From a10e4fa9009ae219d0bfb6c54da5e1ca6d8deaa4 Mon Sep 17 00:00:00 2001
From: Alex Dubois <bowabos@gmail.com>
Date: Thu, 1 Mar 2018 06:07:08 +0000
Subject: [PATCH] Added ref to qubes-issues#3644 in firewall.md

---
 security/firewall.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/security/firewall.md b/security/firewall.md
index 55cffb24..48c82c56 100644
--- a/security/firewall.md
+++ b/security/firewall.md
@@ -182,7 +182,7 @@ network 192.168.x.0/24.
 **1. Route packets from the outside world to the FirewallVM**
 
 From a Terminal window in sys-net VM, take note of the 'Interface name' and
-'IP address' on which you want to expose your service (i.e. eth0, 192.168.x.x)
+'IP address' on which you want to expose your service (i.e. ens5, 192.168.x.x)
 
 ` ifconfig | grep -i cast `
 
@@ -207,7 +207,7 @@ the service
 > Note: If you want to expose the service on multiple interfaces, repeat the
   steps described in part 1 for each interface
   
-> Note: On Qubes R4, nftables is also used which imply that nft rules also need to be set. Qubes OS has defined a `qubes-firewall` table with a forward chain.
+> Note: In Qubes R4, at the moment ([QubesOS/qubes-issues#3644](https://github.com/QubesOS/qubes-issues/issues/3644)), nftables is also used which imply that additional rules need to be set in a `qubes-firewall` nft table with a forward chain.
 
 `nft add rule ip qubes-firewall forward meta iifname eth0 ip daddr 10.137.0.x tcp dport 443 ct state new counter accept`