diff --git a/sec/ex-2_iptables.adoc b/sec/ex-2_iptables.adoc
index 688e5ef..0bd270e 100644
--- a/sec/ex-2_iptables.adoc
+++ b/sec/ex-2_iptables.adoc
@@ -195,9 +195,15 @@ tcpdump 'tcp[tcpflags] == tcp-syn'
 
 ==== Isolate packets that have both the SYN and ACK flags set.
 
+[source,bash]
+----
 tcpdump 'tcp[13]=18'
+----
 
+[NOTE]
+====
 Only the PSH, RST, SYN, and FIN flags are displayed in tcpdump‘s flag field output. URGs and ACKs are displayed, but they are shown elsewhere in the output rather than in the flags field.
+====
 
 ==== Isolate TCP URG flags.
 
@@ -245,7 +251,6 @@ tcpdump 'ip[6] & 128 != 0'
 
 Here are the takeaways.
 
-.Reminder
 [NOTE]
 ====
 - **tcpdump** is a valuable tool for anyone looking to get into networking or **information security**.