diff --git a/external/bsd/blacklist/bin/blacklistd.8 b/external/bsd/blacklist/bin/blacklistd.8
index 3d4064c0f468..e2eb297ddc68 100644
--- a/external/bsd/blacklist/bin/blacklistd.8
+++ b/external/bsd/blacklist/bin/blacklistd.8
@@ -1,4 +1,4 @@
-.\" $NetBSD: blacklistd.8,v 1.21 2020/03/30 03:02:41 christos Exp $
+.\" $NetBSD: blacklistd.8,v 1.22 2020/03/30 08:45:09 wiz Exp $
 .\"
 .\" Copyright (c) 2015 The NetBSD Foundation, Inc.
 .\" All rights reserved.
@@ -68,7 +68,7 @@ Each entry contains a number of tries limit and a duration.
 The way
 .Nm
 does configuration entry matching is by having the client side pass the
-file dscriptor associated with the connection the client wants to blacklist
+file descriptor associated with the connection the client wants to blacklist
 as well as passing socket credentials.
 .Pp
 The file descriptor is used to retrieve information (address and port)
@@ -85,17 +85,17 @@ the port.
 By examining the optional address portion on the local side, it can match
 interfaces.
 By examining the remote address, it can match specific allow or deny rules.
-.Pp 
+.Pp
 Finally
 .Nm
 can examine the socket credentials to match the user in the configuration file.
 .Pp
 While this works well for TCP sockets, it cannot be relied on for unbound
-UDP sockets. 
+UDP sockets.
 It is also less meaningful when it comes to connections using non-privileged
 ports.
-On the other hand, if we receive a request that has a local endpoind indicating
-UDP privileged port, we can presume that the client was privileged to be
+On the other hand, if we receive a request that has a local endpoint indicating
+a UDP privileged port, we can presume that the client was privileged to be
 able to acquire that port.
 .Pp
 Once an entry is matched