enc* is not used for the bridge anymore

1 files changed, 2 insertions, 45 deletions

diff --git a/share/man/man4/enc.4 b/share/man/man4/enc.4
index cc9b61a3329..1f4f6fbaaed 100644
--- a/share/man/man4/enc.4
+++ b/share/man/man4/enc.4
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: enc.4,v 1.9 2000/12/21 21:01:16 aaron Exp $
+.\"	$OpenBSD: enc.4,v 1.10 2000/12/30 23:55:11 angelos Exp $
 .\"
 .Dd October 7, 1999
 .Dt ENC 4
@@ -20,41 +20,7 @@ The
 .Xr vpn 8
 manpage shows an example of such a setup.
 .Pp
-Another use is to allow the creation of virtual-Ethernets, using
-.Xr ipsec 4 .
-See
-.Xr bridge 4
-and
-.Xr ipsecadm 8
-for more details. Briefly,
-.Nm
-interfaces can be part of a bridge configuration.
-Such interfaces are treated as Ethernet interfaces; packets
-sent to them by the bridge are IPsec-processed and sent to the
-remote bridge (which reverses the process and injects the original
-Ethernet frames in the local Ethernet segments).
-Packets received with the appropriate IPsec SA are made to appear as if
-they arrived over the corresponding
-.Nm
-interface, and are then processed by the bridge accordingly.
-.Xr ifconfig 8
-is used to associate an
-.Nm
-interface with an IPsec SA.
-Note that the
-.Dq enc0
-interface may not be used in a bridge configuration.
-.Pp
-If the
-.Dv IFF_LINK0
-flag is set on an
-.Nm
-interface, IP-in-IP encapsulation (instead of Ethernet-in-IP) is done.
-Its use is currently experimental.
-This flag should not be set when the interface is used in conjunction
-with the bridge.
-.Pp
-The last use of the
+The other use of the
 .Nm
 interface is to allow an administrator to see outgoing packets before
 they have been processed by
@@ -76,15 +42,6 @@ and all IPsec traffic could be seen by invoking
 on the
 .Dq enc0
 interface.
-IPsec SAs that have been assigned to some other
-.Nm
-interface can be snooped via
-.Xr tcpdump 8
-or filtered via
-.Xr ipf 5
-through that
-.Nm
-interface.
 .Sh EXAMPLES
 To see all outgoing packets before they have been processed via
 .Xr ipsec 4 ,