ipf: Fix some typos

Signed-off-by: Elyes Haouas <ehaouas@noos.fr>

sbin/ipf/ipf/ipf.5

@@ -31,7 +31,7 @@ address patterns or "all" to match any address information
 .SS Long lines
 .PP
 For rules lines that are particularly long, it is possible to split
-them over multiple lines implicity like this:
+them over multiple lines implicitly like this:
 .PP
 .nf
 pass in on bgeo proto tcp from 1.1.1.1 port > 1000
@@ -536,7 +536,7 @@ URG - this bit is set to indicate that the packet contains urgent data
 .HP
 R
 RST - this bit is set only in packets that are a reply to another
-that has been received but is not targetted at any open port
+that has been received but is not targeted at any open port
 .HP
 C
 CWN
@@ -686,7 +686,7 @@ Once a TCP connection has reached the established state, the default
 timeout allows for it to be idle for 5 days before it is removed from
 the state table. The timeouts for the other TCP connection states
 vary from 240 seconds to 30 seconds.
-Both UDP and ICMP state entries have asymetric timeouts where the timeout
+Both UDP and ICMP state entries have asymmetric timeouts where the timeout
 set upon seeing packets in the forward direction is much larger than
 for the reverse direction. For UDP the default timeouts are 120 and
 12 seconds, for ICMP 60 and 6 seconds. This is a reflection of the
@@ -890,8 +890,8 @@ construction of filter rules easier, it is possible to place them in groups.
 A rule can be both a member of a group and the head of a new group.
 .PP
 Using filter groups requires at least two rules: one to be in the group
-one one to send matchign packets to the group. If a packet matches a
-filtre rule that is a group head but does not match any of the rules
+one one to send matching packets to the group. If a packet matches a
+filter rule that is a group head but does not match any of the rules
 in that group, then the packet is considered to have matched the head
 rule.
 .PP
@@ -1037,7 +1037,7 @@ pass in on bge0 to bge1:1.1.1.1 reply-to hme1:2.1.1.2 \\
 .PP
 The design for IPv4 allows for the header to be upto 64 bytes long,
 however most traffic only uses the basic header which is 20 bytes long.
-The other 44 bytes can be uesd to store IP options. These options are
+The other 44 bytes can be used to store IP options. These options are
 generally not necessary for proper interaction and function on the
 Internet today. For most people it is sufficient to block and drop
 all packets that have any options set. This can be achieved with this
@@ -1090,7 +1090,7 @@ some of the nodes the packet must go through, with the ssrr option,
 every next hop router must be specified.
 .PP
 The complete list of IPv4 options that can be matched on is:
-addext (Address Extention),
+addext (Address Extension),
 cipso (Classical IP Security Option),
 dps (Dynamic Packet State),
 e-sec (Extended Security),
@@ -1357,7 +1357,7 @@ A list of the currently available variables inside IPFilter that may
 be tuned from ipf.conf are as follows:
 .HP
 active
-set through -s command line switch of ipf(8). See ipf(8) for detals.
+set through -s command line switch of ipf(8). See ipf(8) for details.
 .HP
 chksrc
 when set, enables reverse path verification on source addresses and
@@ -1430,7 +1430,7 @@ sets the size of the in-kernel log buffer in bytes.
 log_suppress
 when set, IPFilter will check to see if the packet it is logging is
 similar to the one it previously logged and if so, increases
-the occurance count for that packet. The previously logged packet
+the occurrence count for that packet. The previously logged packet
 must not have yet been read by ipmon(8).
 .HP
 min_ttl
@@ -1467,8 +1467,8 @@ when the fill percentage of the NAT table exceeds this mark, more
 aggressive flushing is enabled.
 .HP
 nat_table_wm_low
-this sets the percentage at which the NAT table's agressive flushing
-will turn itself off at.
+this sets the percentage at which the NAT table's aggressive flushing
+will turn itself off.
 .HP
 rdr_rules_size
 size of the hash table to store rdr rules.
@@ -1492,7 +1492,7 @@ state_size
 size of the hash table used for stateful filtering
 .HP
 state_wm_freq
-this controls how often the agressive flushing should be run once the
+this controls how often the aggressive flushing should be run once the
 state table exceeds state_wm_high in percentage full.
 .HP
 state_wm_high
@@ -1500,7 +1500,7 @@ when the fill percentage of the state table exceeds this mark, more
 aggressive flushing is enabled.
 .HP
 state_wm_low
-this sets the percentage at which the state table's agressive flushing
+this sets the percentage at which the state table's aggressive flushing
 will turn itself off at.
 .HP
 tcp_close_wait

sbin/ipf/ipf/ipfilter.4

@@ -123,7 +123,7 @@ file
 syslog
 .PP
 ipsend(1)
-generates arbitary IP packets for ethernet connected machines.
+generates arbitrary IP packets for ethernet connected machines.
 .PP
 ipresend(1)
 reads in a data file of saved IP packets (ie

sbin/ipf/ipfstat/ipfstat.c

@@ -323,7 +323,7 @@ int main(int argc, char *argv[])
 		case 'm' :
 			filter = parseipfexpr(optarg, NULL);
 			if (filter == NULL) {
-				fprintf(stderr, "Error parseing '%s'\n",
+				fprintf(stderr, "Error parsing '%s'\n",
 					optarg);
 				exit(1);
 			}

sbin/ipf/ipnat/ipnat.5

@@ -149,7 +149,7 @@ For TCP connections exiting a connection such as PPPoE where the MTU is
 slightly smaller than normal ethernet, it can be useful to reduce the
 Maximum Segment Size (MSS) offered by the internal machines to match,
 reducing the liklihood that the either end will attempt to send packets
-that are too big and result in fragmentation.  This is acheived using the
+that are too big and result in fragmentation.  This is achieved using the
 .B mssclamp
 option with TCP
 .B map
@@ -220,7 +220,7 @@ that requires the destination port number to be 21 if this rule is to be
 activated.  The word "ftp" is the proxy identifier that the kernel will
 try and resolve internally, "tcp" the protocol that packets must match.
 .PP
-See below for a list of proxies and their relative staus.
+See below for a list of proxies and their relative status.
 .PP
 To associate NAT rules with filtering rules, it is possible to set and
 match tags during either inbound or outbound processing.  At present the
@@ -355,7 +355,7 @@ rdr le0 from 1.1.0.0/16 to any -> 192.168.1.3
 rdr le0 ! from 1.1.0.0/16 to any -> 192.168.1.4
 .fi
 .PP
-If there is a consective set of addresses you wish to spread the packets
+If there is a consecutive set of addresses you wish to spread the packets
 over, then this can be done in one of two ways, the word "range" optional
 to preserve:
 .nf
@@ -382,9 +382,9 @@ rdr le0 0/0 -> 192.168.1.5,192.168.1.7 round-robin
 rdr le0 0/0 -> 192.168.1.9 round-robin
 .fi
 .PP
-If there are a large number of redirect rules and hosts being targetted
+If there are a large number of redirect rules and hosts being targeted
 then it may be desirable to have all those from a single source address
-be targetted at the same destination address.  To achieve this, the
+be targeted at the same destination address.  To achieve this, the
 word
 .B sticky
 is appended to the rule like this:
@@ -399,9 +399,9 @@ The
 .B sticky
 feature can only be combined with
 .B round-robin
-and the use of comma.
+and the use of a comma.
 .PP
-For TCP and UDP packets, it is possible to both match on the destiantion
+For TCP and UDP packets, it is possible to both match on the destination
 port number and to modify it.  For example, to change the destination port
 from 80 to 3128, we would use a rule like this:
 .nf
@@ -572,7 +572,7 @@ On the LHS is a normal set of matching capabilities but on the RHS it is
 a requirement to specify both the source and destination addresses and
 ports.
 .PP
-As this feature is intended to be used with targetting packets at sockets
+As this feature is intended to be used with targeting packets at sockets
 and not IPFilter running on other systems, there is no rule provided to
 \fIundivert\fR packets.
 .TP

sbin/ipf/ipscan/ipscan.5

@@ -20,7 +20,7 @@ match-char ::= "*" | "?" | "."
 .fi
 .PP
 In this example an ip-address is a dotted-quad IPv4 address and a port-number
-is a number betwee 1 and 65535, inclusive.  The match string is must be of
+is a number between 1 and 65535, inclusive.  The match string is must be of
 same length as the literal string that it is matching (literal).  The length
 of either string is limited to 16 bytes.
 .PP

sbin/ipf/libipf/interror.c

@@ -144,7 +144,7 @@ static ipf_error_entry_t ipf_errors[IPF_NUM_ERRORS] = {
 	{	116,	"error copying in match array" },
 	{	117,	"match array type is not IPFOBJ_IPFEXPR" },
 	{	118,	"bad size for match array" },
-	{	119,	"cannot allocate memory for match aray" },
+	{	119,	"cannot allocate memory for match array" },
 	{	120,	"error copying in match array" },
 	{	121,	"error verifying contents of match array" },
 	{	122,	"need write permissions to set ipf lock status" },

sbin/ipf/libipf/parseipfexpr.c

@@ -75,7 +75,7 @@ parseipfexpr(char *line, char **errorptr)
 	for (ops = strtok(temp, ";"); ops != NULL; ops = strtok(NULL, ";")) {
 		arg = strchr(ops, '=');
 		if ((arg < ops + 2) || (arg == NULL)) {
-			error = "bad 'arg' vlaue";
+			error = "bad 'arg' value";
 			goto parseerror;
 		}