doc: use symbolic names for chain priorities

This replaces the numbers with the matching symbolic names with one exception: The NAT example used "priority 0" for the prerouting priority. This is replaced by "dstnat" which has priority -100 which is the new recommended priority. Also use spaces instead of tabs for consistency in lines which require updates. Signed-off-by: Simon Ruderich <simon@ruderich.org> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Simon Ruderich <simon@ruderich.org> 2021-03-09 11:53:30 +0100
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2021-03-24 14:19:31 +0100
commit: 8c226fabc63f21c00ea07b7d484053f797ce994c (patch)
tree: f62fe1e3daf55992c511781c8270437af457b941 /doc/nft.txt
parent: b140b592cb74ce4f15ccc3850882bd7d93749109 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/doc/nft.txt b/doc/nft.txt
index e4f32179..55747036 100644
--- a/doc/nft.txt
+++ b/doc/nft.txt
@@ -319,7 +319,7 @@ nft --interactive
 create table inet mytable
 
 # add a new base chain: get input packets
-add chain inet mytable myin { type filter hook input priority 0; }
+add chain inet mytable myin { type filter hook input priority filter; }
 
 # add a single counter to the chain
 add rule inet mytable myin counter
@@ -487,7 +487,7 @@ nft add rule ip filter output ip daddr 192.168.0.0/24 accept
 # nft -a list ruleset
 table inet filter {
 	chain input {
-		type filter hook input priority 0; policy accept;
+		type filter hook input priority filter; policy accept;
 		ct state established,related accept # handle 4
 		ip saddr 10.1.1.1 tcp dport ssh accept # handle 5
 	  ...
author	Simon Ruderich <simon@ruderich.org>	2021-03-09 11:53:30 +0100
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2021-03-24 14:19:31 +0100
commit	8c226fabc63f21c00ea07b7d484053f797ce994c (patch)
tree	f62fe1e3daf55992c511781c8270437af457b941 /doc/nft.txt
parent	b140b592cb74ce4f15ccc3850882bd7d93749109 (diff)