From 77d9068e7ac75223e61987fd0282636d5721a994 Mon Sep 17 00:00:00 2001
From: Y7n05h <Y7n05h@protonmail.com>
Date: Thu, 21 Apr 2022 19:22:11 +0800
Subject: [PATCH] Update pdns/dnsdistdist/docs/reference/ebpf.rst

Co-authored-by: Remi Gacogne <github@coredump.fr>
---
 pdns/dnsdistdist/docs/reference/ebpf.rst | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/pdns/dnsdistdist/docs/reference/ebpf.rst b/pdns/dnsdistdist/docs/reference/ebpf.rst
index 8dc81bb826..37afdfee42 100644
--- a/pdns/dnsdistdist/docs/reference/ebpf.rst
+++ b/pdns/dnsdistdist/docs/reference/ebpf.rst
@@ -85,9 +85,9 @@ These are all the functions, objects and methods related to the :doc:`../advance
 
   .. versionchanged:: 1.8.0
 
-    Block ip in this range. 
+    Block all IP addresses in this range. 
 
-    DNSDist check block range after check block ip before check block DNSName. 
+    DNSDist eBPF code first checks if an exact IP match is found, then if a range matches, and finally if a DNSName does.
 
     :param string Netmask: The ip range to block
 
@@ -112,11 +112,10 @@ These are all the functions, objects and methods related to the :doc:`../advance
 
   .. versionchanged:: 1.8.0
 
-    Unblock ip in this range. 
+    Unblock this range. 
 
-    DNSDist check unblock range after check block ip before check block DNSName. 
-    If ip is unblocked by this method but blocked by DNSName, the packet will be accept.
-    If ip is unblocked by this method but blocked by ``block`` , the packet will be blocked.
+    DNSDist eBPF code first checks if an exact IP match is found, then if a range matches, and finally if a DNSName does.
+    If a query coming from an IP or range marked as allowed, but is for a qname for which a DNSName block exists, the packet will be accepted as the first match wins.
 
     :param Netmask string: The ip range to unblock
 
-- 
2.47.2