The example adds a rule to the `output` chain, not the `input` chain. Signed-off-by: Jeremy Sowden <jeremy@xxxxxxxxxx> --- doc/nft.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/nft.txt b/doc/nft.txt index 5326de167de8..47b55f934de9 100644 --- a/doc/nft.txt +++ b/doc/nft.txt @@ -462,7 +462,7 @@ beginning of the chain or before the specified rule. *replace*:: Similar to *add*, but the rule replaces the specified rule. *delete*:: Delete the specified rule. -.*add a rule to ip table input chain* +.*add a rule to ip table output chain* ------------- nft add rule filter output ip daddr 192.168.0.0/24 accept # 'ip filter' is assumed # same command, slightly more verbose -- 2.28.0
