Markup Fixes:

Place some terms in <varname>
Change <emphasis> -> <varname> in some intstances
Place commands in <command> or man entitiy
Place applications in <application>
Place filenames in <filename>
Place hostnames in <hostid>
One instance of <quote> -> <errorname>

Spelling/Terminology Fixes:
ip -> IP address
IPs/ips -> IP addresses
cfg -> config
Unice -> Unix systems

Reviewed by:	murray

en_US.ISO8859-1/books/handbook/advanced-networking/chapter.sgml

@@ -1,7 +1,7 @@
 <!--
      The FreeBSD Documentation Project
 
-     $FreeBSD: doc/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.sgml,v 1.59 2001/07/17 22:20:47 chern Exp $
+     $FreeBSD: doc/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.sgml,v 1.60 2001/07/17 23:33:25 chern Exp $
 -->
 
 <chapter id="advanced-networking">
@@ -106,7 +106,7 @@ host2.foobar.com link#1             UC          0        0
 	rather than sending it out over the Ethernet interface.</para>
 	  
       <para>The two <literal>host2</literal> lines are an example of what
-	happens when we use an ifconfig alias (see the section of Ethernet for
+	happens when we use an &man.ifconfig.8; alias (see the section of Ethernet for
 	reasons why we would do this).  The <literal>=&gt;</literal> symbol
 	after the <devicename>lo0</devicename> interface says that not only
 	are we using the loopback (since this is address also refers to the
@@ -272,7 +272,7 @@ Local1 (10.20.30.1, 10.9.9.30)  --&gt;  T1-GW (10.9.9.1)
 	  
       <para>In one case, the machine as two Ethernet cards, each having an
 	address on the separate subnets.  Alternately, the machine may only
-	have one Ethernet card, and be using ifconfig aliasing.  The former is
+	have one Ethernet card, and be using &man.ifconfig.8; aliasing.  The former is
 	used if two physically separate Ethernet networks are in use, the
 	latter if there is one physical network segment, but two logically
 	separate subnets.</para>
@@ -449,7 +449,7 @@ Local1 (10.20.30.1, 10.9.9.30)  --&gt;  T1-GW (10.9.9.1)
 	<title>Firewall support</title>
 	<indexterm><primary>firewall</primary></indexterm>
 	<para>If you are planning to use the bridge as a firewall, you will
-	  need to add the IPFIREWALL option as well.  Read <xref
+	  need to add the <varname>IPFIREWALL</varname> option as well.  Read <xref
 	    linkend="firewalls"> for general information on configuring the
 	  bridge as a firewall.</para>
 
@@ -480,8 +480,8 @@ Local1 (10.20.30.1, 10.9.9.30)  --&gt;  T1-GW (10.9.9.1)
       <programlisting>net.link.ether.bridge=1</programlisting>
 
       <para>to <filename>/etc/sysctl.conf</filename> to enable the bridge at
-	runtime.  If you want the bridged packets to be filtered by ipfw, you
+	runtime.  If you want the bridged packets to be filtered by &man.ipfw.8;, 
-	should also add</para>
+	you should also add</para>
 
       <programlisting>net.link.ether.bridge_ipfw=1</programlisting>
 
@@ -580,13 +580,14 @@ Local1 (10.20.30.1, 10.9.9.30)  --&gt;  T1-GW (10.9.9.1)
 
         <listitem>
 	  <para><command>mountd</command> - The NFS Mount Daemon which
-	    actually carries  out requests that nfsd passes on to
+	    actually carries  out requests that &man.nfsd.8; passes on to
 	    it.</para>
 	</listitem>
 
 	<listitem>
-	  <para><command>portmap</command> - The portmapper daemon which
+	  <para><command>portmap</command> - The
-	    allows NFS clients to find out which port the NFS server is
+	    <command>portmapper</command> daemon which allows NFS
+	    clients to find out which port the NFS server is
 	    using.</para>
 	</listitem>
       </itemizedlist>
@@ -688,10 +689,10 @@ nfs_client_flags="-n 4"</programlisting>
 	have permission to do so.  Make sure your client is listed in your
 	<filename>/etc/exports</filename> file.</para>
 
-      <para>It's important to remember that you must restart mountd
+      <para>It's important to remember that you must restart <command>mountd</command>
         whenever you modify <filename>/etc/exports</filename> so that
         your changes take effect.  This can be accomplished by sending
-        the hangup signal to the mountd process :</para>
+        the hangup signal to the <command>mountd</command> process :</para>
 
       <screen>&prompt.root; <userinput>kill -HUP `cat /var/run/mountd.pid`</userinput></screen>
 
@@ -924,7 +925,7 @@ nfs_client_flags="-n 4"</programlisting>
 	</step>
 
 	<step>
-	  <para>Set up a bootp server to provide the client with IP, gateway,
+	  <para>Set up a bootp server to provide the client with IP address, gateway,
 	    netmask.</para>
 	  
 	  <programlisting>diskless:\
@@ -1030,14 +1031,14 @@ nfs_client_flags="-n 4"</programlisting>
 	    </tgroup>
 	  </informaltable>
 	  
-	  <para>A typical completely diskless cfg file might contain:</para>
+	  <para>A typical completely diskless config file might contain:</para>
 
 	  <programlisting>rootfs 192.1.2.3:/rootfs/myclient
 swapfs 192.1.2.3:/swapfs
 swapsize 20000
 hostname myclient.mydomain</programlisting>
 
-	  <para>A cfg file for a machine with local swap might contain:</para>
+	  <para>A config file for a machine with local swap might contain:</para>
 
 	  <programlisting>rootfs 192.1.2.3:/rootfs/myclient
 hostname myclient.mydomain</programlisting>
@@ -1066,12 +1067,13 @@ hostname myclient.mydomain</programlisting>
 	  </indexterm>
 	  <para>If you are swapping over NFS (completely diskless
 	    configuration) create a swap file for your client using
-	    <command>dd</command>.  If your <command>swapfs</command> command
+	    <command>dd</command>.  If your <command>swapfs</command>
-	    has the arguments <filename>/swapfs</filename> and the size 20000
+	    command has the arguments <filename>/swapfs</filename> and
-	    as in the example above, the swapfile for myclient will be called
+	    the size 20000 as in the example above, the swapfile for
+	    <hostid>myclient</hostid> will be called
 	    <filename>/swapfs/swap.<replaceable>X.X.X.X</replaceable></filename>
-	    where <replaceable>X.X.X.X</replaceable> is the client's IP addr,
+	    where <replaceable>X.X.X.X</replaceable> is the client's IP
-	    e.g.:</para>
+	    address, e.g.:</para>
 		  
 	  <screen>&prompt.root; <userinput>dd if=/dev/zero of=/swapfs/swap.192.1.2.4 bs=1k count=20000</userinput></screen>
 		  
@@ -1446,7 +1448,7 @@ ISDN BRI line</literallayout>
       <para>NIS, which stands for Network Information Services, was
         developed by Sun Microsystems to centralize administration of Unix
         (originally SunOS) systems.  It has now essentially become an
-        industry standard; all major Unices (Solaris, HP-UX, AIX, Linux,
+        industry standard; all major Unix systems (Solaris, HP-UX, AIX, Linux,
         NetBSD, OpenBSD, FreeBSD, etc) support NIS.</para>
 
       <indexterm><primary>yellow pages (see NIS)</primary></indexterm>
@@ -1507,7 +1509,7 @@ ISDN BRI line</literallayout>
         <listitem>
           <para><emphasis>ypserv</emphasis>. <command>ypserv</command>,
             which should only be running on NIS servers, is the NIS server
-            process itself. If ypserv dies, then the server will no longer be
+            process itself. If &man.ypserv.8; dies, then the server will no longer be
             able to respond to NIS requests (hopefully, there is a slave
             server to take over for it).</para>
 
@@ -2045,11 +2047,11 @@ nis_client_enable="YES"</programlisting>
     <sect2>
       <title>NIS Security</title>
 
-      <para>In general, any remote user can issue an RPC to ypserv and
+      <para>In general, any remote user can issue an RPC to &man.ypserv.8; and
 	retrieve the contents of your NIS maps, provided the remote user
 	knows your domainname.  To prevent such unauthorized transactions,
-	ypserv supports a feature called securenets which can be used to
+	&man.ypserv.8; supports a feature called securenets which can be used to
-	restrict access to a given set of hosts.  At startup, ypserv will
+	restrict access to a given set of hosts.  At startup, &man.ypserv.8; will
 	attempt to load the securenets information from a file called
 	<filename>/var/yp/securenets</filename>.</para>
 	
@@ -2072,7 +2074,7 @@ nis_client_enable="YES"</programlisting>
 # this includes the machines in the testlab
 10.0.0.0      255.255.240.0</programlisting>
 
-      <para>If ypserv receives a request from an address that matches one
+      <para>If &man.ypserv.8; receives a request from an address that matches one
 	of these rules, it will process the request normally.  If the
 	address fails to match a rule, the request will be ignored and a
 	warning message will be logged.  If the
@@ -2081,8 +2083,9 @@ nis_client_enable="YES"</programlisting>
 
       <para>The ypserv program also has support for Wietse Venema's
 	<application>tcpwrapper</application> package.  This allows the
-	administrator to use the tcpwrapper configuration files for access
+	administrator to use the <application>tcpwrapper</application> configuration 
-	control instead of <filename>/var/yp/securenets</filename>.</para>
+	files for access control instead of 
+	<filename>/var/yp/securenets</filename>.</para>
 
       <note>
         <para>While both of these access control mechanisms provide some
@@ -2283,7 +2286,8 @@ basie&prompt.root;</screen>
 
       <para>If you tried to implement these restrictions by separately
         blocking each user, you would have to add one
-        -<replaceable>user</replaceable> line to each system's passwd
+        -<replaceable>user</replaceable> line to each system's 
+	<filename>passwd</filename>
         for each user who is not allowed to login onto that system.
         If you forget just one entry, you could be in trouble.  It may
         be feasible to do this correctly during the initial setup,
@@ -2304,7 +2308,7 @@ basie&prompt.root;</screen>
         configuration file to grant or deny access to machines.</para>
         
       <para>The first step is the initialization of the NIS map
-        netgroup.  FreeBSD's ypinit does not create this map by
+        netgroup.  FreeBSD's &man.ypinit.8; does not create this map by
         default, but its NIS implementation will support it once it has
         been created.  To create an empty map, simply type</para>
 
@@ -2413,15 +2417,15 @@ ellington&prompt.user; <userinput>ypcat -k netgroup.byuser</userinput></screen>
         these users are allowed to login.</para>
 
       <para>Unfortunately, this limitation also applies to the ~
-        function of the shell and all routines converting between user
+	function of the shell and all routines converting between user
-        names and numerical user ids.  In other words, cd
+	names and numerical user ids.  In other words, 
-        ~<replaceable>user</replaceable> will not work, <command>ls
+	<command>cd ~<replaceable>user</replaceable></command> will not work,
-        -l</command> will show the numerical id instead of the
+	<command>ls -l</command> will show the numerical id instead of
-        username and <command>find . -user joe -print</command> will
+	the username and <command>find . -user joe -print</command> will
-        fail with <quote>No such user</quote>.  To fix this, you will
+	fail with <errorname>No such user</errorname>.  To fix this, you will
-        have to import all user entries <emphasis>without
+	have to import all user entries <emphasis>without allowing them
-        allowing them to login onto your servers</emphasis>.</para>
+	to login onto your servers</emphasis>.</para>
-
+      
       <para>This can be achieved by adding another line to 
         <filename>/etc/master.passwd</filename>.  This line should
         contain <literal>+:::::::::/sbin/nologin</literal>, meaning
@@ -2884,10 +2888,10 @@ dhcp_flags=""</programlisting>
       <para>FreeBSD utilizes, by default, a version of BIND (Berkeley 
         Internet Name Domain), which is the most common implementation of the 
         DNS protocol.  DNS is the protocol through which names are mapped to 
-        IPs, and vice versa.  For example, a query for www.freebsd.org 
+        IP addresses, and vice versa.  For example, a query for www.freebsd.org 
         will send back a reply for the IP address of The FreeBSD Project's 
-        webpage, whereas, a query for ftp.freebsd.org will return the IP 
+        webpage, whereas, a query for ftp.freebsd.org will return the IP
-        of the corresponding FTP machine.  Likewise, the opposite can 
+	address of the corresponding FTP machine.  Likewise, the opposite can 
         happen.  A query for an IP address can resolve its hostname.
       </para>
 
@@ -2929,20 +2933,20 @@ dhcp_flags=""</programlisting>
           <para>. is the root zone</para>
         </listitem>
         <listitem>
-          <para>org. is a zone under the root zone</para>
+          <para><hostid>org.</hostid> is a zone under the root zone</para>
         </listitem>
         <listitem>
-          <para>foobardomain.org is a zone under the org. zone</para>
+          <para><hostid>foobardomain.org</hostid> is a zone under the org. zone</para>
         </listitem>
         <listitem>
-          <para>foo.foobardomain.org. is a subdomain, a zone under the 
+          <para><hostid>foo.foobardomain.org.</hostid> is a subdomain, a zone under the 
-             foobardomain.org. zone
+             <hostid>foobardomain.org.</hostid> zone
           </para>
         </listitem>
         <listitem>
           <para>
-            1.2.3.in-addr.arpa is a zone referencing all ips which fall 
+            <hostid>1.2.3.in-addr.arpa</hostid> is a zone referencing all IP addresses
-            under the 3.2.1.* ip space.
+	    which fall under the 3.2.1.* IP space.
           </para>
         </listitem>
       </itemizedlist>
@@ -2967,12 +2971,12 @@ dhcp_flags=""</programlisting>
         the particular zone
       </para>
 
-      <para><emphasis>forward dns</emphasis> - mapping of hostnames to ip 
+      <para><emphasis>forward dns</emphasis> - mapping of hostnames to IP 
         addresses
       </para>
 
       <indexterm><primary>reverse DNS</primary></indexterm>
-      <para><emphasis>reverse dns</emphasis> - the opposite, mapping of ip
+      <para><emphasis>reverse dns</emphasis> - the opposite, mapping of IP
         addresses to hostnames
       </para>
     </sect2>
@@ -2991,8 +2995,8 @@ dhcp_flags=""</programlisting>
                 </para>
               </listitem>
               <listitem>
-                <para>For example, you register foobardomain.org and wish 
+                <para>For example, you register <hostid>foobardomain.org</hostid>
-                  to assign hostnames to the proper IP addresses.
+		  and wish to assign hostnames to the proper IP addresses.
                 </para>
               </listitem>
               <listitem>
@@ -3109,7 +3113,7 @@ dhcp_flags=""</programlisting>
       <sect3>
         <title><filename>/etc/namedb/named.conf</filename></title>
 
-        <programlisting>// $FreeBSD: doc/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.sgml,v 1.59 2001/07/17 22:20:47 chern Exp $
+        <programlisting>// $FreeBSD: doc/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.sgml,v 1.60 2001/07/17 23:33:25 chern Exp $
 //
 // Refer to the named(8) man page for details.  If you are ever going
 // to setup a primary server, make sure you've understood the hairy
@@ -3327,13 +3331,13 @@ www             IN CNAME        @
         <para>
           The most commonly used DNS records:
         </para>
-        <para><emphasis>SOA</emphasis> - start of zone authority</para>
+        <para><varname>SOA</varname> - start of zone authority</para>
-        <para><emphasis>NS</emphasis> - an authoritative nameserver</para>
+        <para><varname>NS</varname> - an authoritative nameserver</para>
-        <para><emphasis>A</emphasis> - A host address</para>
+        <para><varname>A</varname> - A host address</para>
-        <para><emphasis>CNAME</emphasis> - the canonical name for an 
+        <para><varname>CNAME</varname> - the canonical name for an 
           alias</para>
-        <para><emphasis>MX</emphasis> - mail exchange</para>
+        <para><varname>MX</varname> - mail exchange</para>
-        <para><emphasis>PTR</emphasis> - a domain name pointer (used in 
+        <para><varname>PTR</varname> - a domain name pointer (used in 
           reverse dns)</para>
         <programlisting>
 foobardomain.org. IN SOA ns1.foobardomain.org. admin.foobardomain.org. (
@@ -3344,21 +3348,23 @@ foobardomain.org. IN SOA ns1.foobardomain.org. admin.foobardomain.org. (
                         86400 )         ; Minimum TTL of 1 day
         </programlisting>
         <para>
-          <emphasis>foobardomain.org.</emphasis> - the domain name, also 
+          <hostid>foobardomain.org.</hostid> - the domain name, also 
           the origin for this zone file.
         </para>
-        <para><emphasis>ns1.foobardomain.org.</emphasis> - the 
+        <para><hostid>ns1.foobardomain.org.</hostid> - the 
           primary/authoritative nameserver for this zone
         </para>
-        <para><emphasis>admin.foobardomain.org.</emphasis> - the 
+        <para><email>admin.foobardomain.org.</email> - the 
           responsible person for this zone, e-mail address with @ 
-          replaced. (admin@foobardomain.org becomes admin.foobardomain.org)
+          replaced. (<email>admin@foobardomain.org</email> becomes 
+	  <email>admin.foobardomain.org</email>)
         </para>
         <para>
           <emphasis>5</emphasis> - the serial number of the file.  this 
           must 
           be incremented each time the zone file is modified.  Nowadays, 
-          many admins prefer a yyyymmddrr format for the serial number.  
+          many admins prefer a <literal>yyyymmddrr</literal> format for the serial 
+	  number.  
           2001041002 would mean last modified 04/10/2001, the latter 02 being 
           the second time the zone file has been modified this day.  The 
           serial number is important as it alerts slave nameservers for a zone 
@@ -3369,10 +3375,10 @@ foobardomain.org. IN SOA ns1.foobardomain.org. admin.foobardomain.org. (
 @       IN NS           ns1.foobardomain.org.
         </programlisting>
         <para>
-          This is an NS entry.  Every nameserver that is going to reply
+          This is an <varname>NS</varname> entry.  Every nameserver that is going to reply
           authoritatively for the zone must have one of these entries.  
-          The @ as seen here could have been 'foobardomain.org.' The @ 
+          The @ as seen here could have been <literal>foobardomain.org.</literal>
-          translates to the origin.
+	  The @ translates to the origin.
         </para>
 
         <programlisting>
@@ -3396,7 +3402,7 @@ www             IN CNAME        @
           The canonical name record is usually used for giving aliases
           to a machine.  In the example, www is aliased to the machine
           addressed to the origin, or foobardomain.org (3.2.1.30).
-          CNAMEs can be used to provide alias hostnames, or round
+          <varname>CNAME</varname>s can be used to provide alias hostnames, or round
           robin one hostname among multiple machines.
         </para>
 
@@ -3405,7 +3411,7 @@ www             IN CNAME        @
         </programlisting>
 
         <para>
-          The MX record indicates which mail servers are responsible
+          The <varname>MX</varname> record indicates which mail servers are responsible
           for handling incoming mail for the zone.
           mail.foobardomain.org is the hostname of the mail server,
           and 10 being the priority of that mailserver.
@@ -3420,7 +3426,8 @@ www             IN CNAME        @
 
         <para>
           For in-addr.arpa zone files (reverse dns), the same format is 
-          used, except with PTR entries instead of A or CNAME.
+          used, except with <varname>PTR</varname> entries instead of 
+	  <varname>A</varname> or <varname>CNAME</varname>.
         </para>
 
         <programlisting>$TTL 3600
@@ -3440,7 +3447,7 @@ www             IN CNAME        @
 10      IN PTR  mail.foobardomain.org.
 30      IN PTR  foobardomain.org.</programlisting>
         <para>
-         This file gives the proper IP to hostname mappings of our above
+         This file gives the proper IP address to hostname mappings of our above
          fictitious domain.
         </para>
       </sect3>
@@ -3540,7 +3547,7 @@ www             IN CNAME        @
             <filename>sandbox/var/run</filename></para>
         </listitem>
         <listitem>
-          <para>When using the ndc utility you need to specify the
+          <para>When using the &man.ndc.8; utility you need to specify the
             location of the Unix socket created in the sandbox, by
             &man.named.8;, by using the -c switch:
             <command>&prompt.root; ndc -c /etc/namedb/sandbox/var/run/ndc</command>
@@ -3563,7 +3570,7 @@ www             IN CNAME        @
 
       <para>If setup properly, the nameserver should be accessible through 
         the network and locally.  <filename>/etc/resolv.conf</filename> must 
-        contain a nameserver entry with the local ip so it will query the 
+        contain a nameserver entry with the local IP address so it will query the 
         local name server first.
       </para>
 
@@ -3644,9 +3651,9 @@ www             IN CNAME        @
         &man.natd.8; is a daemon that accepts incoming raw IP packets,
         changes the source to the local machine and re-injects these packets
         back into the outgoing IP packet stream. natd does this by changing 
-        the source ip and port such that when data is received back, it is 
+        the source IP address and port such that when data is received back, it is 
         able to determine the original location of the data and forward it 
-        back to its original requestor.</para>
+        back to its original requester.</para>
       <indexterm><primary>Internet connection sharing</primary></indexterm>
       <indexterm><primary>IP masquerading</primary></indexterm>
       <para>The most common use of NAT is to perform what is commonly known as
@@ -3655,14 +3662,14 @@ www             IN CNAME        @
 
     <sect2 id="setup">
       <title>Setup</title>
-      <para>Due to the diminishing ip space in ipv4, and the increased number
+      <para>Due to the diminishing IP space in ipv4, and the increased number
         of users on high-speed consumer lines such as cable or DSL, people are
         in more and more need of an Internet Connection Sharing solution.  The
         ability to connect several computers online through one connection and
-        ip makes &man.natd.8; a reasonable choice.</para>
+        IP address makes &man.natd.8; a reasonable choice.</para>
 
       <para>Most commonly, a user has a machine connected to a cable or DSL
-        line with one ip and wishes to use this one connected computer to
+        line with one IP address and wishes to use this one connected computer to
         provide Internet access to several more over a LAN.</para>
 
       <para>To do this, the FreeBSD machine on the Internet must act as a 
@@ -3759,13 +3766,13 @@ natd_flags=""</programlisting>
         <command>natd -interface fxp0</command> at boot.  This can also 
         be run manually.</para>
 
-      <para>Each machine and interface behind the LAN should be assigned ip 
+      <para>Each machine and interface behind the LAN should be assigned IP address 
         numbers in the private network space as defined by
         <ulink url="http://info.internet.isi.edu:80/in-notes/rfc/files/rfc1918.txt">RFC 1918</ulink>
-        and have a default gateway of the natd machine's internal ip.</para>
+        and have a default gateway of the natd machine's internal IP address.</para>
 
-      <para>For example, client a and b behind the LAN have ips of 192.168.0.2
+      <para>For example, client a and b behind the LAN have IP addresses of 192.168.0.2
-        and 192.168.0.3, while the natd machine's LAN interface has an ip of
+        and 192.168.0.3, while the natd machine's LAN interface has an IP address of
         192.168.0.1.  Client a and b's default gateway must be set to that of
         the natd machine, 192.168.0.1.  The natd machine's external, or 
         Internet interface does not require any special modification for natd
@@ -3818,19 +3825,19 @@ natd_flags=""</programlisting>
     <sect2 id="address-redirection">
       <title>Address Redirection</title>
       <indexterm><primary>address redirection</primary></indexterm>
-      <para>Address redirection is useful if several ips are available, yet
+      <para>Address redirection is useful if several IP addresses are available, yet
         they must be on one machine.  With this, &man.natd.8; can assign each
-        LAN client its own external ip.  &man.natd.8; then rewrites outgoing
+        LAN client its own external IP address.  &man.natd.8; then rewrites outgoing
-        packets from the LAN clients with the proper external ip and redirects
+        packets from the LAN clients with the proper external IP address and redirects
-        all traffic incoming on that particular ip back to the specific LAN 
+        all traffic incoming on that particular IP address back to the specific LAN 
-        client.  This is also known as static NAT. For example, the ips 
+        client.  This is also known as static NAT. For example, the IP addresses 
         128.1.1.1, 128.1.1.2, and 128.1.1.3 belong to the natd gateway 
         machine.  128.1.1.1 can be used as the natd gateway machine's external
-        ip address, while 128.1.1.2 and 128.1.1.3 are forwarded back to LAN 
+        IP address, while 128.1.1.2 and 128.1.1.3 are forwarded back to LAN 
         clients A and B.</para>
 
       <para>The -redirect_address syntax is as follows:</para>
-      <para><programlisting> -redirect_address localIP publicIP</programlisting>
+      <para><option> -redirect_address localIP publicIP</option>
       </para>
 
       <informaltable frame="none">
@@ -3838,26 +3845,26 @@ natd_flags=""</programlisting>
           <tbody>
             <row>
               <entry>localIP</entry>
-              <entry>The internal ip of the LAN client.</entry>
+              <entry>The internal IP address of the LAN client.</entry>
             </row>
             <row>
               <entry>publicIP</entry>
-              <entry>The external ip corresponding to the LAN client.</entry>
+              <entry>The external IP address corresponding to the LAN client.</entry>
             </row>
           </tbody>
         </tgroup>
       </informaltable>
 
       <para>In the example, this argument would read:</para>
-      <programlisting>    -redirect_address 192.168.0.2 128.1.1.2
+      <para><option>    -redirect_address 192.168.0.2 128.1.1.2
-    -redirect_address 192.168.0.3 128.1.1.3</programlisting>
+    -redirect_address 192.168.0.3 128.1.1.3</option></para>
 
       <para>Like -redirect_port, these arguments are also placed within 
         natd_flags of <filename>/etc/rc.conf</filename>.  With address 
         redirection, there is no need for port redirection since all data 
-        received on a particular ip address is redirected.</para>
+        received on a particular IP address is redirected.</para>
 
-      <para>The external ips on the natd machine must be active and aliased 
+      <para>The external IP addresses on the natd machine must be active and aliased 
         to the external interface.  Look at &man.rc.conf.5; to do so.</para>
 
     </sect2>