From 6a25729de0ac6ffc04526f9475d982a38d160185 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?C=C3=A9dric=20Jeanneret?= <cjeanner@redhat.com>
Date: Wed, 10 Aug 2022 07:56:28 +0200
Subject: [PATCH] Correct firewall configuration doc

In iptables and nftables, the "action" is only "append" or "insert"; in
order to treat the actual packet, it's "jump".

Change-Id: I23f133c711e650bf0fef4fc9f60e3ba2890fd3fa
---
 deploy-guide/source/features/security_hardening.rst | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/deploy-guide/source/features/security_hardening.rst b/deploy-guide/source/features/security_hardening.rst
index 45debb60..a85cb3ef 100644
--- a/deploy-guide/source/features/security_hardening.rst
+++ b/deploy-guide/source/features/security_hardening.rst
@@ -148,7 +148,7 @@ deployment when needed. For example, for Zabbix monitoring system.
           dport: 10050
           proto: tcp
           source: 10.0.0.8
-          action: accept
+          jump: accept
 
 Rules can also be used to restrict access. The number used at definition of a
 rule will determine where the nftables rule will be inserted. For example,
@@ -166,14 +166,14 @@ do.
           - 25672
           proto: tcp
           source: 10.0.0.0/24
-          action: accept
+          jump: accept
         '099 drop other rabbit access':
           dport:
           - 4369
           - 5672
           - 25672
           proto: tcp
-          action: drop
+          jump: drop
 
 In this example, 098 and 099 are arbitrarily numbers that are smaller than the
 default rabbitmq rule number. To know the number of a rule, inspect the active