diff --git a/CHANGELOG.md b/CHANGELOG.md
index 3e1a2d9..9d3733a 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -8,6 +8,7 @@
 ### Default Rules
 * Use more sets and vars definitions to avoid multiple rules.
 * Allow outgoing icmp.
+* Remove DHCP incoming packets. The connection is started by the host, don't need incoming rule.
 
 ## v1.0
 
diff --git a/README.md b/README.md
index 411f9f8..6fc89f4 100644
--- a/README.md
+++ b/README.md
@@ -79,8 +79,6 @@ nft_input_default_rules:
     - ip daddr @blackhole counter drop
   015 localhost:
     - iif lo accept
-  040 dhcp:
-    - udp sport bootps udp dport bootpc limit rate 6/minute accept
   220 ssh:
     - tcp dport ssh ct state new counter accept
 nft_input_group_rules: {}
diff --git a/defaults/main.yml b/defaults/main.yml
index 9e48156..be55b98 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -34,8 +34,6 @@ nft_input_default_rules:
     - ip daddr @blackhole counter drop
   015 localhost:
     - iif lo accept
-  040 dhcp:
-    - udp sport bootps udp dport bootpc limit rate 6/minute accept
   220 ssh:
     - tcp dport ssh ct state new counter accept
 nft_input_group_rules: {}