1 files changed, 38 insertions, 25 deletions

diff --git a/network/arno-iptables-firewall/README b/network/arno-iptables-firewall/README
index 57dc9d2018..8c697817da 100644
--- a/network/arno-iptables-firewall/README
+++ b/network/arno-iptables-firewall/README
@@ -1,39 +1,52 @@
-arno-iptables-firewall is a front-end for iptables. Its configuration script
-will set up a secure and restrictive firewall by just asking a few questions.
-This includes configuring internal networks for Internet access via NAT and
-potential network services like http or ssh. Moreover, it provides advanced
-additional features that can be enabled in the well documented configuration
-file.
+arno-iptables-firewall is a front-end for iptables. Its configuration
+script will set up a secure and restrictive firewall by just asking
+a few questions.  This includes configuring internal networks for
+Internet access via NAT, and potential network services like http or
+ssh. Moreover, it provides advanced additional features that can be
+enabled in the well documented configuration file.
 
-NOTE - The setup script will *not* run automatically after your package was
-installed. In order to run the script you have to issue the following command:
+NOTE - The setup script will NOT run automatically after the package
+has been installed. In order to run the script, the following command
+has to be issued:
 
 # arno-iptables-firewall-configure
 
-To enable the startup of the firewall at boot-time you need to create a symlink
-as follows (in order to disable it, either remove the symlink or "chmod -x" the
-startup script):
+In order to start the firewall automatically at boot-time, an
+"rc.firewall" symlink to the startup script has to be created
+in /etc/rc.d/ and of course the startup script itself should be
+executable:
 
-# ln -sv /etc/rc.d/rc.arno-iptables-firewall /etc/rc.d/rc.firewall
-# chmod +x /etc/rc.d/rc.arno-iptables-firewall
+# cd /etc/rc.d/
+# ln -sv rc.arno-iptables-firewall rc.firewall
+# chmod +x rc.arno-iptables-firewall
 
-You can also start the firewall manually with one of the following commands:
+In order to disable startup of the firewall at boot time, remove the
+symlink or the executable bit from the startup script:
 
-# /etc/rc.d/rc.arno-iptables-firewall start
+# rm /etc/rc.d/rc.firewall
+# chmod -x /etc/rc.d/rc.arno-iptables-firewall
+
+The firewall can also be started manually with one of the following
+commands:
 
 # arno-iptables-firewall start
+# /etc/rc.d/rc.arno-iptables-firewall start
+
+Please refer to the man page for more details.
+
 
 IMPORTANT - A few security notes from the upstream author:
 
-1) If possible make sure that the firewall is started before the (ADSL) Internet
-connection is enabled. For a ppp-interface that doesn't exist yet you can use
-the wildcard device called "ppp+" (but you can only use ppp+ if there aren't any
-other ppp interfaces).
+1) If possible make sure that the firewall is started before the
+(ADSL) Internet connection is enabled. For a ppp-interface that
+doesn't exist yet, you can use the wildcard device called "ppp+" (but
+you can only use ppp+ if there aren't any other ppp interfaces).
 
-2) Don't change any (security) settings ('EXPERT SETTINGS') if you don't really
-understand what they mean. Changing them anyway could have a big impact on the
-security of your machine.
+2) Don't change any (security) settings ('EXPERT SETTINGS') if you
+don't really understand what they mean. Changing them anyway could
+have a big impact on the security of your machine.
 
-3) A lot of people complain that their server stopped working after installing
-the firewall. This is the *correct* behaviour for a firewall: blocking *all*
-incoming traffic by default. Configure your OPEN_TCP (e.g.) accordingly.
+3) A lot of people complain that their server stopped working after
+installing the firewall. This is the correct behaviour for a firewall:
+blocking all incoming traffic by default. Configure your OPEN_TCP
+(e.g.) accordingly.