From nobody@FreeBSD.org  Tue May 31 04:44:39 2011
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 64FF3106566B
	for <freebsd-gnats-submit@FreeBSD.org>; Tue, 31 May 2011 04:44:39 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from red.freebsd.org (red.freebsd.org [IPv6:2001:4f8:fff6::22])
	by mx1.freebsd.org (Postfix) with ESMTP id 540D38FC08
	for <freebsd-gnats-submit@FreeBSD.org>; Tue, 31 May 2011 04:44:39 +0000 (UTC)
Received: from red.freebsd.org (localhost [127.0.0.1])
	by red.freebsd.org (8.14.4/8.14.4) with ESMTP id p4V4idhH090900
	for <freebsd-gnats-submit@FreeBSD.org>; Tue, 31 May 2011 04:44:39 GMT
	(envelope-from nobody@red.freebsd.org)
Received: (from nobody@localhost)
	by red.freebsd.org (8.14.4/8.14.4/Submit) id p4V4icx0090899;
	Tue, 31 May 2011 04:44:38 GMT
	(envelope-from nobody)
Message-Id: <201105310444.p4V4icx0090899@red.freebsd.org>
Date: Tue, 31 May 2011 04:44:38 GMT
From: Ben Kaduk <kaduk@mit.edu>
To: freebsd-gnats-submit@FreeBSD.org
Subject: grammar and style nits in ipfw.8
X-Send-Pr-Version: www-3.1
X-GNATS-Notify:

>Number:         157452
>Category:       docs
>Synopsis:       [patch] grammar and style nits in ipfw.8
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    bjk
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          doc-bug
>Submitter-Id:   current-users
>Arrival-Date:   Tue May 31 04:50:09 UTC 2011
>Closed-Date:    Tue Sep 18 16:00:35 UTC 2012
>Last-Modified:  Tue Sep 18 16:10:05 UTC 2012
>Originator:     Ben Kaduk
>Release:        9-current
>Organization:
MIT SIPB
>Environment:
n/a
>Description:
A recent commit to ipfw.8 caused me to notice a couple of grammar errors; looking at the source also revealed some style bugs as well.
I attach two patches, one whitespace-only to start new sentences on new lines, wrap long lines, and remove trailing whitespace.  The other has the actual content changes.
>How-To-Repeat:
man 8 ipfw and look for 'fib'.
>Fix:


Patch attached with submission follows:

--- ipfw.8.orig	2011-05-30 19:37:52.000000000 -0400
+++ ipfw.8.whitespace	2011-05-30 20:05:35.000000000 -0400
@@ -234,7 +234,8 @@
 When listing a table (see the
 .Sx LOOKUP TABLES
 section below for more information on lookup tables), format values
-as IP addresses. By default, values are shown as integers.
+as IP addresses.
+By default, values are shown as integers.
 .It Fl n
 Only check syntax of the command strings, without actually passing
 them to the kernel.
@@ -566,7 +567,8 @@
 .Xr bpf 4
 attached to the
 .Li ipfw0
-pseudo interface. There is no overhead if no 
+pseudo interface.
+There is no overhead if no 
 .Xr bpf 4
 is attached to the pseudo interface.
 .Pp
@@ -880,23 +882,29 @@
 Processing continues at the next rule.
 It is possible to use the 
 .Cm tablearg
-keyword with a setfib. If tablearg value is not within compiled FIB range packet fib is set to 0.
+keyword with a setfib.
+If tablearg value is not within compiled FIB range packet fib is set to 0.
 .It Cm reass
 Queue and reassemble ip fragments.
-If the packet is not fragmented, counters are updated and processing continues with the next rule.
+If the packet is not fragmented, counters are
+updated and processing continues with the next rule.
 If the packet is the last logical fragment, the packet is reassembled and, if
 .Va net.inet.ip.fw.one_pass
-is set to 0, processing continues with the next rule, else packet is allowed to pass and search terminates.
-If the packet is a fragment in the middle, it is consumed and processing stops immediately.
+is set to 0, processing continues with the next rule,
+else packet is allowed to pass and search terminates.
+If the packet is a fragment in the middle, it is
+consumed and processing stops immediately.
 .Pp
 Fragments handling can be tuned via
 .Va net.inet.ip.maxfragpackets
 and
 .Va net.inet.ip.maxfragsperpacket
-which limit, respectively, the maximum number of processable fragments (default: 800) and
+which limit, respectively, the maximum number of
+processable fragments (default: 800) and
 the maximum number of fragments per packet (default: 16).
 .Pp
-NOTA BENE: since fragments do not contain port numbers, they should be avoided with the
+NOTA BENE: since fragments do not contain port numbers,
+they should be avoided with the
 .Nm reass
 rule.
 Alternatively, direction-based (like 
@@ -1516,7 +1524,8 @@
 .It Cm sockarg
 Matches packets that are associated to a local socket and
 for which the SO_USER_COOKIE socket option has been set
-to a non-zero value. As a side effect, the value of the
+to a non-zero value.
+As a side effect, the value of the
 option is made available as
 .Cm tablearg
 value, which in turn can be used as
@@ -1731,7 +1740,8 @@
 When used with the
 .Cm skipto
 action, the user should be aware that the code will walk the ruleset
-up to a rule equal to, or past, the given number, and should therefore try keep the
+up to a rule equal to, or past, the given number,
+and should therefore try keep the
 ruleset compact between the skipto and the target rules. 
 .Sh SETS OF RULES
 Each rule belongs to one of 32 different
@@ -1939,10 +1949,12 @@
 for each /24 destination subnet.
 .Pp
 The FLOW_MASK, together with the SCHED_MASK, is used to split
-packets into flows. As an example, using
+packets into flows.
+As an example, using
 ``src-ip 0x000000ff''
 together with the previous SCHED_MASK makes a flow for
-each individual source address. In turn, flows for each /24
+each individual source address.
+In turn, flows for each /24
 subnet will be sent to the same scheduler instance.
 .Pp
 The above diagram holds even for the
@@ -2065,7 +2077,8 @@
 the use of the channel, MAC level retransmissions and so on.
 From our point of view, the channel is effectively unavailable
 for this extra time, which is constant or variable depending
-on the link type. Additionally, packets may be dropped after this
+on the link type.
+Additionally, packets may be dropped after this
 time (e.g. on a wireless link after too many retransmissions).
 We can model the additional delay with an empirical curve
 that represents its distribution.
@@ -2166,7 +2179,8 @@
 .It Cm wf2qp
 implements the WF2Q+ algorithm, which is a Weighted Fair Queueing
 algorithm which permits flows to share bandwidth according to
-their weights. Note that weights are not priorities; even a flow
+their weights.
+Note that weights are not priorities; even a flow
 with a minuscule weight will never starve.
 WF2Q+ has O(log N) per-packet processing cost, where N is the number
 of flows, and is the default algorithm used by previous versions
@@ -2515,7 +2529,7 @@
 Defines the maximum number of chunks in an SCTP packet that will be parsed for a
 packet that matches an existing association.
 This value is enforced to be greater or equal than 
-.Cm net.inet.ip.alias.sctp.initialising_chunk_proc_limit . 
+.Cm net.inet.ip.alias.sctp.initialising_chunk_proc_limit .
 A high value is
 a DoS risk yet setting too low a value may result in important control chunks in
 the packet not being located and parsed.
@@ -2595,7 +2609,8 @@
 As for other similar sysctl variables, larger values pose a DoS risk.
 .It Va net.inet.ip.alias.sctp.log_level: No 0 
 Level of detail in the system log messages (0 \- minimal, 1 \- event,
-2 \- info, 3 \- detail, 4 \- debug, 5 \- max debug). May be a good
+2 \- info, 3 \- detail, 4 \- debug, 5 \- max debug).
+May be a good
 option in high loss environments.
 .It Va net.inet.ip.alias.sctp.shutdown_time: No 15
 Timeout value while waiting for SHUTDOWN-COMPLETE.
@@ -2614,7 +2629,8 @@
 .El
 .Pp
 This variable is fully dynamic, the new value will be adopted for all newly
-arriving associations, existing associations are treated as they were previously.
+arriving associations, existing associations
+are treated as they were previously.
 Global tracking will decrease the number of collisions within the 
 .Nm nat 
 at a cost
@@ -2622,7 +2638,7 @@
 .Nm nat 
 state
 problems in complex networks with multiple 
-.Nm nats . 
+.Nm nats .
 We recommend not tracking
 global IP addresses, this will still result in a fully functional 
 .Nm nat .
@@ -3152,8 +3168,8 @@
 traffic shaper supported by Akamba Corp.
 .Pp
 The ipfw core (ipfw2) has been completely redesigned and
-reimplemented by Luigi Rizzo in summer 2002. Further
-actions and
+reimplemented by Luigi Rizzo in summer 2002.
+Further actions and
 options have been added by various developer over the years.
 .Pp
 .An -nosplit


>Release-Note:
>Audit-Trail:

From: Benjamin Kaduk <kaduk@MIT.EDU>
To: FreeBSD-gnats-submit@freebsd.org
Cc:  
Subject: Re: docs/157452: grammar and style nits in ipfw.8
Date: Tue, 31 May 2011 00:52:00 -0400 (EDT)

   This message is in MIME format.  The first part should be readable text,
   while the remaining parts are likely unreadable without MIME-aware tools.
 
 ---559023410-520574824-1306817520=:6818
 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
 
 On Tue, 31 May 2011, FreeBSD-gnats-submit@freebsd.org wrote:
 
 >
 > http://www.freebsd.org/cgi/query-pr.cgi?pr=157452
 >
 >> Category:       docs
 >> Responsible:    freebsd-doc
 >> Synopsis:       grammar and style nits in ipfw.8
 
 And here's the second patch.  I change the Xr from setfib(1) to setfib(2) 
 since the latter mentions a "current system maximum" number of fibs; 
 mention of the 16-fib limit to come in a separate PR.
 
 -Ben Kaduk
 ---559023410-520574824-1306817520=:6818
 Content-Type: TEXT/PLAIN; charset=US-ASCII; name=ipfw.8.diff.txt
 Content-Transfer-Encoding: BASE64
 Content-ID: <alpine.GSO.1.10.1105310052000.6818@multics.mit.edu>
 Content-Description: 
 Content-Disposition: attachment; filename=ipfw.8.diff.txt
 
 LS0tIGlwZncuOC53aGl0ZXNwYWNlCTIwMTEtMDUtMzAgMjA6MDU6MzUuMDAw
 MDAwMDAwIC0wNDAwDQorKysgaXBmdy44CTIwMTEtMDUtMzEgMDA6NDA6Mzcu
 MDAwMDAwMDAwIC0wNDAwDQpAQCAtMSw3ICsxLDcgQEANCiAuXCINCiAuXCIg
 JEZyZWVCU0Q6IHNyYy9zYmluL2lwZncvaXBmdy44LHYgMS4yNDYgMjAxMS8w
 NS8zMCAwNTozNzoyNiBhZSBFeHAgJA0KIC5cIg0KLS5EZCBNYXkgMzAsIDIw
 MTENCisuRGQgTWF5IDMxLCAyMDExDQogLkR0IElQRlcgOA0KIC5Pcw0KIC5T
 aCBOQU1FDQpAQCAtODc3LDI1ICs4NzcsMjYgQEANCiBUaGUgcGFja2V0IGlz
 IHRhZ2dlZCBzbyBhcyB0byB1c2UgdGhlIEZJQiAocm91dGluZyB0YWJsZSkN
 CiAuQXIgZmlibnVtDQogaW4gYW55IHN1YnNlcXVlbnQgZm9yd2FyZGluZyBk
 ZWNpc2lvbnMuDQotSW5pdGlhbGx5IHRoaXMgaXMgbGltaXRlZCB0byB0aGUg
 dmFsdWVzIDAgdGhyb3VnaCAxNSwgc2VlDQotLlhyIHNldGZpYiAxIC4NCitJ
 biB0aGUgY3VycmVudCBpbXBsZW1lbnRhdGlvbiwgdGhpcyBpcyBsaW1pdGVk
 IHRvIHRoZSB2YWx1ZXMgMCB0aHJvdWdoIDE1LCBzZWUNCisuWHIgc2V0Zmli
 IDIgLg0KIFByb2Nlc3NpbmcgY29udGludWVzIGF0IHRoZSBuZXh0IHJ1bGUu
 DQogSXQgaXMgcG9zc2libGUgdG8gdXNlIHRoZSANCiAuQ20gdGFibGVhcmcN
 Ci1rZXl3b3JkIHdpdGggYSBzZXRmaWIuDQotSWYgdGFibGVhcmcgdmFsdWUg
 aXMgbm90IHdpdGhpbiBjb21waWxlZCBGSUIgcmFuZ2UgcGFja2V0IGZpYiBp
 cyBzZXQgdG8gMC4NCitrZXl3b3JkIHdpdGggc2V0ZmliLg0KK0lmIHRoZSB0
 YWJsZWFyZyB2YWx1ZSBpcyBub3Qgd2l0aGluIHRoZSBjb21waWxlZCByYW5n
 ZSBvZiBGSUJzLA0KK3RoZSBwYWNrZXQncyBmaWIgaXMgc2V0IHRvIDAuDQog
 Lkl0IENtIHJlYXNzDQotUXVldWUgYW5kIHJlYXNzZW1ibGUgaXAgZnJhZ21l
 bnRzLg0KK1F1ZXVlIGFuZCByZWFzc2VtYmxlIElQIGZyYWdtZW50cy4NCiBJ
 ZiB0aGUgcGFja2V0IGlzIG5vdCBmcmFnbWVudGVkLCBjb3VudGVycyBhcmUN
 CiB1cGRhdGVkIGFuZCBwcm9jZXNzaW5nIGNvbnRpbnVlcyB3aXRoIHRoZSBu
 ZXh0IHJ1bGUuDQogSWYgdGhlIHBhY2tldCBpcyB0aGUgbGFzdCBsb2dpY2Fs
 IGZyYWdtZW50LCB0aGUgcGFja2V0IGlzIHJlYXNzZW1ibGVkIGFuZCwgaWYN
 CiAuVmEgbmV0LmluZXQuaXAuZncub25lX3Bhc3MNCi1pcyBzZXQgdG8gMCwg
 cHJvY2Vzc2luZyBjb250aW51ZXMgd2l0aCB0aGUgbmV4dCBydWxlLA0KLWVs
 c2UgcGFja2V0IGlzIGFsbG93ZWQgdG8gcGFzcyBhbmQgc2VhcmNoIHRlcm1p
 bmF0ZXMuDQotSWYgdGhlIHBhY2tldCBpcyBhIGZyYWdtZW50IGluIHRoZSBt
 aWRkbGUsIGl0IGlzDQoraXMgc2V0IHRvIDAsIHByb2Nlc3NpbmcgY29udGlu
 dWVzIHdpdGggdGhlIG5leHQgcnVsZS4NCitPdGhlcndpc2UsIHRoZSBwYWNr
 ZXQgaXMgYWxsb3dlZCB0byBwYXNzIGFuZCB0aGUgc2VhcmNoIHRlcm1pbmF0
 ZXMuDQorSWYgdGhlIHBhY2tldCBpcyBhIGZyYWdtZW50IGluIHRoZSBtaWRk
 bGUgb2YgYSBsb2dpY2FsIGdyb3VwIG9mIGZyYWdtZW50cywgaXQgaXMNCiBj
 b25zdW1lZCBhbmQgcHJvY2Vzc2luZyBzdG9wcyBpbW1lZGlhdGVseS4NCiAu
 UHANCi1GcmFnbWVudHMgaGFuZGxpbmcgY2FuIGJlIHR1bmVkIHZpYQ0KK0Zy
 YWdtZW50IGhhbmRsaW5nIGNhbiBiZSB0dW5lZCB2aWENCiAuVmEgbmV0Lmlu
 ZXQuaXAubWF4ZnJhZ3BhY2tldHMNCiBhbmQNCiAuVmEgbmV0LmluZXQuaXAu
 bWF4ZnJhZ3NwZXJwYWNrZXQNCg==
 
 ---559023410-520574824-1306817520=:6818--
Responsible-Changed-From-To: freebsd-doc->eadler 
Responsible-Changed-By: eadler 
Responsible-Changed-When: Sun Mar 4 04:31:23 UTC 2012 
Responsible-Changed-Why:  
I'll take it. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=157452 
Responsible-Changed-From-To: eadler->freebsd-doc 
Responsible-Changed-By: eadler 
Responsible-Changed-When: Sun Sep 2 03:09:02 UTC 2012 
Responsible-Changed-Why:  
I won't be looking at this PR for a while and I need to clear some out 
of my queue 

http://www.freebsd.org/cgi/query-pr.cgi?pr=157452 
Responsible-Changed-From-To: freebsd-doc->bjk 
Responsible-Changed-By: bjk 
Responsible-Changed-When: Sat Sep 15 18:55:07 UTC 2012 
Responsible-Changed-Why:  
I am submitter.  Take. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=157452 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: docs/157452: commit references a PR
Date: Tue, 18 Sep 2012 02:33:36 +0000 (UTC)

 Author: bjk (doc committer)
 Date: Tue Sep 18 02:33:23 2012
 New Revision: 240628
 URL: http://svn.freebsd.org/changeset/base/240628
 
 Log:
   Whitespace cleanup for ipfw.8 -- start each sentence on a new line,
   and put a comma after e.g. and i.e..  While here, wrap long lines.
   
   PR:		docs/157452
   Approved by:	hrs (mentor)
 
 Modified:
   head/sbin/ipfw/ipfw.8
 
 Modified: head/sbin/ipfw/ipfw.8
 ==============================================================================
 --- head/sbin/ipfw/ipfw.8	Tue Sep 18 02:19:43 2012	(r240627)
 +++ head/sbin/ipfw/ipfw.8	Tue Sep 18 02:33:23 2012	(r240628)
 @@ -141,7 +141,7 @@ the firewall will have a
  .Em stateful
  behaviour, i.e., upon a match it will create
  .Em dynamic rules ,
 -i.e. rules that match packets with the same 5-tuple
 +i.e., rules that match packets with the same 5-tuple
  (protocol, source and destination addresses and ports)
  as the packet which caused their creation.
  Dynamic rules, which have a limited lifetime, are checked
 @@ -223,14 +223,15 @@ When listing and
  is specified, also show expired dynamic rules.
  .It Fl f
  Do not ask for confirmation for commands that can cause problems
 -if misused,
 -.No i.e. Cm flush .
 +if misused, i.e.,
 +.Cm flush .
  If there is no tty associated with the process, this is implied.
  .It Fl i
  When listing a table (see the
  .Sx LOOKUP TABLES
  section below for more information on lookup tables), format values
 -as IP addresses. By default, values are shown as integers.
 +as IP addresses.
 +By default, values are shown as integers.
  .It Fl n
  Only check syntax of the command strings, without actually passing
  them to the kernel.
 @@ -421,7 +422,7 @@ Keywords are case-sensitive, whereas arg
  or may not be case-sensitive depending on their nature
  (e.g.\& uid's are, hostnames are not).
  .Pp
 -Some arguments (e.g. port or address lists) are comma-separated
 +Some arguments (e.g., port or address lists) are comma-separated
  lists of values.
  In this case, spaces after commas ',' are allowed to make
  the line more readable.
 @@ -873,7 +874,8 @@ Takes rule number saved to internal stac
  action and returns ruleset processing to the first rule
  with number greater than number of corresponding
  .Cm call
 -rule. See description of the
 +rule.
 +See description of the
  .Cm call
  action for more details.
  .Pp
 @@ -960,23 +962,29 @@ Initially this is limited to the values 
  Processing continues at the next rule.
  It is possible to use the
  .Cm tablearg
 -keyword with a setfib. If tablearg value is not within compiled FIB range packet fib is set to 0.
 +keyword with a setfib.
 +If tablearg value is not within compiled FIB range packet fib is set to 0.
  .It Cm reass
  Queue and reassemble ip fragments.
 -If the packet is not fragmented, counters are updated and processing continues with the next rule.
 +If the packet is not fragmented, counters are updated and
 +processing continues with the next rule.
  If the packet is the last logical fragment, the packet is reassembled and, if
  .Va net.inet.ip.fw.one_pass
 -is set to 0, processing continues with the next rule, else packet is allowed to pass and search terminates.
 -If the packet is a fragment in the middle, it is consumed and processing stops immediately.
 +is set to 0, processing continues with the next rule, else packet is
 +allowed to pass and search terminates.
 +If the packet is a fragment in the middle, it is consumed and
 +processing stops immediately.
  .Pp
  Fragments handling can be tuned via
  .Va net.inet.ip.maxfragpackets
  and
  .Va net.inet.ip.maxfragsperpacket
 -which limit, respectively, the maximum number of processable fragments (default: 800) and
 +which limit, respectively, the maximum number of processable
 +fragments (default: 800) and
  the maximum number of fragments per packet (default: 16).
  .Pp
 -NOTA BENE: since fragments do not contain port numbers, they should be avoided with the
 +NOTA BENE: since fragments do not contain port numbers,
 +they should be avoided with the
  .Nm reass
  rule.
  Alternatively, direction-based (like
 @@ -1596,7 +1604,8 @@ This is the short form of
  .It Cm sockarg
  Matches packets that are associated to a local socket and
  for which the SO_USER_COOKIE socket option has been set
 -to a non-zero value. As a side effect, the value of the
 +to a non-zero value.
 +As a side effect, the value of the
  option is made available as
  .Cm tablearg
  value, which in turn can be used as
 @@ -1746,7 +1755,7 @@ connected networks instead of all source
  .El
  .Sh LOOKUP TABLES
  Lookup tables are useful to handle large sparse sets of
 -addresses or other search keys (e.g. ports, jail IDs, interface names).
 +addresses or other search keys (e.g., ports, jail IDs, interface names).
  In the rest of this section we will use the term ``address''.
  There may be up to 65535 different lookup tables, numbered 0 to 65534.
  .Pp
 @@ -1784,7 +1793,8 @@ the routing table (see
  .Xr route 4 ) .
  .Pp
  Lookup tables currently support only ports, jail IDs, IPv4/IPv6  addresses
 -and interface names. Wildcards is not supported for interface names.
 +and interface names.
 +Wildcards is not supported for interface names.
  .Pp
  The
  .Cm tablearg
 @@ -1813,7 +1823,8 @@ Section for example usage of tables and 
  When used with the
  .Cm skipto
  action, the user should be aware that the code will walk the ruleset
 -up to a rule equal to, or past, the given number, and should therefore try keep the
 +up to a rule equal to, or past, the given number,
 +and should therefore try keep the
  ruleset compact between the skipto and the target rules.
  .Sh SETS OF RULES
  Each rule belongs to one of 32 different
 @@ -2021,10 +2032,12 @@ As an example, using ``src-ip 0xffffff00
  for each /24 destination subnet.
  .Pp
  The FLOW_MASK, together with the SCHED_MASK, is used to split
 -packets into flows. As an example, using
 +packets into flows.
 +As an example, using
  ``src-ip 0x000000ff''
  together with the previous SCHED_MASK makes a flow for
 -each individual source address. In turn, flows for each /24
 +each individual source address.
 +In turn, flows for each /24
  subnet will be sent to the same scheduler instance.
  .Pp
  The above diagram holds even for the
 @@ -2143,12 +2156,13 @@ A file specifying the additional overhea
  of a packet on the link.
  .Pp
  Some link types introduce extra delays in the transmission
 -of a packet, e.g. because of MAC level framing, contention on
 +of a packet, e.g., because of MAC level framing, contention on
  the use of the channel, MAC level retransmissions and so on.
  From our point of view, the channel is effectively unavailable
  for this extra time, which is constant or variable depending
 -on the link type. Additionally, packets may be dropped after this
 -time (e.g. on a wireless link after too many retransmissions).
 +on the link type.
 +Additionally, packets may be dropped after this
 +time (e.g., on a wireless link after too many retransmissions).
  We can model the additional delay with an empirical curve
  that represents its distribution.
  .Bd -literal -offset indent
 @@ -2184,7 +2198,7 @@ If not specified here, it must be presen
  explicitly as a configuration parameter for the pipe;
  .It Cm loss-level Ar L
  the probability above which packets are lost.
 -(0.0 <= L <= 1.0, default 1.0 i.e. no loss);
 +(0.0 <= L <= 1.0, default 1.0 i.e., no loss);
  .It Cm samples Ar N
  the number of samples used in the internal
  representation of the curve (2..1024; default 100);
 @@ -2249,7 +2263,8 @@ but gives no service guarantees.
  .It Cm wf2q+
  implements the WF2Q+ algorithm, which is a Weighted Fair Queueing
  algorithm which permits flows to share bandwidth according to
 -their weights. Note that weights are not priorities; even a flow
 +their weights.
 +Note that weights are not priorities; even a flow
  with a minuscule weight will never starve.
  WF2Q+ has O(log N) per-packet processing cost, where N is the number
  of flows, and is the default algorithm used by previous versions
 @@ -2535,7 +2550,8 @@ in
  .Xr natd 8
  for more information.
  .It Cm tablearg
 -Uses argument supplied in lookup table. See
 +Uses argument supplied in lookup table.
 +See
  .Sx LOOKUP TABLES
  section below for more information on lookup tables.
  .El
 @@ -2597,11 +2613,13 @@ or
  before ipfw module gets loaded.
  .Bl -tag -width indent
  .It Va net.inet.ip.fw.default_to_accept: No 0
 -Defines ipfw last rule behavior. This value overrides
 +Defines ipfw last rule behavior.
 +This value overrides
  .Cd "options IPFW_DEFAULT_TO_(ACCEPT|DENY)"
  from kernel configuration file.
  .It Va net.inet.ip.fw.tables_max: No 128
 -Defines number of tables available in ipfw. Number cannot exceed 65534.
 +Defines number of tables available in ipfw.
 +Number cannot exceed 65534.
  .El
  .Sh SYSCTL VARIABLES
  A set of
 @@ -2631,12 +2649,14 @@ Option 1 should never be selected as thi
  An attacker can
  establish multiple fake associations by sending AddIP messages.
  .It Va net.inet.ip.alias.sctp.chunk_proc_limit: No 5
 -Defines the maximum number of chunks in an SCTP packet that will be parsed for a
 +Defines the maximum number of chunks in an SCTP packet that will be
 +parsed for a
  packet that matches an existing association.
  This value is enforced to be greater or equal than
  .Cm net.inet.ip.alias.sctp.initialising_chunk_proc_limit .
  A high value is
 -a DoS risk yet setting too low a value may result in important control chunks in
 +a DoS risk yet setting too low a value may result in
 +important control chunks in
  the packet not being located and parsed.
  .It Va net.inet.ip.alias.sctp.error_on_ootb: No 1
  Defines when the
 @@ -2658,7 +2678,8 @@ This value is only useful if the
  .Nm nat
  is tracking global IP addresses.
  .It Cm 3
 -ErrorM is sent in response to all OOTB packets on both the local and global side
 +ErrorM is sent in response to all OOTB packets on both
 +the local and global side
  (DoS risk).
  .El
  .Pp
 @@ -2709,12 +2730,14 @@ will only be an INIT or ASCONF-AddIP pac
  A higher value may become a DoS
  risk as malformed packets can consume processing resources.
  .It Va net.inet.ip.alias.sctp.param_proc_limit: No 25
 -Defines the maximum number of parameters within a chunk that will be parsed in a
 +Defines the maximum number of parameters within a chunk that will be
 +parsed in a
  packet.
  As for other similar sysctl variables, larger values pose a DoS risk.
  .It Va net.inet.ip.alias.sctp.log_level: No 0
  Level of detail in the system log messages (0 \- minimal, 1 \- event,
 -2 \- info, 3 \- detail, 4 \- debug, 5 \- max debug). May be a good
 +2 \- info, 3 \- detail, 4 \- debug, 5 \- max debug).
 +May be a good
  option in high loss environments.
  .It Va net.inet.ip.alias.sctp.shutdown_time: No 15
  Timeout value while waiting for SHUTDOWN-COMPLETE.
 @@ -2733,7 +2756,8 @@ association is limited to this value
  .El
  .Pp
  This variable is fully dynamic, the new value will be adopted for all newly
 -arriving associations, existing associations are treated as they were previously.
 +arriving associations, existing associations are treated
 +as they were previously.
  Global tracking will decrease the number of collisions within the
  .Nm nat
  at a cost
 @@ -3280,7 +3304,8 @@ Some early work (1999-2000) on the
  traffic shaper supported by Akamba Corp.
  .Pp
  The ipfw core (ipfw2) has been completely redesigned and
 -reimplemented by Luigi Rizzo in summer 2002. Further
 +reimplemented by Luigi Rizzo in summer 2002.
 +Further
  actions and
  options have been added by various developer over the years.
  .Pp
 _______________________________________________
 svn-src-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/svn-src-all
 To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org"
 
State-Changed-From-To: open->closed 
State-Changed-By: bjk 
State-Changed-When: Tue Sep 18 16:00:13 UTC 2012 
State-Changed-Why:  
Committed to HEAD 

http://www.freebsd.org/cgi/query-pr.cgi?pr=157452 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: docs/157452: commit references a PR
Date: Tue, 18 Sep 2012 16:00:59 +0000 (UTC)

 Author: bjk (doc committer)
 Date: Tue Sep 18 16:00:44 2012
 New Revision: 240656
 URL: http://svn.freebsd.org/changeset/base/240656
 
 Log:
   Fix grammar in the portion about FIBs.  Also, cross-reference
   setfib(2) instead of setfib(1) for the 16-FIB limit.
   
   PR:		docs/157452
   Approved by:	hrs (mentor)
 
 Modified:
   head/sbin/ipfw/ipfw.8
 
 Modified: head/sbin/ipfw/ipfw.8
 ==============================================================================
 --- head/sbin/ipfw/ipfw.8	Tue Sep 18 15:38:42 2012	(r240655)
 +++ head/sbin/ipfw/ipfw.8	Tue Sep 18 16:00:44 2012	(r240656)
 @@ -957,25 +957,27 @@ actions.
  The packet is tagged so as to use the FIB (routing table)
  .Ar fibnum
  in any subsequent forwarding decisions.
 -Initially this is limited to the values 0 through 15, see
 -.Xr setfib 1 .
 +In the current implementation, this is limited to the values 0 through 15, see
 +.Xr setfib 2 .
  Processing continues at the next rule.
  It is possible to use the
  .Cm tablearg
 -keyword with a setfib.
 -If tablearg value is not within compiled FIB range packet fib is set to 0.
 +keyword with setfib.
 +If the tablearg value is not within the compiled range of fibs,
 +the packet's fib is set to 0.
  .It Cm reass
 -Queue and reassemble ip fragments.
 +Queue and reassemble IP fragments.
  If the packet is not fragmented, counters are updated and
  processing continues with the next rule.
  If the packet is the last logical fragment, the packet is reassembled and, if
  .Va net.inet.ip.fw.one_pass
 -is set to 0, processing continues with the next rule, else packet is
 -allowed to pass and search terminates.
 -If the packet is a fragment in the middle, it is consumed and
 +is set to 0, processing continues with the next rule.
 +Otherwise, the packet is allowed to pass and the search terminates.
 +If the packet is a fragment in the middle of a logical group of fragments,
 +it is consumed and
  processing stops immediately.
  .Pp
 -Fragments handling can be tuned via
 +Fragment handling can be tuned via
  .Va net.inet.ip.maxfragpackets
  and
  .Va net.inet.ip.maxfragsperpacket
 _______________________________________________
 svn-src-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/svn-src-all
 To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org"
 
>Unformatted:
