diff --git a/README.md b/README.md
index 4f5f2c3..9cf10af 100644
--- a/README.md
+++ b/README.md
@@ -29,12 +29,14 @@ systemctl enable --now cgtproxy.service
 ```
 
 You could check the nft rules generated by default (empty) configuration by:
+
 ```bash
 sudo nft list ruleset
 ```
 
 Write your own configuration file according to the [configuration guide],
 place it on /etc/cgtproxy/config.yaml then restart systemd service by:
+
 ```bash
 systemctl restart cgtproxy.service
 ```
@@ -121,7 +123,7 @@ there are only few ways to configure network proxy settings at app level.
    2. The `cgnoproxy` command it provided
       make any program can easily escape from original cgroup
       without any authentication.
-   2. It create cgroup hierarchy without let systemd known.
+   3. It create cgroup hierarchy without let systemd known.
       This behavior break the [single-writer rule]
       of design rules of the systemd cgroup API.
 
@@ -170,7 +172,7 @@ There are some differences between cgproxy and `cgtproxy`:
 ## TODO
 
 - [ ] ~~optional cgroup monitor implementation listening on D-Bus
-  instead of filesystem;~~
+      instead of filesystem;~~
 
   [notify](https://github.com/rjeczalik/notify)
   makes the filesystem monitor much more stable,
@@ -190,4 +192,4 @@ There are some differences between cgproxy and `cgtproxy`:
   ~~Clash.Meta~~
   [MetaCubeX/mihomo](https://github.com/MetaCubeX/mihomo) is good enough for me.
 
-If you need any feature above, PR is welcome.
\ No newline at end of file
+If you need any feature above, PR is welcome.