Correct manpages per Vieri Di Paolo's proofreading

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@4952 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb

manpages/shorewall-actions.xml

@@ -28,7 +28,7 @@
     <para>ACTION names should begin with an upper-case letter to distinguish
     them from Shorewall-generated chain names and they must meet the
     requirements of a Netfilter chain. If you intend to log from the action
-    then the name must be no longer than 11 character in length. Names must
+    then the name must be no longer than 11 characters in length. Names must
     also meet the requirements for a Bourne Shell identifier (must begin with
     a letter and be composed of letters, digits and underscore
     characters).</para>

manpages/shorewall-blacklist.xml

@@ -33,7 +33,7 @@
         <listitem>
           <para>Host address, network address, MAC address, IP address range
           (if your kernel and iptables contain iprange match support) or ipset
-          name prefaced by "+" (i your kernel supports ipset match).</para>
+          name prefaced by "+" (if your kernel supports ipset match).</para>
 
           <para>MAC addresses must be prefixed with "~" and use "-" as a
           separator.</para>
@@ -97,7 +97,7 @@
         <term>Example 2:</term>
 
         <listitem>
-          <para>To block some of the nuisance applicataion:</para>
+          <para>To block some of the nuisance applications:</para>
 
           <programlisting>        #ADDRESS/SUBNET         PROTOCOL        PORT
         -                       udp             1024:1033,1434

manpages/shorewall-hosts.xml

@@ -80,8 +80,8 @@
               <para>A physical port name; only allowed when the interface
               names a bridge created by the <command>brctl(8) addbr</command>
               command. This port must not be defined in
-              shorewall-interfaces(5) and may optionally followed by a colon
+              shorewall-interfaces(5) and may be optionally followed by a
-              (":") and a host or network IP or a range. See
+              colon (":") and a host or network IP or a range. See
               http://www.shorewall.net/bridge.html for details. Specifying a
               physical port name requires that you have BRIDGING=Yes in
               shorewall.conf(5).</para>

manpages/shorewall-interfaces.xml

@@ -202,7 +202,7 @@ loc     eth2            -</programlisting>
                 /proc/sys/net/ipv4/conf/<emphasis>interface</emphasis>/proxy_arp.
                 Do NOT use this option if you are employing Proxy ARP through
                 entries in shorewall-proxyarp(5). This option is intended
-                soley for use with Proxy ARP sub-networking as described at:
+                solely for use with Proxy ARP sub-networking as described at:
                 http://www.tldp.org/HOWTO/mini/Proxy-ARP-Subnet</para>
               </listitem>
             </varlistentry>
@@ -298,8 +298,8 @@ loc     eth2            -</programlisting>
                 source-routed packets will not be accepted from that interface
                 (sets
                 /proc/sys/net/ipv4/conf/<emphasis>interface</emphasis>/accept_source_route
-                to 1). Only set this option if you know what you are you
+                to 1). Only set this option if you know what you are doing.
-                doing. This might represent a security risk and is not usually
+                This might represent a security risk and is not usually
                 needed.</para>
               </listitem>
             </varlistentry>

manpages/shorewall-masq.xml

@@ -86,9 +86,9 @@
           firewall (Shorewall will use your main routing table to determine
           the appropriate addresses to masquerade).</para>
 
-          <para>In order to exclude a addrress of the specified SOURCE, you
+          <para>In order to exclude a address of the specified SOURCE, you may
-          may append "!" and a comma-separated list of IP addresses (host or
+          append "!" and a comma-separated list of IP addresses (host or net)
-          net) that you wish to exclude.</para>
+          that you wish to exclude.</para>
 
           <para>Example: eth1!192.168.1.4,192.168.32.0/27</para>
 
@@ -340,8 +340,8 @@
         <listitem>
           <para>You want all outgoing traffic from 192.168.1.0/24 through eth0
           to use source address 206.124.146.176 which is NOT the primary
-          address of eth0. You want 206.124.146.176 added to be added to eth0
+          address of eth0. You want 206.124.146.176 to be added to eth0 with
-          with name eth0:0.</para>
+          name eth0:0.</para>
 
           <programlisting>        #INTERFACE              SOURCE          ADDRESS
         eth0:0                  192.168.1.0/24  206.124.146.176</programlisting>

manpages/shorewall-policy.xml

@@ -36,7 +36,7 @@
     <important>
       <para>Intra-zone policies are pre-defined</para>
 
-      <para>For $FW and for all of the zoned defined in /etc/shorewall/zones,
+      <para>For $FW and for all of the zones defined in /etc/shorewall/zones,
       the POLICY for connections from the zone to itself is ACCEPT (with no
       logging or TCP connection rate limiting but may be overridden by an
       entry in this file. The overriding entry must be explicit (cannot use
@@ -121,9 +121,10 @@
                 SOURCE to this DEST. Shorewall will not create any
                 infrastructure to handle such packets and you may not have any
                 rules with this SOURCE and DEST in the /etc/shorewall/rules
-                file such a packet _is_ received, the result is undefined.
+                file. If such a packet <emphasis role="bold">is</emphasis>
-                NONE may not be used if the SOURCE or DEST columns contain the
+                received, the result is undefined. NONE may not be used if the
-                firewall zone ($FW) or "all".</para>
+                SOURCE or DEST columns contain the firewall zone ($FW) or
+                "all".</para>
               </listitem>
             </varlistentry>
           </variablelist>
@@ -163,8 +164,8 @@
           levels.</para>
 
           <para>You may also specify ULOG (must be in upper case). This will
-          log to the ULOG target and sent to a separate log through use of
+          log to the ULOG target and will send to a separate log through use
-          ulogd (http://www.gnumonks.org/projects/ulogd).</para>
+          of ulogd (http://www.gnumonks.org/projects/ulogd).</para>
 
           <para>If you don't want to log but need to specify the following
           column, place "-" here.</para>

manpages/shorewall-providers.xml

@@ -163,8 +163,8 @@
               <term><emphasis role="bold">optional</emphasis></term>
 
               <listitem>
-                <para> If the interface named in the INTERFACE column is not
+                <para>If the interface named in the INTERFACE column is not up
-                up and configured with an IPv4 address then ignore this
+                and configured with an IPv4 address then ignore this
                 provider.</para>
               </listitem>
             </varlistentry>
@@ -176,7 +176,7 @@
         <term><emphasis role="bold">COPY</emphasis></term>
 
         <listitem>
-          <para>A comma-separated lists of other interfaces on your firewall.
+          <para>A comma-separated list of other interfaces on your firewall.
           Usually used only when DUPLICATE is 'main'. Only copy routes through
           INTERFACE and through interfaces listed here. If you only wish to
           copy routes through INTERFACE, enter 'none' here.</para>

manpages/shorewall-route_rules.xml

@@ -133,7 +133,7 @@
           multiple providers. In this case you have to set up a rule to ensure
           that the OpenVPN traffic is routed back through the tunX
           interface(s) rather than through any of the providers. 10.8.0.0/24
-          is the subnet choosen in your OpenVPN configuration (server 10.8.0.0
+          is the subnet chosen in your OpenVPN configuration (server 10.8.0.0
           255.255.255.0).</para>
 
           <programlisting>         #SOURCE                 DEST            PROVIDER        PRIORITY

manpages/shorewall-rules.xml

@@ -265,7 +265,7 @@
 
               <listitem>
                 <para>the rest of the line will be attached as a comment to
-                the Netfilter rule(s) generated by the following entres. The
+                the Netfilter rule(s) generated by the following entrIes. The
                 comment will appear delimited by "/* ... */" in the output of
                 "shorewall show &lt;chain&gt;". To stop the comment from being
                 attached to further rules, simply include COMMENT on a line by
@@ -378,7 +378,7 @@
           <para>Hosts may be specified as an IP address range using the syntax
           <emphasis>lowaddress</emphasis>-<emphasis>highaddress</emphasis>.
           This requires that your kernel and iptables contain iprange match
-          support. If you kernel and iptables have ipset match support then
+          support. If your kernel and iptables have ipset match support then
           you may give the name of an ipset prefaced by "+". The ipset name
           may be optionally followed by a number from 1 to 6 enclosed in
           square brackets ([]) to indicate the number of levels of source
@@ -650,8 +650,8 @@
         <term><emphasis role="bold">RATE LIMIT</emphasis> (Optional)</term>
 
         <listitem>
-          <para>You may rate-limit the rule by placing a value in this column:
+          <para>You may rate-limit the rule by placing a value in this
-          </para>
+          column:</para>
 
           <para><emphasis>rate</emphasis>/<emphasis>interval</emphasis>[:<emphasis>burst</emphasis>]
           where <emphasis>rate</emphasis> is the number of connections per
@@ -675,8 +675,8 @@
           <para>The column may contain:</para>
 
           <para>[!][<emphasis>user name or number</emphasis>][:<emphasis>group
-          name or number</emphasis>][+<emphasis>program name</emphasis>]
+          name or number</emphasis>][+<emphasis>program
-          </para>
+          name</emphasis>]</para>
 
           <para>When this column is non-empty, the rule applies only if the
           program generating the output is running under the effective