- Fix make-related markup [1]

- Mark up racoon with application element [2]

PR:		docs/123335 [1], docs/123332 [2]
Submitted by:	pgj

en_US.ISO8859-1/books/handbook/security/chapter.sgml

@@ -2966,11 +2966,11 @@ define(`confTLS_SRV_OPTIONS', `V')dnl</programlisting>
 	is the directory to be used for storing the certificate
 	and key files locally.  The last few requirements are a rebuild
 	of the local <filename>.cf</filename> file.  This is easily
-	achieved by typing <command>make</command>
-	<parameter>install</parameter> within the
+	achieved by typing <command>make
+	<maketarget>install</maketarget></command> within the
 	<filename class="directory">/etc/mail</filename>
-	directory.  Follow that up with <command>make</command>
-	<parameter>restart</parameter> which should start the
+	directory.  Follow that up with <command>make
+	<maketarget>restart</maketarget></command> which should start the
 	<application>Sendmail</application> daemon.</para>
 
       <para>If all went well there will be no error messages in the
@@ -3640,7 +3640,7 @@ options IPSEC_ESP
  
        <para>There are a number of choices for daemons to manage
          security associations with FreeBSD.  This article will describe
-         how to use one of these, racoon&nbsp;&mdash; which is available from
+         how to use one of these, <application>racoon</application> &mdash; which is available from
 	 <filename role="package">security/ipsec-tools</filename> in the &os; Ports
 	 collection.</para>
  
@@ -3662,14 +3662,14 @@ options IPSEC_ESP
          gets) it will not do them much good -- by the time they have cracked
          the key the two daemons have chosen another one.</para>
  
-       <para>The configuration file for racoon is stored in
+       <para>The configuration file for <application>racoon</application> is stored in
          <filename>${PREFIX}/etc/racoon</filename>.  You should find a
          configuration file there, which should not need to be changed
-         too much.  The other component of racoon's configuration,
+         too much.  The other component of <application>racoon</application>'s configuration,
          which you will need to change, is the <quote>pre-shared
          key</quote>.</para>
  
-       <para>The default racoon configuration expects to find this in
+       <para>The default <application>racoon</application> configuration expects to find this in
          the file <filename>${PREFIX}/etc/racoon/psk.txt</filename>.  It is important to note
          that the pre-shared key is <emphasis>not</emphasis> the key that will be used to
          encrypt your traffic across the VPN link, it is simply a token
@@ -3696,9 +3696,9 @@ options IPSEC_ESP
        <para>That is, the public IP address of the remote end, and the
          same secret key.  <filename>psk.txt</filename> must be mode
          <literal>0600</literal> (i.e., only read/write to
-         <username>root</username>) before racoon will run.</para>
+         <username>root</username>) before <application>racoon</application> will run.</para>
  
-       <para>You must run racoon on both gateway machines.  You will
+       <para>You must run <application>racoon</application> on both gateway machines.  You will
          also need to add some firewall rules to allow the IKE traffic,
          which is carried over UDP to the ISAKMP (Internet Security Association
          Key Management Protocol) port.  Again, this should be fairly early in
@@ -3708,9 +3708,9 @@ options IPSEC_ESP
 ipfw add 1 allow udp from W.X.Y.Z to A.B.C.D isakmp
        </programlisting>
  
-       <para>Once racoon is running you can try pinging one gateway host
+       <para>Once <application>racoon</application> is running you can try pinging one gateway host
          from the other.  The connection is still not encrypted, but
-         racoon will then set up the security associations between the two
+         <application>racoon</application> will then set up the security associations between the two
          hosts -- this might take a moment, and you may see this as a
          short delay before the ping commands start responding.</para>
  
@@ -3925,7 +3925,7 @@ ipfw add 1 allow ipencap from W.X.Y.Z to A.B.C.D
 
        <para>When they are received by the far end of the VPN they will
          first be decrypted (using the security associations that have
-         been negotiated by racoon).  Then they will enter the
+         been negotiated by <application>racoon</application>).  Then they will enter the
          <devicename>gif</devicename> interface, which will unwrap
          the second layer, until you are left with the innermost
          packet, which can then travel in to the inner network.</para>