minor doc improvements

thy09 · Aug 28, 2014 · b543500 · b543500
1 parent bcb73bc
commit b543500
Show file tree

Hide file tree

Showing 4 changed files with 23 additions and 14 deletions.
diff --git a/INSTALL-Linux.markdown b/INSTALL-Linux.markdown
@@ -68,9 +68,9 @@ Tcpcrypt is incompatible with ECN (explicit congestion notification, RFC 3168).
 iptables firewall setup
 =======================
 
-The included `launch_tcpcryptd.sh` script adds iptable rules to divert Web and
-local port 7777 traffic to tcpcryptd. Read on only for more complex firewall
-setups.
+The included `launch_tcpcryptd.sh` script adds iptable rules to divert all TCP
+traffic -- *except* that which is already encrypted, like SSH -- to tcpcryptd.
+Read on only for more complex firewall setups.
 
 The naive way to use tcpcryptd:
 

diff --git a/README.markdown b/README.markdown
@@ -22,10 +22,10 @@ Installing tcpcrypt
     make
     sudo ./launch_tcpcryptd.sh
 
-The launch script starts tcpcryptd and adds firewall rules to divert Web and
-local port 7777 (an arbitrarily chosen port number) traffic to tcpcryptd. When the script exits (on Ctrl-C or
-`kill`), it restores your firewall config to its former state--**no permanent
-changes are made**.
+The launch script starts tcpcryptd and adds firewall rules to divert all TCP
+traffic -- *except* that which is already encrypted, like SSH -- to tcpcryptd.
+When the script exits (on Ctrl-C or `kill`), it restores your firewall config
+to its former state -- *no permanent changes are made*.
 
 On Linux, you must first install libnfnetlink, libnetfilter_queue, and libcap.
 

diff --git a/user/util/tcnetstat.man b/user/util/tcnetstat.man
@@ -1,11 +1,15 @@
 .TH "tcnetstat" "8" "" "" ""
 .SH NAME
 .PP
-tcnetstat \- Print information about network connections protected by
-tcpcrypt
+\f[B]tcnetstat\f[] \- Print information about network connections
+protected by tcpcrypt
 .SH SYNOPSIS
 .PP
-tcnetstat
+\f[B]tcnetstat\f[]
+.SH DESCRIPTION
+.PP
+The \f[B]tcnetstat\f[] utility prints the \f[I]session id\f[] of each
+TCP connection that is currently being managed by \f[B]tcpcryptd\f[](8).
 .SH SEE ALSO
 .PP
-tcpcryptd(8), http://tcpcrypt.org/
+\f[B]tcpcryptd\f[](8), <http://tcpcrypt.org/>
diff --git a/user/util/tcnetstat.man.md b/user/util/tcnetstat.man.md
@@ -3,13 +3,18 @@
 
 # NAME
 
-tcnetstat - Print information about network connections protected by tcpcrypt
+__tcnetstat__ - Print information about network connections protected by tcpcrypt
 
 # SYNOPSIS
 
-tcnetstat
+__tcnetstat__
+
+# DESCRIPTION
+
+The __tcnetstat__ utility prints the _session id_ of each TCP connection
+that is currently being managed by __tcpcryptd__(8).
 
 # SEE ALSO
 
-tcpcryptd(8), http://tcpcrypt.org/
+__tcpcryptd__(8), [http://tcpcrypt.org/](http://tcpcrypt.org/)