diff --git a/README.md b/README.md
index 629c769..891300e 100644
--- a/README.md
+++ b/README.md
@@ -131,7 +131,7 @@ nat on $ext_if from <jails> to any -> ($ext_if:0)
 rdr-anchor "rdr/*"
 
 block in all
-pass out quick modulate state
+pass out quick keep state
 antispoof for $ext_if inet
 pass in inet proto tcp from any to any port ssh flags S/SA keep state
 
diff --git a/docs/chapters/networking.rst b/docs/chapters/networking.rst
index fb52e8a..73099c2 100644
--- a/docs/chapters/networking.rst
+++ b/docs/chapters/networking.rst
@@ -174,7 +174,7 @@ Create the firewall rules:
   rdr-anchor "rdr/*"
 
   block in all
-  pass out quick modulate state
+  pass out quick keep state
   antispoof for $ext_if inet
   pass in inet proto tcp from any to any port ssh flags S/SA modulate state