path: root/en_US.ISO8859-1/books/developers-handbook/ipv6/chapter.xml
diff options
Diffstat (limited to 'en_US.ISO8859-1/books/developers-handbook/ipv6/chapter.xml')
1 files changed, 3 insertions, 3 deletions
diff --git a/en_US.ISO8859-1/books/developers-handbook/ipv6/chapter.xml b/en_US.ISO8859-1/books/developers-handbook/ipv6/chapter.xml
index 568cc8ba35..6a51621e89 100644
--- a/en_US.ISO8859-1/books/developers-handbook/ipv6/chapter.xml
+++ b/en_US.ISO8859-1/books/developers-handbook/ipv6/chapter.xml
@@ -822,16 +822,16 @@ fe80:2::%ep0/64 link#2 UC ep0</screen>
packet processing code in the way BSD IPv4 code is
implemented, kernel stack may overflow due to long function
call chain. sys/netinet6 code is carefully designed to
- avoid kernel stack overflow. Because of this, sys/netinet6
+ avoid kernel stack overflow, so sys/netinet6
code defines its own protocol switch structure, as "struct
ip6protosw" (see
<filename>netinet6/ip6protosw.h</filename>). There is no
such update to IPv4 part (sys/netinet) for compatibility,
but small change is added to its pr_input() prototype. So
- "struct ipprotosw" is also defined. Because of this, if you
+ "struct ipprotosw" is also defined. As a result, if you
receive IPsec-over-IPv4 packet with massive number of IPsec
headers, kernel stack may blow up. IPsec-over-IPv6 is okay.
- (Off-course, for those all IPsec headers to be processed,
+ (Of-course, for those all IPsec headers to be processed,
each such IPsec header must pass each IPsec check. So an
anonymous attacker will not be able to do such an