From owner-p4-projects@FreeBSD.ORG  Mon Aug 25 19:15:53 2003
Return-Path: <owner-p4-projects@FreeBSD.ORG>
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id 85F8916A4C1; Mon, 25 Aug 2003 19:15:53 -0700 (PDT)
Delivered-To: perforce@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 42E9216A4BF
	for <perforce@freebsd.org>; Mon, 25 Aug 2003 19:15:53 -0700 (PDT)
Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115])
	by mx1.FreeBSD.org (Postfix) with ESMTP id C78CD43FB1
	for <perforce@freebsd.org>; Mon, 25 Aug 2003 19:15:52 -0700 (PDT)
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.12.6/8.12.6) with ESMTP id h7Q2Fq0U020479
	for <perforce@freebsd.org>; Mon, 25 Aug 2003 19:15:52 -0700 (PDT)
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Received: (from perforce@localhost)
	by repoman.freebsd.org (8.12.6/8.12.6/Submit) id h7Q2FqrR020476
	for perforce@freebsd.org; Mon, 25 Aug 2003 19:15:52 -0700 (PDT)
Date: Mon, 25 Aug 2003 19:15:52 -0700 (PDT)
Message-Id: <200308260215.h7Q2FqrR020476@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: perforce set sender to
	bb+lists.freebsd.perforce@cyrus.watson.org using -f
From: Robert Watson <rwatson@FreeBSD.org>
To: Perforce Change Reviews <perforce@freebsd.org>
Subject: PERFORCE change 36924 for review
X-BeenThere: p4-projects@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: p4 projects tree changes <p4-projects.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/p4-projects>
List-Post: <mailto:p4-projects@freebsd.org>
List-Help: <mailto:p4-projects-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 26 Aug 2003 02:15:54 -0000

http://perforce.freebsd.org/chv.cgi?CH=36924

Change 36924 by rwatson@rwatson_paprika on 2003/08/25 19:15:19

	Convert from notes into text for network interface description.
	Add stub paragraph for routing sockets and the routing system.
	Begin to put text into the IP networking section.

Affected files ...

.. //depot/projects/trustedbsd/doc/en_US.ISO8859-1/books/arch-handbook/secarch/chapter.sgml#4 edit

Differences ...

==== //depot/projects/trustedbsd/doc/en_US.ISO8859-1/books/arch-handbook/secarch/chapter.sgml#4 (text+ko) ====

@@ -1880,34 +1880,50 @@
     <sect2 id="secarch-netinterfaces">
       <title>Network Interfaces</title>
 
-      <para>XXX</para>
+      <para>Most network protocol stacks included with FreeBSD are
+	intended for use of local area and wide area networks.
+	I/O from external network devices is generally abstracted
+	behind a network interface--most frequently as a source
+	and sink of packets.
+	Generally access to network interfaces is performed using
+	the network stack, with higher level network services
+	abstracted by sockets.
+	Management of network interfaces occurs using management
+	sockets or sysctl, and generally requires privilege,
+	although access control varies by component.</para>
 
-      <para>generally, access to network interfaces performed using the
-	network stack, abstracted via sockets.
-	management occurs via special network sockets, and sysctl, and
-	requires privilege.
-	Management of specific protocol interactions with the network
-	stack is performed at the level of the network stack, and
-	access control may vary by component.</para>
+      <para>The Berkeley Packet Filter (BPF) permits direct monitoring
+	and transmission at the interface level, and offers a
+	kernel-based filtering language to improve performance, avoiding
+	the copying of uninteresting packets into the user process.
+	the right to use bpf depends on the protections of bpf devices
+	in /dev, permitting unprivileged monitoring or transmission of
+	specific classes of packets.
+	However, enabled promiscuous mode on interfaces does require
+	privilege.</para>
+    </sect2>
 
-      <para>bpf permits direct monitoring and transmission at the
-	interface level, and offers a kernel-based filtering language
-	to improve performance, avoiding the copying of uninteresting
-	packets into the user process.</para>
+    <sect2 id="secarch-routing">
+      <title>Routing Sockets</title>
 
-      <para>the right to use bpf depends on the protections of bpf
-	devices in /dev, permitting unprivileged monitoring or
-	transmission of specific classes of packets.
-	however, enabled promiscuous mode on interfaces does require
-	privilege.</para>
-
-      <para>XXX revision here</para>
+      <para>The FreeBSD network stack provides centralized,
+	protocol-independent route management. XXX
+	</para>
     </sect2>
     
     <sect2 id="secarch-netinet">
       <title>IP Networking Protection Model</title>
       
-      <para>management interfaces (suser required to manage IP properties
+      <para>The IPv4 and IPv6 protocol stacks in FreeBSD provide
+	controlled access to the network interface as abstracted behind
+	a variety of socket types, including TCP, UDP, and raw sockets.
+	Internally, routing of packets in and out of interfaces are
+	controlled by the IPv4 and IPv6 routing tables, which is
+	manipulated using routing sockets. XXX
+	
+
+
+management interfaces (suser required to manage IP properties
 	of network interfaces, routing), monitoring of credentials
 	associated with sockets.
 	monitoring interfaces generally do not require privilege, with