From owner-freebsd-doc@FreeBSD.ORG  Sun Jan 23 09:30:25 2005
Return-Path: <owner-freebsd-doc@FreeBSD.ORG>
Delivered-To: freebsd-doc@hub.freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id C110116A4CE
	for <freebsd-doc@hub.freebsd.org>;
	Sun, 23 Jan 2005 09:30:25 +0000 (GMT)
Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 5842C43D4C
	for <freebsd-doc@hub.freebsd.org>;
	Sun, 23 Jan 2005 09:30:25 +0000 (GMT)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1])
	by freefall.freebsd.org (8.13.1/8.13.1) with ESMTP id j0N9UPwJ021887
	for <freebsd-doc@freefall.freebsd.org>; Sun, 23 Jan 2005 09:30:25 GMT
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.13.1/8.13.1/Submit) id j0N9UP62021886;
	Sun, 23 Jan 2005 09:30:25 GMT
	(envelope-from gnats)
Resent-Date: Sun, 23 Jan 2005 09:30:25 GMT
Resent-Message-Id: <200501230930.j0N9UP62021886@freefall.freebsd.org>
Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer)
Resent-To: freebsd-doc@FreeBSD.org
Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org,
	Brad Davis <so14k@so14k.com>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 86E1016A4CE
	for <FreeBSD-gnats-submit@freebsd.org>;
	Sun, 23 Jan 2005 09:21:08 +0000 (GMT)
Received: from ender.liquidneon.com (ender.liquidneon.com [64.78.150.163])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 0F29043D31
	for <FreeBSD-gnats-submit@freebsd.org>;
	Sun, 23 Jan 2005 09:21:08 +0000 (GMT)
	(envelope-from bdavis@house.so14k.com)
Received: from localhost (localhost [127.0.0.1])
	by ender.liquidneon.com (Postfix) with ESMTP id 7528943DD
	for <FreeBSD-gnats-submit@freebsd.org>;
	Sun, 23 Jan 2005 02:21:07 -0700 (MST)
Received: from ender.liquidneon.com ([127.0.0.1])
 by localhost (ender.liquidneon.com [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id 14815-08 for <FreeBSD-gnats-submit@freebsd.org>;
 Sun, 23 Jan 2005 02:21:07 -0700 (MST)
Received: from mccaffrey.house.so14k.com (gw.house.so14k.com [216.87.87.128])
	by ender.liquidneon.com (Postfix) with ESMTP id 9E9E34378
	for <FreeBSD-gnats-submit@freebsd.org>;
	Sun, 23 Jan 2005 02:21:05 -0700 (MST)
Received: by mccaffrey.house.so14k.com (Postfix, from userid 1001)
	id B5E8CEB2; Sun, 23 Jan 2005 02:21:04 -0700 (MST)
Message-Id: <20050123092104.B5E8CEB2@mccaffrey.house.so14k.com>
Date: Sun, 23 Jan 2005 02:21:04 -0700 (MST)
From: Brad Davis <so14k@so14k.com>
To: FreeBSD-gnats-submit@FreeBSD.org
X-Send-Pr-Version: 3.113
Subject: docs/76600: More punctuation and spacing changes for the firewall
	chapter.
X-BeenThere: freebsd-doc@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
Reply-To: Brad Davis <so14k@so14k.com>
List-Id: Documentation project <freebsd-doc.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-doc>,
	<mailto:freebsd-doc-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-doc>
List-Post: <mailto:freebsd-doc@freebsd.org>
List-Help: <mailto:freebsd-doc-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-doc>,
	<mailto:freebsd-doc-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 23 Jan 2005 09:30:25 -0000


>Number:         76600
>Category:       docs
>Synopsis:       More punctuation and spacing changes for the firewall chapter.
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-doc
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          doc-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sun Jan 23 09:30:25 GMT 2005
>Closed-Date:
>Last-Modified:
>Originator:     Brad Davis
>Release:        FreeBSD 4.10-STABLE i386
>Organization:
>Environment:
System: FreeBSD mccaffrey.house.so14k.com 4.10-STABLE FreeBSD 4.10-STABLE #0: Fri May 28 08:02:41 MDT 2004 root@mccaffrey.house.so14k.com:/usr/obj/usr/src/sys/MCCAFFREY i386
>Description:
	More punctuation and spacing changes for the firewall chapter. Note that the spacing changes are for the website so that we don't have spaces before periods.
>How-To-Repeat:
	
>Fix:
--- doc-ori/en_US.ISO8859-1/books/handbook/firewalls/chapter.sgml       Fri Jan 21 
11:05:20 2005
+++ doc/en_US.ISO8859-1/books/handbook/firewalls/chapter.sgml   Sun Jan 23 02:14:32 
2005
@@ -365,7 +365,7 @@
       <para>Sample kernel config IPF option statements are in the
        <filename>/usr/src/sys/conf/NOTES</filename> kernel source
        (<filename>/usr/src/sys/<replaceable>arch</replaceable>/conf/LINT</filename>
-       for &os;&nbsp;4.X) and are reproduced here.</para>
+       for &os;&nbsp;4.X) and are reproduced here:</para>
 
       <programlisting>options IPFILTER
 options IPFILTER_LOG
@@ -401,7 +401,7 @@
                                   # n = map IP & port to names</programlisting>
       <para>If you have a LAN behind this firewall that uses the
         reserved private IP address ranges, then you need to add the
-  following to enable <acronym>NAT</acronym> functionality.</para>
+  following to enable <acronym>NAT</acronym> functionality:</para>
 
       <programlisting>gateway_enable="YES"              # Enable as Lan gateway
 ipnat_enable="YES"                # Start ipnat function
@@ -414,7 +414,7 @@
      <para>The ipf command is used to load your rules file. Normally
        you create a file containing your custom rules and use this
        command to replace in mass the currently running firewall
-       internal rules.</para>
+       internal rules:</para>
 
      <programlisting><command>ipf -Fa -f /etc/ipf.rules</command></programlisting>
 
@@ -531,7 +531,7 @@
          rotate system logs. That is why outputting the log information to
          syslogd is better than the default of outputting to a regular
          file. In the default <filename>rc.conf</filename> file you see the
-         ipmon_flags statement uses the <option>-Ds</option> flags</para>
+         ipmon_flags statement uses the <option>-Ds</option> flags:</para>
 
        <programlisting>ipmon_flags="-Ds" # D = start as daemon
                   # s = log to syslog
@@ -564,7 +564,7 @@
          and <quote>level.</quote> IPMON in <option>-Ds</option> mode uses 
<literal>local0</literal> as the
          <quote>facility</quote> name. All IPMON logged data goes to
          <literal>local0</literal>. The following levels can be used to further 
segregate
-         the logged data if desired.</para>
+         the logged data if desired:</para>
 
        <screen>LOG_INFO - packets logged using the "log" keyword as the action rather 
than pass or block.
 LOG_NOTICE - packets logged which are also passed
@@ -583,8 +583,7 @@
          considerable flexibility in how syslog will deal with system
          messages issued by software applications like IPF.</para>
 
-       <para>Add the following statement to <filename>/etc/syslog.conf
-         </filename>:</para>
+       <para>Add the following statement to 
<filename>/etc/syslog.conf</filename></para>
 
        <programlisting>local0.* /var/log/ipfilter.log</programlisting>
 
@@ -751,8 +750,8 @@
 
        <para>Add a script like the following to your <filename>
          /usr/local/etc/rc.d/</filename> startup directory. The script
-         should have an obvious name like <filename>loadipfrules.sh
-         </filename>. The <filename>.sh</filename> extension is mandatory.</para>
+         should have an obvious name like <filename>loadipfrules.sh</filename>.
+         The <filename>.sh</filename> extension is mandatory.</para>
 
        <programlisting>#!/bin/sh
 sh /etc/ipf.rules.script</programlisting>
@@ -982,7 +981,7 @@
            <para>There is no way to match ranges of IP addresses which
              do not express themselves easily as mask-length. See this
              web page for help on writing mask-length:
-             <ulink url="http://jodies.de/ipcalc"></ulink></para>
+             <ulink url="http://jodies.de/ipcalc"></ulink>.</para>
          </sect3>
 
          <sect3>
@@ -1174,8 +1173,7 @@
 
       <para>Check out this link for port numbers used by Trojans
         <ulink
-        url="http://www.simovits.com/trojans/trojans.html"></ulink>
-          </para>
+        url="http://www.simovits.com/trojans/trojans.html"></ulink>.</para>
 
       <para>The following rule set is a complete very secure
         'inclusive' type of firewall rule set that I have used on my
@@ -1404,7 +1402,7 @@
         <acronym>NAT</acronym>ed private LAN IP address. According to
         RFC 1918, you can use the following IP ranges for private nets
         which will never be routed directly to the public
-        Internet.</para>
+        Internet:</para>
 
         <informaltable frame="none" pgwide="1">
           <tgroup cols="2">
@@ -1579,7 +1577,7 @@
           IP<acronym>NAT</acronym> to only use source ports in a
           range. For example the following rule will tell
           IP<acronym>NAT</acronym> to modify the source port to be
-          within that range.</para>
+          within that range:</para>
 
         <programlisting>map dc0 192.168.1.0/24 -> 0.32 portmap tcp/udp 
20000:60000</programlisting>
 
@@ -1628,13 +1626,13 @@
 
         <programlisting>map dc0 20.20.20.5/32 port 80 -> 10.0.10.25 port 
80</programlisting>
 
-        <para>or</para>
+        <para>Or:</para>
 
         <programlisting>map dc0 0/32 port 80 -> 10.0.10.25 port 80</programlisting>
 
-        <para>or for a LAN DNS Server on LAN address of <hostid
+        <para>Or for a LAN DNS Server on LAN address of <hostid
           role="ipaddr">10.0.10.33</hostid> that needs to receive
-          public DNS requests</para>
+          public DNS requests:</para>
 
         <programlisting>map dc0 20.20.20.5/32 port 53 -> 10.0.10.33 port 53 
udp</programlisting>
     </sect2>
>Release-Note:
>Audit-Trail:
>Unformatted: