diff --git a/sec/ex-3_iptables.adoc b/sec/ex-3_iptables.adoc
index 283466c..190e884 100644
--- a/sec/ex-3_iptables.adoc
+++ b/sec/ex-3_iptables.adoc
@@ -121,7 +121,9 @@ The lowercase word on top is the table and the upper case word below is the chai
 **All interfaces are handled the same way; it's up to you to define rules that treat them differently.**
 
 Of course some packets 
+
 - are intended for local processes, hence come in from the top of the chart and stop at **Local Proces**, 
+
 - while other packets are generated by local processes; hence start at **Local Process** and proceed downward through the flowchart.  
 
 A detailed explanation [https://www.frozentux.net/iptables-tutorial/iptables-tutorial.html#TRAVERSINGOFTABLES here].
@@ -182,8 +184,9 @@ Tables consist of **chains**, which are lists of rules which are followed in ord
 
 ==== Filter
 
-This is the default table. Its built-in chains are:
+This is the default table. 
 
+.Its built-in chains are:
 [source,bash]
 ----
         Input: packets going to local sockets
@@ -193,8 +196,10 @@ This is the default table. Its built-in chains are:
 
 ==== Nat 
 
-When a packet creates a new connection, this table is used. Its built-in chains are:
+When a packet creates a new connection, this table is used. 
+
 
+.Its built-in chains are:
 [source,bash]
 ----
         Prerouting: designating packets when they come in
@@ -204,8 +209,9 @@ When a packet creates a new connection, this table is used. Its built-in chains
 
 ==== Mangle 
 
-Used for special altering of packets. Its chains are:
+Used for special altering of packets.
 
+.Its built-in chains are:
 [source,bash]
 ----
         Prerouting: incoming packets
@@ -217,8 +223,9 @@ Used for special altering of packets. Its chains are:
 
 ==== Raw 
 
-Primarily used for configuring exemptions from connection tracking. The built-in chains are
+Primarily used for configuring exemptions from connection tracking.
 
+.Its built-in chains are:
 [source,bash]
 ----
         Prerouting: packets that arrive by the network interface
@@ -227,8 +234,9 @@ Primarily used for configuring exemptions from connection tracking. The built-in
 
 ==== Security 
 
-Used for Mandatory Access Control (MAC) rules. After the filter table, the security table is accessed next. The built-in chains are:
+Used for Mandatory Access Control (MAC) rules. After the filter table, the security table is accessed next. 
 
+.Its built-in chains are:
 [source,bash]
 ----
         Input: packets entering the server