fix README.md

README.md

@@ -14,24 +14,28 @@ minute on my rather modest Linode virtual server to have a chance of stopping
 them. I hope you find this code useful.
 
 ##Configuration
+
 *ban2fail* works from a configuration file found at
 "/etc/ban2fail/ban2fail.cfg".  The overarching premise is that if any REGEX
 appearing in a LOGTYPE clause matches a line in an associated log file, then by
 default that IP will be blocked.
 
->LOGTYPE auth {
->   DIR= /var/log
->   PREFIX= auth.log
->
->   REGEX= imapd.*Login failed.*\[([0-9.]+)\]$
->
->   REGEX= sshd.*Failed password.*from ([0-9.]+) port [0-9]+ ssh2$
->
->   REGEX= Unable to negotiate with ([0-9.]+) port
->
->   REGEX= in\.qpopper.*authentication failure.*tty=([0-9.]+)
->
->}
+
+`
+LOGTYPE auth {
+   DIR= /var/log
+   PREFIX= auth.log
+
+   REGEX= imapd.*Login failed.*\[([0-9.]+)\]$
+
+   REGEX= sshd.*Failed password.*from ([0-9.]+) port [0-9]+ ssh2$
+
+   REGEX= Unable to negotiate with ([0-9.]+) port
+
+   REGEX= in\.qpopper.*authentication failure.*tty=([0-9.]+)
+}
+`
+
 
 Syntax in the config file is pretty much the same as the nftables syntax. All
 keywords must be in upper case.  Any values in the key-\>value pairs have
@@ -43,31 +47,34 @@ clause. This clause allows you specify how many offenses are tolerated before an
 IP is blocked. Offenses will naturally disappear as old logfiles are deleted by
 *logrotate*.
 
-># Take it easy on home boys
->MAX_OFFENSES 5 {
->   COUNTRY= US
->}
->
-># GeoIP doesn't know the location of every IP address
->MAX_OFFENSES 3 {
->   COUNTRY= unknown
->}
->
-># This is your whitelist: -1 means no limit.
->MAX_OFFENSES -1 {
->
-># me from home
->   IP= 205.144.171.37
->
-># Some user
->   IP= 173.236.196.36
->}
+`
+# Take it easy on home boys
+MAX_OFFENSES 5 {
+   COUNTRY= US
+}
+
+# GeoIP doesn't know the location of every IP address
+MAX_OFFENSES 3 {
+   COUNTRY= unknown
+}
+
+# This is your whitelist: -1 means no limit.
+MAX_OFFENSES -1 {
+
+# me from home
+   IP= 205.144.171.37
+
+# Some user
+   IP= 173.236.196.36
+}
+`
 
 If you recieve a complaint about an address unjustly getting blocked, place it
 in one of the MAX\_OFFENSES blocks, and the IP will be unblocked the next time
 *ban2fail* runs.
 
 ##Working with *ban2fail*
+
 There are two primary modes in which *ban2fail* is used:
 
 * Production mode, where iptables rules are modified.
@@ -75,6 +82,7 @@ There are two primary modes in which *ban2fail* is used:
 * Testing mode, where modifications to blocking rules are indicated.
 
 ###Production
+
 In production mode it is expected that *ban2fail* is running from a cron job,
 and no output is printed unless addresses are (un)blocked. It is also possible
 to generate a listing of addresses, offense counts, and status with the -a
@@ -82,11 +90,12 @@ command flag. Likewise, a listing of countries and offense counts is available
 with the -c flag.
 
 ###Testing
+
 In test mode (-t flags) the presumption is that you are testing a modified
 configuration which is not yet in place, and that you don't want to disturb the
 production setup. This is how you might do that:
 
->ban2fail -t myNew.cfg -a
+`ban2fail -t myNew.cfg -a`
 
 No iptables rules will be modified. You will shown in the listing which
 addresses would be (un)blocked if *ban2fail* was running in production mode, and
@@ -96,13 +105,15 @@ When you are happy with the new configuration, copy it into place, and the the
 iptable rule changes will be realized the next time *ban2fail* runs.
 
 ##Building the Project
+
 I've tested *ban2fail* on Debian Buster, but it should compile on just about any
 modern Linux distro. It uses the GeoIP package to identify the country of origin
 for IP addresses. Build and install like so:
 
->make release
->sudo make install
-
+`
+make release
+sudo make install
+`
 The executable will be placed in "/usr/local/bin".