DOCS-79 pulication edits

Sam Kleinman · Sam Kleinman · commit b04b67457032 · 2012-10-25T20:25:45.000-04:00
diff --git a/source/administration/security.txt b/source/administration/security.txt
@@ -21,6 +21,8 @@ follow a system of least privilege, and follow best development and
 deployment practices. See the :ref:`security-reduce-risk` section for
 more information.
 
+.. _security-reduce-risk:
+
 Strategies for Reducing Risk
 ----------------------------
 
@@ -66,11 +68,13 @@ Vulnerability Notification
 seriously. If you discover a vulnerability in MongoDB or another
 10gen product, or would like to know more about our vulnerability
 reporting and response process, see the
-:doc:`/vulnerability-notification` document.
+:doc:`/administration/vulnerability-notification` document.
 
 Networking Risk Exposure
 ------------------------
 
+.. _security-port-numbers:
+
 Interfaces and Port Numbers
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
@@ -245,10 +249,11 @@ Authentication
 
 MongoDB provides basic support for authentication with the
 :setting:`auth` setting. For multi-instance deployments
-(i.e. :term:`replica sets`, and :term:`sharded clusters`) use the
-:setting:`keyFile` setting, which implies :setting:`auth`, and allows
-intra-deployment authentication and operation. Be aware of the
-following behaviors of MongoDB's authentication system:
+(i.e. :term:`replica sets <replica set>`, and :term:`sharded clusters
+<sharded cluster>`) use the :setting:`keyFile` setting, which implies
+:setting:`auth`, and allows intra-deployment authentication and
+operation. Be aware of the following behaviors of MongoDB's
+authentication system:
 
 - Authentication is **disabled** by default. 
 
@@ -301,7 +306,7 @@ following behaviors of MongoDB's authentication system:
    trusted networking configuration. 
 
 Consider the
-:doc:`/tutorial/use-authentication-to-control-access-to-mongodb`
+:doc:`/tutorial/control-access-to-mongodb-with-authentication`
 document which outlines procedures for configuring and maintaining
 users and access with MongoDB's authentication system.
   
diff --git a/source/tutorial/configure-linux-iptables-firewall.txt b/source/tutorial/configure-linux-iptables-firewall.txt
@@ -99,7 +99,7 @@ Traffic to and from ``mongos`` Instances
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 :program:`mongos` instances provide query routing for :term:`sharded
-clusters`. Clients connect to :program:`mongos` instances, which
+clusters <sharded cluster>`. Clients connect to :program:`mongos` instances, which
 behave from the client's perspective as :program:`mongod`
 instances. In turn, the :program:`mongos` connects to all
 :program:`mongod` instances that are components of the sharded
diff --git a/source/tutorial/configure-windows-netsh-firewall.txt b/source/tutorial/configure-windows-netsh-firewall.txt
@@ -72,7 +72,7 @@ as standalone instances or as part of a :term:`replica set`.
 The goal of this pattern is to explicitly allow traffic to the
 :program:`mongod.exe` instance from the application server. 
 
-.. code-block:: netsh
+.. code-block:: bat
 
    netsh advfirewall firewall add rule name="Open mongod port 27017" dir=in action=allow protocol=TCP localport=27017
 
@@ -84,22 +84,22 @@ allows the application server to connect to the
 an entire application rather than to a specific port, as in the
 following example: 
 
-.. code-block:: netsh
+.. code-block:: bat
 
    netsh advfirewall firewall add rule name="Allowing mongod" dir=in action=allow program=" C:\mongodb\bin\mongod.exe"
 
 You can allow all access for a :program:`mongos.exe` server, with the
 following invocation:
 
-.. code-block:: netsh
+.. code-block:: bat
 
    netsh advfirewall firewall add rule name="Allowing mongos" dir=in action=allow program=" C:\mongodb\bin\mongos.exe"
 
 Traffic to and from ``mongos.exe`` Instances
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 :program:`mongos.exe` instances provide query routing for
-:term:`sharded clusters`. Clients connect to :program:`mongos.exe`
+:term:`sharded clusters <sharded cluster>`. Clients connect to :program:`mongos.exe`
 instances, which behave from the client's perspective as
 :program:`mongod.exe` instances. In turn, the :program:`mongos.exe`
 connects to all :program:`mongod.exe` instances that are components of
@@ -109,7 +109,7 @@ Use the same :guilabel:`Windows Firewall` command to allow traffic to
 and from these instances as you would from the :program:`mongod.exe`
 instances that are members of the replica set.
 
-.. code-block:: netsh
+.. code-block:: bat
 
    netsh advfirewall firewall add rule name="Open mongod shard port 27018" dir=in action=allow protocol=TCP localport=27018
 
@@ -124,7 +124,7 @@ option. [#config-option]_ Configuration servers listen for connections on port
 config server to allow incoming and outgoing connection on port
 ``27019``, for connection to the other config servers. 
 
-.. code-block:: netsh
+.. code-block:: bat
 
    netsh advfirewall firewall add rule name="Open mongod config svr port 27019" dir=in action=allow protocol=TCP localport=27019
 
@@ -133,7 +133,7 @@ all of the :program:`mongos.exe` instances in the cluster *and* all
 :program:`mongod.exe` instances in the cluster. Add rules that
 resemble the following:
 
-.. code-block:: netsh
+.. code-block:: bat
 
    netsh advfirewall firewall add rule name="Open mongod config svr inbound" dir=in action=allow protocol=TCP remoteip=<ip-address> localport=27019
 
@@ -152,7 +152,7 @@ For shard servers, running as :option:`mongod --shardsvr`
 :setting:`shardsvr` is ``27018``,  you must configure the following
 :guilabel:`Windows Firewall` rules to allow traffic to and from each shard:
 
-.. code-block:: netsh
+.. code-block:: bat
   
    netsh advfirewall firewall add rule name="Open mongod shardsvr inbound" dir=in action=allow protocol=TCP remoteip=<ip-address> localport=27018
    netsh advfirewall firewall add rule name="Open mongod shardsvr outbound" dir=out action=allow protocol=TCP remoteip=<ip-address> localport=27018
@@ -176,7 +176,7 @@ Create a rule that resembles the following, and replace the
 ``<ip-address>`` with the address of the config servers and the
 :program:`mongos.exe` instances: 
 
-.. code-block:: netsh
+.. code-block:: bat
 
    netsh advfirewall firewall add rule name="Open mongod config svr outbound" dir=out action=allow protocol=TCP remoteip=<ip-address> localport=27018
 
@@ -200,7 +200,7 @@ Provide Access For Monitoring Systems
 #. If your monitoring system needs access the HTTP interface, insert
    the following rule to the chain:
 
-   .. code-block:: netsh
+   .. code-block:: bat
       
       netsh advfirewall firewall add rule name="Open mongod HTTP monitoring inbound" dir=in action=allow protocol=TCP remoteip=<ip-address> localport=28017
 
@@ -214,14 +214,14 @@ Provide Access For Monitoring Systems
       For shard server :program:`mongod.exe` instances running with
       :setting:`shardsvr`, the rule would resemble the following:
 
-      .. code-block:: netsh
+      .. code-block:: bat
 
          netsh advfirewall firewall add rule name="Open mongos HTTP monitoring inbound" dir=in action=allow protocol=TCP remoteip=<ip-address> localport=28018
 
       For config server :program:`mongod.exe` instances running with
       :setting:`configsvr`, the rule would resemble the following:
 
-      .. code-block:: netsh
+      .. code-block:: bat
 
          netsh advfirewall firewall add rule name="Open mongod configsvr HTTP monitoring inbound" dir=in action=allow protocol=TCP remoteip=<ip-address> localport=28019
 
@@ -238,7 +238,7 @@ Delete all *Windows Firewall* Rules
 
 To delete the firewall rule allowing :program:`mongod.exe` traffic:
 
-.. code-block:: netsh
+.. code-block:: bat
 
    netsh advfirewall firewall delete rule name="Open mongod port 27017" protocol=tcp localport=27017
 
@@ -249,7 +249,7 @@ List All *Windows Firewall* Rules
 
 To return a list of all :guilabel:`Windows Firewall` rules:
 
-.. code-block:: netsh
+.. code-block:: bat
 
    netsh advfirewall firewall show rule name=all
 
@@ -258,7 +258,7 @@ Reset *Windows Firewall*
 
 To reset the :guilabel:`Windows Firewall` rules:
 
-.. code-block:: netsh
+.. code-block:: bat
 
    netsh advfirewall reset
 
@@ -270,14 +270,14 @@ import firewall systems from different servers) rules very easily on Windows:
 
 Export all firewall rules with the following command: 
 
-.. code-block:: netsh
+.. code-block:: bat
 
    netsh advfirewall export "C:\temp\MongoDBfw.wfw"
 
 Replace ``"C:\temp\MongoDBfw.wfw"`` with a path of your choosing. You
 can use a command in the following form to import a file created using
 this operation: 
 
-.. code-block:: netsh
+.. code-block:: bat
 
    netsh advfirewall import "C:\temp\MongoDBfw.wfw"
diff --git a/source/tutorial/control-access-to-mongodb-with-authentication.txt b/source/tutorial/control-access-to-mongodb-with-authentication.txt
@@ -7,8 +7,7 @@ Control Access to MongoDB Instances with Authentication
 MongoDB provides a basic authentication system, that you can enable
 with the :setting:`auth` and :setting:`keyFile` configuration
 settings. [#cli-options]_ See the :ref:`authentication
-<security-authentication>` section of the :doc:`/authentication/security`
-document.
+<security-authentication>` section of the :doc:`/administration/security` document.
 
 This document contains an overview of all operations related to
 authentication and managing a MongoDB deployment with authentication.
