git: 19c03f4ab0d6 - main - wg.4: Add some enhancements
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sun, 30 Oct 2022 13:00:03 UTC
The branch main has been updated by gbe (doc committer):
URL: https://cgit.FreeBSD.org/src/commit/?id=19c03f4ab0d68788a561b91278fd13c760227a31
commit 19c03f4ab0d68788a561b91278fd13c760227a31
Author: Gordon Bergling <gbe@FreeBSD.org>
AuthorDate: 2022-10-30 12:59:37 +0000
Commit: Gordon Bergling <gbe@FreeBSD.org>
CommitDate: 2022-10-30 12:59:37 +0000
wg.4: Add some enhancements
- add a SPDX-License-Identifier
- rename the title of the man page
- use better grammar in some places
- reword 'IPs' to 'IP addresses'
- add a missing word in the AUTHORS section
- use '.An -nosplit' in the AUTHORS section
- Xr ipsec and ovpn
Reviewed by: pauamma, mhorne
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D37205
---
share/man/man4/wg.4 | 25 +++++++++++++++----------
1 file changed, 15 insertions(+), 10 deletions(-)
diff --git a/share/man/man4/wg.4 b/share/man/man4/wg.4
index f2ae425002d7..21bb640e7b6c 100644
--- a/share/man/man4/wg.4
+++ b/share/man/man4/wg.4
@@ -1,3 +1,5 @@
+.\" SPDX-License-Identifier: BSD-2-Clause-FreeBSD
+.\"
.\" Copyright (c) 2020 Gordon Bergling <gbe@FreeBSD.org>
.\"
.\" Redistribution and use in source and binary forms, with or without
@@ -23,12 +25,12 @@
.\"
.\" $FreeBSD$
.\"
-.Dd October 28, 2022
+.Dd October 30, 2022
.Dt WG 4
.Os
.Sh NAME
.Nm wg
-.Nd "WireGuard - pseudo-device"
+.Nd "WireGuard protocol driver"
.Sh SYNOPSIS
To load the driver as a module at boot time, place the following line in
.Xr loader.conf 5 :
@@ -44,7 +46,7 @@ protocol.
.Pp
A
.Nm
-interface recognises one or more peers, establishes a secure tunnel with
+interface recognizes one or more peers, establishes a secure tunnel with
each on demand, and tracks each peer's UDP endpoint for exchanging encrypted
traffic with.
.Pp
@@ -72,17 +74,17 @@ interface with its own private key and with the public keys of its peers.
In addition to the public keys, each peer pair may be configured with a
unique pre-shared symmetric key.
This is used in their handshake to guard against future compromise of the
-peers' encrypted tunnel if a quantum-computational attack on their
+peers' encrypted tunnel if an attack on their
Diffie-Hellman exchange becomes feasible.
It is optional, but recommended.
-.It Allowed IPs
+.It Allowed IP addresses
A single
.Nm
interface may maintain concurrent tunnels connecting diverse networks.
The interface therefore implements rudimentary routing and reverse-path
filtering functions for its tunneled traffic.
-These functions reference a set of allowed IP ranges configured against
-each peer.
+These functions reference a set of allowed IP address ranges configured
+against each peer.
.Pp
The interface will route outbound tunneled traffic to the peer configured
with the most specific matching allowed IP address range, or drop it
@@ -95,11 +97,11 @@ That is, tunneled traffic routed to a given peer cannot return through
another peer of the same
.Nm
interface.
-This ensures that peers cannot spoof another's traffic.
+This ensures that peers cannot spoof one another's traffic.
.It Handshake
Two peers handshake to mutually authenticate each other and to
establish a shared series of secret ephemeral encryption keys.
-Any peer may initiate a handshake.
+Either peer may initiate a handshake.
Handshakes occur only when there is traffic to send, and recur every
two minutes during transfers.
.It Connectionless
@@ -181,7 +183,9 @@ is not assigned to the allowed IPs of Peer X.
.Sh SEE ALSO
.Xr inet 4 ,
.Xr ip 4 ,
+.Xr ipsec 4 ,
.Xr netintro 4 ,
+.Xr ovpn 4 ,
.Xr ipf 5 ,
.Xr pf.conf 5 ,
.Xr ifconfig 8 ,
@@ -197,9 +201,10 @@ The
device driver first appeared in
.Fx 14.0 .
.Sh AUTHORS
+.An -nosplit
The
.Nm
-device driver written by
+device driver was written by
.An Jason A. Donenfeld Aq Mt Jason@zx2c4.com ,
.An Matt Dunwoodie Aq Mt ncon@nconroy.net ,
and