In DNS section:

- CERT is no longer accepting subscriptions to his advisory mailing
  list, fix this but keep a link to CERT site
- Use entity for security-notifications list instead of a link to the
  mailing-lists section
- Some s/bind/BIND and other uppercase fixes
- Punctuations fixes
- Add missing tags and fix some tags
- DNS records type should not be tagged as varname, remove tags then.
- s/zonefile/zone file/ for consistency

en_US.ISO8859-1/books/handbook/advanced-networking/chapter.sgml

@@ -5613,9 +5613,9 @@ zone
 // NB: Don't blindly enable the examples below. :-)  Use actual names
 // and addresses instead.
 //
-// NOTE!!! FreeBSD runs bind in a sandbox (see named_flags in rc.conf).
+// NOTE!!! FreeBSD runs BIND in a sandbox (see named_flags in rc.conf).
 // The directory containing the secondary zones must be write accessible
-// to bind.  The following sequence is suggested:
+// to BIND.  The following sequence is suggested:
 //
 //      mkdir /etc/namedb/s
 //      chown bind:bind /etc/namedb/s
@@ -5646,7 +5646,7 @@ zone "0.168.192.in-addr.arpa" {
 	  entries for a forward and reverse zone.</para>
 
         <para>For each new zone served, a new zone entry must be added to
-	  <filename>named.conf</filename></para>
+	  <filename>named.conf</filename>.</para>
 
         <para>For example, the simplest zone entry for
 	  <hostid role="domainname">example.org</hostid> can look like:</para>
@@ -5676,7 +5676,7 @@ zone "0.168.192.in-addr.arpa" {
       <sect3>
         <title>Zone Files</title>
         <para>
-          An example master zone file for <hostid>example.org</hostid>
+          An example master zone file for <hostid role="domainname">example.org</hostid>
 	  (existing within <filename>/etc/namedb/example.org</filename>)
 	  is as follows:
         </para>
@@ -5711,8 +5711,8 @@ www             IN CNAME        @
           Note that every hostname ending in a <quote>.</quote> is an
           exact hostname, whereas everything without a trailing
           <quote>.</quote> is referenced to the origin.  For example,
-          <literal>www</literal> is translated into <literal>www +
-	    origin</literal>.  In our fictitious zone file, our origin
+          <literal>www</literal> is translated into <literal>www.<replaceable>origin</replaceable></literal>.
+	  In our fictitious zone file, our origin
           is <hostid>example.org.</hostid>, so
           <literal>www</literal> would translate to
           <hostid>www.example.org.</hostid>
@@ -5747,7 +5747,7 @@ www             IN CNAME        @
 	  <varlistentry>
 	    <term>A</term>
 
-	    <listitem><para>A host address</para></listitem>
+	    <listitem><para>a host address</para></listitem>
 	  </varlistentry>
 
 	  <varlistentry>
@@ -5782,24 +5782,24 @@ example.org. IN SOA ns1.example.org. admin.example.org. (
 
 	<variablelist>
 	  <varlistentry>
-	    <term><hostid>example.org.</hostid></term>
+	    <term><hostid role="domainname">example.org.</hostid></term>
 
 	    <listitem><para>the domain name, also the origin for this
 		zone file.</para></listitem>
 	  </varlistentry>
 
 	  <varlistentry>
-	    <term><hostid>ns1.example.org.</hostid></term>
+	    <term><hostid role="fqdn">ns1.example.org.</hostid></term>
 
 	    <listitem><para>the primary/authoritative name server for this
-		zone</para></listitem>
+		zone.</para></listitem>
 	  </varlistentry>
 
 	  <varlistentry>
 	    <term><literal>admin.example.org.</literal></term>
 
 	    <listitem><para>the responsible person for this zone,
-		email address with @
+		email address with <quote>@</quote>
           replaced.  (<email>admin@example.org</email> becomes
 		<literal>admin.example.org</literal>)</para>
 	    </listitem>
@@ -5808,12 +5808,12 @@ example.org. IN SOA ns1.example.org. admin.example.org. (
 	  <varlistentry>
 	    <term><literal>5</literal></term>
 
-	      <listitem><para>the serial number of the file.  this
+	      <listitem><para>the serial number of the file.  This
 		  must be incremented each time the zone file is modified.
 		  Nowadays, many admins prefer a
 		  <literal>yyyymmddrr</literal> format for the serial
-		  number.  2001041002 would mean last modified 04/10/2001,
-		  the latter 02 being the second time the zone file has
+		  number.  <literal>2001041002</literal> would mean last modified 04/10/2001,
+		  the latter <literal>02</literal> being the second time the zone file has
 		  been modified this day.  The serial number is important
 		  as it alerts slave name servers for a zone when it is
 		  updated.</para>
@@ -5825,7 +5825,7 @@ example.org. IN SOA ns1.example.org. admin.example.org. (
 @       IN NS           ns1.example.org.</programlisting>
 
         <para>
-          This is an <varname>NS</varname> entry.  Every name server that is going to reply
+          This is an NS entry.  Every name server that is going to reply
           authoritatively for the zone must have one of these entries.
 	  The <literal>@</literal> as seen here could have been
 	  <hostid role="domainname">example.org.</hostid>
@@ -5857,7 +5857,7 @@ www             IN CNAME        @</programlisting>
           aliased to the machine addressed to the origin, or
           <hostid role="domainname">example.org</hostid>
           (<hostid role="ipaddr">3.2.1.30</hostid>).
-          <varname>CNAME</varname>s can be used to provide alias
+          CNAMEs can be used to provide alias
           hostnames, or round robin one hostname among multiple
           machines.
         </para>
@@ -5870,7 +5870,7 @@ www             IN CNAME        @</programlisting>
 @               IN MX   10      mail.example.org.</programlisting>
 
         <para>
-          The <varname>MX</varname> record indicates which mail
+          The MX record indicates which mail
           servers are responsible for handling incoming mail for the
           zone.  <hostid role="fqdn">mail.example.org</hostid> is the
           hostname of the mail server, and 10 being the priority of
@@ -5887,8 +5887,8 @@ www             IN CNAME        @</programlisting>
 
         <para>
           For in-addr.arpa zone files (reverse DNS), the same format is
-          used, except with <varname>PTR</varname> entries instead of
-	  <varname>A</varname> or <varname>CNAME</varname>.
+          used, except with PTR entries instead of
+	  A or CNAME.
         </para>
 
         <programlisting>$TTL 3600
@@ -5961,7 +5961,7 @@ www             IN CNAME        @</programlisting>
 	following checklist, it is assumed that the path to the sandbox
 	is <filename>/etc/namedb</filename> and that you have made no
 	prior modifications to the contents of this directory.  Perform
-	the following steps as <username>root</username>.</para>
+	the following steps as <username>root</username>:</para>
 
       <itemizedlist>
 	<listitem>
@@ -6005,7 +6005,7 @@ $TTL 6h
 	  <calloutlist>
 	    <callout arearefs="localtime">
 	      <para>This allows <application>named</application> to log the
-		correct time to &man.syslogd.8;</para>
+		correct time to &man.syslogd.8;.</para>
 	    </callout>
 	  </calloutlist>
 	</listitem>
@@ -6073,9 +6073,9 @@ $TTL 6h
 	  <note>
 	    <para>This simply avoids having to specify the
 	      <option>-c</option> option to &man.ndc.8; every time you
-	      run it.  Since the contents of /var/run are deleted on boot,
+	      run it.  Since the contents of <filename>/var/run</filename> are deleted on boot,
 	      if this is something that you find useful you
-	      may wish to add this command to root's crontab, making use
+	      may wish to add this command to <username>root</username>'s <filename>crontab</filename>, making use
 	      of the <option>@reboot</option> option.  See
 	      &man.crontab.5; for more information regarding
 	      this.</para>
@@ -6171,7 +6171,7 @@ zone "10.168.192.in-addr.arpa" in {
 	    <application>named</application> needs are within this
 	    directory (recall that this is equivalent to a
 	    <quote>normal</quote> user's
-	    <filename>/etc/namedb</filename>.</para>
+	    <filename>/etc/namedb</filename>).</para>
 	</callout>
 
 	<callout arearefs="named-xfer">
@@ -6184,13 +6184,13 @@ zone "10.168.192.in-addr.arpa" in {
 	</callout>
 	<callout arearefs="master"><para>Specifies the filename (relative
 	  to the <literal>directory</literal> statement above) where
-	  <application>named</application> can find the zonefile for this
+	  <application>named</application> can find the zone file for this
 	  zone.</para>
 	</callout>
 	<callout arearefs="slave"><para>Specifies the filename
 	    (relative to the <literal>directory</literal> statement above)
 	    where <application>named</application> should write a copy of
-	    the zonefile for this zone after successfully transferring it
+	    the zone file for this zone after successfully transferring it
 	    from the master server.  This is why we needed to change the
 	    ownership of the directory <filename>slave</filename> to
 	    <groupname>bind</groupname> in the setup stages above.</para>
@@ -6215,9 +6215,9 @@ zone "10.168.192.in-addr.arpa" in {
       </para>
 
       <para>
-        It is a good idea to subscribe to <ulink
-        url="http://www.cert.org/">CERT</ulink> and
-        <ulink url="../handbook/eresources.html#ERESOURCES-MAIL">freebsd-security-notifications</ulink>
+        It is a good idea to read <ulink
+        url="http://www.cert.org/">CERT</ulink>'s security advisories and
+	to subscribe to the &a.security-notifications;
         to stay up to date with the current Internet and FreeBSD security
         issues.
       </para>
@@ -6235,7 +6235,7 @@ zone "10.168.192.in-addr.arpa" in {
       <itemizedlist>
 	<listitem>
 	  <para><ulink
-	      url="http://www.isc.org/products/BIND/">Official ISC Bind
+	      url="http://www.isc.org/products/BIND/">Official ISC BIND
 	      Page</ulink></para>
 	</listitem>