iptables.8: --policy is either ACCEPT or DROP

its enforced by both by libiptc and kernel. Signed-off-by: Florian Westphal <fw@strlen.de>
author: Florian Westphal <fw@strlen.de> 2014-04-17 13:03:00 +0200
committer: Florian Westphal <fw@strlen.de> 2014-04-17 13:03:00 +0200
commit: 69f3f846807654163bedba2b939f370838ae141c (patch)
tree: 6733f04011aad5ae33c1fb11e3684eb24c9a292d /iptables
parent: 60f00639ca42a95fd5425d6bb6ac08e5b29c6b18 (diff)
1 files changed, 2 insertions, 4 deletions
diff --git a/iptables/iptables.8.in b/iptables/iptables.8.in
index c6115563..8ef222e5 100644
--- a/iptables/iptables.8.in
+++ b/iptables/iptables.8.in
@@ -224,10 +224,8 @@ any rules.  If no argument is given, it will attempt to delete every
 non-builtin chain in the table.
 .TP
 \fB\-P\fP, \fB\-\-policy\fP \fIchain target\fP
-Set the policy for the chain to the given target.  See the section \fBTARGETS\fP
-for the legal targets.  Only built-in (non-user-defined) chains can have
-policies, and neither built-in nor user-defined chains can be policy
-targets.
+Set the policy for the built-in (non-user-defined) chain to the given target.
+The policy target must be either \fBACCEPT\fP or \fBDROP\fP.
 .TP
 \fB\-E\fP, \fB\-\-rename\-chain\fP \fIold\-chain new\-chain\fP
 Rename the user specified chain to the user supplied name.  This is
author	Florian Westphal <fw@strlen.de>	2014-04-17 13:03:00 +0200
committer	Florian Westphal <fw@strlen.de>	2014-04-17 13:03:00 +0200
commit	69f3f846807654163bedba2b939f370838ae141c (patch)
tree	6733f04011aad5ae33c1fb11e3684eb24c9a292d /iptables
parent	60f00639ca42a95fd5425d6bb6ac08e5b29c6b18 (diff)