From owner-freebsd-doc@FreeBSD.ORG  Tue Aug 31 20:58:25 2004
Return-Path: <owner-freebsd-doc@FreeBSD.ORG>
Delivered-To: freebsd-doc@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 4033C16A4CF
	for <doc@FreeBSD.org>; Tue, 31 Aug 2004 20:58:25 +0000 (GMT)
Received: from smtp-send.myrealbox.com (smtp-send.myrealbox.com
	[192.108.102.143])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 0029E43D4C
	for <doc@FreeBSD.org>; Tue, 31 Aug 2004 20:58:24 +0000 (GMT)
	(envelope-from lumsden@myrealbox.com)
Received: from lumsden [154.32.142.224] by myrealbox.com
	with NetMail ModWeb Module; Tue, 31 Aug 2004 21:58:29 +0100
From: "mark" <lumsden@myrealbox.com>
To: doc@FreeBSD.org
Date: Tue, 31 Aug 2004 21:58:29 +0100
X-Mailer: NetMail ModWeb Module
X-Sender: lumsden
MIME-Version: 1.0
Message-ID: <1093985909.d6849c9clumsden@myrealbox.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Subject: ipsec
X-BeenThere: freebsd-doc@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Documentation project <freebsd-doc.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-doc>,
	<mailto:freebsd-doc-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-doc>
List-Post: <mailto:freebsd-doc@freebsd.org>
List-Help: <mailto:freebsd-doc-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-doc>,
	<mailto:freebsd-doc-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 31 Aug 2004 20:58:25 -0000

hi,

Just a small error I think, in the handbook at 14.10.3.2:

``If a packet leaves from A.B.C.D, and that packet is encapsulating another=
 packet, and it is destined for W.X.Y.Z, then encrypt it, using the neces=
sary security associations.''

``If a packet arrives from W.X.Y.Z, and that packet is encapsulating anothe=
r packet, and it is destined for A.B.C.D, then encrypt it, using the nece=
ssary security associations.''

I think the 2 lines above should read:

``If a packet leaves from A.B.C.D, and that packet is encapsulating another=
 packet, and it is destined for W.X.Y.Z, then encrypt it, using the neces=
sary security associations.''

``If a packet arrives from W.X.Y.Z, and that packet is encapsulating anothe=
r packet, and it is destined for A.B.C.D, then _decrypt_ it, using the ne=
cessary security associations.''

The change makes more sense especially when read with these 2 lines found i=
n the handbook (just before the previous ones):

`If a packet leaves from A.B.C.D, and it is destined for W.X.Y.Z, then >enc=
rypt< it, using the necessary security associations.''

``If a packet arrives from W.X.Y.Z, and it is destined for A.B.C.D, then >d=
ecrypt< it, using the necessary security associations.''

Regards
Mark