Bug 813385 - Update document for clarity.
Update document for clarity.
Status: CLOSED CURRENTRELEASE
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: Installation_Guide (Show other bugs)
5.8
Unspecified Unspecified
unspecified Severity unspecified
: rc
: ---
Assigned To: Petr Bokoc
ecs-bugs
: Documentation
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2012-04-17 11:50 EDT by Jeff Palmer
Modified: 2013-10-02 09:34 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2013-10-02 09:34:22 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Jeff Palmer 2012-04-17 11:50:20 EDT
Description of problem:
On the following pages,  the documentation isn't accurate/clear

http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5/html/Installation_Guide/s1-kickstart2-options.html
http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Installation_Guide/s1-kickstart2-options.html

Version-Release number of selected component (if applicable):

RHEL 5.x, 6.x


How reproducible:
N/A

Steps to Reproduce:
N/A
  
Actual results:
N/A

Expected results:
N/A

Additional info:
The "firewall" section of the kickstart page explains the use of the --trust option. However, the verbiage isn't clear.  It is TECHNICALLY accurate, but in practical real-world use, it's a bit ambiguous.

The current version is:
"--trust= — Listing a device here, such as eth0, allows all traffic coming from that device to go through the firewall. To list more than one device, use --trust eth0 --trust eth1. Do NOT use a comma-separated format such as --trust eth0, eth1."

The problem is,  "allows all traffic coming from that device to go through the firewall"
This phrasing makes it sound like all traffic coming from the device, and going out the interface is allowed. Giving the impression that it has no affect on incoming traffic for the device.

Suggestion:  Change the verbage to read something like: "allows all traffic from/to that interface."
Comment 1 Jack Reed 2013-03-20 22:21:01 EDT
Hi Jeff,

Thanks for reporting this, and sorry for the delay in replying.

Would the following rewrite address the issue?

"Listing a device here, such as eth0, allows all traffic coming to and from that device to go through the firewall."

I haven't used 'interface' as I can't see a distinctive reason for doing so, but if you feel it should be included, let me know why and I'll edit accordingly.
Comment 2 Jeff Palmer 2013-03-20 22:48:25 EDT
Jack,

Thanks for looking into this.  I know it's a trivial change. But I had to take the time to mockup and confirm the behavior,  and I assume others may need to as well.. So having the docs be a little more clear may help others too.

As for the rewrite, I think that phrasing should be more than sufficient. Thanks!
Comment 6 RHEL Product and Program Management 2013-05-01 02:38:49 EDT
This request was evaluated by Red Hat Product Management for
inclusion in the current release of Red Hat Enterprise Linux.
Because the affected component is not scheduled to be updated
in the current release, Red Hat is unable to address this
request at this time.

Red Hat invites you to ask your support representative to
propose this request, if appropriate, in the next release of
Red Hat Enterprise Linux.

Note You need to log in before you can comment on or make changes to this bug.