From owner-p4-projects@FreeBSD.ORG  Sat Nov 24 22:32:39 2007
Return-Path: <owner-p4-projects@FreeBSD.ORG>
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id ADAA616A468; Sat, 24 Nov 2007 22:32:38 +0000 (UTC)
Delivered-To: perforce@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 5F0CB16A420
	for <perforce@freebsd.org>; Sat, 24 Nov 2007 22:32:38 +0000 (UTC)
	(envelope-from jb@freebsd.org)
Received: from repoman.freebsd.org (repoman.freebsd.org
	[IPv6:2001:4f8:fff6::29])
	by mx1.freebsd.org (Postfix) with ESMTP id 4271A13C442
	for <perforce@freebsd.org>; Sat, 24 Nov 2007 22:32:38 +0000 (UTC)
	(envelope-from jb@freebsd.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.14.1/8.14.1) with ESMTP id lAOMWcX4084577
	for <perforce@freebsd.org>; Sat, 24 Nov 2007 22:32:38 GMT
	(envelope-from jb@freebsd.org)
Received: (from perforce@localhost)
	by repoman.freebsd.org (8.14.1/8.14.1/Submit) id lAOMWb71084574
	for perforce@freebsd.org; Sat, 24 Nov 2007 22:32:37 GMT
	(envelope-from jb@freebsd.org)
Date: Sat, 24 Nov 2007 22:32:37 GMT
Message-Id: <200711242232.lAOMWb71084574@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: perforce set sender to
	jb@freebsd.org using -f
From: John Birrell <jb@FreeBSD.org>
To: Perforce Change Reviews <perforce@freebsd.org>
Cc: 
Subject: PERFORCE change 129471 for review
X-BeenThere: p4-projects@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: p4 projects tree changes <p4-projects.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/p4-projects>
List-Post: <mailto:p4-projects@freebsd.org>
List-Help: <mailto:p4-projects-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 24 Nov 2007 22:32:39 -0000

http://perforce.freebsd.org/chv.cgi?CH=129471

Change 129471 by jb@jb_freebsd1 on 2007/11/24 22:31:49

	IFC

Affected files ...

.. //depot/projects/dtrace/doc/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.sgml#11 integrate
.. //depot/projects/dtrace/doc/zh_TW.Big5/books/handbook/advanced-networking/chapter.sgml#3 integrate
.. //depot/projects/dtrace/doc/zh_TW.Big5/books/handbook/basics/chapter.sgml#5 integrate
.. //depot/projects/dtrace/doc/zh_TW.Big5/books/handbook/config/chapter.sgml#5 integrate
.. //depot/projects/dtrace/doc/zh_TW.Big5/books/handbook/firewalls/chapter.sgml#5 integrate
.. //depot/projects/dtrace/doc/zh_TW.Big5/books/handbook/introduction/chapter.sgml#7 integrate
.. //depot/projects/dtrace/doc/zh_TW.Big5/books/handbook/mail/chapter.sgml#3 integrate
.. //depot/projects/dtrace/doc/zh_TW.Big5/books/handbook/printing/chapter.sgml#3 integrate
.. //depot/projects/dtrace/doc/zh_TW.Big5/books/handbook/users/chapter.sgml#3 integrate
.. //depot/projects/dtrace/doc/zh_TW.Big5/books/porters-handbook/book.sgml#10 integrate
.. //depot/projects/dtrace/src/contrib/binutils/opcodes/ppc-dis.c#4 integrate
.. //depot/projects/dtrace/src/etc/periodic/security/100.chksetuid#4 integrate
.. //depot/projects/dtrace/src/lib/libc/sparc64/fpu/fpu_explode.c#5 integrate
.. //depot/projects/dtrace/src/lib/libdisk/libdisk.3#5 integrate
.. //depot/projects/dtrace/src/lib/libelf/elf.3#9 integrate
.. //depot/projects/dtrace/src/lib/libelf/libelf_data.c#8 integrate
.. //depot/projects/dtrace/src/lib/libpmc/Makefile#4 integrate
.. //depot/projects/dtrace/src/lib/libpmc/pmc_allocate.3#1 branch
.. //depot/projects/dtrace/src/lib/libpmc/pmc_disable.3#1 branch
.. //depot/projects/dtrace/src/lib/libpmc/pmc_event_names_of_class.3#1 branch
.. //depot/projects/dtrace/src/lib/libpmc/pmc_name_of_capability.3#1 branch
.. //depot/projects/dtrace/src/lib/libthr/thread/thr_sem.c#7 integrate
.. //depot/projects/dtrace/src/libexec/tftpd/Makefile#4 integrate
.. //depot/projects/dtrace/src/libexec/tftpd/tftpd.8#7 integrate
.. //depot/projects/dtrace/src/libexec/tftpd/tftpd.c#4 integrate
.. //depot/projects/dtrace/src/sbin/geom/class/nop/gnop.8#5 integrate
.. //depot/projects/dtrace/src/share/man/man4/hwpmc.4#8 integrate
.. //depot/projects/dtrace/src/sys/amd64/amd64/genassym.c#8 integrate
.. //depot/projects/dtrace/src/sys/dev/aac/aac_debug.c#4 integrate
.. //depot/projects/dtrace/src/sys/dev/ata/ata-chipset.c#20 integrate
.. //depot/projects/dtrace/src/sys/dev/ata/ata-disk.c#8 integrate
.. //depot/projects/dtrace/src/sys/dev/usb/if_zyd.c#6 integrate
.. //depot/projects/dtrace/src/sys/dev/usb/usbdevs#20 integrate
.. //depot/projects/dtrace/src/sys/i386/i386/genassym.c#10 integrate
.. //depot/projects/dtrace/src/sys/kern/kern_lock.c#11 integrate
.. //depot/projects/dtrace/src/sys/kern/subr_witness.c#12 integrate
.. //depot/projects/dtrace/src/sys/net80211/ieee80211.c#9 integrate
.. //depot/projects/dtrace/src/sys/net80211/ieee80211.h#9 integrate
.. //depot/projects/dtrace/src/sys/net80211/ieee80211_ht.c#4 integrate
.. //depot/projects/dtrace/src/sys/net80211/ieee80211_node.c#8 integrate
.. //depot/projects/dtrace/src/sys/net80211/ieee80211_output.c#11 integrate
.. //depot/projects/dtrace/src/sys/net80211/ieee80211_proto.c#8 integrate
.. //depot/projects/dtrace/src/sys/net80211/ieee80211_scan_sta.c#4 integrate
.. //depot/projects/dtrace/src/sys/net80211/ieee80211_var.h#9 integrate
.. //depot/projects/dtrace/src/sys/netinet/libalias/alias_util.c#6 integrate
.. //depot/projects/dtrace/src/sys/netinet/tcp_subr.c#17 integrate
.. //depot/projects/dtrace/src/sys/sys/lockmgr.h#8 integrate
.. //depot/projects/dtrace/src/sys/vm/vm_pageout.c#8 integrate
.. //depot/projects/dtrace/www/share/sgml/events.xml#13 integrate
.. //depot/projects/dtrace/www/share/sgml/navibar.ent#6 integrate

Differences ...

==== //depot/projects/dtrace/doc/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.sgml#11 (text+ko) ====

@@ -1,7 +1,7 @@
 <!--
      The FreeBSD Documentation Project
 
-     $FreeBSD: doc/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.sgml,v 1.400 2007/09/12 11:47:33 murray Exp $
+     $FreeBSD: doc/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.sgml,v 1.402 2007/11/24 14:10:49 remko Exp $
 -->
 
 <chapter id="advanced-networking">
@@ -1739,6 +1739,305 @@
 	    ready to exchange informations.</para>
     </sect2>
 
+    <sect2 id="network-wireless-ap">
+      <title>&os; Host Access Points</title>
+
+      <para>&os; can act as an Access Point (AP) which eliminates the
+	need to buy a hardware AP or run an ad-hoc network.  This can be
+	particularly useful when your &os; machine is acting as a
+	gateway to another network (e.g., the Internet).</para>
+
+      <sect3 id="network-wireless-ap-basic">
+	<title>Basic Settings</title>
+
+	<para>Before configuring your &os; machine as an AP, the
+	  kernel must be configured with the appropriate wireless
+	  networking support for your wireless card.  You also have to
+	  add the support for the security protocols you intend to
+	  use.  For more details, see <xref
+	  linkend="network-wireless-basic">.</para>
+
+	<note>
+	  <para>The use of the NDIS driver wrapper and the &windows;
+	    drivers do not allow currently the AP operation.  Only
+	    native &os; wireless drivers support AP mode.</para>
+	</note>
+
+	<para>Once the wireless networking support is loaded, you can
+	  check if your wireless device supports the host-based access
+	  point mode (also know as hostap mode):</para>
+
+	<screen>&prompt.root; <userinput>ifconfig <replaceable>ath0</replaceable> list caps</userinput>
+ath0=783ed0f&lt;WEP,TKIP,AES,AES_CCM,IBSS,HOSTAP,AHDEMO,TXPMGT,SHSLOT,SHPREAMBLE,MONITOR,TKIPMIC,WPA1,WPA2,BURST,WME&gt;</screen>
+
+	<para>This output displays the card capabilities; the
+	  <literal>HOSTAP</literal> word confirms this wireless card
+	  can act as an Access Point.  Various supported ciphers are
+	  also mentioned: WEP, TKIP, WPA2, etc., these informations
+	  are important to know what security protocols could be set
+	  on the Access Point.</para>
+
+	<para>The wireless device can now be put into hostap mode and
+	  configured with the correct SSID and IP address:</para>
+
+	<screen>&prompt.root; <userinput>ifconfig <replaceable>ath0</replaceable> ssid <replaceable>freebsdap</replaceable> mode 11g mediaopt hostap</userinput> inet <replaceable>192.168.0.1</replaceable> netmask <replaceable>255.255.255.0</replaceable></screen>
+
+	<para>Use again <command>ifconfig</command> to see the status
+	  of the <devicename>ath0</devicename> interface:</para>
+
+	<screen>&prompt.root; <userinput>ifconfig <replaceable>ath0</replaceable></userinput>
+  ath0: flags=8843&lt;UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST&gt; mtu 1500
+	  inet 192.168.0.1 netmask 0xffffff00 broadcast 192.168.0.255
+	  inet6 fe80::211:95ff:fec3:dac%ath0 prefixlen 64 scopeid 0x4
+	  ether 00:11:95:c3:0d:ac
+	  media: IEEE 802.11 Wireless Ethernet autoselect mode 11g &lt;hostap&gt;
+	  status: associated
+	  ssid freebsdap channel 1 bssid 00:11:95:c3:0d:ac
+	  authmode OPEN privacy OFF txpowmax 38 bmiss 7 protmode CTS burst dtimperiod 1 bintval 100</screen>
+
+	<para>The <literal>hostap</literal> parameter indicates the
+	  interface is running in the host-based access point
+	  mode.</para>
+
+	<para>The interface configuration can be done automatically at
+	  boot time by adding the following line to
+	  <filename>/etc/rc.conf</filename>:</para>
+
+	<programlisting>ifconfig_ath0="ssid <replaceable>freebsdap</replaceable> mode 11g mediaopt hostap inet <replaceable>192.168.0.1</replaceable> netmask <replaceable>255.255.255.0</replaceable>"</programlisting>
+      </sect3>
+
+      <sect3>
+	<title>Host-based Access Point without Authentication or
+	  Encryption</title>
+
+	<para>Although it is not recommended to run an AP without any
+	  authentication or encryption, this is a simple way to check
+	  if your AP is working.  This configuration is also important
+	  for debugging client issues.</para>
+
+	<para>Once the AP configured as previously shown, it is
+	  possible from another wireless machine to initiate a scan to
+	  find the AP:</para>
+
+	<screen>&prompt.root; <userinput>ifconfig <replaceable>ath0</replaceable> up scan</userinput>
+SSID            BSSID              CHAN RATE  S:N   INT CAPS
+freebsdap       00:11:95:c3:0d:ac    1   54M 22:1   100 ES</screen>
+
+	<para>The client machine found the Access Point and can be
+	  associated with it:</para>
+
+	<screen>&prompt.root; <userinput>ifconfig <replaceable>ath0</replaceable> ssid <replaceable>freebsdap</replaceable> inet <replaceable>192.168.0.2</replaceable> netmask <replaceable>255.255.255.0</replaceable></userinput>
+&prompt.root; <userinput>ifconfig <replaceable>ath0</replaceable></userinput>
+  ath0: flags=8843&lt;UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST&gt; mtu 1500
+	  inet6 fe80::211:95ff:fed5:4362%ath0 prefixlen 64 scopeid 0x1
+	  inet 192.168.0.2 netmask 0xffffff00 broadcast 192.168.0.255
+	  ether 00:11:95:d5:43:62
+	  media: IEEE 802.11 Wireless Ethernet autoselect (OFDM/54Mbps)
+	  status: associated
+	  ssid freebsdap channel 1 bssid 00:11:95:c3:0d:ac
+	  authmode OPEN privacy OFF txpowmax 36 protmode CTS bintval 100</screen>
+      </sect3>
+
+      <sect3>
+	<title>WPA Host-based Access Point</title>
+
+	<para>This section will focus on setting up &os; Access Point
+	  using the WPA security protocol.  More details regarding WPA
+	  and the configuration of WPA-based wireless clients can be
+	  found in the <xref linkend="network-wireless-wpa">.</para>
+
+	<para>The <application>hostapd</application> daemon is used to
+	  deal with client authentication and keys management on the
+	  WPA enabled Access Point.</para>
+
+	<para>In the following, all the configuration operations will
+	  be performed on the &os; machine acting as AP.  Once the
+	  AP is correctly working, <application>hostapd</application>
+	  should be automatically enabled at boot with the following
+	  line in <filename>/etc/rc.conf</filename>:</para>
+
+	<programlisting>hostapd_enable="YES"</programlisting>
+
+	<para>Before trying to configure
+	  <application>hostapd</application>, be sure you have done
+	  the basic settings introduced in the <xref
+	  linkend="network-wireless-ap-basic">.</para>
+
+	<sect4>
+	  <title>WPA-PSK</title>
+
+	  <para>WPA-PSK is intended for small networks where the use
+	    of an backend authentication server is not possible or
+	    desired.</para>
+
+	  <para>The configuration is done in the
+	    <filename>/etc/hostapd.conf</filename> file:</para>
+
+	  <programlisting>interface=ath0 <co id="co-ap-wpapsk-iface">
+debug=1 <co id="co-ap-wpapsk-dbug">
+ctrl_interface=/var/run/hostapd <co id="co-ap-wpapsk-ciface">
+ctrl_interface_group=wheel <co id="co-ap-wpapsk-cifacegrp">
+ssid=freebsdap <co id="co-ap-wpapsk-ssid">
+wpa=1 <co id="co-ap-wpapsk-wpa">
+wpa_passphrase=freebsdmall <co id="co-ap-wpapsk-pass">
+wpa_key_mgmt=WPA-PSK <co id="co-ap-wpapsk-kmgmt">
+wpa_pairwise=CCMP TKIP <co id="co-ap-wpapsk-pwise"></programlisting>
+
+	  <calloutlist>
+	    <callout arearefs="co-ap-wpapsk-iface">
+	      <para>This field indicates the wireless interface used
+		for the Access Point.</para>
+	    </callout>
+
+	    <callout arearefs="co-ap-wpapsk-dbug">
+	      <para>This field sets the level of verbosity during the
+		execution of <application>hostapd</application>.  A
+		value of <literal>1</literal> represents the minimal
+		level.</para>
+	    </callout>
+
+	    <callout arearefs="co-ap-wpapsk-ciface">
+	      <para>The <literal>ctrl_interface</literal> field gives
+		the pathname of the directory used by
+		<application>hostapd</application> to stores its
+		domain socket files for the communication with
+		external programs such as &man.hostapd.cli.8;.  The
+		default value is used here.</para>
+	    </callout>
+
+	    <callout arearefs="co-ap-wpapsk-cifacegrp">
+	      <para>The <literal>ctrl_interface_group</literal> line
+		sets the group (here, it is the
+		<groupname>wheel</groupname> group) allowed to access
+		to the control interface files.</para>
+	    </callout>
+
+	    <callout arearefs="co-ap-wpapsk-ssid">
+	      <para>This field sets the network name.</para>
+	    </callout>
+
+	    <callout arearefs="co-ap-wpapsk-wpa">
+	      <para>The <literal>wpa</literal> field enables WPA and
+		specifies which WPA authentication protocol will be
+		required.  A value of <literal>1</literal> configures the
+		AP for WPA-PSK.</para>
+	    </callout>
+
+	    <callout arearefs="co-ap-wpapsk-pass">
+	      <para>The <literal>wpa_passphrase</literal> field
+		contains the ASCII passphrase for the WPA
+		authentication.</para>
+
+	      <warning>
+		<para>Always use strong passwords that are
+		  sufficiently long and made from a rich alphabet so
+		  they will not be guessed and/or attacked.</para>
+	      </warning>
+	    </callout>
+
+	    <callout arearefs="co-ap-wpapsk-kmgmt">
+	      <para>The <literal>wpa_key_mgmt</literal> line refers to
+		the key management protocol we use.  In our case it is
+		WPA-PSK.</para>
+	    </callout>
+
+	    <callout arearefs="co-ap-wpapsk-pwise">
+	      <para>The <literal>wpa_pairwise</literal> field
+		indicates the set of accepted encryption algorithms by
+		the Access Point.  Here both TKIP (WPA) and CCMP
+		(WPA2) ciphers are accepted.  CCMP cipher is an
+		alternative to TKIP and that is strongly preferred
+		when possible; TKIP should be used solely for stations
+		incapable of doing CCMP.</para>
+	    </callout>
+	  </calloutlist>
+
+	  <para>The next step is to start
+	    <application>hostapd</application>:</para>
+
+	  <screen>&prompt.root <userinput>/etc/rc.d/hostapd forcestart</userinput></screen>
+
+	<screen>&prompt.root; <userinput>ifconfig <replaceable>ath0</replaceable></userinput>
+  ath0: flags=8843&lt;UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST&gt; mtu 2290
+	  inet 192.168.0.1 netmask 0xffffff00 broadcast 192.168.0.255
+	  inet6 fe80::211:95ff:fec3:dac%ath0 prefixlen 64 scopeid 0x4
+	  ether 00:11:95:c3:0d:ac
+	  media: IEEE 802.11 Wireless Ethernet autoselect mode 11g &lt;hostap&gt;
+	  status: associated
+	  ssid freebsdap channel 1 bssid 00:11:95:c3:0d:ac
+	  authmode WPA2/802.11i privacy MIXED deftxkey 2 TKIP 2:128-bit txpowmax 36 protmode CTS dtimperiod 1 bintval 100</screen>
+
+	<para>The Access Point is running, the clients can now be
+	  associated with it, see <xref
+	  linkend="network-wireless-wpa"> for more details.  It is
+	  possible to see the stations associated with the AP using
+	  the <command>ifconfig <replaceable>ath0</replaceable> list
+	  sta</command> command.</para>
+	</sect4>
+      </sect3>
+
+      <sect3>
+	<title>WEP Host-based Access Point</title>
+
+	<para>It is not recommended to use WEP for setting up an
+	  Access Point since there is no authentication mechanism and
+	  it is easily to be cracked.  Some legacy wireless cards only
+	  support WEP as security protocol, these cards will only
+	  allow to set up AP without authentication or encryption or
+	  using the WEP protocol.</para>
+
+	<para>The wireless device can now be put into hostap mode and
+	  configured with the correct SSID and IP address:</para>
+
+	<screen>&prompt.root; <userinput>ifconfig <replaceable>ath0</replaceable> ssid <replaceable>freebsdap</replaceable> wepmode on weptxkey 3 wepkey 3:0x3456789012 mode 11g mediaopt hostap \
+	inet <replaceable>192.168.0.1</replaceable> netmask <replaceable>255.255.255.0</replaceable></userinput></screen>
+
+	<itemizedlist>
+	  <listitem>
+	    <para>The <literal>weptxkey</literal> means which WEP
+	      key will be used in the transmission.  Here we used the
+	      third key (note that the key numbering starts with
+	      <literal>1</literal>).  This parameter must be specified
+	      to really encrypt the data.</para>
+	  </listitem>
+
+	  <listitem>
+	    <para>The <literal>wepkey</literal> means setting the
+	      selected WEP key.  It should in the format
+	      <replaceable>index:key</replaceable>, if the index is
+	      not given, key <literal>1</literal> is set.  That is
+	      to say we need to set the index if we use keys other
+	      than the first key.</para>
+	  </listitem>
+	</itemizedlist>
+
+	<para>Use again <command>ifconfig</command> to see the status
+	  of the <devicename>ath0</devicename> interface:</para>
+
+	<screen>&prompt.root; <userinput>ifconfig <replaceable>ath0</replaceable></userinput>
+  ath0: flags=8843&lt;UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST&gt; mtu 1500
+	  inet 192.168.0.1 netmask 0xffffff00 broadcast 192.168.0.255
+	  inet6 fe80::211:95ff:fec3:dac%ath0 prefixlen 64 scopeid 0x4
+	  ether 00:11:95:c3:0d:ac
+	  media: IEEE 802.11 Wireless Ethernet autoselect mode 11g &lt;hostap&gt;
+	  status: associated
+	  ssid freebsdap channel 1 bssid 00:11:95:c3:0d:ac
+	  authmode OPEN privacy ON deftxkey 3 wepkey 3:40-bit txpowmax 36 protmode CTS dtimperiod 1 bintval 100</screen>
+
+	<para>From another wireless machine, it is possible to initiate
+	  a scan to find the AP:</para>
+
+	<screen>&prompt.root; <userinput>ifconfig <replaceable>ath0</replaceable> up scan</userinput>
+SSID            BSSID              CHAN RATE  S:N   INT CAPS
+freebsdap       00:11:95:c3:0d:ac    1   54M 22:1   100 EPS</screen>
+
+	<para>The client machine found the Access Point and can be
+	  associated with it using the correct parameters (key, etc.),
+	  see <xref linkend="network-wireless-wep"> for more
+	  details.</para>
+      </sect3>
+    </sect2>
+
     <sect2>
       <title>Troubleshooting</title>
 

==== //depot/projects/dtrace/doc/zh_TW.Big5/books/handbook/advanced-networking/chapter.sgml#3 (text+ko) ====

@@ -1,74 +1,78 @@
 <!--
      The FreeBSD Documentation Project
 
-     $FreeBSD: doc/zh_TW.Big5/books/handbook/advanced-networking/chapter.sgml,v 1.2 2006/01/31 01:31:01 vanilla Exp $
-     Original revision: 1.376
+     $FreeBSD: doc/zh_TW.Big5/books/handbook/advanced-networking/chapter.sgml,v 1.3 2007/11/24 16:37:17 chinsan Exp $
+     Original revision: 1.402
 -->
 
 <chapter id="advanced-networking">
-  <title>Advanced Networking</title>
+  <title>�����i���m�\��</title>
 
   <sect1 id="advanced-networking-synopsis">
-    <title>Synopsis</title>
+    <title>���z</title>
 
-    <para>This chapter will cover a number of advanced networking
-      topics.</para>
+    <para>�����N���Ф@�Ƕi���������]�w�D�D�C</para>
 
-    <para>After reading this chapter, you will know:</para>
+    <para>Ū���o���A�z�N�F�ѡG</para>
 
     <itemizedlist>
       <listitem>
-	<para>The basics of gateways and routes.</para>
+	<para>gateway(�h�D)�� route(����)�������C</para>
+      </listitem>
+
+      <listitem>
+	<para>�p��]�w IEEE 802.11 �H���Ū�(&bluetooth;)�]�ơC</para>
       </listitem>
 
       <listitem>
-	<para>How to set up IEEE 802.11 and &bluetooth; devices.</para>
+	<para>�p��H FreeBSD �@�� bridge(����)�C</para>
       </listitem>
 
       <listitem>
-	<para>How to make FreeBSD act as a bridge.</para>
+	<para>�p�󬰵L�Шt�γ]�w�����}���C</para>
       </listitem>
 
       <listitem>
-	<para>How to set up network booting on a diskless machine.</para>
+	<para>�p��]�w NAT(Network Address Translation)�C</para>
       </listitem>
 
       <listitem>
-	<para>How to set up network address translation.</para>
+	<para>�p��z�L PLIP �覡�ӳs����x�q���C</para>
       </listitem>
 
       <listitem>
-	<para>How to connect two computers via PLIP.</para>
+	<para>�p��b FreeBSD ���]�w IPv6�C</para>
       </listitem>
 
       <listitem>
-	<para>How to set up IPv6 on a FreeBSD machine.</para>
+	<para>�p��]�w ATM�C</para>
       </listitem>
 
       <listitem>
-	<para>How to configure ATM.</para>
+	<para>�p��h���� &os; �� CARP(Common Access Redundancy Protocol)�\��
+	  �C</para>
       </listitem>
     </itemizedlist>
 
-    <para>Before reading this chapter, you should:</para>
+    <para>�b�}�l�\Ū�o�����e�A�z�ݭn�J</para>
 
     <itemizedlist>
       <listitem>
-	<para>Understand the basics of the <filename>/etc/rc</filename> scripts.</para>
+	<para>�A�� <filename>/etc/rc</filename> ���� script �������C</para>
       </listitem>
 
       <listitem>
-	<para>Be familiar with basic network terminology.</para>
+	<para>���x�򥻱`�Ϊ������N�y�C</para>
       </listitem>
 
       <listitem>
-        <para>Know how to configure and install a new FreeBSD kernel
-          (<xref linkend="kernelconfig">).</para>
+        <para>���D�p��]�w�B�w�˷s�� FreeBSD kernel (<xref
+	linkend="kernelconfig">)�C</para>
       </listitem>
 
       <listitem>
-      <para>Know how to install additional third-party
-        software (<xref linkend="ports">).</para>
+	<para>���D�p��z�L port/package �w�˳n�� (<xref linkend="ports">)
+	  �C</para>
       </listitem>
 
     </itemizedlist>
@@ -89,28 +93,25 @@
     <indexterm><primary>routing</primary></indexterm>
     <indexterm><primary>gateway</primary></indexterm>
     <indexterm><primary>subnet</primary></indexterm>
-    <para>For one machine to be able to find another over a network,
-      there must be a mechanism in place to describe how to get from
-      one to the other.  This is called
-      <firstterm>routing</firstterm>.  A <quote>route</quote> is a
-      defined pair of addresses: a <quote>destination</quote> and a
-      <quote>gateway</quote>.  The pair indicates that if you are
-      trying to get to this <emphasis>destination</emphasis>,
-      communicate through this <emphasis>gateway</emphasis>.  There
-      are three types of destinations: individual hosts, subnets, and
-      <quote>default</quote>.  The <quote>default route</quote> is
-      used if none of the other routes apply.  We will talk a little
-      bit more about default routes later on.  There are also three
-      types of gateways: individual hosts, interfaces (also called
-      <quote>links</quote>), and Ethernet hardware addresses (MAC
-      addresses).
-    </para>
+    <para>���F���@���q������t�@���q���A�]�����ݭn���@�ؾ���A
+      ���o���q�����D�ӫ�򰵡A�o�Ӿ���N�O���ѿ��
+      (<firstterm>routing</firstterm>)�C
+      �@������(<quote>route</quote>)�O�Ѥ@���}�ҩw�q���G�@�ӬO
+      <quote>�ت��a(destination)</quote>�H�Υt�@�ӫh�O�h�D
+      (<quote>gateway</quote>)�C
+      �o���}���ܭn�e��<emphasis>�ت��a</emphasis>���ʥ]�A
+      �����g�L<emphasis>�h�D</emphasis>�C
+      �ت��a�����T�������G�D���B�l����(subnet)�B�w�]����(
+      <quote>default route</quote>�C  �Y���S���䥦�����ѥi�H�ϥΡA
+      �o�ɴN�|�ϥιw�]���ѡA�y��ڭ̷|��w�]���ѧ@�i�@�B�������C  ���~�A
+      �h�D�]�i�����T�������G�D���B�ǿ餶��(interface�A�]�٬�
+      <quote>links</quote>)�B�A�Ӻ����w���}(MAC addresses)�C</para>
 
     <sect2>
-      <title>An Example</title>
+      <title>�d��</title>
 
-      <para>To illustrate different aspects of routing, we will use the
-	following example from <command>netstat</command>:</para>
+      <para>���F��K�������P���������ѿ��(routing)�A�H�U�ϥ�
+	<command>netstat</command> ���O�����G�@�����нd�ҡG</para>
 
       <screen>&prompt.user; <userinput>netstat -r</userinput>
 Routing tables
@@ -659,554 +660,1447 @@
   <sect1 id="network-wireless">
     <sect1info>
       <authorgroup>
-        <author>
-          <firstname>Eric</firstname>
-          <surname>Anderson</surname>
-          <contrib>Written by </contrib>
-        </author>
+	<author>
+	  <othername>Loader</othername>
+	</author>
+
+	<author>
+	  <firstname>Marc</firstname>
+	  <surname>Fonvieille</surname>
+	</author>
+
+	<author>
+	  <firstname>Murray</firstname>
+	  <surname>Stokely</surname>
+	</author>
       </authorgroup>
     </sect1info>
     <title>Wireless Networking</title>
 
-   <indexterm><primary>wireless networking</primary></indexterm>
-   <indexterm>
-     <primary>802.11</primary>
-     <see>wireless networking</see>
-   </indexterm>
+    <indexterm><primary>wireless networking</primary></indexterm>
+    <indexterm>
+      <primary>802.11</primary>
+      <see>wireless networking</see>
+    </indexterm>
+
+    <sect2>
+      <title>Wireless Networking Basics</title>
+
+      <para>Most wireless networks are based on the IEEE 802.11
+	standards.  A basic wireless network consists of multiple
+	stations communicating with radios that broadcast in either
+	the 2.4GHz or 5GHz band (though this varies according to the
+	locale and is also changing to enable communication in the
+	2.3GHz and 4.9GHz ranges).</para>
+
+      <para>802.11 networks are organized in two ways: in
+	<emphasis>infrastructure mode</emphasis> one station acts as a
+	master with all the other stations associating to it; the
+	network is known as a BSS and the master station is termed an
+	access point (AP).  In a BSS all communication passes through
+	the AP; even when one station wants to communicate with
+	another wireless station messages must go through the AP.  In
+	the second form of network there is no master and stations
+	communicate directly.  This form of network is termed an IBSS
+	and is commonly known as an <emphasis>ad-hoc
+	network</emphasis>.</para>
+
+      <para>802.11 networks were first deployed in the 2.4GHz band
+	using protocols defined by the IEEE 802.11 and 802.11b
+	standard.  These specifications include the operating
+	frequencies, MAC layer characteristics including framing and
+	transmission rates (communication can be done at various
+	rates).  Later the 802.11a standard defined operation in the
+	5GHz band, including different signalling mechanisms and
+	higher transmission rates.  Still later the 802.11g standard
+	was defined to enable use of 802.11a signalling and
+	transmission mechanisms in the 2.4GHz band in such a way as to
+	be backwards compatible with 802.11b networks.</para>
+
+      <para>Separate from the underlying transmission techniques
+	802.11 networks have a variety of security mechanisms.  The
+	original 802.11 specifications defined a simple security
+	protocol called WEP. This protocol uses a fixed pre-shared key
+	and the RC4 cryptographic cipher to encode data transmitted on
+	a network.  Stations must all agree on the fixed key in order
+	to communicate.  This scheme was shown to be easily broken and
+	is now rarely used except to discourage transient users from
+	joining networks.  Current security practice is given by the
+	IEEE 802.11i specification that defines new cryptographic
+	ciphers and an additional protocol to authenticate stations to
+	an access point and exchange keys for doing data
+	communication.  Further, cryptographic keys are periodically
+	refreshed and there are mechanisms for detecting intrusion
+	attempts (and for countering intrusion attempts).  Another
+	security protocol specification commonly used in wireless
+	networks is termed WPA.  This was a precursor to 802.11i
+	defined by an industry group as an interim measure while
+	waiting for 802.11i to be ratified.  WPA specifies a subset of
+	the requirements found in 802.11i and is designed for
+	implementation on legacy hardware.  Specifically WPA requires
+	only the TKIP cipher that is derived from the original WEP
+	cipher.  802.11i permits use of TKIP but also requires support
+	for a stronger cipher, AES-CCM, for encrypting data.  (The AES
+	cipher was not required in WPA because it was deemed too
+	computationally costly to be implemented on legacy
+	hardware.)</para>
+
+      <para>Other than the above protocol standards the other
+	important standard to be aware of is 802.11e.  This defines
+	protocols for deploying multi-media applications such as
+	streaming video and voice over IP (VoIP) in an 802.11 network.
+	Like 802.11i, 802.11e also has a precursor specification
+	termed WME (later renamed WMM) that has been defined by an
+	industry group as a subset of 802.11e that can be deployed now
+	to enable multi-media applications while waiting for the final
+	ratification of 802.11e.  The most important thing to know
+	about 802.11e and WME/WMM is that it enables prioritized
+	traffic use of a wireless network through Quality of Service
+	(QoS) protocols and enhanced media access protocols.  Proper
+	implementation of these protocols enable high speed bursting
+	of data and prioritized traffic flow.</para>
+
+      <para>Since the 6.0 version, &os; supports networks that operate
+	using 802.11a, 802.11b, and 802.11g.  The WPA and 802.11i
+	security protocols are likewise supported (in conjunction with
+	any of 11a, 11b, and 11g) and QoS and traffic prioritization
+	required by the WME/WMM protocols are supported for a limited
+	set of wireless devices.</para>
+    </sect2>
+
+    <sect2 id="network-wireless-basic">
+      <title>Basic Setup</title>
+
+      <sect3>
+	<title>Kernel Configuration</title>
+
+	<para>To use wireless networking you need a wireless
+	  networking card and to configure the kernel with the
+	  appropriate wireless networking support.  The latter is
+	  separated into multiple modules so that you only need to
+	  configure the software you are actually going to use.</para>
+
+	<para>The first thing you need is a wireless device.  The most
+	  commonly used devices are those that use parts made by
+	  Atheros.  These devices are supported by the &man.ath.4;
+	  driver and require the following line to be added to the
+	  <filename>/boot/loader.conf</filename> file:</para>
+
+	<programlisting>if_ath_load="YES"</programlisting>
+
+	<para>The Atheros driver is split up into three separate
+	  pieces: the driver proper (&man.ath.4;), the hardware
+	  support layer that handles chip-specific functions
+	  (&man.ath.hal.4;), and an algorithm for selecting which of
+	  several possible rates for transmitting frames
+	  (ath_rate_sample here).  When you load this support as
+	  modules these dependencies are automatically handled for
+	  you.  If instead of an Atheros device you had another device
+	  you would select the module for that device; e.g.:</para>
+
+	<programlisting>if_wi_load="YES"</programlisting>
+
+	<para>for devices based on the Intersil Prism parts
+	  (&man.wi.4; driver).</para>
+
+	<note>
+	  <para>In the rest of this document, we will use an
+	    &man.ath.4; device, the device name in the examples must
+	    be changed according to your configuration.  A list of
+	    available wireless drivers can be found at the beginning
+	    of the &man.wlan.4; manual page.  If a native &os; driver
+	    for your wireless device does not exist, it may be
+	    possible to directly use the &windows; driver with the
+	    help of the <link
+	    linkend="config-network-ndis">NDIS</link> driver
+	    wrapper.</para>
+	</note>
+
+	<para>With a device driver configured you need to also bring
+	  in the 802.11 networking support required by the driver.
+	  For the &man.ath.4; driver this is at least the &man.wlan.4;
+	  module; this module is automatically loaded with the
+	  wireless device driver.  With that you will need the modules
+	  that implement cryptographic support for the security
+	  protocols you intend to use.  These are intended to be
+	  dynamically loaded on demand by the &man.wlan.4; module but
+	  for now they must be manually configured.  The following
+	  modules are available: &man.wlan.wep.4;, &man.wlan.ccmp.4;
+	  and &man.wlan.tkip.4;.  Both &man.wlan.ccmp.4; and
+	  &man.wlan.tkip.4; drivers are only needed if you intend to
+	  use the WPA and/or 802.11i security protocols.  If your
+	  network is to run totally open (i.e., with no encryption)
+	  then you do not even need the &man.wlan.wep.4; support.  To
+	  load these modules at boot time, add the following lines to
+	  <filename>/boot/loader.conf</filename>:</para>
+
+	<programlisting>wlan_wep_load="YES"
+wlan_ccmp_load="YES"
+wlan_tkip_load="YES"</programlisting>
+
+	<para>With this information in the system bootstrap
+	  configuration file (i.e.,
+	  <filename>/boot/loader.conf</filename>), you have to reboot
+	  your &os; box.  If you do not want to reboot your machine
+	  for the moment, you can just load the modules by hand using
+	  &man.kldload.8;.</para>
+
+	<note>
+	  <para>If you do not want to use modules, it is possible to
+	    compile these drivers into the kernel by adding the
+	    following lines to your kernel configuration file:</para>
+
+	  <programlisting>device ath               # Atheros IEEE 802.11 wireless network driver
+device ath_hal           # Atheros Hardware Access Layer
+device ath_rate_sample   # John Bicket's SampleRate control algorithm.
+device wlan              # 802.11 support (Required)
+device wlan_wep          # WEP crypto support for 802.11 devices
+device wlan_ccmp         # AES-CCMP crypto support for 802.11 devices
+device wlan_tkip         # TKIP and Michael crypto support for 802.11 devices</programlisting>
+
+	  <para>With this information in the kernel configuration
+	    file, recompile the kernel and reboot your &os;
+	    machine.</para>
+	</note>
+
+	<para>When the system is up, we could find some information
+	  about the wireless device in the boot messages, like
+	  this:</para>
+
+	<screen>ath0: &lt;Atheros 5212&gt; mem 0xff9f0000-0xff9fffff irq 17 at device 2.0 on pci2
+ath0: Ethernet address: 00:11:95:d5:43:62
+ath0: mac 7.9 phy 4.5 radio 5.6</screen>
+      </sect3>
+    </sect2>
+
+    <sect2>
+      <title>Infrastructure Mode</title>
+
+      <para>The infrastructure mode or BSS mode is the mode that is
+	typically used.  In this mode, a number of wireless access
+	points are connected to a wired network.  Each wireless
+	network has its own name, this name is called the SSID of the
+	network.  Wireless clients connect to the wireless access
+	points.</para>
+
+      <sect3>
+	<title>&os; Clients</title>
+
+	<sect4>
+	  <title>How to Find Access Points</title>
+
+	  <para>To scan for networks, use the
+	    <command>ifconfig</command> command.  This request may
+	    take a few moments to complete as it requires that the
+	    system switches to each available wireless frequency and
+	    probes for available access points.  Only the super-user
+	    can initiate such a scan:</para>
+
+	  <screen>&prompt.root; <userinput>ifconfig <replaceable>ath0</replaceable> up scan</userinput>
+SSID            BSSID              CHAN RATE  S:N   INT CAPS
+dlinkap         00:13:46:49:41:76    6   54M 29:0   100 EPS  WPA WME
+freebsdap       00:11:95:c3:0d:ac    1   54M 22:0   100 EPS  WPA</screen>
+
+	  <note>
+	    <para>You must mark the interface <option>up</option>
+	      before you can scan.  Subsequent scan requests do not
+	      require you to mark the interface up again.</para>
+	  </note>
+
+	  <para>The output of a scan request lists each BSS/IBSS
+	    network found.  Beside the name of the network,
+	    <literal>SSID</literal>, we find the
+	    <literal>BSSID</literal> which is the MAC address of the
+	    access point.  The <literal>CAPS</literal> field
+	    identifies the type of each network and the capabilities
+	    of the stations operating there:</para>
+
+	  <variablelist>
+	    <varlistentry>
+	      <term><literal>E</literal></term>
+
+	      <listitem>
+		<para>Extended Service Set (ESS).  Indicates that the
+		  station is part of an infrastructure network (in
+		  contrast to an IBSS/ad-hoc network).</para>
+	      </listitem>
+	    </varlistentry>
+
+	    <varlistentry>
+	      <term><literal>I</literal></term>
+
+	      <listitem>
+		<para>IBSS/ad-hoc network.  Indicates that the station
+		  is part of an ad-hoc network (in contrast to an ESS
+		  network).</para>
+	      </listitem>
+	    </varlistentry>
+
+	    <varlistentry>
+	      <term><literal>P</literal></term>
+
+	      <listitem>
+		<para>Privacy.  Data confidentiality is required for
+		  all data frames exchanged within the BSS.  This means
+		  that this BSS requires the station to use
+		  cryptographic means such as WEP, TKIP or AES-CCMP to
+		  encrypt/decrypt data frames being exchanged with
+		  others.</para>
+	      </listitem>
+	    </varlistentry>
+
+	    <varlistentry>
+	      <term><literal>S</literal></term>
+
+	      <listitem>
+		<para>Short Preamble.  Indicates that the network is
+		  using short preambles (defined in 802.11b High
+		  Rate/DSSS PHY, short preamble utilizes a 56 bit sync
+		  field in contrast to a 128 bit field used in long
+		  preamble mode).</para>
+	      </listitem>
+	    </varlistentry>
+
+	    <varlistentry>
+	      <term><literal>s</literal></term>
+
+	      <listitem>
+		<para>Short slot time.  Indicates that the 802.11g
+		  network is using a short slot time because there are
+		  no legacy (802.11b) stations present.</para>
+	      </listitem>
+	    </varlistentry>
+	  </variablelist>
+
+	  <para>One can also display the current list of known
+	    networks with:</para>
+
+	  <screen>&prompt.root; <userinput>ifconfig <replaceable>ath0</replaceable> list scan</userinput></screen>
+
+	  <para>This information may be updated automatically by the
+	    adapter or manually with a <option>scan</option> request.
+	    Old data is automatically removed from the cache, so over
+	    time this list may shrink unless more scans are
+	    done.</para>
+	</sect4>
+
+	<sect4>
+	  <title>Basic Settings</title>
+
+	  <para>This section provides a simple example of how to make
+	    the wireless network adapter work in &os; without
+	    encryption.  After you are familiar with these concepts,
+	    we strongly recommend using <link
+	    linkend="network-wireless-wpa">WPA</link> to set up your
+	    wireless network.</para>
+
+	  <para>There are three basic steps to configure a wireless
+	    network: selecting an access point, authenticating your
+	    station, and configuring an IP address.  The following
+	    sections discuss each step.</para>
+
+	  <sect5>
+	    <title>Selecting an Access Point</title>
+
+	    <para>Most of time it is sufficient to let the system
+	      choose an access point using the builtin heuristics.
+	      This is the default behaviour when you mark an interface
+	      up or otherwise configure an interface by listing it in
+	      <filename>/etc/rc.conf</filename>, e.g.:</para>
+
+	    <programlisting>ifconfig_ath0="DHCP"</programlisting>
+
+	    <para>If there are multiple access points and you want to
+	      select a specific one, you can select it by its
+	      SSID:</para>
+
+	    <programlisting>ifconfig_ath0="ssid <replaceable>your_ssid_here</replaceable> DHCP"</programlisting>
+
+	    <para>In an environment where there are multiple access
+	      points with the same SSID (often done to simplify
+	      roaming) it may be necessary to associate to one
+	      specific device.  In this case you can also specify the
+	      BSSID of the access point (you can also leave off the
+	      SSID):</para>
+
+	    <programlisting>ifconfig_ath0="ssid <replaceable>your_ssid_here</replaceable> bssid <replaceable>xx:xx:xx:xx:xx:xx</replaceable> DHCP"</programlisting>
+
+	    <para>There are other ways to constrain the choice of an
+	      access point such as limiting the set of frequencies the
+	      system will scan on.  This may be useful if you have a
+	      multi-band wireless card as scanning all the possible
+	      channels can be time-consuming.  To limit operation to a
+	      specific band you can use the <option>mode</option>
+	      parameter; e.g.:</para>
+
+	    <programlisting>ifconfig_ath0="mode <replaceable>11g</replaceable> ssid <replaceable>your_ssid_here</replaceable> DHCP"</programlisting>
+
+	    <para>will force the card to operate in 802.11g which is
+	      defined only for 2.4GHz frequencies so any 5GHz channels
+	      will not be considered.  Other ways to do this are the
+	      <option>channel</option> parameter, to lock operation to
+	      one specific frequency, and the
+	      <option>chanlist</option> parameter, to specify a list
+	      of channels for scanning.  More information about these
+	      parameters can be found in the &man.ifconfig.8; manual
+	      page.</para>
+	  </sect5>
+
+	  <sect5>
+	    <title>Authentication</title>
+
+	    <para>Once you have selected an access point your station
+	      needs to authenticate before it can pass data.
+	      Authentication can happen in several ways.  The most
+	      common scheme used is termed open authentication and
+	      allows any station to join the network and communicate.
+	      This is the authentication you should use for test
+	      purpose the first time you set up a wireless network.
+	      Other schemes require cryptographic handshakes be
+	      completed before data traffic can flow; either using
+	      pre-shared keys or secrets, or more complex schemes that
+	      involve backend services such as RADIUS.  Most users
+	      will use open authentication which is the default
+	      setting.  Next most common setup is WPA-PSK, also known
+	      as WPA Personal, which is described <link
+	      linkend="network-wireless-wpa-wpa-psk">below</link>.</para>
+
+	    <note>
+	      <para>If you have an &apple; &airport; Extreme base
+		station for an access point you may need to configure
+		shared-key authentication together with a WEP key.
+		This can be done in the
+		<filename>/etc/rc.conf</filename> file or using the
+		&man.wpa.supplicant.8; program.  If you have a single
+		&airport; base station you can setup access with
+		something like:</para>
+
+	      <programlisting>ifconfig_ath0="authmode shared wepmode on weptxkey <replaceable>1</replaceable> wepkey <replaceable>01234567</replaceable> DHCP"</programlisting>
+
+	      <para>In general shared key authentication is to be
+		avoided because it uses the WEP key material in a
+		highly-constrained manner making it even easier to
+		crack the key.  If WEP must be used (e.g., for
+		compatibility with legacy devices) it is better to use
+		WEP with <literal>open</literal> authentication.  More
+		information regarding WEP can be found in the <xref
+		linkend="network-wireless-wep">.</para>
+	    </note>
+	  </sect5>
+
+	  <sect5>
+	    <title>Getting an IP Address with DHCP</title>
+
+	    <para>Once you have selected an access point and set the
+	      authentication parameters, you will have to get an IP
+	      address to communicate.  Most of time you will obtain
+	      your wireless IP address via DHCP.  To achieve that,
+	      simply edit <filename>/etc/rc.conf</filename> and add
+	      <literal>DHCP</literal> to the configuration for your
+	      device as shown in various examples above:</para>
+
+	    <programlisting>ifconfig_ath0="DHCP"</programlisting>
+
+	    <para>At this point, you are ready to bring up the
+	      wireless interface:</para>
+
+	    <screen>&prompt.root; <userinput>/etc/rc.d/netif start</userinput></screen>
+
+	    <para>Once the interface is running, use
+	      <command>ifconfig</command> to see the status of the
+	      interface <devicename>ath0</devicename>:</para>
+
+	    <screen>&prompt.root; <userinput>ifconfig <replaceable>ath0</replaceable></userinput>
+ath0: flags=8843&lt;UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST&gt; mtu 1500
+        inet6 fe80::211:95ff:fed5:4362%ath0 prefixlen 64 scopeid 0x1
+        inet 192.168.1.100 netmask 0xffffff00 broadcast 192.168.1.255
+        ether 00:11:95:d5:43:62
+        media: IEEE 802.11 Wireless Ethernet autoselect (OFDM/54Mbps)
+        status: associated
+        ssid dlinkap channel 6 bssid 00:13:46:49:41:76
+        authmode OPEN privacy OFF txpowmax 36 protmode CTS bintval 100</screen>
+
+	    <para>The <literal>status: associated</literal> means you

>>> TRUNCATED FOR MAIL (1000 lines) <<<