From 2b20ed65b82d812fc12923dbdf2c54094dbaa7e8 Mon Sep 17 00:00:00 2001 From: Jeremy Sowden Date: Thu, 22 Sep 2022 09:00:42 +0100 Subject: doc, src: make some spelling and grammatical improvements Fix a couple of spelling mistakes: 'expresion' -> 'expression' and correct some non-native usages: 'allows to' -> 'allows one to' Signed-off-by: Jeremy Sowden Signed-off-by: Florian Westphal --- doc/libnftables-json.adoc | 2 +- doc/libnftables.adoc | 10 +++++----- doc/nft.txt | 6 +++--- doc/primary-expression.txt | 4 ++-- doc/statements.txt | 6 +++--- 5 files changed, 14 insertions(+), 14 deletions(-) (limited to 'doc') diff --git a/doc/libnftables-json.adoc b/doc/libnftables-json.adoc index 9cc17ff2..bb59945f 100644 --- a/doc/libnftables-json.adoc +++ b/doc/libnftables-json.adoc @@ -1172,7 +1172,7 @@ point (*base*). The following *base* values are accepted: *"th"*:: The offset is relative to Transport Layer header start offset. -The second form allows to reference a field by name (*field*) in a named packet +The second form allows one to reference a field by name (*field*) in a named packet header (*protocol*). === EXTHDR diff --git a/doc/libnftables.adoc b/doc/libnftables.adoc index 550012b4..7ea0d56e 100644 --- a/doc/libnftables.adoc +++ b/doc/libnftables.adoc @@ -71,7 +71,7 @@ The *nft_ctx_free*() function frees the context object pointed to by 'ctx', incl === nft_ctx_get_dry_run() and nft_ctx_set_dry_run() Dry-run setting controls whether ruleset changes are actually committed on kernel side or not. -It allows to check whether a given operation would succeed without making actual changes to the ruleset. +It allows one to check whether a given operation would succeed without making actual changes to the ruleset. The default setting is *false*. The *nft_ctx_get_dry_run*() function returns the dry-run setting's value contained in 'ctx'. @@ -121,7 +121,7 @@ NFT_CTX_OUTPUT_JSON:: This flag controls JSON output format, input is auto-detected. NFT_CTX_OUTPUT_ECHO:: The echo setting makes libnftables print the changes once they are committed to the kernel, just like a running instance of *nft monitor* would. - Amongst other things, this allows to retrieve an added rule's handle atomically. + Amongst other things, this allows one to retrieve an added rule's handle atomically. NFT_CTX_OUTPUT_GUID:: Display UID and GID as described in the /etc/passwd and /etc/group files. NFT_CTX_OUTPUT_NUMERIC_PROTO:: @@ -199,9 +199,9 @@ On failure, the functions return non-zero which may only happen if buffering was The *nft_ctx_get_output_buffer*() and *nft_ctx_get_error_buffer*() functions return a pointer to the buffered output (which may be empty). === nft_ctx_add_include_path() and nft_ctx_clear_include_path() -The *include* command in nftables rulesets allows to outsource parts of the ruleset into a different file. +The *include* command in nftables rulesets allows one to outsource parts of the ruleset into a different file. The include path defines where these files are searched for. -Libnftables allows to have a list of those paths which are searched in order. +Libnftables allows one to have a list of those paths which are searched in order. The default include path list contains a single compile-time defined entry (typically '/etc/'). The *nft_ctx_add_include_path*() function extends the list of include paths in 'ctx' by the one given in 'path'. @@ -210,7 +210,7 @@ The function returns zero on success or non-zero if memory allocation failed. The *nft_ctx_clear_include_paths*() function removes all include paths, even the built-in default one. === nft_ctx_add_var() and nft_ctx_clear_vars() -The *define* command in nftables ruleset allows to define variables. +The *define* command in nftables ruleset allows one to define variables. The *nft_ctx_add_var*() function extends the list of variables in 'ctx'. The variable must be given in the format 'key=value'. The function returns zero on success or non-zero if the variable is malformed. diff --git a/doc/nft.txt b/doc/nft.txt index 16c68322..02cf13a5 100644 --- a/doc/nft.txt +++ b/doc/nft.txt @@ -411,7 +411,7 @@ statements for instance). |route | ip, ip6 | output | If a packet has traversed a chain of this type and is about to be accepted, a new route lookup is performed if relevant parts of the IP header have changed. -This allows to e.g. implement policy routing selectors in nftables. +This allows one to e.g. implement policy routing selectors in nftables. |================= Apart from the special cases illustrated above (e.g. *nat* type not supporting @@ -472,7 +472,7 @@ with these standard names to ease relative prioritizing, e.g. *mangle - 5* stand for *-155*. Values will also be printed like this until the value is not further than 10 from the standard value. -Base chains also allow to set the chain's *policy*, i.e. what happens to +Base chains also allow one to set the chain's *policy*, i.e. what happens to packets not explicitly accepted or refused in contained rules. Supported policy values are *accept* (which is the default) or *drop*. @@ -660,7 +660,7 @@ ____ 'OPTIONS' := [*timeout* 'TIMESPEC'] [*expires* 'TIMESPEC'] [*comment* 'string'] 'TIMESPEC' := ['num'*d*]['num'*h*]['num'*m*]['num'[*s*]] ____ -Element-related commands allow to change contents of named sets and maps. +Element-related commands allow one to change contents of named sets and maps. 'key_expression' is typically a value matching the set type. 'value_expression' is not allowed in sets but mandatory when adding to maps, where it matches the data part in its type definition. When deleting from maps, it may diff --git a/doc/primary-expression.txt b/doc/primary-expression.txt index 4d6b0878..e13970cf 100644 --- a/doc/primary-expression.txt +++ b/doc/primary-expression.txt @@ -442,7 +442,7 @@ Create a number generator. The *inc* or *random* keywords control its operation mode: In *inc* mode, the last returned value is simply incremented. In *random* mode, a new random number is returned. The value after *mod* keyword specifies an upper boundary (read: modulus) which is not reached by -returned numbers. The optional *offset* allows to increment the returned value +returned numbers. The optional *offset* allows one to increment the returned value by a fixed offset. A typical use-case for *numgen* is load-balancing: @@ -472,7 +472,7 @@ header to apply the hashing, concatenations are possible as well. The value after *mod* keyword specifies an upper boundary (read: modulus) which is not reached by returned numbers. The optional *seed* is used to specify an init value used as seed in the hashing function. The optional *offset* -allows to increment the returned value by a fixed offset. +allows one to increment the returned value by a fixed offset. A typical use-case for *jhash* and *symhash* is load-balancing: diff --git a/doc/statements.txt b/doc/statements.txt index 6c6b1d87..8076c21c 100644 --- a/doc/statements.txt +++ b/doc/statements.txt @@ -11,7 +11,7 @@ The verdict statement alters control flow in the ruleset and issues policy decis [horizontal] *accept*:: Terminate ruleset evaluation and accept the packet. The packet can still be dropped later by another hook, for instance accept -in the forward hook still allows to drop the packet later in the postrouting hook, +in the forward hook still allows one to drop the packet later in the postrouting hook, or another forward base chain that has a higher priority number and is evaluated afterwards in the processing pipeline. *drop*:: Terminate ruleset evaluation and drop the packet. @@ -278,7 +278,7 @@ ct event set new,related,destroy NOTRACK STATEMENT ~~~~~~~~~~~~~~~~~ -The notrack statement allows to disable connection tracking for certain +The notrack statement allows one to disable connection tracking for certain packets. [verse] @@ -613,7 +613,7 @@ ____ QUEUE_EXPRESSION can be used to compute a queue number at run-time with the hash or numgen expressions. It also -allows to use the map statement to assign fixed queue numbers +allows one to use the map statement to assign fixed queue numbers based on external inputs such as the source ip address or interface names. .queue statement values -- cgit v1.2.3