--- en_US.ISO8859-1/books/handbook/firewalls/chapter.xml	(revision 49160)
+++ en_US.ISO8859-1/books/handbook/firewalls/chapter.xml	(working copy)
@@ -2270,12 +2270,13 @@ 
 	to pass.</para>
 
       <programlisting>&dollar;cmd 499 deny log all from any to any
-&dollar;cmd 500 divert natd ip from any to any out via &dollar;pif # skipto location for outbound stateful rules
+&dollar;cmd 500 allow ip from me to not me out via &dollar;pif # avoid packets natd doesn't care about
+&dollar;cmd 501 divert natd ip from any to any out via &dollar;pif # skipto location for outbound stateful rules
 &dollar;cmd 510 allow ip from any to any</programlisting>
 
       <para>In this example, rules <literal>100</literal>,
 	<literal>101</literal>, <literal>125</literal>,
-	<literal>500</literal>, and <literal>510</literal> control the
+	<literal>501</literal>, and <literal>510</literal> control the
 	address translation of the outbound and inbound packets so
 	that the entries in the dynamic state table always register
 	the private <acronym>LAN</acronym> <acronym>IP</acronym>