diff options
Diffstat (limited to 'perl-install/standalone/drakvpn')
| -rw-r--r-- | perl-install/standalone/drakvpn | 82 |
1 files changed, 41 insertions, 41 deletions
diff --git a/perl-install/standalone/drakvpn b/perl-install/standalone/drakvpn index fd6fb5c3f..a374d36bb 100644 --- a/perl-install/standalone/drakvpn +++ b/perl-install/standalone/drakvpn @@ -88,7 +88,7 @@ begin: #- ********************************** #- * 0th step: verify if we are already set up -if ($shorewall && -f "/etc/shorewall/tunnels") { +if ($shorewall && any { !/^\s*(?:#|\n)/ } cat_($tunnels_file)) { $::Wizard_no_previous = 1; if (!$shorewall->{disabled}) { @@ -97,7 +97,7 @@ N("The setup of a VPN connection has already been done. It's currently enabled. -What would you like to do ?"), +What would you like to do?"), [ N_("disable"), N_("reconfigure"), N_("dismiss") ]) or quit_global($in, 0); # FIXME: reconfigure isn't handled if ($r eq "disable") { @@ -123,7 +123,7 @@ N("The setup of a VPN connection has already been done. It's currently disabled. -What would you like to do ?"), +What would you like to do?"), [ N_("enable"), N_("reconfigure"), N_("dismiss") ]); # FIXME: reconfigure isn't handled if ($r eq "enable") { @@ -194,7 +194,7 @@ Please read AT LEAST the ipsec-howto docs before going any further.",$ipsec_package)) or goto begin; $direct or $in->ask_okcancel(N("Kernel module."), -N("The kernel need to have ipsec support. +N("The kernel needs to have ipsec support. You're running a %s kernel version. @@ -293,13 +293,13 @@ my %messages = (ipsec => N("Security Policies"), racoon => N("IKE daemon racoon" if ($kernel_version > 2.5) { $in->ask_from(N("Configuration file"), -N("Configuration step ! +N("Configuration step! You need to define the Security Policies and then to configure the automatic key exchange (IKE) daemon. The KAME IKE daemon we're using is called 'racoon'. -What would you like to configure ?\n"), +What would you like to configure?\n"), [ { val => \$c, type => "list", list => [ keys %messages ], format => sub { $messages{$_[0]} } } ]) or goto step_detectsetup; } else { @@ -325,11 +325,11 @@ my $choice = $section_names[0] if $section_names[0]; my $d = $in->ask_from_list(N("%s entries", $ipsec_conf), N("The %s file contents is divided into sections.\n -You can now :\n +You can now:\n - display, add, edit, or remove sections, then - commit the changes -What would you like to do ?\n", $ipsec_conf), +What would you like to do?\n", $ipsec_conf), [ N_("_:display here is a verb\nDisplay"), N_("Add"), N_("Edit"), N_("Remove"), N_("Commit") ]) or goto step_configuration; my $existing_section = ""; @@ -367,7 +367,7 @@ if ($kernel_version < 2.5) { my $e = $in->ask_from_list_(N("ipsec.conf entries"), N("The %s file contains different sections.\n -Here is its skeleton : 'config setup' +Here is its skeleton: 'config setup' 'conn default' 'normal1' 'normal2' \n @@ -379,7 +379,7 @@ Choose the section you would like to add.\n", $ipsec_conf), $existing_section = network::ipsec::already_existing_section_ipsec_conf("config setup", $ipsec, $kernel_version); if ($existing_section eq "already existing") { -$in->ask_okcancel(N("Exists !"), +$in->ask_okcancel(N("Exists!"), N("A section with this name already exists. The section names have to be unique.\n You'll have to go back and add another section @@ -420,7 +420,7 @@ Choose continue or previous when you are done.\n", $ipsec_conf), $existing_section = network::ipsec::already_existing_section_ipsec_conf("conn %default", $ipsec, $kernel_version); if ($existing_section eq "already existing") { -$in->ask_okcancel(N("Exists !"), +$in->ask_okcancel(N("Exists!"), N("A section with this name already exists. The section names have to be unique.\n You'll have to go back and add another section @@ -504,10 +504,10 @@ Choose continue when you are done to write the data.\n", $ipsec_conf), ] ) or goto step_configure_ipsec_conf; - $existing_section = network::ipsec::already_existing_section_ipsec_conf($normal_conn->{1}[0]." ".$normal_conn->{1}[1], $ipsec, $kernel_version); + $existing_section = network::ipsec::already_existing_section_ipsec_conf($normal_conn->{1}[0] . " " . $normal_conn->{1}[1], $ipsec, $kernel_version); if ($existing_section eq "already existing") { -$in->ask_okcancel(N("Exists !"), +$in->ask_okcancel(N("Exists!"), N("A section with this name already exists. The section names have to be unique.\n You'll have to go back and add another section @@ -547,7 +547,7 @@ Choose continue when you are done to write the data.\n"), $section) or goto ste # $existing_section = network::ipsec::already_existing_section_ipsec_conf($section->{src_dest}, $ipsec, $kernel_version); # # if ($existing_section eq "already existing") { -#$in->ask_okcancel(N("Exists !"), +#$in->ask_okcancel(N("Exists!"), #N("A section with this name already exists. #The section names have to be unique.\n #You'll have to go back and add another section @@ -587,12 +587,12 @@ my $number = network::ipsec::matched_section_key_number_ipsec_conf($choice,$ipse if ($kernel_version < 2.5) { if ($choice =~ /^version|block|private|clear|packet/) { -$in->ask_okcancel(N("Can't edit !"), +$in->ask_okcancel(N("Can't edit!"), N("You cannot edit this section.\n -This section is mandatory for Freswan 2.X. +This section is mandatory for Freeswan 2.X. One has to specify version 2.0 on the top of the %s file, and eventually, disable or -enable the oportunistic encryption.\n",$ipsec_conf)); +enable the opportunistic encryption.\n",$ipsec_conf)); goto step_edit_ipsec_conf; } elsif ($choice =~ /^config setup/) { @@ -643,7 +643,7 @@ Choose continue when you are done to write the data.\n", $ipsec_conf), ask_info3('', N("Edit a Security Policy.\n -You can now add a Security Policy.\n +You can now edit a Security Policy.\n Choose continue when you are done to write the data.\n"), $ipsec->{$number}) or goto step_configure_ipsec_conf; goto step_configure_ipsec_conf; @@ -685,7 +685,7 @@ my $choice = $section_names[0] if $section_names[0]; my $d = $in->ask_from_list_(N("%s entries", $racoon_conf), N("The racoon.conf file configuration.\n The contents of this file is divided into sections. -You can now : +You can now: - display \t\t (display the file contents) - add \t\t (add one section) - edit \t\t\t (modify parameters of an existing section) @@ -727,7 +727,7 @@ step_add_section_racoon: my $e = $in->ask_from_list_(N("racoonf.conf entries"), N("The 'add' sections step.\n -Here below is the racoon.conf file skeleton : +Here below is the racoon.conf file skeleton: \t'path' \t'remote' \t'sainfo' \n @@ -747,23 +747,23 @@ Put your mouse over the certificate entry to obtain online help."), val => \$path_section->{1}[1], list => [ 'certificate', 'pre_shared_key', 'include' ], help => -N("path include path : specifies a path to include +N("path include path: specifies a path to include a file. See File Inclusion. Example: path include '/etc/racoon' -path pre_shared_key file : specifies a file containing +path pre_shared_key file: specifies a file containing pre-shared key(s) for various ID(s). See Pre-shared key File. Example: path pre_shared_key '/etc/racoon/psk.txt' ; -path certificate path : racoon(8) will search this directory +path certificate path: racoon(8) will search this directory if a certificate or certificate request is received. Example: path certificate '/etc/cert' ; -File Inclusion : include file +File Inclusion: include file other configuration files can be included. Example: include \"remote.conf\" ; -Pre-shared key File : Pre-shared key file defines a pair +Pre-shared key File: Pre-shared key file defines a pair of the identifier and the shared secret key which are used at Pre-shared key authentication method in phase 1."), }, @@ -929,7 +929,7 @@ source_id and destination_id are constructed like: address address [/ prefix] [[port]] ul_proto -Examples : \n +Examples: \n sainfo anonymous (accepts connections from anywhere) leave blank this entry if you want anonymous @@ -947,7 +947,7 @@ source_id and destination_id are constructed like: address address [/ prefix] [[port]] ul_proto -Examples : \n +Examples: \n sainfo anonymous (accepts connections from anywhere) leave blank this entry if you want anonymous @@ -962,7 +962,7 @@ source_id and destination_id are constructed like: address address [/ prefix] [[port]] ul_proto -Examples : \n +Examples: \n sainfo anonymous (accepts connections from anywhere) leave blank this entry if you want anonymous @@ -980,7 +980,7 @@ source_id and destination_id are constructed like: address address [/ prefix] [[port]] ul_proto -Examples : \n +Examples: \n sainfo anonymous (accepts connections from anywhere) leave blank this entry if you want anonymous @@ -991,16 +991,16 @@ sainfo address 203.178.141.209 any address 203.178.141.218 any help => N("define the group of Diffie-Hellman exponentiations. If you do not require PFS then you can omit this directive. Any proposal will be accepted if you do not specify one. -group is one of following: modp768, modp1024, modp1536. +group is one of the following: modp768, modp1024, modp1536. Or you can define 1, 2, or 5 as the DH group number.") }, { label => N("Lifetime number"), val => \$data->{3}[2], type => 'entry', help => N("define a lifetime of a certain time which will be pro- posed in the phase 1 negotiations. Any proposal will be -accepted, and the attribute(s) will be not proposed to +accepted, and the attribute(s) will not be proposed to the peer if you do not specify it(them). They can be individually specified in each proposal. -Examples : \n +Examples: \n lifetime time 1 min; # sec,min,hour lifetime time 1 min; # sec,min,hour lifetime time 30 sec; @@ -1014,17 +1014,17 @@ So, here, the lifetime numbers are 1, 1, 30, 30, 60 and 12. list => [ qw(sec min hour) ], help => N("define a lifetime of a certain time which will be pro- posed in the phase 1 negotiations. Any proposal will be -accepted, and the attribute(s) will be not proposed to +accepted, and the attribute(s) will not be proposed to the peer if you do not specify it(them). They can be individually specified in each proposal. -Examples : \n +Examples: \n lifetime time 1 min; # sec,min,hour lifetime time 1 min; # sec,min,hour lifetime time 30 sec; lifetime time 30 sec; lifetime time 60 sec; - lifetime time 12 hour ; + lifetime time 12 hour; So, here, the lifetime units are 'min', 'min', 'sec', 'sec', 'sec' and 'hour'. ") }, @@ -1046,7 +1046,7 @@ specifies the parameters for IKE phase 1 for each remote node. The default port is 500. If anonymous is specified, the state- ments apply to all peers which do not match any other remote directive.\n -Examples : \n +Examples: \n remote anonymous remote ::1 [8000]") }, { label => N("Exchange mode"), val => \$main_remote_section->{2}[1], @@ -1092,7 +1092,7 @@ server.") }, some reason, set this to off. The default is on.") }, { label => N("My identifier"), val => \$main_remote_section->{8}[1], type => 'entry', help => N("specifies the identifier sent to the remote host and the -type to use in the phase 1 negotiation. address, fqdn, +type to use in the phase 1 negotiation. address, FQDN, user_fqdn, keyid and asn1dn can be used as an idtype. they are used like: my_identifier address [address]; @@ -1101,7 +1101,7 @@ they are used like: my_identifier user_fqdn string; the type is a USER_FQDN (user fully-qualified domain name). - my_identifier fqdn string; + my_identifier FQDN string; the type is a FQDN (fully-qualified domain name). my_identifier keyid file; the type is a KEY_ID. @@ -1109,16 +1109,16 @@ they are used like: the type is an ASN.1 distinguished name. If string is omitted, racoon(8) will get DN from Subject field in the certificate.\n -Examples : \n +Examples: \n my_identifier user_fqdn \"myemail\@mydomain.com\"") }, { label => N("Peers identifier"), val => \$main_remote_section->{9}[1], type => 'entry' }, { label => N("Proposal"), val => \$proposal_remote_section->{1}[0], list => [ 'proposal' ], allow_empty_list => 1 }, { label => N("Encryption algorithm"), val => \$proposal_remote_section->{2}[1], list => [ qw(des 3des blowfish cast128) ], help => N("specify the encryption algorithm used for the phase 1 negotiation. This directive must be defined. -algorithm is one of following: +algorithm is one of the following: -des, 3des, blowfish, cast128 for oakley. +DES, 3DES, blowfish, cast128 for oakley. For other transforms, this statement should not be used.") }, { label => N("Hash algorithm"), val => \$proposal_remote_section->{3}[1], type => 'entry' }, |