doc: polish config/policy section

diff --git a/doc/config-policy.rst b/doc/config-policy.rst
index 3a1c786ba9d5f3316efe41030f3141b65cc66098..6c7afbb159ade1622f9ebe38140be9c909ea1632 100644 (file)
--- a/doc/config-policy.rst
+++ b/doc/config-policy.rst
@@ -5,16 +5,33 @@ Policy, access control, data manipulation
 Features in this section allow to configure what clients can get access to what
 DNS data, i.e. DNS data filtering and manipulation.
 
+:ref:`mod-policy` specify global policies applicable to all requests,
+e.g. for blocking access to particular domain. :ref:`mod-view` allow
+to specify per-client policies, e.g. block or unblock access
+to a domain only for subset of clients.
+
+It is also possible to modify data returned to clients, either by providing
+:ref:`mod-hints` (answers with statically configured IP addresses),
+:ref:`mod-dns64` translation, or :ref:`mod-renumber`.
+
+Additional modules offer protection against various DNS-based attacks,
+see :ref:`mod-rebinding` and :ref:`mod-refuse_nord`.
+
+At the very end, module :ref:`mod-daf` provides HTTP API for run-time policy
+modification, and generally just offers different interface for previously
+mentioned features.
+
+
 .. toctree::
    :maxdepth: 1
 
-   modules-hints
    modules-policy
    modules-view
-   modules-daf
-   modules-rebinding
-   modules-refuse_nord
+   modules-hints
    modules-dns64
    modules-renumber
    config-answer-reordering
+   modules-rebinding
+   modules-refuse_nord
+   modules-daf
 

diff --git a/modules/renumber/README.rst b/modules/renumber/README.rst
index f585462825941c5f0aee74de75ee00500fdac93f..d5fb2fd73e3596ddc37f478e9f97d835d4ecc668 100644 (file)
--- a/modules/renumber/README.rst
+++ b/modules/renumber/README.rst
@@ -1,7 +1,7 @@
 .. _mod-renumber:
 
-Renumber
-========
+IP address renumbering
+======================
 
 The module renumbers addresses in answers to different address space.
 e.g. you can redirect malicious addresses to a blackhole, or use private address ranges