White space fix only. Translators can ignore.

svn path=/head/; revision=42977
2013-10-16 20:19:56 +00:00 · 2013-10-16 20:19:56 +00:00 · 595b89c09e · 2020-12-08 03:00:23 +00:00
commit 595b89c09e
parent 7f49336cd6
1 changed files with 238 additions and 212 deletions
--- a/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml
+++ b/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml
@ -200,8 +200,8 @@
 	<literal>inetd_flags</literal> is set to
 	<literal>-wW -C 60</literal>, which turns on TCP wrapping for
 	<application>inetd</application>'s services, and prevents any
-	single <acronym>IP</acronym> address from requesting any service more than 60
+	single <acronym>IP</acronym> address from requesting any
-	times in any given minute.</para>
+	service more than 60 times in any given minute.</para>
      <para>Although we mention rate-limiting options below, novice
 	users may be pleased to note that these parameters usually do
@ -227,9 +227,10 @@
 	  <listitem>
 	    <para>Specify the default maximum number of times a
-	      service can be invoked from a single <acronym>IP</acronym> address in one
+	      service can be invoked from a single
-	      minute; the default is unlimited.  May be overridden on
+	      <acronym>IP</acronym> address in one minute; the default
-	      a per-service basis with the
+	      is unlimited.  May be overridden on a per-service basis
 	      with the
 	      <option>max-connections-per-ip-per-minute</option>
 	      parameter.</para>
 	  </listitem>
@ -250,9 +251,9 @@
 	  <listitem>
 	    <para>Specify the maximum number of times a service can be
-	      invoked from a single <acronym>IP</acronym> address at any one time; the
+	      invoked from a single <acronym>IP</acronym> address at
-	      default is unlimited.  May be overridden on a
+	      any one time; the default is unlimited.  May be
-	      per-service basis with the
+	      overridden on a per-service basis with the
 	      <option>max-child-per-ip</option> parameter.</para>
 	  </listitem>
 	</varlistentry>
@ -403,14 +404,15 @@ server-program-arguments</programlisting>
 	      options which limit the maximum connections from a
 	      single place to a particular daemon can be enabled.
 	      <option>max-connections-per-ip-per-minute</option>
-	      limits the number of connections from any particular <acronym>IP</acronym>
+	      limits the number of connections from any particular
-	      address per minutes, e.g., a value of ten would limit
+	      <acronym>IP</acronym> address per minutes, e.g., a value
-	      any particular <acronym>IP</acronym> address connecting to a particular
+	      of ten would limit any particular <acronym>IP</acronym>
-	      service to ten attempts per minute.
+	      address connecting to a particular service to ten
-	      <option>max-child-per-ip</option> limits the number of
+	      attempts per minute.  <option>max-child-per-ip</option>
-	      children that can be started on behalf on any single <acronym>IP</acronym>
+	      limits the number of children that can be started on
-	      address at any moment.  These options are useful to
+	      behalf on any single <acronym>IP</acronym> address at
-	      prevent intentional or unintentional excessive resource
+	      any moment.  These options are useful to prevent
 	      intentional or unintentional excessive resource
 	      consumption and Denial of Service (DoS) attacks to a
 	      machine.</para>
@ -430,8 +432,8 @@ server-program-arguments</programlisting>
 	      would read: <literal>nowait/10</literal>.</para>
 	    <para>The same setup with a limit of twenty connections
-	      per <acronym>IP</acronym> address per minute and a maximum total limit of
+	      per <acronym>IP</acronym> address per minute and a
-	      ten child daemons would read:
+	      maximum total limit of ten child daemons would read:
 	      <literal>nowait/10/20</literal>.</para>
 	    <para>These options are utilized by the default
@ -723,8 +725,8 @@ mountd_flags="-r"</programlisting>
      <para>The next example exports
 	<filename class="directory">/home</filename> to three clients
-	by <acronym>IP</acronym> address.  This can be useful for networks without
+	by <acronym>IP</acronym> address.  This can be useful for
-	<acronym>DNS</acronym>.  Optionally,
+	networks without <acronym>DNS</acronym>.  Optionally,
 	<filename>/etc/hosts</filename> could be configured for
 	internal hostnames; please review &man.hosts.5; for more
 	information.  The <literal>-alldirs</literal> flag allows
@ -951,11 +953,11 @@ rpc_statd_enable="YES"</programlisting>
 	<filename class="directory">/net</filename> directories.  When
 	a file is accessed within one of these directories,
 	<application>amd</application> looks up the corresponding
-	remote mount and automatically mounts it.
+	remote mount and automatically mounts it.  <filename
-	<filename class="directory">/net</filename> is used to mount
+	  class="directory">/net</filename> is used to mount an
-	an exported file system from an <acronym>IP</acronym> address, while
+	exported file system from an <acronym>IP</acronym> address,
-	<filename class="directory">/host</filename> is used to mount
+	while <filename class="directory">/host</filename> is used to
-	an export from a remote hostname.</para>
+	mount an export from a remote hostname.</para>
      <para>For instance, an attempt to access a file within
 	<filename class="directory">/host/foobar/usr</filename> would
@ -2617,7 +2619,8 @@ result: 0 Success
      </authorgroup>
    </sect1info>
    -->
-    <title>Dynamic Host Configuration Protocol (<acronym>DHCP</acronym>)</title>
+    <title>Dynamic Host Configuration Protocol
      (<acronym>DHCP</acronym>)</title>
    <indexterm>
      <primary>Dynamic Host Configuration Protocol</primary>
@ -2627,108 +2630,115 @@ result: 0 Success
      <primary>Internet Systems Consortium (ISC)</primary>
    </indexterm>
-    <para>The Dynamic Host Configuration Protocol (<acronym>DHCP</acronym>) allows
+    <para>The Dynamic Host Configuration Protocol
-      a system to connect to a network in order to be assigned
+      (<acronym>DHCP</acronym>) allows a system to connect to a
-      the necessary addressing information for communication on that
+      network in order to be assigned the necessary addressing
-      network.  &os; includes the OpenBSD version of <command>dhclient</command>
+      information for communication on that network.  &os; includes
-      which is used by the client to obtain the addressing information.
+      the OpenBSD version of <command>dhclient</command> which is used
-      &os; does not install a <acronym>DHCP</acronym> server, but several
+      by the client to obtain the addressing information.  &os; does
-      servers are available in the &os; Ports Collection.
+      not install a <acronym>DHCP</acronym> server, but several
-      The <acronym>DHCP</acronym> protocol is fully described in
+      servers are available in the &os; Ports Collection.  The
-      <ulink url="http://www.freesoft.org/CIE/RFC/2131/">RFC
+      <acronym>DHCP</acronym> protocol is fully described in <ulink
-	2131</ulink>.  Informational resources are also available at
+	url="http://www.freesoft.org/CIE/RFC/2131/">RFC 2131</ulink>.
-      <ulink url="http://www.isc.org/downloads/dhcp/">isc.org/downloads/dhcp/</ulink>.</para>
+      Informational resources are also available at <ulink
 	url="http://www.isc.org/downloads/dhcp/">isc.org/downloads/dhcp/</ulink>.</para>
-    <para>This section describes how to use the built-in <acronym>DHCP</acronym> client.
+    <para>This section describes how to use the built-in
-      It then describes how to install and configure a
+      <acronym>DHCP</acronym> client.  It then describes how to
-      <acronym>DHCP</acronym> server.</para>
+      install and configure a <acronym>DHCP</acronym> server.</para>
-      <sect2>
+    <sect2>
-	<title>Configuring a <acronym>DHCP</acronym> Client</title>
+      <title>Configuring a <acronym>DHCP</acronym> Client</title>
-	<para><acronym>DHCP</acronym> client support is included in the &os;
+      <para><acronym>DHCP</acronym> client support is included in the
-	  installer, making it easy to configure a system to automatically
+	&os; installer, making it easy to configure a system to
-	  receive its networking addressing information from an existing
+	automatically receive its networking addressing information
-	  <acronym>DHCP</acronym> server.</para>
+	from an existing <acronym>DHCP</acronym> server.</para>
-	<indexterm><primary><acronym>UDP</acronym></primary></indexterm>
+      <indexterm><primary><acronym>UDP</acronym></primary></indexterm>
-	<para>When <command>dhclient</command> is
+      <para>When <command>dhclient</command> is executed on the client
-	  executed on the client machine, it begins broadcasting
+	machine, it begins broadcasting requests for configuration
-      requests for configuration information.  By default, these
+	information.  By default, these requests use
-      requests use <acronym>UDP</acronym> port 68.  The server replies on <acronym>UDP</acronym> port 67,
+	<acronym>UDP</acronym> port 68.  The server replies on
-      giving the client an <acronym>IP</acronym> address and other relevant network
+	<acronym>UDP</acronym> port 67, giving the client an
-      information such as a subnet mask, default gateway, and <acronym>DNS</acronym> server addresses.
+	<acronym>IP</acronym> address and other relevant network
-      This information is in the form of a <acronym>DHCP</acronym>
+	information such as a subnet mask, default gateway, and
-      <quote>lease</quote> and is valid for a configurable time.  This allows
+	<acronym>DNS</acronym> server addresses.  This information is
-      stale <acronym>IP</acronym> addresses for clients no longer connected to the
+	in the form of a <acronym>DHCP</acronym>
-      network to automatically be reused.</para>
+	<quote>lease</quote> and is valid for a configurable time.
 	This allows stale <acronym>IP</acronym> addresses for clients
 	no longer connected to the network to automatically be
 	reused.</para>
-    <para><acronym>DHCP</acronym> clients can obtain a great deal of information from
+      <para><acronym>DHCP</acronym> clients can obtain a great deal of
-      the server.  An exhaustive list may be found in
+	information from the server.  An exhaustive list may be found
-      &man.dhcp-options.5;.</para>	
+	in &man.dhcp-options.5;.</para>
-	  <para>The <devicename>bpf</devicename> device is already
+      <para>The <devicename>bpf</devicename> device is already
-	    part of the <filename>GENERIC</filename> kernel that is
+	part of the <filename>GENERIC</filename> kernel that is
-	    supplied with &os;, thus there is no need to build a
+	supplied with &os;, thus there is no need to build a
-	    custom kernel for <acronym>DHCP</acronym>.  In the case of
+	custom kernel for <acronym>DHCP</acronym>.  In the case of
-	    a custom kernel configuration file, this device must be
+	a custom kernel configuration file, this device must be
-	    present for <acronym>DHCP</acronym> to function
+	present for <acronym>DHCP</acronym> to function
-	    properly.</para>
+	properly.</para>
-	  <note>
+      <note>
-	    <para>For those who are particularly security conscious,
+	<para>For those who are particularly security conscious,
-	      take note that <devicename>bpf</devicename> is also the
+	  take note that <devicename>bpf</devicename> is also the
-	      device that allows packet sniffers to work correctly
+	  device that allows packet sniffers to work correctly
-	      (although they still have to be run as
+	  (although they still have to be run as
-	      <username>root</username>).
+	  <username>root</username>).
-	      <devicename>bpf</devicename> <emphasis>is</emphasis>
+	  <devicename>bpf</devicename> <emphasis>is</emphasis>
-	      required to use <acronym>DHCP</acronym>; however, the security sensitive
+	  required to use <acronym>DHCP</acronym>; however, the
-	      types should probably not add
+	  security sensitive types should probably not add
-	      <devicename>bpf</devicename> to the kernel in the
+	  <devicename>bpf</devicename> to the kernel in the
-	      expectation that at some point in the future the system
+	  expectation that at some point in the future the system
-	      will be using <acronym>DHCP</acronym>.</para>
+	  will be using <acronym>DHCP</acronym>.</para>
-	  </note>
+      </note>
-	  <para>By default, <acronym>DHCP</acronym> configuration on &os; runs in the
+      <para>By default, <acronym>DHCP</acronym> configuration on &os;
-	    background, or <firstterm>asynchronously</firstterm>.
+	runs in the background, or
-	    Other startup scripts continue to run while <acronym>DHCP</acronym>
+	<firstterm>asynchronously</firstterm>.  Other startup scripts
-	    completes, speeding up system startup.</para>
+	continue to run while <acronym>DHCP</acronym> completes,
 	speeding up system startup.</para>
-	  <para>Background <acronym>DHCP</acronym> works well when the <acronym>DHCP</acronym> server
+      <para>Background <acronym>DHCP</acronym> works well when the
-	    responds quickly to requests and the <acronym>DHCP</acronym> configuration
+	<acronym>DHCP</acronym> server responds quickly to requests
-	    process goes quickly.  However, <acronym>DHCP</acronym> may take a long time
+	and the <acronym>DHCP</acronym> configuration process goes
-	    to complete on some systems.  If network services attempt
+	quickly.  However, <acronym>DHCP</acronym> may take a long
-	    to run before <acronym>DHCP</acronym> has completed, they will fail.  Using
+	time to complete on some systems.  If network services attempt
-	    <acronym>DHCP</acronym> in <firstterm>synchronous</firstterm> mode prevents
+	to run before <acronym>DHCP</acronym> has completed, they will
-	    the problem, pausing startup until <acronym>DHCP</acronym> configuration has
+	fail.  Using <acronym>DHCP</acronym> in
-	    completed.</para>
+	<firstterm>synchronous</firstterm> mode prevents the problem,
 	pausing startup until <acronym>DHCP</acronym> configuration
 	has completed.</para>
-	  <para>To connect to a <acronym>DHCP</acronym> server in the background while
+      <para>To connect to a <acronym>DHCP</acronym> server in the
-	    other startup continues (asynchronous mode), use the
+	background while other startup continues (asynchronous mode),
-	    <quote><literal>DHCP</literal></quote> value in
+	use the <quote><literal>DHCP</literal></quote> value in
-	    <filename>/etc/rc.conf</filename>:</para>
+	<filename>/etc/rc.conf</filename>:</para>
-	  <programlisting>ifconfig_<replaceable>fxp0</replaceable>="DHCP"</programlisting>
+      <programlisting>ifconfig_<replaceable>fxp0</replaceable>="DHCP"</programlisting>
-	  <para>To pause startup while <acronym>DHCP</acronym> completes, use
+      <para>To pause startup while <acronym>DHCP</acronym> completes,
-	    synchronous mode with the
+	use synchronous mode with the
-	    <quote><literal>SYNCDHCP</literal></quote> value:</para>
+	<quote><literal>SYNCDHCP</literal></quote> value:</para>
-	  <programlisting>ifconfig_<replaceable>fxp0</replaceable>="SYNCDHCP"</programlisting>
+      <programlisting>ifconfig_<replaceable>fxp0</replaceable>="SYNCDHCP"</programlisting>
-	  <note>
+      <note>
-	    <para>Replace the <replaceable>fxp0</replaceable> shown
+	<para>Replace the <replaceable>fxp0</replaceable> shown
-	      in these examples with the name of the interface to be
+	  in these examples with the name of the interface to be
-	      dynamically configured, as described in
+	  dynamically configured, as described in
-	      <xref linkend="config-network-setup"/>.</para>
+	  <xref linkend="config-network-setup"/>.</para>
-	  </note>
+      </note>
-	  <para>When using a different file system location for
+      <para>When using a different file system location for
-	    <command>dhclient</command>, or if additional flags must
+	<command>dhclient</command>, or if additional flags must
-	    be passed to <command>dhclient</command>, include (editing
+	be passed to <command>dhclient</command>, include (editing
-	    as necessary):</para>
+	as necessary):</para>
-	  <programlisting>dhclient_program="/sbin/dhclient"
+      <programlisting>dhclient_program="/sbin/dhclient"
 dhclient_flags=""</programlisting>
      <indexterm>
@ -2736,7 +2746,8 @@ dhclient_flags=""</programlisting>
 	<secondary>configuration files</secondary>
      </indexterm>
-      <para>The <acronym>DHCP</acronym> client uses the following files:</para>
+      <para>The <acronym>DHCP</acronym> client uses the following
 	files:</para>
      <itemizedlist>
 	<listitem>
@ -2760,86 +2771,90 @@ dhclient_flags=""</programlisting>
 	  <para><filename>/sbin/dhclient-script</filename></para>
 	  <para><command>dhclient-script</command> is the
-	    &os;-specific <acronym>DHCP</acronym> client configuration script.  It
+	    &os;-specific <acronym>DHCP</acronym> client configuration
-	    is described in &man.dhclient-script.8;, but should not
+	    script.  It is described in &man.dhclient-script.8;, but
-	    need any user modification to function properly.</para>
+	    should not need any user modification to function
 	    properly.</para>
 	</listitem>
 	<listitem>
 	  <para><filename>/var/db/dhclient.leases.<replaceable>interface</replaceable></filename></para>
-	  <para>The <acronym>DHCP</acronym> client keeps a database of valid leases in
+	  <para>The <acronym>DHCP</acronym> client keeps a database of
-	    this file, which is written as a log.
+	    valid leases in this file, which is written as a log.
 	    &man.dhclient.leases.5; gives a slightly longer
-	    description.  Refer to
+	    description.  Refer to &man.dhclient.8;,
-      &man.dhclient.8;, &man.dhcp-options.5;, and
+	    &man.dhcp-options.5;, and &man.dhclient.conf.5;, in
-      &man.dhclient.conf.5;, in addition to the
+	    addition to the references below, for more
-      references below, for more information.</para>
+	    information.</para>
 	</listitem>
      </itemizedlist>
    </sect2>
    <sect2 id="network-dhcp-server">
-      <title>Installing and Configuring a <acronym>DHCP</acronym> Server</title>
+      <title>Installing and Configuring a <acronym>DHCP</acronym>
 	Server</title>
-	<para>This section provides information on how to configure a
+      <para>This section provides information on how to configure a
-	  &os; system to act as a <acronym>DHCP</acronym> server using the ISC
+	&os; system to act as a <acronym>DHCP</acronym> server using
-	  (Internet Systems Consortium) implementation of the <acronym>DHCP</acronym>
+	the ISC (Internet Systems Consortium) implementation of the
-	  server.</para>
+	<acronym>DHCP</acronym> server.</para>
      <indexterm>
 	<primary><acronym>DHCP</acronym></primary>
 	<secondary>server</secondary>
      </indexterm>
-      <para>The <acronym>DHCP</acronym> server, <application>dhcpd</application>, is
+      <para>The <acronym>DHCP</acronym> server,
-	included as part of the
+	<application>dhcpd</application>, is included as part of the
 	<filename role="package">net/isc-dhcp42-server</filename> port
-	in the ports collection.  This port contains the ISC <acronym>DHCP</acronym>
+	in the ports collection.  This port contains the ISC
-	server and documentation.</para>
+	<acronym>DHCP</acronym> server and documentation.</para>
 	<para>The server is not provided as part of &os;, and so the
 	  <filename role="package">net/isc-dhcp42-server</filename>
 	  port must be installed to provide this service.  See
 	  <xref linkend="ports"/> for more information on using the
 	  Ports Collection.</para>
-	<indexterm>
+      <para>The server is not provided as part of &os;, and so the
-	  <primary><acronym>DHCP</acronym></primary>
+	<filename role="package">net/isc-dhcp42-server</filename>
 	port must be installed to provide this service.  See
 	<xref linkend="ports"/> for more information on using the
 	Ports Collection.</para>
      <indexterm>
 	<primary><acronym>DHCP</acronym></primary>
 	  <secondary>installation</secondary>
-	</indexterm>
+      </indexterm>
-	<para>In order to configure the &os; system as a <acronym>DHCP</acronym> server,
+      <para>In order to configure the &os; system as a
-	  first ensure that the &man.bpf.4; device is compiled into
+	<acronym>DHCP</acronym> server, first ensure that the
-	  the kernel.  To do this, add <literal>device bpf</literal>
+	&man.bpf.4; device is compiled into the kernel.  To do this,
-	  to the kernel configuration file, and rebuild the kernel.
+	add <literal>device bpf</literal> to the kernel configuration
-	  For more information about building kernels, see
+	file, and rebuild the kernel.  For more information about
-	  <xref linkend="kernelconfig"/>.</para>
+	building kernels, see <xref linkend="kernelconfig"/>.</para>
-	<para>The <devicename>bpf</devicename> device is already part
+      <para>The <devicename>bpf</devicename> device is already part
-	  of the <filename>GENERIC</filename> kernel that is supplied
+	of the <filename>GENERIC</filename> kernel that is supplied
-	  with &os;, so there is no need to create a custom kernel in
+	with &os;, so there is no need to create a custom kernel in
-	  order to get <acronym>DHCP</acronym> working.</para>
+	order to get <acronym>DHCP</acronym> working.</para>
-	<note>
+      <note>
-	  <para>Those who are particularly security conscious should
+	<para>Those who are particularly security conscious should
-	    note that <devicename>bpf</devicename> is also the device
+	  note that <devicename>bpf</devicename> is also the device
-	    that allows packet sniffers to function correctly
+	  that allows packet sniffers to function correctly
-	    (although such programs still need privileged access).
+	  (although such programs still need privileged access).
-	    The <devicename>bpf</devicename> device
+	  The <devicename>bpf</devicename> device
-	    <emphasis>is</emphasis> required to use <acronym>DHCP</acronym>, but if the
+	  <emphasis>is</emphasis> required to use
-	    sensitivity of the system's security is high, this device
+	  <acronym>DHCP</acronym>, but if the sensitivity of the
-	    should not be included in the kernel purely because the
+	  system's security is high, this device should not be
-	    use of <acronym>DHCP</acronym> may, at some point in the
+	  included in the kernel purely because the use of
-	    future, be desired.</para>
+	  <acronym>DHCP</acronym> may, at some point in the future, be
-	</note>
+	  desired.</para>
      </note>
-	<para>An example configuration file is installed by the
+      <para>An example configuration file is installed by the
-	  <filename role="package">net/isc-dhcp42-server</filename>
+	<filename role="package">net/isc-dhcp42-server</filename>
-	  port.  Copy the example
+	port.  Copy the example
-	  <filename>/usr/local/etc/dhcpd.conf.example</filename>
+	<filename>/usr/local/etc/dhcpd.conf.example</filename>
-	  to the actual configuration file,
+	to the actual configuration file,
-	  <filename>/usr/local/etc/dhcpd.conf</filename>.  Edits
+	<filename>/usr/local/etc/dhcpd.conf</filename>.  Edits
-	  will be made to this new file.</para>
+	will be made to this new file.</para>
      <sect3>
 	<title>Configuring the <acronym>DHCP</acronym> Server</title>
@ -2880,7 +2895,8 @@ host mailhost {
 	  <callout arearefs="domain-name-servers">
 	    <para>This option specifies a comma separated list of
-	      <acronym>DNS</acronym> servers that the client should use.</para>
+	      <acronym>DNS</acronym> servers that the client should
 	      use.</para>
 	  </callout>
 	  <callout arearefs="subnet-mask">
@ -2904,17 +2920,19 @@ host mailhost {
 	  </callout>
 	  <callout arearefs="ddns-update-style">
-	    <para>This option specifies whether the <acronym>DHCP</acronym> server
+	    <para>This option specifies whether the
-	      should attempt to update <acronym>DNS</acronym> when a lease is accepted
+	      <acronym>DHCP</acronym> server should attempt to update
-	      or released.  In the ISC implementation, this option
+	      <acronym>DNS</acronym> when a lease is accepted or
-	      is <emphasis>required</emphasis>.</para>
+	      released.  In the ISC implementation, this option is
 	      <emphasis>required</emphasis>.</para>
 	  </callout>
 	  <callout arearefs="range">
-	    <para>This denotes which <acronym>IP</acronym> addresses should be used in
+	    <para>This denotes which <acronym>IP</acronym> addresses
-	      the pool reserved for allocating to clients.  <acronym>IP</acronym>
+	      should be used in the pool reserved for allocating to
-	      addresses between, and including, the ones stated are
+	      clients.  <acronym>IP</acronym> addresses between, and
-	      handed out to clients.</para>
+	      including, the ones stated are handed out to
 	      clients.</para>
 	  </callout>
 	  <callout arearefs="routers">
@ -2924,14 +2942,15 @@ host mailhost {
 	  <callout arearefs="hardware">
 	    <para>The hardware MAC address of a host (so that the
-	      <acronym>DHCP</acronym> server can recognize a host when it makes a
+	      <acronym>DHCP</acronym> server can recognize a host when
-	      request).</para>
+	      it makes a request).</para>
 	  </callout>
 	  <callout arearefs="fixed-address">
 	    <para>Specifies that the host should always be given the
-	      same <acronym>IP</acronym> address.  Note that using a hostname is
+	      same <acronym>IP</acronym> address.  Note that using a
-	      correct here, since the <acronym>DHCP</acronym> server will resolve the
+	      hostname is correct here, since the
 	      <acronym>DHCP</acronym> server will resolve the
 	      hostname itself before returning the lease
 	      information.</para>
 	  </callout>
@ -2947,8 +2966,8 @@ dhcpd_ifaces="dc0"</programlisting>
 	<para>Replace the <literal>dc0</literal> interface name with
 	  the interface (or interfaces, separated by whitespace)
-	  that the <acronym>DHCP</acronym> server should listen on for <acronym>DHCP</acronym> client
+	  that the <acronym>DHCP</acronym> server should listen on for
-	  requests.</para>
+	  <acronym>DHCP</acronym> client requests.</para>
 	<para>Proceed to start the server by issuing
 	  the following command:</para>
@ -3000,20 +3019,20 @@ dhcpd_ifaces="dc0"</programlisting>
 	  <listitem>
 	    <para><filename>/var/db/dhcpd.leases</filename></para>
-	    <para>The <acronym>DHCP</acronym> server keeps a database of leases it has
+	    <para>The <acronym>DHCP</acronym> server keeps a database
-	      issued in this file, which is written as a log.  The
+	      of leases it has issued in this file, which is written
-	      port installs &man.dhcpd.leases.5;, which gives a
+	      as a log.  The port installs &man.dhcpd.leases.5;, which
-	      slightly longer description.</para>
+	      gives a slightly longer description.</para>
 	  </listitem>
 	  <listitem>
 	    <para><filename>/usr/local/sbin/dhcrelay</filename></para>
 	    <para><application>dhcrelay</application> is used in
-	      advanced environments where one <acronym>DHCP</acronym> server forwards a
+	      advanced environments where one <acronym>DHCP</acronym>
-	      request from a client to another <acronym>DHCP</acronym> server on a
+	      server forwards a request from a client to another
-	      separate network.  If this functionality is required,
+	      <acronym>DHCP</acronym> server on a separate network.
-	      then install the
+	      If this functionality is required, then install the
 	      <filename role="package">net/isc-dhcp42-relay</filename>
 	      port.  The port installs &man.dhcrelay.8;, which
 	      provides more detail.</para>
@ -3094,7 +3113,8 @@ dhcpd_ifaces="dc0"</programlisting>
 	<acronym>DNS</acronym> must be understood.</para>
      <indexterm><primary>resolver</primary></indexterm>
-      <indexterm><primary>reverse <acronym>DNS</acronym></primary></indexterm>
+      <indexterm><primary>reverse
 	  <acronym>DNS</acronym></primary></indexterm>
      <indexterm><primary>root zone</primary></indexterm>
      <informaltable frame="none" pgwide="1">
@ -3112,7 +3132,8 @@ dhcpd_ifaces="dc0"</programlisting>
 	  <tbody>
 	    <row>
 	      <entry>Forward <acronym>DNS</acronym></entry>
-	      <entry>Mapping of hostnames to <acronym>IP</acronym> addresses.</entry>
+	      <entry>Mapping of hostnames to <acronym>IP</acronym>
 		addresses.</entry>
 	    </row>
 	    <row>
@ -3765,7 +3786,8 @@ www             IN      CNAME   example.org.</programlisting>
 	  <secondary>records</secondary>
 	</indexterm>
-	<para>The most commonly used <acronym>DNS</acronym> records:</para>
+	<para>The most commonly used <acronym>DNS</acronym>
 	  records:</para>
 	<variablelist>
 	  <varlistentry>
@ -3919,9 +3941,9 @@ mail            IN      A       192.168.1.5</programlisting>
 	  priority number), then the second highest, etc, until the
 	  mail can be properly delivered.</para>
-	<para>For in-addr.arpa zone files (reverse <acronym>DNS</acronym>), the same
+	<para>For in-addr.arpa zone files (reverse
-	  format is used, except with PTR entries instead of A or
+	  <acronym>DNS</acronym>), the same format is used, except
-	  CNAME.</para>
+	  with PTR entries instead of A or CNAME.</para>
 	<programlisting>$TTL 3600
@ -3941,8 +3963,8 @@ mail            IN      A       192.168.1.5</programlisting>
 4       IN      PTR     mx.example.org.
 5       IN      PTR     mail.example.org.</programlisting>
-	<para>This file gives the proper <acronym>IP</acronym> address to hostname
+	<para>This file gives the proper <acronym>IP</acronym> address
-	  mappings for the above fictitious domain.</para>
+	  to hostname mappings for the above fictitious domain.</para>
 	<para>It is worth noting that all names on the right side
 	  of a PTR record need to be fully qualified (i.e., end in
@ -3970,7 +3992,8 @@ mail            IN      A       192.168.1.5</programlisting>
      <indexterm>
 	<primary>BIND</primary>
-	<secondary><acronym>DNS</acronym> security extensions</secondary>
+	<secondary><acronym>DNS</acronym> security
 	    extensions</secondary>
      </indexterm>
      <para>Domain Name System Security Extensions, or <acronym
@ -4335,9 +4358,10 @@ $include Kexample.com.+005+nnnnn.ZSK.key    ; ZSK</programlisting>
    <sect2>
      <title>Security</title>
-      <para>Although BIND is the most common implementation of <acronym>DNS</acronym>,
+      <para>Although BIND is the most common implementation of
-	there is always the issue of security.  Possible and
+	<acronym>DNS</acronym>, there is always the issue of security.
-	exploitable security holes are sometimes found.</para>
+	Possible and exploitable security holes are sometimes
 	found.</para>
      <para>While &os; automatically drops
 	<application>named</application> into a &man.chroot.8;
@ -4381,7 +4405,8 @@ $include Kexample.com.+005+nnnnn.ZSK.key    ; ZSK</programlisting>
 	<listitem>
 	  <para><ulink
 	      url="http://www.oreilly.com/catalog/dns5/">O'Reilly
-	      <acronym>DNS</acronym> and BIND 5th Edition</ulink></para>
+	      <acronym>DNS</acronym> and BIND 5th
 	      Edition</ulink></para>
 	</listitem>
 	<listitem>
@ -4420,15 +4445,15 @@ $include Kexample.com.+005+nnnnn.ZSK.key    ; ZSK</programlisting>
 	<listitem>
 	  <para><ulink
 	      url="http://tools.ietf.org/html/rfc4034">RFC4034
-	      - Resource Records for the <acronym>DNS</acronym> Security
+	      - Resource Records for the <acronym>DNS</acronym>
-	      Extensions</ulink></para>
+	      Security Extensions</ulink></para>
 	</listitem>
 	<listitem>
 	  <para><ulink
 	      url="http://tools.ietf.org/html/rfc4035">RFC4035
-	      - Protocol Modifications for the <acronym>DNS</acronym> Security
+	      - Protocol Modifications for the <acronym>DNS</acronym>
-	      Extensions</ulink></para>
+	      Security Extensions</ulink></para>
 	</listitem>
 	<listitem>
@ -4630,7 +4655,8 @@ $include Kexample.com.+005+nnnnn.ZSK.key    ; ZSK</programlisting>
 	types of Virtual Hosting.  The first method is Name-based
 	Virtual Hosting.  Name-based virtual hosting uses the clients
 	HTTP/1.1 headers to figure out the hostname.  This allows many
-	different domains to share the same <acronym>IP</acronym> address.</para>
+	different domains to share the same <acronym>IP</acronym>
 	address.</para>
      <para>To setup <application>Apache</application> to use
 	Name-based Virtual Hosting add an entry like the following to
@ -5524,8 +5550,8 @@ driftfile /var/db/ntp.drift</programlisting>
 	<programlisting>restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap</programlisting>
 	<para>instead, where
-	  <hostid role="ipaddr">192.168.1.0</hostid> is an <acronym>IP</acronym> address
+	  <hostid role="ipaddr">192.168.1.0</hostid> is an
-	  on the network and
+	  <acronym>IP</acronym> address on the network and
 	  <hostid role="netmask">255.255.255.0</hostid> is the
 	  network's netmask.</para>