From 783e6b4e7cb78db64116ab269936cc1d51040130 Mon Sep 17 00:00:00 2001
From: Dirk Loss <mail@dirk-loss.de>
Date: Wed, 21 Oct 2009 19:02:51 +0200
Subject: [PATCH] Minor documentation fixes. (Thanks go to Mehdi Asgari.)

---
 doc/scapy/installation.rst | 12 ++++++++----
 doc/scapy/usage.rst        |  9 +++++----
 2 files changed, 13 insertions(+), 8 deletions(-)

diff --git a/doc/scapy/installation.rst b/doc/scapy/installation.rst
index de390243..991066c1 100644
--- a/doc/scapy/installation.rst
+++ b/doc/scapy/installation.rst
@@ -200,7 +200,9 @@ $ sudo apt-get install tcpdump graphviz imagemagick python-gnuplot python-crypto
 Fedora
 ------
 
-Here's how to install Scapy on Fedora 9::
+Here's how to install Scapy on Fedora 9:
+
+.. code-block:: text
 
     # yum install mercurial python-devel
     # cd /tmp
@@ -208,7 +210,9 @@ Here's how to install Scapy on Fedora 9::
     # cd scapy
     # python setup.py install
     
-Some optional packages::
+Some optional packages:
+
+.. code-block:: text
 
     # yum install graphviz python-crypto sox PyX gnuplot numpy
     # cd /tmp
@@ -388,7 +392,7 @@ Plotting (``plot``)
 
 2D Graphics (``psdump``, ``pdfdump``)
 
- * `PyX <http://pyx.sourceforge.net/>`_: `PyX-0.10.tar.gz `PyX-0.10.tar.gz <http://mesh.dl.sourceforge.net/sourceforge/pyx/PyX-0.10.tar.gz>`_. Extract to temp dir, open command prompt, change to tempdir and type ``python setup.py install``
+ * `PyX <http://pyx.sourceforge.net/>`_: `PyX-0.10.tar.gz <http://mesh.dl.sourceforge.net/sourceforge/pyx/PyX-0.10.tar.gz>`_. Extract to temp dir, open command prompt, change to tempdir and type ``python setup.py install``
  * `MikTeX <http://miktex.org/>`_: `Basic MiKTeX 2.8 Installer <http://miktex.org/2.8/setup>`_. PyX needs a LaTeX installation. Choose an installation directory WITHOUT spaces (e.g. ``C:\MikTex2.8`` and add the ``(INSTALLDIR)\miktex\bin`` subdirectory to your PATH.
 
 Graphs (conversations)
@@ -405,7 +409,7 @@ WEP decryption
 
 Fingerprinting
 
-  * `Nmap <http://nmap.org>`_. `nmap-4.20-setup.exe <http://download.insecure.org/nmap/dist-old/nmap-4.20-setup.exe>`_. If you use the default installation directory, Scapy-win should automatically find the fingerprints file.
+  * `Nmap <http://nmap.org>`_. `nmap-4.20-setup.exe <http://download.insecure.org/nmap/dist-old/nmap-4.20-setup.exe>`_. If you use the default installation directory, Scapy should automatically find the fingerprints file.
   * Queso: `queso-980922.tar.gz <http://www.packetstormsecurity.org/UNIX/scanners/queso-980922.tar.gz>`_. Extract the tar.gz file (e.g. using `7-Zip <http://www.7-zip.org/>`_) and put ``queso.conf`` into your Scapy directory
 
 
diff --git a/doc/scapy/usage.rst b/doc/scapy/usage.rst
index 235b8d83..3bde23e4 100644
--- a/doc/scapy/usage.rst
+++ b/doc/scapy/usage.rst
@@ -172,7 +172,7 @@ For the moment, we have only generated one packet. Let see how to specify sets o
 
     >>> a=IP(dst="www.slashdot.org/30")
     >>> a
-    <IP dst= |>
+    <IP  dst=Net('www.slashdot.org/30') |>
     >>> [p for p in a]
     [<IP dst=66.35.250.148 |>, <IP dst=66.35.250.149 |>,
      <IP dst=66.35.250.150 |>, <IP dst=66.35.250.151 |>]
@@ -300,7 +300,7 @@ Now, let's try to do some fun things. The sr() function is for sending packets a
 .. index::
    single: DNS, Etherleak
 
-A DNS query (``rd`` = recursion desired). Note the non-null padding coming from my Linksys having the Etherleak flaw::
+A DNS query (``rd`` = recursion desired). The host 192.168.5.1 is my DNS server. Note the non-null padding coming from my Linksys having the Etherleak flaw::
 
     >>> sr1(IP(dst="192.168.5.1")/UDP()/DNS(rd=1,qd=DNSQR(qname="www.slashdot.org")))
     Begin emission:
@@ -407,12 +407,12 @@ The above example will even print the ICMP error type if the ICMP packet was rec
 
 For larger scans, we could be interested in displaying only certain responses. The example below will only display packets with the â€œSAâ€ flag set::
 
-    >>> ans.nsummary(lfilter = lambda (s,r): r.sprintf("%TCP.flags%") ====== "SA")
+    >>> ans.nsummary(lfilter = lambda (s,r): r.sprintf("%TCP.flags%") == "SA")
     0003 IP / TCP 192.168.1.100:ftp_data > 192.168.1.1:https S ======> IP / TCP 192.168.1.1:https > 192.168.1.100:ftp_data SA
 
 In case we want to do some expert analysis of responses, we can use the following command to indicate which ports are open::
 
-    >>> ans.summary(lfilter = lambda (s,r): r.sprintf("%TCP.flags%") ====== "SA",prn=lambda(s,r):r.sprintf("%TCP.sport% is open"))
+    >>> ans.summary(lfilter = lambda (s,r): r.sprintf("%TCP.flags%") == "SA",prn=lambda(s,r):r.sprintf("%TCP.sport% is open"))
     https is open
 
 Again, for larger scans we can build a table of open ports::
@@ -629,6 +629,7 @@ We can sniff and do passive OS fingerprinting::
      seq=2023566040L ack=0L dataofs=10L reserved=0L flags=SEC window=5840
      chksum=0x570c urgptr=0 options=[('Timestamp', (342940201L, 0L)), ('MSS', 1460),
      ('NOP', ()), ('SAckOK', ''), ('WScale', 0)] |>>>
+    >>> load_module("p0f")
     >>> p0f(p)
     (1.0, ['Linux 2.4.2 - 2.4.14 (1)'])
     >>> a=sniff(prn=prnp0f)
-- 
GitLab