente. Potresti volere controllare manualmente la " "configurazione del firewall in /etc/arno-iptables-firewall/firewall.conf, " "soprattutto se stai aggiornando a una nuova versione, perché le variabili di " "configurazione potrebbero essere cambiate." #. Type: boolean #. description #: ../templates:6001 msgid "" "In order to later manually apply the new firewall settings before the next " "reboot, invoke 'invoke-rc.d arno-iptables-firewall start'." msgstr "" "Per applicare manualmente le nuove impostazioni del firewall prima del " "prossimo riavvio del sistema, puoi eseguire 'invoke-rc.d arno-iptables-" "firewall start'." #. Type: boolean #. description #: ../templates:6001 msgid "" "If you do not need manual inspection, the firewall-setup can be applied now." msgstr "" "Se non hai bisogno di controllare manualmente il file di configurazione, le " "impostazioni del firewall possono essere applicate ora." #. Type: boolean #. description #: ../templates:7001 msgid "Do you want to enable NAT?" msgstr "Vuoi abilitare il NAT (Network Address Translation)?" #. Type: boolean #. description #: ../templates:7001 msgid "" "If the connected internal networks should be able to access the outside " "world (e.g. the Internet) through the firewall, masquerading (NAT) has to be " "enabled." msgstr "" "Se le macchine appartenenti alla rete interna devono accedere alla rete " "esterna (per es. Internet) passando attraverso il firewall, allora è " "necessario abilitare il masquerading (NAT)." #. Type: boolean #. description #: ../templates:7001 msgid "When in doubt, you can safely leave this disabled." msgstr "Se sei in dubbio, puoi lasciare disabilitata questa opzione." #. Type: string #. description #: ../templates:8001 msgid "Internal network interfaces:" msgstr "Interfacce di rete interne:" #. Type: string #. description #: ../templates:8001 msgid "" "The internal network interfaces connect this machine to trusted networks (e." "g. the office or home LAN). The firewall will permit all connection attempts " "on these interfaces. If you specify such interfaces, you will be able to " "permit the internal networks to access the Internet through this host. If " "there are no such interfaces, leave this empty." msgstr "" "Le interfacce di rete interne connettono questa macchina alle reti sicure " "(per es. la LAN dell'ufficio o di casa). Il firewall permetterà tutti i " "tentativi di connessione provenienti da queste interfacce. Se specifichi " "queste interfacce, potrai permettere alle reti interne di accedere a " "Internet tramite questa macchina. Se non ci sono interfacce di rete interne, " "lascia vuoto questo campo." #. Type: string #. description #: ../templates:8001 msgid "Multiple interfaces should be entered space separated." msgstr "" "Se sono presenti diverse interfacce, queste devono essere separate da spazi." #. Type: string #. description #: ../templates:9001 msgid "Internal subnets:" msgstr "Sottoreti interne:" #. Type: string #. description #: ../templates:9001 msgid "" "You have to specify which subnets are connected to the internal network " "interfaces. Hosts in the internal networks can connect to all the services " "on this machine." msgstr "" "Devi specificare quali sottoreti sono connesse alle interfacce di rete " "interne. Le macchine appartenenti alle reti interne possono connettersi a " "tutti i servizi presenti su questa macchina." #. Type: string #. description #: ../templates:9001 msgid "" "Give subnets in CIDR notation (e.g. 192.168.1.0/24). If you have multiple " "internal networks, they should be space separated." msgstr "" "Inserisci le sottoreti in notazione CIDR (per es. 192.168.1.0/24). Se hai " "diverse reti interne, queste devono essere inserite separate da spazi." #. Type: string #. description #: ../templates:10001 msgid "Internal networks with access to external networks:" msgstr "Reti interne con accesso alle reti esterne:" #. Type: string #. description #: ../templates:10001 msgid "" "If you want to restrict the access to the external networks, you can specify " "the allowed internal subnets in CIDR notation (e.g. 192.168.1.0/24). It is " "also possible to specify single hosts by their IP addresses. If you have " "multiple internal networks and/or hosts, they should be given space " "separated." msgstr "" "Se vuoi restringere l'accesso verso la rete esterna, puoi specificare quali " "sottoreti interne devono essere abilitate, utilizzando la notazione CIDR " "(per es. 192.168.1.0/24). E' anche possibile specificare singole macchine " "utilizzando il loro indirizzo IP. Se hai diverse reti interne e/o macchine, " "queste devono essere inserite separate da spazi." #. Type: string #. description #: ../templates:10001 msgid "" "If you leave this empty, the value is automatically set to equal the " "internal network. Therefore the WHOLE internal network will have access to " "the external networks, so be careful to only specify networks that should " "have access to the outside world." msgstr "" "Se lasci vuoto questo campo, essa sarà automaticamente impostata uguale alla " "rete interna. In questo caso l'INTERA rete interna avrà accesso alla rete " "esterna, quindi fai attenzione a specificare soltanto le reti che devono " "avere accesso verso l'esterno." #. Type: string #. description #: ../templates:10001 msgid "If you are unsure, leave this empty." msgstr "Se non sei sicuro, lascia vuoto questo campo." #. Type: boolean #. description #: ../templates:11001 msgid "Should the machine be pingable from the outside world?" msgstr "" "Questa macchina deve rispondere ai tentativi di ping provenienti dalla rete " "esterna?" #. Type: boolean #. description #: ../templates:11001 msgid "" "For increased security the firewall can be setup to ignore ICMP echo " "requests (pings). While this is generally a good idea (the host seems to be " "down at a first glance), this is sometimes not useful (e.g. failure " "diagnostics)." msgstr "" "Per una maggiore sicurezza, il firewall può essere impostato in modo da " "ignorare le richieste di ping (ICMP echo requests). Generalmente questa è " "una buona idea (a prima vista la macchina appare all'esterno come non " "connessa), ma a volte non è ciò che si desidera (per es. durante la verifica " "di malfunzionamenti)." #. Type: boolean #. description #: ../templates:11001 msgid "If you are not sure, leave this disabled." msgstr "Se non sei sicuro, lascia vuoto questo campo." #. Type: boolean #. description #: ../templates:12001 msgid "Do you want to manage the firewall setup with debconf?" msgstr "Vuoi gestire la configurazione del firewall utilizzando debconf?" #. Type: boolean #. description #: ../templates:12001 msgid "" "A basic firewall setup that is suitable for most purposes can be created by " "answering a few questions. This should be the preferred option for all who " "are not familiar with firewall-related topics." msgstr "" "Una configurazione di base del firewall, adatta a molte situazioni, può " "essere creata rispondendo ad alcune domande. Questa è la scelta consigliata " "a tutti quelli che non sono familiari con gli argomenti relativi al firewall." #. Type: boolean #. description #: ../templates:12001 msgid "" "If you do not want that, the firewall will not work before you have edited " "the configuration manually." msgstr "" "Se non vuoi seguire la procedura, il firewall non funzionerà finché non " "avrai modificato manualmente la configurazione." debian/po/cs.po0000644000000000000000000003360011537203521010552 0ustar # Translators, if you are not familiar with the PO format, gettext documentation is worth reading, especially sections dedicated to this format, e.g. by running: info -n '(gettext)PO Files' info -n '(gettext)Header Entry' Some information specific to po-debconf are available at /usr/share/doc/po-debconf/README-trans or http://www.debian.org/intl/l10n/po-debconf/README-trans Developers do not need to manually edit POT or PO files. msgid "" msgstr "" "Project-Id-Version: arno-iptables-firewall\n" "Report-Msgid-Bugs-To: michael.hanke@gmail.com\n" "POT-Creation-Date: 2006-10-05 13:39+0200\n" "PO-Revision-Date: 2006-04-06 18:57+0200\n" "Last-Translator: Miroslav Kure \n" "Language-Team: Czech \n" "Language: cs\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" #. Type: title #. description #: ../templates:1001 msgid "arno-iptables-firewall configuration" msgstr "Nastavení balíku arno-iptables-firewall" #. Type: string #. description #: ../templates:2001 msgid "External network interfaces:" msgstr "Externí síťová rozhraní:" #. Type: string #. description #: ../templates:2001 msgid "" "The external network interfaces connect this machine to untrusted networks " "(e.g. the Internet). The firewall will only permit connections attempts with " "explicitly allowed source/destination-port combinations on these interfaces. " "You have to specify all external interfaces (e.g. eth0 and/or ppp0)." msgstr "" "Externí síťová rozhraní připojují tento počítač k nedůvěryhodným sítím " "(např. k Internetu). Na těchto rozhraních povoluje firewall pouze pokusy o " "spojení s přesně definovanými kombinacemi zdrojových/cílových portů. Nyní " "musíte zadat všechna externí rozhraní (např. eth0 a/nebo ppp0)." #. Type: string #. description #: ../templates:2001 msgid "" "For a ppp-interface that doesn't exist yet you can use the wildcard device " "called \"ppp+\", but you can only use ppp+ if there aren't any other ppp " "interfaces!" msgstr "" "Pro dynamické rozhraní ppp, které ještě neexistuje, můžete použít zástupné " "zařízení \"ppp+\", ovšem pouze v případě, že neexistují jiná ppp rozhraní!" #. Type: string #. description #: ../templates:2001 msgid "" "If no interfaces are specified here, no firewall setup will be performed." msgstr "Pokud zde neuvedete žádná rozhraní, nastavování firewallu se ukončí." #. Type: string #. description #: ../templates:2001 msgid "Multiple interfaces should be specified space separated." msgstr "Více rozhraní můžete zadat tak, že je oddělíte mezerami." #. Type: boolean #. description #: ../templates:3001 msgid "Is DHCP used on external interfaces?" msgstr "Používá se na externích rozhraních DHCP?" #. Type: boolean #. description #: ../templates:3001 msgid "" "This machine might use DHCP to dynamically obtain its IP address from your " "Internet service provider (ISP). This will be almost always the case if you " "have a non-permanent (e.g. dialup) connection." msgstr "" "Tento počítač může získávat svou IP adresu od poskytovatele Internetu pomocí " "DHCP. Pokud nemáte trvalé připojení, bude to pravděpodobně i váš případ." #. Type: boolean #. description #: ../templates:3001 msgid "" "If DHCP is not explicitly enabled, the firewall will block all DHCP-related " "network traffic." msgstr "" "Pokud není DHCP explicitně povoleno, bude firewall blokovat veškerý síťový " "provoz s DHCP spojený." #. Type: boolean #. description #: ../templates:3001 msgid "Leave this enabled, if you are unsure." msgstr "Pokud si nejste jisti, volbu povolte." #. Type: string #. description #: ../templates:4001 msgid "Open external TCP-ports:" msgstr "Otevřené externí TCP porty:" #. Type: string #. description #: ../templates:4001 msgid "" "The default firewall policy is to deny all incoming traffic on the external " "interfaces. If this machine provides services to the outside world (e.g. the " "Internet) they have to be explicitly enabled." msgstr "" "Výchozí politika firewallu je zakázat veškerý příchozí provoz na externích " "rozhraních. Jestliže tento počítač nabízí okolnímu světu (např. do " "Internetu) nějaké služby, musíte je explicitně povolit." #. Type: string #. description #: ../templates:4001 msgid "" "Please specify the TCP-ports numbers associated with the services that shall " "be accessible from the outside world. Some frequently used ports are: 80 " "(http), 443 (https) or 22 (ssh)." msgstr "" "Zadejte prosím čísla TCP portů svázaných se službami, které mají být " "přístupné z okolního světa. Mezi často používané porty patří 80 (http), 443 " "(https) nebo 22 (ssh)." #. Type: string #. description #. Type: string #. description #: ../templates:4001 ../templates:5001 msgid "" "In addition to single port numbers you may also specify port ranges (e.g. " "10000:11000). Multiple entries should be entered space separated." msgstr "" "Kromě jednotlivých čísel portů můžete také zadat celé rozsahy (např. " "10000:11000). Jednotlivé záznamy by měly být odděleny mezerami." #. Type: string #. description #. Type: string #. description #: ../templates:4001 ../templates:5001 msgid "If unsure, leave this empty." msgstr "Pokud si nejste jisti, ponechte prázdné." #. Type: string #. description #: ../templates:5001 msgid "Open external UDP-ports:" msgstr "Otevřené externí UDP porty:" #. Type: string #. description #: ../templates:5001 msgid "" "The default firewall policy is to deny all incoming traffic on the external " "interfaces. If this machine provides services for the outside world (e.g. " "the Internet) they have to be explicitly enabled." msgstr "" "Výchozí politika firewallu je zakázat veškerý příchozí provoz na externích " "rozhraních. Jestliže tento počítač nabízí okolnímu světu (např. do " "Internetu) nějaké služby, musíte je explicitně povolit." #. Type: string #. description #: ../templates:5001 msgid "" "Please specify the UDP-ports numbers associated with the services that shall " "be accessible from the outside world." msgstr "" "Zadejte prosím čísla TCP portů svázaných se službami, které mají být " "přístupné z okolního světa." #. Type: boolean #. description #: ../templates:6001 msgid "Should the firewall be (re)started now?" msgstr "Má se nyní firewall restartovat?" #. Type: boolean #. description #: ../templates:6001 msgid "" "For security reasons the new firewall setup is not applied automatically. " "You might want to perform a manual inspection of the firewall configuration " "in /etc/arno-iptables-firewall/firewall.conf, especially when upgrading to a " "new version, as configuration variables might have changed." msgstr "" "Z bezpečnostních důvodů se nové nastavení firewallu neaplikuje automaticky. " "Je totiž vhodné, abyste nejprve sami zkontrolovali nastavení firewallu v /" "etc/arno-iptables-firewall/firewall.conf, protože obzvláště během přechodu " "na vyšší verzi se mohly změnit konfigurační proměnné." #. Type: boolean #. description #: ../templates:6001 msgid "" "In order to later manually apply the new firewall settings before the next " "reboot, invoke 'invoke-rc.d arno-iptables-firewall start'." msgstr "" "Abyste později nemuseli s aplikováním nových pravidel firewallu čekat až do " "příštího restartu počítače, můžete je povolit příkazem 'invoke-rc.d arno-" "iptables-firewall start'." #. Type: boolean #. description #: ../templates:6001 msgid "" "If you do not need manual inspection, the firewall-setup can be applied now." msgstr "" "Jestliže ruční kontrolu pravidel nevyžadujete, můžete nová pravidla " "firewallu aplikovat právě teď." #. Type: boolean #. description #: ../templates:7001 msgid "Do you want to enable NAT?" msgstr "Chcete povolit NAT?" #. Type: boolean #. description #: ../templates:7001 msgid "" "If the connected internal networks should be able to access the outside " "world (e.g. the Internet) through the firewall, masquerading (NAT) has to be " "enabled." msgstr "" "Aby mohly vnitřní počítače v síti přistupovat k venkovnímu světu (např. " "Internetu) skrze tento firewall, musíte povolit maškarádu (NAT, neboli " "překlad adres)." #. Type: boolean #. description #: ../templates:7001 msgid "When in doubt, you can safely leave this disabled." msgstr "Jste-li na pochybách, můžete ponechat vypnuté." #. Type: string #. description #: ../templates:8001 msgid "Internal network interfaces:" msgstr "Vnitřní síťová rozhraní:" #. Type: string #. description #: ../templates:8001 msgid "" "The internal network interfaces connect this machine to trusted networks (e." "g. the office or home LAN). The firewall will permit all connection attempts " "on these interfaces. If you specify such interfaces, you will be able to " "permit the internal networks to access the Internet through this host. If " "there are no such interfaces, leave this empty." msgstr "" "Vnitřní síťová rozhraní připojují tento počítač k důvěryhodným sítím (např. " "k firemní nebo domácí LAN). Firewall na těchto rozhraních povolí všechny " "pokusy o připojení. Pokud taková rozhraní zadáte, budete pak moci určit, zda " "se vnitřní sítě mohou připojovat k Internetu přes tento počítač. Jestliže " "žádná taková rozhraní nemáte, ponechte prázdné." #. Type: string #. description #: ../templates:8001 msgid "Multiple interfaces should be entered space separated." msgstr "Více rozhraní můžete zadat tak, že je oddělíte mezerami." #. Type: string #. description #: ../templates:9001 msgid "Internal subnets:" msgstr "Vnitřní podsítě:" #. Type: string #. description #: ../templates:9001 msgid "" "You have to specify which subnets are connected to the internal network " "interfaces. Hosts in the internal networks can connect to all the services " "on this machine." msgstr "" "Musíte zadat podsítě, které jsou připojeny k vnitřním síťovým rozhraním. " "Počítače ve vnitřních sítích se mohou připojit ke všem službám na tomto " "počítači." #. Type: string #. description #: ../templates:9001 msgid "" "Give subnets in CIDR notation (e.g. 192.168.1.0/24). If you have multiple " "internal networks, they should be space separated." msgstr "" "Podsítě zadávejte v notaci CIDR (např. 192.168.1.0/24). Máte-li více " "vnitřních sítí, oddělte je mezerami." #. Type: string #. description #: ../templates:10001 msgid "Internal networks with access to external networks:" msgstr "Vnitřní sítě s přístupem k externím sítím:" #. Type: string #. description #: ../templates:10001 msgid "" "If you want to restrict the access to the external networks, you can specify " "the allowed internal subnets in CIDR notation (e.g. 192.168.1.0/24). It is " "also possible to specify single hosts by their IP addresses. If you have " "multiple internal networks and/or hosts, they should be given space " "separated." msgstr "" "Chcete-li omezit přístup k externím sítím, můžete zadat mezerami oddělený " "seznam sítí a/nebo počítačů, jimž chcete přístup umožnit. Jednotlivé " "počítače zadejte pomocí jejich IP adres, u sítí použijte CIDR notaci (např. " "192.168.1.0/24). " #. Type: string #. description #: ../templates:10001 msgid "" "If you leave this empty, the value is automatically set to equal the " "internal network. Therefore the WHOLE internal network will have access to " "the external networks, so be careful to only specify networks that should " "have access to the outside world." msgstr "" "Ponecháte-li pole prázdné, hodnota se automaticky nastaví na celou vnitřní " "síť. To znamená, že VŠECHNY počítače ve vnitřní síti budou mít přístup k " "externím sítím. Buďte tedy opatrní a zadejte pouze podsítě, kterým chcete " "přístup povolit." #. Type: string #. description #: ../templates:10001 msgid "If you are unsure, leave this empty." msgstr "Pokud si nejste jisti, ponechte prázdné." #. Type: boolean #. description #: ../templates:11001 msgid "Should the machine be pingable from the outside world?" msgstr "Má být počítač pingnutelný z vnějšího světa?" #. Type: boolean #. description #: ../templates:11001 msgid "" "For increased security the firewall can be setup to ignore ICMP echo " "requests (pings). While this is generally a good idea (the host seems to be " "down at a first glance), this is sometimes not useful (e.g. failure " "diagnostics)." msgstr "" "Pro zvýšenou obskurní bezpečnost můžete firewall nastavit tak, aby ignoroval " "požadavky ICMP echo (ping), což vypadá jako dobrý nápad, protože počítač na " "první letmý pohled vypadá jako vypnutý, ale často spíš překáží, například " "při diagnostikování síťových problémů." #. Type: boolean #. description #: ../templates:11001 msgid "If you are not sure, leave this disabled." msgstr "Jestliže si nejste jisti, ponechte vypnuto." #. Type: boolean #. description #: ../templates:12001 msgid "Do you want to manage the firewall setup with debconf?" msgstr "Chcete spravovat nastavení firewallu pomocí debconfu?" #. Type: boolean #. description #: ../templates:12001 msgid "" "A basic firewall setup that is suitable for most purposes can be created by " "answering a few questions. This should be the preferred option for all who " "are not familiar with firewall-related topics." msgstr "" "Základní firewall, který se hodí pro většinu situací, můžete vytvořit pomocí " "několika jednoduchých odpovědí. Kdokoliv, kdo není sběhlý v tématech okolo " "firewallu, by měl tuto možnost využít." #. Type: boolean #. description #: ../templates:12001 msgid "" "If you do not want that, the firewall will not work before you have edited " "the configuration manually." msgstr "" "Odmítnete-li tuto možnost, nebude firewall fungovat, dokud jej nenastavíte " "ručně." debian/po/nl.po0000644000000000000000000003334611712713167010574 0ustar # Dutch translation of arno-iptables-firewall debconf templates. # Copyright (C) 2005-2012 THE PACKAGE'S COPYRIGHT HOLDER # This file is distributed under the same license as the arno-iptables-firewall package. # Joost van Baal , 2005. # Jeroen Schot , 2012. # msgid "" msgstr "" "Project-Id-Version: arno-iptables-firewall 1.8.4d-1\n" "Report-Msgid-Bugs-To: michael.hanke@gmail.com\n" "POT-Creation-Date: 2006-10-05 13:39+0200\n" "PO-Revision-Date: 2012-02-03 08:57+0100\n" "Last-Translator: Jeroen Schot \n" "Language-Team: Debian l10n Dutch \n" "Language: nl\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" #. Type: title #. description #: ../templates:1001 msgid "arno-iptables-firewall configuration" msgstr "Configuratie van arno-iptables-firewall" #. Type: string #. description #: ../templates:2001 msgid "External network interfaces:" msgstr "Externe netwerkinterfaces:" #. Type: string #. description #: ../templates:2001 msgid "" "The external network interfaces connect this machine to untrusted networks " "(e.g. the Internet). The firewall will only permit connections attempts with " "explicitly allowed source/destination-port combinations on these interfaces. " "You have to specify all external interfaces (e.g. eth0 and/or ppp0)." msgstr "" "De externe netwerkinferfaces verbinden deze machine met niet-vertrouwde " "netwerken (zoals het internet). De firewall zal slechts verbindingspogingen " "toestaan met expliciet toegestane bron/bestemmings-poortcombinaties op deze " "interfaces. Specificeer alle externe interfaces (b.v. eth0 en/of ppp0)." #. Type: string #. description #: ../templates:2001 msgid "" "For a ppp-interface that doesn't exist yet you can use the wildcard device " "called \"ppp+\", but you can only use ppp+ if there aren't any other ppp " "interfaces!" msgstr "" "Voor een ppp-interface die nog niet bestaat kunt u het wildcard-apparaat " "\"ppp+\" gebruiken. U kunt echter alléén \"ppp+\" gebruiken als er geen " "enkele andere ppp-interface is!" #. Type: string #. description #: ../templates:2001 msgid "" "If no interfaces are specified here, no firewall setup will be performed." msgstr "" "Als hier geen interfaces opgegeven zijn, zal er geen firewall ingesteld " "worden." #. Type: string #. description #: ../templates:2001 msgid "Multiple interfaces should be specified space separated." msgstr "Gebruik bij meerdere interfaces een spatie als scheidingsteken." #. Type: boolean #. description #: ../templates:3001 msgid "Is DHCP used on external interfaces?" msgstr "Wordt DHCP gebruikt op de externe netwerkinterfaces?" #. Type: boolean #. description #: ../templates:3001 msgid "" "This machine might use DHCP to dynamically obtain its IP address from your " "Internet service provider (ISP). This will be almost always the case if you " "have a non-permanent (e.g. dialup) connection." msgstr "" "Deze machine gebruikt mogelijk DHCP om zijn IP-adres dynamisch te verkrijgen " "van uw internetprovider (ISP)? Dit zal bijna altijd het geval zijn als u een " "niet-permanente verbinding hebt (zoals inbellen)." #. Type: boolean #. description #: ../templates:3001 msgid "" "If DHCP is not explicitly enabled, the firewall will block all DHCP-related " "network traffic." msgstr "" "Wanneer DHCP niet expliciet is opengesteld zal de firewall al het DHCP-" "gerelateerde netwerkverkeer blokkeren." #. Type: boolean #. description #: ../templates:3001 msgid "Leave this enabled, if you are unsure." msgstr "Laat deze optie leeg als u twijfelt." #. Type: string #. description #: ../templates:4001 msgid "Open external TCP-ports:" msgstr "Open externe TCP-poorten:" #. Type: string #. description #: ../templates:4001 msgid "" "The default firewall policy is to deny all incoming traffic on the external " "interfaces. If this machine provides services to the outside world (e.g. the " "Internet) they have to be explicitly enabled." msgstr "" "Het standaard firewall-beleid blokkeert ieder inkomend verkeer op de externe " "interfaces. Als deze machine diensten aanbiedt aan de buitenwereld (zoals " "het internet), dan zullen deze expliciet moeten worden opengesteld." #. Type: string #. description #: ../templates:4001 msgid "" "Please specify the TCP-ports numbers associated with the services that shall " "be accessible from the outside world. Some frequently used ports are: 80 " "(http), 443 (https) or 22 (ssh)." msgstr "" "Geef de TCP-poortnummers die overeenkomen met de diensten die toegankelijk " "moeten zijn vanaf de buitenwereld. Een aantal vaak gebruikte poorten zijn: " "80 (http), 443 (https) en 22 (ssh)." #. Type: string #. description #. Type: string #. description #: ../templates:4001 ../templates:5001 msgid "" "In addition to single port numbers you may also specify port ranges (e.g. " "10000:11000). Multiple entries should be entered space separated." msgstr "" "Naast enkele poortnummers kunt u ook reeksen opgeven (b.v. 10000:11000). " "Meerdere reeksen dienen door spaties gescheiden te worden." #. Type: string #. description #. Type: string #. description #: ../templates:4001 ../templates:5001 msgid "If unsure, leave this empty." msgstr "Laat dit leeg bij twijfel." #. Type: string #. description #: ../templates:5001 msgid "Open external UDP-ports:" msgstr "Open externe UDP-poorten:" #. Type: string #. description #: ../templates:5001 msgid "" "The default firewall policy is to deny all incoming traffic on the external " "interfaces. If this machine provides services for the outside world (e.g. " "the Internet) they have to be explicitly enabled." msgstr "" "Het standaard firewall-beleid blokkeert ieder inkomend verkeer op de externe " "interfaces. Als deze machine diensten aanbiedt aan de buitenwereld (zoals " "het internet), dan zullen deze expliciet moeten worden opengesteld." #. Type: string #. description #: ../templates:5001 msgid "" "Please specify the UDP-ports numbers associated with the services that shall " "be accessible from the outside world." msgstr "" "Geef de UDP-poortnummers die overeenkomen met de diensten die toegankelijk " "moeten zijn vanaf de buitenwereld." #. Type: boolean #. description #: ../templates:6001 msgid "Should the firewall be (re)started now?" msgstr "Moet de firewall nu (opnieuw) gestart worden?" #. Type: boolean #. description #: ../templates:6001 msgid "" "For security reasons the new firewall setup is not applied automatically. " "You might want to perform a manual inspection of the firewall configuration " "in /etc/arno-iptables-firewall/firewall.conf, especially when upgrading to a " "new version, as configuration variables might have changed." msgstr "" "Om veiligheidsredenen wordt de nieuwe firewall-configuratie niet automatisch " "geladen. U wilt mogelijk eerst een handmatige inspectie uitvoeren op de " "firewall-configuratie in /etc/arno-iptables-firewall/firewall.conf, vooral " "wanneer er is opgewaardeerd naar een nieuwe versie, omdat er misschien " "configuratievariabelen zijn veranderd." #. Type: boolean #. description #: ../templates:6001 msgid "" "In order to later manually apply the new firewall settings before the next " "reboot, invoke 'invoke-rc.d arno-iptables-firewall start'." msgstr "" "Om straks de nieuwe firewall-instellingen handmatig toe te passen voor de " "volgende herstart voert u 'invoke-rc.d arno-iptables-firewall start' uit." #. Type: boolean #. description #: ../templates:6001 msgid "" "If you do not need manual inspection, the firewall-setup can be applied now." msgstr "" "Wanneer u geen handmatige inspectie wenst uit te voeren kan de firewall-" "configuratie nu worden toegepast." #. Type: boolean #. description #: ../templates:7001 msgid "Do you want to enable NAT?" msgstr "Wilt u NAT instellen?" #. Type: boolean #. description #: ../templates:7001 msgid "" "If the connected internal networks should be able to access the outside " "world (e.g. the Internet) through the firewall, masquerading (NAT) has to be " "enabled." msgstr "" "Als de verbonden internet netwerken toegang naar de buitenwereld (b.v. het " "internet) moeten krijgen via de firewall, dan moet u masquerading (NAT) " "instellen." #. Type: boolean #. description #: ../templates:7001 msgid "When in doubt, you can safely leave this disabled." msgstr "Wanneer u twijfelt is het veilig om dit uitgeschakeld te houden." #. Type: string #. description #: ../templates:8001 msgid "Internal network interfaces:" msgstr "Interne netwerkinterface:" #. Type: string #. description #: ../templates:8001 msgid "" "The internal network interfaces connect this machine to trusted networks (e." "g. the office or home LAN). The firewall will permit all connection attempts " "on these interfaces. If you specify such interfaces, you will be able to " "permit the internal networks to access the Internet through this host. If " "there are no such interfaces, leave this empty." msgstr "" "De interne netwerkinferfaces verbinden deze machine met vertrouwde netwerken " "(zoals het kantoor- of thuis-LAN). De firewall zal alle verbindingspogingen " "naar deze interfaces toestaan. Wanneer u zulke interfaces opgeeft, kunt u " "interne netwerken toestaan het internet te bereiken via deze machine. Geef " "niets op als er geen van zulke interfaces zijn." #. Type: string #. description #: ../templates:8001 msgid "Multiple interfaces should be entered space separated." msgstr "Gebruik bij meerdere interfaces een spatie als scheidingsteken." #. Type: string #. description #: ../templates:9001 msgid "Internal subnets:" msgstr "Interne subnetten:" #. Type: string #. description #: ../templates:9001 msgid "" "You have to specify which subnets are connected to the internal network " "interfaces. Hosts in the internal networks can connect to all the services " "on this machine." msgstr "" "Geef op welke subnetten verbonden zijn met de interne netwerkinterfaces. " "Machines in de interne netwerken kunnen verbindingen opzetten met alle " "diensten op deze machine." #. Type: string #. description #: ../templates:9001 msgid "" "Give subnets in CIDR notation (e.g. 192.168.1.0/24). If you have multiple " "internal networks, they should be space separated." msgstr "" "Geef subnetten op in CIDR-notatie (b.v. 192.168.1.0/24). Gebruik een spatie " "als scheidingsteken wanneer er meerdere interne netwerken zijn." #. Type: string #. description #: ../templates:10001 msgid "Internal networks with access to external networks:" msgstr "Interne netwerken met toegang tot externe netwerken:" #. Type: string #. description #: ../templates:10001 msgid "" "If you want to restrict the access to the external networks, you can specify " "the allowed internal subnets in CIDR notation (e.g. 192.168.1.0/24). It is " "also possible to specify single hosts by their IP addresses. If you have " "multiple internal networks and/or hosts, they should be given space " "separated." msgstr "" "Geef de toegestane interne netwerken in CIDR-notatie (b.v. 192.168.1.0/24) " "wanneer u toegang tot externe netwerken wilt beperken. Het is ook mogelijk " "specifieke machines op te geven door hun IP adres te geven. Gebruik een " "spatie als scheidingsteken in geval van meerdere netwerken en/of machines." #. Type: string #. description #: ../templates:10001 msgid "" "If you leave this empty, the value is automatically set to equal the " "internal network. Therefore the WHOLE internal network will have access to " "the external networks, so be careful to only specify networks that should " "have access to the outside world." msgstr "" "Wanneer u dit leeg laat wordt de waarde automatisch op het hele interne " "netwerk gezet. Dan zal het GEHELE interne netwerk toegang hebben tot de " "externe netwerken. Let er op dat u enkel die netwerken opgeeft die werkelijk " "toegang moeten hebben tot de buitenwereld." #. Type: string #. description #: ../templates:10001 msgid "If you are unsure, leave this empty." msgstr "Laat dit leeg bij twijfel." #. Type: boolean #. description #: ../templates:11001 msgid "Should the machine be pingable from the outside world?" msgstr "Moet de machine ping-baar zijn vanaf de buitenwereld?" #. Type: boolean #. description #: ../templates:11001 msgid "" "For increased security the firewall can be setup to ignore ICMP echo " "requests (pings). While this is generally a good idea (the host seems to be " "down at a first glance), this is sometimes not useful (e.g. failure " "diagnostics)." msgstr "" "Voor extra veiligheid kan de firewal zo ingesteld worden dat ICMP echo-" "verzoeken (pings) genegeerd worden. Hoewel dit in het algemeen een goed " "idee is (de machine lijkt in eerste instantie uit te staan), is dit soms " "niet wenselijk (b.v. om fouten-diagnose te stellen)." #. Type: boolean #. description #: ../templates:11001 msgid "If you are not sure, leave this disabled." msgstr "Laat dit uitgeschakeld wanneer u het niet zeker weet." #. Type: boolean #. description #: ../templates:12001 msgid "Do you want to manage the firewall setup with debconf?" msgstr "Wilt u de firewall-configuratie beheren met debconf?" #. Type: boolean #. description #: ../templates:12001 msgid "" "A basic firewall setup that is suitable for most purposes can be created by " "answering a few questions. This should be the preferred option for all who " "are not familiar with firewall-related topics." msgstr "" "Een basale firewall-configuratie, geschikt voor de meeste doeleinden, kan " "worden aangemaakt door het beantwoorden van een aantal vragen. Dit is de " "aanbevolen optie voor iedereen die niet bekend is met firewall-gerelateerde " "onderwerpen." # Type: # Description #. Type: boolean #. description #: ../templates:12001 msgid "" "If you do not want that, the firewall will not work before you have edited " "the configuration manually." msgstr "" "Als u dat niet wilt, zal de firewal niet werken totdat u de configuratie " "handmatig heeft aangepast." debian/po/pl.po0000644000000000000000000003412711741023436010567 0ustar # Translation of arno-iptables-firewall debconf templates to Polish. # Copyright (C) 2006 # This file is distributed under the same license as the arno-iptables-firewall package. # # Michał Kułach , 2012. msgid "" msgstr "" "Project-Id-Version: \n" "Report-Msgid-Bugs-To: michael.hanke@gmail.com\n" "POT-Creation-Date: 2006-10-05 13:39+0200\n" "PO-Revision-Date: 2012-03-31 21:20+0200\n" "Last-Translator: Michał Kułach \n" "Language-Team: Polish \n" "Language: pl\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "X-Generator: Lokalize 1.2\n" "Plural-Forms: nplurals=3; plural=(n==1 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 " "|| n%100>=20) ? 1 : 2);\n" #. Type: title #. description #: ../templates:1001 msgid "arno-iptables-firewall configuration" msgstr "Konfiguracja arno-iptables-firewall" #. Type: string #. description #: ../templates:2001 msgid "External network interfaces:" msgstr "Zewnętrzne interfejsy sieciowe:" #. Type: string #. description #: ../templates:2001 msgid "" "The external network interfaces connect this machine to untrusted networks " "(e.g. the Internet). The firewall will only permit connections attempts with " "explicitly allowed source/destination-port combinations on these interfaces. " "You have to specify all external interfaces (e.g. eth0 and/or ppp0)." msgstr "" "Zewnętrzne interfejsy sieciowe łączą komputer z sieciami niezaufanymi (np. z " "Internetem). Zapora sieciowa pozwoli na próby połączeń jedynie z podanymi " "wprost kombinacjami źródeł/portów docelowych w tych interfejsach. Konieczne " "jest podanie wszystkich zewnętrznych interfejsów (np. eth0 i/lub ppp0)." #. Type: string #. description #: ../templates:2001 msgid "" "For a ppp-interface that doesn't exist yet you can use the wildcard device " "called \"ppp+\", but you can only use ppp+ if there aren't any other ppp " "interfaces!" msgstr "" "Jeśli interfejs ppp jeszcze nie istnieje, można użyć maski urządzenia - \"ppp" "+\", jednak to ustawienie jest dopuszczalne tylko wówczas, gdy nie istnieją " "żadne inne interfejsy ppp!" #. Type: string #. description #: ../templates:2001 msgid "" "If no interfaces are specified here, no firewall setup will be performed." msgstr "" "Jeśli nie zostaną określone żadne interfejsy, konfiguracja zapory nie " "zostanie przeprowadzona." #. Type: string #. description #: ../templates:2001 msgid "Multiple interfaces should be specified space separated." msgstr "Można podać wiele interfejsów, oddzielając poszczególne spacją." #. Type: boolean #. description #: ../templates:3001 msgid "Is DHCP used on external interfaces?" msgstr "Czy DHCP jest używane w interfejsach zewnętrznych?" #. Type: boolean #. description #: ../templates:3001 msgid "" "This machine might use DHCP to dynamically obtain its IP address from your " "Internet service provider (ISP). This will be almost always the case if you " "have a non-permanent (e.g. dialup) connection." msgstr "" "Komputer może używać DHCP, aby pozyskać adres IP w sposób dynamiczny od " "dostawcy usług internetowych (ISP). Jest tak prawie zawsze, gdy połączenie z " "siecią nie jest stałe (np. jest to połączenie wdzwaniane)." #. Type: boolean #. description #: ../templates:3001 msgid "" "If DHCP is not explicitly enabled, the firewall will block all DHCP-related " "network traffic." msgstr "" "Jeśli DHCP nie zostanie teraz włączone, zapora będzie blokować cały ruch " "związany z DHCP." #. Type: boolean #. description #: ../templates:3001 msgid "Leave this enabled, if you are unsure." msgstr "W przypadku wątpliwości, proszę pozostawić tę opcje włączoną." #. Type: string #. description #: ../templates:4001 msgid "Open external TCP-ports:" msgstr "Otwarte zewnętrzne porty TCP:" #. Type: string #. description #: ../templates:4001 msgid "" "The default firewall policy is to deny all incoming traffic on the external " "interfaces. If this machine provides services to the outside world (e.g. the " "Internet) they have to be explicitly enabled." msgstr "" "Domyślne zasady zapory odrzucają cały przychodzący ruch sieciowy w " "interfejsach zewnętrznych. Jeśli ten komputer udostępnia usługi na zewnątrz " "(np. do Internetu), muszą zostać one włączone w tym kroku." #. Type: string #. description #: ../templates:4001 msgid "" "Please specify the TCP-ports numbers associated with the services that shall " "be accessible from the outside world. Some frequently used ports are: 80 " "(http), 443 (https) or 22 (ssh)." msgstr "" "Proszę podać numery portów TCP związane z usługami, które powinny być " "dostępne z zewnątrz. Często używane są porty: 80 (http), 443 (https) lub 22 " "(ssh)." #. Type: string #. description #. Type: string #. description #: ../templates:4001 ../templates:5001 msgid "" "In addition to single port numbers you may also specify port ranges (e.g. " "10000:11000). Multiple entries should be entered space separated." msgstr "" "Oprócz pojedynczych portów, można także określić ich zakresy (np. " "10000:11000). Kilka zakresów należy oddzielić spacją." #. Type: string #. description #. Type: string #. description #: ../templates:4001 ../templates:5001 msgid "If unsure, leave this empty." msgstr "W przypadku wątpliwości, proszę pozostawić to pole puste." #. Type: string #. description #: ../templates:5001 msgid "Open external UDP-ports:" msgstr "Otwarte zewnętrzne porty UDP:" #. Type: string #. description #: ../templates:5001 msgid "" "The default firewall policy is to deny all incoming traffic on the external " "interfaces. If this machine provides services for the outside world (e.g. " "the Internet) they have to be explicitly enabled." msgstr "" "Domyślne zasady zapory odrzucają cały przychodzący ruch sieciowy w " "interfejsach zewnętrznych. Jeśli ten komputer udostępnia usługi na zewnątrz " "(np. do Internetu), muszą zostać one włączone w tym kroku." #. Type: string #. description #: ../templates:5001 msgid "" "Please specify the UDP-ports numbers associated with the services that shall " "be accessible from the outside world." msgstr "" "Proszę podać numery portów UDP związane z usługami, które powinny być " "dostępne z zewnątrz." #. Type: boolean #. description #: ../templates:6001 msgid "Should the firewall be (re)started now?" msgstr "Zrestartować teraz zaporę sieciową?" #. Type: boolean #. description #: ../templates:6001 msgid "" "For security reasons the new firewall setup is not applied automatically. " "You might want to perform a manual inspection of the firewall configuration " "in /etc/arno-iptables-firewall/firewall.conf, especially when upgrading to a " "new version, as configuration variables might have changed." msgstr "" "Ze względów bezpieczeństwa, nowa konfiguracja zapory nie zostanie włączona " "automatycznie. Można teraz przeprowadzić ręczne sprawdzenie konfiguracji " "zapory w pliku /etc/arno-iptables-firewall/firewall.conf, co jest " "szczególnie polecane w przypadku aktualizacji do nowej wersji, ponieważ " "zmienne konfiguracyjne mogły się zmienić." #. Type: boolean #. description #: ../templates:6001 msgid "" "In order to later manually apply the new firewall settings before the next " "reboot, invoke 'invoke-rc.d arno-iptables-firewall start'." msgstr "" "Aby później ręcznie zastosować nowe ustawienia zapory sieciowej jeszcze " "przed kolejnym, ponownym uruchomieniem komputera, proszę wykonać \"invoke-rc." "d arno-iptables-firewall start\"." #. Type: boolean #. description #: ../templates:6001 msgid "" "If you do not need manual inspection, the firewall-setup can be applied now." msgstr "" "Jeśli sprawdzenie konfiguracji nie będzie wykonywane, ustawienia zapory mogą " "zostać zastosowane już teraz." #. Type: boolean #. description #: ../templates:7001 msgid "Do you want to enable NAT?" msgstr "Włączyć NAT?" #. Type: boolean #. description #: ../templates:7001 msgid "" "If the connected internal networks should be able to access the outside " "world (e.g. the Internet) through the firewall, masquerading (NAT) has to be " "enabled." msgstr "" "Jeśli podłączone wewnętrzne sieci powinny mieć dostęp na zewnątrz (np. do " "Internetu) przez zaporę, powinno się włączyć tzw. maskaradę (NAT)." #. Type: boolean #. description #: ../templates:7001 msgid "When in doubt, you can safely leave this disabled." msgstr "W przypadku wątpliwości, można bez obaw pozostawić tę opcję wyłączoną." #. Type: string #. description #: ../templates:8001 msgid "Internal network interfaces:" msgstr "Wewnętrzne interfejsy sieciowe:" #. Type: string #. description #: ../templates:8001 msgid "" "The internal network interfaces connect this machine to trusted networks (e." "g. the office or home LAN). The firewall will permit all connection attempts " "on these interfaces. If you specify such interfaces, you will be able to " "permit the internal networks to access the Internet through this host. If " "there are no such interfaces, leave this empty." msgstr "" "Wewnętrzne interfejsy sieciowe łączą komputer z sieciami zaufanymi (np. z " "domową lub biurową siecią LAN). Zapora będzie zezwalała na wszelkie próby " "połączeń w tych interfejsach. Jeśli tego typu interfejsy zostaną włączone, " "będzie możliwe zezwolenie im na dostęp do Internetu za pomocą tego " "komputera. Jeśli nie występują, proszę pozostawić poniższe pole puste." #. Type: string #. description #: ../templates:8001 msgid "Multiple interfaces should be entered space separated." msgstr "Można podać wiele interfejsów, oddzielając poszczególne spacją." #. Type: string #. description #: ../templates:9001 msgid "Internal subnets:" msgstr "Wewnętrzne podsieci:" #. Type: string #. description #: ../templates:9001 msgid "" "You have to specify which subnets are connected to the internal network " "interfaces. Hosts in the internal networks can connect to all the services " "on this machine." msgstr "" "Można określić, które podsieci są połączone z wewnętrznymi interfejsami " "sieciowymi. Komputery w sieciach wewnętrznych, mają dostęp do wszystkich " "usług tego komputera." #. Type: string #. description #: ../templates:9001 msgid "" "Give subnets in CIDR notation (e.g. 192.168.1.0/24). If you have multiple " "internal networks, they should be space separated." msgstr "" "Proszę podać podsieci w notacji CIDR (np. 192.168.1.0/24). Kilka podsieci " "należy oddzielić spacją." #. Type: string #. description #: ../templates:10001 msgid "Internal networks with access to external networks:" msgstr "Wewnętrzne sieci z dostępem do sieci zewnętrznych:" #. Type: string #. description #: ../templates:10001 msgid "" "If you want to restrict the access to the external networks, you can specify " "the allowed internal subnets in CIDR notation (e.g. 192.168.1.0/24). It is " "also possible to specify single hosts by their IP addresses. If you have " "multiple internal networks and/or hosts, they should be given space " "separated." msgstr "" "Aby ograniczyć dostęp do sieci zewnętrznych, można podać podsieci " "wewnętrzne, które będą miały do nich dostęp. Proszę użyć notacji CIDR (np. " "192.168.1.0/24). Można również podać pojedyncze komputery, używając ich " "adresów IP. Aby podać wiele sieci wewnętrznych i/lub komputerów, proszę " "oddzielić poszczególne spacją." #. Type: string #. description #: ../templates:10001 msgid "" "If you leave this empty, the value is automatically set to equal the " "internal network. Therefore the WHOLE internal network will have access to " "the external networks, so be careful to only specify networks that should " "have access to the outside world." msgstr "" "Jeśli poniższe pole pozostanie puste, zostanie przyjęta wartość " "odpowiadająca sieci wewnętrznej. Oznacza to, że CAŁA sieć wewnętrzna będzie " "miała dostęp do sieci zewnętrznej, tak więc proszę zachować ostrożność i " "podać jedynie sieci, które rzeczywiście powinny mieć dostęp na zewnątrz." #. Type: string #. description #: ../templates:10001 msgid "If you are unsure, leave this empty." msgstr "W przypadku wątpliwości, proszę pozostawić to pole puste." #. Type: boolean #. description #: ../templates:11001 msgid "Should the machine be pingable from the outside world?" msgstr "Czy ten komputer powinien odpowiadać na pingi z zewnątrz?" #. Type: boolean #. description #: ../templates:11001 msgid "" "For increased security the firewall can be setup to ignore ICMP echo " "requests (pings). While this is generally a good idea (the host seems to be " "down at a first glance), this is sometimes not useful (e.g. failure " "diagnostics)." msgstr "" "Aby zwiększyć poziom bezpieczeństwa, zapora może zostać skonfigurowana tak, " "aby ignorować zapytania ICMP echo (tzw. pingi). Choć jest to z reguły niezły " "pomysł (komputer sprawia wrażenie wyłączonego), może być niekiedy również " "kłopotliwe (np. utrudniać diagnostykę problemów)." #. Type: boolean #. description #: ../templates:11001 msgid "If you are not sure, leave this disabled." msgstr "W przypadku wątpliwości, proszę pozostawić to pole puste." #. Type: boolean #. description #: ../templates:12001 msgid "Do you want to manage the firewall setup with debconf?" msgstr "Zarządzać konfiguracją zapory sieciowej używając debconf?" #. Type: boolean #. description #: ../templates:12001 msgid "" "A basic firewall setup that is suitable for most purposes can be created by " "answering a few questions. This should be the preferred option for all who " "are not familiar with firewall-related topics." msgstr "" "Prosta konfiguracja zapory, wystarczająca do większości zastosowań, może " "zostać utworzona odpowiadając na kilka pytań. Jest to przydatna opcja dla " "wszystkich tych, którzy nie są obeznani z kwestiami dotyczącymi zapory " "sieciowej." #. Type: boolean #. description #: ../templates:12001 msgid "" "If you do not want that, the firewall will not work before you have edited " "the configuration manually." msgstr "" "W przeciwnym wypadku, zapora nie będzie działać, dopóki konfiguracja nie " "zostanie wykonana manualnie." debian/po/de.po0000644000000000000000000003456411537203521010547 0ustar # translation of de.po to German # # Translators, if you are not familiar with the PO format, gettext # documentation is worth reading, especially sections dedicated to # this format, e.g. by running: # info -n '(gettext)PO Files' # info -n '(gettext)Header Entry' # # Some info rmation specific to po-debconf are available at # /usr/share/doc/po-debconf/README-trans # or http://www.debian.org/intl/l10n/po-debconf/README-trans # # Developers do not need to manually edit POT or PO files. # Michael Hanke , 2005, 2006. # msgid "" msgstr "" "Project-Id-Version: de\n" "Report-Msgid-Bugs-To: michael.hanke@gmail.com\n" "POT-Creation-Date: 2006-10-05 13:39+0200\n" "PO-Revision-Date: 2006-04-06 20:19+0200\n" "Last-Translator: Michael Hanke \n" "Language-Team: German \n" "Language: de\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "X-Generator: KBabel 1.10.2\n" "Plural-Forms: nplurals=2; plural=(n != 1);\n" #. Type: title #. description #: ../templates:1001 msgid "arno-iptables-firewall configuration" msgstr "arno-iptables-firewall Konfiguration" #. Type: string #. description #: ../templates:2001 msgid "External network interfaces:" msgstr "Externe Netzwerkschnittstellen:" #. Type: string #. description #: ../templates:2001 msgid "" "The external network interfaces connect this machine to untrusted networks " "(e.g. the Internet). The firewall will only permit connections attempts with " "explicitly allowed source/destination-port combinations on these interfaces. " "You have to specify all external interfaces (e.g. eth0 and/or ppp0)." msgstr "" "Die externen Netzwerkschnittstellen verbinden dieses System mit unsicheren " "Netzwerken (z.B. dem Internet). Die Firewall wird nur die " "Verbindungsanfragen an diesen Schnittstellen zulassen, die explizit " "erlaubten Quell-/Ziel-Port-Kombinationen entsprechen. Sie müssen alle " "externen Schnittstellen angeben (z.B. eth0 und/oder ppp0)." #. Type: string #. description #: ../templates:2001 msgid "" "For a ppp-interface that doesn't exist yet you can use the wildcard device " "called \"ppp+\", but you can only use ppp+ if there aren't any other ppp " "interfaces!" msgstr "" "Für eine ppp-Schnittstelle die noch nicht existiert, kann der Platzhalter " "\"ppp+\" verwendet werden. Dies ist jedoch nur möglich, wenn keine anderen " "ppp-Schnittstellen vorhanden sind!" #. Type: string #. description #: ../templates:2001 msgid "" "If no interfaces are specified here, no firewall setup will be performed." msgstr "" "Wenn hier keine Schnittstellen angegeben werden, wird keine Firewall-" "Konfiguration durchgeführt." #. Type: string #. description #: ../templates:2001 msgid "Multiple interfaces should be specified space separated." msgstr "" "Mehrere Schnittstellen müssen mit Leerzeichen getrennt angegeben werden." #. Type: boolean #. description #: ../templates:3001 msgid "Is DHCP used on external interfaces?" msgstr "Wird DHCP mit den externen Netzwerkschnittstellen genutzt?" #. Type: boolean #. description #: ../templates:3001 msgid "" "This machine might use DHCP to dynamically obtain its IP address from your " "Internet service provider (ISP). This will be almost always the case if you " "have a non-permanent (e.g. dialup) connection." msgstr "" "Möglicherweise bezieht dieses System seine IP-Adresse dynamisch per DHCP vom " "Internet-Anbieter (ISP)? Dies ist fast immer der Fall, wenn eine nicht-" "permanente Verbindung (z.B. Wählverbindung) vorhanden ist." #. Type: boolean #. description #: ../templates:3001 msgid "" "If DHCP is not explicitly enabled, the firewall will block all DHCP-related " "network traffic." msgstr "" "Wird DHCP nicht explizit aktiviert, blockiert die Firewall jegliche DHCP-" "Datenpakete." #. Type: boolean #. description #: ../templates:3001 msgid "Leave this enabled, if you are unsure." msgstr "Wenn Sie sich unsicher sind, lassen Sie dies aktiviert." #. Type: string #. description #: ../templates:4001 msgid "Open external TCP-ports:" msgstr "Offene externe TCP-Ports:" #. Type: string #. description #: ../templates:4001 msgid "" "The default firewall policy is to deny all incoming traffic on the external " "interfaces. If this machine provides services to the outside world (e.g. the " "Internet) they have to be explicitly enabled." msgstr "" "In der voreingestellten Firewall-Konfiguration werden alle eingehenden " "Verbindungsanfragen an den externen Netzwerkschnittstellen abgelehnt. Wenn " "dieses System Dienste für die Außenwelt (z.B. das Internet) anbietet, müssen " "diese explizit aktiviert werden." #. Type: string #. description #: ../templates:4001 msgid "" "Please specify the TCP-ports numbers associated with the services that shall " "be accessible from the outside world. Some frequently used ports are: 80 " "(http), 443 (https) or 22 (ssh)." msgstr "" "Bitte geben Sie alle TCP-Port-Nummern von Diensten an, auf die von außen " "zugegriffen werden soll. Einige häufig genutzte Ports sind: 80 (http), 443 " "(https) oder 22 (ssh)." #. Type: string #. description #. Type: string #. description #: ../templates:4001 ../templates:5001 msgid "" "In addition to single port numbers you may also specify port ranges (e.g. " "10000:11000). Multiple entries should be entered space separated." msgstr "" "Zusätzlich zu einzelnen Port-Nummern können auch ganze Bereiche angegeben " "werden (z.B. 10000:11000). Mehrere Einträge müssen mit Leerzeichen getrennt " "werden." #. Type: string #. description #. Type: string #. description #: ../templates:4001 ../templates:5001 msgid "If unsure, leave this empty." msgstr "Wenn Sie sich unsicher sind, tragen Sie hier nichts ein." #. Type: string #. description #: ../templates:5001 msgid "Open external UDP-ports:" msgstr "Offene externe UDP-Ports:" #. Type: string #. description #: ../templates:5001 msgid "" "The default firewall policy is to deny all incoming traffic on the external " "interfaces. If this machine provides services for the outside world (e.g. " "the Internet) they have to be explicitly enabled." msgstr "" "In der voreingestellten Firewall-Konfiguration werden alle eingehenden " "Verbindungsanfragen an den externen Netzwerkschnittstellen abgelehnt. Wenn " "dieses System Dienste für die Außenwelt (z.B. das Internet) anbietet, müssen " "diese explizit aktiviert werden." #. Type: string #. description #: ../templates:5001 msgid "" "Please specify the UDP-ports numbers associated with the services that shall " "be accessible from the outside world." msgstr "" "Bitte geben Sie alle UDP-Port-Nummern von Diensten an, auf die von außen " "zugegriffen werden soll." #. Type: boolean #. description #: ../templates:6001 msgid "Should the firewall be (re)started now?" msgstr "Soll die Firewall jetzt (neu) gestartet werden?" #. Type: boolean #. description #: ../templates:6001 msgid "" "For security reasons the new firewall setup is not applied automatically. " "You might want to perform a manual inspection of the firewall configuration " "in /etc/arno-iptables-firewall/firewall.conf, especially when upgrading to a " "new version, as configuration variables might have changed." msgstr "" "Aus Sicherheitsgründen wird die (neue) Firewall-Konfiguration nicht " "automatisch aktiviert. Eventuell möchten Sie eine manuelle Inspektion der " "Firewall-Konfiguration in /etc/arno-iptables-firewall/firewall.conf " "durchführen, insbesondere wenn Sie auf eine neue Version aktualisieren, da " "sich Konfigurationsvariablen geändert haben könnten." #. Type: boolean #. description #: ../templates:6001 msgid "" "In order to later manually apply the new firewall settings before the next " "reboot, invoke 'invoke-rc.d arno-iptables-firewall start'." msgstr "" "Wenn Sie die neue Firewall-Konfiguration vor dem nächsten Neustart manuell " "laden wollen, führen Sie 'invoke-rc.d arno-iptables-firewall start' aus." #. Type: boolean #. description #: ../templates:6001 msgid "" "If you do not need manual inspection, the firewall-setup can be applied now." msgstr "" "Wenn Sie keine manuelle Inspektion wünschen, kann die Firewall-Konfiguration " "jetzt geladen werden." #. Type: boolean #. description #: ../templates:7001 msgid "Do you want to enable NAT?" msgstr "Möchten Sie NAT aktivieren?" #. Type: boolean #. description #: ../templates:7001 msgid "" "If the connected internal networks should be able to access the outside " "world (e.g. the Internet) through the firewall, masquerading (NAT) has to be " "enabled." msgstr "" "Wenn das interne Netzwerk auf die Außenwelt (z.B. das Internet) über die " "Firewall zugreifen können soll, dann muss Masquerading (NAT) aktiviert " "werden." #. Type: boolean #. description #: ../templates:7001 msgid "When in doubt, you can safely leave this disabled." msgstr "Wenn Zweifel bestehen, kann dies deaktiviert bleiben." #. Type: string #. description #: ../templates:8001 msgid "Internal network interfaces:" msgstr "Interne Netzwerkschnittstellen:" #. Type: string #. description #: ../templates:8001 msgid "" "The internal network interfaces connect this machine to trusted networks (e." "g. the office or home LAN). The firewall will permit all connection attempts " "on these interfaces. If you specify such interfaces, you will be able to " "permit the internal networks to access the Internet through this host. If " "there are no such interfaces, leave this empty." msgstr "" "Die internen Netzwerkschnittstellen verbinden dieses System mit " "vertrauenswürdigen Netzwerken (z.B. Heim- oder Büronetzwerk). Die Firewall " "wird Zugriffe aus diesen Netzwerken zulassen. Werden solche Schnittstellen " "angegeben, ist es möglich den Internet-Zugriff für Netzwerke an diesen " "Schnittstellen zuzulassen. Wenn keine solchen Schnittstellen vorhanden sind, " "sollte dieses Feld leer bleiben." #. Type: string #. description #: ../templates:8001 msgid "Multiple interfaces should be entered space separated." msgstr "" "Mehrere Schnittstellen müssen mit Leerzeichen getrennt angegeben werden." #. Type: string #. description #: ../templates:9001 msgid "Internal subnets:" msgstr "Interne Netzwerke:" #. Type: string #. description #: ../templates:9001 msgid "" "You have to specify which subnets are connected to the internal network " "interfaces. Hosts in the internal networks can connect to all the services " "on this machine." msgstr "" "Sie müssen angeben, welche Sub-Netze mit den internen Netzwerkschnittstellen " "verbunden sind. Rechner in diesen Netzwerken haben Zugriff auf alle Dienste " "dieser Maschine." #. Type: string #. description #: ../templates:9001 msgid "" "Give subnets in CIDR notation (e.g. 192.168.1.0/24). If you have multiple " "internal networks, they should be space separated." msgstr "" "Bitte geben Sie die Sub-Netze in CIDR-Notation an (z.B. 192.168.129.0/8). " "Wenn mehrere Sub-Netze angegeben werden, müssen diese durch Leerzeichen " "getrennt werden." #. Type: string #. description #: ../templates:10001 msgid "Internal networks with access to external networks:" msgstr "Internen Netzwerke mit Zugriff auf externe Netzwerke:" #. Type: string #. description #: ../templates:10001 msgid "" "If you want to restrict the access to the external networks, you can specify " "the allowed internal subnets in CIDR notation (e.g. 192.168.1.0/24). It is " "also possible to specify single hosts by their IP addresses. If you have " "multiple internal networks and/or hosts, they should be given space " "separated." msgstr "" "Wenn Sie den Zugriff auf externe Netzwerke beschränken wollen, geben Sie " "hier interne Sub-Netze in CIDR-Notation (z.B. 192.168.129.0/8) an, denen der " "Zugriff ermöglicht werden soll. Es ist auch möglich einzelne Rechner mit " "ihrer IP-Adresse anzugeben. Mehrere Einträge müssen mit Leerzeichen getrennt " "angegeben werden." #. Type: string #. description #: ../templates:10001 msgid "" "If you leave this empty, the value is automatically set to equal the " "internal network. Therefore the WHOLE internal network will have access to " "the external networks, so be careful to only specify networks that should " "have access to the outside world." msgstr "" "Bleibt dieser Eintrag leer, wird er automatisch dem internen Netzwerk " "gleichgesetzt. Dann können ALLE Rechner in den internen Sub-Netzen auf das " "Internet zugreifen. Achten Sie also darauf, nur die Netze einzutragen, die " "Zugriff haben sollen." #. Type: string #. description #: ../templates:10001 msgid "If you are unsure, leave this empty." msgstr "Wenn Sie sich unsicher sind, tragen Sie hier nichts ein." #. Type: boolean #. description #: ../templates:11001 msgid "Should the machine be pingable from the outside world?" msgstr "Soll dieses System von außen 'pingbar' sein?" #. Type: boolean #. description #: ../templates:11001 msgid "" "For increased security the firewall can be setup to ignore ICMP echo " "requests (pings). While this is generally a good idea (the host seems to be " "down at a first glance), this is sometimes not useful (e.g. failure " "diagnostics)." msgstr "" "Um die Sicherheit weiter zu erhöhen, können sogenannte 'pings' (ICMP Echo " "Requests) ignoriert werden. Obwohl dies generell eine gute Idee ist (auf den " "ersten Blick sieht es so aus, als würde der Rechner nicht laufen), gibt es " "Situationen, in denen dieses Verhalten nicht gewünscht ist (z.B. " "Fehlerdiagnose)." #. Type: boolean #. description #: ../templates:11001 msgid "If you are not sure, leave this disabled." msgstr "Wenn Sie sich unsicher sind, tragen Sie hier nichts ein." #. Type: boolean #. description #: ../templates:12001 msgid "Do you want to manage the firewall setup with debconf?" msgstr "Möchten Sie die Firewall-Konfiguration mit Debconf verwalten?" #. Type: boolean #. description #: ../templates:12001 msgid "" "A basic firewall setup that is suitable for most purposes can be created by " "answering a few questions. This should be the preferred option for all who " "are not familiar with firewall-related topics." msgstr "" "Eine einfache Firewall-Konfiguration kann erstellt werden, indem einige " "wenige Fragen beantwortet werden. Diese Option sollte alle wählen, die nicht " "mit Firewall-bezogenen Themen vertraut sind." #. Type: boolean #. description #: ../templates:12001 msgid "" "If you do not want that, the firewall will not work before you have edited " "the configuration manually." msgstr "" "Wenn Sie dies nicht wünschen, wird die Firewall nicht funktionieren, bis Sie " "die Konfiguration manuell bearbeitet haben." debian/po/templates.pot0000644000000000000000000002061011436206053012325 0ustar # SOME DESCRIPTIVE TITLE. # Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER # This file is distributed under the same license as the PACKAGE package. # FIRST AUTHOR , YEAR. # msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: michael.hanke@gmail.com\n" "POT-Creation-Date: 2006-10-05 13:39+0200\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=CHARSET\n" "Content-Transfer-Encoding: 8bit\n" #. Type: title #. description #: ../templates:1001 msgid "arno-iptables-firewall configuration" msgstr "" #. Type: string #. description #: ../templates:2001 msgid "External network interfaces:" msgstr "" #. Type: string #. description #: ../templates:2001 msgid "" "The external network interfaces connect this machine to untrusted networks " "(e.g. the Internet). The firewall will only permit connections attempts with " "explicitly allowed source/destination-port combinations on these interfaces. " "You have to specify all external interfaces (e.g. eth0 and/or ppp0)." msgstr "" #. Type: string #. description #: ../templates:2001 msgid "" "For a ppp-interface that doesn't exist yet you can use the wildcard device " "called \"ppp+\", but you can only use ppp+ if there aren't any other ppp " "interfaces!" msgstr "" #. Type: string #. description #: ../templates:2001 msgid "" "If no interfaces are specified here, no firewall setup will be performed." msgstr "" #. Type: string #. description #: ../templates:2001 msgid "Multiple interfaces should be specified space separated." msgstr "" #. Type: boolean #. description #: ../templates:3001 msgid "Is DHCP used on external interfaces?" msgstr "" #. Type: boolean #. description #: ../templates:3001 msgid "" "This machine might use DHCP to dynamically obtain its IP address from your " "Internet service provider (ISP). This will be almost always the case if you " "have a non-permanent (e.g. dialup) connection." msgstr "" #. Type: boolean #. description #: ../templates:3001 msgid "" "If DHCP is not explicitly enabled, the firewall will block all DHCP-related " "network traffic." msgstr "" #. Type: boolean #. description #: ../templates:3001 msgid "Leave this enabled, if you are unsure." msgstr "" #. Type: string #. description #: ../templates:4001 msgid "Open external TCP-ports:" msgstr "" #. Type: string #. description #: ../templates:4001 msgid "" "The default firewall policy is to deny all incoming traffic on the external " "interfaces. If this machine provides services to the outside world (e.g. the " "Internet) they have to be explicitly enabled." msgstr "" #. Type: string #. description #: ../templates:4001 msgid "" "Please specify the TCP-ports numbers associated with the services that shall " "be accessible from the outside world. Some frequently used ports are: 80 " "(http), 443 (https) or 22 (ssh)." msgstr "" #. Type: string #. description #. Type: string #. description #: ../templates:4001 ../templates:5001 msgid "" "In addition to single port numbers you may also specify port ranges (e.g. " "10000:11000). Multiple entries should be entered space separated." msgstr "" #. Type: string #. description #. Type: string #. description #: ../templates:4001 ../templates:5001 msgid "If unsure, leave this empty." msgstr "" #. Type: string #. description #: ../templates:5001 msgid "Open external UDP-ports:" msgstr "" #. Type: string #. description #: ../templates:5001 msgid "" "The default firewall policy is to deny all incoming traffic on the external " "interfaces. If this machine provides services for the outside world (e.g. " "the Internet) they have to be explicitly enabled." msgstr "" #. Type: string #. description #: ../templates:5001 msgid "" "Please specify the UDP-ports numbers associated with the services that shall " "be accessible from the outside world." msgstr "" #. Type: boolean #. description #: ../templates:6001 msgid "Should the firewall be (re)started now?" msgstr "" #. Type: boolean #. description #: ../templates:6001 msgid "" "For security reasons the new firewall setup is not applied automatically. " "You might want to perform a manual inspection of the firewall configuration " "in /etc/arno-iptables-firewall/firewall.conf, especially when upgrading to a " "new version, as configuration variables might have changed." msgstr "" #. Type: boolean #. description #: ../templates:6001 msgid "" "In order to later manually apply the new firewall settings before the next " "reboot, invoke 'invoke-rc.d arno-iptables-firewall start'." msgstr "" #. Type: boolean #. description #: ../templates:6001 msgid "" "If you do not need manual inspection, the firewall-setup can be applied now." msgstr "" #. Type: boolean #. description #: ../templates:7001 msgid "Do you want to enable NAT?" msgstr "" #. Type: boolean #. description #: ../templates:7001 msgid "" "If the connected internal networks should be able to access the outside " "world (e.g. the Internet) through the firewall, masquerading (NAT) has to be " "enabled." msgstr "" #. Type: boolean #. description #: ../templates:7001 msgid "When in doubt, you can safely leave this disabled." msgstr "" #. Type: string #. description #: ../templates:8001 msgid "Internal network interfaces:" msgstr "" #. Type: string #. description #: ../templates:8001 msgid "" "The internal network interfaces connect this machine to trusted networks (e." "g. the office or home LAN). The firewall will permit all connection attempts " "on these interfaces. If you specify such interfaces, you will be able to " "permit the internal networks to access the Internet through this host. If " "there are no such interfaces, leave this empty." msgstr "" #. Type: string #. description #: ../templates:8001 msgid "Multiple interfaces should be entered space separated." msgstr "" #. Type: string #. description #: ../templates:9001 msgid "Internal subnets:" msgstr "" #. Type: string #. description #: ../templates:9001 msgid "" "You have to specify which subnets are connected to the internal network " "interfaces. Hosts in the internal networks can connect to all the services " "on this machine." msgstr "" #. Type: string #. description #: ../templates:9001 msgid "" "Give subnets in CIDR notation (e.g. 192.168.1.0/24). If you have multiple " "internal networks, they should be space separated." msgstr "" #. Type: string #. description #: ../templates:10001 msgid "Internal networks with access to external networks:" msgstr "" #. Type: string #. description #: ../templates:10001 msgid "" "If you want to restrict the access to the external networks, you can specify " "the allowed internal subnets in CIDR notation (e.g. 192.168.1.0/24). It is " "also possible to specify single hosts by their IP addresses. If you have " "multiple internal networks and/or hosts, they should be given space " "separated." msgstr "" #. Type: string #. description #: ../templates:10001 msgid "" "If you leave this empty, the value is automatically set to equal the " "internal network. Therefore the WHOLE internal network will have access to " "the external networks, so be careful to only specify networks that should " "have access to the outside world." msgstr "" #. Type: string #. description #: ../templates:10001 msgid "If you are unsure, leave this empty." msgstr "" #. Type: boolean #. description #: ../templates:11001 msgid "Should the machine be pingable from the outside world?" msgstr "" #. Type: boolean #. description #: ../templates:11001 msgid "" "For increased security the firewall can be setup to ignore ICMP echo " "requests (pings). While this is generally a good idea (the host seems to be " "down at a first glance), this is sometimes not useful (e.g. failure " "diagnostics)." msgstr "" #. Type: boolean #. description #: ../templates:11001 msgid "If you are not sure, leave this disabled." msgstr "" #. Type: boolean #. description #: ../templates:12001 msgid "Do you want to manage the firewall setup with debconf?" msgstr "" #. Type: boolean #. description #: ../templates:12001 msgid "" "A basic firewall setup that is suitable for most purposes can be created by " "answering a few questions. This should be the preferred option for all who " "are not familiar with firewall-related topics." msgstr "" #. Type: boolean #. description #: ../templates:12001 msgid "" "If you do not want that, the firewall will not work before you have edited " "the configuration manually." msgstr "" debian/copyright0000644000000000000000000000356011740772440011133 0ustar Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ Upstream-Name: arno-iptables-firewall Source: http://rocky.eld.leidenuniv.nl/ Files: * Copyright: 2001-2012 Arno van Amersfoort License: GPL-2+ Files: contrib/adsl-failover Copyright: 2007 Mark Cleverdon License: GPL-2+ Files: share/arno-iptables-firewall/plugins/50ipsec-vpn.plugin share/arno-iptables-firewall/plugins/60traffic-shaper.plugin share/arno-iptables-firewall/plugins/90dmz-dnat.plugin Copyright: 2006-2010 Philip Prindeville License: GPL-2+ Files: share/arno-iptables-firewall/plugins/50linux-upnp-igd.plugin Copyright: 2007-2011 Joerg Straube License: GPL-2+ Files: share/arno-iptables-firewall/plugins/50pptp-vpn.plugin Copyright: 2011 Lonnie Abelbeck License: GPL-2+ Files: share/arno-iptables-firewall/plugins/90rpc.plugin Copyright: 2011-2012 Jared H. Hudson License: GPL-2+ Files: debian/* Copyright: Copyright 2005-2012, Michael Hanke License: GPL-2+ License: GPL-2+ This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. . This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. . You should have received a copy of the GNU General Public License along with this package; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA . On Debian systems, the full text of the GNU General Public License version 2 can be found in the file `/usr/share/common-licenses/GPL-2'. debian/postrm0000644000000000000000000000210111741016303010423 0ustar #! /bin/sh # postrm script for arno-iptables-firewall set -e case "$1" in purge) # when purging remove debconf managed config file if [ -e /etc/arno-iptables-firewall/conf.d/00debconf.conf ]; then rm -f /etc/arno-iptables-firewall/conf.d/00debconf.conf fi ;; esac case "$1" in purge|remove|abort-install|disappear) # when just removing stop the firewall if [ -x /etc/init.d/arno-iptables-firewall ]; then invoke-rc.d arno-iptables-firewall stop || true fi # and remove links from rc?.d # -f because the init.d script is deleted later by debhelper # and update-rc.d wants it to be deleted first update-rc.d -f arno-iptables-firewall remove >/dev/null || exit 0 ;; upgrade|failed-upgrade|abort-upgrade) ;; *) echo "postrm called with unknown argument \`$1'" >&2 exit 1 ;; esac # End automatically added section # dh_installdeb will replace this with shell code automatically # generated by other debhelper scripts. #DEBHELPER# exit 0 debian/gbp.conf0000644000000000000000000000022211642616555010614 0ustar [DEFAULT] # the default branch for upstream sources: upstream-branch = upstream # the default branch for the debian patch: debian-branch = master debian/dirs0000644000000000000000000000026111740772753010066 0ustar etc/arno-iptables-firewall/plugins etc/arno-iptables-firewall/conf.d etc/logrotate.d etc/rsyslog.d usr/bin usr/share/arno-iptables-firewall/plugins usr/share/lintian/overrides debian/config0000644000000000000000000001030111741015352010350 0ustar #!/bin/bash # config script for arno-iptables-firewall set -e . /usr/share/debconf/confmodule CONFIGFILE=/etc/arno-iptables-firewall/conf.d/00debconf.conf db_version 2.0 db_capb backup db_settitle arno-iptables-firewall/title # Load config file, if it exists. if [ -e $CONFIGFILE ]; then . $CONFIGFILE || true # The fact that there is a debconf config file implies # that debconf management is requested. db_set arno-iptables-firewall/debconf-wanted true # Store the current value of the EXT_IF var into # debconf db. db_set arno-iptables-firewall/config-ext-if $EXT_IF if [ "$EXT_IF_DHCP_IP" = "1" ]; then db_set arno-iptables-firewall/dynamic-ip true else db_set arno-iptables-firewall/dynamic-ip false fi db_set arno-iptables-firewall/services-tcp $OPEN_TCP db_set arno-iptables-firewall/services-udp $OPEN_UDP if [ "$NAT" = "1" ]; then db_set arno-iptables-firewall/nat true else db_set arno-iptables-firewall/nat false fi db_set arno-iptables-firewall/config-int-if $INT_IF db_set arno-iptables-firewall/config-int-net $INTERNAL_NET db_set arno-iptables-firewall/config-int-nat-net $NAT_INTERNAL_NET if [ "$OPEN_ICMP" = "1" ]; then db_set arno-iptables-firewall/icmp-echo true else db_set arno-iptables-firewall/icmp-echo false fi fi # load config file # This implements a simple state machine so the back button can be handled. # taken from debconf demo example STATE=1 while [ "$STATE" != 0 -a "$STATE" != 11 ]; do case $STATE in 1) db_input high arno-iptables-firewall/debconf-wanted || true ;; 2) # This could be a multiselect question. Get all interfaces this way: # db_subst arno-iptables-firewall/config-ext-if DETECTED `ifconfig -a | grep HWaddr | sed -e 's/[ ][ ]*Link.*/,/;s/:[0-9]*//' | sort -u` # The problem is that currently not connected usb-net devices cannot be # configured. Is this important? db_input critical arno-iptables-firewall/config-ext-if || true # include check for empty ext_if -> restarting the firewall will fail otherwise ;; 3) db_input low arno-iptables-firewall/dynamic-ip || true ;; 4) db_beginblock db_input high arno-iptables-firewall/services-tcp || true db_input high arno-iptables-firewall/services-udp || true db_endblock ;; 5) db_input low arno-iptables-firewall/icmp-echo || true ;; 6) db_input high arno-iptables-firewall/config-int-if || true ;; 7) db_get arno-iptables-firewall/config-int-if if [ "$RET" != "" ]; then db_input high arno-iptables-firewall/config-int-net || true else db_set arno-iptables-firewall/nat false db_set arno-iptables-firewall/config-int-net "" db_set arno-iptables-firewall/config-int-nat-net "" fi ;; 8) db_get arno-iptables-firewall/config-int-if if [ "$RET" != "" ]; then db_input low arno-iptables-firewall/nat || true fi ;; 9) db_get arno-iptables-firewall/config-int-if if [ "$RET" != "" ]; then db_get arno-iptables-firewall/nat if [ "$RET" = "true" ]; then db_input low arno-iptables-firewall/config-int-nat-net || true else db_set arno-iptables-firewall/config-int-nat-net "" fi fi ;; 10) # make sure this question is displayed everytime the configuration might # need inspection db_fset arno-iptables-firewall/restart seen false db_input critical arno-iptables-firewall/restart || true ;; esac if db_go; then STATE=$(($STATE + 1)) else STATE=$(($STATE - 1)) fi # check whether debconf is still welcome db_get arno-iptables-firewall/debconf-wanted if [ "$RET" != "true" ]; then STATE=0 fi done db_stop debian/control0000644000000000000000000000221311740771064010576 0ustar Source: arno-iptables-firewall Section: net Priority: optional Maintainer: Michael Hanke Build-Depends: debhelper (>= 7.0.50~), po-debconf Standards-Version: 3.9.3 Homepage: http://rocky.eld.leidenuniv.nl/ Vcs-Browser: http://git.voxindeserto.de/?p=arno-iptables-firewall.git Vcs-Git: git://git.voxindeserto.de/arno-iptables-firewall.git Package: arno-iptables-firewall Architecture: all Depends: iptables (>=1.2.11), gawk, debconf (>=1.3.22) | cdebconf (>= 0.43), ${misc:Depends}, iproute Recommends: curl, dnsutils, rsyslog (>= 5.8.1-1~) Description: single- and multi-homed firewall script with DSL/ADSL support Unlike other lean iptables frontends in Debian, arno-iptables-firewall will setup and load a secure, restrictive firewall by just asking a few question. This includes configuring internal networks for internet access via NAT and potential network services (e.g. http or ssh). . However, it is in no way restricted to this simple setup. Some catch words of additional features, that can be enabled in the well documented configuration file are: DSL/ADSL, Port forwarding, DMZ's, portscan detection, MAC address filtering. debian/changelog0000644000000000000000000005115212063600520011036 0ustar arno-iptables-firewall (2.0.1.d-1) unstable; urgency=low * New upstream release. - New plugins: nat-loopback, outbound-snat - New 'status-plugins' sub-command. - Addressed spurious error messages in conjunction with kmod (Closes: #684424) -- Michael Hanke Mon, 17 Dec 2012 09:07:02 +0100 arno-iptables-firewall (2.0.1.c-1) unstable; urgency=low * Upstream bugfix release. - Fix a script 'IFS' issue if IPv6 and DMZ is enabled together with DMZ_HOST_OPEN_IP - Support for newer kernels (3.4+) which replace ipt_LOG & ip6t_LOG with xt_LOG -- Michael Hanke Thu, 28 Jun 2012 08:13:04 +0200 arno-iptables-firewall (2.0.1.b-3) unstable; urgency=low * Add patch to use LSB init functions for logging. Thanks to Mike Miller and Christian Perrier (Closes: #672326). -- Michael Hanke Sun, 13 May 2012 20:05:16 +0200 arno-iptables-firewall (2.0.1.b-2) unstable; urgency=low * Upload to unstable. -- Michael Hanke Mon, 23 Apr 2012 21:06:16 +0200 arno-iptables-firewall (2.0.1.b-1) experimental; urgency=low * New upstream release. The package now supports conf.d-style configuration snippets at /etc/arno-iptables-firewall/conf.d (Closes: #653421, #658458). * Replace dependency on lynx with curl, due to upstream changes. * Bumped Standards-Version to 3.9.3; no changes necessary. * Remove DM-Upload flag -- no longer necessary. * Make debian/copyright comprehensive and copyright-format 1.0 compatible. * Fix pending l10n issues (Thanks to Christian Perrier for coordination). Debconf translations: * Dutch; (Jeroen Schot). Closes: #658454 * Danish (Joe Hansen). Closes: #661989 * Polish (Michał Kułach). Closes: #666776 * Use dh_lintian to install overrides. -- Michael Hanke Tue, 10 Apr 2012 11:13:34 +0200 arno-iptables-firewall (2.0.1-1) unstable; urgency=low * New upstream release. arno-fwfilter is now installed into /usr/bin. Obsolete configuration option DNS_FAST_FAIL & RESOLV_IPS have been removed. * Updated debian/copyright. -- Michael Hanke Tue, 17 Jan 2012 08:26:33 +0100 arno-iptables-firewall (2.0.0.c-1) unstable; urgency=low * New upstream maintenance release. Fixed multicast configuration issue (Closes: #631424) and updated several plugins. * Change strict dependency on rsyslogd to 'recommends'. This software can be used with other syslog daemons. However, out-of-the-box configuration is currently only provided for rsyslogd -- the default Debian syslog flavor. (Closes: #633530) -- Michael Hanke Tue, 04 Oct 2011 16:58:03 +0200 arno-iptables-firewall (2.0.0.b-1) unstable; urgency=low * New upstream bugfix release (Closes: #619496). Upstream merged the URL change related to #613631, but not the default option setting. * Added Japanese po-debconf template translation (Closes: #626801). Thanks to Hideki Yamane. * Update rsyslog handling, as the 'reload' action was removed (Closes: #628607). Added versioned dependency on the respective rsyslog release. Thanks to Michael Biebl for reporting. * Bumped Standards-Version to 3.9.2; no changes necessary. -- Michael Hanke Thu, 23 Jun 2011 17:36:49 -0400 arno-iptables-firewall (2.0.0.a-2) unstable; urgency=low * Fix bashisms in ipsec plugin (Closes: #617510). -- Michael Hanke Sun, 13 Mar 2011 14:05:16 -0400 arno-iptables-firewall (2.0.0.a-1) unstable; urgency=low * New upstream release -- first with IPv6 support (Closes: #594345). * Converted packaging to debhelper's dh. * Fixed issue with missing location information in arno-fwfilter output (Closes: #613631). Thanks to Tony Evans for the report and the initial patch. * Updated maintainer email address. -- Michael Hanke Fri, 18 Feb 2011 11:24:59 -0500 arno-iptables-firewall (1.9.2.l-1) UNRELEASED; urgency=low * New upstream bugfix release. Merged missing init.d dependency patch with upstream (Closes: #594326). * Bumped Standards-Version to 3.9.1.0; no changes necessary. -- Michael Hanke Sat, 28 Aug 2010 09:25:20 -0400 arno-iptables-firewall (1.9.2.k-2) unstable; urgency=low * Move iproute from recommended to a dependency (Closes: #566117). Thanks to Tenno Sereme for reporting. -- Michael Hanke Sun, 11 Apr 2010 19:40:46 -0400 arno-iptables-firewall (1.9.2.k-1) unstable; urgency=low * New upstream release. * Switch to dpkg-source 3.0 (quilt) format * Move debconf patch into quilt series. * New patch to add missing init.d dependency on $remote_fs (forwarded upstream). -- Michael Hanke Sun, 11 Apr 2010 16:08:48 -0400 arno-iptables-firewall (1.9.2.j-1) unstable; urgency=low * New upstream release. * Bumped Standards-Version to 3.8.4.0; no changes necessary. -- Michael Hanke Sat, 06 Mar 2010 09:54:36 -0500 arno-iptables-firewall (1.9.2.h-1) unstable; urgency=low * New upstream release (Closes: #550222, #553036). * Unify dependency-based boot-order and old-style update-rc.d, to be similar to shorewall's behavior. * Add lintian override. The init script does handle 'stop', but it is shadowed by an if-clause. The 'else' branch handles 'stop' as well. -- Michael Hanke Sun, 10 Jan 2010 16:46:32 -0500 arno-iptables-firewall (1.9.2.f-1) unstable; urgency=low * New upstream release (Closes: #550222, #553036). * Adjust the legacy update-rc.d configuration to match the dependency-based setup determined from the LSB header of the init script. -- Michael Hanke Wed, 11 Nov 2009 08:23:31 -0500 arno-iptables-firewall (1.9.2.d-1) unstable; urgency=low * New upstream release. -- Michael Hanke Mon, 24 Aug 2009 07:40:12 -0400 arno-iptables-firewall (1.9.2.c-1) unstable; urgency=low * New upstream release. Missed release 1.9.0.b. * Bumped Standards-Version to 3.8.3.0; no changes necessary. * Added russian debconf translation (Closes: #541751). Thanks to Yuri Kozlov. -- Michael Hanke Sun, 23 Aug 2009 20:06:39 -0400 arno-iptables-firewall (1.9.2.a-1) unstable; urgency=low * New Upstream Version (Closes: #530045, #520011). Missed releases 1.9.0.c and 1.9.2. * Added spanish debconf translation (Closes: #522651). Thanks to Francisco Javier Cuadrado. * Bumped Standards-Version to 3.8.1; no changes necessary. * Increase debhelper compat-level to 5. -- Michael Hanke Tue, 09 Jun 2009 10:21:47 +0200 arno-iptables-firewall (1.9.0.b-1) unstable; urgency=low * New upstream version (Closes: #509684). Missed release 1.9.0.a. * Added default logging setup for rsyslog (including logrotate config). All firewall-related messages go into /var/log/arno-iptables-firewall by default. Updated README.Debian and NEWS.Debian accordingly. Thanks to Tim Small (Closes: #503198). * Do not install syslogd examples, since Debian switched to rsyslog. * All executable scripts are now installed into /usr/sbin, since they are useless for normal users without access to the logfiles. * Updated debian/copyright and converted it into a machine-readable format. * Added DM-allow flag. * Added VCS information to debian/control. -- Michael Hanke Sat, 28 Feb 2009 14:56:19 +0100 arno-iptables-firewall (1.8.8.o-3) unstable; urgency=low * Bumped Standards-Version to 3.8.0; no changes necessary. * Added "$network" to the init script's LSB Required-Start and Required-Stop header lines. Thanks to Chris Lamb for the patch (Closes: #493805). * Disabled IGD plugin by default (Closes: #493685). -- Michael Hanke Fri, 12 Dec 2008 08:37:50 +0100 arno-iptables-firewall (1.8.8.o-2) unstable; urgency=low * Add dnsutils to the recommended packages (Closes: #471430). -- Michael Hanke Tue, 18 Mar 2008 09:55:05 +0100 arno-iptables-firewall (1.8.8.o-1) unstable; urgency=low * New Upstream Version (Closes: #469322). * Fix broken multi-route plugin (Closes: #470634). * Make the package recommend lynx instead of depending on it, as it is only needed for the optional arno-fwfilter script. -- Michael Hanke Thu, 13 Mar 2008 11:30:26 +0100 arno-iptables-firewall (1.8.8.n-1) unstable; urgency=low * New Upstream Version (Closes: #466972). Missed 1.8.8m, which only lived for a few days. * Minor change to the packaging documentation. Thanks to Joost van Baal. -- Michael Hanke Thu, 28 Feb 2008 09:51:03 +0100 arno-iptables-firewall (1.8.8.l-1) unstable; urgency=low * New Upstream Version. Missed 1.8.8.j and 1.8.8.k. * Moved plugins to /usr/share/arno-iptables-firewall/plugins as they are not really config files. Updated NEWS.Debian and README.Debian to announce this change. * Fixed config file path in multiroute plugin. * Bumped Standards-Version to 3.7.3; no changes necessary. * Modified debian/watch file to only track stable releases. * Sponsored upload by Joost van Baal . -- Michael Hanke Fri, 25 Jan 2008 16:15:58 +0100 arno-iptables-firewall (1.8.8.i-2) unstable; urgency=low * Added 'iproute' to the recommended packages, as it is required by one of the plugins. Thanks to Joost van Baal for spotting this one. * Added Portuguese debconf translation (Thanks to Américo Monteiro). Closes: #435181. * Switch to new-style homepage field in debian/control. * Sponsored upload by Joost van Baal . -- Michael Hanke Mon, 26 Nov 2007 10:26:23 +0100 arno-iptables-firewall (1.8.8.i-1) unstable; urgency=low * New Upstream Version. Fixes a bug in the NAT forwarding rules which caused using subnets as source restriction not to work. New plugins: Racoon IPSEC VPN Plugin, transparent DNAT plugin * Cleanup of the rules file. Most install task are now done by debhelper instead of countless cp calls. * Stopped manual parsing of dpkg status database. MD5 sum extraction for moving conffiles on package upgrade is now done by using dpkg-query. * Abandoned dpatch in favor of Git. * Sponsored upload by Joost van Baal . -- Michael Hanke Mon, 9 Jul 2007 12:07:57 +0200 arno-iptables-firewall (1.8.8.h-1) unstable; urgency=low * New upstream release. Fix broken plugin loader. (Closes: #409609, #412191) * Prevent parallel make threads in debian/rules to satisfy dpatch requirement. -- Michael Hanke Mon, 26 Feb 2007 21:51:55 +0100 arno-iptables-firewall (1.8.8.g-2) unstable; urgency=low * Added missing dependency to lynx (thanks to Joost van Baal). * Minor addition to the arno-fwfilter manpage (also thanks to Joost van Baal). * Added a note about plugin handling to README.Debian. * Sponsored upload by Joost van Baal . -- Michael Hanke Mon, 22 Jan 2007 10:23:59 +0100 arno-iptables-firewall (1.8.8.g-1) unstable; urgency=low * New upstream release. -- Michael Hanke Sun, 14 Jan 2007 20:43:29 +0100 arno-iptables-firewall (1.8.8.f-1) unstable; urgency=low * New upstream release (1.8.8.d was never released and 'e' only lived for a few days). * Updated copyright file: License is now GPL v2 only. -- Michael Hanke Tue, 9 Jan 2007 16:17:19 +0100 arno-iptables-firewall (1.8.8.c-1) unstable; urgency=low * New upstream release (fixed MAC-filter). -- Michael Hanke Mon, 30 Oct 2006 08:18:55 +0100 arno-iptables-firewall (1.8.8.b-1) unstable; urgency=low * New upstream release (missed 1.8.8.a). -- Michael Hanke Fri, 27 Oct 2006 14:05:52 +0200 arno-iptables-firewall (1.8.8-1) unstable; urgency=low * New upstream release. * Moved all config files to /etc/arno-iptables-firewall. Noted in NEWS.Debian. * Fixed bug that the firewall was not configured and restarted properly on fresh installs. * The package uses debconf to inform the user about necessary restarts even if it was previously indicated that debconf management is not wanted. This is done because to user has to be informed anyway and debconf is the most configurable mechanism. * Fixed an inconvenience that caused the restart debconf question to be displayed twice. * Sponsored upload by Joost van Baal . -- Michael Hanke Sat, 7 Oct 2006 21:30:22 +0200 arno-iptables-firewall (1.8.6.c-4) unstable; urgency=low * The diff is now managed using dpatch. * Added Brazilian Portuguese debconf translation (Thanks to Felipe Augusto van de Wiel). Closes: 390410 * Added build-dependency to po-debconf. * Added minimal patch with LSB compliant init script description. * Sponsored upload by Joost van Baal . -- Michael Hanke Tue, 3 Oct 2006 16:46:58 +0200 arno-iptables-firewall (1.8.6.c-3) unstable; urgency=low * Fixed typo in french translation. Thanks to Florentin Duneau. (Closes: #379109) * Sponsored upload by Joost van Baal . -- Michael Hanke Fri, 21 Jul 2006 17:07:44 +0200 arno-iptables-firewall (1.8.6.c-2) unstable; urgency=low * French translation update. Thanks to Florentin Duneau.(Closes: #367392) * Bumped Standards-Version to 3.7.2; no changes necessary. * Sponsored upload by Joost van Baal . -- Michael Hanke Thu, 29 Jun 2006 15:04:13 +0200 arno-iptables-firewall (1.8.6.c-1) unstable; urgency=low * New upstream release. * Improved debconf templates to conform to the guidelines in the Developers Reference. (Closes: #360579) * Added several translations of the debconf templates (cs, nb, sv, vi, fr). Thanks to debian-i18n. (Closes: #361110, #362626) * Sponsored upload by Joost van Baal . -- Michael Hanke Thu, 6 Apr 2006 20:06:06 +0200 arno-iptables-firewall (1.8.6.b-1) unstable; urgency=low * New upstream release. * First upload to Debian archive, sponsored by Joost van Baal (Closes: #325696) -- Michael Hanke Thu, 30 Mar 2006 11:27:22 +0100 arno-iptables-firewall (1.8.6.a-1) unstable; urgency=low * New upstream release. * Modified watch file to reflect the new versioning scheme. -- Michael Hanke Wed, 8 Mar 2006 21:16:45 +0100 arno-iptables-firewall (1.8.6-1) unstable; urgency=low * New upstream release. -- Michael Hanke Sun, 19 Feb 2006 09:24:43 +0100 arno-iptables-firewall (1.8.5-rc6-1) unstable; urgency=low * New upstream release-candidate. -- Michael Hanke Sun, 12 Feb 2006 15:50:49 +0100 arno-iptables-firewall (1.8.5-rc5-1) unstable; urgency=low * New upstream release-candidate. -- Michael Hanke Tue, 7 Feb 2006 15:11:04 +0100 arno-iptables-firewall (1.8.5-rc4-2) unstable; urgency=low * Bugfix: If specification of NATable internal network was left empty as recommended by debconf, the firewall failed to start. * Added a lintian override for the debconf related error 'settitle-requires-versioned-depends config'. This package depends on the appropriate versions of debconf or cdebconf. * Updated Italian debconf translation (Thanks to Gianluca Ficarelli). -- Michael Hanke Tue, 24 Jan 2006 20:24:37 +0100 arno-iptables-firewall (1.8.5-rc4-1) unstable; urgency=low * New upstream release-candidate. * Using debconf for this package is now optional. * Bugfix: debconf dependency. -- Michael Hanke Tue, 3 Jan 2006 20:52:57 +0100 arno-iptables-firewall (1.8.5-rc3-1) unstable; urgency=low * New upstream release-candidate. (Missed: 1.8.5-BETA1 (2005-10-30), 1.8.5-RC1 (2005-12-02), 1.8.5-RC2 (2005-12-09)). -- Michael Hanke Thu, 22 Dec 2005 14:33:59 +0100 arno-iptables-firewall (1.8.4d-2) unstable; urgency=low * Corrected several typos. * Moved arno-multiroute.sh to the examples. * Bugfix: Added alternative dependency to debconf-2.0. * Create an empty /etc/arno-firewall-custum-rules file on install. * Added comments about firewall logging to README.Debian. * Stripped debian/watch from useless comments. * Thanks to Joost van Baal for pointing at those bugs. -- Michael Hanke Wed, 23 Nov 2005 19:49:56 +0100 arno-iptables-firewall (1.8.4d-1) unstable; urgency=low * New upstream release * Custom iptable rules are now read from /etc/arno-firewall-custom-rules -- Michael Hanke Thu, 27 Oct 2005 21:28:36 +0200 arno-iptables-firewall (1.8.4c-3) unstable; urgency=low * More precise debconf questions (Thanks to Gianluca Ficarelli). -- Michael Hanke Wed, 12 Oct 2005 15:00:02 +0200 arno-iptables-firewall (1.8.4c-2) unstable; urgency=low * Bugfix: Syntax error in debian/config script. * Added German translation for debconf templates using po-debconf. * More descriptive debconf templates. * Split DC_OPEN_PORTS in DC_OPEN_TCP and DC_OPEN_UDP for a more precise configuration of open ports. * All debconf variables use the same name as the corresponding upstream variable, but with the prefix 'DC_'. -- Michael Hanke Mon, 10 Oct 2005 08:39:26 +0200 arno-iptables-firewall (1.8.4c-1) unstable; urgency=low * New upstream release. * New Debconf configuration procedure. NAT configuration is only attempted if internal network interfaces are specified. One can now configure internal network with and without access to external networks via Debconf. * Bugfix: NAT configuration did not work out of the box, because INTERNAL_NET was not set properly. * Improved Debconf templates. * The config script now properly unsets NAT-related variables when the internal network interfaces are removed during package reconfiguring. -- Michael Hanke Mon, 3 Oct 2005 14:05:06 +0200 arno-iptables-firewall (1.8.4b-6) unstable; urgency=low * Remove unused Debconf variable from config file. -- Michael Hanke Sun, 2 Oct 2005 20:59:36 +0200 arno-iptables-firewall (1.8.4b-5) unstable; urgency=low * Added debconf question whether the host should be pingable on the external network interfaces. * Change priorities of debconf question to minimize user interaction. * Improved debconf template with suggestions for the unsure. * Bugfix: Defaults for debconf were not correctly read from installed configuration file. * Bugfix: lintian reported too long description line in debian/control. -- Michael Hanke Mon, 26 Sep 2005 10:25:52 +0200 arno-iptables-firewall (1.8.4b-4) unstable; urgency=low * New package description. -- Michael Hanke Fri, 23 Sep 2005 10:57:06 +0200 arno-iptables-firewall (1.8.4b-3) unstable; urgency=low * NAT configuration for internal networks is now handled by debconf. -- Michael Hanke Thu, 22 Sep 2005 21:54:29 +0200 arno-iptables-firewall (1.8.4b-2) unstable; urgency=low * Renamed 'fwfilter' script to 'arno-fwfilter' to prevent name clashes. * Added manpage for 'arno-fwfilter'. -- Michael Hanke Mon, 19 Sep 2005 13:02:49 +0200 arno-iptables-firewall (1.8.4b-1) unstable; urgency=low * New upstream release that fixed some syntax errors in the config script. -- Michael Hanke Wed, 14 Sep 2005 19:46:55 +0200 arno-iptables-firewall (1.8.4a-1) unstable; urgency=low * New upstream release. -- Michael Hanke Fri, 9 Sep 2005 08:21:22 +0200 arno-iptables-firewall (1.8.4-2) unstable; urgency=low * The init.d script is now started just before the network interfaces are available during the boot process. * The package now cares for the initial setup of the external interface(s) via debconf. -- Michael Hanke Tue, 6 Sep 2005 20:50:58 +0200 arno-iptables-firewall (1.8.4-1) unstable; urgency=low * Initial Release. * Modified filename of the init.d script and the location of the configuration file to conform to the Debian policy. * Modified the 'reload' command of the init.d script to 'force-reload'. -- Michael Hanke Tue, 30 Aug 2005 11:12:25 +0200 debian/NEWS0000644000000000000000000000656011741024561007675 0ustar arno-iptables-firewall (2.0.1.b-1) experimental; urgency=low * The package now supports a conf.d-style configuration option that makes it possible to tweak the configuration without editing the default configuration files. Consequently, the Debconf-based configuration settings (if enabled) are no longer written into a custom 'debconf.cfg', but use this mechanism also. Additional configuration snippets can be placed into /etc/arno-iptables-filewall/conf.d. All files with extension '.conf' will be sourced after the main configuration file and either overwrite or extend the default. -- Michael Hanke Tue, 10 Apr 2012 10:58:18 +0200 arno-iptables-firewall (1.9.2.a-1) unstable; urgency=low * With this release the syntax of the config file is slightly changed. From now on the '#' (hash-character) is used as the new separator for interface restrictions (i.e. eth0#....). -- Michael Hanke Tue, 09 Jun 2009 10:12:23 +0200 arno-iptables-firewall (1.9.0.a-1) unstable; urgency=low * The syntax and layout of the configuration file has been changed. Several variable names have been modified, but the most notable difference is the switch from ':' to '~' as port separator string. Although most installations that exclusively use the debconf-managed configuration settings should also work with this version, it is nevertheless recommend to verify the firewall setup before reenabling the firewall after upgrading. more information is available in /usr/share/doc/arno-iptables-firewall/README.gz * The 1.9 branch now uses a leightweight init.d script without a verbose status dump during startup. The 'old' status report is available when manually starting the firewall using /usr/sbin/arno-iptables-firewall. Additionally, this script, as well as the init.d scripti, provides a details iptables configuration dump via the 'status' command. * A default rsyslog configuration (and corresponding logrotate setup) for firewall-related messages is has been added. Such messages will now be logged into /var/log/arno-iptables-firewall. -- Michael Hanke Fri, 20 Feb 2009 07:31:15 +0100 arno-iptables-firewall (1.8.8.l-1) unstable; urgency=low * The location of the firewall plugins has changed. The plugins itself are now placed in /usr/share/arno-iptables-firewall/plugins, while their configuration files remain in /etc/arno-iptables-firewall/plugins. Unmodified plugins are silently moved on package upgrade. If any of the plugins were modified, the modified plugin is preserved in /etc/arno-iptables-firewall/plugins (with a '.dpkg-old' suffix). However, only plugins in the new location will be used by the firewall and custom modifications have to be updated manually. -- Michael Hanke Fri, 25 Jan 2008 11:20:04 +0100 arno-iptables-firewall (1.8.8-1) unstable; urgency=low * The location of the config files has been changed. All files are now located in /etc/arno-iptables-firewall/. Config files of previous package versions are automatically moved into the new location and any customizations will be preserved. This includes MAC filter lists and host blacklists as well as custom iptables rules. -- Michael Hanke Thu, 5 Oct 2006 16:07:34 +0200 debian/rsyslog.d.conf0000644000000000000000000000043311436206053011761 0ustar # Log firewall messages to /var/log/arno-iptables-firewall (asynchronously), # and then drop them so that they aren't logged again elsewhere. if $syslogfacility-text == 'kern' \ and $syslogpriority-text == 'info' \ and $msg contains 'AIF:' then -/var/log/arno-iptables-firewall & ~ debian/rules0000755000000000000000000000161211741024111010236 0ustar #!/usr/bin/make -f # -*- makefile -*- # this name is just too long AIF=arno-iptables-firewall # one ring to rule them all ... %: dh $@ override_dh_auto_configure: override_dh_auto_build: override_dh_auto_clean: debconf-updatepo rm -f $(CURDIR)/debian/init.d override_dh_auto_install: # install rsyslog configuration cp $(CURDIR)/debian/rsyslog.d.conf \ $(CURDIR)/debian/$(AIF)/etc/rsyslog.d/arno-iptables-firewall.conf # and corresponding logrotate configuration cp $(CURDIR)/debian/logrotate.d.conf \ $(CURDIR)/debian/$(AIF)/etc/logrotate.d/arno-iptables-firewall.conf override_dh_installchangelogs: dh_installchangelogs # fix up and remove duplicate plugin changelogs -rm $(CURDIR)/debian/$(AIF)/usr/share/$(AIF)/plugins/*.CHANGELOG override_dh_installinit: # since one cannot know whether the firewall is # properly configured it must not be started dh_installinit --noscripts debian/CHANGELOG-1.9-series0000644000000000000000000004745111537203521012207 0ustar Version 1.9.2l (August 25, 2010) -------------------------------- * BusyBox doesn't understand grep -x, so use ^$ instead + dots should be escaped (thanks Lonnie) * Slightly safer check on whether we have IPv6 on the system we're running ! IPv6 detection failed due to our systctl wrapper function being to verbose. This caused IPv6 to always be "open" on systems having IPv6 connectivity (Debug bug #594326, thanks to Tim Small for reporting this) * From now on explicitly set all variables for sysctl wildcard variables (like "net.ipv4.conf.*.rp_filter") since newer kernels handle those differently now (Thanks to Klemen Mihevc) + The "Blocked Host" feature adds the BLOCK_HOSTS_BIDIRECTIONAL option to specify whether hosts are blocked both Inbound and Outbound (default) or Inbound only. (Thanks Philip) * Don't masquerade IPv6/proto 41 (thanks Klemen Mihevc) * Use unset IFS only for actual rules * Re-added local IFS in environment + Added option to enable/disable antispoofing for internal/dmz nets ! Don't "unset IFS" immediately after "local IFS" declaration in functions, this breaks older shells + Added option to enable/disable IGMP logging ! Modprobe didn't work properly for old modprobe/distros when modules were compiled in-kernel + Configure option to allow user to enable full access for the external subnet + Implemented EXT_BROADCAST_CHAIN Version 1.9.2k (March 25, 2010) ------------------------------- ! check_interface() function didn't work for VLAN interfaces ! Several tweaks & fixes in the install script + Add old version detection to the install script + Added "Kernel Configuration Special Issues" section to README + Updated traffic-shaper-plugin, added two more queues, added more DSCP matches, updated "traffic-shaper.conf" template and support local server source port matches. + Added 224.0.0.0/24 to the list of broadcast destination addresses + Updated traffic-accounting-plugin Version 1.9.2j (February 26, 2010) ---------------------------------- + Check for dig/nslookup in the main script when RESOLV_IPS=1 ! PLUGIN config & binary path check should be in the main script else our install script fails on fresh installs or old 1.8 upgrades Version 1.9.2i (February 23, 2010) ---------------------------------- * Modify the install script to make the firewall start after the network is brought up on boot + Add dig() function wrapper that degrades to nslookup if dig is not available * Refactor check_binary() into seperate check_command() & check_command_error() functions + New DynDNS & Traffic Accounting plugins. Main improvement is that they feature host caching now * Have a seperate function to check our config so we don't fail on a bad config when eg. stopping + Have the install script detect interfaces and their properties * Better (wildcard) interface detection in the main script * Don't autodetect interface addresses etc. in the main script, instead do it during install ! sysctl() always applied the -w argument which it shouldn't ! DNS failed during startup * We shouldn't just default (too much) to ANYHOST and/or ANYPORT, if not specified. This is too user error-sensitive (including myself) ! Can't have defaults for protocols * Misc. tweaks & cosmetics Version 1.9.2h (January 5, 2010) -------------------------------- ! %0d in the date format is not supported by busybox so replace it with %d (thanks Lonnie) ! Init script for newer Debian/Ubuntu version. Start on system startup, only stop on system shutdown. Moreover, do not wait for syslog, but start whenever there is network (thanks downstream/Michael Hanke) * Cleaned up/tweaked sysctl & modprobe functions * Consistently use 'ip' instead of 'ifconfig' to obtain interface attributes. + Add iptables_batch() function to greatly decrease the time to add the "Blocked Host" rules. iptables_batch() uses iptables-save and iptables-restore to add rules in batch rather than one-by-one. This feature may be disabled by setting DISABLE_IPTABLES_BATCH=1 ! Fixed typo in module_probe deprecation warning + Autodetect netmask & broadcast addresses for INT_IF & EXT_IF + Add a default DROP to the HOST_BLOCK_SRC and HOST_BLOCK_DST chains while they are being built, this is most important when using the 'force-reload' verb. During the time the Blocked Hosts are being applied, no new traffic will be allowed in any direction. + Add a check for the '-' character in the ip_range() function for improved execution speed. * The "Blocked Host" feature now also matches the destination address for outbound traffic in addition to the previous matching of the source address for inbound traffic. * The "Blocked Host" logging is now implemented as one rule rather than a rule for each blocked host. * The "Blocked Host" file may now include a semicolon ';' as a comment delimiter, per the Spamhaus DROP list. * The "Blocked Host" file (re)load now displays an activity count since this can take awhile. Version 1.9.2g (November 17, 2009) ---------------------------------- - Removed incorrect comment in sip-voip.conf ! Fixed logging of packets in the INPUT chain because of incorrect use of the POST_INPUT_xxx chains ! Fixed dropping of packets in EXT_INPUT_CHAIN + we should jump into the POST_INPUT_CHAIN first before we DROP Version 1.9.2f (November 10, 2009) ---------------------------------- * Tweaked some kernel settings ! Fixed modprobe errors. Always use $@ as $* might do things you don't expect! (Thanks Lonnie!) ! Don't disable TCP sack when DoS-reducation is enabled since performance degrades from it Version 1.9.2e (November 9, 2009) --------------------------------- + Added some more DOS-prevention kernel settings (thanks Michiel Klaver) + IPv6 module updates + Implemented support to set INDENT(space) value for functions in environment + Added sysctl_multi() & modprobe_multi() functions to allow probing for several modules/variables at once ! Unify date format in the log (Debian bug #550222) * Only apply DNAT ctstate rule if explictly enabled from the config file (using the NAT_LOCAL_REDIRECT variable). The previous implementation was simply too much of a hack. * We should explicitly enable net.netfilter.nf_conntrack_acct for kernel 2.6.27+ to allow the use of traffic accounting and such (thank Lonnie) * Don't /dev/null iptables -t nat related stuff. We just need the nat module, and that's all there is to it ! DROP any new traffic while firewall rules are generated so improper states are not created during start/restart * The default OUTPUT policy no longer sees traffic after setting up the firewall rules in the chains ! Removed an unconditional ACCEPT in the EXT_OUTPUT_CHAIN keeping the POST_OUTPUT_CHAIN from seeing EXT_IF traffic ! Several fixes/changes for the POST_xxxx_CHAINs. This should make the POST stuff more consistent among INPUT/FORWARD/OUTPUT * Misc. tweaks Version 1.9.2d (August 24, 2009) -------------------------------- * Renamed module_probe() to modprobe() and added deprecation warning + Updated traffic accounting plugin. Fixes another "rule-leak" + Updated sip-voip plugin (thanks Philip) + Updated traffic-shaper plugin (thanks Philip) Version 1.9.2c (July 29, 2009) ------------------------------ ! On reinit we must flush all chains in the nat & mangle tables else they will keep growing (Thanks Lonnie) + Updated IPSEC VPN plugin (Thanks Philip) + Updated Traffic Accounting plugin + Updated DynDNS Open plugin + Updated IDS plugin ! Fixed ICMP checks for IPv6 * Less defaulting to all ports/all hosts for several rules. This should mainly improve security in case of incorrect rules/configurations Version 1.9.2b (June 25, 2009) ------------------------------ ! Fixed DSL plugin causing errors on restart * Detected iptables errors are now reported as WARNING rather than ERROR when the script finishes + Updated IPSEC-VPN plugin (Thanks Philip) * Moved .aif_active_plugins to /var/tmp/ + Detect plugins on stop() that have their priority number changed Version 1.9.2a (June 9, 2009) ----------------------------- * Dropped requirement of the ip binary in the main script Version 1.9.2 (June 4, 2009) ---------------------------- * Bumped installer version to 1.0 ! Fixed check_binary failed on dash-based systems (like Ubuntu) (Thanks Lonnie!) ! Fixed some bashisms ! Fixed DMZ_LAN_HOST_OPEN_IP didn't work Version 1.9.1-RC1 (May 20, 2009) -------------------------------- ! Fixed DMZ_LAN_HOST_OPEN_xxx source hosts weren't parsed properly (Thanks to Lonnie Abelbeck) ! Fixed LOG_HOST_OUTPUT_xxx format error (Thanks to Lonnie Abelbeck) + Added local DNAT redirect support (Thanks to Philip Prindeville) + Added experimental DMZ-NAT plugin (Thanks to Philip Prindeville) + Implemented NAT_PREROUTING_CHAIN, POST_NAT_PREROUTING_CHAIN, NAT_POSTROUTING_CHAIN & POST_NAT_POSTROUTING_CHAIN chains * Replaced DMZ_IF_TRUST and INT_IF_TRUST with the new IF_TRUSTS variable. You can use | to create seperate groups of interfaces. + We now detect whether iptables (/ip4tables/ip6tables) failed (somewhere) during startup and report this at the end ! Fixed NAT_FORWARD_IP not working ! Several fixes/changes in the rule parsers * Moved from using the $IPTABLES/$IP4TABLES/$IP6TABLES variables to functions (Thanks Philip Prindeville). This should eg. allow proper tracing. + Iptables errors will now be shown in red, to better point them out + Implemented some additional chains (for eg. plugin use) - Reverted flushing user chains before stopping plugins, it causes disconnections. * Several cleanups/optimizations (thanks to Philip Prindeville, Lonnie Abelbeck & Roy Lanek) * Major cleanup of functions etc. Version 1.9.1-BETA1 (April 5, 2009) ----------------------------------- * On a restart the "user_chains" are now flushed before the plugins are stopped + Implemented INPUT/FORWARD/OUTPUT_CHAIN. In this way we no longer have to clutter the builtin INPUT/FORWARD/OUTPUT chains. * !!!! Changed the seperator for interface restrictions to # (eg. eth0#.....)!!! This code is now much cleaner and the way rules work is a lot more logical :) ! Fixed warnings with newer iptables versions + Plugin status & stop are now only called when the plugin is actually listed as being previously loaded (Thanks to Lonnie Abelbeck). ALL PLUGINS MUST BE UPDATED ACCORDINGLY! * Rewrote the startup (and restart) code. This should make the restart command working a lot better (although it may also have broken some stuff) + Misc. tweaks + Added option to use extra arguments for functions that use dig + Updated several plugins ! EOL specification was invalid in the environment file Version 1.9.0b (February 27, 2009) ---------------------------------- ! Fixed some security issues concerning firewall restart (thanks to Lonnie Abelbeck) ! Fixed invalid EOL causing blocked hosts to fail ! Fixed invalid sed-syntax causing blocked hosts to fail - Removed MAC-filter from the main script (will be moved to seperate plugin) ! Fixed OUTPUT policy didn't get applied ! Fixed LOG_xxx_INPUT should be LOG_INPUT_xxx in the config file * Small tweaks in the install script + Added wildcard_ifs() function to the environment-file + Updated several plugins * Cleanup + fixed several typos (thanks Philip Prindeville) * The restart command will now block all traffic from the external interfaces. + Host-block now has the option to keep established TCP connections, usefull for our restart command to NOT kill any running SSH connections + New (seperate) MAC filter plugin. Also allows to "lock" a MAC to an IP now Version 1.9.0a (January 8, 2009) -------------------------------- ! Several fixes in the install script Version 1.9.0 (January 7, 2009) ------------------------------- + Some more fallback safeguards ! Fixed LAN_INET_HOST_DENY_TCP/UDP (stupid typo) ! Trimmed too long log messages * Set timeout/retry values to default for dig functions in the env-file ! Fixed sysctl for eg. busybox setups which don't support -q. Implemented sysctl wrapper for this (like with module_probe()) + Added new traffic shaper (thanks to Lonnie Abelbeck) - Removed old hfsc traffic shaper + Added net.netfilter.nf_conntrack_max as additional sysctl key + Added AIF:-prefix to all LOG messages + Added ENV_FILE fallback in case it's not specified in the config-file + Enhanced the environment file to make it more robust in case config stuff is missing - Removed <=2.2 kernel check ! Minor fix in the init script ! Fix bug in the install script which broke setting basic config * Disabled verbose by default in the init script (set VERBOSE=1 inside /etc/init.d/arno-iptables-firewall to enable again) * Misc. plugin updates * Misc. tweaks in the install script Version 1.9.0-rc4 (November 23, 2008) ------------------------------------- ! Fixed hfsc plugin on ubuntu ! Fixed install script on ubuntu * Moved /usr/share stuff to /usr/local/share (where it belongs). This is hopefully the last major change. + Updated DynDNS plugin to 0.23BETA. It now automatically creates/removes the cron job + Updated Traffic Accounting plugin to 0.2BETA * man pages are now gzipped by the installer ! Fixed incorrect configuration file used for the transparent proxy plugin ! Installer didn't setup a symlink in /etc/rcS.d to start the firewall at boot + Added uninstall script ! Several fixes in the install script * Misc. tweaks & fixes Version 1.9.0-rc3 (September 4, 2008) ------------------------------------- ! Fixed dsl-ppp-modem plugin was accidently DOS-formatted ! Fixed dsl-ppp-modem was accidently referring to adsl-ppp-modem.conf instead of dsl-ppp-modem.conf ! Fixed aliased-inet-IP support in the NAT forwarding code ! Fixed several problems in the installation script ! Fixed broken dyndns-plugin * Cosmetic tweaks Version 1.9.0-rc2 (September 3, 2008) ------------------------------------- + Added new DynDNS plugin to open ports for DynDNS (internet) hosts + Updated serveral plugins * Default policy for LAN->INET, DMZ->INET, INET->DMZ etc. is now ACCEPT (at the (end of the chain) unless an OPEN_xxx is specified, in that case the default is DROP ! Fixed the use of source-destination-ip's with NAT forwards + Basic install script added (install.sh). Probably can use a lot of improvements. * Moved a lot of functions/variables into a new separate "environment"-file. (located in /usr/share/arno-iptables-firewall/). This should make easier for eg. helper-scripts to use AIF's functions & variables * Minor changes/updates in the plugins (slighty modified skeleton for example) - Removed dsl ppp modem code and moved it into a separate plugin * (Cosmetic) tweaks in the module_probe() function - Removed transparent proxy code and moved it into a separate plugin * IPv6 drop-policy setting (when IPv4 is selected) now only performed if IPv6 is available on the system + Added $network to the Debian LSB headers * IDS plugin now uses priority 90 (near last) * Linux-igd plugin is no longer enabled by default (it was never intended to be so) * Changed default firewall log file to /var/log/firewall.log * Renamed POST_INPUT_CHAIN to POST_INPUT_DROP_CHAIN (+updated IDS plugin accordingly) + Implemented new POST_INPUT_CHAIN, POST_FORWARD_CHAIN & POST_OUTPUT_CHAIN * Misc. (cosmetic) changes Version 1.9.0-rc1 (July 29, 2008) ---------------------------------- ! Fixed a bug in the nat forwarding code causing interfaces not to work + Updated ipsec-vpn plugin (& renamed from "racoon-ipsec-vpn") * Updates to the README-file * Misc. changes Version 1.9.0-beta3 (May 25, 2008) ---------------------------------- + Implemented check-conf argument to only perform a sanity check ! Fixed no_broadcast code + Added HIGHLY EXPERIMENTAL IDS plugin + Added IDS hook in the main script (via POST_XXX_XXX CHAINS) + Added stop-block argument - Deprecated LOOSE_UDP_PATCH * Switched from /proc to sysctl for setting kernel options * Missing sysctl conntrack setting is NOW fatal ! Fixed unreferenced get_protos_ip + Added $network to the Debian init.d headers * Misc. (cosmetic) tweaks Version 1.9.0-beta2 (March 23, 2008) ------------------------------------ ! Fixed echo output showing hosts that shouldn't be displayed * Now IPv4 traffic will have a default policy of DROP when IPv6 is enabled and visa versa + Added LOCAL_CONFIG_FILE variable to allow eg. certain user/global/local settings to be sourced into the script + Implemented plugin_status() support + Implemented plugin_stop() support + Updated several plugins. Multiroute now has a proper stop() section for example ! Fixed error on missing /proc/ queue_maxlen.... ! Fixed support for legacy plugins Version 1.9.0-beta1 (January 17, 2008) -------------------------------------- ! Fix /proc/.../ conntrack set for newer kernels ! Fixed bug (typo) in $REJECT_TCP_NOLOG ! Fixed DEFAULT value's in the helper parsing functions causing eg. simple portforwards not to work ! Fixed missing default value's for the source hosts in the NAT portforwards ! Several (regression) fixes in the NAT forwarding rules ! Fixed a regression bug in the module_probe() function ! Several regression fixes in the interface sanity_check() * Minor cosmetic changes Version 1.9.0-ALPHA2 (December 18, 2007) ---------------------------------------- ! Fixed ICMPv6 types * All (user) chains are now created in the beginning to allow plugins/custom rules to add rules to them. + Implemented separate variables for the iptables & ip6tables binaries. Instead of selecting the binary itself, IPv6 support can now be enabled/disabled via variable IPV6_SUPPORT ! Several fixes for IPv6 support + Implemented IPV6_SUPPORT variable for the "actual" IPV6 support * Moved "old" IPV6_OVER_IPV4 to a plugin * Host block now performed for ALL interfaces, not just the external one * ICMP flooding changed from 20/sec max to 60/sec max. + Added suport for aliased external interface / multi-IP support. You can now also use the IP (instead of interface) of the interface to restrict INPUT/OUTPUT- rules ! Fixed the HOST_ output logging rules ! Fixed interface check in sanity_check() ! Misc. bug fixes + Major cleanup * Cosmetic changes Version 1.9.0-ALPHA1 (December 5, 2007) --------------------------------------- + Added DEFAULT_POLICY_DROP option to allow users to disable setting iptables default policy to DROP. Mainly useful for people who boot from eg. NFS (diskless client systems). + DNAT plugin update. Switched from OUTPUT to PREROUTING for the DNAT rule. ! Fixed a minor bug in the NAT forwards: the FORWARD rule was missing the host destination + Experimental IPv6 support. You can switch from IPv4 to IPv6 by simply changing the iptables into "ip6tables". Note that I'm currently not able to test it, as I don't have any IPv6 environment. * NAT forwards no longer use : for host/port separation due to problems with future IPv6 support. Now the new separator (~) is also used for this. + Implemented DMZ_IF_TRUST trust, to setup DMZ-DMZ trusts * Antispoof for DMZ & INTERNAL net now only enabled when INT_IF / DMZ_IF set + Implemented start/stop command for plugins. Now plugins can also contain code to be executed whenever the firewall stops. The start or stop command is put the environment variable called "PLUGIN_CMD" (which the plugin can read). + Major (and I mean, really MAJOR) code cleanup. This possibly broke a lot of stuff. + Implemented IP address ranges for ALL variables (use like 192.168.1.10-20) + Implemented support for restriction rules to apply only for certain external interfaces * !!! Separator for combined host/port rules changed from : to ~ . This is mainly to be able create cleaner/easier parse functions & prevent any possible problems with the support for IPv6 (addresses), which also uses : !!!! ! Fixed INVALID rule for UDP * Changed the name of a lot of inconsistent variables. Unfortunately this means that the new config won't be fully backwards compatible with firewall version 1.8 * Changed order of some of the variables in the config file so they are more synced to the logic flow/order of the firewall script * Plugin support moved to the main script * Plugin binaries moved to /usr/share/arno-iptables-firewall/plugins + (Finally) implemented nice init.d script with configurable verbosity * Misc. cosmetic changes debian/logrotate.d.conf0000644000000000000000000000042611642620517012265 0ustar /var/log/arno-iptables-firewall { rotate 4 weekly missingok notifempty compress delaycompress sharedscripts postrotate [ -x /etc/init.d/rsyslog ] && invoke-rc.d rsyslog rotate > /dev/null endscript } debian/preinst0000644000000000000000000000454511741017777010621 0ustar #!/bin/sh # preinst script for arno-iptables-firewall set -e # Move a conffile. In case of an unmodified file simply # remove it to not trigger dpkg questions. # However, if the file is modified this question should occur. mv_conffile() { CONFFILE="$1" NEWLOCATION="$2" if [ -e "$CONFFILE" ]; then md5sum="`md5sum \"$CONFFILE\" | sed -e \"s/ .*//\"`" old_md5sum=$(dpkg-query -W -f='${Conffiles}' arno-iptables-firewall | grep ${CONFFILE} | awk '{ print $2 }') if [ "$md5sum" = "$old_md5sum" ]; then rm -f "$CONFFILE" else mv "$CONFFILE" "$NEWLOCATION" fi fi } case "$1" in install|upgrade) if dpkg --compare-versions "$2" le "1.8.6.c-4"; then if [ -e /etc/default/arno-iptables-firewall ]; then echo "Moving old firewall configuration to /etc/arno-iptables-firewall/firewall.conf." if [ ! -d /etc/arno-iptables-firewall ]; then mkdir /etc/arno-iptables-firewall fi mv_conffile "/etc/default/arno-iptables-firewall" "/etc/arno-iptables-firewall/firewall.conf" fi fi if dpkg --compare-versions "$2" le "1.8.8.l-1"; then echo "Moving plugins from /etc to /usr/share/arno-iptables-firewall/plugins." for f in /etc/arno-iptables-firewall/plugins/*.plugin; do mv_conffile "$f" "$f.dpkg-old" done fi if dpkg --compare-versions "$2" le "1.9.2.h-1~"; then echo "Updating firewall startup behavior -- delayed until network becomes available." update-rc.d -f arno-iptables-firewall remove fi # Move the old pre-conf.d debconf settings into the new location and # format if [ -e /etc/arno-iptables-firewall/debconf.cfg ]; then mkdir -p /etc/arno-iptables-firewall/conf.d/ sed -e 's/^DC_//' < /etc/arno-iptables-firewall/debconf.cfg \ > /etc/arno-iptables-firewall/conf.d/00debconf.conf rm -f /etc/arno-iptables-firewall/debconf.cfg fi ;; abort-upgrade) ;; *) echo "preinst called with unknown argument \`$1'" >&2 exit 1 ;; esac # dh_installdeb will replace this with shell code automatically # generated by other debhelper scripts. #DEBHELPER# exit 0 debian/arno-iptables-firewall.install0000644000000000000000000000021011705221775015121 0ustar bin/arno-fwfilter usr/bin bin/arno-iptables-firewall usr/sbin etc/* etc share/arno-iptables-firewall/* usr/share/arno-iptables-firewall debian/docs0000644000000000000000000000012411537203521010035 0ustar README share/arno-iptables-firewall/plugins/*.CHANGELOG debian/CHANGELOG-1.9-series debian/postinst0000644000000000000000000001612211741020206010767 0ustar #! /bin/bash # postinst script for arno-iptables-firewall set -e . /usr/share/debconf/confmodule db_version 2.0 # move config files from versions prior to 1.8.8 if [ -f /etc/arno-iptables-firewall.debconf ]; then echo "Moving debconf settings to /etc/arno-iptables-firewall/debconf.cfg." mv /etc/arno-iptables-firewall.debconf /etc/arno-iptables-firewall/debconf.cfg fi if [ -f /etc/arno-firewall-blocked-hosts ]; then echo "Moving host blacklist to /etc/arno-iptables-firewall/blocked-hosts." mv /etc/arno-firewall-blocked-hosts /etc/arno-iptables-firewall/blocked-hosts fi if [ -f /etc/arno-firewall-mac-addresses ]; then echo "Moving MAC address filter list to /etc/arno-iptables-firewall/mac-addresses." mv /etc/arno-firewall-mac-addresses /etc/arno-iptables-firewall/mac-addresses fi if [ -f /etc/arno-firewall-custom-rules ]; then echo "Merging custom iptables rules into /etc/arno-iptables-firewall/custom-rules." cat /etc/arno-firewall-custom-rules >> /etc/arno-iptables-firewall/custom-rules rm -f /etc/arno-firewall-custom-rules fi CFG=/etc/arno-iptables-firewall/conf.d/00debconf.conf case "$1" in configure) # query all vars from debconf # most important: is debconf management requested db_get arno-iptables-firewall/debconf-wanted if [ "$RET" = "true" ]; then # debconf is welcome: look whether there is a config file and # recreate the config file if missing if [ ! -e $CFG ]; then cat << EOT > $CFG ####################################################################### # Feel free to edit this file. However, be aware that debconf writes # # to (and reads from) this file too. In case of doubt, only use # # 'dpkg-reconfigure -plow arno-iptables-firewall' to edit this file. # # If you really don't want to use debconf, or if you have specific # # needs, you're likely better off using placing an additional # # configuration snippet into/etc/arno-iptables-firewall/conf.d/. # # Also see README.Debian. # ####################################################################### EXT_IF="" EXT_IF_DHCP_IP=0 OPEN_TCP="" OPEN_UDP="" INT_IF="" NAT=0 INTERNAL_NET="" NAT_INTERNAL_NET="" OPEN_ICMP=0 EOT fi # query the names of the external interfaces from debconf db_get arno-iptables-firewall/config-ext-if ; DC_EXT_IF="$RET" # query the DHCP status from debconf db_get arno-iptables-firewall/dynamic-ip if [ "$RET" = "true" ]; then DC_EXT_IF_DHCP_IP=1 else DC_EXT_IF_DHCP_IP=0 fi # query the external services from debconf db_get arno-iptables-firewall/services-tcp ; DC_OPEN_TCP="$RET" db_get arno-iptables-firewall/services-udp ; DC_OPEN_UDP="$RET" # query the NAT status from debconf db_get arno-iptables-firewall/nat if [ "$RET" = "true" ]; then DC_NAT=1 else DC_NAT=0 fi # query the internal network interfaces from debconf db_get arno-iptables-firewall/config-int-if ; DC_INT_IF="$RET" # query the internal networks from debconf db_get arno-iptables-firewall/config-int-net ; DC_INTERNAL_NET="$RET" # we need to quote all slashes DC_INTERNAL_NET=${DC_INTERNAL_NET//\//\\\/} # query the internal networks with access to the external world from debconf db_get arno-iptables-firewall/config-int-nat-net ; DC_NAT_INTERNAL_NET="$RET" # we need to quote all slashes DC_NAT_INTERNAL_NET=${DC_NAT_INTERNAL_NET//\//\\\/} # allow the whole internal net for NAT if this was left empty if [[ -z $DC_NAT_INTERNAL_NET && "$DC_NAT" == "1" ]]; then DC_NAT_INTERNAL_NET="$DC_INTERNAL_NET" fi # query the 'pingable' status from debconf db_get arno-iptables-firewall/icmp-echo if [ "$RET" = "true" ]; then DC_OPEN_ICMP=1 else DC_OPEN_ICMP=0 fi # make a backup conf file cp -dpf $CFG $CFG.tmp # check that all vars are in the debconf file # If the admin deleted or commented some variables but then set # them via debconf, (re-)add them to the conffile. test -z "$DC_EXT_IF" || grep -Eq '^ *EXT_IF=' $CFG.tmp || echo "EXT_IF=" >> $CFG.tmp test -z "$DC_EXT_IF_DHCP_IP" || grep -Eq '^ *EXT_IF_DHCP_IP=' $CFG.tmp || echo "EXT_IF_DHCP_IP=" >> $CFG.tmp test -z "$DC_OPEN_TCP" || grep -Eq '^ *OPEN_TCP=' $CFG.tmp || echo "OPEN_TCP=" >> $CFG.tmp test -z "$DC_OPEN_UDP" || grep -Eq '^ *OPEN_UDP=' $CFG.tmp || echo "OPEN_UDP=" >> $CFG.tmp test -z "$DC_NAT" || grep -Eq '^ *NAT=' $CFG.tmp || echo "NAT=" >> $CFG.tmp test -z "$DC_INT_IF" || grep -Eq '^ *INT_IF=' $CFG.tmp || echo "INT_IF=" >> $CFG.tmp test -z "$DC_INTERNAL_NET" || grep -Eq '^ *INTERNAL_NET=' $CFG.tmp || echo "INTERNAL_NET=" >> $CFG.tmp test -z "$DC_NAT_INTERNAL_NET" || grep -Eq '^ *NAT_INTERNAL_NET=' $CFG.tmp || echo "NAT_INTERNAL_NET=" >> $CFG.tmp test -z "$DC_OPEN_ICMP" || grep -Eq '^ *OPEN_ICMP=' $CFG.tmp || echo "OPEN_ICMP=" >> $CFG.tmp # now set the value from the debconf database # write values to config file sed -e "s/^ *EXT_IF=.*/EXT_IF=\"$DC_EXT_IF\"/" \ -e "s/^ *EXT_IF_DHCP_IP=.*/EXT_IF_DHCP_IP=$DC_EXT_IF_DHCP_IP/" \ -e "s/^ *OPEN_TCP=.*/OPEN_TCP=\"$DC_OPEN_TCP\"/" \ -e "s/^ *OPEN_UDP=.*/OPEN_UDP=\"$DC_OPEN_UDP\"/" \ -e "s/^ *NAT=.*/NAT=$DC_NAT/" \ -e "s/^ *INT_IF=.*/INT_IF=\"$DC_INT_IF\"/" \ -e "s/^ *INTERNAL_NET=.*/INTERNAL_NET=\"$DC_INTERNAL_NET\"/" \ -e "s/^ *NAT_INTERNAL_NET=.*/NAT_INTERNAL_NET=\"$DC_NAT_INTERNAL_NET\"/" \ -e "s/^ *OPEN_ICMP=.*/OPEN_ICMP=$DC_OPEN_ICMP/" \ < $CFG.tmp > $CFG # replace the old conffile by the working copy rm -f $CFG.tmp db_get arno-iptables-firewall/restart if [ "$RET" = "true" ]; then invoke-rc.d arno-iptables-firewall restart fi fi # debconf wanted # reload rsyslog if available if [ -x /etc/init.d/rsyslog ]; then invoke-rc.d rsyslog restart fi ;; abort-upgrade|abort-remove|abort-deconfigure) # nothing to do ;; *) echo "postinst called with unknown argument \`$1'" >&2 exit 1 ;; esac if [ -x "/etc/init.d/arno-iptables-firewall" ]; then update-rc.d arno-iptables-firewall start 41 S . stop 41 0 6 . >/dev/null || exit 0 fi # dh_installdeb will replace this with shell code automatically # generated by other debhelper scripts. #DEBHELPER# exit 0 debian/README.Debian0000644000000000000000000000265711436206053011241 0ustar arno-iptables-firewall for Debian --------------------------------- This document only describes the differences between the upstream and the Debian version. Please refer to the README file for the regular documentation. The major difference with upstream version is the added debconf layer for configuration management. Basic settings (external interfaces, open ports and internet connections sharing (NAT)) can optionally be handled by debconf. Use 'dpkg-reconfigure -plow arno-iptables-firewall' to reconfigure the firewall at any time. The package includes a log setup for rsyslog (the default sysklog daemon since lenny). By default firewall-related messages will go into /var/log/arno-iptables-firewall. The setup assumes messages to be logged with the default kernel syslog level 'info' (see LOGLEVEL setting in firewall.conf). If the loglevel is changed /etc/rsyslog.d/arno-iptables-firewall.conf has to be modified accordingly. The corresponding logrotate setup at /etc/logrotate.d/arno-iptables-firewall.conf might need to be customized depending on the amount of generated log messages, but the default should be appropriate for most desktop machines. Since version 1.8 there is support for plugins. Plugins are installed in /usr/share/arno-iptables-firewall/plugins. The corresponding plugin configurations are placed into /etc/arno-iptables-firewall/plugins. -- Michael Hanke , Fri, 25. Jan 2008 16:04:47 +0100 debian/compat0000644000000000000000000000000211537203521010363 0ustar 7 debian/manpages0000644000000000000000000000010711436206053010702 0ustar share/man/man8/arno-iptables-firewall.8 share/man/man1/arno-fwfilter.1 debian/watch0000644000000000000000000000016711436206053010223 0ustar version=3 http://rocky.eld.leidenuniv.nl/arno-iptables-firewall/arno-iptables-firewall_(\d\.\d\.[\d\.]+)(.*)\.tar\.gz debian/patches/0000755000000000000000000000000012063551476010626 5ustar debian/patches/series0000644000000000000000000000004511753772415012045 0ustar hostip_url_fix lsb_init debian_paths debian/patches/debian_paths0000644000000000000000000000342512063551476013176 0ustar Description: Debconf abstract layer Allow reading config settings from a debconf settings file from within the main firewall configuration. Forwarded: not-needed Author: Michael Hanke --- a/etc/arno-iptables-firewall/firewall.conf +++ b/etc/arno-iptables-firewall/firewall.conf @@ -241,11 +241,11 @@ # (EXPERT SETTING!) Location of the environment file # ----------------------------------------------------------------------------- -ENV_FILE="/usr/local/share/arno-iptables-firewall/environment" +ENV_FILE="/usr/share/arno-iptables-firewall/environment" # (EXPERT SETTING!) Location of plugin binary & config files # ----------------------------------------------------------------------------- -PLUGIN_BIN_PATH="/usr/local/share/arno-iptables-firewall/plugins" +PLUGIN_BIN_PATH="/usr/share/arno-iptables-firewall/plugins" PLUGIN_CONF_PATH="/etc/arno-iptables-firewall/plugins" # Most people don't want to get any firewall logs being spit to the console. @@ -498,7 +498,7 @@ # syslogd to log firewall messages to this file (see LOGLEVEL below for further # info). # ----------------------------------------------------------------------------- -#FIREWALL_LOG="/var/log/firewall.log" +FIREWALL_LOG="/var/log/arno-iptables-firewall" # (EXPERT SETTING!) Current log-level ("info": default kernel syslog level) # "debug": can be used to log to /var/log/firewall.log, but you have to configure --- a/etc/init.d/arno-iptables-firewall +++ b/etc/init.d/arno-iptables-firewall @@ -21,7 +21,7 @@ ############################################################################################ PATH=/bin:/usr/bin:/sbin:/usr/sbin -PROGRAM="/usr/local/sbin/arno-iptables-firewall" +PROGRAM="/usr/sbin/arno-iptables-firewall" NAME="arno-iptables-firewall" # Be verbose(1)?: debian/patches/lsb_init0000644000000000000000000000262511753773626012371 0ustar From: Mike Miller , Christian PERRIER Subject: using init script LSB log_xxx_msg functions Bug-Debian: http://bugs.debian.org/672326 diff --git a/etc/init.d/arno-iptables-firewall b/etc/init.d/arno-iptables-firewall index eef7fdd..1634684 100755 --- a/etc/init.d/arno-iptables-firewall +++ b/etc/init.d/arno-iptables-firewall @@ -22,28 +22,31 @@ PATH=/bin:/usr/bin:/sbin:/usr/sbin PROGRAM="/usr/local/sbin/arno-iptables-firewall" +NAME="arno-iptables-firewall" # Be verbose(1)?: VERBOSE=0 test -x $PROGRAM || exit 0 +. /lib/lsb/init-functions + if [ "$VERBOSE" = "0" ]; then case "$1" in start) - echo "Starting Arno's Iptables Firewall..." + log_daemon_msg "Starting Arno's Iptables Firewall" "$NAME" ;; stop) - echo "Stopping Arno's Iptables Firewall..." + log_daemon_msg "Stopping Arno's Iptables Firewall" "$NAME" ;; restart) - echo "Restarting Arno's Iptables Firewall..." + log_daemon_msg "Restarting Arno's Iptables Firewall" "$NAME" ;; force-reload) - echo "(Forced) reloading Arno's Iptables Firewall..." + log_daemon_msg "(Forced) reloading Arno's Iptables Firewall" "$NAME" ;; status) @@ -60,6 +63,7 @@ if [ "$VERBOSE" = "0" ]; then # Call firewall script: result=`$PROGRAM $*` retval=$? + log_end_msg $retval else $PROGRAM $* retval=$? -- 1.7.10 debian/patches/hostip_url_fix0000644000000000000000000000135311734621776013616 0ustar Description: Fix location query of arno-fwfilter Query URL default setting prevented enabling the querying. Origin: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=613631#5 Bug-Debian: http://bugs.debian.org/613631 Author: Tony Evans , Michael Hanke diff --git a/bin/arno-fwfilter b/bin/arno-fwfilter index 58cb9dc..d4e9758 100755 --- a/bin/arno-fwfilter +++ b/bin/arno-fwfilter @@ -48,7 +48,7 @@ RESOLVE_NAMES=1 # Enable this option if you want to (try to) obtain the IPs geographical location (can be very slow!) (requires "curl") -SHOW_LOCATION=0 +SHOW_LOCATION=1 # Enable this option if you want to resolve both the source and target host when doing location/name lookups (slower) FULL_INFO=0 debian/arno-iptables-firewall.lintian-overrides0000644000000000000000000000025211741024511017104 0ustar arno-iptables-firewall binary: settitle-requires-versioned-depends config arno-iptables-firewall: init.d-script-possible-missing-stop etc/init.d/arno-iptables-firewall 1