diff --git a/README.md b/README.md
index 35498c2..f785391 100644
--- a/README.md
+++ b/README.md
@@ -1,6 +1,6 @@
 # TCP lengths and flags
 
-| Flag Combination | Flags Set (Hex) | Purpose | IP+TCP Payload Size | Ethernet Frame Size | XDP Filtering Logic |
+| Flag Combination | Flags Set (Hex) | Purpose | IP+TCP Payload Size | Ethernet Frame Size (what XDP will see) | XDP Filtering Logic |
 |------------------|-----------------|---------|---------------------|---------------------|---------------------|
 | SYN | 0x02 | Initiates connection | 40–59 bytes | 64–77 bytes | Rate limit SYN packets per source IP to prevent floods. Drop if rate exceeds threshold. SynProxy |
 | SYN-ACK | 0x12 | Acknowledges SYN | 40–59 bytes | 64–77 bytes | Validate against recent SYN requests using eBPF maps. Drop if no matching SYN. |