Fix refguide indexterms mucking with manpage again. Fixes #463 [ci skip]

docs/nmap.1

@@ -2,12 +2,12 @@
 .\"     Title: nmap
 .\"    Author: [see the "Author" section]
 .\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/>
-.\"      Date: 07/19/2016
+.\"      Date: 07/22/2016
 .\"    Manual: Nmap Reference Guide
 .\"    Source: Nmap
 .\"  Language: English
 .\"
-.TH "NMAP" "1" "07/19/2016" "Nmap" "Nmap Reference Guide"
+.TH "NMAP" "1" "07/22/2016" "Nmap" "Nmap Reference Guide"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------
@@ -729,32 +729,38 @@ filtered\&.
 .PP
 \fBThe six port states recognized by Nmap\fR
 .PP
-.\" open port state open
+open 
+.\" open port state
 .RS 4
 An application is actively accepting TCP connections, UDP datagrams or SCTP associations on this port\&. Finding these is often the primary goal of port scanning\&. Security\-minded people know that each open port is an avenue for attack\&. Attackers and pen\-testers want to exploit the open ports, while administrators try to close or protect them with firewalls without thwarting legitimate users\&. Open ports are also interesting for non\-security scans because they show services available for use on the network\&.
 .RE
 .PP
-.\" closed port state closed
+closed 
+.\" closed port state
 .RS 4
 A closed port is accessible (it receives and responds to Nmap probe packets), but there is no application listening on it\&. They can be helpful in showing that a host is up on an IP address (host discovery, or ping scanning), and as part of OS detection\&. Because closed ports are reachable, it may be worth scanning later in case some open up\&. Administrators may want to consider blocking such ports with a firewall\&. Then they would appear in the filtered state, discussed next\&.
 .RE
 .PP
-.\" filtered port state filtered
+filtered 
+.\" filtered port state
 .RS 4
 Nmap cannot determine whether the port is open because packet filtering prevents its probes from reaching the port\&. The filtering could be from a dedicated firewall device, router rules, or host\-based firewall software\&. These ports frustrate attackers because they provide so little information\&. Sometimes they respond with ICMP error messages such as type 3 code 13 (destination unreachable: communication administratively prohibited), but filters that simply drop probes without responding are far more common\&. This forces Nmap to retry several times just in case the probe was dropped due to network congestion rather than filtering\&. This slows down the scan dramatically\&.
 .RE
 .PP
-.\" unfiltered port state unfiltered
+unfiltered 
+.\" unfiltered port state
 .RS 4
 The unfiltered state means that a port is accessible, but Nmap is unable to determine whether it is open or closed\&. Only the ACK scan, which is used to map firewall rulesets, classifies ports into this state\&. Scanning unfiltered ports with other scan types such as Window scan, SYN scan, or FIN scan, may help resolve whether the port is open\&.
 .RE
 .PP
-.\" open|filtered port state open|filtered
+open|filtered 
+.\" open|filtered port state
 .RS 4
 Nmap places ports in this state when it is unable to determine whether a port is open or filtered\&. This occurs for scan types in which open ports give no response\&. The lack of response could also mean that a packet filter dropped the probe or any response it elicited\&. So Nmap does not know for sure whether the port is open or being filtered\&. The UDP, IP protocol, FIN, NULL, and Xmas scans classify ports this way\&.
 .RE
 .PP
-.\" closed|filtered port state closed|filtered
+closed|filtered 
+.\" closed|filtered port state
 .RS 4
 This state is used when Nmap is unable to determine whether a port is closed or filtered\&. It is only used for the IP ID idle scan\&.
 .RE

docs/refguide.xml

@@ -1031,9 +1031,9 @@ options from across the Internet might show that port as <literal>filtered</lite
 
 <variablelist><title>The six port states recognized by Nmap</title>
 
-  <varlistentry><term>
+  <varlistentry><term>open
   <indexterm><primary><literal>open</literal> port state</primary></indexterm>
-  open</term>
+  </term>
   <listitem><para>An application is actively accepting TCP
   connections, UDP datagrams or SCTP associations on this port.
   Finding these is often the primary goal of port scanning.
@@ -1045,9 +1045,9 @@ options from across the Internet might show that port as <literal>filtered</lite
   services available for use on the network.
   </para></listitem></varlistentry>
 
-  <varlistentry><term>
+  <varlistentry><term>closed
   <indexterm><primary><literal>closed</literal> port state</primary></indexterm>
-  closed</term>
+  </term>
 
   <listitem><para>A closed port is accessible (it receives and
   responds to Nmap probe packets), but there is no application
@@ -1059,9 +1059,9 @@ options from across the Internet might show that port as <literal>filtered</lite
   appear in the filtered state, discussed next.
   </para></listitem></varlistentry>
 
-  <varlistentry><term>
+  <varlistentry><term>filtered
   <indexterm><primary><literal>filtered</literal> port state</primary></indexterm>
-  filtered</term>
+  </term>
 
   <listitem><para>Nmap cannot determine whether the port is open
   because packet filtering prevents its probes from reaching the port.
@@ -1075,9 +1075,9 @@ options from across the Internet might show that port as <literal>filtered</lite
   in case the probe was dropped due to network congestion rather than
   filtering.  This slows down the scan dramatically.</para></listitem></varlistentry>
 
-  <varlistentry><term>
+  <varlistentry><term>unfiltered
   <indexterm><primary><literal>unfiltered</literal> port state</primary></indexterm>
-  unfiltered</term>
+  </term>
   <listitem><para>The unfiltered state means that a port is accessible,
   but Nmap is unable to determine whether it is open or closed.  Only
   the ACK scan, which is used to map firewall rulesets, classifies
@@ -1086,9 +1086,9 @@ options from across the Internet might show that port as <literal>filtered</lite
   whether the port is open.
   </para></listitem></varlistentry>
 
-  <varlistentry><term>
+  <varlistentry><term>open|filtered
   <indexterm><primary><literal>open|filtered</literal> port state</primary></indexterm>
-  open|filtered</term>
+  </term>
   <listitem><para>Nmap places ports in this state when it is unable to
   determine whether a port is open or filtered.  This occurs for scan
   types in which open ports give no response.  The lack of
@@ -1098,9 +1098,9 @@ options from across the Internet might show that port as <literal>filtered</lite
   FIN, NULL, and Xmas scans classify ports this
   way.</para></listitem></varlistentry>
 
-  <varlistentry><term>
+  <varlistentry><term>closed|filtered
   <indexterm><primary><literal>closed|filtered</literal> port state</primary></indexterm>
-  closed|filtered</term>
+  </term>
   <listitem><para>This state is used when Nmap is unable to determine
   whether a port is closed or filtered.  It is only used for the IP ID
   idle scan.</para></listitem></varlistentry>