Update pdns/dnsdistdist/docs/reference/ebpf.rst

Co-authored-by: Remi Gacogne <github@coredump.fr>

diff --git a/pdns/dnsdistdist/docs/reference/ebpf.rst b/pdns/dnsdistdist/docs/reference/ebpf.rst
index 8dc81bb826b65ec78b3aca54a72cad1451285f0b..37afdfee42fdb36bd1773197e382dfd10fc7716b 100644 (file)
--- a/pdns/dnsdistdist/docs/reference/ebpf.rst
+++ b/pdns/dnsdistdist/docs/reference/ebpf.rst
@@ -85,9 +85,9 @@ These are all the functions, objects and methods related to the :doc:`../advance
 
   .. versionchanged:: 1.8.0
 
-    Block ip in this range. 
+    Block all IP addresses in this range. 
 
-    DNSDist check block range after check block ip before check block DNSName. 
+    DNSDist eBPF code first checks if an exact IP match is found, then if a range matches, and finally if a DNSName does.
 
     :param string Netmask: The ip range to block
 
@@ -112,11 +112,10 @@ These are all the functions, objects and methods related to the :doc:`../advance
 
   .. versionchanged:: 1.8.0
 
-    Unblock ip in this range. 
+    Unblock this range. 
 
-    DNSDist check unblock range after check block ip before check block DNSName. 
-    If ip is unblocked by this method but blocked by DNSName, the packet will be accept.
-    If ip is unblocked by this method but blocked by ``block`` , the packet will be blocked.
+    DNSDist eBPF code first checks if an exact IP match is found, then if a range matches, and finally if a DNSName does.
+    If a query coming from an IP or range marked as allowed, but is for a qname for which a DNSName block exists, the packet will be accepted as the first match wins.
 
     :param Netmask string: The ip range to unblock