From 7771e5d48f5ae509bf3eb97314992b869c7de750 Mon Sep 17 00:00:00 2001
From: Tom Eastep <teastep@shorewall.net>
Date: Tue, 7 Oct 2014 13:37:56 -0700
Subject: [PATCH] More ipset article tweaks

Signed-off-by: Tom Eastep <teastep@shorewall.net>
---
 docs/ipsets.xml | 27 +++++++++++++++------------
 1 file changed, 15 insertions(+), 12 deletions(-)

diff --git a/docs/ipsets.xml b/docs/ipsets.xml
index 3dc14bb0e..f2d1bff61 100644
--- a/docs/ipsets.xml
+++ b/docs/ipsets.xml
@@ -179,22 +179,25 @@ ACCEPT       net:+sshok  $FW      tcp      22</programlisting></para>
 
     <para>Beginning with Shorewall 4.6.4, SAVE_IPSETS is available in <ulink
     url="manpages6/shorewall6.conf.html">shorewall6-conf(5)</ulink>. When set
-    to Yes, the ipv6 ipsets will be set. You can also save selective ipsets by
-    setting SAVE_IPSETS to a comma-separated list of ipset names.</para>
+    to Yes, the ipv6 ipsets will be saved. You can also save selective ipsets
+    by setting SAVE_IPSETS to a comma-separated list of ipset names.</para>
 
-    <para>Prior to Shorewall 4.6.4, SAVE_IPSETS=Yes in shorewall.conf won't
-    work correctly because it saves both IPv4 and IPv6 ipsets. To work around
-    this issue, Shorewall-init is capable restoring ipset contents during
-    'start' and saving them during 'stop'. To direct Shorewall-init to
-    save/restore ipset contents, set the SAVE_IPSETS option in
+    <para>Prior to Shorewall 4.6.4, SAVE_IPSETS=Yes in <ulink
+    url="manpages/shorewall.conf.html">shorewall.conf(5)</ulink> won't work
+    correctly because it saves both IPv4 and IPv6 ipsets. To work around this
+    issue, Shorewall-init is capable restoring ipset contents during 'start'
+    and saving them during 'stop'. To direct Shorewall-init to save/restore
+    ipset contents, set the SAVE_IPSETS option in
     /etc/sysconfig/shorewall-init (/etc/default/shorewall-init on Debian and
     derivatives). The value of the option is a file name where the contents of
     the ipsets will be save to and restored from. Shorewall-init will create
-    any necessary directories during the first 'save' operation. If you
-    configure Shorewall-init to save/restore ipsets, be sure to set
-    SAVE_IPSETS=No in shorewall.conf and shorewall6.conf. If you configure
-    SAVE_IPSETS in both <ulink
-    url="manpages/shorewall.conf.html">shorewall.conf(5)</ulink> and <ulink
+    any necessary directories during the first 'save' operation.</para>
+
+    <para>If you configure Shorewall-init to save/restore ipsets, be sure to
+    set SAVE_IPSETS=No in shorewall.conf and shorewall6.conf.</para>
+
+    <para>If you configure SAVE_IPSETS in <ulink
+    url="manpages/shorewall.conf.html">shorewall.conf(5)</ulink> and/or <ulink
     url="manpages6/shorewall6.conf.html">shorewall6.conf(5)</ulink> then do
     not set SAVE_IPSETS in shorewall-init.</para>
   </section>