From 61a7918bc24d20f60c0c895296f46099475e7add Mon Sep 17 00:00:00 2001
From: Danny Sung <danny@dannysung.com>
Date: Thu, 4 Jun 2015 23:29:24 -0700
Subject: [PATCH] Updated README

---
 README.md | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 44914b7..a2fae86 100644
--- a/README.md
+++ b/README.md
@@ -50,7 +50,7 @@ allow_cron=0
 This configures eth0 as the primary internet interface.  And it allows Ping and NTP packets.  It also allows webknocking to work.  (more on that below).
 
 
-/etc/pmfw/webknock.rules: Webknock.rules is a schell script that will be
+/etc/pmfw/webknock.rules: Webknock.rules is a shell script that will be
 executed.  Any output given will be included in the final generated rule set.
 This is a script allowing you to create any complexity of conditions you want.
 By default, this just allows ssh for the given IP:
@@ -58,6 +58,16 @@ By default, this just allows ssh for the given IP:
 -A in_pub_tcp -p tcp -m tcp --dport 22 -s "$ip" -j ACCEPT
 </pre>
 
+## Installation ##
+
+Once configured, you can execute @pmfw-deploy --dry-run@.  This will print out
+the iptables rules for you to verify.  
+
+@pmfw-deploy@ will implement the rules.
+
+Once you've verified the rules are correct, you should set @allow_cron=1@ in
+the /etc/pmfw/pmfw.conf file, especially when using webknocking.  This will
+ensure that the the rules will be re-implemented every hour.
 
 ## WebKnock Client ##