summaryrefslogtreecommitdiffstats
path: root/doc
diff options
context:
space:
mode:
authorSimon Ruderich <simon@ruderich.org>2021-03-07 10:51:36 +0100
committerPablo Neira Ayuso <pablo@netfilter.org>2021-03-09 02:41:59 +0100
commit68d5edd4d31e54b6add6d2af5b8baa0c0724a4dd (patch)
tree6a98326b9080e17761d8bc91a23d7f0d170fb370 /doc
parent95141d17efe22e66aca85e0cc53a5a6d6bc1f3cd (diff)
doc: move drop rule on a separate line in blackhole example
At first I overlooked the "drop". Putting it on a separate line makes it more visible and also details the separate steps of this rule. Signed-off-by: Simon Ruderich <simon@ruderich.org> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'doc')
-rw-r--r--doc/statements.txt3
1 files changed, 2 insertions, 1 deletions
diff --git a/doc/statements.txt b/doc/statements.txt
index 7bb538a9..0973e5ef 100644
--- a/doc/statements.txt
+++ b/doc/statements.txt
@@ -712,7 +712,8 @@ nft add rule ip filter input ip saddr @blackhole counter drop
# requests occurred per second and ip address.
nft add rule ip filter input tcp flags syn tcp dport ssh \
add @flood { ip saddr limit rate over 10/second } \
- add @blackhole { ip saddr } drop
+ add @blackhole { ip saddr } \
+ drop
# inspect state of the sets.
nft list set ip filter flood