From bdavis@house.so14k.com  Sun Jan 23 09:21:08 2005
Return-Path: <bdavis@house.so14k.com>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 86E1016A4CE
	for <FreeBSD-gnats-submit@freebsd.org>; Sun, 23 Jan 2005 09:21:08 +0000 (GMT)
Received: from ender.liquidneon.com (ender.liquidneon.com [64.78.150.163])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 0F29043D31
	for <FreeBSD-gnats-submit@freebsd.org>; Sun, 23 Jan 2005 09:21:08 +0000 (GMT)
	(envelope-from bdavis@house.so14k.com)
Received: from localhost (localhost [127.0.0.1])
	by ender.liquidneon.com (Postfix) with ESMTP id 7528943DD
	for <FreeBSD-gnats-submit@freebsd.org>; Sun, 23 Jan 2005 02:21:07 -0700 (MST)
Received: from ender.liquidneon.com ([127.0.0.1])
 by localhost (ender.liquidneon.com [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id 14815-08 for <FreeBSD-gnats-submit@freebsd.org>;
 Sun, 23 Jan 2005 02:21:07 -0700 (MST)
Received: from mccaffrey.house.so14k.com (gw.house.so14k.com [216.87.87.128])
	by ender.liquidneon.com (Postfix) with ESMTP id 9E9E34378
	for <FreeBSD-gnats-submit@freebsd.org>; Sun, 23 Jan 2005 02:21:05 -0700 (MST)
Received: by mccaffrey.house.so14k.com (Postfix, from userid 1001)
	id B5E8CEB2; Sun, 23 Jan 2005 02:21:04 -0700 (MST)
Message-Id: <20050123092104.B5E8CEB2@mccaffrey.house.so14k.com>
Date: Sun, 23 Jan 2005 02:21:04 -0700 (MST)
From: Brad Davis <so14k@so14k.com>
Reply-To: Brad Davis <so14k@so14k.com>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: More punctuation and spacing changes for the firewall chapter.
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         76600
>Category:       docs
>Synopsis:       More punctuation and spacing changes for the firewall chapter.
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    keramida
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          doc-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sun Jan 23 09:30:25 GMT 2005
>Closed-Date:    Sun Jan 23 21:14:54 GMT 2005
>Last-Modified:  Sun Jan 23 21:14:54 GMT 2005
>Originator:     Brad Davis
>Release:        FreeBSD 4.10-STABLE i386
>Organization:
>Environment:
System: FreeBSD mccaffrey.house.so14k.com 4.10-STABLE FreeBSD 4.10-STABLE #0: Fri May 28 08:02:41 MDT 2004 root@mccaffrey.house.so14k.com:/usr/obj/usr/src/sys/MCCAFFREY i386
>Description:
	More punctuation and spacing changes for the firewall chapter. Note that the spacing changes are for the website so that we don't have spaces before periods.
>How-To-Repeat:
	
>Fix:
--- doc-ori/en_US.ISO8859-1/books/handbook/firewalls/chapter.sgml       Fri Jan 21 
11:05:20 2005
+++ doc/en_US.ISO8859-1/books/handbook/firewalls/chapter.sgml   Sun Jan 23 02:14:32 
2005
@@ -365,7 +365,7 @@
       <para>Sample kernel config IPF option statements are in the
        <filename>/usr/src/sys/conf/NOTES</filename> kernel source
        (<filename>/usr/src/sys/<replaceable>arch</replaceable>/conf/LINT</filename>
-       for &os;&nbsp;4.X) and are reproduced here.</para>
+       for &os;&nbsp;4.X) and are reproduced here:</para>
 
       <programlisting>options IPFILTER
 options IPFILTER_LOG
@@ -401,7 +401,7 @@
                                   # n = map IP & port to names</programlisting>
       <para>If you have a LAN behind this firewall that uses the
         reserved private IP address ranges, then you need to add the
-  following to enable <acronym>NAT</acronym> functionality.</para>
+  following to enable <acronym>NAT</acronym> functionality:</para>
 
       <programlisting>gateway_enable="YES"              # Enable as Lan gateway
 ipnat_enable="YES"                # Start ipnat function
@@ -414,7 +414,7 @@
      <para>The ipf command is used to load your rules file. Normally
        you create a file containing your custom rules and use this
        command to replace in mass the currently running firewall
-       internal rules.</para>
+       internal rules:</para>
 
      <programlisting><command>ipf -Fa -f /etc/ipf.rules</command></programlisting>
 
@@ -531,7 +531,7 @@
          rotate system logs. That is why outputting the log information to
          syslogd is better than the default of outputting to a regular
          file. In the default <filename>rc.conf</filename> file you see the
-         ipmon_flags statement uses the <option>-Ds</option> flags</para>
+         ipmon_flags statement uses the <option>-Ds</option> flags:</para>
 
        <programlisting>ipmon_flags="-Ds" # D = start as daemon
                   # s = log to syslog
@@ -564,7 +564,7 @@
          and <quote>level.</quote> IPMON in <option>-Ds</option> mode uses 
<literal>local0</literal> as the
          <quote>facility</quote> name. All IPMON logged data goes to
          <literal>local0</literal>. The following levels can be used to further 
segregate
-         the logged data if desired.</para>
+         the logged data if desired:</para>
 
        <screen>LOG_INFO - packets logged using the "log" keyword as the action rather 
than pass or block.
 LOG_NOTICE - packets logged which are also passed
@@ -583,8 +583,7 @@
          considerable flexibility in how syslog will deal with system
          messages issued by software applications like IPF.</para>
 
-       <para>Add the following statement to <filename>/etc/syslog.conf
-         </filename>:</para>
+       <para>Add the following statement to 
<filename>/etc/syslog.conf</filename></para>
 
        <programlisting>local0.* /var/log/ipfilter.log</programlisting>
 
@@ -751,8 +750,8 @@
 
        <para>Add a script like the following to your <filename>
          /usr/local/etc/rc.d/</filename> startup directory. The script
-         should have an obvious name like <filename>loadipfrules.sh
-         </filename>. The <filename>.sh</filename> extension is mandatory.</para>
+         should have an obvious name like <filename>loadipfrules.sh</filename>.
+         The <filename>.sh</filename> extension is mandatory.</para>
 
        <programlisting>#!/bin/sh
 sh /etc/ipf.rules.script</programlisting>
@@ -982,7 +981,7 @@
            <para>There is no way to match ranges of IP addresses which
              do not express themselves easily as mask-length. See this
              web page for help on writing mask-length:
-             <ulink url="http://jodies.de/ipcalc"></ulink></para>
+             <ulink url="http://jodies.de/ipcalc"></ulink>.</para>
          </sect3>
 
          <sect3>
@@ -1174,8 +1173,7 @@
 
       <para>Check out this link for port numbers used by Trojans
         <ulink
-        url="http://www.simovits.com/trojans/trojans.html"></ulink>
-          </para>
+        url="http://www.simovits.com/trojans/trojans.html"></ulink>.</para>
 
       <para>The following rule set is a complete very secure
         'inclusive' type of firewall rule set that I have used on my
@@ -1404,7 +1402,7 @@
         <acronym>NAT</acronym>ed private LAN IP address. According to
         RFC 1918, you can use the following IP ranges for private nets
         which will never be routed directly to the public
-        Internet.</para>
+        Internet:</para>
 
         <informaltable frame="none" pgwide="1">
           <tgroup cols="2">
@@ -1579,7 +1577,7 @@
           IP<acronym>NAT</acronym> to only use source ports in a
           range. For example the following rule will tell
           IP<acronym>NAT</acronym> to modify the source port to be
-          within that range.</para>
+          within that range:</para>
 
         <programlisting>map dc0 192.168.1.0/24 -> 0.32 portmap tcp/udp 
20000:60000</programlisting>
 
@@ -1628,13 +1626,13 @@
 
         <programlisting>map dc0 20.20.20.5/32 port 80 -> 10.0.10.25 port 
80</programlisting>
 
-        <para>or</para>
+        <para>Or:</para>
 
         <programlisting>map dc0 0/32 port 80 -> 10.0.10.25 port 80</programlisting>
 
-        <para>or for a LAN DNS Server on LAN address of <hostid
+        <para>Or for a LAN DNS Server on LAN address of <hostid
           role="ipaddr">10.0.10.33</hostid> that needs to receive
-          public DNS requests</para>
+          public DNS requests:</para>
 
         <programlisting>map dc0 20.20.20.5/32 port 53 -> 10.0.10.33 port 53 
udp</programlisting>
     </sect2>
>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-doc->keramida 
Responsible-Changed-By: keramida 
Responsible-Changed-When: Sun Jan 23 20:58:57 GMT 2005 
Responsible-Changed-Why:  
Working on this. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=76600 
State-Changed-From-To: open->closed 
State-Changed-By: keramida 
State-Changed-When: Sun Jan 23 21:14:45 GMT 2005 
State-Changed-Why:  
Committed, thanks. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=76600 
>Unformatted:
