Date: Mon, 13 May 2002 20:15:00 -0700 (PDT) From: Chris Pepper <pepper@rockefeller.edu> To: freebsd-gnats-submit@FreeBSD.org Subject: docs/38061: Typos in man pages for faith & faithd Message-ID: <200205140315.g4E3F0c2083107@www.freebsd.org>
index | next in thread | raw e-mail
>Number: 38061
>Category: docs
>Synopsis: Typos in man pages for faith & faithd
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-doc
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: doc-bug
>Submitter-Id: current-users
>Arrival-Date: Mon May 13 20:20:01 PDT 2002
>Closed-Date:
>Last-Modified:
>Originator: Chris Pepper
>Release: 4.5-RELEASE
>Organization:
Rockefeller University
>Environment:
FreeBSD kra.info-mac.org 4.5-RELEASE FreeBSD 4.5-RELEASE #0: Thu May 2 17:53:25 EDT 2002 root@kra.info-mac.org:/usr/src/sys/compile/KRA i386
>Description:
Many typos in manpages for faith & faithd.
>How-To-Repeat:
>Fix:
--- faith.4 Mon May 13 22:51:35 2002
+++ faith.4.fixed Mon May 13 22:57:20 2002
@@ -46,20 +46,20 @@
.Xr faithd 8 .
.Pp
Special action will be taken when IPv6 TCP traffic is seen on a router,
-and routing table suggests to route it to
+and the routing table suggests routing it to the
.Nm
interface.
In this case, the packet will be accepted by the router,
-regardless of list of IPv6 interface addresses assigned to the router.
-The packet will be captured by an IPv6 TCP socket, if it has
+regardless of the list of IPv6 interface addresses assigned to the router.
+The packet will be captured by an IPv6 TCP socket, if it has the
.Dv IN6P_FAITH
-flag turned on and it has matching address/port pairs.
-In result,
+flag turned on and matching address/port pairs.
+As a result,
.Nm
will let you capture IPv6 TCP traffic to some specific destination addresses.
Userland programs, such as
.Xr faithd 8
-can use this behavior to relay IPv6 TCP traffic to IPv4 TCP traffic.
+can use this behavior to relay IPv6 TCP traffic to IPv4 TCP programs.
The program can accept some specific IPv6 TCP traffic, perform
.Xr getsockname 2
to get the IPv6 destination address specified by the client,
@@ -69,26 +69,24 @@
.Dv IN6P_FAITH
flag on IPv6 TCP socket can be set by using
.Xr setsockopt 2 ,
-with level equals to
+with level
.Dv IPPROTO_IPV6
-and optname equals to
+and optname
.Dv IPv6_FAITH .
.Pp
-To handle error reports by ICMPv6, some of ICMPv6 packets routed to
+To handle error reports by ICMPv6, some ICMPv6 packets routed to
.Nm
-interface will be delivered to IPv6 TCP, as well.
+interface may be delivered to IPv6 TCP, as well.
.Pp
To understand how
.Nm
-can be used, take a look at source code of
+can be used, take a look at the source code of
.Xr faithd 8 .
.Pp
-As
+As the
.Nm
-interface implements potentially dangerous operation,
-great care must be taken when configuring
-.Nm
-interface.
+interface implements potentially dangerous operations,
+great care must be taken when configuring it.
To avoid possible misuse,
.Xr sysctl 8
variable
@@ -100,10 +98,11 @@
.Li net.inet6.ip6.keepfaith
is
.Li 0 ,
-no packet will be captured by
+no packets will be captured by the
.Nm
interface.
.Pp
+The
.Nm
interface is intended to be used on routers, not on hosts.
.\"
@@ -120,5 +119,5 @@
.%O work in progress material
.Re
.Sh HISTORY
-The FAITH IPv6-to-IPv4 TCP relay translator was first appeared in
+The FAITH IPv6-to-IPv4 TCP relay translator first appeared in the
WIDE hydrangea IPv6 stack.
--- faithd.8 Mon May 13 22:51:36 2002
+++ faithd.8.fixed Mon May 13 23:12:54 2002
@@ -43,21 +43,19 @@
.Op Ar serverpath Op Ar serverargs
.Sh DESCRIPTION
.Nm
-provides IPv6-to-IPv4 TCP relay.
+provides IPv6-to-IPv4 TCP relaying.
.Nm
-must be used on an IPv4/v6 dual stack router.
+can only be used on an IPv4/v6 dual stack router.
.Pp
When
.Nm
receives
.Tn TCPv6
-traffic,
-.Nm
-will relay the
+traffic, it will relay the
.Tn TCPv6
traffic to
.Tn TCPv4 .
-Destination for relayed
+The destination for the relayed
.Tn TCPv4
connection will be determined by the last 4 octets of the original
.Tn IPv6
@@ -73,14 +71,14 @@
the traffic will be relayed to IPv4 destination
.Li 10.1.1.1 .
.Pp
-To use
+To use the
.Nm
translation service,
-an IPv6 address prefix must be reserved for mapping IPv4 addresses into.
-Kernel must be properly configured to route all the TCP connection
-toward the reserved IPv6 address prefix into the
+an IPv6 address prefix must be reserved for mapping IPv4 addresses
+into, and the kernel must be properly configured to route all the
+TCPs connections to the reserved IPv6 address prefix into the
.Xr faith 4
-pseudo interface, by using
+pseudo interface, using the
.Xr route 8
command.
Also,
@@ -91,7 +89,7 @@
.Dv 1 .
.Pp
The router must be configured to capture all the TCP traffic
-toward reserved
+for the reserved
.Tn IPv6
address prefix, by using
.Xr route 8
@@ -100,21 +98,21 @@
commands.
.Pp
.Nm
-needs a special name-to-address translation logic, so that
-hostnames gets resolved into special
+needs special name-to-address translation logic, so that
+hostnames get resolved into the special
.Tn IPv6
address prefix.
-For small-scale installation, use
-.Xr hosts 5 .
-For large-scale installation, it is useful to have
+For small-scale installations, use
+.Xr hosts 5 ;
+for large-scale installations, it is useful to have
a DNS server with special address translation support.
An implementation called
.Nm totd
is available
at
.Pa http://www.vermicelli.pasta.cs.uit.no/ipv6/software.html .
-Make sure you do not propagate translated DNS records to normal DNS cloud,
-it is highly harmful.
+Make sure you do not propagate translated DNS records over to normal
+DNS, as it can cause severe problems.
.Pp
.Ss Daemon mode
When
@@ -148,9 +146,9 @@
.Nm ,
you can run local daemons on the router.
.Nm
-will invoke local daemon at
+will invoke a local daemon at
.Ar serverpath
-if the destination address is local interface address,
+if the destination address is a local interface address,
and will perform translation to IPv4 TCP in other cases.
You can also specify
.Ar serverargs
@@ -182,24 +180,24 @@
.Xr ftp 1
and
.Xr rlogin 1 .
-When translating FTP protocol,
+When translating the FTP protocol,
.Nm
translates network level addresses in
.Li PORT/LPRT/EPRT
and
.Li PASV/LPSV/EPSV
commands.
-For RLOGIN protocol,
+For the rlogin protocol,
.Nm
-will relay back connection from
+will relay back connections from
.Xr rlogind 8
on the server to
.Xr rlogin 1
-on client.
+on the client.
.Pp
Inactive sessions will be disconnected in 30 minutes,
-to avoid stale sessions from chewing up resources.
-This may be inappropriate for some of the services
+to prevent stale sessions from chewing up resources.
+This may be inappropriate for some services
(should this be configurable?).
.Ss inetd mode
When
@@ -207,13 +205,13 @@
is invoked via
.Xr inetd 8 ,
.Nm
-will handle connection passed from standard input.
+will handle connections passed from standard input.
If the connection endpoint is in the reserved IPv6 address prefix,
.Nm
will relay the connection.
Otherwise,
.Nm
-will invoke service-specific daemon like
+will invoke a service-specific daemon like
.Xr telnetd 8 ,
by using the command argument passed from
.Xr inetd 8 .
@@ -225,16 +223,16 @@
.Nm
is invoked via
.Xr inetd 8
-on FTP port, it will operate as a FTP relay.
+on the FTP port, it will operate as an FTP relay.
.Pp
The operation mode requires special support for
.Nm
in
.Xr inetd 8 .
.Ss Access control
-To prevent malicious accesses,
+To prevent malicious access,
.Nm
-implements a simple address-based access control.
+implements simple address-based access control.
With
.Pa /etc/faithd.conf
(or
@@ -243,9 +241,8 @@
.Fl f ) ,
.Nm
will avoid relaying unwanted traffic.
-The
.Pa faithd.conf
-contains directives with the following format:
+contains directives of the following format:
.Bl -bullet
.It
.Ar src Ns / Ns Ar slen Cm deny Ar dst Ns / Ns Ar dlen
@@ -266,7 +263,7 @@
.El
.Pp
The directives are evaluated in sequence,
-and the first matching entry will be effective.
+and the first matching entry will be used.
If there is no match
.Pq if we reach the end of the ruleset
the traffic will be denied.
@@ -277,6 +274,7 @@
.Sh EXAMPLES
Before invoking
.Nm ,
+the
.Xr faith 4
interface has to be configured properly.
.Bd -literal -offset
@@ -337,12 +335,12 @@
.Ed
.Pp
.Xr inetd 8
-will open listening sockets with enabling kernel TCP relay support.
-Whenever connection comes in,
+will open listening sockets with kernel TCP relay support enabled.
+Whenever a connection comes in,
.Nm
will be invoked by
.Xr inetd 8 .
-If it the connection endpoint is in the reserved IPv6 address prefix.
+If the connection endpoint is in the reserved IPv6 address prefix.
.Nm
will relay the connection.
Otherwise,
@@ -388,7 +386,7 @@
.Sh HISTORY
The
.Nm
-command first appeared in WIDE Hydrangea IPv6 protocol stack kit.
+command first appeared in the WIDE Hydrangea IPv6 protocol stack kit.
.\"
.Pp
IPv6 and IPsec support based on the KAME Project (http://www.kame.net/) stack
@@ -405,16 +403,15 @@
.Nm
using
.Pa faithd.conf ,
-or by using IPv6 packet filters.
-It is to protect
+or by using IPv6 packet filters, to protect the
.Nm
-service from malicious parties and avoid theft of service/bandwidth.
-IPv6 destination address can be limited by
-carefully configuring routing entries that points to
+service from malicious parties, and to avoid theft of service/bandwidth.
+IPv6 destination addresses can be limited by
+carefully configuring routing entries that point to
.Xr faith 4 ,
using
.Xr route 8 .
-IPv6 source address needs to be filtered by using packet filters.
-Documents listed in
+The IPv6 source address needs to be filtered using packet filters.
+The documents listed in
.Sx SEE ALSO
-have more discussions on this topic.
+have more information on this topic.
>Release-Note:
>Audit-Trail:
>Unformatted:
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-doc" in the body of the message
help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200205140315.g4E3F0c2083107>