docs: minor adjustments

docs/about.md

@@ -1,10 +1,15 @@
 # About
 
-VPNC is a VPN client compatible with Cisco's EasyVPN equipment. It supports IPSec (ESP) with Mode Configuration and Xauth. Supports only shared-secret IPSec authentication with Xauth, AES (256, 192, 128), 3DES, 1DES, MD5, SHA1, DH1/2/5 and IP tunneling. It runs entirely in userspace. Only "Universal TUN/TAP device driver support" is needed in kernel.
+VPNC is a VPN client compatible with Cisco's EasyVPN equipment.
+It supports IPSec (ESP) with Mode Configuration and Xauth.
+Supports only shared-secret IPSec authentication with Xauth, AES (256, 192, 128), 3DES, 1DES, MD5, SHA1, DH1/2/5 and IP tunneling.
+It runs entirely in userspace.
+Only "Universal TUN/TAP device driver support" is needed in kernel.
 
 ## Development status
 
-This repository has been forked to follow the work started originally by Maurice Massar. For more information about that, please, point to [VPNC original web page](http://www.unix-ag.uni-kl.de/~massar/vpnc/).
+This repository has been forked to follow the work started originally by Maurice Massar.
+For more information about that, please, point to [VPNC original web page](http://www.unix-ag.uni-kl.de/~massar/vpnc/).
 
 As stated in `vpnc-devel` mailing-list ([vpnc-devel@2017-November](http://lists.unix-ag.uni-kl.de/pipermail/vpnc-devel/2017-November/004233.html)), this repository hasn't been started to start working actively on this project, but to passively merge security patches, fixes and features additions explicitly requested by the community.
 

docs/faq.md

@@ -2,7 +2,8 @@
 
 ## Use the client with Nortel Contivity
 
-Matt Chapman (`matthewc@cse.unsw.edu.au`) got vpnc working with a Nortel Contivity VPN concentrator. According to him, the differences are:
+Matt Chapman (`matthewc@cse.unsw.edu.au`) got vpnc working with a Nortel Contivity VPN concentrator.
+According to him, the differences are:
 
 - The group name and password are pre-transformed:
 

docs/installation.md

@@ -41,17 +41,23 @@ IPSec secret s4mpl3
 Xauth username johndoe
 ```
 
-Note that all strings start exactly one space after the keyword string, and run to the end of the line. This lets you put any kind of weird character (except CR, LF and NUL) in your strings, but it does mean you can't add comments after a string, or spaces before them.
+Note that all strings start exactly one space after the keyword string, and run to the end of the line.
+This lets you put any kind of weird character (except CR, LF and NUL) in your strings, but it does mean you can't add comments after a string, or spaces before them.
 
 It may be easier to use the `--print-config` option to generate the config file, and then delete any lines (like a password) that you want to be prompted for.
 
-If you don't know the Group ID and Secret string, ask your administrator. If (s)he declines and refers to the configuration files provided for the vpnclient program, tell him/her that the contents of that files are (though scrambled) not really protected. If you have a working configuration file (`.pcf` file) for the Cisco client then you can use the `pcf2vpnc` utility instead, which will extract most/all of the required information and convert it into a vpnc configuration file.
+If you don't know the Group ID and Secret string, ask your administrator.
+If they decline and refer to the configuration files provided for the vpnclient program, tell them that the contents of that files are (though scrambled) not really protected.
+If you have a working configuration file (`.pcf` file) for the Cisco client then you can use the `pcf2vpnc` utility instead, which will extract most/all of the required information and convert it into a vpnc configuration file.
 
 ## Using a modified script
 
-Please note that VPNC itself does not setup routing. You need to do this yourself, or use `--script script.sh` / `Script script.sh` (the first one to pass it as input parameters, the other one as config file value). The default script is `/etc/vpnc/vpnc-script` which sets a default route to the remote network, or if the Concentrator provided split-network settings, these are used to setup routes.
+Please note that VPNC itself does not setup routing.
+You need to do this yourself, or use `--script script.sh`/`Script script.sh` (the first one to pass it as input parameters, the other one as config file value).
+The default script is `/etc/vpnc/vpnc-script` which sets a default route to the remote network, or if the Concentrator provided split-network settings, these are used to setup routes.
 
-This option is passed to `system()`, so you can use any shell-specials you like. This script gets called tree times:
+This option is passed to `system()`, so you can use any shell-specials you like.
+This script gets called tree times:
 
 1. `$reason == pre-init`: this is before VPNC opens the tun device, so you can do what is necessary to ensure that it is available. Note that none of the variables mentioned below is available.
 2. `$reason == connect`: this is what used to be "Config Script". The connection is established, but vpnc will not begin forwarding packets until the script finishes.
@@ -76,7 +82,8 @@ Information is passed from VPNC via environment variables:
 - `CISCO_SPLIT_INC_%d_SPORT`: source port (often just `0`)
 - `CISCO_SPLIT_INC_%d_DPORT`: destination port (often just `0`)
 
-Currently `vpnc-script` is not directly configurable from config files. However, a workaround is to use a `wrapper-script` like this, to disable `/etc/resolv.conf` rewriting and setup a custom split-routing:
+Currently `vpnc-script` is not directly configurable from config files.
+However, a workaround is to use a `wrapper-script` like this, to disable `/etc/resolv.conf` rewriting and setup a custom split-routing:
 
 ```bash
 #!/bin/sh
@@ -108,6 +115,8 @@ Input option         | File option
 `--ca-file <ca.pem>` | `CA-File <ca.pem>`
 `--ca-dir <ca/dir>`  | `CA-Dir <ca/dir>`
 
-Default `CA-Dir` is `/etc/ssl`. A link can also be used like in `/etc/ssl/certs/`.
+Default `CA-Dir` is `/etc/ssl`.
+A link can also be used like in `/etc/ssl/certs/`.
 
-As the trusted certificate is referenced by the hash of the subject name, the directory has to contain the certificate named like that hash value. As an example, the hash value can be calculated using the following command: `openssl x509 -in <ca_certfile.pem> -noout -hash`
+As the trusted certificate is referenced by the hash of the subject name, the directory has to contain the certificate named like that hash value.
+As an example, the hash value can be calculated using the following command: `openssl x509 -in <ca_certfile.pem> -noout -hash`