From aed09d68b995c3b9b4d9221414d75c817313e657 Mon Sep 17 00:00:00 2001
From: tschettervictor <85497460+tschettervictor@users.noreply.github.com>
Date: Wed, 18 Jun 2025 19:00:09 -0600
Subject: [PATCH] docs: rdr: add docs for table as source

---
 docs/chapters/subcommands/rdr.rst | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/docs/chapters/subcommands/rdr.rst b/docs/chapters/subcommands/rdr.rst
index ecf37c63..f2527bf4 100644
--- a/docs/chapters/subcommands/rdr.rst
+++ b/docs/chapters/subcommands/rdr.rst
@@ -35,8 +35,8 @@ The ``rdr`` command includes 4 additional options:
 .. code-block:: shell
 
     -i | --interface   [interface]               Set the interface to create the rdr rule on. Useful if you have multiple interfaces.
-    -s | --source      [source ip]               Limit rdr to a source IP. Useful to only allow access from a certian IP or subnet.
-    -d | --destination [destination ip]          Limit rdr to a destination IP. Useful if you have multiple IPs on one interface.
+    -s | --source      [source]                  Limit rdr to a source IP or table. Useful to only allow access from certain sources.
+    -d | --destination [destination]             Limit rdr to a destination IP. Useful if you have multiple IPs on one interface.
     -t | --type        [ipv4|ipv6]               Specify IP type. Must be used if -s or -d are used. Defaults to both.
 
 .. code-block:: shell
@@ -68,6 +68,9 @@ The options can be used together, as seen above.
 If you have multiple interfaces assigned to your jail, ``bastille rdr`` will
 only redirect using the default one.
 
+It is also possible to specify a pf table as the source, providing it exists. Simply use the table
+name instead of an IP address or subnet.
+
 .. code-block:: shell
 
   # bastille rdr --help
@@ -76,7 +79,7 @@ only redirect using the default one.
       Options:
 
       -i | --interface   [interface]               Set the interface to create the rdr rule on. Useful if you have multiple interfaces.
-      -s | --source      [source ip]               Limit rdr to a source IP. Useful to only allow access from a certian IP or subnet.
-      -d | --destination [destination ip]          Limit rdr to a destination IP. Useful if you have multiple IPs on one interface.
+      -s | --source      [source]                  Limit rdr to a source IP or table. Useful to only allow access from certain sources.
+      -d | --destination [destination]             Limit rdr to a destination IP. Useful if you have multiple IPs on one interface.
       -t | --type        [ipv4|ipv6]               Specify IP type. Must be used if -s or -d are used. Defaults to both.
-      -x | --debug                                 Enable debug mode.
\ No newline at end of file
+      -x | --debug                                 Enable debug mode.