From e5199aee9271177a5ea06286dc85d57b267ceaa2 Mon Sep 17 00:00:00 2001
From: "Sergey G. Brester" <github@sebres.de>
Date: Sat, 1 Mar 2025 00:23:55 +0100
Subject: [PATCH] action.d/ufw.conf: update comment:

fix syntax in example, because `dst` as command parameter doesn't have precedence over or-expression, so second `sport` would ignore `dst` and kill any connection for https regardless the IP
---
 config/action.d/ufw.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/config/action.d/ufw.conf b/config/action.d/ufw.conf
index c9ff7f37..060093a0 100644
--- a/config/action.d/ufw.conf
+++ b/config/action.d/ufw.conf
@@ -44,7 +44,7 @@ _kill_conntrack = conntrack -D -s "<ip>"
 
 # Option: kill
 # Notes.: can be used to specify custom killing feature, by default depending on option kill-mode
-# Examples: banaction = ufw[kill='ss -K "( sport = :http || sport = :https )" dst "[<ip>]"']
+# Examples: banaction = ufw[kill='ss -K "dst = [<ip>] && ( sport = :http || sport = :https )"']
 #           banaction = ufw[kill='cutter "<ip>"']
 kill = <_kill_<kill-mode>>