From jono@biggins.securityreports.com  Tue Dec 24 00:48:36 2002
Return-Path: <jono@biggins.securityreports.com>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 703BE37B405
	for <FreeBSD-gnats-submit@freebsd.org>; Tue, 24 Dec 2002 00:48:36 -0800 (PST)
Received: from biggins.securityreports.com (adsl-64-168-72-58.dsl.snfc21.pacbell.net [64.168.72.58])
	by mx1.FreeBSD.org (Postfix) with ESMTP id B78E443EDE
	for <FreeBSD-gnats-submit@freebsd.org>; Tue, 24 Dec 2002 00:48:35 -0800 (PST)
	(envelope-from jono@biggins.securityreports.com)
Received: (from jono@localhost)
	by biggins.securityreports.com (8.11.6/8.11.1) id gBO8hFE82190;
	Tue, 24 Dec 2002 00:43:15 -0800 (PST)
	(envelope-from jono)
Message-Id: <200212240843.gBO8hFE82190@biggins.securityreports.com>
Date: Tue, 24 Dec 2002 00:43:15 -0800 (PST)
From: "Jon O." <jono@securityreports.com>
Reply-To: "Jon O." <jono@securityreports.com>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: Small fixes for VPN article
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         46511
>Category:       docs
>Synopsis:       Small fixes for VPN article
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-doc
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          update
>Submitter-Id:   current-users
>Arrival-Date:   Tue Dec 24 00:50:06 PST 2002
>Closed-Date:    Sun Dec 29 14:14:20 PST 2002
>Last-Modified:  Sun Dec 29 14:14:20 PST 2002
>Originator:     Jon O.
>Release:        FreeBSD 4.5-RC i386
>Organization:
>Environment:
System: FreeBSD biggins.securityreports.com 4.5-RC FreeBSD 4.5-RC #0: Tue Jan 22 23:14:29 PST 2002 root@biggins.securityreports.com:/usr/obj/usr/src/sys/BIGGINS i386


>Description:
	Just some small fixes to some links, etc. in the VPN doc
>How-To-Repeat:
>Fix:
--- article.sgml        Mon Dec 23 14:38:17 2002
+++ article.jono.sgml   Tue Dec 24 00:31:17 2002
@@ -93,7 +93,7 @@
 FW-1 Protected Nets                              Internal Nets
 199.208.192.0/24                               192.168.10.0/24</programlisting>

-    <para>The FreeBSD gateway (<acronym>GW</acronym> serves as a firewall and
+    <para>The FreeBSD gateway <acronym>GW</acronym> serves as a firewall and
       <acronym>NAT</acronym> device for <quote>internal nets.</quote></para>

     <para>The FreeBSD kernel must be compiled to support IPSec.
@@ -104,7 +104,7 @@
 options         IPSEC_DEBUG</programlisting>

     <para>For instructions on building a custom kernel, refer to the
-      <ulink url="http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/x3663.html">
+      <ulink url="http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/kernelconfig.html">
       FreeBSD handbook</ulink>. Please note that <acronym>IP</acronym>
       protocol 50 (<acronym>ESP</acronym>) and <acronym>UDP</acronym>
       port <literal>500</literal> must be open between the Firewall-1
@@ -142,7 +142,7 @@
       (Do not use our example.)</para>

 <programlisting>Support Aggressive Mode:                 Checked
-Supports Subnets:                       Checked</programlisting>
+Supports Subnets:                        Checked</programlisting>

     <para>After setting the pre-shared secret in the Firewall-1 Network
       Object definition, place this secret in
@@ -213,8 +213,8 @@
 # IP addresses
 #
 #     External Interface                    External Interface
-#       208.229.100.6                    216.218.197.2
-#                   |                    |
+#       208.229.100.6                       216.218.197.2
+#                   |                       |
 #        +--&gt; Firewall-1 &lt;--&gt; Internet &lt;--&gt; FreeBSD GW &lt;--+
 #        |                                                |
 # FW-1 Protected Nets                              Internal Nets
@@ -304,7 +304,7 @@
        #certificate_type x509 "" "";

        nonce_size 16;
-       lifetime time 10 min;    # sec,min,hour
+       lifetime time 10 min;   # sec,min,hour
        lifetime byte 5 MB;     # B,KB,GB
        initial_contact on;
        support_mip6 on;
@@ -329,7 +329,7 @@
       }</programlisting>

     <para>Ensure that <filename>/usr/local/etc/racoon/psk.txt</filename>
-      contains the shared secret configured in the "Firewall-1 Network Object
+      contains the pre-shared secret configured in the "Firewall-1 Network Object
       Configuration" section of this document and has mode <literal>600</literal>
       permissions.</para>

>Release-Note:
>Audit-Trail:

From: Tom Rhodes <trhodes@FreeBSD.org>
To: "Jon O." <jono@securityreports.com>
Cc: FreeBSD-gnats-submit@FreeBSD.org
Subject: Re: docs/46511: Small fixes for VPN article
Date: Tue, 24 Dec 2002 03:56:33 -0500

 On Tue, 24 Dec 2002 00:43:15 -0800 (PST)
 "Jon O." <jono@securityreports.com> wrote:
 
 > >Description:
 > 	Just some small fixes to some links, etc. in the VPN doc
 > >How-To-Repeat:
 > >Fix:
 > --- article.sgml        Mon Dec 23 14:38:17 2002
 > +++ article.jono.sgml   Tue Dec 24 00:31:17 2002
 > @@ -93,7 +93,7 @@
 >  FW-1 Protected Nets                              Internal Nets
 >  199.208.192.0/24                              
 >  192.168.10.0/24</programlisting>
 > 
 > -    <para>The FreeBSD gateway (<acronym>GW</acronym> serves as a
 > firewall and+    <para>The FreeBSD gateway <acronym>GW</acronym>
 > serves as a firewall and
 >        <acronym>NAT</acronym> device for <quote>internal
 >        nets.</quote></para>
 > 
 >      <para>The FreeBSD kernel must be compiled to support IPSec.
 > @@ -104,7 +104,7 @@
 >  options         IPSEC_DEBUG</programlisting>
 > 
 >      <para>For instructions on building a custom kernel, refer to the
 > -      <ulink
 > url="http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/x3663.
 > html">+      <ulink
 > url="http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/kernel
 > config.html">
 >        FreeBSD handbook</ulink>. Please note that
 >        <acronym>IP</acronym> protocol 50 (<acronym>ESP</acronym>) and
 >        <acronym>UDP</acronym> port <literal>500</literal> must be open
 >        between the Firewall-1
 > @@ -142,7 +142,7 @@
 >        (Do not use our example.)</para>
 > 
 >  <programlisting>Support Aggressive Mode:                 Checked
 > -Supports Subnets:                       Checked</programlisting>
 > +Supports Subnets:                        Checked</programlisting>
 > 
 >      <para>After setting the pre-shared secret in the Firewall-1
 >      Network
 >        Object definition, place this secret in
 > @@ -213,8 +213,8 @@
 >  # IP addresses
 >  #
 >  #     External Interface                    External Interface
 > -#       208.229.100.6                    216.218.197.2
 > -#                   |                    |
 > +#       208.229.100.6                       216.218.197.2
 > +#                   |                       |
 >  #        +--&gt; Firewall-1 &lt;--&gt; Internet &lt;--&gt; FreeBSD GW
 >  &lt;--+#        |                                                |
 >  # FW-1 Protected Nets                              Internal Nets
 > @@ -304,7 +304,7 @@
 >         #certificate_type x509 "" "";
 > 
 >         nonce_size 16;
 > -       lifetime time 10 min;    # sec,min,hour
 > +       lifetime time 10 min;   # sec,min,hour
 >         lifetime byte 5 MB;     # B,KB,GB
 >         initial_contact on;
 >         support_mip6 on;
 > @@ -329,7 +329,7 @@
 >        }</programlisting>
 > 
 >      <para>Ensure that
 >      <filename>/usr/local/etc/racoon/psk.txt</filename>
 > -      contains the shared secret configured in the "Firewall-1
 > Network Object+      contains the pre-shared secret configured in the
 > "Firewall-1 Network Object
 >        Configuration" section of this document and has mode
 >        <literal>600</literal> permissions.</para>
 
 Ok, we have some whitespace fixes && some content fixes here, I'll
 handle them.  Noone else need take a worry.  Thanks!
 
 --
 Tom Rhodes
State-Changed-From-To: open->closed 
State-Changed-By: trhodes 
State-Changed-When: Sun Dec 29 14:14:04 PST 2002 
State-Changed-Why:  
Committed!  Thanks for the submission! 

http://www.freebsd.org/cgi/query-pr.cgi?pr=46511 
>Unformatted:
