Merge djmitche/build-fwunit:docs-cleanup (PR #32)

mozilla · Mar 15, 2015 · 80a62b6 · 80a62b6
2 parents 329fa59 + 8b8098a
commit 80a62b6
Showing 1 changed file with 19 additions and 10 deletions.
diff --git a/docs/processing.rst b/docs/processing.rst
@@ -1,26 +1,35 @@
 Processing Policies
 ===================
 
-The ``fwunit`` command processes a YAML-formatted configuration file describing a
-set of "sources" of rule data.  Each top-level key describes a source, and must
-have a ``type`` field giving the type of data to be read -- see "Supported
-Systems", above.  Each must also have an ``output`` field giving the filename to
-write the generated rules to (relative to the configuration file).
+To gather data about your network flows, you will need to define one or more "sources" in a configuration file.
+Each source describes a set of flow configurations for fwunit to convert into its internal representation and store.
+For example, you might define one source for each distinct firewall in your organization, or for each distinct AWS account.
 
-The source may optionally have a ``require`` field giving a list of other sources
-which should be processed first.
+You'll then run ``fwunit`` in the directory containing the configuration file, and it will process the policies from each source and write them to disk, ready for analysis.
 
-Any additional fields are passed to the policy-type plugin.
+You can pass one or more source names to ``fwunit`` to only process those sources.
+Otherwise it processes all sources, ordered by their dependencies.
+
+Configuration File
+------------------
+
+The ``fwunit`` command processes a YAML-formatted configuration file describing a set of "sources" of rule data.
+Each top-level key describes a source, and must have a ``type`` field giving the type of data to be read -- see "Supported Systems", above.
 
 .. code-block:: yaml
 
     aws_releng:
         type: aws
-        output: aws_releng.pkl
+        output: aws_releng.json
         dynamic_subnets: [build, test, try, build.servo, bb]
         regions: [us-east-1, us-west-1, us-west-2]
 
-You can pass one or more source names to ``fwunit`` to only process those sources.
+Each must also have an ``output`` field giving the filename to write the generated rules to (relative to the configuration file).
+
+The source may optionally have a ``require`` field giving a list of other sources which should be processed first.
+
+Any additional fields are passed to the policy-type plugin.
+See the documentation of those plugins for more information.
 
 Application Maps
 ----------------