diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2015-03-17 16:36:15 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2015-03-17 17:26:03 +0100 |
commit | acdfae9c3126ff8716c93713f13e8e31a85d5e95 (patch) | |
tree | 3b6c0d51c0062c54243d62565330ea99bba6ab23 /doc | |
parent | ac3a68fb768b7f0e20493038139faa4704dc1846 (diff) |
src: allow to specify the default policy for base chains
The new syntax is:
nft add chain filter input { hook input type filter priority 0\; policy accept\; }
but the previous syntax is still allowed:
nft add chain filter input { hook input type filter priority 0\; }
this assumes default policy to accept.
If the base chain already exists, you can update the policy via:
nft add chain filter input { policy drop\; }
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'doc')
-rw-r--r-- | doc/nft.xml | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/doc/nft.xml b/doc/nft.xml index 696a4c34..8d79016c 100644 --- a/doc/nft.xml +++ b/doc/nft.xml @@ -456,6 +456,7 @@ filter input iif $int_ifs accept <arg choice="req"><replaceable>chain</replaceable></arg> <arg choice="req"><replaceable>hook</replaceable></arg> <arg choice="req"><replaceable>priority</replaceable></arg> + <arg choice="req"><replaceable>policy</replaceable></arg> </cmdsynopsis> <cmdsynopsis> <group choice="req"> |