From cfd0da133ee4a343476ba65dd8dbd002ca8d59fa Mon Sep 17 00:00:00 2001
From: jason taylor <jtfas90@gmail.com>
Date: Fri, 7 Oct 2022 20:44:14 +0000
Subject: [PATCH] userguide: update ipv6.hdr keyword information

Signed-off-by: jason taylor <jtfas90@gmail.com>
---
 doc/userguide/rules/header-keywords.rst | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/doc/userguide/rules/header-keywords.rst b/doc/userguide/rules/header-keywords.rst
index 29f6448798..c0e033542a 100644
--- a/doc/userguide/rules/header-keywords.rst
+++ b/doc/userguide/rules/header-keywords.rst
@@ -128,7 +128,16 @@ the IPv4 protocol is TCP.
 ipv6.hdr
 ^^^^^^^^
 
-Sticky buffer to match on the whole IPv6 header.
+Sticky buffer to match on content contained within an IPv6 header.
+
+Example rule:
+
+.. container:: example-rule
+
+    alert ip any any -> any any (msg:"IPv6 header keyword example"; :example-rule-emphasis:`ipv6.hdr; content:"|06|"; offset:6; depth:1;` sid:1; rev:1;)
+
+This example looks if byte 7 of IP64 header has value 06, which indicates that
+the IPv6 protocol is TCP.
 
 id
 ^^