[src/netbsd-3]: src/crypto/dist/ipsec-tools/src/setkey Pull up revision 1.7 (...

[tron <tron%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/57bc36f32de2
branches:  netbsd-3
changeset: 575629:57bc36f32de2
user:      tron <tron%NetBSD.org@localhost>
date:      Sun May 01 10:56:01 2005 +0000

description:
Pull up revision 1.7 (requested by manu in ticket #215):
Improve english, improve formatting, sort options.

diffstat:

 crypto/dist/ipsec-tools/src/setkey/setkey.8 |  291 ++++++++++++++-------------
 1 files changed, 149 insertions(+), 142 deletions(-)

diffs (truncated from 666 to 300 lines):

diff -r 641a8209321c -r 57bc36f32de2 crypto/dist/ipsec-tools/src/setkey/setkey.8
--- a/crypto/dist/ipsec-tools/src/setkey/setkey.8       Sun May 01 10:53:42 2005 +0000
+++ b/crypto/dist/ipsec-tools/src/setkey/setkey.8       Sun May 01 10:56:01 2005 +0000
@@ -1,4 +1,4 @@
-.\"    $NetBSD: setkey.8,v 1.1.1.2.2.5 2005/05/01 10:53:42 tron Exp $
+.\"    $NetBSD: setkey.8,v 1.1.1.2.2.6 2005/05/01 10:56:01 tron Exp $
 .\"
 .\"    $KAME: setkey.8,v 1.93 2003/09/24 23:44:46 itojun Exp $
 .\"
@@ -39,16 +39,16 @@
 .\"
 .Sh SYNOPSIS
 .Nm setkey
-.Op Fl nvrk
+.Op Fl knrv
 .Ar file ...
 .Nm setkey
-.Op Fl nvrk
+.Op Fl knrv
 .Fl c
 .Nm setkey
-.Op Fl vrk
+.Op Fl krv
 .Fl f Ar filename
 .Nm setkey
-.Op Fl aPlvrk
+.Op Fl aklPrv
 .Fl D
 .Nm setkey
 .Op Fl Pv
@@ -57,8 +57,7 @@
 .Op Fl H
 .Fl x
 .Nm setkey
-.Op Fl ?
-.Op Fl V
+.Op Fl ?V
 .\"
 .Sh DESCRIPTION
 .Nm
@@ -67,7 +66,7 @@
 as well as Security Policy Database (SPD) entries in the kernel.
 .Pp
 .Nm
-takes a series of operations from the standard input
+takes a series of operations from standard input
 .Po
 if invoked with
 .Fl c
@@ -82,28 +81,29 @@
 .It (no flag)
 Dump the SAD entries or SPD entries contained in the specified
 .Ar file .
-.It Fl D
-Dump the SAD entries.
-If with
-.Fl P ,
-the SPD entries are dumped.
-.It Fl F
-Flush the SAD entries.
-If with
-.Fl P ,
-the SPD entries are flushed.
+.It Fl ?
+Print short help.
 .It Fl a
 .Nm
 usually does not display dead SAD entries with
 .Fl D .
-If with
-.Fl a ,
-the dead SAD entries will be displayed as well.
-A dead SAD entry means that
-it has been expired but remains in the system
-because it is referenced by some SPD entries.
+If
+.Fl a
+is also specified, the dead SAD entries will be displayed as well.
+A dead SAD entry is one that has expired but remains in the
+system because it is referenced by some SPD entries.
+.It Fl D
+Dump the SAD entries.
+If
+.Fl P
+is also specified, the SPD entries are dumped.
+.It Fl F
+Flush the SAD entries.
+If
+.Fl P
+is also specified, the SPD entries are dumped.
 .It Fl H
-Add hexadecimal dump on
+Add hexadecimal dump in
 .Fl x
 mode.
 .It Fl h
@@ -113,37 +113,39 @@
 .Fl H .
 On other systems, synonym for
 .Fl ? .
+.It Fl k
+Use semantics used in kernel.
+Available only in Linux.
+See also
+.Fl r .
 .It Fl l
 Loop forever with short output on
 .Fl D .
-.It Fl v
-Be verbose.
-The program will dump messages exchanged on
-.Dv PF_KEY
-socket, including messages sent from other processes to the kernel.
 .It Fl n
 No action.
-The program will check validity of input, but no changes to the SPD will
-be made.
+The program will check validity of the input, but no changes to
+the SPD will be made.
 .It Fl r
 Use semantics described in IPsec RFCs.
 This mode is default.
 For details see section
 .Sx RFC vs Linux kernel semantics .
 Available only in Linux.
-.It Fl k
-Use semantics used in kernel.
-Available only in Linux.
+See also
+.Fl k .
 .It Fl x
-Loop forever and dump all the messages transmitted to
+Loop forever and dump all the messages transmitted to the
 .Dv PF_KEY
 socket.
 .Fl xx
-makes each timestamps unformatted.
-.It Fl ?
-Print short help.
+prints the unformatted timestamps.
 .It Fl V
 Print version string.
+.It Fl v
+Be verbose.
+The program will dump messages exchanged on the
+.Dv PF_KEY
+socket, including messages sent from other processes to the kernel.
 .El
 .Ss Configuration syntax
 With
@@ -153,7 +155,9 @@
 on the command line,
 .Nm
 accepts the following configuration syntax.
-Lines starting with hash signs ('#') are treated as comment lines.
+Lines starting with hash signs
+.Pq Sq #
+are treated as comment lines.
 .Bl -tag -width Ds
 .It Xo
 .Li add
@@ -165,8 +169,8 @@
 .Xc
 Add an SAD entry.
 .Li add
-can fail with multiple reasons,
-including when the key length does not match the specified algorithm.
+can fail for multiple reasons, including when the key length does
+not match the specified algorithm.
 .\"
 .It Xo
 .Li get
@@ -223,7 +227,7 @@
 .Ar tag Ar policy
 .Li ;
 .Xc
-Add an SPD entry based on PF tag.
+Add an SPD entry based on a PF tag.
 .Ar tag
 must be a string surrounded by double quotes.
 .\"
@@ -259,7 +263,7 @@
 .It Ar src
 .It Ar dst
 Source/destination of the secure communication is specified as
-IPv4/v6 address.
+an IPv4/v6 address.
 .Nm
 can resolve a FQDN into numeric addresses.
 If the FQDN resolves into multiple addresses,
@@ -267,10 +271,10 @@
 will install multiple SAD/SPD entries into the kernel
 by trying all possible combinations.
 .Fl 4 ,
-.Fl 6
+.Fl 6 ,
 and
 .Fl n
-restricts the address resolution of FQDN in certain ways.
+restrict the address resolution of FQDN in certain ways.
 .Fl 4
 and
 .Fl 6
@@ -303,11 +307,11 @@
 .Pq SPI
 for the SAD and the SPD.
 .Ar spi
-must be a decimal number, or a hexadecimal number with
+must be a decimal number, or a hexadecimal number with a
 .Dq Li 0x
 prefix.
 SPI values between 0 and 255 are reserved for future use by IANA
-and they cannot be used.
+and cannot be used.
 TCP-MD5 associations must use 0x1000 and therefore only have per-host
 granularity at this time.
 .\"
@@ -320,7 +324,7 @@
 Specify a security protocol mode for use.
 .Ar mode
 is one of following:
-.Li transport , tunnel
+.Li transport , tunnel ,
 or
 .Li any .
 The default value is
@@ -332,10 +336,10 @@
 must be decimal number in 32-bit word.
 If
 .Ar size
-is zero or not specified, replay check don't take place.
+is zero or not specified, replay checks don't take place.
 .\"
 .It Fl u Ar id
-Specify the identifier of the policy entry in SPD.
+Specify the identifier of the policy entry in the SPD.
 See
 .Ar policy .
 .\"
@@ -345,15 +349,15 @@
 is one of following:
 .Bl -tag -width random-pad -compact
 .It Li zero-pad
-All of the padding are zero.
+All the paddings are zero.
 .It Li random-pad
-A series of randomized values are set.
+A series of randomized values are used.
 .It Li seq-pad
-A series of sequential increasing numbers started from 1 are set.
+A series of sequential increasing numbers started from 1 are used.
 .El
 .\"
 .It Fl f Li nocyclic-seq
-Don't allow cyclic sequence number.
+Don't allow cyclic sequence numbers.
 .\"
 .It Fl lh Ar time
 .It Fl ls Ar time
@@ -368,14 +372,14 @@
 .It Ar algorithm
 .Bl -tag -width Fl -compact
 .It Fl E Ar ealgo Ar key
-Specify a encryption algorithm
+Specify an encryption algorithm
 .Ar ealgo
 for ESP.
 .It Xo
 .Fl E Ar ealgo Ar key
 .Fl A Ar aalgo Ar key
 .Xc
-Specify a encryption algorithm
+Specify an encryption algorithm
 .Ar ealgo ,
 as well as a payload authentication algorithm
 .Ar aalgo ,
@@ -386,11 +390,11 @@
 Specify a compression algorithm for IPComp.
 If
 .Fl R
-is specified,
+is specified, the
 .Ar spi
 field value will be used as the IPComp CPI
 .Pq compression parameter index
-on wire as is.
+on wire as-is.
 If
 .Fl R
 is not specified,
@@ -400,23 +404,25 @@
 .El
 .Pp
 .Ar key
-must be double-quoted character string, or a series of hexadecimal digits
-preceded by
+must be a double-quoted character string, or a series of hexadecimal
+digits preceded by
 .Dq Li 0x .
 .Pp