From support@theshell.com  Sun Sep 23 14:46:31 2001
Return-Path: <support@theshell.com>
Received: from theshell.com (arsenic.theshell.com [63.236.138.5])
	by hub.freebsd.org (Postfix) with SMTP id E40E337B41D
	for <FreeBSD-gnats-submit@freebsd.org>; Sun, 23 Sep 2001 14:46:30 -0700 (PDT)
Received: (qmail 21281 invoked by uid 0); 23 Sep 2001 21:46:30 -0000
Message-Id: <20010923214630.21280.qmail@theshell.com>
Date: 23 Sep 2001 21:46:30 -0000
From: Peter Avalos <pavalos@theshell.com>
Reply-To: Peter Avalos <pavalos@theshell.com>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: blackhole(4) manpage updates
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         30772
>Category:       docs
>Synopsis:       blackhole(4) manpage updates
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-doc
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          doc-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sun Sep 23 14:50:02 PDT 2001
>Closed-Date:    Mon Oct 15 06:30:55 PDT 2001
>Last-Modified:  Mon Oct 15 06:31:12 PDT 2001
>Originator:     Peter Avalos
>Release:        FreeBSD 4.4-STABLE i386
>Organization:
none
>Environment:
System: FreeBSD arsenic.theshell.com 4.4-STABLE FreeBSD 4.4-STABLE #0: Tue Sep 18 17:29:35 PDT 2001 support@arsenic.theshell.com:/usr/obj/usr/src/sys/ARSENIC i386


	
>Description:
	The blackhole(4) manpage uses the deprecated sysctl -w as an example and it is a bit wordy.
>How-To-Repeat:
>Fix:
behaviour -> behavior
sysctl -w -> sysctl
black hole -> blackhole
remove second-person pronouns (your)
Fix some wordiness.


--- blackhole.4	Tue Aug 14 04:58:07 2001
+++ blackhole.4.new	Sun Sep 23 14:37:51 2001
@@ -19,53 +19,50 @@
 .Nm blackhole
 .Nd a
 .Xr sysctl 8
-MIB for manipulating behaviour in respect of refused TCP or UDP connection
+MIB for manipulating behavior in respect of refused TCP or UDP connection
 attempts
 .Sh SYNOPSIS
-.Cd sysctl net.inet.tcp.blackhole
-.Cd sysctl net.inet.udp.blackhole
-.Pp
-.Cd sysctl -w net.inet.tcp.blackhole=[0 | 1 | 2]
-.Cd sysctl -w net.inet.udp.blackhole=[0 | 1]
+.Cd sysctl net.inet.tcp.blackhole=[0 | 1 | 2]
+.Cd sysctl net.inet.udp.blackhole=[0 | 1]
 .Sh DESCRIPTION
 The
 .Nm
 .Xr sysctl 8
-MIB is used to control system behaviour when connection requests
+MIB is used to control system behavior when connection requests
 are received on TCP or UDP ports where there is no socket listening.
 .Pp
-Normal behaviour, when a TCP SYN segment is received on a port where
+Normal behavior, when a TCP SYN segment is received on a port where
 there is no socket accepting connections, is for the system to return
 a RST segment, and drop the connection.  The connecting system will
-see this as a "Connection reset by peer".  By turning the TCP black
-hole MIB on to a numeric value of one, the incoming SYN segment
+see this as a "Connection reset by peer".  By setting the TCP blackhole
+MIB to a numeric value of one, the incoming SYN segment
 is merely dropped, and no RST is sent, making the system appear
 as a blackhole.  By setting the MIB value to two, any segment arriving
 on a closed port is dropped without returning a RST.  This provides
 some degree of protection against stealth port scans.
 .Pp
-In the UDP instance, enabling blackhole behaviour turns off the sending
+In the UDP instance, enabling blackhole behavior turns off the sending
 of an ICMP port unreachable message in response to a UDP datagram which
 arrives on a port where there is no socket listening.  It must be noted
-that this behaviour will prevent remote systems from running
+that this behavior will prevent remote systems from running
 .Xr traceroute 8
-to your system.
+to a system.
 .Pp
-The blackhole behaviour is useful to slow down anyone who is port scanning
-your system, in order to try and detect vulnerable services on your system.
+The blackhole behavior is useful to slow down anyone who is port scanning
+a system, attempting to detect vulnerable services on a system.
 It could potentially also slow down someone who is attempting a denial
-of service against your system.
+of service attack.
 .Sh WARNING
 The TCP and UDP blackhole features should not be regarded as a replacement
 for
 .Xr ipfw 8
-as a tool for firewalling your system.  In order to create a highly
-secure system, you should use
+as a tool for firewalling a system.  In order to create a highly
+secure system,
 .Xr ipfw 8
-to protect your system, and not the blackhole feature.
+should be used for protection, not the blackhole feature.
 .Pp
-This mechanism is not a substitute for securing your system,
-but should be used together with other security mechanisms.
+This mechanism is not a substitute for securing a system.
+It should be used together with other security mechanisms.
 .Sh SEE ALSO
 .Xr ip 4 ,
 .Xr tcp 4 ,
>Release-Note:
>Audit-Trail:

From: Piet Delport <siberiyan@mweb.co.za>
To: Peter Avalos <pavalos@theshell.com>
Cc: FreeBSD-gnats-submit@freebsd.org
Subject: Re: docs/30772: blackhole(4) manpage updates
Date: Mon, 24 Sep 2001 03:47:35 +0200

 --qMm9M+Fa2AknHoGS
 Content-Type: text/plain; charset=us-ascii
 Content-Disposition: inline
 Content-Transfer-Encoding: quoted-printable
 
 On Sun, 23 Sep 2001 at 21:46:30 +0000, Peter Avalos wrote:
 > >Fix:
 > behaviour -> behavior
 
 In light of this, i'm curious:  Is there any official position on which
 of American or British spelling FreeBSD documentation should use?
 
 --=20
 Piet Delport <siberiyan@mweb.co.za>
 Today's subliminal thought is:
 
 --qMm9M+Fa2AknHoGS
 Content-Type: application/pgp-signature
 Content-Disposition: inline
 
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.0.6 (FreeBSD)
 
 iD8DBQE7rpC2zRUP82sZFCcRAqRpAJ9cYj/5wxuv1f6lGxa0RTK/7QcG0QCcCBoC
 IEmt9AkDbasiV5GNce+OSsw=
 =glnE
 -----END PGP SIGNATURE-----
 
 --qMm9M+Fa2AknHoGS--

From: Dima Dorfman <dima@trit.org>
To: Piet Delport <siberiyan@mweb.co.za>,
	Peter Avalos <pavalos@theshell.com>
Cc: freebsd-gnats-submit@freebsd.org
Subject: Re: docs/30772: blackhole(4) manpage updates 
Date: Sun, 14 Oct 2001 23:35:48 +0000

 Piet Delport <siberiyan@mweb.co.za> wrote:
 >  On Sun, 23 Sep 2001 at 21:46:30 +0000, Peter Avalos wrote:
 >  > >Fix:
 >  > behaviour -> behavior
 >  
 >  In light of this, i'm curious:  Is there any official position on which
 >  of American or British spelling FreeBSD documentation should use?
 
 For documents in the doc/ tree, we use whatever is specified by the
 locale name.  The English documents are delegated as en_US.ISO8859-1,
 so we use US English.
 
 For manual pages, both are acceptable, but it would be nice if just
 one is used (i.e., as long as the word is spelled the same way
 throughout the man page, regardless of whether it's British or US
 spelling, it's okay).  Further, changing a spelling as a matter of
 preference (US vs. British) or otherwise is strongly discouraged, so
 this part of the change is wrong.  The other parts look okay, though,
 so if the submitter could please back that part out, I'll apply this.
 
 Thanks.
 

From: Peter Avalos <pavalos@theshell.com>
To: Dima Dorfman <dima@trit.org>
Cc: Piet Delport <siberiyan@mweb.co.za>,
	freebsd-gnats-submit@freebsd.org
Subject: Re: docs/30772: blackhole(4) manpage updates
Date: Sun, 14 Oct 2001 20:10:28 -0700

 On Sun, Oct 14, 2001 at 04:40:01PM -0700, Dima Dorfman wrote:
 >  For documents in the doc/ tree, we use whatever is specified by the
 >  locale name.  The English documents are delegated as en_US.ISO8859-1,
 >  so we use US English.
 
 	I thought US English was also preferred for manpages. Thanks for
 clearing this up, Dima.
 
 
 --- blackhole.4	Tue Aug 14 04:58:07 2001
 +++ blackhole.4.new	Sun Oct 14 18:44:29 2001
 @@ -22,11 +22,8 @@
  MIB for manipulating behaviour in respect of refused TCP or UDP connection
  attempts
  .Sh SYNOPSIS
 -.Cd sysctl net.inet.tcp.blackhole
 -.Cd sysctl net.inet.udp.blackhole
 -.Pp
 -.Cd sysctl -w net.inet.tcp.blackhole=[0 | 1 | 2]
 -.Cd sysctl -w net.inet.udp.blackhole=[0 | 1]
 +.Cd sysctl net.inet.tcp.blackhole=[0 | 1 | 2]
 +.Cd sysctl net.inet.udp.blackhole=[0 | 1]
  .Sh DESCRIPTION
  The
  .Nm
 @@ -37,8 +34,8 @@
  Normal behaviour, when a TCP SYN segment is received on a port where
  there is no socket accepting connections, is for the system to return
  a RST segment, and drop the connection.  The connecting system will
 -see this as a "Connection reset by peer".  By turning the TCP black
 -hole MIB on to a numeric value of one, the incoming SYN segment
 +see this as a "Connection reset by peer".  By setting the TCP blackhole
 +MIB to a numeric value of one, the incoming SYN segment
  is merely dropped, and no RST is sent, making the system appear
  as a blackhole.  By setting the MIB value to two, any segment arriving
  on a closed port is dropped without returning a RST.  This provides
 @@ -49,23 +46,23 @@
  arrives on a port where there is no socket listening.  It must be noted
  that this behaviour will prevent remote systems from running
  .Xr traceroute 8
 -to your system.
 +to a system.
  .Pp
  The blackhole behaviour is useful to slow down anyone who is port scanning
 -your system, in order to try and detect vulnerable services on your system.
 +a system, attempting to detect vulnerable services on a system.
  It could potentially also slow down someone who is attempting a denial
 -of service against your system.
 +of service attack.
  .Sh WARNING
  The TCP and UDP blackhole features should not be regarded as a replacement
  for
  .Xr ipfw 8
 -as a tool for firewalling your system.  In order to create a highly
 -secure system, you should use
 +as a tool for firewalling a system.  In order to create a highly
 +secure system,
  .Xr ipfw 8
 -to protect your system, and not the blackhole feature.
 +should be used for protection, not the blackhole feature.
  .Pp
 -This mechanism is not a substitute for securing your system,
 -but should be used together with other security mechanisms.
 +This mechanism is not a substitute for securing a system.
 +It should be used together with other security mechanisms.
  .Sh SEE ALSO
  .Xr ip 4 ,
  .Xr tcp 4 ,
State-Changed-From-To: open->closed 
State-Changed-By: dd 
State-Changed-When: Mon Oct 15 06:30:55 PDT 2001 
State-Changed-Why:  
Second patch applied, thanks! 

http://www.FreeBSD.org/cgi/query-pr.cgi?pr=30772 
>Unformatted:
