Improve formatting of 'rules' manpages

Signed-off-by: Tom Eastep <teastep@shorewall.net>

manpages/shorewall-rules.xml

@@ -413,57 +413,56 @@
                 <para>The older syntax where the macro name and the target are
                 separated by a slash (e.g. FTP/ACCEPT) is still allowed but is
                 deprecated.</para>
-
-                <para>The <emphasis role="bold">ACTION</emphasis> may
-                optionally be followed by ":" and a syslog log level (e.g,
-                REJECT:info or DNAT:debug). This causes the packet to be
-                logged at the specified level. Note that if the <emphasis
-                role="bold">ACTION</emphasis> involves destination network
-                address translation (DNAT, REDIRECT, etc.) then the packet is
-                logged <emphasis role="bold">before</emphasis> the destination
-                address is rewritten.</para>
-
-                <para>If the <emphasis role="bold">ACTION</emphasis> names an
-                <emphasis>action</emphasis> declared in <ulink
-                url="shorewall-actions.html">shorewall-actions</ulink>(5) or
-                in /usr/share/shorewall/actions.std then:</para>
-
-                <itemizedlist>
-                  <listitem>
-                    <para>If the log level is followed by "!' then all rules
-                    in the action are logged at the log level.</para>
-                  </listitem>
-
-                  <listitem>
-                    <para>If the log level is not followed by "!" then only
-                    those rules in the action that do not specify logging are
-                    logged at the specified level.</para>
-                  </listitem>
-
-                  <listitem>
-                    <para>The special log level <emphasis
-                    role="bold">none!</emphasis> suppresses logging by the
-                    action.</para>
-                  </listitem>
-                </itemizedlist>
-
-                <para>You may also specify <emphasis
-                role="bold">ULOG</emphasis> or <emphasis
-                role="bold">NFLOG</emphasis> (must be in upper case) as a log
-                level.This will log to the ULOG or NFLOG target for routing to
-                a separate log through use of ulogd (<ulink
-                url="http://www.netfilter.org/projects/ulogd/index.html">http://www.netfilter.org/projects/ulogd/index.html</ulink>).</para>
-
-                <para>Actions specifying logging may be followed by a log tag
-                (a string of alphanumeric characters) which is appended to the
-                string generated by the LOGPREFIX (in <ulink
-                url="shorewall.conf.html">shorewall.conf</ulink>(5)).</para>
-
-                <para>Example: ACCEPT:info:ftp would include 'ftp ' at the end
-                of the log prefix generated by the LOGPREFIX setting.</para>
               </listitem>
             </varlistentry>
           </variablelist>
+
+          <para>The <emphasis role="bold">ACTION</emphasis> may optionally be
+          followed by ":" and a syslog log level (e.g, REJECT:info or
+          DNAT:debug). This causes the packet to be logged at the specified
+          level. Note that if the <emphasis role="bold">ACTION</emphasis>
+          involves destination network address translation (DNAT, REDIRECT,
+          etc.) then the packet is logged <emphasis
+          role="bold">before</emphasis> the destination address is
+          rewritten.</para>
+
+          <para>If the <emphasis role="bold">ACTION</emphasis> names an
+          <emphasis>action</emphasis> declared in <ulink
+          url="shorewall-actions.html">shorewall-actions</ulink>(5) or in
+          /usr/share/shorewall/actions.std then:</para>
+
+          <itemizedlist>
+            <listitem>
+              <para>If the log level is followed by "!' then all rules in the
+              action are logged at the log level.</para>
+            </listitem>
+
+            <listitem>
+              <para>If the log level is not followed by "!" then only those
+              rules in the action that do not specify logging are logged at
+              the specified level.</para>
+            </listitem>
+
+            <listitem>
+              <para>The special log level <emphasis
+              role="bold">none!</emphasis> suppresses logging by the
+              action.</para>
+            </listitem>
+          </itemizedlist>
+
+          <para>You may also specify <emphasis role="bold">ULOG</emphasis> or
+          <emphasis role="bold">NFLOG</emphasis> (must be in upper case) as a
+          log level.This will log to the ULOG or NFLOG target for routing to a
+          separate log through use of ulogd (<ulink
+          url="http://www.netfilter.org/projects/ulogd/index.html">http://www.netfilter.org/projects/ulogd/index.html</ulink>).</para>
+
+          <para>Actions specifying logging may be followed by a log tag (a
+          string of alphanumeric characters) which is appended to the string
+          generated by the LOGPREFIX (in <ulink
+          url="shorewall.conf.html">shorewall.conf</ulink>(5)).</para>
+
+          <para>Example: ACCEPT:info:ftp would include 'ftp ' at the end of
+          the log prefix generated by the LOGPREFIX setting.</para>
         </listitem>
       </varlistentry>
 

manpages6/shorewall6-rules.xml

@@ -308,55 +308,51 @@
                 <para>The older syntax where the macro name and the target are
                 separated by a slash (e.g. FTP/ACCEPT) is still allowed but is
                 deprecated.</para>
-
-                <programlisting></programlisting>
               </listitem>
             </varlistentry>
           </variablelist>
 
-          <blockquote>
+          <para>The <emphasis role="bold">ACTION</emphasis> may optionally be
-            <para>The <emphasis role="bold">ACTION</emphasis> may optionally
+          followed by ":" and a syslog log level (e.g, REJECT:info or
-            be followed by ":" and a syslog log level (e.g, REJECT:info or
+          ACCEPT:debug). This causes the packet to be logged at the specified
-            ACCEPT:debug). This causes the packet to be logged at the
+          level.</para>
-            specified level.</para>
 
-            <para>If the <emphasis role="bold">ACTION</emphasis> names an
+          <para>If the <emphasis role="bold">ACTION</emphasis> names an
-            <emphasis>action</emphasis> declared in <ulink
+          <emphasis>action</emphasis> declared in <ulink
-            url="shorewall6-actions.html">shorewall6-actions</ulink>(5) or in
+          url="shorewall6-actions.html">shorewall6-actions</ulink>(5) or in
-            /usr/share/shorewall6/actions.std then:</para>
+          /usr/share/shorewall6/actions.std then:</para>
 
-            <itemizedlist>
+          <itemizedlist>
-              <listitem>
+            <listitem>
-                <para>If the log level is followed by "!' then all rules in
+              <para>If the log level is followed by "!' then all rules in the
-                the action are logged at the log level.</para>
+              action are logged at the log level.</para>
-              </listitem>
+            </listitem>
 
-              <listitem>
+            <listitem>
-                <para>If the log level is not followed by "!" then only those
+              <para>If the log level is not followed by "!" then only those
-                rules in the action that do not specify logging are logged at
+              rules in the action that do not specify logging are logged at
-                the specified level.</para>
+              the specified level.</para>
-              </listitem>
+            </listitem>
 
-              <listitem>
+            <listitem>
-                <para>The special log level <emphasis
+              <para>The special log level <emphasis
-                role="bold">none!</emphasis> suppresses logging by the
+              role="bold">none!</emphasis> suppresses logging by the
-                action.</para>
+              action.</para>
-              </listitem>
+            </listitem>
-            </itemizedlist>
+          </itemizedlist>
 
-            <para>You may also specify <emphasis role="bold">NFLOG</emphasis>
+          <para>You may also specify <emphasis role="bold">NFLOG</emphasis>
-            (must be in upper case) as a log level.This will log to the NFLOG
+          (must be in upper case) as a log level.This will log to the NFLOG
-            target for routing to a separate log through use of ulogd (<ulink
+          target for routing to a separate log through use of ulogd (<ulink
-            url="http://www.netfilter.org/projects/ulogd/index.html">http://www.netfilter.org/projects/ulogd/index.html</ulink>).</para>
+          url="http://www.netfilter.org/projects/ulogd/index.html">http://www.netfilter.org/projects/ulogd/index.html</ulink>).</para>
 
-            <para>Actions specifying logging may be followed by a log tag (a
+          <para>Actions specifying logging may be followed by a log tag (a
-            string of alphanumeric characters) which is appended to the string
+          string of alphanumeric characters) which is appended to the string
-            generated by the LOGPREFIX (in <ulink
+          generated by the LOGPREFIX (in <ulink
-            url="shorewall6.conf.html">shorewall6.conf</ulink>(5)).</para>
+          url="shorewall6.conf.html">shorewall6.conf</ulink>(5)).</para>
 
-            <para>Example: ACCEPT:info:ftp would include 'ftp ' at the end of
+          <para>Example: ACCEPT:info:ftp would include 'ftp ' at the end of
-            the log prefix generated by the LOGPREFIX setting.</para>
+          the log prefix generated by the LOGPREFIX setting.</para>
-          </blockquote>
         </listitem>
       </varlistentry>