docs: OpenBSD Man Pages Added

1 files changed, 124 insertions, 0 deletions

diff --git a/static/openbsd/man4/ipcomp.4 b/static/openbsd/man4/ipcomp.4
new file mode 100644
index 00000000..acd6f709
--- /dev/null
+++ b/static/openbsd/man4/ipcomp.4
@@ -0,0 +1,124 @@
+.\" $OpenBSD: ipcomp.4,v 1.17 2022/12/23 07:16:55 jmc Exp $
+.\"
+.\" Copyright (c) 2001 Jean-Jacques Bernard-Gundol <jj@wabbitt.org>
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+.\"
+.Dd $Mdocdate: December 23 2022 $
+.Dt IPCOMP 4
+.Os
+.Sh NAME
+.Nm ipcomp
+.Nd IP Payload Compression Protocol
+.Sh DESCRIPTION
+IPComp is enabled with the following
+.Xr sysctl 2
+variable in
+.Pa /etc/sysctl.conf :
+.Bl -tag -width xxxxxxxxxxxxxxxxxxxxx -offset indent
+.It net.inet.ipcomp.enable
+.El
+.Pp
+IPComp is a protocol used to reduce the size of IP datagrams.
+It can be used to enhance the communication performance between a pair
+of hosts/gateways, especially on slow links, by compressing the
+datagrams, provided the communicating entities have enough computational
+power.
+.Pp
+This protocol is especially useful when encryption or authentication
+is applied to IP datagrams using the IPsec protocol (see
+.Xr ipsec 4
+for more information about IPsec).
+Encrypting information is increasing its entropy to a point where
+compression to a lower layer becomes completely useless (e.g., the
+PPP Compression Control Protocol).
+IPcomp is applied at the network layer before other encryption
+operations are applied (except encryption protocols applied at a
+higher layer such as
+.Xr ssh 1
+or
+.Xr ssl 8 ) .
+.Pp
+Just like for the other IPsec protocols, IPComp needs some parameters
+for each connection, specifying how the compression should be done
+between the entities.
+The parameters are collected in a structure called an
+IPComp Association (IPCA).
+The parameters stored in an IPCA are the destination address and the
+Compression Parameter Index (CPI).
+An IPCA is the pendant of the SA (Security Association) for IPsec.
+.Pp
+Currently, IPCA can be created using the
+.Xr ipsecctl 8
+tool.
+Using
+.Xr ipsecctl 8
+it is also possible to create IPComp flows and SA/IPCA
+bundles.
+Such a bundle is used to create a combination of IPsec and IPComp
+flows (thus enabling compression in an IPsec protocol).
+.Pp
+The compression is done on the data following the IP header and an
+IPComp header is inserted between the compressed data and the IP
+header.
+In the case of IPv6, there are extension headers which cannot be
+compressed since they are modified by the router along the way to the
+destination.
+These extension headers are hop-by-hop, routing, and fragmentation.
+.Pp
+When doing compression, it is possible that the uncompressed data is
+smaller in size than the compressed data.
+To avoid this behaviour, a non expansion policy is used in IPComp.
+If the data payload is smaller than a given threshold, it will not be
+compressed.
+No IPComp header will be inserted.
+.Pp
+IPComp uses the same policy framework as IPsec.
+However unlike IPsec, only one policy is available for IPComp:
+.Bl -tag -width IPSEC_LEVEL_USE
+.It IPSEC_LEVEL_USE
+Use IPComp for sending packets but still accept packets which are not
+compressed.
+.El
+.Sh DIAGNOSTICS
+.Xr netstat 1
+can be used to obtain some statistics about IPComp usage:
+.Pp
+.Dl $ netstat -s -p ipcomp
+.Sh SEE ALSO
+.Xr enc 4 ,
+.Xr inet 4 ,
+.Xr ip 4 ,
+.Xr ipsec 4 ,
+.Xr netintro 4 ,
+.Xr ipsecctl 8 ,
+.Xr sysctl 8
+.Sh HISTORY
+The
+.Nm
+protocol first appeared in
+.Ox 3.0 .
+.Sh AUTHORS
+Support for the
+.Nm
+protocol was written by
+.An Jean-Jacques Bernard-Gundol Aq Mt jj@wabbitt.org .