From 391f2d38b74fbc5c268f1cba529c07a34b070c78 Mon Sep 17 00:00:00 2001
From: Marc Fonvieille <blackend@FreeBSD.org>
Date: Fri, 15 Aug 2003 12:28:17 +0000
Subject: [PATCH] Replace remaining ASCIIs in IPsec section with images.

---
 en_US.ISO8859-1/books/handbook/Makefile       |  3 ++
 .../books/handbook/security/chapter.sgml      | 36 +++++++++++++++----
 2 files changed, 33 insertions(+), 6 deletions(-)

diff --git a/en_US.ISO8859-1/books/handbook/Makefile b/en_US.ISO8859-1/books/handbook/Makefile
index dfb16d26e3..16bd023bd9 100644
--- a/en_US.ISO8859-1/books/handbook/Makefile
+++ b/en_US.ISO8859-1/books/handbook/Makefile
@@ -104,6 +104,9 @@ IMAGES_EN+= install/example-dir3.eps
 IMAGES_EN+= install/example-dir4.eps
 IMAGES_EN+= install/example-dir5.eps
 IMAGES_EN+= security/ipsec-network.pic
+IMAGES_EN+= security/ipsec-crypt-pkt.pic
+IMAGES_EN+= security/ipsec-encap-pkt.pic
+IMAGES_EN+= security/ipsec-out-pkt.pic
 IMAGES_EN+= vinum/vinum-concat.pic
 IMAGES_EN+= vinum/vinum-mirrored-vol.pic
 IMAGES_EN+= vinum/vinum-raid10-vol.pic
diff --git a/en_US.ISO8859-1/books/handbook/security/chapter.sgml b/en_US.ISO8859-1/books/handbook/security/chapter.sgml
index 06cb834207..c074e9b697 100644
--- a/en_US.ISO8859-1/books/handbook/security/chapter.sgml
+++ b/en_US.ISO8859-1/books/handbook/security/chapter.sgml
@@ -3534,19 +3534,33 @@ ipfw add 1 allow udp from W.X.Y.Z to A.B.C.D isakmp
  
        <para>So if your outgoing packet started looking like this:</para>
  
-       <screen>
+	<mediaobject>
+	  <imageobject>
+	    <imagedata fileref="security/ipsec-out-pkt" align="center">
+	  </imageobject>
+
+	  <textobject>
+	    <literallayout class="monospaced">
   .----------------------.
   | Src: 192.168.1.1     |
   | Dst: 192.168.2.1     |
   | &lt;other header info&gt;  |
   +----------------------+
   | &lt;packet data&gt;        |
-  `----------------------'</screen>
+  `----------------------'</literallayout>
+	  </textobject>
+	</mediaobject>
  
        <para>Then it will be encapsulated inside another packet, looking
          something like this:</para>
  
-       <screen>
+	<mediaobject>
+	  <imageobject>
+	    <imagedata fileref="security/ipsec-encap-pkt" align="center">
+	  </imageobject>
+
+	  <textobject>
+	    <literallayout class="monospaced">
   .--------------------------.
   | Src: A.B.C.D             |
   | Dst: W.X.Y.Z             |
@@ -3559,7 +3573,9 @@ ipfw add 1 allow udp from W.X.Y.Z to A.B.C.D isakmp
   | +----------------------+ |
   | | &lt;packet data&gt;        | |
   | `----------------------' |
-  `--------------------------'</screen>
+  `--------------------------'</literallayout>
+	  </textobject>
+	</mediaobject>
  
        <para>This encapsulation is carried out by the gif device.  As
          you can see, the packet now has real IP addresses on the outside,
@@ -3671,7 +3687,13 @@ ipfw add 1 allow ipencap from W.X.Y.Z to A.B.C.D
  
        <para>Outgoing packets will now look something like this.</para>
  
-       <screen>
+	<mediaobject>
+	  <imageobject>
+	    <imagedata fileref="security/ipsec-crypt-pkt" align="center">
+	  </imageobject>
+
+	  <textobject>
+	    <literallayout class="monospaced">
   .------------------------------.  --------------------------.
   | Src: A.B.C.D                 |                            |
   | Dst: W.X.Y.Z                 |                            |
@@ -3691,7 +3713,9 @@ ipfw add 1 allow ipencap from W.X.Y.Z to A.B.C.D
   | | `----------------------' | |  -'           |            |
   | `--------------------------' |  -------------'            |
   `------------------------------'  --------------------------'
-       </screen>
+	    </literallayout>
+	  </textobject>
+	</mediaobject>
 
        <para>When they are received by the far end of the VPN they will
          first be decrypted (using the security associations that have