4 files changed, 72 insertions, 58 deletions
diff --git a/docs/_include/interface-dhcp-options.txt b/docs/_include/interface-dhcp-options.txt
index 2030ae3d..27a80acd 100644
--- a/docs/_include/interface-dhcp-options.txt
+++ b/docs/_include/interface-dhcp-options.txt
@@ -59,3 +59,18 @@
   .. code-block:: none
 
     set interfaces {{ var0 }} {{ var1 }} {{ var2 }} {{ var4 }} {{ var5 }} {{ var7 }} dhcp-options default-route-distance 220
+
+.. cfgcmd:: set interfaces {{ var0 }} <interface> {{ var2 }} {{ var3 }}
+  {{ var5 }} {{ var6 }} dhcp-options reject <address>
+
+  Reject DHCP leases from a given address or range.
+  This is useful when a modem gives a local IP when first starting.
+
+  * **address** can be specified multiple times,
+    e.g. 192.168.100.1 and/or 192.168.100.0/24
+
+  Example:
+
+  .. code-block:: none
+
+    set interfaces {{ var0 }} {{ var1 }} {{ var2 }} {{ var4 }} {{ var5 }} {{ var7 }} dhcp-options reject 192.168.100.0/24
diff --git a/docs/configuration/interfaces/wireguard.rst b/docs/configuration/interfaces/wireguard.rst
index db144650..0ceb0aa2 100644
--- a/docs/configuration/interfaces/wireguard.rst
+++ b/docs/configuration/interfaces/wireguard.rst
@@ -11,9 +11,9 @@ information.
 Configuration
 =============
 
-WireGuard requires the generation of a keypair, a private key which will
-decrypt incoming traffic and a public key, which the peer(s) will use to
-encrypt traffic.
+WireGuard requires the generation of a keypair, which includes a private
+key to decrypt incoming traffic, and a public key for peer(s) to encrypt
+traffic.
 
 Generate keypair
 ----------------
@@ -26,8 +26,8 @@ Generate keypair
 
 .. opcmd:: show wireguard keypairs pubkey default
 
-   It shows the public key which needs to be shared with your peer(s). Your
-   peer will encrypt all traffic to your system using this public key.
+   It shows the public key to be shared with your peer(s). Your peer will
+   encrypt all traffic to your system using this public key.
 
    .. code-block:: none
 
@@ -38,12 +38,11 @@ Generate keypair
 Generate named keypair
 ----------------------
 
-Named keypairs can be used on a interface basis, if configured. If
+Named keypairs can be used on a interface basis when configured. If
 multiple WireGuard interfaces are being configured, each can have their
 own keypairs.
 
-The commands below will generate 2 keypairs, which are not related to
-each other.
+The commands below generates 2 keypairs unrelated to each other.
 
 .. code-block:: none
 
@@ -56,11 +55,11 @@ Interface configuration
 
 The next step is to configure your local side as well as the policy
 based trusted destination addresses. If you only initiate a connection,
-the listen port and address/port is optional, if you however act as a server
-and endpoints initiate the connections to your system, you need to
-define a port your clients can connect to, otherwise it's randomly
-chosen and may make it difficult with firewall rules, since the port may
-be a different one when you reboot your system.
+the listen port and address/port is optional; however, if you act as a
+server and endpoints initiate the connections to your system, you need to
+define a port your clients can connect to, otherwise the port is randomly
+chosen and may make connection difficult with firewall rules, since the port
+may be different each time the system is rebooted.
 
 You will also need the public key of your peer as well as the network(s)
 you want to tunnel (allowed-ips) to configure a WireGuard tunnel. The
@@ -82,7 +81,7 @@ one.
 
 The last step is to define an interface route for 10.2.0.0/24 to get
 through the WireGuard interface `wg01`. Multiple IPs or networks can be
-defined and routed, the last check is allowed-ips which either prevents
+defined and routed. The last check is allowed-ips which either prevents
 or allows the traffic.
 
 .. note:: You can not assign the same allowed-ips statement to multiple
@@ -116,7 +115,7 @@ the public key, which needs to be shared with the peer.
   set protocols static route 10.1.0.0/24 interface wg01
 
 Assure that your firewall rules allow the traffic, in which case you
-have a working VPN using WireGuard
+have a working VPN using WireGuard.
 
 .. code-block:: none
 
@@ -131,16 +130,16 @@ have a working VPN using WireGuard
   64 bytes from 10.1.0.1: icmp_seq=2 ttl=64 time=1.02 ms
 
 An additional layer of symmetric-key crypto can be used on top of the
-asymmetric crypto, which is optional.
+asymmetric crypto. This is optional.
 
 .. code-block:: none
 
   wg01# run generate wireguard preshared-key
   rvVDOoc2IYEnV+k5p7TNAmHBMEGTHbPU8Qqg8c/sUqc=
 
-Copy the key, as it is not stored on the local file system. Make sure
-you distribute that key in a safe manner, it's a symmetric key, so only
-you and your peer should have knowledge of its content.
+Copy the key, as it is not stored on the local filesystem. Because it
+is a symmetric key, only you and your peer should have knowledge of
+its content. Make sure you distribute the key in a safe manner,
 
 .. code-block:: none
 
@@ -154,7 +153,7 @@ With WireGuard, a Road Warrior VPN config is similar to a site-to-site
 VPN. It just lacks the ``address`` and ``port`` statements.
 
 In the following example, the IPs for the remote clients are defined in
-the peers. This would allow the peers to interact with one another.
+the peers. This allows the peers to interact with one another.
 
 .. code-block:: none
 
diff --git a/docs/documentation.rst b/docs/documentation.rst
index 849008a8..7b410e95 100644
--- a/docs/documentation.rst
+++ b/docs/documentation.rst
@@ -4,9 +4,9 @@
 Documentation
 #############
 
-As most software projects we also have a lack in documentation. We encourage
-every VyOS user to help us improve our documentation. This will not only be
-beneficial for you (when reading something up) but also for the whole world.
+We encourage every VyOS user to help us improve our documentation as we have
+a deficit like most software projects.  This not only be helps you when reading,
+but also everyone else.
 
 If you are willing to contribute to our documentation this is the definite
 guide how to do so.
@@ -101,7 +101,7 @@ access to the official codebase.
     $ git checkout master
     $ git merge upstream/master
 
-* If you want to update your fork on GitHub, too use the following: ``$ git
+* If you also want to update your fork on GitHub, use the following: ``$ git
   push origin master``
 
 Style Guide
@@ -153,7 +153,7 @@ system numbers for the documentation:
   * Unicast MAC Addresses: ``00-53-00`` to ``00-53-FF``
   * Multicast MAC-Addresses: ``90-10-00`` to ``90-10-FF``
 
-Please don't use other public address space.
+Please do not use other public address space.
 
 
 Line length
@@ -161,32 +161,32 @@ Line length
 
 Limit all lines to a maximum of 80 characters.
 
-Except in ``.. code-block::`` because it will use  the html tag ``<pre>``
-which have the save line format as in the rst file.
+Except in ``.. code-block::`` because it uses the html tag ``<pre>`` and
+renders the same line format from the source rst file.
 
 
 Autolinter
 ^^^^^^^^^^
 
-Each GitHub Pull request will automatically lint against the Address space and
+Each GitHub Pull request is automatically linted to check the Address space and
 line length.
 
 Sometimes it is necessary to provide real IP Addresses like in the
-:ref:`examples`. For this please use the sphinx comment syntax
+:ref:`examples`. For this, please use the sphinx comment syntax
 ``.. stop_vyoslinter`` to stop the linter and ``.. start_vyoslinter`` to start.
 
 
 Custom Sphinx-doc Markup
 ^^^^^^^^^^^^^^^^^^^^^^^^
 
-When writing the documentation custom commands have been developed. Please
+Custom commands have been developed for writing the documentation. Please
 make yourself comfortable with those commands as this eases the way we
 render the documentation.
 
 cfgcmd
 """"""
 
-When documenting CLI commands use the ``.. cfgcmd::`` directive
+When documenting CLI commands, use the ``.. cfgcmd::`` directive
 for all configuration mode commands. An explanation of the described command
 should be added below this statement.
 Replace all variable contents with <value> or somthing similar.
@@ -201,7 +201,7 @@ descriptive way in the resulting HTML/PDF manual.
      This will configure a static ARP entry always resolving `192.0.2.100` to
      `00:53:27:de:23:aa`.
 
-For a inline configuration level command use ``:cfgcmd:``
+For a inline configuration level command, use ``:cfgcmd:``
 
 .. code-block:: none
 
@@ -210,10 +210,10 @@ For a inline configuration level command use ``:cfgcmd:``
 opcmd
 """""
 
-When documenting operational level command use the ``.. opcmd::`` directive.
+When documenting operational level commands, use the ``.. opcmd::`` directive.
 An explanation of the described command should be added below this statement.
 
-With those custom commands it will be possible to render them in a more
+With those custom commands, it is possible to render them in a more
 descriptive way in the resulting HTML/PDF manual.
 
 .. code-block:: none
@@ -222,7 +222,7 @@ descriptive way in the resulting HTML/PDF manual.
 
      Display all known ARP table entries spanning across all interfaces
 
-For a inline operational level command use ``:opcmd:``
+For a inline operational level command, use ``:opcmd:``
 
 .. code-block:: none
 
@@ -231,7 +231,7 @@ For a inline operational level command use ``:opcmd:``
 cmdinclude
 """"""""""
 
-To minimize redundancy there is a special include directive. It include a txt
+To minimize redundancy, there is a special include directive. It include a txt
 file and replace the ``{{ var0 }}`` - ``{{ var9 }}`` with the correct value
 
 .. code-block:: none
@@ -270,7 +270,7 @@ vytask
 """"""
 
 When referencing to VyOS Phabricator Tasks, there is a custom Sphinx Markup
-command called ``vytask`` which automatically renders to a proper Phabricator
+command called ``vytask`` that automatically renders to a proper Phabricator
 URL. This is heavily used in the :ref:`release-notes` section.
 
 .. code-block:: none
@@ -281,7 +281,7 @@ URL. This is heavily used in the :ref:`release-notes` section.
 Page content
 ------------
 
-The documentation have 3 different types of pages, the same kind of pages must 
+The documentation has 3 different types of pages. The same kind of pages must 
 have the same structure to achieve a recognition factor.
 
 All RST files must follow the same TOC Level syntax and have to start with
@@ -307,12 +307,12 @@ For example:
 The article starts with a short intruducing about the command or the
 technologie. Please include some helpfull links or background informations.
 
-After this a optional section follows. Some commands have requirements like the
-compatible hardware (e.g. Wifi) or some commands you have to set before. For
-example it is recommended to set a route-map before configure bgp.
+An optional section follows. Some commands have requirements like compatible
+hardware (e.g. Wifi) or some commands you have to set before. For
+example, it is recommended to set a route-map before configure BGP.
 
-In the configuration part of the page all possible confiuration options
-should be documented. Use ``.. cfgcmd::`` like described above.
+In the configuration part of the page, all possible confiuration options
+should be documented. Use ``.. cfgcmd::`` described above.
 
 Related Operation command must be documented in the next part of the article.
 Use ``::opcmd..`` for these commands.
@@ -323,16 +323,16 @@ next optional part.
 Operation mode pages
 ^^^^^^^^^^^^^^^^^^^^
 
-Operation mode commands, which didn't fit in a related configuraton mode command
-must documented in this part of the documentation.
+Operation mode commands that does not fit in a related configuraton mode command
+must be documented in this part of the documentation.
 
-General concepts for troubleshooting belong here as well as detailed process
-descriptions.
+General concepts for troubleshooting, and detailed process descriptions belong
+here.
 
 Anything else
 ^^^^^^^^^^^^^
 
-Anything else what is not a configuration or a operation command have no
+Anything else that is not a configuration or an operation command have no
 predefined structure.
 
 
diff --git a/docs/installation/install.rst b/docs/installation/install.rst
index 5619d381..75c1713d 100644
--- a/docs/installation/install.rst
+++ b/docs/installation/install.rst
@@ -4,9 +4,9 @@
 Installation
 ############
 
-VyOS installation requires to download a VyOS .iso file. That file is
-a live install image that lets you boot a live VyOS. From that live
-system you can proceed to the permanent installation on a hard drive or
+VyOS installation requires a downloaded VyOS .iso file. That file is
+a live install image that lets you boot a live VyOS. From the live
+system, you can proceed to a permanent installation on a hard drive or
 any other type of storage.
 
 
@@ -14,7 +14,7 @@ Hardware requirements
 =====================
 
 The minimum system requirements are 512 MiB RAM and 2 GiB storage.
-Depending on your use you might need additional RAM and CPU resources e.g.
+Depending on your use, you might need additional RAM and CPU resources e.g.
 when having multiple BGP full tables in your system.
 
 Download
@@ -23,9 +23,9 @@ Download
 Registered Subscribers
 ----------------------
 
-Registered subscribers can log into https://support.vyos.io/ to have access to
-a variety of different downloads via the "Downloads" link. These downloads
-include LTS (Long-Term-Support) and associated hot-fix releases, early public
+Registered subscribers can log into https://support.vyos.io/ to access a
+variety of different downloads via the "Downloads" link. These downloads
+include LTS (Long-Term-Support), the associated hot-fix releases, early public
 access releases, pre-built VM images, as well as device specific installation
 ISOs.
 
@@ -47,8 +47,8 @@ https://downloads.vyos.io/
 
 .. note:: Rolling releases contain all the latest enhancements and fixes. This
    means that there will be new bugs of course. If you think you hit a bug
-   please follow the guide at :ref:`bug_report`. To improve VyOS we depend on
-   your feedback!
+   please follow the guide at :ref:`bug_report`. We depend on your feedback
+   to improve vyOS!
 
 The following link will always fetch the most recent VyOS build for AMD64
 systems from the current branch:
@@ -343,7 +343,7 @@ PXE Boot
 ========
 
 VyOS can also be installed through PXE. This is a more complex
-installation method which allows deploying VyOS through the network.
+installation method that allows deploying VyOS through the network.
 
 **Requirements**