I have been playing with
asciidoc for some time.
First I converted parts of the OpenBSD ksh man page to asciidoc. I ran into some trouble because I pasted from the man page text, and that gives a lot of single back ticks (`) in the text. In asciidoc the backtick delimits a command like:
.
The second newbie error was forgetting to handle the asterisk '*', that is used to mark text as bold:
Quote:
For historical reasons, open and
close braces may be used instead of in and esac e.g. case $foo {
*) echo bar; }.
|
The HTML output coped rather well with these errors, but the PDF generation stopped in the DocBook XML conversion, because XML tags were not matched.
Then I decided to convert parts of the more simple markup of
pf.conf(5). An small snippet:
Code:
The following actions can be used in the filter:
*block*::
The packet is blocked. There are a number of ways in which a *block*
rule can behave when blocking a packet. The default behaviour is
to drop packets silently, however this can be overridden or made
explicit either globally, by setting the *block-policy* option, or
on a per-rule basis with one of the following options:
*drop*;;
The packet is silently dropped.
*return*;;
This causes a TCP RST to be returned for TCP packets and
an ICMP UNREACHABLE for other types of packets.
*return-icmp*;;
*return-icmp6*;;
This causes ICMP messages to be returned for packets which
match the rule. By default this is an ICMP UNREACHABLE
message, however this can be overridden by specifying a
message as a code or number.
*return-rst*;;
This applies only to TCP packets, and issues a TCP RST which
closes the connection. An optional parameter, *ttl*, may
be given with a TTL value.
+
Options returning ICMP packets currently have no effect if pf(4)
operates on a bridge(4), as the code to support this feature has
not yet been implemented.
+
The simplest mechanism to block everything by default and only pass
packets that match explicit rules is specify a first filter rule
of:
+
--------------------
block all
--------------------
*match*::
The packet is matched. This mechanism is used to provide fine grained
filtering without altering the block/pass state of a packet. *match*
rules differ from *block* and *pass* rules in that parameters are
set every time a packet matches the rule, not only on the last
matching rule. For the following parameters, this means that the
parameter effectively becomes "sticky" until explicitly overridden:
*nat-to, binat-to, rdr-to, queue, rtable*, and *scrub*.
Attached are the asciidoc txt source, the HTML and PDF output, all in one *tgz file.