diff options
| -rw-r--r-- | share/man/man3/Makefile | 4 | ||||
| -rw-r--r-- | share/man/man4/man4.i386/pcibios.4 | 30 | ||||
| -rw-r--r-- | share/man/man4/man4.powerpc/Makefile | 4 | ||||
| -rw-r--r-- | share/man/man4/man4.vax/cons.4 | 52 | ||||
| -rw-r--r-- | share/man/man4/man4.vax/le.4 | 8 | ||||
| -rw-r--r-- | share/man/man4/man4.vax/ze.4 | 6 | ||||
| -rw-r--r-- | share/man/man5/Makefile | 4 | ||||
| -rw-r--r-- | share/man/man5/fstab.5 | 4 | ||||
| -rw-r--r-- | share/man/man5/networks.5 | 4 | ||||
| -rw-r--r-- | share/man/man7/mirroring-ports.7 | 12 | ||||
| -rw-r--r-- | share/man/man7/packages.7 | 186 | ||||
| -rw-r--r-- | share/man/man7/ports.7 | 4 | ||||
| -rw-r--r-- | share/man/man8/afterboot.8 | 18 | ||||
| -rw-r--r-- | share/man/man8/crash.8 | 10 | ||||
| -rw-r--r-- | share/man/man8/man8.arm32/MAKEDEV.8 | 6 | ||||
| -rw-r--r-- | share/man/man8/man8.vax/MAKEDEV.8 | 16 | ||||
| -rw-r--r-- | share/man/man8/man8.vax/crash.8 | 4 | ||||
| -rw-r--r-- | share/man/man8/man8.vax/format.8 | 26 | ||||
| -rw-r--r-- | share/man/man8/rc.8 | 4 | ||||
| -rw-r--r-- | share/man/man8/ssl.8 | 30 | ||||
| -rw-r--r-- | share/man/man8/vpn.8 | 42 |
21 files changed, 237 insertions, 237 deletions
diff --git a/share/man/man3/Makefile b/share/man/man3/Makefile index 21b61a696c8..451d6c9dcd0 100644 --- a/share/man/man3/Makefile +++ b/share/man/man3/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.8 2000/04/26 16:01:09 millert Exp $ +# $OpenBSD: Makefile,v 1.9 2000/10/13 04:09:19 aaron Exp $ # @(#)Makefile 8.2 (Berkeley) 12/13/93 MAN= assert.3 bitstring.3 dlfcn.3 end.3 intro.3 queue.3 stdarg.3 sysexits.3 @@ -28,7 +28,7 @@ MLINKS+=queue.3 TAILQ_ENTRY.3 queue.3 TAILQ_HEAD.3 \ queue.3 TAILQ_INSERT_TAIL.3 queue.3 TAILQ_REMOVE.3 \ queue.3 TAILQ_INSERT_AFTER.3 \ queue.3 TAILQ_FOREACH.3 queue.3 TAILQ_FOREACH_REVERSE.3 \ - queue.3 TAILQ_EMPTY.3 + queue.3 TAILQ_EMPTY.3 MLINKS+=queue.3 CIRCLEQ_ENTRY.3 queue.3 CIRCLEQ_HEAD.3 \ queue.3 CIRCLEQ_HEAD_INITIALIZER.3 queue.3 CIRCLEQ_FIRST.3 \ queue.3 CIRCLEQ_LAST.3 queue.3 CIRCLEQ_END.3 queue.3 CIRCLEQ_NEXT.3 \ diff --git a/share/man/man4/man4.i386/pcibios.4 b/share/man/man4/man4.i386/pcibios.4 index 7cacf0c39e7..282633e5785 100644 --- a/share/man/man4/man4.i386/pcibios.4 +++ b/share/man/man4/man4.i386/pcibios.4 @@ -1,4 +1,4 @@ -.\" $OpenBSD: pcibios.4,v 1.2 2000/08/17 21:50:03 deraadt Exp $ +.\" $OpenBSD: pcibios.4,v 1.3 2000/10/13 04:09:20 aaron Exp $ .\" $NetBSD: pcibios.4,v 1.7 2000/08/03 13:32:39 soda Exp $ .\" .\" Copyright (c) 2000 Michale Shalayeff, All rights reserved. @@ -89,11 +89,11 @@ space unallocated, the CardBus bridge device driver doesn't require this option, since the driver allocates necessary space by itself. .It 0x0002 -Fixup PCI bus numbering; needed for many +Fixup PCI bus numbering; needed for many .Xr cardbus 4 bridges. .Pp -Each PCI bus and CardBus should have a unique bus number. +Each PCI bus and CardBus should have a unique bus number. But some BIOS implementations don't assign a bus number for subordinate PCI buses. And many BIOS implementations don't assign a bus number for CardBuses. @@ -106,9 +106,9 @@ but normally the bus number 0 is used by the machine's primary PCI bus. Thus, this bus number for cardbus is incorrect .Pq not assigned . -In this situation, a device located in cardbus0 doesn't +In this situation, a device located in cardbus0 doesn't show correct device ID, -because its bus number 0 incorrectly refers to the primary +because its bus number 0 incorrectly refers to the primary PCI bus, and a device ID in the primary PCI bus is shown in the boot message instead of the device's ID in the cardbus0. .Pp @@ -146,7 +146,7 @@ procedure leaves the interrupt as is. .\" For example, .\" .Qq Sy options PCIBIOS_IRQS_HINT=0x0a00 .\" allows IRQ 9 and IRQ 11. -.\" +.\" .\" The kernel global variable .\" .Va pcibios_irqs_hint .\" holds this value, @@ -170,13 +170,13 @@ procedure leaves the interrupt as is. .\" To modify kernel image without kernel recompilation, .\" run the following command on shell: .\" .Dl Ic gdb --write /netbsd -.\" And type the following commands at the +.\" And type the following commands at the .\" .Qq Sy (gdb) .\" prompt: .\" .Dl Ic set pcibios_irqs_hint=0xa00 .\" .Dl Ic quit .\" .El -.\" +.\" .\" .It Nm PCIBIOS_INTR_FIXUP_FORCE .\" .Pp .\" Some buggy BIOS implementations provide inconsistent @@ -188,22 +188,22 @@ procedure leaves the interrupt as is. .\" shows .\" .Qq Sy WARNING: preserving irq XX .\" in the PCI routing table. -.\" +.\" .\" If .\" .Em PCIBIOS_INTR_FIXUP_FORCE .\" is specified in addition to the .\" .Em PCIBIOS_INTR_FIXUP , .\" the PCI Interrupt Routing table takes precedence. .\" In this case, a kernel with -.\" .Em PCIBIOSVERBOSE +.\" .Em PCIBIOSVERBOSE .\" shows .\" .Qq Sy WARNING: overriding irq XX .\" in the PCI routing table. -.\" +.\" .\" The necessity of this option is doubtful, and we may .\" remove this option in the future. If you find that this .\" option is worth preserving, please report it with send-pr. -.\" +.\" .\" .It Nm PCIBIOS_INTR_GUESS .\" make .\" .Em PCIBIOS_INTR_FIXUP @@ -211,7 +211,7 @@ procedure leaves the interrupt as is. .\" .Pp .\" If a PCI interrupt router is not known, normally interrupt .\" configuraion will not be touched. -.\" +.\" .\" But if .\" .Em PCIBIOS_INTR_GUESS .\" is specified in addition to the @@ -220,12 +220,12 @@ procedure leaves the interrupt as is. .\" one IRQ is available for the entry, the IRQ is assumed to be already .\" connected to the device, and corresponding PCI Interrupt .\" Configuration Register will be configured accordingly. -.\" +.\" .\" .It Nm PCIINTR_DEBUG .\" make the .\" .Em PCIBIOS_INTR_FIXUP .\" procedure verbose. -.\" +.\" .\" .El .Sh SEE ALSO .Xr cardbus 4 , diff --git a/share/man/man4/man4.powerpc/Makefile b/share/man/man4/man4.powerpc/Makefile index ebebd6f199d..4c8e791a9a3 100644 --- a/share/man/man4/man4.powerpc/Makefile +++ b/share/man/man4/man4.powerpc/Makefile @@ -1,8 +1,8 @@ -# $OpenBSD: Makefile,v 1.1 1998/09/24 04:43:05 rahnds Exp $ +# $OpenBSD: Makefile,v 1.2 2000/10/13 04:09:20 aaron Exp $ # from: @(#)Makefile 5.1 (Berkeley) 2/12/91 # Id: Makefile,v 1.4 1995/12/14 05:41:38 deraadt Exp $ -MAN= com.4 +MAN= com.4 MANSUBDIR=/powerpc diff --git a/share/man/man4/man4.vax/cons.4 b/share/man/man4/man4.vax/cons.4 index 4faad273a17..e456dd919bd 100644 --- a/share/man/man4/man4.vax/cons.4 +++ b/share/man/man4/man4.vax/cons.4 @@ -1,4 +1,4 @@ -.\" $OpenBSD: cons.4,v 1.4 2000/07/22 04:56:12 bjc Exp $ +.\" $OpenBSD: cons.4,v 1.5 2000/10/13 04:09:20 aaron Exp $ .\" .\" Copyright (c) 1980, 1991 Regents of the University of California. .\" All rights reserved. @@ -43,7 +43,7 @@ The console is available to the processor through the console registers. It acts like a normal terminal, except that when the local functions are not disabled, a special command character puts the console in local console -mode. The character itself is dependent upon the model of VAX and the +mode. The character itself is dependent upon the model of VAX and the type of console in use. The prompt in console mode is .Sq Li >>> , also called the @@ -51,7 +51,7 @@ also called the prompt. The operation of the console in this mode varies -among different VAX models. +among different VAX models. .Ss VAX-11/780 or 785 On either the .Tn VAX @@ -135,8 +135,8 @@ Halt the processor if in normal mode. .El .Ss VAX 4000, MicroVAX, VAXstation, others If the console is a serial console, sending a break will likely cause the -machine to halt and enter console mode. The set of commands available at -the console varies from machine to machine, although there are several +machine to halt and enter console mode. The set of commands available at +the console varies from machine to machine, although there are several commands which are common to most or all models. .Bl -tag -width continue -compact -offset 4n .It Ic c @@ -156,9 +156,9 @@ Display a list of available console commands. .Op Cm /ins .Op Cm /pgiv .Op Cm /n: Ns Ar n -.Op Ar addr +.Op Ar addr .Xc -Display the contents at address +Display the contents at address .Ar addr according to the options specified. .Pp @@ -167,34 +167,34 @@ The options are: .Bl -tag -width 5n -compact .It Cm /bwl .It Cm /ins -Size of data to examine. Your choices are examining values as bytes (8 bits), -words (16 bits), or longwords (32 bits). On systems that support it, you +Size of data to examine. Your choices are examining values as bytes (8 bits), +words (16 bits), or longwords (32 bits). On systems that support it, you can use -the +the .Cm /ins option to display the mnemonic representation of the instruction located at .Ar addr . .Pp .It Cm /pvgi -These options describe the meaning of +These options describe the meaning of .Ar addr . With the .Cm /p option, .Ar addr -will be treated as an address in physical memory. With the +will be treated as an address in physical memory. With the .Cm /v option, -.Ar addr -will be treated as a virtual address. The -.Cm /g +.Ar addr +will be treated as a virtual address. The +.Cm /g option will let you examine the general registers. From 0 to F (base 16), general registers are R0-R12(AP), FP, SP, and PC. The .Cm /i option will let you view the internal processor registers. These vary -from processor to processor, but a relatively complete description may be -found in +from processor to processor, but a relatively complete description may be +found in .Pa /usr/include/vax/mtpr.h . .Pp .It Cm /n: Ns Ar count @@ -203,7 +203,7 @@ The option specifies that the command will repeat .Ar count times after executing once, automatically incrementing -.Ar addr +.Ar addr while doing so. .El .Pp @@ -213,12 +213,12 @@ while doing so. .Op Cm /bwl .Op Cm /pgiv .Op Cm /n: Ns Ar n -.Op Ar addr +.Op Ar addr .Op Ar value .Xc -Insert the value +Insert the value .Ar value -into the address +into the address .Ar addr according to the options specified. .Pp @@ -226,13 +226,13 @@ The options are: .Pp .Bl -tag -width 5n -compact .It Cm /bwl -Size of data to insert. Your choices are inserting values as bytes (8 bits), -words (16 bits), or longwords (32 bits). +Size of data to insert. Your choices are inserting values as bytes (8 bits), +words (16 bits), or longwords (32 bits). .Pp .It Cm /pvgi -These options describe the meaning of +These options describe the meaning of .Ar addr . -Their meanings are identical to their respective meanings in the +Their meanings are identical to their respective meanings in the .Cm examine command. .Pp @@ -242,7 +242,7 @@ The option specifies that the command will repeat .Ar count times after executing once, automatically incrementing -.Ar addr +.Ar addr while doing so. .El .Pp diff --git a/share/man/man4/man4.vax/le.4 b/share/man/man4/man4.vax/le.4 index 1a9a64f9768..b484c348787 100644 --- a/share/man/man4/man4.vax/le.4 +++ b/share/man/man4/man4.vax/le.4 @@ -1,4 +1,4 @@ -.\" $OpenBSD: le.4,v 1.1 2000/07/22 04:50:56 bjc Exp $ +.\" $OpenBSD: le.4,v 1.2 2000/10/13 04:09:20 aaron Exp $ .\" .Dd July 21, 2000 .Dt LE 4 vax @@ -14,13 +14,13 @@ The .Nm interface provides access to the 10 Mb/s .Tn Ethernet -network through the +network through the .Tn AMD Am7990 Local Area Network Controller for Ethernet .Pq Tn LANCE chipset. .Pp -Different machine configurations have varying types of connectors. The +Different machine configurations have varying types of connectors. The following types can be found: .Pp .Bl -tag -width 10n @@ -32,5 +32,5 @@ RG58 connector (10base2) .Sh SEE ALSO .Xr arp 4 , .Xr ifconfig 4 , -.Xr ifmedia 4 , +.Xr ifmedia 4 , .Xr ze 4 diff --git a/share/man/man4/man4.vax/ze.4 b/share/man/man4/man4.vax/ze.4 index 9522b33ca7d..b326e6a1675 100644 --- a/share/man/man4/man4.vax/ze.4 +++ b/share/man/man4/man4.vax/ze.4 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ze.4,v 1.1 2000/07/22 04:51:40 bjc Exp $ +.\" $OpenBSD: ze.4,v 1.2 2000/10/13 04:09:21 aaron Exp $ .\" .Dd July 21, 2000 .Dt ZE 4 vax @@ -16,7 +16,7 @@ interface provides access to the 10 Mb/s .Tn Ethernet network through the DEC Second Generation Ethernet Chip (SGEC) chipset. .Pp -Different machine configurations have varying types of connectors. The +Different machine configurations have varying types of connectors. The following types can be found: .Pp .Bl -tag -width 10n @@ -28,5 +28,5 @@ RG58 connector (10base2) .Sh SEE ALSO .Xr arp 4 , .Xr ifconfig 4 , -.Xr ifmedia 4 , +.Xr ifmedia 4 , .Xr le 4 diff --git a/share/man/man5/Makefile b/share/man/man5/Makefile index 2008bc2277d..b0845db5006 100644 --- a/share/man/man5/Makefile +++ b/share/man/man5/Makefile @@ -1,7 +1,7 @@ # $NetBSD: Makefile,v 1.14 1995/05/11 23:13:15 cgd Exp $ # @(#)Makefile 8.1 (Berkeley) 6/5/93 -# missing: dump.5 plot.5 +# missing: dump.5 plot.5 MAN= a.out.5 acct.5 bsd.port.mk.5 core.5 dir.5 disktab.5 ethers.5 fbtab.5 \ fs.5 fstab.5 group.5 hostname.if.5 hosts.equiv.5 hosts.5 intro.5 \ @@ -9,7 +9,7 @@ MAN= a.out.5 acct.5 bsd.port.mk.5 core.5 dir.5 disktab.5 ethers.5 fbtab.5 \ passwd.conf.5 phones.5 printcap.5 protocols.5 remote.5 resolv.conf.5 \ rpc.5 services.5 shells.5 stab.5 sysctl.conf.5 types.5 utmp.5 MLINKS= dir.5 dirent.5 fs.5 inode.5 utmp.5 wtmp.5 utmp.5 lastlog.5 -MLINKS+= hosts.equiv.5 .rhosts.5 +MLINKS+= hosts.equiv.5 .rhosts.5 MLINKS+= resolv.conf.5 resolver.5 MLINKS+= hostname.if.5 bridgename.if.5 MLINKS+= passwd.5 master.passwd.5 diff --git a/share/man/man5/fstab.5 b/share/man/man5/fstab.5 index 261b6a0021f..980184775f7 100644 --- a/share/man/man5/fstab.5 +++ b/share/man/man5/fstab.5 @@ -1,4 +1,4 @@ -.\" $OpenBSD: fstab.5,v 1.12 2000/07/31 22:15:11 pjanzen Exp $ +.\" $OpenBSD: fstab.5,v 1.13 2000/10/13 04:09:21 aaron Exp $ .\" $NetBSD: fstab.5,v 1.5.2.1 1995/11/16 20:11:11 pk Exp $ .\" .\" Copyright (c) 1980, 1989, 1991, 1993 @@ -275,7 +275,7 @@ file: /dev/sd0i /home ffs rw 1 6 /dev/sd1b none swap sw 0 0 -/dev/cd0a /cdrom cd9660 ro,noauto 0 0 +/dev/cd0a /cdrom cd9660 ro,noauto 0 0 .Ed .Pp .Sh FILES diff --git a/share/man/man5/networks.5 b/share/man/man5/networks.5 index 992397c462c..78f7aa5f868 100644 --- a/share/man/man5/networks.5 +++ b/share/man/man5/networks.5 @@ -1,4 +1,4 @@ -.\" $OpenBSD: networks.5,v 1.9 2000/03/01 17:55:58 aaron Exp $ +.\" $OpenBSD: networks.5,v 1.10 2000/10/13 04:09:21 aaron Exp $ .\" $NetBSD: networks.5,v 1.9 1999/03/17 20:19:47 garbled Exp $ .\" .\" Copyright (c) 1983, 1991, 1993 @@ -78,7 +78,7 @@ Network number may be specified in the conventional .Xr inet_network 3 routine from the IP address manipulation library, .Xr inet 3 . -Network names may contain +Network names may contain .Qq a through .Qq z , diff --git a/share/man/man7/mirroring-ports.7 b/share/man/man7/mirroring-ports.7 index b420e161e2e..42282672a51 100644 --- a/share/man/man7/mirroring-ports.7 +++ b/share/man/man7/mirroring-ports.7 @@ -1,4 +1,4 @@ -.\" $OpenBSD: mirroring-ports.7,v 1.3 2000/05/17 12:46:38 espie Exp $ +.\" $OpenBSD: mirroring-ports.7,v 1.4 2000/10/13 04:09:21 aaron Exp $ .\" .\" Copyright (c) 2000 Marc Espie .\" @@ -165,7 +165,7 @@ Sample scripts are provided in the directory. .Sh CAVEAT Changing checksums is a recurring problem that is outside the direct -control of the +control of the .Ox Project. Some software distributors change distribution files without warning, without changing the file name proper. Once the problem has been @@ -177,22 +177,22 @@ to provide some state to guard against shifting checksums. .Pp However, a more robust approach is also needed, so that ports users can depend on distfiles mirrors to carry what they need irregardless of those -synchronization issues. The +synchronization issues. The .Pa link-checksums script creates another access to the distfiles, indexed through the actual checksums that the files should match. Provided mirroring is run sufficiently often, together with .Pa link-checksums , -two versions of the same distfile with respective checksums cksum1 and cksum2 +two versions of the same distfile with respective checksums cksum1 and cksum2 will be available under the names .Pa ${DISTFILES}/sha1/cksum1/distfile and .Pa ${DISTFILES}/sha1/cksum2/distfile . .Pp -Starting revision 1.281, if +Starting revision 1.281, if .Ev REFETCH is set to true, -.Pa bsd.port.mk +.Pa bsd.port.mk will try to retrieve files under that naming scheme as a last resort. .Sh FILES .Bl -tag -width XXXXXXXXX -compact diff --git a/share/man/man7/packages.7 b/share/man/man7/packages.7 index 37c19a12efa..4e7a8ea84cb 100644 --- a/share/man/man7/packages.7 +++ b/share/man/man7/packages.7 @@ -1,4 +1,4 @@ -.\" $OpenBSD: packages.7,v 1.4 2000/05/15 09:38:12 espie Exp $ +.\" $OpenBSD: packages.7,v 1.5 2000/10/13 04:09:21 aaron Exp $ .\" .\" Copyright (c) 2000 Marc Espie .\" @@ -31,31 +31,31 @@ .Nm packages .Nd overview of the binary package system .Sh DESCRIPTION -The +The .Ox -ports collection features a vast array of third-party software ready +ports collection features a vast array of third-party software ready to be compiled and installed on a new machine. As an alternative, most of these ports are also available as binary -packages. -Adding a new package is as simple as +packages. +Adding a new package is as simple as .Bd -literal -offset indent pkg_add foo-1.0-vanilla.tgz .Ed .Pp In appearance, packages seem to be .tgz archives, and as such, can be examined on almost any computer system, but there is a bit more to it: -a package will also hold a description, a complete list of the files -installed by the package, a list of prerequisite packages, along with +a package will also hold a description, a complete list of the files +installed by the package, a list of prerequisite packages, along with shell script fragments to finish the actual installation. .Sh SECURITY CAVEAT -Apart from +Apart from .Nm ssl , -the packages are not as thoroughly audited as the main -.Ox -source tree (in many cases, they have not been audited at all). +the packages are not as thoroughly audited as the main +.Ox +source tree (in many cases, they have not been audited at all). This is in part a scale issue: the source tree is under 100MB, compressed, -whereas source to the ports tree approaches 600MB. Also, most -.Ox +whereas source to the ports tree approaches 600MB. Also, most +.Ox developers concentrate on making the release as safe as possible and, correspondingly, human resources for the ports tree are somewhat lacking. .Sh MANAGING FILES @@ -66,7 +66,7 @@ the package systems should offer a few basic warranties. .Ss "Installing a package won't erase existing files" .Xr pkg_add 1 will instead identify conflicts, back the existing files up, display a -warning message and finish installing itself. +warning message and finish installing itself. However, if backups occurred, note that package deletion is no longer fully automatic. .Xr pkg_delete 1 @@ -78,49 +78,49 @@ will checksum the files it installed before removing them. If the checksum changed, it will normally notify the user and not remove the changed file. .Pp -These should apply to most packages. -The actual packing-lists follow that rule, but the shell fragments embedded -in some packages may break this assumption. +These should apply to most packages. +The actual packing-lists follow that rule, but the shell fragments embedded +in some packages may break this assumption. Such a problem is a bug and should be reported. .Ss "Packages install to /usr/local" -This includes X11 packages, which no longer install under +This includes X11 packages, which no longer install under .Pa /usr/X11R6 . -The only exceptions are -.Nm qmail -packages, which install into +The only exceptions are +.Nm qmail +packages, which install into .Pa /var/qmail , -japanese dictionaries, which install under -.Pa /var/dict , -.Nm bind8 , -which installs under -.Pa / , and -.Nm FreeBSD_libs , -which installs under +japanese dictionaries, which install under +.Pa /var/dict , +.Nm bind8 , +which installs under +.Pa / , and +.Nm FreeBSD_libs , +which installs under .Pa /emul/freebsd . .Pp Some packages installation scripts will also create new configuration -files in +files in .Pa /etc , -or need some working directory under +or need some working directory under .Pa /var -to function correctly (e.g., +to function correctly (e.g., .Nm squid , -or -.Nm mysql +or +.Nm mysql ). .Pp The current package system has some major limitations. .Ss "The package system is not aware of shared network installations" -And thus, it does not handle that situation well. +And thus, it does not handle that situation well. For instance, there is no mechanism to mark some files as being shareable -on several machines, or even on several architectures. +on several machines, or even on several architectures. Bear in mind that the package database is normally stored in /var/db/pkg, -which is usually not shared across machines. +which is usually not shared across machines. .Pp Always installing packages on the same machine, and exporting /usr/local to other machines should mostly work. In such a case, always run .Xr pkg_add 1 -in +in .Qq "verbose, don't actually install the package" mode first, so that additional steps may be figured out. @@ -128,30 +128,30 @@ additional steps may be figured out. .Ss "The package system does not handle shared files across packages" If two packages install a file with the same name, there is a conflict. There is currently no mechanism in the package system beyond a basic -backup mechanism to handle this. -Two packages can't safely install an exact identical +backup mechanism to handle this. +Two packages can't safely install an exact identical copy of a given file: -.Xr pkg_delete 1 +.Xr pkg_delete 1 would blindly remove that file when deleting the first package, thus breaking the other installed package. .Pp -For instance, if packages +For instance, if packages .Nm hansel and .Nm gretel -install the same file -.Pa foo , +install the same file +.Pa foo , installation of .Nm gretel will acknowledge the existence of the package -.Nm hansel , -and backup -.Pa foo +.Nm hansel , +and backup +.Pa foo to .Pa foo.0 . .Pp -If only the name is identical, +If only the name is identical, .Nm hansel is now broken. Using @@ -168,11 +168,11 @@ If the file contents are the same, using .Xr pkg_delete 1 on .Nm hansel -or +or .Nm gretel -will break the remaining package, since -.Pa foo -will have been removed. +will break the remaining package, since +.Pa foo +will have been removed. .Pa foo.0 can be renamed to .Pa foo @@ -180,64 +180,64 @@ to correct the situation. .Pp A few packages are specifically designed to replace existing files, and should contain proper shell-fragments to handle those problems gracefully -(for instance, the -.Nm ghostscript_encrypt -packages, or the -.Nm ssl +(for instance, the +.Nm ghostscript_encrypt +packages, or the +.Nm ssl packages). .Pp Packages that are distinct but rely on a common subset of files usually -install a basic +install a basic .Qq common package that holds those files, and is not useful as a stand-alone package. .Sh PACKAGE NAMING -Most package names follow the pattern -.Qq name-version-flavor , -where +Most package names follow the pattern +.Qq name-version-flavor , +where .Qq name -is the actual package name, -.Qq version -is the version number, and +is the actual package name, +.Qq version +is the version number, and .Qq flavor denotes some options that were used when creating the package. .Pp Packages with the same name will usually not coexist peacefully, as -they contain different instances of the same program. -Hence, +they contain different instances of the same program. +Hence, .Xr pkg_add 1 -does not allow several packages with the same name to be installed +does not allow several packages with the same name to be installed simultaneously, and prints an error message instead. .Pp -The most notable exception is the tcl/tk suite, where several versions +The most notable exception is the tcl/tk suite, where several versions of the tcl/tk packages will coexist peacefully on a single machine. .Pp -Members of the -.Ox -project routinely scan built packages for conflicting files. -Most packages should contain correct annotations, and not allow themselves +Members of the +.Ox +project routinely scan built packages for conflicting files. +Most packages should contain correct annotations, and not allow themselves to be installed on top of a conflicting package. -As of +As of .Ox 2.7 , -dependencies don't take package flavors into account. -The recommended work-around is a hack: install a symbolic link with -the required name in the package database in +dependencies don't take package flavors into account. +The recommended work-around is a hack: install a symbolic link with +the required name in the package database in .Pa /var/db/pkg . .Pp -For instance, if you installed -.Nm ghostscript-6.01-a4 -through -.Xr ftp 1 , -and then find out that -.Nm gv-3.5.8 -does require -.Nm ghostscript-5.50 +For instance, if you installed +.Nm ghostscript-6.01-a4 +through +.Xr ftp 1 , +and then find out that +.Nm gv-3.5.8 +does require +.Nm ghostscript-5.50 as a dependency, you can do .Bd -literal -offset indent ln -s /var/db/pkg/ghostscript-6.01-A4 /var/db/pkg/ghostscript-5.50 .Ed to satisfy that dependency. -.Xr pkg_delete 1 +.Xr pkg_delete 1 is aware of this hack, and will safely delete those extra links along with the actual package itself. .Pp @@ -245,8 +245,8 @@ with the actual package itself. Each package holds a full list of pre-required packages. .Xr pkg_add 1 will automatically install required dependencies before installing a given -package. -Installs through +package. +Installs through .Xr ftp 1 are supported: pointing .Ev PKG_PATH @@ -261,7 +261,7 @@ automatically download dependencies as well. In theory, a package need only record direct dependencies, e.g., packages it does require, and let required packages do the same. In practice, having the full list of dependencies available does speed -things up: while installing a package through +things up: while installing a package through .Xr ftp 1 , the package being installed consumes some extra resources, and it would not be efficient to have lots of packages simultaneously frozen in @@ -271,17 +271,17 @@ Always a difficult balancing act writing proper dependencies is (but the Source is strong with this one). Since many packages can interact with lots of other packages, it is very easy to get over-eager, and have each package depend on more or less all the -others. -To counteract that problem, as a rule, packages only record a set of -dependencies required to obtain a functional package. -Some extra packages may enable further functionalities, and this is +others. +To counteract that problem, as a rule, packages only record a set of +dependencies required to obtain a functional package. +Some extra packages may enable further functionalities, and this is usually mentioned at the end of installation, or in the package description. .Pp Some flavors are also explicitly provided to avoid having to depend on the -kitchen sink. -For instance, an +kitchen sink. +For instance, an .Nm emacs-no_x11 -package is provided, which does not depend on X11 being installed to be +package is provided, which does not depend on X11 being installed to be functional. .Pp .Sh SEE ALSO diff --git a/share/man/man7/ports.7 b/share/man/man7/ports.7 index 6078049c7ab..12e9eb1b3a1 100644 --- a/share/man/man7/ports.7 +++ b/share/man/man7/ports.7 @@ -23,7 +23,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ports.7,v 1.13 2000/09/12 14:45:47 todd Exp $ +.\" $OpenBSD: ports.7,v 1.14 2000/10/13 04:09:21 aaron Exp $ .\" $FreeBSD: ports.7,v 1.7 1998/06/23 04:38:50 hoek Exp $ .\" .Dd January 25, 1998 @@ -188,7 +188,7 @@ When called by the or .Ar fetch targets, this is run in scattered pieces as -.Ar fetch-depends , lib-depends , build-depends , run-depends +.Ar fetch-depends , lib-depends , build-depends , run-depends and .Ar misc-depends . Defining diff --git a/share/man/man8/afterboot.8 b/share/man/man8/afterboot.8 index d8e13c3a42d..e3fe81a7df7 100644 --- a/share/man/man8/afterboot.8 +++ b/share/man/man8/afterboot.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: afterboot.8,v 1.49 2000/10/06 18:18:39 aaron Exp $ +.\" $OpenBSD: afterboot.8,v 1.50 2000/10/13 04:09:22 aaron Exp $ .Dd October 20, 1997 .Dt AFTERBOOT 8 \!\" Originally created by Marshall M. Midden -- 1997-10-20, m4@umn.edu @@ -132,7 +132,7 @@ and then using .Xr ifconfig 8 to manually configure it if you do not wish to reboot. -Read the +Read the .Xr hostname.if 5 man page for more information on the format of .Pa /etc/hostname. Ns Ar interface @@ -142,7 +142,7 @@ The loopback interface will look something like: lo0: flags=8009<UP,LOOPBACK,MULTICAST> mtu 32972 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3 inet6 ::1 prefixlen 128 - inet 127.0.0.1 netmask 0xff000000 + inet 127.0.0.1 netmask 0xff000000 .Ed .Pp an Ethernet interface something like: @@ -158,7 +158,7 @@ ppp0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> inet 203.3.131.108 --> 198.181.0.253 netmask 0xffff0000 .Ed .Pp -If you wish to turn on multicast routing, see the section titled +If you wish to turn on multicast routing, see the section titled .Dq Multicast routing. in .Pa /etc/netstart . @@ -636,7 +636,7 @@ See After the first night's security run, change ownerships and permissions on files, directories, and devices; root should have received mail with subject: "<hostname> daily insecurity output.". -This mail contains +This mail contains a set of security recommendations, presented as a list looking like this: .Bd -literal -offset indent var/mail: @@ -649,7 +649,7 @@ The best bet is to follow the advice in that list. The recommended setting is the first item in parentheses, while the current setting is the second one. This list is generated by -.Xr mtree 8 +.Xr mtree 8 using .Pa /etc/mtree/special . Use @@ -762,7 +762,7 @@ You can also do a .Ic make depend so that you will have dependencies there the next time you do a compile. .Pp -If you are building your kernel again, before you do a +If you are building your kernel again, before you do a .Ic make you should do a .Ic make depend @@ -788,7 +788,7 @@ configuration changes are required. With .Xr config 8 , you can change the device configuration in the kernel file directly: -.Bd -literal +.Bd -literal .Li #\ Ic config Fl e o Ar bsd.new /bsd OpenBSD 2.7-beta (GENERIC.rz0) #0: Mon Oct 4 03:57:22 MEST 1999 root@winona:/usr/src/sys/arch/pmax/compile/GENERIC.rz0 @@ -796,7 +796,7 @@ Enter 'help' for information ukc> .Pp Additionally, you can permanently save the changes made with UKC during -boot time in the kernel image. +boot time in the kernel image. .Ed .Sh SEE ALSO .Xr chgrp 1 , diff --git a/share/man/man8/crash.8 b/share/man/man8/crash.8 index 0ebd1048e01..3619df3baa4 100644 --- a/share/man/man8/crash.8 +++ b/share/man/man8/crash.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: crash.8,v 1.6 2000/09/06 16:43:17 deraadt Exp $ +.\" $OpenBSD: crash.8,v 1.7 2000/10/13 04:09:22 aaron Exp $ .\" .\" Copyright (c) 1980, 1991 The Regents of the University of California. .\" All rights reserved. @@ -64,7 +64,7 @@ directive in the .Xr config 8 file used to build the kernel. .Pp -After the dump has been written, the system then +After the dump has been written, the system then invokes the automatic reboot procedure as described in .Xr reboot 8 . @@ -118,7 +118,7 @@ machine dependent and can be found listed in The code is the referenced address, and the pc is the program counter at the time of the fault is printed. Hardware flakiness will sometimes generate this panic, but if the cause -is a kernel bug, +is a kernel bug, the kernel debugger .Xr ddb 4 can be used to locate the instruction and subroutine inside the kernel @@ -148,7 +148,7 @@ the directory .Pp To analyze the kernel and memory images preserved as .Pa bsd.0 -and +and .Pa bsd.0.core , you should run .Xr gdb 1 , @@ -204,7 +204,7 @@ In some cases, using a version of the kernel can assist even more. .It Fl M Ar core Normally this -.Ar core +.Ar core is an image produced by .Xr savecore 8 but it can be diff --git a/share/man/man8/man8.arm32/MAKEDEV.8 b/share/man/man8/man8.arm32/MAKEDEV.8 index 6fab6c5d2e2..85aea0a7036 100644 --- a/share/man/man8/man8.arm32/MAKEDEV.8 +++ b/share/man/man8/man8.arm32/MAKEDEV.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: MAKEDEV.8,v 1.2 1997/07/24 15:01:28 deraadt Exp $ +.\" $OpenBSD: MAKEDEV.8,v 1.3 2000/10/13 04:09:22 aaron Exp $ .\" .\" Copyright (c) 1991 The Regents of the University of California. .\" All rights reserved. @@ -32,7 +32,7 @@ .\" SUCH DAMAGE. .\" .\" from: @(#)MAKEDEV.8 5.2 (Berkeley) 3/22/91 -.\" $Id: MAKEDEV.8,v 1.2 1997/07/24 15:01:28 deraadt Exp $ +.\" $Id: MAKEDEV.8,v 1.3 2000/10/13 04:09:22 aaron Exp $ .\" .TH MAKEDEV 8 "March 22, 1991" .UC 7 @@ -112,7 +112,7 @@ wd# .SH FILES /dev The special file directory. .SH SEE ALSO -.IR mknod (8), +.IR mknod (8), .IR intro (4), .IR config (8), .IR special (8) diff --git a/share/man/man8/man8.vax/MAKEDEV.8 b/share/man/man8/man8.vax/MAKEDEV.8 index a08a8304ad5..fde0e6587c4 100644 --- a/share/man/man8/man8.vax/MAKEDEV.8 +++ b/share/man/man8/man8.vax/MAKEDEV.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: MAKEDEV.8,v 1.4 2000/05/03 00:36:48 bjc Exp $ +.\" $OpenBSD: MAKEDEV.8,v 1.5 2000/10/13 04:09:23 aaron Exp $ .\" Copyright (c) 1991 The Regents of the University of California. .\" All rights reserved. .\" @@ -37,8 +37,8 @@ .Sh NAME MAKEDEV \- create system and device special files .Sh SYNOPSIS -.Nm MAKEDEV -.Ar name +.Nm MAKEDEV +.Ar name .Ar ... .Sh DESCRIPTION The shell script @@ -57,9 +57,9 @@ the common abbreviation for the device. There are three special device names, .Ar all , .Ar std , -and +and .Ar local . -.Ar All +.Ar All creates device files for all devices on the VAX. If units are expected for a device, .Nm MAKEDEV @@ -76,7 +76,7 @@ Where a device name is followed by a hash sign (``#''), the hash sign must be replaced by a unit number. .Pp .Sy Pseudo\-names -.Bl -tag -width indent +.Bl -tag -width indent .It Ar all All known devices for the VAX. .It Ar std @@ -143,7 +143,7 @@ Random number generator .It Ar rl# Unibus rl02 .It Ar rx# -Unibus rx211 floppy disk +Unibus rx211 floppy disk .It Ar sd# SCSI disks .It Ar ss# @@ -178,7 +178,7 @@ Unibus Versatec parallel interface The special file directory. .El .Sh SEE ALSO -.Xr mknod 8 , +.Xr mknod 8 , .Xr intro 4 , .Xr config 8 , .Xr special 8 diff --git a/share/man/man8/man8.vax/crash.8 b/share/man/man8/man8.vax/crash.8 index 5e152a6e6db..1f1ab7b90cd 100644 --- a/share/man/man8/man8.vax/crash.8 +++ b/share/man/man8/man8.vax/crash.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: crash.8,v 1.3 2000/03/02 14:46:50 todd Exp $ +.\" $OpenBSD: crash.8,v 1.4 2000/10/13 04:09:23 aaron Exp $ .\" Copyright (c) 1980, 1991 The Regents of the University of California. .\" All rights reserved. .\" @@ -215,7 +215,7 @@ for details. .PP To analyze a dump you should begin by running .IR adb (1) -with the +with the .B \-k flag on the system load image and core dump. If the core image is the result of a panic, diff --git a/share/man/man8/man8.vax/format.8 b/share/man/man8/man8.vax/format.8 index 64045b340e4..1138d17f6e6 100644 --- a/share/man/man8/man8.vax/format.8 +++ b/share/man/man8/man8.vax/format.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: format.8,v 1.3 2000/03/02 14:46:51 todd Exp $ +.\" $OpenBSD: format.8,v 1.4 2000/10/13 04:09:23 aaron Exp $ .\" Copyright (c) 1980, 1983 The Regents of the University of California. .\" All rights reserved. .\" @@ -42,7 +42,7 @@ There are two ways to format disk packs. The simplest is to use the .I format program. The alternative is to use the DEC standard formatting -software which operates under the DEC diagnostic supervisor. +software which operates under the DEC diagnostic supervisor. This manual page describes the operation of .IR format , then concludes with some remarks about using the DEC formatter. @@ -55,7 +55,7 @@ In addition to the formatting operation, .I format records any bad sectors encountered -according to DEC standard 144. +according to DEC standard 144. Formatting is performed one track at a time by writing the appropriate headers and a test pattern and then checking @@ -76,7 +76,7 @@ is written to the disk in the first five even numbered sectors of the last track. It is also possible to reformat sections of the disk in units of tracks. -.I Format +.I Format may be used on any UNIBUS or MASSBUS drive supported by the \fIup\fP and \fIhp\fP device drivers which uses 4-byte headers (everything except RP's). @@ -124,7 +124,7 @@ uses the standard notation of the standalone I/O library in identifying a drive to be formatted. A drive is specified as .IR zz ( x , y ), -where +where .I zz refers to the controller type (either .I hp @@ -139,20 +139,20 @@ drive unit number; and is the file system partition on drive .I x -(this should always be 0). +(this should always be 0). For example, ``hp(1,0)'' indicates that drive 1 on MASSBUS adaptor 0 should be formatted; while ``up(10,0)'' indicates that UNIBUS drive 2 on UNIBUS adaptor 1 should be formatted. .PP -Before each formatting attempt, +Before each formatting attempt, .I format prompts the user in case debugging should be enabled in the appropriate device driver. A carriage return disables debugging information. .PP .I Format -should be used prior to building file systems (with +should be used prior to building file systems (with .IR newfs (8)) to insure that all sectors with uncorrectable media errors are remapped. If a drive develops uncorrectable @@ -162,10 +162,10 @@ or .IR badsect (8) should be able to avoid the bad sectors. .SH EXAMPLE -A sample run of +A sample run of .I format -is shown below. -In this example (using a VAX-11/780), +is shown below. +In this example (using a VAX-11/780), .I format is loaded from the console floppy; on an 11/750 @@ -233,7 +233,7 @@ covered in detail here. .I .PP The formatting procedures are different for each type of disk. Listed -here are the formatting procedures for RK07's, RP0X, and RM0X +here are the formatting procedures for RK07's, RP0X, and RM0X disks. .PP You should shut down UNIX and halt the machine to do any disk formatting. @@ -288,7 +288,7 @@ badsect(8), newfs(8) .SH BUGS An equivalent facility should be available which operates under -a running UNIX system. +a running UNIX system. .PP It should be possible to reformat or verify part or all of a disk, then update the existing bad sector table. diff --git a/share/man/man8/rc.8 b/share/man/man8/rc.8 index 8466ec53991..36a827457ed 100644 --- a/share/man/man8/rc.8 +++ b/share/man/man8/rc.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: rc.8,v 1.12 2000/08/20 18:42:39 millert Exp $ +.\" $OpenBSD: rc.8,v 1.13 2000/10/13 04:09:22 aaron Exp $ .\" .\" Copyright (c) 1980, 1991, 1993 .\" The Regents of the University of California. All rights reserved. @@ -156,7 +156,7 @@ Various comments in make it clear what each variable does. Refer to the specific man pages for each daemon to determine what that subsystem does. .Pp -For example, the +For example, the .Xr sendmail 8 daemon is controlled by the line .Bd -literal diff --git a/share/man/man8/ssl.8 b/share/man/man8/ssl.8 index dadad2ec5d3..cd1111c0b6b 100644 --- a/share/man/man8/ssl.8 +++ b/share/man/man8/ssl.8 @@ -22,15 +22,15 @@ and are most commonly used by the .Ar https -protocol for encrypted web transactions, as can be done with +protocol for encrypted web transactions, as can be done with .Xr httpd 8 . -The libcrypto library is also used by various progams such as +The libcrypto library is also used by various progams such as .Xr ssh 1 , .Xr sshd 8 , and .Xr isakmpd 8 . .Sh RANDOM DATA SOURCE -OpenBSD uses the +OpenBSD uses the .Xr arandom 4 device as the default source for random data when needed by the routines in libcrypto and libssl. @@ -39,10 +39,10 @@ If the device does not exist or is not readable, many of the routines will fail. This is most commonly seen by users as the .Ar RSA -routines failing in applications such as +routines failing in applications such as .Xr ssh 1 , -and -.Xr httpd 8 . +and +.Xr httpd 8 . .Pp It is important to remember when using a random data source for certificate and key generation that the random data source should not be visible by @@ -50,12 +50,12 @@ people who could duplicate the process and come up with the same result. You should ensure that nobody who you don't trust is in a position to read the same random data used by you to generate keys and certificates. The -.Xr arandom 4 -device ensures that no two users on the same machine will see the same +.Xr arandom 4 +device ensures that no two users on the same machine will see the same data. See .Xr openssl 1 -for more information on how to use different sources of random data. +for more information on how to use different sources of random data. .Sh SERVER CERTIFICATES The most common uses of .Ar SSL/TLS @@ -179,7 +179,7 @@ The world needs more .Ar DSA capable .Ar SSL -and +and .Ar SSH services. .Pp @@ -200,20 +200,20 @@ Prior to Sept 21, 2000 there were problems shipping fully fuctional implementations of these protocols everywhere in the world, as such shipment would include shipping .Ar into -the United States, thus causing problems. +the United States, thus causing problems. .Ar RSA Data Security Inc (RSADSI) held the patent on the .Ar RSA algorithm in the United States. Because of this, free implementations of .Ar RSA -were difficult to distribute and propagate. +were difficult to distribute and propagate. (The .Ar RSA patent was probably more effective at preventing the late adoption of widespread international integrated crypto than the much maligned ITAR restrictions were). -Prior to OpenBSD 2.8, these libraries shipped without the +Prior to OpenBSD 2.8, these libraries shipped without the .Ar RSA algorithm -- all such functions were stubbed to fail. @@ -266,8 +266,8 @@ The result of this was that while the protocol allowed for many cipher suites that did not require the use of patented algorithms, It was very difficult to use these with the popular commercially available software. -Prior to version 2.8, OpenBSD allowed users to download -.Ar RSA +Prior to version 2.8, OpenBSD allowed users to download +.Ar RSA enabled versions of the shared libssl and libcrypto libraries which allowed users to enable full function without recompiling the applications. diff --git a/share/man/man8/vpn.8 b/share/man/man8/vpn.8 index a039b85c4fc..6308786e507 100644 --- a/share/man/man8/vpn.8 +++ b/share/man/man8/vpn.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: vpn.8,v 1.44 2000/09/29 19:00:31 angelos Exp $ +.\" $OpenBSD: vpn.8,v 1.45 2000/10/13 04:09:22 aaron Exp $ .\" Copyright 1998 Niels Provos <provos@physnet.uni-hamburg.de> .\" All rights reserved. .\" @@ -54,7 +54,7 @@ Choose a key exchange method: manual keyed, or automated via or .Xr photurisd 8 . .It -For manual keying, create the Security Associations (SA), one for +For manual keying, create the Security Associations (SA), one for each endpoint. .It For manual keying, create the appropriate IPsec flows. @@ -76,12 +76,12 @@ manual (symmetric shared secret) .Xr photurisd 8 .El .Pp -At present, +At present, .Xr photurisd 8 has a limitation in that the IP adress of the security gateway must fall within the range of adresses being tunnelled to, making VPNs between (non-routable) private (RFC 1918) networks difficult. -This does not apply to +This does not apply to .Xr isakmpd 8 . .Ss Enabling the Appropriate Kernel Operations Make sure that the following options and devices are enabled in the kernel: @@ -257,7 +257,7 @@ ipsecadm flow -dst A_EXTERNAL_IP -proto esp .Ed .Pp .Ss Configure and run the keying daemon [automated keying] -Unless manual keying is used, both security gateways need to start +Unless manual keying is used, both security gateways need to start either the .Xr isakmpd 8 or @@ -332,8 +332,8 @@ To create a manual keyed VPN between two class C networks using .Pp .Bl -enum .It -Choose the shared secrets using a suitably random method. -The 3DES encryption key needs 192 bits (3x64), or 24 bytes. +Choose the shared secrets using a suitably random method. +The 3DES encryption key needs 192 bits (3x64), or 24 bytes. The SHA-1 authentication key for needs 160 bits, or 20 bytes. .Pp .Bd -literal @@ -470,15 +470,15 @@ above, using .Xr isakmpd 8 : .Pp .Bl -enum -.It -Create -.Pa /etc/isakmpd/isakmpd.conf +.It +Create +.Pa /etc/isakmpd/isakmpd.conf for machine A: .Pp .Bd -literal # Incoming phase 1 negotiations are multiplexed on the source IP -# address. Phase 1 is used to setup a protected channel just +# address. Phase 1 is used to setup a protected channel just # between the two gateway machines. This channel is then used for # the phase 2 negotiation traffic (i.e encrypted & authenticated). @@ -535,13 +535,13 @@ Suites= QM-ESP-3DES-SHA-SUITE .Ed .Pp .It -Create -.Pa /etc/isakmpd/isakmpd.conf +Create +.Pa /etc/isakmpd/isakmpd.conf for machine B: .Bd -literal # Incoming phase 1 negotiations are multiplexed on the source IP -# address. Phase 1 is used to setup a protected channel just +# address. Phase 1 is used to setup a protected channel just # between the two gateway machines. This channel is then used for # the phase 2 negotiation traffic (i.e encrypted & authenticated). @@ -599,7 +599,7 @@ Suites= QM-ESP-3DES-SHA-SUITE .Pp .It Read through the configuration one more time. The only real -differences between the two files in this example is +differences between the two files in this example is the IP-addresses, and ordering of Local- and Remote-ID for the VPN itself. Note that the shared secret (the .Em Authentication @@ -641,11 +641,11 @@ Conditions: app_domain == "IPsec policy" && Configure the firewall rules on machines A and B: .Pp Use the same ruleset as the manual keying example, but add permission -for the +for the .Xr isakmpd 8 -control traffic, on -.Tn UDP -port 500. +control traffic, on +.Tn UDP +port 500. .Pp For machineA, add: .Bd -literal @@ -662,7 +662,7 @@ pass out proto udp from 192.168.2.1/32 to 193.127.1.254/32 port = 500 .Ed .Pp .It -Start +Start .Xr isakmpd 8 .Pp On both machines, run: @@ -692,7 +692,7 @@ Firewall configuration file can not be used in VPN mode unless both of the security gateway IP addresses lie within the network ranges being tunnelled to. In situations where the gateway IP is outside the desired netrange, such -as with private (RFC 1918) networks, +as with private (RFC 1918) networks, .Xr isakmpd 8 or manual keying must be used. .Sh SEE ALSO |