diff --git a/README.md b/README.md
index b6d89de..685d6ec 100644
--- a/README.md
+++ b/README.md
@@ -112,7 +112,7 @@ to [Expr Language Definition](https://expr-lang.org/docs/language-definition).
 #### Supported actions
 
 - `allow`: Allow the connection, no further processing.
-- `block`: Block the connection, no further processing. Send a TCP RST if it's a TCP connection.
+- `block`: Block the connection, no further processing.
 - `drop`: For UDP, drop the packet that triggered the rule, continue processing future packets in the same flow. For
   TCP, same as `block`.
 - `modify`: For UDP, modify the packet that triggered the rule using the given modifier, continue processing future
diff --git a/README.zh.md b/README.zh.md
index 059ba6f..21f4753 100644
--- a/README.zh.md
+++ b/README.zh.md
@@ -108,6 +108,6 @@ workers:
 #### 支持的 action
 
 - `allow`: 放行连接，不再处理后续的包。
-- `block`: 阻断连接，不再处理后续的包。如果是 TCP 连接，会发送 RST 包。
+- `block`: 阻断连接，不再处理后续的包。
 - `drop`: 对于 UDP，丢弃触发规则的包，但继续处理同一流中的后续包。对于 TCP，效果同 `block`。
 - `modify`: 对于 UDP，用指定的修改器修改触发规则的包，然后继续处理同一流中的后续包。对于 TCP，效果同 `allow`。
diff --git a/io/nfqueue.go b/io/nfqueue.go
index b3102f6..224159f 100644
--- a/io/nfqueue.go
+++ b/io/nfqueue.go
@@ -22,19 +22,16 @@ const (
 
 var iptRulesForward = []iptRule{
 	{"filter", "FORWARD", []string{"-m", "connmark", "--mark", strconv.Itoa(nfqueueConnMarkAccept), "-j", "ACCEPT"}},
-	{"filter", "FORWARD", []string{"-p", "tcp", "-m", "connmark", "--mark", strconv.Itoa(nfqueueConnMarkDrop), "-j", "REJECT", "--reject-with", "tcp-reset"}},
 	{"filter", "FORWARD", []string{"-m", "connmark", "--mark", strconv.Itoa(nfqueueConnMarkDrop), "-j", "DROP"}},
 	{"filter", "FORWARD", []string{"-j", "NFQUEUE", "--queue-num", strconv.Itoa(nfqueueNum), "--queue-bypass"}},
 }
 
 var iptRulesLocal = []iptRule{
 	{"filter", "INPUT", []string{"-m", "connmark", "--mark", strconv.Itoa(nfqueueConnMarkAccept), "-j", "ACCEPT"}},
-	{"filter", "INPUT", []string{"-p", "tcp", "-m", "connmark", "--mark", strconv.Itoa(nfqueueConnMarkDrop), "-j", "REJECT", "--reject-with", "tcp-reset"}},
 	{"filter", "INPUT", []string{"-m", "connmark", "--mark", strconv.Itoa(nfqueueConnMarkDrop), "-j", "DROP"}},
 	{"filter", "INPUT", []string{"-j", "NFQUEUE", "--queue-num", strconv.Itoa(nfqueueNum), "--queue-bypass"}},
 
 	{"filter", "OUTPUT", []string{"-m", "connmark", "--mark", strconv.Itoa(nfqueueConnMarkAccept), "-j", "ACCEPT"}},
-	{"filter", "OUTPUT", []string{"-p", "tcp", "-m", "connmark", "--mark", strconv.Itoa(nfqueueConnMarkDrop), "-j", "REJECT", "--reject-with", "tcp-reset"}},
 	{"filter", "OUTPUT", []string{"-m", "connmark", "--mark", strconv.Itoa(nfqueueConnMarkDrop), "-j", "DROP"}},
 	{"filter", "OUTPUT", []string{"-j", "NFQUEUE", "--queue-num", strconv.Itoa(nfqueueNum), "--queue-bypass"}},
 }