ipsecctl(8) can be used for manual setups too;

1 files changed, 10 insertions, 5 deletions

diff --git a/share/man/man4/ipsec.4 b/share/man/man4/ipsec.4
index 2bdbf27322b..96a19b986dc 100644
--- a/share/man/man4/ipsec.4
+++ b/share/man/man4/ipsec.4
@@ -1,4 +1,4 @@
-.\" $OpenBSD: ipsec.4,v 1.64 2005/04/16 00:19:36 jmc Exp $
+.\" $OpenBSD: ipsec.4,v 1.65 2005/08/19 15:45:47 jmc Exp $
 .\"
 .\" Copyright 1997 Niels Provos <provos@physnet.uni-hamburg.de>
 .\" All rights reserved.
@@ -88,7 +88,7 @@ to record a transaction (such as a bank account withdrawal), and then
 by replaying it verbatim cause the peer to think a new message
 (withdrawal request) had been received.
 WARNING: as per the standard's specification, replay protection is not
-performed when using manual-keyed IPsec (e.g., when using
+performed when using manual-keyed IPsec (e.g. when using
 .Xr ipsecadm 8 ) .
 .El
 .Ss IPsec Protocols
@@ -155,8 +155,10 @@ using the information in the other end's SA.
 The only issue remaining is to ensure that both ends have matching SAs.
 This may be done manually, or automatically using a key management daemon.
 .Pp
-Further information on manual SA establishment is described in
-.Xr ipsecadm 8 .
+Further information on manual SA establishment is described in both
+.Xr ipsecadm 8
+and
+.Xr ipsecctl 8 .
 Information on automated key management may be found in
 .Xr isakmpd 8 .
 .Ss Security Parameter Indexes (SPIs)
@@ -258,7 +260,9 @@ packet has been modified by NAT.
 .Pp
 Security Associations can be set up manually with the
 .Xr ipsecadm 8
-utility or automatically with the
+and
+.Xr ipsecctl 8
+utilities, or automatically with the
 .Xr isakmpd 8
 key management daemon.
 .Ss Additional Variables
@@ -389,6 +393,7 @@ flag (look for ``tdb'' and ``xform'' allocations).
 .Xr tcp 4 ,
 .Xr udp 4 ,
 .Xr ipsecadm 8 ,
+.Xr ipsecctl 8 ,
 .Xr isakmpd 8 ,
 .Xr sysctl 8 ,
 .Xr vpn 8