diff --git a/.gitignore b/.gitignore
index 63d98f7..fd63e79 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,4 @@
 *.iml
 .idea/
 *~
+*.swp
diff --git a/TODO b/TODO
new file mode 100644
index 0000000..dc58b75
--- /dev/null
+++ b/TODO
@@ -0,0 +1,19 @@
+fw-daemon:
+	pc.socks() and getOptString() return overlapping information
+
+	remove all stale references to SANDBOX: rules/policyForPathAndSandbox()
+
+
+fw-prompt:
+	scope returned by new rules is bad (always set to process)
+
+	Each duplicate prompt needs to be expandable into individual items
+
+
+gnome-shell:
+	Start using new async DBus methods
+
+
+
+new go-procsnitch vendor package changes should be pushed into main project
+
diff --git a/sgfw/rules.go b/sgfw/rules.go
index f5795f8..610515d 100644
--- a/sgfw/rules.go
+++ b/sgfw/rules.go
@@ -47,13 +47,10 @@ func (r *Rule) String() string {
 
 func (r *Rule) getString(redact bool) string {
 	rtype := RuleActionString[RULE_ACTION_DENY]
-	if r.rtype == RULE_ACTION_ALLOW {
-		rtype = RuleActionString[RULE_ACTION_ALLOW]
-	} else if r.rtype == RULE_ACTION_ALLOW_TLSONLY {
-		rtype = RuleActionString[RULE_ACTION_ALLOW_TLSONLY]
+	if r.rtype == RULE_ACTION_ALLOW || r.rtype == RULE_ACTION_ALLOW_TLSONLY {
+		rtype = RuleActionString[r.rtype]
 	}
 	rmode := "|" + RuleModeString[r.mode]
-
 	protostr := ""
 
 	if r.proto != "tcp" {
@@ -258,17 +255,17 @@ func (r *Rule) parse(s string) bool {
 	} else if parts[2] == "PERMANENT" {
 		r.mode = RULE_MODE_PERMANENT
 	} else if parts[2] != "" {
-		log.Notice("invalid rule mode ", parts[2], " in line ", s)
+		log.Warning("Error: invalid rule mode ", parts[2], " in line ", s)
 		return false
 	}
 
 	if !r.parsePrivs(parts[3]) {
-		log.Notice("invalid privs ", parts[3], " in line ", s)
+		log.Warning("Error: invalid privs ", parts[3], " in line ", s)
 		return false
 	}
 
 	if !r.parseSandbox(parts[4]) {
-		log.Notice("invalid sandbox ", parts[4], "in line ", s)
+		log.Warning("invalid sandbox ", parts[4], "in line ", s)
 		return false
 	}