ispell sweep of share/man/man7/*.

4 files changed, 36 insertions, 36 deletions

diff --git a/share/man/man7/ffs.7 b/share/man/man7/ffs.7
index 58a023a..f8a64d6 100644
--- a/share/man/man7/ffs.7
+++ b/share/man/man7/ffs.7
@@ -80,7 +80,7 @@ No optimization
 .It Li 1
 VM operations if a request fits
 .It Li 2
-Aggresive optimization (VM used as much as possible)
+Aggressive optimization (VM used as much as possible)
 .El
 .El
 .Ss Quotas
@@ -102,7 +102,7 @@ and
 .Bl -tag -width 2n
 .It Cd options SOFTUPDATES
 The soft updates feature tracks writes to the disk
-and enforces metadata update dependancies
+and enforces metadata update dependencies
 (e.g. updating free block maps)
 to ensure that the file system remains consistent.
 .Pp
@@ -139,7 +139,7 @@ i.e.
 .Bl -tag -width 2n
 .It Cd options UFS_ACL
 Access control lists allow the association of
-fine-grained descretionary access control information
+fine-grained discretionary access control information
 with files and directories.
 This option requires the presence of the
 .Dv UFS_EXTATTR
@@ -208,7 +208,7 @@ MIBs are defined for use with
 .Nm ffs :
 .Bl -hang -width "vfs.ffs.doreallocblk" 
 .It Em vfs.ffs.doasyncfree
-Asynchronously write out modified inode and indirect blocks
+Asynchronously write out modified i-node and indirect blocks
 upon reallocating file system blocks to be contiguous.
 (Default: 1.)
 .It Em vfs.ffs.doreallocblks
diff --git a/share/man/man7/firewall.7 b/share/man/man7/firewall.7
index 52c5ed3..eea0fde 100644
--- a/share/man/man7/firewall.7
+++ b/share/man/man7/firewall.7
@@ -22,9 +22,9 @@ The
 .Fx
 firewalling system also has the capability to limit bandwidth using
 .Xr dummynet 4 .
-This feature can be useful when you need to guarentee a certain
+This feature can be useful when you need to guarantee a certain
 amount of bandwidth for a critical purpose.  For example, if you
-are doing video conferencing over the internet via your
+are doing video conferencing over the Internet via your
 office T1 (1.5 MBits), you may wish to bandwidth-limit all other
 T1 traffic to 1 MBit in order to reserve at least 0.5 MBits
 for your video conferencing connections.  Similarly if you are
@@ -102,17 +102,17 @@ rules.
 Here is an example ipfw-based firewall taken from a machine with three
 interface cards.  fxp0 is connected to the 'exposed' LAN.  Machines
 on this LAN are dual-homed with both internal 10. IP addresses and
-internet-routed IP addresses.  In our example, 192.100.5.x represents
-the internet-routed IP block while 10.x.x.x represents the internal
+Internet-routed IP addresses.  In our example, 192.100.5.x represents
+the Internet-routed IP block while 10.x.x.x represents the internal
 networks.  While it isn't relevant to the example, 10.0.1.x is
 assigned as the internal address block for the LAN on fxp0, 10.0.2.x
 for the LAN on fxp1, and 10.0.3.x for the LAN on fxp2.
 .Pp
-In this example we want to isolate all three LANs from the internet
+In this example we want to isolate all three LANs from the Internet
 as well as isolate them from each other, and we want to give all
-internal addresses access to the internet through a NAT gateway running
+internal addresses access to the Internet through a NAT gateway running
 on this machine.  To make the NAT gateway work, the firewall machine
-is given two internet-exposed addresses on fxp0 in addition to an
+is given two Internet-exposed addresses on fxp0 in addition to an
 internal 10. address on fxp0: one exposed address (not shown)
 represents the machine's official address, and the second exposed
 address (192.100.5.5 in our example) represents the NAT gateway
@@ -120,13 +120,13 @@ rendezvous IP.  We make the example more complex by giving the machines
 on the exposed LAN internal 10.0.0.x addresses as well as exposed
 addresses.  The idea here is that you can bind internal services
 to internal addresses even on exposed machines and still protect
-those services from the internet.  The only services you run on
+those services from the Internet.  The only services you run on
 exposed IP addresses would be the ones you wish to expose to the
-internet.
+Internet.
 .Pp
 It is important to note that the 10.0.0.x network in our example
 is not protected by our firewall.  You must make sure that your
-internet router protects this network from outside spoofing.
+Internet router protects this network from outside spoofing.
 Also, in our example, we pretty much give the exposed hosts free
 reign on our internal network when operating services through
 internal IP addresses (10.0.0.x).   This is somewhat of security
@@ -164,8 +164,8 @@ ip_portrange_last=5000
 # LAN2	    10.0.2.X
 # sw:	    ethernet switch (unmanaged)
 #
-# 192.100.5.x represents IP addresses exposed to the internet
-# (i.e. internet routeable).  10.x.x.x represent internal IPs
+# 192.100.5.x represents IP addresses exposed to the Internet
+# (i.e. Internet routeable).  10.x.x.x represent internal IPs
 # (not exposed)
 #
 #   [LAN1]
@@ -182,7 +182,7 @@ ip_portrange_last=5000
 #   INTERNET (secondary firewall)
 #    ROUTER
 #      |
-#    [internet]
+#    [Internet]
 #
 # NOT SHOWN:  The INTERNET ROUTER must contain rules to disallow
 # all packets with source IP addresses in the 10. block in order
@@ -230,7 +230,7 @@ add 01001 allow all from any to any out via fxp2
 # internal networks.  Packets received via fxp1 MUST come from
 # 10.0.1.x.  Packets received via fxp2 MUST come from 10.0.2.x.
 # Packets received via fxp0 cannot come from the LAN1 or LAN2
-# blocks.  We can't protect 10.0.0.x here, the internet router
+# blocks.  We can't protect 10.0.0.x here, the Internet router
 # must do that for us.
 #
 add 01500 deny all from not 10.0.1.0/24 in via fxp1
@@ -313,14 +313,14 @@ add 03000 allow tcp from any to any auth,pop3,ftp,ftp-data
 #	14	Timestamp Reply
 #
 # Sometimes people need to allow ICMP REDIRECT packets, which is
-# type 5, but if you allow it make sure that your internet router
+# type 5, but if you allow it make sure that your Internet router
 # disallows it.
 
 add 04000 allow icmp from any to any icmptypes 0,5,8,11,12,13,14
 
 # log any remaining fragments that get through.  Might be useful,
 # otherwise don't bother.  Have a final deny rule as a safety to
-# guarentee that your firewall is inclusive no matter how the kernel
+# guarantee that your firewall is inclusive no matter how the kernel
 # is configured.
 #
 add 05000 deny log ip from any to any frag
diff --git a/share/man/man7/security.7 b/share/man/man7/security.7
index e8b5b6e..98d1a11 100644
--- a/share/man/man7/security.7
+++ b/share/man/man7/security.7
@@ -32,7 +32,7 @@ security becomes an ever bigger issue.
 Security is best implemented through a layered onion approach.  In a nutshell,
 what you want to do is to create as many layers of security as are convenient
 and then carefully monitor the system for intrusions.  You do not want to
-overbuild your security or you will interefere with the detection side, and
+overbuild your security or you will interfere with the detection side, and
 detection is one of the single most important aspects of any security
 mechanism.  For example, it makes little sense to set the
 .Pa schg
@@ -70,8 +70,8 @@ only be fixed by applying a bug fix to the kernel.  Attacks on servers can
 often be fixed by properly specifying options to limit the load the servers
 incur on the system under adverse conditions.  Brute-force network
 attacks are harder to deal with.  A spoofed-packet attack, for example, is
-nearly impossible to stop short of cutting your system off from the internet.
-It may not be able to take your machine down, but it can fill up internet
+nearly impossible to stop short of cutting your system off from the Internet.
+It may not be able to take your machine down, but it can fill up Internet
 pipe.
 .Pp
 A user account compromise is even more common then a D.O.S. attack.  Many
@@ -92,7 +92,7 @@ attacker access to root.  The distinction is important because without access
 to root the attacker cannot generally hide his tracks and may, at best, be
 able to do nothing more than mess with the user's files or crash the machine.
 User account compromises are very common because users tend not to take the
-precautions that sysads take.
+precautions that sysadmins take.
 .Pp
 System administrators must keep in mind that there are potentially many ways
 to break root on a machine.  The attacker may know the root password,
@@ -104,7 +104,7 @@ user's account.  If an attacker has found a way to break root on a machine,
 the attacker may not have a need to install a backdoor.
 Many of the root holes found and closed to date involve a considerable amount
 of work by the hacker to cleanup after himself, so most hackers do install
-backdoors.  This gives you a convienient way to detect the hacker.  Making
+backdoors.  This gives you a convenient way to detect the hacker.  Making
 it impossible for a hacker to install a backdoor may actually be detrimental
 to your security because it will not close off the hole the hacker found to
 break in the first place.
@@ -647,7 +647,7 @@ key-forwarding in the ssh configuration, or that you make use of the
 .Pa "from=IP/DOMAIN"
 option that ssh allows in its
 .Pa authorized_keys
-file to make the key only useable to entities logging in from specific
+file to make the key only usable to entities logging in from specific
 machines.
 .Sh SEE ALSO
 .Xr chflags 1 ,
diff --git a/share/man/man7/tuning.7 b/share/man/man7/tuning.7
index a534fde..afc21d6 100644
--- a/share/man/man7/tuning.7
+++ b/share/man/man7/tuning.7
@@ -133,7 +133,7 @@ a 1 gigabyte
 .Pa /usr
 partition.
 However, if you install a lot of ports
-(especially window managers and linux-emulated binaries), we recommend
+(especially window managers and Linux-emulated binaries), we recommend
 at least a 2 gigabyte
 .Pa /usr
 and if you also intend to keep system source
@@ -194,7 +194,7 @@ Tuning
 requires more experience but can lead to significant improvements in
 performance.
 There are three parameters that are relatively safe to tune:
-.Em blocksize , bytes/inode ,
+.Em blocksize , bytes/i-node ,
 and
 .Em cylinders/group .
 .Pp
@@ -212,7 +212,7 @@ can cause fragmentation of the buffer cache and
 lead to lower performance.
 .Pp
 The defaults may be unsuitable
-for a filesystem that requires a very large number of inodes
+for a filesystem that requires a very large number of i-nodes
 or is intended to hold a large number of very small files.
 Such a filesystem should be created with an 8K or 4K block size.
 This also requires you to specify a smaller
@@ -226,18 +226,18 @@ options for this would be
 .Pp
 If a large partition is intended to be used to hold fewer, larger files, such
 as a database files, you can increase the
-.Em bytes/inode
-ratio which reduces the number of inodes (maximum number of files and
+.Em bytes/i-node
+ratio which reduces the number of i-nodes (maximum number of files and
 directories that can be created) for that partition.
 Decreasing the number
-of inodes in a filesystem can greatly reduce
+of i-nodes in a filesystem can greatly reduce
 .Xr fsck 8
 recovery times after a crash.
 Do not use this option
 unless you are actually storing large files on the partition, because if you
 overcompensate you can wind up with a filesystem that has lots of free
 space remaining but cannot accommodate any more files.
-Using 32768, 65536, or 262144 bytes/inode is recommended.
+Using 32768, 65536, or 262144 bytes/i-node is recommended.
 You can go higher but
 it will have only incremental effects on
 .Xr fsck 8
@@ -291,7 +291,7 @@ A number of run-time
 .Xr mount 8
 options exist that can help you tune the system.
 For this reason, softupdates will not be enabled on the root file system
-during a typicaly install.
+during a typical install.
 The most obvious and most dangerous one is
 .Cm async .
 Don't ever use it, it is far too dangerous.
@@ -444,7 +444,7 @@ simultaneous connections because it is possible to quickly run the system
 out of memory due to stalled connections building up.
 But if you need
 high bandwidth over a fewer number of connections, especially if you have
-gigabit ethernet, increasing these defaults can make a huge difference.
+gigabit Ethernet, increasing these defaults can make a huge difference.
 You can adjust the buffer size for incoming and outgoing data separately.
 For example, if your machine is primarily doing web serving you may want
 to decrease the recvspace in order to be able to increase the
@@ -556,7 +556,7 @@ and reboot the system.
 .Pp
 .Va kern.maxusers
 controls the scaling of a number of static system tables, including defaults
-for the maximum number of open files, sizing of network memory resouces, etc.
+for the maximum number of open files, sizing of network memory resources, etc.
 As of
 .Fx 4.5 ,
 .Va kern.maxusers