diff --git a/9.-UFW-action-file.md b/9.-UFW-action-file.md
new file mode 100644
index 0000000..63ca7dd
--- /dev/null
+++ b/9.-UFW-action-file.md
@@ -0,0 +1,30 @@
+## UFW action file (*action.d/ufw.conf*)
+
+This is the file that tells F2B what commands to send to UFW to block and unblock a system.  You can see that the '*actionban*' and '*actionunban*' sections simply add and remove rules from UFW which drop/reject packets from the offending system.  I have only changed the '*blocktype*' from it's default (reject) to *deny*.
+
+```ini
+# Option: blocktype
+# Notes.: reject or deny
+#blocktype = reject
+blocktype = deny
+```
+
+The important part of '*actionban*' works like this:
+
+```PHP
+ufw insert <insertpos> <blocktype> from <ip> to <destination>
+```
+
+The variables defined in the configuration file are summarized as:
+
+```Ini
+[Init]
+insertpos = 1
+blocktype = deny
+destination = any
+application =
+```
+
+So, this rule adds a new rule (*insert*) at position 1 (*insertpos*) which denies (*blocktype*) packets from the offending system's IP (*ip*) destined for any address (which obviously includes this system).  Importantly, each rule is added at *position 1* which means they have priority over any other otherwise defined (i.e. allowed) traffic.
+
+The '*actionunban*' simply deletes the rule to remove the block.
\ No newline at end of file