Forth batch of mindless ID changes

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6697 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2025-06-19 17:28:35 +02:00 · 2007-06-28 20:41:32 +00:00 · 2007-06-28 20:41:32 +00:00 · f8afc6df84
commit f8afc6df84
parent d6f388a755
12 changed files with 108 additions and 342 deletions
--- a/docs/NetfilterOverview.xml
+++ b/docs/NetfilterOverview.xml
@ -36,7 +36,7 @@
    </legalnotice>
  </articleinfo>
-  <section>
+  <section id="Overview">
    <title>Netfilter Overview</title>
    <para>Netfilter consists of three tables: <emphasis
--- a/docs/PPTP.xml
+++ b/docs/PPTP.xml
@ -62,7 +62,7 @@
    work VPN.</para>
  </warning>
-  <section>
+  <section id="Prelim">
    <title>Preliminary Reading</title>
    <para>I recommend reading the <ulink url="VPNBasics.html">VPN
@ -250,7 +250,7 @@ esac</programlisting>
    <section id="ConfigFw">
      <title>Configuring Shorewall</title>
-      <section>
+      <section id="Basic">
        <title>Basic Setup</title>
        <para>Here' a basic setup that treats your remote users as if they
@ -270,7 +270,7 @@ pptpserver      net              0.0.0.0/0</programlisting>
 loc            ppp+</programlisting>
      </section>
-      <section>
+      <section id="Zones">
        <title>Remote Users in a Separate Zone</title>
        <para>If you want to place your remote users in their own zone so that
@ -303,7 +303,7 @@ vpn            ppp+</programlisting>
        to/from the <emphasis role="bold">vpn</emphasis> zone.</para>
      </section>
-      <section>
+      <section id="Hub">
        <title>Multiple Remote Networks</title>
        <para>Often there will be situations where you want multiple
--- a/docs/PacketHandling.xml
+++ b/docs/PacketHandling.xml
@ -36,7 +36,7 @@
    </legalnotice>
  </articleinfo>
-  <section>
+  <section id="Intro">
    <title>Introduction</title>
    <para>This article will try to help you understand how packets pass
@ -55,7 +55,7 @@
    appear.</para>
  </section>
-  <section>
+  <section id="Incoming">
    <title>Packets Entering the Firewall from Outside</title>
    <para>Certain processing occurs on packets entering the firewall from the
@ -180,7 +180,7 @@
    </itemizedlist>
  </section>
-  <section>
+  <section id="All">
    <title>All Packets</title>
    <para>Regardless of whether the packet originated on the firewall or came
@ -248,7 +248,7 @@
    </itemizedlist>
  </section>
-  <section>
+  <section id="Local">
    <title>Packets Originating on the Firewall</title>
    <para>Packets that originate on the firewall itself undergo additional
@ -271,7 +271,7 @@
    </itemizedlist>
  </section>
-  <section>
+  <section id="Egress">
    <title>Packets Leaving the Firewall</title>
    <para>Packets being sent to another host undergo additional
--- a/docs/PacketMarking.xml
+++ b/docs/PacketMarking.xml
@ -40,7 +40,7 @@
    earlier releases.</para>
  </caution>
-  <section>
+  <section id="Marks">
    <title>Packet and Connection Marks</title>
    <para>Perhaps no aspect of Shorewall causes more confusion than packet
@ -83,7 +83,7 @@ tcp      6 19 TIME_WAIT src=206.124.146.176 dst=192.136.34.98 sport=58597 dport=
    </important>
  </section>
-  <section>
+  <section id="Programs">
    <title>Packet Marking "Programs"</title>
    <para>Packet marking occurs in Netfilter's <emphasis>mangle</emphasis>
@ -210,7 +210,7 @@ tcp      6 19 TIME_WAIT src=206.124.146.176 dst=192.136.34.98 sport=58597 dport=
    </itemizedlist>
  </section>
-  <section>
+  <section id="Values">
    <title>Mark and Mask Values</title>
    <para>The mark value is held in a 32-bit field. Because packet marking is
@ -258,7 +258,7 @@ tcp      6 19 TIME_WAIT src=206.124.146.176 dst=192.136.34.98 sport=58597 dport=
    </itemizedlist>
  </section>
-  <section>
+  <section id="Shorewall">
    <title>Shorewall-defined Chains in the Mangle Table</title>
    <para>Shorewall creates a set of chains in the mangle table to hold rules
@ -307,7 +307,7 @@ tcp      6 19 TIME_WAIT src=206.124.146.176 dst=192.136.34.98 sport=58597 dport=
    (PREROUTING, FORWARD, etc.).</para>
  </section>
-  <section>
+  <section id="Examples">
    <title>An Example</title>
    <para>Here's the example (slightly expanded) from the comments at the top
@ -381,7 +381,7 @@ SAVE     0.0.0.0/0       0.0.0.0/0       all     -       -       -       !0   #R
    </orderedlist>
  </section>
-  <section>
+  <section id="Show">
    <title>Examining the Marking Programs on a Running System</title>
    <para>You can see the tcrules in action using the <command>shorewall show
--- a/docs/PortKnocking.xml
+++ b/docs/PortKnocking.xml
@ -43,7 +43,7 @@
    capabilities</command> to see if you have that match.</para>
  </note>
-  <section>
+  <section id="What">
    <title>What is Port Knocking?</title>
    <para>Port knocking is a technique whereby attempting to connect to port A
@ -53,7 +53,7 @@
    which should be considered to be part of this documentation.</para>
  </section>
-  <section>
+  <section id="How">
    <title>Implementing Port Knocking in Shorewall</title>
    <para>In order to implement this solution, your iptables and kernel must
@ -239,7 +239,7 @@ Limit:info:SSHA,3,60   net               $FW            tcp         22</programl
      </listitem>
    </itemizedlist>
-    <section>
+    <section id="LimitImp">
      <title>How Limit is Implemented</title>
      <para>For those who are curious, the Limit action is implemented in
--- a/docs/ProxyARP.xml
+++ b/docs/ProxyARP.xml
@ -75,7 +75,7 @@
  read the <ulink url="shorewall_setup_guide.htm">Shorewall Setup
  Guide</ulink>.</para>
-  <section>
+  <section id="Example">
    <title>Example</title>
    <para>The following figure represents a Proxy ARP environment.</para>
@ -185,7 +185,7 @@ iface eth1 inet static
    </warning>
  </section>
-  <section>
+  <section id="ARP">
    <title>ARP cache</title>
    <para>A word of warning is in order here. ISPs typically configure their
--- a/docs/ReleaseModel.xml
+++ b/docs/ReleaseModel.xml
@ -38,7 +38,7 @@
    </legalnotice>
  </articleinfo>
-  <section>
+  <section id="Releases">
    <title>Shorewall Releases</title>
    <orderedlist>
@ -129,7 +129,7 @@
  </section>
  <section>
-    <title>Old Release Model</title>
+    <title id="Old">Old Release Model</title>
    <para>This release model described above was adopted on 2004-07-03 and
    modified 2004-07-21. Prior to 2004-07-03, a different release model was
--- a/docs/ScalabilityAndPerformance.xml
+++ b/docs/ScalabilityAndPerformance.xml
@ -36,7 +36,7 @@
    </legalnotice>
  </articleinfo>
-  <section>
+  <section id="Intro">
    <title>Introduction</title>
    <para>The performance of the <emphasis role="bold">shorewall
@ -50,7 +50,7 @@
    to the use of Shorewall-perl if at all possible.</para>
  </section>
-  <section>
+  <section id="Groups">
    <title>Host Groups</title>
    <para>In this article, we will use the term <firstterm>host
@ -73,7 +73,7 @@
    <firstterm>zone</firstterm>.</para>
  </section>
-  <section>
+  <section id="GroupScale">
    <title>Scaling by Host Groups</title>
    <para>For each host group, it is possible to attempt connections to every
@ -93,7 +93,7 @@
    combinations.</para>
  </section>
-  <section>
+  <section id="ZoneScale">
    <title>Scaling by Zones</title>
    <para>A similar scaling issue applies to Shorewall zones. If there are
@ -106,7 +106,7 @@
    role="bold">Z</emphasis><superscript>2</superscript>.</para>
  </section>
-  <section>
+  <section id="Shorewall">
    <title>Scaling within the Shorewall Code</title>
    <para>Shorewall is written entirely in Bourne Shell. While this allows
@ -122,7 +122,7 @@
    scaling.</para>
  </section>
-  <section>
+  <section id="Improving">
    <title>Improving Performance</title>
    <para>Achieving good performance boils down to three things:</para>
--- a/docs/netmap.xml
+++ b/docs/netmap.xml
@ -36,7 +36,7 @@
    </legalnotice>
  </articleinfo>
-  <section>
+  <section id="Why">
    <title>Why use Network Mapping</title>
    <para>Network Mapping is most often used to resolve IP address conflicts.
@ -47,7 +47,7 @@
    re-addressing.</para>
  </section>
-  <section>
+  <section id="Solution">
    <title>Solution</title>
    <para>Shorewall NETMAP support is designed to supply a solution. The basic
@ -180,7 +180,7 @@ DNAT  10.10.11.0/24  vpn              192.168.1.0/24       #RULE 1B</programlist
 DNAT  10.10.10.0/24  vpn              192.168.1.0/24       #RULE 2A
 SNAT  192.168.1.0/24 vpn              10.10.10.0/24        #RULE 2B</programlisting>
-    <example>
+    <example id="Example1">
      <title>192.168.1.4 in the top cloud connects to 192.168.1.27 in the
      bottom cloud</title>
@ -284,7 +284,7 @@ SNAT  192.168.1.0/24 vpn              10.10.10.0/24        #RULE 2B</programlist
    </example>
  </section>
-  <section>
+  <section id="Notes">
    <title>Author's Notes</title>
    <para>This could all be made a bit simpler by eliminating the TYPE field
@ -302,7 +302,7 @@ SNAT  192.168.1.0/24 vpn              10.10.10.0/24        #RULE 2B</programlist
    network in the top cloud.</para>
  </section>
-  <section>
+  <section id="WhyTwo">
    <title>Can't I do this with one router? Why do I need two?</title>
    <para>I wrote this article before Shorewall included <ulink
--- a/docs/ping.xml
+++ b/docs/ping.xml
@ -45,7 +45,7 @@
    url="ports.htm">port information page</ulink>.</para>
  </note>
-  <section>
+  <section id="Ping">
    <title>'Ping' Management</title>
    <para>In Shorewall , ICMP echo-request's are treated just like any other
@ -96,40 +96,4 @@ Ping/DROP  net       $FW</programlisting>
    files to prevent your log from being flooded by messages generated from
    remote pinging.</para>
  </section>
  <appendix>
    <title>Revision History</title>
    <para><revhistory>
        <revision>
          <revnumber>1.3</revnumber>
          <date>2005-08-31</date>
          <authorinitials>CR</authorinitials>
          <revremark>Updated for Shorewall 3</revremark>
        </revision>
        <revision>
          <revnumber>1.2</revnumber>
          <date>2004-01-03</date>
          <authorinitials>TE</authorinitials>
          <revremark>Add traceroute reference</revremark>
        </revision>
        <revision>
          <revnumber>1.1</revnumber>
          <date>2003-08-23</date>
          <authorinitials>TE</authorinitials>
          <revremark>Initial version converted to Docbook XML</revremark>
        </revision>
      </revhistory></para>
  </appendix>
 </article>
--- a/docs/ports.xml
+++ b/docs/ports.xml
@ -49,7 +49,7 @@
    3.0.0 then please see the documentation for that release</emphasis></para>
  </caution>
-  <section>
+  <section id="Notes">
    <title>Important Notes</title>
    <note>
@ -84,7 +84,7 @@ FTP/DNAT       net       dmz:192.168.1.4  </programlisting>
    </note>
  </section>
-  <section>
+  <section id="Auth">
    <title>Auth (identd)</title>
    <caution>
@ -97,7 +97,7 @@ FTP/DNAT       net       dmz:192.168.1.4  </programlisting>
 Auth/ACCEPT     <emphasis> &lt;source&gt;</emphasis>  <emphasis>&lt;destination&gt;</emphasis></programlisting>
  </section>
-  <section>
+  <section id="BT">
    <title>BitTorrent</title>
    <caution>
@ -114,7 +114,7 @@ Auth/ACCEPT     <emphasis> &lt;source&gt;</emphasis>  <emphasis>&lt;destination&
 BitTorrent/ACCEPT <emphasis>&lt;source&gt;</emphasis>  <emphasis>&lt;destination&gt;</emphasis></programlisting>
  </section>
-  <section>
+  <section id="DNS">
    <title>DNS</title>
    <programlisting>#ACTION          SOURCE    DESTINATION      PROTO      DEST PORT(S)
@ -180,7 +180,7 @@ Edonkey/DNAT  net      loc:192.168.1.4
 DNAT        net      loc:192.168.1.4      tcp           4711</programlisting>
  </section>
-  <section>
+  <section id="FTP">
    <title>FTP</title>
    <programlisting>#ACTION        SOURCE    DESTINATION      PROTO      DEST PORT(S)
@ -190,7 +190,7 @@ FTP/ACCEPT     <emphasis>&lt;source&gt;</emphasis>  <emphasis>&lt;destination&gt
    information.</para>
  </section>
-  <section>
+  <section id="Gnutella">
    <title>Gnutella</title>
    <para><orderedlist>
@ -216,14 +216,14 @@ FTP/ACCEPT     <emphasis>&lt;source&gt;</emphasis>  <emphasis>&lt;destination&gt
 Gnutella/DNAT        net      loc:192.168.1.4</programlisting></para>
  </section>
-  <section>
+  <section id="ICQ">
    <title>ICQ/AIM</title>
    <programlisting>#ACTION     SOURCE    DESTINATION      PROTO      DEST PORT(S)
 ICQ/ACCEPT  <emphasis>&lt;source&gt;</emphasis>  net</programlisting>
  </section>
-  <section>
+  <section id="IMAP">
    <title>IMAP</title>
    <caution>
@ -241,7 +241,7 @@ IMAP/ACCEPT     <emphasis>&lt;source&gt;</emphasis>  <emphasis>&lt;destination&g
 IMAPS/ACCEPT    &lt;source&gt;  &lt;destination&gt; # IMAP over SSL.</programlisting>
  </section>
-  <section>
+  <section id="IPSEC">
    <title>IPSEC</title>
    <programlisting>#ACTION    SOURCE         DESTINATION      PROTO      DEST PORT(S)
@ -256,7 +256,7 @@ ACCEPT     <emphasis>&lt;destination&gt;</emphasis>  <emphasis>&lt;source&gt;</e
    url="VPN.htm">here</ulink>.</para>
  </section>
-  <section>
+  <section id="LDAP">
    <title>LDAP</title>
    <caution>
@ -268,8 +268,8 @@ LDAP/ACCEPT      <emphasis>&lt;source&gt;</emphasis>  <emphasis>     &lt;destina
 LDAPS/ACCEPT     <emphasis><emphasis>&lt;source&gt;</emphasis>  <emphasis>     &lt;destination&gt;</emphasis></emphasis><emphasis></emphasis>   # LDAP over SSL</programlisting>
  </section>
-  <section>
+  <section id="MySQL">
-    <title><trademark>MySQL</trademark></title>
+    <title><trademark>My\SQL</trademark></title>
    <caution>
      <para>This information is valid only for Shorewall 3.2 or later.</para>
@ -288,31 +288,32 @@ LDAPS/ACCEPT     <emphasis><emphasis>&lt;source&gt;</emphasis>  <emphasis>     &
 MySQL/ACCEPT      <emphasis>&lt;source&gt;</emphasis>  <emphasis>     &lt;destination&gt;</emphasis> <emphasis>    </emphasis></programlisting>
  </section>
-  <section>
+  <section id="NFS">
    <title>NFS</title>
    <programlisting>#ACTION    SOURCE                         DESTINATION      PROTO      DEST PORT(S)
 ACCEPT     <emphasis>&lt;z1&gt;</emphasis>:&lt;list of client IPs&gt;  <emphasis>    &lt;z2&gt;</emphasis>:a.b.c.d     tcp        111
 ACCEPT     <emphasis>&lt;z1&gt;</emphasis>:&lt;list of client IPs&gt;  <emphasis>    &lt;z2&gt;</emphasis>:a.b.c.d     udp</programlisting>
-    <para>For more NFS information, see <ulink url="http://lists.shorewall.net/~kb/">http://lists.shorewall.net/~kb/</ulink>.</para>
+    <para>For more NFS information, see <ulink
    url="http://lists.shorewall.net/~kb/">http://lists.shorewall.net/~kb/</ulink>.</para>
  </section>
-  <section>
+  <section id="NTP">
    <title>NTP (Network Time Protocol)</title>
    <programlisting>#ACTION        SOURCE    DESTINATION      PROTO      DEST PORT(S)
 NTP/ACCEPT     <emphasis>&lt;source&gt;</emphasis>  <emphasis>&lt;destination&gt;</emphasis></programlisting>
  </section>
-  <section>
+  <section id="PCA">
    <title><trademark>PCAnywhere</trademark></title>
    <programlisting>#ACTION        SOURCE    DESTINATION      PROTO      DEST PORT(S)
 PCA/ACCEPT     <emphasis>&lt;source&gt;</emphasis>  <emphasis>&lt;destination&gt;</emphasis></programlisting>
  </section>
-  <section>
+  <section id="POP3">
    <title>POP3</title>
    <caution>
@ -329,7 +330,7 @@ POP3/ACCEPT     <emphasis>&lt;source&gt;</emphasis>  <emphasis>&lt;destination&g
 POP3S/ACCEPT    &lt;source&gt;  &lt;destination&gt;  #Unsecure Pop3</programlisting>
  </section>
-  <section>
+  <section id="PPTP">
    <title>PPTP</title>
    <programlisting>#ACTION    SOURCE    DESTINATION      PROTO      DEST PORT(S)
@ -340,21 +341,21 @@ ACCEPT     <emphasis>&lt;source&gt;</emphasis>  <emphasis>&lt;destination&gt;</e
    url="VPN.htm">here</ulink>.</para>
  </section>
-  <section>
+  <section id="Rdate">
    <title>rdate</title>
    <programlisting>#ACTION          SOURCE    DESTINATION      PROTO      DEST PORT(S)
 Rdate/ACCEPT     <emphasis>&lt;source&gt;</emphasis>  <emphasis>&lt;destination&gt;</emphasis></programlisting>
  </section>
-  <section>
+  <section id="rsync">
    <title>rsync</title>
    <programlisting>#ACTION          SOURCE    DESTINATION      PROTO      DEST PORT(S)
 Rsync/ACCEPT     <emphasis>&lt;source&gt;</emphasis>  <emphasis>&lt;destination&gt;</emphasis></programlisting>
  </section>
-  <section>
+  <section id="Siproxd">
    <title>Siproxd</title>
    <caution>
@ -368,14 +369,14 @@ ACCEPT            net           fw           udp        5060
 ACCEPT     <emphasis>       net           fw           udp        7070:7089</emphasis><emphasis></emphasis></programlisting>
  </section>
-  <section>
+  <section id="SSH">
    <title>SSH/SFTP</title>
    <programlisting>#ACTION    SOURCE    DESTINATION      PROTO      DEST PORT(S)
 SSH/ACCEPT <emphasis>&lt;source&gt;</emphasis>  <emphasis>&lt;destination&gt;</emphasis> </programlisting>
  </section>
-  <section>
+  <section id="SMB">
    <title>SMB/NMB (Samba/<trademark>Windows</trademark> Browsing/File
    Sharing)</title>
@ -386,7 +387,7 @@ SMB/ACCEPT     <emphasis>&lt;destination&gt;</emphasis>  <emphasis>&lt;source&gt
    <para>Also, see <ulink url="samba.htm">this page</ulink>.</para>
  </section>
-  <section>
+  <section id="SMTP">
    <title>SMTP</title>
    <caution>
@ -398,14 +399,14 @@ SMTP/ACCEPT<emphasis>      &lt;source&gt;</emphasis>  <emphasis>&lt;destination&
 SMTPS/ACCEPT     <emphasis>&lt;source&gt;</emphasis>  <emphasis>&lt;destination&gt;</emphasis>                      #SMTP over SSL (TLS)</programlisting>
  </section>
-  <section>
+  <section id="SNMP">
    <title>SNMP</title>
    <programlisting>#ACTION         SOURCE    DESTINATION      PROTO      DEST PORT(S)
 SNMP/ACCEPT     <emphasis>&lt;source&gt;</emphasis>  <emphasis>&lt;destination&gt;</emphasis></programlisting>
  </section>
-  <section>
+  <section id="SVN">
    <title>SVN</title>
    <caution>
@ -421,7 +422,7 @@ SNMP/ACCEPT     <emphasis>&lt;source&gt;</emphasis>  <emphasis>&lt;destination&g
 SVN/ACCEPT     <emphasis>&lt;source&gt;</emphasis>  <emphasis>&lt;destination&gt;</emphasis></programlisting>
  </section>
-  <section>
+  <section id="Telnet">
    <title>Telnet</title>
    <caution>
@ -433,7 +434,7 @@ SVN/ACCEPT     <emphasis>&lt;source&gt;</emphasis>  <emphasis>&lt;destination&gt
 Telnet/ACCEPT     <emphasis>&lt;source&gt;</emphasis>  <emphasis>&lt;destination&gt;</emphasis></programlisting>
  </section>
-  <section>
+  <section id="TFTP">
    <title>TFTP</title>
    <para>You must have TFTP connection tracking support in your kernel. If
@ -450,7 +451,7 @@ Telnet/ACCEPT     <emphasis>&lt;source&gt;</emphasis>  <emphasis>&lt;destination
 ACCEPT     <emphasis>&lt;source&gt;</emphasis>  <emphasis>&lt;destination&gt;</emphasis>    udp        69</programlisting>
  </section>
-  <section>
+  <section id="Traceroute">
    <title>Traceroute</title>
    <programlisting>#ACTION          SOURCE    DESTINATION      PROTO      DEST PORT(S)
@ -469,7 +470,7 @@ ACCEPT     fw        loc              icmp
 ACCEPT     fw        ...</programlisting>
  </section>
-  <section>
+  <section id="NNTP">
    <title>Usenet (NNTP)</title>
    <programlisting>#ACTION         SOURCE    DESTINATION      PROTO      DEST PORT(S)
@ -479,7 +480,7 @@ NNTPS/ACCEPT    &lt;source&gt;  &lt;destination&gt;  # secure NNTP</programlisti
    <para>TCP Port 119</para>
  </section>
-  <section>
+  <section id="VNC">
    <title>VNC</title>
    <caution>
@ -502,19 +503,16 @@ VNC/ACCEPT     <emphasis>&lt;source&gt;</emphasis>  <emphasis>&lt;destination&gt
 VNCL/ACCEPT     <emphasis>&lt;source&gt;</emphasis>  <emphasis>&lt;destination&gt;</emphasis></programlisting>
  </section>
-  <section>
+  <section id="Vonage">
    <title><trademark>Vonage</trademark></title>
    <para>The standard Shorewall loc-&gt;net ACCEPT policy is all that is
    required for <trademark>Vonage</trademark> IP phone service to work,
    provided that you have loaded the tftp helper modules (add the following
    entries to /etc/shorewall/modules if they are not there already):</para>
    <programlisting>    loadmodule ip_conntrack_tftp
    loadmodule ip_nat_tftp</programlisting>
  </section>
-  <section>
+  <section id="Web">
    <title>Web Access</title>
    <caution>
@ -526,7 +524,7 @@ HTTP/ACCEPT     <emphasis>&lt;source&gt;</emphasis>  <emphasis>&lt;destination&g
 HTTPS/ACCEPT    &lt;source&gt;  &lt;destination&gt; #Secure   HTTP</programlisting>
  </section>
-  <section>
+  <section id="Webmin">
    <title>Webmin</title>
    <para><programlisting>#ACTION        SOURCE    DESTINATION      PROTO      DEST PORT(S)
@ -534,14 +532,14 @@ Webmin/ACCEPT     <emphasis>&lt;source&gt;</emphasis>  <emphasis>&lt;destination
    use TCP port 10000.</para>
  </section>
-  <section>
+  <section id="Whois">
    <title>Whois</title>
    <para><programlisting>#ACTION        SOURCE    DESTINATION      PROTO      DEST PORT(S)
 Whois/ACCEPT     <emphasis>&lt;source&gt;</emphasis>  <emphasis>&lt;destination&gt;</emphasis>  </programlisting></para>
  </section>
-  <section>
+  <section id="X">
    <title>X/XDMCP</title>
    <para>Assume that the Choser and/or X Server are running at
@ -553,7 +551,7 @@ ACCEPT     &lt;<emphasis>chooser</emphasis>&gt; &lt;<emphasis>apps</emphasis>&gt
 ACCEPT     &lt;<emphasis>apps</emphasis>&gt;    &lt;<emphasis>chooser</emphasis>&gt;        tcp        6000:6009   #X Displays 0-9</programlisting>
  </section>
-  <section>
+  <section id="Other">
    <title>Other Source of Port Information</title>
    <para>Didn't find what you are looking for -- have you looked in your own
@ -562,202 +560,4 @@ ACCEPT     &lt;<emphasis>apps</emphasis>&gt;    &lt;<emphasis>chooser</emphasis>
    <para>Still looking? Try <ulink
    url="http://www.networkice.com/advice/Exploits/Ports">http://www.networkice.com/advice/Exploits/Ports</ulink></para>
  </section>
  <appendix>
    <title>Revision History</title>
    <para><revhistory>
        <revision>
          <revnumber>1.18</revnumber>
          <date>2006-07-18</date>
          <authorinitials>CR</authorinitials>
          <revremark>Updated for Shorewall 3.2</revremark>
        </revision>
        <revision>
          <revnumber>1.18</revnumber>
          <date>2005-11-23</date>
          <authorinitials>CR</authorinitials>
          <revremark>Add Webmin info</revremark>
        </revision>
        <revision>
          <revnumber>1.17</revnumber>
          <date>2005-09-20</date>
          <authorinitials>TE</authorinitials>
          <revremark>More 3.0 Updates</revremark>
        </revision>
        <revision>
          <revnumber>1.16</revnumber>
          <date>2005-09-02</date>
          <authorinitials>CR</authorinitials>
          <revremark>Updated for Shorewall v3.0</revremark>
        </revision>
        <revision>
          <revnumber>1.15</revnumber>
          <date>2005-05-02</date>
          <authorinitials>TE</authorinitials>
          <revremark>Added Emule</revremark>
        </revision>
        <revision>
          <revnumber>1.14</revnumber>
          <date>2004-10-01</date>
          <authorinitials>TE</authorinitials>
          <revremark>Add rsync.</revremark>
        </revision>
        <revision>
          <revnumber>1.13</revnumber>
          <date>2004-09-21</date>
          <authorinitials>TE</authorinitials>
          <revremark>Add note about ICMP type 11 to Traceroute.</revremark>
        </revision>
        <revision>
          <revnumber>1.12</revnumber>
          <date>2004-09-09</date>
          <authorinitials>TE</authorinitials>
          <revremark>Add note about <trademark>Vonage</trademark>.</revremark>
        </revision>
        <revision>
          <revnumber>1.11</revnumber>
          <date>2004-05-28</date>
          <authorinitials>TE</authorinitials>
          <revremark>Corrected directory for actions.std and enhanced the DNS
          section.</revremark>
        </revision>
        <revision>
          <revnumber>1.10</revnumber>
          <date>2004-05-09</date>
          <authorinitials>TE</authorinitials>
          <revremark>Added TFTP.</revremark>
        </revision>
        <revision>
          <revnumber>1.9</revnumber>
          <date>2004-04-24</date>
          <authorinitials>TE</authorinitials>
          <revremark>Revised ICQ/AIM.</revremark>
        </revision>
        <revision>
          <revnumber>1.8</revnumber>
          <date>2004-04-23</date>
          <authorinitials>TE</authorinitials>
          <revremark>Added SNMP.</revremark>
        </revision>
        <revision>
          <revnumber>1.7</revnumber>
          <date>2004-02-18</date>
          <authorinitials>TE</authorinitials>
          <revremark>Make NFS work for everyone.</revremark>
        </revision>
        <revision>
          <revnumber>1.6</revnumber>
          <date>2004-02-14</date>
          <authorinitials>TE</authorinitials>
          <revremark>Add PCAnywhere.</revremark>
        </revision>
        <revision>
          <revnumber>1.5</revnumber>
          <date>2004-02-05</date>
          <authorinitials>TE</authorinitials>
          <revremark>Added information about VNC viewers in listen
          mode.</revremark>
        </revision>
        <revision>
          <revnumber>1.4</revnumber>
          <date>2004-01-26</date>
          <authorinitials>TE</authorinitials>
          <revremark>Correct ICQ.</revremark>
        </revision>
        <revision>
          <revnumber>1.3</revnumber>
          <date>2004-01-04</date>
          <authorinitials>TE</authorinitials>
          <revremark>Alphabetize</revremark>
        </revision>
        <revision>
          <revnumber>1.2</revnumber>
          <date>2004-01-03</date>
          <authorinitials>TE</authorinitials>
          <revremark>Add rules file entries.</revremark>
        </revision>
        <revision>
          <revnumber>1.1</revnumber>
          <date>2002-07-30</date>
          <authorinitials>TE</authorinitials>
          <revremark>Initial version converted to Docbook XML</revremark>
        </revision>
      </revhistory></para>
  </appendix>
 </article>
--- a/docs/quotes.xml
+++ b/docs/quotes.xml
@ -29,23 +29,23 @@
      1.2 or any later version published by the Free Software Foundation; with
      no Invariant Sections, with no Front-Cover, and with no Back-Cover
      Texts. A copy of the license is included in the section entitled
-      <quote><ulink url="GnuCopyright.htm">GNU Free Documentation License</ulink></quote>.</para>
+      <quote><ulink url="GnuCopyright.htm">GNU Free Documentation
      License</ulink></quote>.</para>
    </legalnotice>
  </articleinfo>
-  <section>
+  <section id="Quotes">
    <title>What Users are saying...</title>
    <blockquote>
      <attribution>AS, Poland</attribution>
      <para><emphasis>I want to say that Shorewall documentation is the best
-      I&#39;ve ever found on the net. It&#39;s helped me a lot in
+      I've ever found on the net. It's helped me a lot in understanding how
-      understanding how network is working. It is the best of breed. It
+      network is working. It is the best of breed. It contains not only
-      contains not only Shorewall specific topics with the assumption that all
+      Shorewall specific topics with the assumption that all the rest is well
-      the rest is well known, but also gives some very useful background
+      known, but also gives some very useful background information. Thank you
-      information. Thank you very much for this wonderful piece of work.
+      very much for this wonderful piece of work. </emphasis></para>
      </emphasis></para>
    </blockquote>
    <blockquote>
@ -63,12 +63,12 @@
    <blockquote>
      <attribution>SE, California, USA</attribution>
-      <para><emphasis>In two words, I&#39;d call Shorewall &#34;brilliant
+      <para><emphasis>In two words, I'd call Shorewall "brilliant simplicity".
-      simplicity&#34;. Define general rules of what it is you want to do, and
+      Define general rules of what it is you want to do, and let the software
-      let the software determine the specific rules on how to implement it.
+      determine the specific rules on how to implement it. It's great only
-      It&#39;s great only having to define specific rules for specific
+      having to define specific rules for specific instances. I have a much
-      instances. I have a much higher degree of confidence in my firewall than
+      higher degree of confidence in my firewall than I have had previously.
-      I have had previously. Thank you for Shorewall!.</emphasis></para>
+      Thank you for Shorewall!.</emphasis></para>
    </blockquote>
    <blockquote>
@ -84,7 +84,8 @@
      <attribution>JL, Ohio</attribution>
      <para><emphasis>I just installed Shorewall after weeks of messing with
-      ipchains/iptables and I had it up and running in under 20 minutes!</emphasis></para>
+      ipchains/iptables and I had it up and running in under 20
      minutes!</emphasis></para>
    </blockquote>
    <blockquote>
@ -124,8 +125,9 @@
    <blockquote>
      <attribution>B.R, Netherlands</attribution>
-      <para><emphasis>[Shorewall is a] great, great project. I&#39;ve
+      <para><emphasis>[Shorewall is a] great, great project. I've used/tested
-      used/tested may firewall scripts but this one is till now the best.</emphasis></para>
+      may firewall scripts but this one is till now the
      best.</emphasis></para>
    </blockquote>
    <blockquote>
@ -150,19 +152,19 @@
    <blockquote>
      <attribution>SE, US</attribution>
-      <para><emphasis>You have the best support of any other package I&#39;ve
+      <para><emphasis>You have the best support of any other package I've ever
-      ever used.</emphasis></para>
+      used.</emphasis></para>
    </blockquote>
    <blockquote>
      <attribution>Name withheld by request, Europe</attribution>
      <para><emphasis>Because our company has information which has been
-      classified by the national government as secret, our security
+      classified by the national government as secret, our security doesn't
-      doesn&#39;t stop by putting a fence around our company. Information
+      stop by putting a fence around our company. Information security is a
-      security is a hot issue. We also make use of checkpoint firewalls, but
+      hot issue. We also make use of checkpoint firewalls, but not all of the
-      not all of the internet servers are guarded by checkpoint, some of them
+      internet servers are guarded by checkpoint, some of them are
-      are running....Shorewall.</emphasis></para>
+      running....Shorewall.</emphasis></para>
    </blockquote>
    <blockquote>
@ -170,7 +172,7 @@
      <para><emphasis>thanx for all your efforts you put into shorewall - this
      product stands out against a lot of commercial stuff i´ve been working
-      with in terms of flexibillity, quality &#38; support</emphasis></para>
+      with in terms of flexibillity, quality &amp; support</emphasis></para>
    </blockquote>
    <blockquote>
@ -184,13 +186,13 @@
    <blockquote>
      <attribution>RP, Guatamala</attribution>
-      <para><emphasis>My respects... I&#39;ve just found and installed
+      <para><emphasis>My respects... I've just found and installed Shorewall
-      Shorewall 1.3.3-1 and it is a wonderful piece of software. I&#39;ve just
+      1.3.3-1 and it is a wonderful piece of software. I've just sent out an
-      sent out an email to about 30 people recommending it. :-)</emphasis></para>
+      email to about 30 people recommending it. :-)</emphasis></para>
      <para><emphasis>While I had previously taken the time (maybe 40 hours)
      to really understand ipchains, then spent at least an hour per server
-      customizing and carefully scrutinizing firewall rules, I&#39;ve got
+      customizing and carefully scrutinizing firewall rules, I've got
      shorewall running on my home firewall, with rulesets and policies that I
      know make sense, in under 20 minutes.</emphasis></para>
    </blockquote>