fix formatting in network documentation

docs/chapters/networking.rst

@@ -165,12 +165,7 @@ Create the firewall rules:
   set skip on lo
 
   table <jails> persist
-  nat on $ext_if from <jails> to any -> ($ext_if)
+  nat on $ext_if from <jails> to any -> ($ext_if:0)
-
-  ## static rdr example
-  ## rdr pass inet proto tcp from any to any port {80, 443} -> 10.17.89.45
-
-  ## dynamic rdr anchor (see below)
   rdr-anchor "rdr/*"
 
   block in all
@@ -178,10 +173,6 @@ Create the firewall rules:
   antispoof for $ext_if inet
   pass in inet proto tcp from any to any port ssh flags S/SA modulate state
 
-  # If you are using dynamic rdr also need to ensure that the external port
-  # range you are using is open
-  # pass in inet proto tcp from any to any port <rdr-start>:<rdr-end>
-
 - Make sure to change the `ext_if` variable to match your host system interface.
 - Make sure to include the last line (`port ssh`) or you'll end up locked out.
 
@@ -192,9 +183,6 @@ to containers are:
 
   nat on $ext_if from <jails> to any -> ($ext_if)
 
-  ## static rdr example
-  ## rdr pass inet proto tcp from any to any port {80, 443} -> 10.17.89.45
-
 The `nat` routes traffic from the loopback interface to the external
 interface for outbound access.
 
@@ -202,12 +190,15 @@ The `rdr pass ...` will redirect traffic from the host firewall on port X to
 the ip of Container Y. The example shown redirects web traffic (80 & 443) to the
 containers at `10.17.89.45`.
 
-  ## dynamic rdr anchor (see below)  
+.. code-block:: shell
+
   rdr-anchor "rdr/*"
 
 The `rdr-anchor "rdr/*"` enables dynamic rdr rules to be setup using the
 `bastille rdr` command at runtime - eg.
 
+.. code-block:: shell
+
   bastille rdr <jail> tcp 2001 22 # Redirects tcp port 2001 on host to 22 on jail
   bastille rdr <jail> udp 2053 53 # Same for udp
   bastille rdr <jail> list        # List dynamic rdr rules