Add few "option", "command", and "filename" tags

Huge amount of tags in this chapter still missed
svn path=/head/; revision=23224
2004-12-15 15:08:34 +00:00 · 2004-12-15 15:08:34 +00:00 · ac6ca5366c · 2020-12-08 03:00:23 +00:00
commit ac6ca5366c
parent 86f3046b11
1 changed files with 14 additions and 12 deletions
--- a/en_US.ISO8859-1/books/handbook/firewalls/chapter.sgml
+++ b/en_US.ISO8859-1/books/handbook/firewalls/chapter.sgml
@ -437,8 +437,8 @@ ipnat_rules="/etc/ipnat.rules"    # rules definition file for ipnat</programlist

     <programlisting><command>ipf -Fa -f /etc/ipf.rules</command></programlisting>

-     <para>-Fa means flush all internal rules tables.</para>
-     <para>-f means this is the file to read for the rules to load.</para>
+     <para><option>-Fa</option> means flush all internal rules tables.</para>
+     <para><option>-f</option> means this is the file to read for the rules to load.</para>

     <para>This gives you the ability to make changes to their custom
       rules file, run the above IPF command thus updating the running
@ -491,7 +491,8 @@ ipnat_rules="/etc/ipnat.rules"    # rules definition file for ipnat</programlist
 <acronym>TCP</acronym> cksum fails(in): 0 (out): 0
 Packet log flags set: (0)</screen>

-      <para>When supplied with either -i for inbound or -o for outbound,
+      <para>When supplied with either <option>-i</option> for inbound
+	or <option>-o</option> for outbound,
        it will retrieve and display the appropriate list of filter
        rules currently installed and in use by the kernel.</para>

@ -521,8 +522,9 @@ ipnat_rules="/etc/ipnat.rules"    # rules definition file for ipnat</programlist
 354727 block out on dc0 from any to any
 430918 pass out quick on dc0 proto tcp/udp from any to any keep state</screen>

-      <para>One of the most important functions of the ipfstat command
-        is the -t flag which activates the display state table in a way
+      <para>One of the most important functions of the
+	<command>ipfstat</command> command is the <option>-t</option>
+	flag which activates the display state table in a way
        similar to the way &man.top.1; shows the &os; running process
        table. When your firewall is under attack this function gives
        you the ability to identify, drill down to, and see the
@ -539,7 +541,7 @@ ipnat_rules="/etc/ipnat.rules"    # rules definition file for ipnat</programlist
         kernel option IPFILTER_LOG must be turned on. This command has
         2 different modes it can be used in. Native mode is the default
         mode when you type the command on the command line without the
-         -D flag.</para>
+         <option>-D</option> flag.</para>

       <para>Daemon mode is for when you want to have a continuous
         system log file available so you can review logging of past
@ -548,7 +550,7 @@ ipnat_rules="/etc/ipnat.rules"    # rules definition file for ipnat</programlist
         rotate syslogs. That is why outputting the log information to
         syslogd is better than the default of outputting to a regular
         file. In <filename>rc.conf</filename> file you see the
-         ipmon_flags statement uses the "-Ds" flags</para>
+         ipmon_flags statement uses the <option>-Ds</option> flags</para>

       <programlisting>ipmon_flags="-Ds" # D = start as daemon
                  # s = log to syslog
@ -578,7 +580,7 @@ ipnat_rules="/etc/ipnat.rules"    # rules definition file for ipnat</programlist

       <para>Syslogd uses its own special method for segregation of log
         data. It uses special grouping called <quote>facility</quote>
-         and <quote>level.</quote> IPMON in -Ds mode uses Local0 as the
+         and <quote>level.</quote> IPMON in <option>-Ds</option> mode uses Local0 as the
         <quote>facility</quote> name. All IPMON logged data goes to
         Local0. The following levels can be used to further segregate
         the logged data if desired.</para>
@ -624,7 +626,7 @@ LOG_ERR - packets which have been logged and which can be considered short</scre
     <sect2>
       <title>The Format of Logged Messages</title>

-       <para>Messages generated by ipmon consist of data fields
+       <para>Messages generated by <command>ipmon</command> consist of data fields
         separated by white space. Fields common to all messages are:
         </para>

@ -650,7 +652,7 @@ LOG_ERR - packets which have been logged and which can be considered short</scre
         </listitem>
       </orderedlist>

-       <para>These can be viewed with ipfstat -in.<para>
+       <para>These can be viewed with <command>ipfstat -in</command>.<para>

       <orderedlist>
         <listitem>
@ -749,7 +751,7 @@ EOF

       <para>That is all there is to it. The rules are not important in
         this example, how the Symbolic substitution field are populated
-         and used are. If the above example was in /etc/ipf.rules.script
+         and used are. If the above example was in <filename>/etc/ipf.rules.script</filename>
         file, you could reload these rules by entering this on the command
         line:</para>

@ -1457,7 +1459,7 @@ block in log first quick on dc0 all
      <para>When changing the <acronym>NAT</acronym> rules after
        <acronym>NAT</acronym> has been started, Make your changes to
        the file containing the nat rules, then run ipnat command with
-        the -CF flags to delete the internal in use
+        the <option>-CF</option> flags to delete the internal in use
        <acronym>NAT</acronym> rules and flush the contents of the
        translation table of all active entries.</para>