a bit closer to the queen's english

1 files changed, 57 insertions, 59 deletions

diff --git a/lib/libc/gen/sysctl.3 b/lib/libc/gen/sysctl.3
index 457e540aa71..6efb7243c15 100644
--- a/lib/libc/gen/sysctl.3
+++ b/lib/libc/gen/sysctl.3
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: sysctl.3,v 1.65 2001/03/20 19:20:36 itojun Exp $
+.\"	$OpenBSD: sysctl.3,v 1.66 2001/03/22 22:08:47 deraadt Exp $
 .\"
 .\" Copyright (c) 1993
 .\"	The Regents of the University of California.  All rights reserved.
@@ -775,7 +775,7 @@ Returns 1 if
 .Tn ICMP
 network mask requests are to be answered.
 .It Li icmp.errppslimit
-The variable specifies the maximum number of outgoing ICMP error messages,
+The variable specifies the maximum number of outgoing ICMP error messages
 per second.
 ICMP error messages that exceeded the value are subject to rate limitation
 and will not go out from the node.
@@ -828,7 +828,7 @@ Returns 1 if RFC2018 Selective Acknowledgements are enabled.
 The maximum segment size that is used as default for non-local connections.
 The default value is 512.
 .It Li tcp.rstppslimit
-The variable specifies the maximum number of outgoing TCP RST packets,
+The variable specifies the maximum number of outgoing TCP RST packets
 per second.
 TCP RST packet that exceeded the value are subject to rate limitation
 and will not go out from the node.
@@ -899,14 +899,13 @@ Returns 1 when IPv6 forwarding is enabled for the node,
 meaning that the node is acting as a router.
 Returns 0 when IPv6 forwarding is disabled for the node,
 meaning that the node is acting as a host.
-IPv6 specification defines node behavior for
+Note that IPv6 defines node behavior for the
 .Dq router
-case and
+and
 .Dq host
-case quite differently, and changing this variable during operation
+cases quite differently, and changing this variable during operation
 may cause serious trouble.
-It is recommended to configure the variable at bootstrap time,
-and bootstrap time only.
+Hence, this variable should only be set at bootstrap time.
 .It Li ip6.redirect
 Returns 1 when ICMPv6 redirects may be sent by the node.
 This option is ignored unless the node is routing IP packets,
@@ -914,7 +913,7 @@ and should normally be enabled on all systems.
 .It Li ip6.hlim
 The default hop limit value for an IPv6 unicast packet sourced by the node.
 This value applies to all the transport protocols on top of IPv6.
-There are APIs to override the value, as documented in
+Methods for overriding this value are documented in
 .Xr ip6 4 .
 .It Li ip6.maxfragpackets
 The maximum number of fragmented packets the node will accept.
@@ -926,54 +925,56 @@ If set to non-zero, the node will accept ICMPv6 router advertisement packets
 and autoconfigures address prefixes and default routers.
 The node must be a host
 .Pq not a router
-for the option to be meaningful.
+for the option to be meaningful (see
+.Li ip6.forwarding Ns ).
 .It Li ip6.keepfaith
-If set to non-zero, it enables
+If set to non-zero, enables the
 .Dq FAITH
 TCP relay IPv6-to-IPv4 translator code in the kernel.
-Refer
+Refer to
 .Xr faith 4
 and
 .Xr faithd 8
-for detail.
+for more details.
 .It Li ip6.log_interval
-The variable controls amount of logs generated by IPv6 packet
-forwarding engine, by seting interval between log output
-.Pq in seconds .
+This variable permits adjusting the amount of logs generated by the
+IPv6 packet forwarding engine.  The value indicates the number of
+seconds of interval which must elapse between log output.
 .It Li ip6.hdrnestlimit
 The number of IPv6 extension headers permitted on incoming IPv6 packets.
 If set to 0, the node will accept as many extension headers as possible.
 .It Li ip6.dad_count
-The variable cofigures number of IPv6 DAD
+The variable configures the number of IPv6 DAD
 .Pq duplicated address detection
 probe packets.
-The packets will be generated when IPv6 interface addresses are configured.
+These packets are generated when IPv6 interfaces are first brought up.
 .It Li ip6.auto_flowlabel
 On connected transport protocol packets,
-fill IPv6 flowlabel field to help intermediate routers to identify packet flows.
+fill IPv6 flowlabel field to help intermediate routers identify
+packet flows.
 .It Li ip6.defmcasthlim
 The default hop limit value for an IPv6 multicast packet sourced by the node.
 This value applies to all the transport protocols on top of IPv6.
-There are APIs to override the value, as documented in
+Methods for overriding this value are documented in
 .Xr ip6 4 .
 .It Li ip6.kame_version
-The string identifies the version of KAME IPv6 stack implemented in the kernel.
+The string identifies the version of the KAME IPv6 stack implemented
+in the kernel.
 .It Li ip6.use_deprecated
-The variable controls use of deprecated address, specified in RFC2462 5.5.4.
+The variable controls use of deprecated addresses, specified in
+RFC2462 5.5.4.
 .It Li ip6.rr_prune
 The variable specifies interval between IPv6 router renumbering prefix
-babysitting, in seconds.
+babysitting in seconds.
 .It Li icmp6.rediraccept
 If set to non-zero, the host will accept ICMPv6 redirect packets.
 Note that IPv6 routers will never accept ICMPv6 redirect packets,
-and the variable is meaningful on IPv6 hosts
-.Pq non-router
-only.
+so the variable is only meaningful on IPv6 hosts, not on routers.
 .It Li icmp6.redirtimeout
-The variable specifies lifetime of routing entries generated by incoming
-ICMPv6 redirect.
+The variable specifies the lifetime of routing entries generated by
+incoming ICMPv6 redirects.
 .It Li icmp6.nd6_prune
-The variable specifies interval between IPv6 neighbor cache babysitting,
+The variable specifies interval between IPv6 neighbor cache babysitting
 in seconds.
 .It Li icmp6.nd6_delay
 The variable specifies
@@ -992,46 +993,43 @@ The variable specifies
 constant in IPv6 neighbor discovery specification
 .Pq RFC2461 .
 .It Li icmp6.nd6_useloopback
-If set to non-zero, kernel IPv6 stack will use loopback interface for
-local traffic.
+If set to non-zero, IPv6 will use the loopback interface for local traffic.
 .It Li icmp6.nodeinfo
-The variable enables, or disables, kernel support for
-ICMPv6 node information query/reply.
-If you set the variable to 0, the kernel will respond to no ICMPv6 node
-information queries.
-If non-zero, the kernel is permitted to respond to ICMPv6 node information
-queries.
-For security-sensitive query types, you can control the kernel behavior
-by setting certain bits in the variable.
-Turning the 2^0 bit
-.Pq least significant bit, equals to 1
-will make the kernel respond to ICMPv6 FQDN queries
-.Pq Li ping6 -w .
-Turning the 2^1 bit
-.Pq equals to 2
-will make the kernel respond to ICMPv6 node addresses queries
-.Pq Li ping6 -a .
+The variable enables responses to ICMPv6 node information queries.
+If you set the variable to 0, reponses will not be generated for
+ICMPv6 node information queries.
+Since node information queries can have a security impact, it is
+possible to fine tune which responses should be answered.
+Two seperate bits can be set.
+.Bl -tag -width "12345"
+.It 1
+Respond to ICMPv6 FQDN queries, e.g.
+.Li ping6 -w .
+.It 2
+Respond to ICMPv6 node addresses queries, e.g.
+.Li ping6 -a .
+.El
 .It Li icmp6.errppslimit
-The variable specifies the maximum number of outgoing ICMPv6 error messages,
+The variable specifies the maximum number of outgoing ICMPv6 error messages
 per second.
 ICMPv6 error messages that exceeded the value is subject to rate limitation
 and will not go out from the node.
-Negative value disables rate limitation.
+A negative value will disable the rate limitation.
 .It Li icmp6.nd6_maxnudhint
 IPv6 neighbor discovery permits upper layer protocols to supply reachability
 hints, to avoid unnecessary neighbor discovery exchanges.
 The variable defines the number of consecutive hints the neighbor discovery
 layer will take.
-For example, by setting the variable to 3, neighbor discovery layer
-will take 3 consecutive hints in maximum.
-After receiving 3 hints, neighbor discovery layer will perform
-normal neighbor discovery process.
+For example, by setting the variable to 3, neighbor discovery can take
+take a maximum of 3 consecutive hints.
+After receiving 3 hints, the neighbor discovery layer will instead perform
+the normal neighbor discovery process.
 .It Li icmp6.mtudisc_hiwat
 .It Li icmp6.mtudisc_lowat
-The variables define the maximum number of routing table entries,
+These variables define the maximum number of routing table entries,
 created due to path MTU discovery
-.Pq prevents denial-of-service attacks with ICMPv6 too big messages .
-When IPv6 path MTU discovery happens, we keep path MTU information into
+.Pq preventing denial-of-service attacks with ICMPv6 too big messages .
+After IPv6 path MTU discovery happens, path MTU information is kept in
 the routing table.
 If the number of routing table entries exceed the value,
 the kernel will not attempt to keep the path MTU information.
@@ -1042,9 +1040,9 @@ is used when we have unverified ICMPv6 too big messages.
 Verification is performed by using address/port pairs kept in connected pcbs.
 Negative value disables the upper limit.
 .It Li icmp6.nd6_debug
-If set to non-zero, kernel IPv6 neighbor discovery code will generate
-debugging messages.
-The debug outputs are useful to diagnose IPv6 interoperability issues.
+If set to non-zero, IPv6 neighbor discovery will generate debugging
+messages.
+The debug outputs are useful for diagnosing IPv6 interoperability issues.
 The flag must be set to 0 for normal operation.
 .El
 .Pp