In particular:
- Mention that grouping of chains in tables is irrelevant to the evaluation
order.
- Clarify that priorities only define the ordering of chains per hook.
- Improved potentially ambiguous wording “lower priority values have precedence
over higher ones”, which could be mistaken as that rules from lower priority
chains might “win” over such from higher ones (which is however only the case
if they drop/reject packets).
The new wording merely describes which chains are evaluated first, implicitly
referring the question which verdict “wins” to the section where verdicts are
described, and also should work when lower priority chains mangle packets (in
which case they might actually be considered as having “precedence”).
Signed-off-by: Christoph Anton Mitterer <mail@christoph.anton.mitterer.name> Signed-off-by: Florian Westphal <fw@strlen.de>
projects / thirdparty / nftables.git / commit
