Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/trunk]: src/share/man/man4 Improve wording and macro use.



details:   https://anonhg.NetBSD.org/src/rev/70b3750a1860
branches:  trunk
changeset: 358634:70b3750a1860
user:      wiz <wiz%NetBSD.org@localhost>
date:      Wed Jan 10 12:18:22 2018 +0000

description:
Improve wording and macro use.

Some parts are not clear to me, so someone with knowledge of ipsecif(4)
should improve this some more.

diffstat:

 share/man/man4/ipsecif.4 |  59 ++++++++++++++++++++++++++---------------------
 1 files changed, 32 insertions(+), 27 deletions(-)

diffs (127 lines):

diff -r a8f190d80dbe -r 70b3750a1860 share/man/man4/ipsecif.4
--- a/share/man/man4/ipsecif.4  Wed Jan 10 12:16:39 2018 +0000
+++ b/share/man/man4/ipsecif.4  Wed Jan 10 12:18:22 2018 +0000
@@ -1,4 +1,4 @@
-.\"    $NetBSD: ipsecif.4,v 1.1 2018/01/10 11:08:55 knakahara Exp $
+.\"    $NetBSD: ipsecif.4,v 1.2 2018/01/10 12:18:22 wiz Exp $
 .\"
 .\" Copyright (C) 2017 Internet Initiative Japan Inc.
 .\" All rights reserved.
@@ -31,14 +31,14 @@
 .Dt IPSECIF 4
 .Os
 .Sh NAME
-.Nm ipsec
-.Nd ipsec interface
+.Nm ipsecif
+.Nd IPsec interface
 .Sh SYNOPSIS
 .Cd "pseudo-device ipsecif"
 .Sh DESCRIPTION
 The
 .Nm
-is similar to
+interface is similar to
 .Xr gif 4
 over
 .Xr ipsec 4
@@ -46,25 +46,29 @@
 .Xr gif 4
 over
 .Xr ipsec 4
-transport mode are managed by userland programs. In contrast,
+transport mode is managed by userland programs.
+In contrast,
 .Nm
-manages its security policies by itself, that is, when user sets
+manages its security policies by itself, that is, when user sets up a
 .Nm
 tunnel source and destination address pair, the related security policies
-are created automatically in kernel. Therefore, the security policies of
-.Nm
-are added/deleted atomically. It also means
+are created automatically in the kernel.
+Therefore, the security policies of
 .Nm
-ensures both of in and out security policy pair exist, that is,
+are added/deleted atomically.
+It also means that
 .Nm
-avoids the troubles which is caused by only one of in and out security
+ensures that both the in and out security policy pairs exist, that is,
+.Nm
+avoids the trouble caused when only one of the in and out security
 policy pair exists.
 .Pp
-There is four security policies generated by
+There are four security policies generated by
 .Nm ,
-that is, in and out pair for each IPv4 and IPv6. Here is
+that is, one in and out pair for IPv4 and IPv6 each.
+This
 .Xr ipsec.conf 5
-which is the same meaing as that security policies.
+has the same meaning as these security policies:
 .Bd -literal
 spdadd "src" "dst" ipv4 -P out ipsec esp/transport//unique;
 spdadd "dst" "src" ipv4 -P in ipsec esp/transport//unique;
@@ -74,25 +78,27 @@
 .Pp
 Therefore,
 .Nm
-configuration will fail if you already add such security policies, and
+configuration will fail if you already added such security policies, and
 vice versa.
 .Pp
-The related security associates can be established by IKE daemon such as
+The related security associates can be established by an IKE daemon such as
 .Xr racoon 8 .
 They can also be manipulated manually by
 .Xr setkey 8
-with -u option which we set security policy's unique#.
+with the
+.Fl u
+option which sets a security policy's unique id.
 .Pp
 Some if_flags change
-.Nm
-befavior. IFF_LINK0 can enable Network Address Translator traversal,
+.Nm Ap s
+behaviour.
+IFF_LINK0 can enable Network Address Translator traversal,
 IFF_LINK1 can enable ECN friendly mode like
 .Xr gif 4 ,
 and IFF_LINK2 can enable forwarding inner IPv6 packets.
-Only IFF_LINK2 is set by default. If you use only IPv4 packets as
-inner packets, you would want to unset IFF_LINK2 to reduce security
-associates for IPv6 packets.
-
+Only IFF_LINK2 is set by default.
+If you use only IPv4 packets as inner packets, you would want to
+unset IFF_LINK2 to reduce security associates for IPv6 packets.
 .Sh EXAMPLES
 Configuration example:
 .Bd -literal
@@ -127,12 +133,11 @@
 # ifconfig wm1 inet 10.200.0.1/24
 # route add 10.100.0.1 172.16.200.1
 .Ed
-.Pp
 .Sh SEE ALSO
+.Xr gif 4 ,
 .Xr inet 4 ,
 .Xr inet6 4 ,
 .Xr ipsec 4 ,
-.Xr gif 4 ,
 .Xr ifconfig 8 ,
 .Xr setkey 8
 .Sh HISTORY
@@ -143,6 +148,6 @@
 .Sh LIMITATIONS
 Currently, the
 .Nm
-interface supports esp protocol only.
+interface supports the ESP protocol only.
 .Nm
-does not support Network Address Translator traversal(NAT-T).
+does not support Network Address Translator traversal (NAT-T).



Home | Main Index | Thread Index | Old Index