From: Florian Westphal <fw@strlen.de>
Date: Thu, 17 Apr 2014 11:03:00 +0000 (+0200)
Subject: iptables.8: --policy is either ACCEPT or DROP
X-Git-Tag: v1.6.0~97
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=69f3f846807654163bedba2b939f370838ae141c;p=thirdparty%2Fiptables.git

iptables.8: --policy is either ACCEPT or DROP

its enforced by both by libiptc and kernel.

Signed-off-by: Florian Westphal <fw@strlen.de>
---

diff --git a/iptables/iptables.8.in b/iptables/iptables.8.in
index c6115563..8ef222e5 100644
--- a/iptables/iptables.8.in
+++ b/iptables/iptables.8.in
@@ -224,10 +224,8 @@ any rules.  If no argument is given, it will attempt to delete every
 non-builtin chain in the table.
 .TP
 \fB\-P\fP, \fB\-\-policy\fP \fIchain target\fP
-Set the policy for the chain to the given target.  See the section \fBTARGETS\fP
-for the legal targets.  Only built-in (non-user-defined) chains can have
-policies, and neither built-in nor user-defined chains can be policy
-targets.
+Set the policy for the built-in (non-user-defined) chain to the given target.
+The policy target must be either \fBACCEPT\fP or \fBDROP\fP.
 .TP
 \fB\-E\fP, \fB\-\-rename\-chain\fP \fIold\-chain new\-chain\fP
 Rename the user specified chain to the user supplied name.  This is