diff --git a/Shorewall-docs/dhcp.htm b/Shorewall-docs/dhcp.htm
deleted file mode 100644
index 84954d805..000000000
--- a/Shorewall-docs/dhcp.htm
+++ /dev/null
@@ -1,65 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
-<html>
-<head>
-  <meta http-equiv="Content-Language" content="en-us">
-  <meta http-equiv="Content-Type"
- content="text/html; charset=windows-1252">
-  <meta name="GENERATOR" content="Microsoft FrontPage 5.0">
-  <meta name="ProgId" content="FrontPage.Editor.Document">
-  <title>DHCP</title>
-</head>
-<body>
-<h1 style="text-align: center;">DHCP<br>
-</h1>
-<h2 align="left">If you want to Run a DHCP Server on your firewall</h2>
-<ul>
-  <li>
-    <p align="left">Specify the "dhcp" option on each interface to be
-served
-by your server in the <a href="Documentation.htm#Interfaces">/etc/shorewall/interfaces</a>
-file. This will generate rules that will allow DHCP to and from your
-firewall
-system. </p>
-  </li>
-  <li>
-    <p align="left">When starting "dhcpd", you need to list those
-interfaces on the run line. On a RedHat system, this is done by
-modifying /etc/sysconfig/dhcpd. </p>
-  </li>
-</ul>
-<h2 align="left">If a Firewall Interface gets its IP Address via DHCP</h2>
-<ul>
-  <li>
-    <p align="left">Specify the "dhcp" option for this interface in the
-    <a href="Documentation.htm#Interfaces">/etc/shorewall/interfaces</a>
-file.&nbsp;This will generate rules that will allow DHCP to and from
-your firewall system. </p>
-  </li>
-  <li>
-    <p align="left">If you know that the dynamic address is always
-going to
-be in the same subnet, you can specify the subnet address in the
-interface's entry in the <a href="Documentation.htm#Interfaces">/etc/shorewall/interfaces</a>
-file. </p>
-  </li>
-  <li>
-    <p align="left">If you don't know the subnet address in advance,
-you should specify "detect" for the interface's subnet address in the <a
- href="Documentation.htm#Interfaces">/etc/shorewall/interfaces</a> file
-and start Shorewall after the interface has started. </p>
-  </li>
-  <li>
-    <p align="left">In the event that the subnet address might change
-while Shorewall is started, you need to arrange for a "shorewall
-refresh" command to be executed when a new dynamic IP address gets
-assigned to the interface. Check your DHCP client's documentation. </p>
-  </li>
-</ul>
-<p align="left"><font size="2">Last updated 11/03/2002 - <a
- href="support.htm">Tom Eastep</a></font></p>
-<p><font face="Trebuchet MS"><a href="copyright.htm"><font size="2">Copyright</font>
-© <font size="2">2001, 2002 Thomas M. Eastep.</font></a></font></p>
-<br>
-<br>
-</body>
-</html>
diff --git a/Shorewall-docs/dhcp.xml b/Shorewall-docs/dhcp.xml
new file mode 100644
index 000000000..7d791f474
--- /dev/null
+++ b/Shorewall-docs/dhcp.xml
@@ -0,0 +1,90 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
+"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
+<article>
+  <!--$Id$-->
+
+  <articleinfo>
+    <title>DHCP</title>
+
+    <authorgroup>
+      <author>
+        <firstname>Tom</firstname>
+
+        <surname>Eastep</surname>
+      </author>
+    </authorgroup>
+
+    <pubdate>2002-11-03</pubdate>
+
+    <copyright>
+      <year>2001</year>
+
+      <year>2002</year>
+
+      <holder>Thomas M. Eastep</holder>
+    </copyright>
+
+    <legalnotice>
+      <para>Permission is granted to copy, distribute and/or modify this
+      document under the terms of the GNU Free Documentation License, Version
+      1.2 or any later version published by the Free Software Foundation; with
+      no Invariant Sections, with no Front-Cover, and with no Back-Cover
+      Texts. A copy of the license is included in the section entitled
+      <quote><ulink url="GnuCopyright.htm">GNU Free Documentation License</ulink></quote>.</para>
+    </legalnotice>
+  </articleinfo>
+
+  <section>
+    <title>If you want to Run a DHCP Server on your firewall</title>
+
+    <itemizedlist>
+      <listitem>
+        <para>Specify the &#34;dhcp&#34; option on each interface to be served
+        by your server in the /etc/shorewall/interfaces file. This will
+        generate rules that will allow DHCP to and from your firewall system.
+        </para>
+      </listitem>
+
+      <listitem>
+        <para>When starting &#34;dhcpd&#34;, you need to list those interfaces
+        on the run line. On a RedHat system, this is done by modifying
+        /etc/sysconfig/dhcpd. </para>
+      </listitem>
+    </itemizedlist>
+  </section>
+
+  <section>
+    <title>If a Firewall Interface gets its IP Address via DHCP</title>
+
+    <itemizedlist>
+      <listitem>
+        <para>Specify the &#34;dhcp&#34; option for this interface in the
+        <ulink url="Documentation.htm#Interfaces">/etc/shorewall/interfaces</ulink>
+        file.&#x00A0;This will generate rules that will allow DHCP to and from
+        your firewall system.</para>
+      </listitem>
+
+      <listitem>
+        <para>If you know that the dynamic address is always going to be in
+        the same subnet, you can specify the subnet address in the
+        interface&#39;s entry in the <ulink url="Documentation.htm#Interfaces">/etc/shorewall/interfaces</ulink>
+        file.</para>
+      </listitem>
+
+      <listitem>
+        <para>If you don&#39;t know the subnet address in advance, you should
+        specify &#34;detect&#34; for the interface&#39;s subnet address in the
+        <ulink url="Documentation.htm#Interfaces">/etc/shorewall/interfaces</ulink>
+        file and start Shorewall after the interface has started.</para>
+      </listitem>
+
+      <listitem>
+        <para>In the event that the subnet address might change while
+        Shorewall is started, you need to arrange for a &#34;shorewall
+        refresh&#34; command to be executed when a new dynamic IP address gets
+        assigned to the interface. Check your DHCP client&#39;s documentation.</para>
+      </listitem>
+    </itemizedlist>
+  </section>
+</article>
\ No newline at end of file