diff --git a/docs/nmap.1 b/docs/nmap.1
index b9bacabdb..431692759 100644
--- a/docs/nmap.1
+++ b/docs/nmap.1
@@ -2,12 +2,12 @@
.\" Title: nmap
.\" Author: [see the "Author" section]
.\" Generator: DocBook XSL Stylesheets v1.78.1
-.\" Date: 07/19/2016
+.\" Date: 07/22/2016
.\" Manual: Nmap Reference Guide
.\" Source: Nmap
.\" Language: English
.\"
-.TH "NMAP" "1" "07/19/2016" "Nmap" "Nmap Reference Guide"
+.TH "NMAP" "1" "07/22/2016" "Nmap" "Nmap Reference Guide"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
@@ -729,32 +729,38 @@ filtered\&.
.PP
\fBThe six port states recognized by Nmap\fR
.PP
-.\" open port state open
+open
+.\" open port state
.RS 4
An application is actively accepting TCP connections, UDP datagrams or SCTP associations on this port\&. Finding these is often the primary goal of port scanning\&. Security\-minded people know that each open port is an avenue for attack\&. Attackers and pen\-testers want to exploit the open ports, while administrators try to close or protect them with firewalls without thwarting legitimate users\&. Open ports are also interesting for non\-security scans because they show services available for use on the network\&.
.RE
.PP
-.\" closed port state closed
+closed
+.\" closed port state
.RS 4
A closed port is accessible (it receives and responds to Nmap probe packets), but there is no application listening on it\&. They can be helpful in showing that a host is up on an IP address (host discovery, or ping scanning), and as part of OS detection\&. Because closed ports are reachable, it may be worth scanning later in case some open up\&. Administrators may want to consider blocking such ports with a firewall\&. Then they would appear in the filtered state, discussed next\&.
.RE
.PP
-.\" filtered port state filtered
+filtered
+.\" filtered port state
.RS 4
Nmap cannot determine whether the port is open because packet filtering prevents its probes from reaching the port\&. The filtering could be from a dedicated firewall device, router rules, or host\-based firewall software\&. These ports frustrate attackers because they provide so little information\&. Sometimes they respond with ICMP error messages such as type 3 code 13 (destination unreachable: communication administratively prohibited), but filters that simply drop probes without responding are far more common\&. This forces Nmap to retry several times just in case the probe was dropped due to network congestion rather than filtering\&. This slows down the scan dramatically\&.
.RE
.PP
-.\" unfiltered port state unfiltered
+unfiltered
+.\" unfiltered port state
.RS 4
The unfiltered state means that a port is accessible, but Nmap is unable to determine whether it is open or closed\&. Only the ACK scan, which is used to map firewall rulesets, classifies ports into this state\&. Scanning unfiltered ports with other scan types such as Window scan, SYN scan, or FIN scan, may help resolve whether the port is open\&.
.RE
.PP
-.\" open|filtered port state open|filtered
+open|filtered
+.\" open|filtered port state
.RS 4
Nmap places ports in this state when it is unable to determine whether a port is open or filtered\&. This occurs for scan types in which open ports give no response\&. The lack of response could also mean that a packet filter dropped the probe or any response it elicited\&. So Nmap does not know for sure whether the port is open or being filtered\&. The UDP, IP protocol, FIN, NULL, and Xmas scans classify ports this way\&.
.RE
.PP
-.\" closed|filtered port state closed|filtered
+closed|filtered
+.\" closed|filtered port state
.RS 4
This state is used when Nmap is unable to determine whether a port is closed or filtered\&. It is only used for the IP ID idle scan\&.
.RE
diff --git a/docs/refguide.xml b/docs/refguide.xml
index 327229880..6b2be72c1 100644
--- a/docs/refguide.xml
+++ b/docs/refguide.xml
@@ -1031,9 +1031,9 @@ options from across the Internet might show that port as filteredThe six port states recognized by Nmap
-
+ open
open port state
- open
+
An application is actively accepting TCP
connections, UDP datagrams or SCTP associations on this port.
Finding these is often the primary goal of port scanning.
@@ -1045,9 +1045,9 @@ options from across the Internet might show that port as filtered
-
+ closed
closed port state
- closed
+
A closed port is accessible (it receives and
responds to Nmap probe packets), but there is no application
@@ -1059,9 +1059,9 @@ options from across the Internet might show that port as filtered
-
+ filtered
filtered port state
- filtered
+
Nmap cannot determine whether the port is open
because packet filtering prevents its probes from reaching the port.
@@ -1075,9 +1075,9 @@ options from across the Internet might show that port as filtered
-
+ unfiltered
unfiltered port state
- unfiltered
+
The unfiltered state means that a port is accessible,
but Nmap is unable to determine whether it is open or closed. Only
the ACK scan, which is used to map firewall rulesets, classifies
@@ -1086,9 +1086,9 @@ options from across the Internet might show that port as filtered
-
+ open|filtered
open|filtered port state
- open|filtered
+
Nmap places ports in this state when it is unable to
determine whether a port is open or filtered. This occurs for scan
types in which open ports give no response. The lack of
@@ -1098,9 +1098,9 @@ options from across the Internet might show that port as filtered
-
+ closed|filtered
closed|filtered port state
- closed|filtered
+
This state is used when Nmap is unable to determine
whether a port is closed or filtered. It is only used for the IP ID
idle scan.