PERFORCE change 109127 for review

[Paolo Pisati]

http://perforce.freebsd.org/chv.cgi?CH=109127

Change 109127 by piso at piso_newluxor on 2006/11/03 15:44:01

	Cleanup, delete unnecessary stuff, some mdoc fixes.

Affected files ...

.. //depot/projects/soc2005/libalias/sbin/ipfw/ipfw.8#8 edit

Differences ...

==== //depot/projects/soc2005/libalias/sbin/ipfw/ipfw.8#8 (text+ko) ====

@@ -2035,95 +2035,53 @@
 If no socket is bound to the destination port, or if the divert module is
 not loaded, or if the kernel was not compiled with divert socket support,
 the packets are dropped.
-.Sh IPFW NAT
-To support nat operations inside ipfw, the syntax was extended with a
-new action: nat.
-Then, to configure/handle nat instances the following syntax was
-added (trying to follow closely pipe|queue options):
+.Sh NETWORK ADDRESS TRANSLATION (NAT)
+The nat configuration command is the following:
 .Bd -ragged -offset indent
 .Bk -words
 .Cm nat 
 .Ar nat_number 
 .Cm config 
-.Ar options
+.Ar nat-configuration
 .Ek
 .Ed
 .Pp
-where 
-.Ar options 
-is one or more mandatory fields that can assume the 
-following values:
+.
+The following parameters can be configured:
 .Bl -tag -width indent
 .It Cm ip Ar ip_address
-Define an ip address to use for aliasing
+Define an ip address to use for aliasing.
 .It Cm if Ar nic
 Use ip addres of NIC for aliasing, dynamically changing
-it if NIC's ip address change
+it if NIC's ip address change.
 .It Cm log
-Enable logging on this nat instance
+Enable logging on this nat instance.
 .It Cm deny_in
-Deny any incoming connection from outside world
+Deny any incoming connection from outside world.
 .It Cm same_ports
 Try to leave the alias port numbers unchanged from
-the actual local port numbers
+the actual local port numbers.
 .It Cm unreg_only
 Traffic on the local network not originating from an
-unregistered address spaces will be ignored                   
+unregistered address spaces will be ignored.
 .It Cm reset
-Reset table of the packet aliasing engine on address change
+Reset table of the packet aliasing engine on address change.
 .It Cm reverse
-Reverse the way libalias handles aliasing
+Reverse the way libalias handles aliasing.
 .It Cm proxy_only
-Obey transparent proxy rules only, packet aliasing is not performed
+Obey transparent proxy rules only, packet aliasing is not performed.
 .El
 .Pp
-For more information about aliasing modes, take a look 
-at libalias(
+For more information about aliasing modes, refer to
 .Xr libalias 3
-).
-.Pp
-Other commands to manipulate nats are:
-.Bd -ragged -offset indent
-.Bk -words
-.Cm nat 
-.Ar nat_number 
-.Cm show
-.Cm config 
-.Ek
-.Ed
-.Pp
-to see nat configuration of
-.Ar nat_number
 .
-.Pp
-.Bd -ragged -offset indent
-.Bk -words
-.Cm nat 
-.Ar nat_number 
-.Cm show
-.Ek
-.Ed
-.Pp
-to see the logs of
-.Ar nat_number
-(if any)
-.Pp
-In these two previous examples
-.Ar nat_number 
-could be a single number to see the configuration of that
-instance (i.e. 123, a range of numbers (i.e 333-555) to see the
-configurations all the instances in that range or nothing, to see all
-the configured instances.
-.Pp
 See Section
 .Sx EXAMPLES
-for some examples on how to use nat.
+for some examples about nat usage.
 .Sh REDIRECT AND LSNAT SUPPORT IN IPFW
-Redirect and LSNAT support follow closely the syntax used in natd: refer to natd's man page 
-for syntax details.
-The only difference between natd's redirect and ipfw redirect is:
-instead of redirect_[addr|port|prot] i chose redir_[addr|port|proto].
-.Pp
+Redirect and LSNAT support follow closely the syntax used in
+.Xr natd 8
+. 
 See Section
 .Sx EXAMPLES
 for some examples on how to do redirect and lsnat.