diff --git a/en_US.ISO8859-1/books/handbook/firewalls/chapter.sgml b/en_US.ISO8859-1/books/handbook/firewalls/chapter.sgml
index c80e44627d..ae98fe7afd 100644
--- a/en_US.ISO8859-1/books/handbook/firewalls/chapter.sgml
+++ b/en_US.ISO8859-1/books/handbook/firewalls/chapter.sgml
@@ -2477,11 +2477,15 @@ options    IPV6FIREWALL_DEFAULT_TO_ACCEPT</programlisting>
 	    zero removes the logging limit.  Once the limit is
 	    reached, logging can be re-enabled by clearing the
 	    logging counter or the packet counter for that rule, see
-	    the ipfw reset log command.  Note: logging is done after
-	    all other packet matching conditions have been
-	    successfully verified, and before performing the final
-	    action (accept, deny) on the packet.  It is up to you to
-	    decide which rules you want to enable logging on.</para>
+	    the ipfw reset log command.</para>
+
+	  <note>
+	    <para>Logging is done after
+	      all other packet matching conditions have been
+	      successfully verified, and before performing the final
+	      action (accept, deny) on the packet.  It is up to you to
+	      decide which rules you want to enable logging on.</para>
+	    </note>
 	</sect4>
 
 	<sect4>