diff --git a/run-udp2raw-with-non-root-account.md b/run-udp2raw-with-non-root-account.md
index 53dd386..3b04f11 100644
--- a/run-udp2raw-with-non-root-account.md
+++ b/run-udp2raw-with-non-root-account.md
@@ -2,17 +2,22 @@ It's not security secure to run udp2raw with root. This page demonstrates how to
 
 You must have `setcap` as a prerequisite. `setcap` is shipped with most desktop linux distributions by defualt. But its seems to be missing on OpenWRT/LEDE.
 
+1. grant udp2raw CAP_NET_RAW permission
 ```
-# grant udp2raw CAP_NET_RAW permission
 sudo setcap cap_net_raw+ep udp2raw_amd64
+```
 
-# run udp2raw with -g option instead of -a, then udp2raw will generate a iptables rule for you 
+2. run udp2raw with -g option instead of -a, then udp2raw will generate a iptables rule for you 
+```
 ./udp2raw_amd64 -s -l0.0.0.0:4096 -r 127.0.0.1:7777  -k "passwd" --raw-mode faketcp -g    
-
-# add the generated iptables rule manually
+```
+3. add the generated iptables rule manually
+```
 sudo iptables -I INPUT -p tcp -m tcp --dport 4096 -j DROP     
+```
 
-#then run udp2raw without -g option
+4. then run udp2raw without -g option
+```
 ./udp2raw_amd64 -s -l0.0.0.0:4096 -r 127.0.0.1:7777  -k "passwd" --raw-mode faketcp
 ```