Work around formatting glitches in man pages

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@4995 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb

manpages/shorewall-hosts.xml

@@ -96,24 +96,6 @@
               <para>The name of an <emphasis>ipset</emphasis>.</para>
             </listitem>
           </orderedlist>
-
-          <para>Examples:</para>
-
-          <simplelist>
-            <member>eth1:192.168.1.3</member>
-
-            <member>eth2:192.168.2.0/24</member>
-
-            <member>eth3:192.168.2.0/24,192.168.3.1</member>
-
-            <member>br0:eth4</member>
-
-            <member>br0:eth0:192.168.1.16/28</member>
-
-            <member>eth4:192.168.1.44-192.168.1.49</member>
-
-            <member>eth2:+Admin</member>
-          </simplelist>
         </listitem>
       </varlistentry>
 

manpages/shorewall-policy.xml

@@ -110,6 +110,29 @@
               <listitem>
                 <para>For TCP, send RST. For all other, send an "unreachable"
                 ICMP.</para>
+
+                <para>If the policy is DROP or REJECT then the policy may be
+                followed by ":" and one of the following:</para>
+
+                <orderedlist numeration="loweralpha">
+                  <listitem>
+                    <para>The word "None" or "none". This causes any default
+                    action defined in /etc/shorewall/shorewall.conf to be
+                    omitted for this policy.</para>
+                  </listitem>
+
+                  <listitem>
+                    <para>The name of an action (requires that USE_ACTIONS=Yes
+                    in shorewall.conf). That action will be invoked before the
+                    policy is enforced.</para>
+                  </listitem>
+
+                  <listitem>
+                    <para>The name of a macro. The rules in that macro will be
+                    applied before the policy is enforced. This does not
+                    require USE_ACTIONS=Yes.</para>
+                  </listitem>
+                </orderedlist>
               </listitem>
             </varlistentry>
 
@@ -139,29 +162,6 @@
               </listitem>
             </varlistentry>
           </variablelist>
-
-          <para>If the policy is DROP or REJECT then the policy may be
-          followed by ":" and one of the following:</para>
-
-          <orderedlist numeration="loweralpha">
-            <listitem>
-              <para>The word "None" or "none". This causes any default action
-              defined in /etc/shorewall/shorewall.conf to be omitted for this
-              policy.</para>
-            </listitem>
-
-            <listitem>
-              <para>The name of an action (requires that USE_ACTIONS=Yes in
-              shorewall.conf). That action will be invoked before the policy
-              is enforced.</para>
-            </listitem>
-
-            <listitem>
-              <para>The name of a macro. The rules in that macro will be
-              applied before the policy is enforced. This does not require
-              USE_ACTIONS=Yes.</para>
-            </listitem>
-          </orderedlist>
         </listitem>
       </varlistentry>
 

manpages/shorewall-route_rules.xml

@@ -77,7 +77,9 @@
 
         <listitem>
           <para>The rule's numeric <emphasis>priority</emphasis> which
-          determines the order in which the rules are processed.</para>
+          determines the order in which the rules are processed. Rules with
+          equal priority are applied in the order in which they appear in the
+          file.</para>
 
           <variablelist>
             <varlistentry>
@@ -106,9 +108,6 @@
               </listitem>
             </varlistentry>
           </variablelist>
-
-          <para>Rules with equal priority are applied in the order in which
-          they appear in the file.</para>
         </listitem>
       </varlistentry>
     </variablelist>

manpages/shorewall-rules.xml

@@ -318,12 +318,15 @@
                 parameter.</para>
 
                 <para>Example: FTP/ACCEPT.</para>
+
+                <programlisting></programlisting>
               </listitem>
             </varlistentry>
           </variablelist>
 
-          <para>The <emphasis role="bold">ACTION</emphasis> may optionally be
+          <blockquote>
-          followed by ":" and a syslog log level (e.g, REJECT:info or
+            <para>The <emphasis role="bold">ACTION</emphasis> may optionally
+            be followed by ":" and a syslog log level (e.g, REJECT:info or
             DNAT:debug). This causes the packet to be logged at the specified
             level.</para>
 
@@ -333,8 +336,8 @@
 
             <itemizedlist>
               <listitem>
-              <para>If the log level is followed by "!' then all rules in the
+                <para>If the log level is followed by "!' then all rules in
-              action are logged at the log level.</para>
+                the action are logged at the log level.</para>
               </listitem>
 
               <listitem>
@@ -350,8 +353,8 @@
             </itemizedlist>
 
             <para>You may also specify ULOG (must be in upper case) as a log
-          level.This will log to the ULOG target for routing to a separate log
+            level.This will log to the ULOG target for routing to a separate
-          through use of ulogd
+            log through use of ulogd
             (http://www.gnumonks.org/projects/ulogd).</para>
 
             <para>Actions specifying logging may be followed by a log tag (a
@@ -360,6 +363,7 @@
 
             <para>Example: ACCEPT:info:ftp would include 'ftp ' at the end of
             the log prefix generated by the LOGPREFIX setting.</para>
+          </blockquote>
         </listitem>
       </varlistentry>
 
@@ -458,12 +462,14 @@
             </varlistentry>
           </variablelist>
 
+          <blockquote>
             <para>Alternatively, clients may be specified by interface by
             appending ":" to the zone name followed by the interface name. For
             example, loc:eth1 specifies a client that communicates with the
             firewall system through eth1. This may be optionally followed by
-          another colon (":") and an IP/MAC/subnet address as described above
+            another colon (":") and an IP/MAC/subnet address as described
-          (e.g., loc:eth1:192.168.1.5).</para>
+            above (e.g., loc:eth1:192.168.1.5).</para>
+          </blockquote>
         </listitem>
       </varlistentry>
 
@@ -547,10 +553,12 @@
             </varlistentry>
           </variablelist>
 
+          <blockquote>
             <para>if the <emphasis role="bold">ACTION</emphasis> is <emphasis
             role="bold">REDIRECT</emphasis>, this column needs only to contain
             the port number on the firewall that the request should be
             redirected to.</para>
+          </blockquote>
         </listitem>
       </varlistentry>
 
@@ -631,12 +639,13 @@
             wrong.</para>
           </warning>
 
-          <para>If you don't want to restrict client ports but need to specify
+          <blockquote>
-          an <emphasis role="bold">ORIGINAL DEST</emphasis> in the next
+            <para>If you don't want to restrict client ports but need to
-          column, then place "-" in this column.</para>
+            specify an <emphasis role="bold">ORIGINAL DEST</emphasis> in the
+            next column, then place "-" in this column.</para>
 
-          <para>If your kernel contains multi-port match support, then only a
+            <para>If your kernel contains multi-port match support, then only
-          single Netfilter rule will be generated if in this list and the
+            a single Netfilter rule will be generated if in this list and the
             <emphasis role="bold">DEST PORT(S)</emphasis> list above:</para>
 
             <para>1. There are 15 or less ports listed.</para>
@@ -646,6 +655,7 @@
 
             <para>Otherwise, a separate rule will be generated for each
             port.</para>
+          </blockquote>
         </listitem>
       </varlistentry>