diff --git a/Makefile b/Makefile
index 0421d4a..5baf4c5 100644
--- a/Makefile
+++ b/Makefile
@@ -2,6 +2,10 @@ CFLAGS  += -pedantic -Wall -Wextra -Wmissing-prototypes \
            -Werror -Wshadow -Wstrict-overflow -fno-strict-aliasing \
            -Wstrict-prototypes -Wwrite-strings \
 		   -Os
+
+PREFIX = /usr/local
+
+
 all: iblock
 	
 iblock: main.c
diff --git a/README.md b/README.md
index e3ed392..cb19422 100644
--- a/README.md
+++ b/README.md
@@ -39,6 +39,8 @@ In this example, the parameter `blocklist` will add IPs to the `blocklist` PF ta
 666 stream tcp6 nowait _iblock /usr/local/bin/iblock iblock blocklist
 ```
 
+Default is "iblocked" table.
+
 ## Configure packet filter
 
 Use this in `/etc/pf.conf`, choose which ports will trigger the ban from the variable:
@@ -65,5 +67,4 @@ In the example I added a label to the block rule, you can use `pfctl -s labels`
 
 # TODO
 
-- make install doing something
 - A proper man page
diff --git a/main.c b/main.c
index 37f8615..397d676 100644
--- a/main.c
+++ b/main.c
@@ -9,15 +9,15 @@
 
 #include <sys/socket.h>
 
-#define DEFAULT_TABLE "blocked"
-#define TABLE_LEN 128 /* not sure what is pf table name length limit... */
+#define DEFAULT_TABLE "iblocked"
+#define TABLE_LEN 32 /* see PF_TABLE_NAME_SIZE in net/pfvar.h */
 
 int main(int argc, char *argv[]){
-	struct sockaddr_storage sock;
+	struct sockaddr_storage sock = {0};
 	socklen_t slen = sizeof(sock);
 	char ip[INET6_ADDRSTRLEN] = {'\0'}; /* INET6_ADDRSTRLEN > INET_ADDRSTRLEN */
 	char table[TABLE_LEN] = DEFAULT_TABLE;
-	int status;
+	int status = 0;
 
 	if (unveil("/usr/bin/doas", "rx") != 0)
 		err(1, "unveil");
@@ -25,30 +25,28 @@ int main(int argc, char *argv[]){
 		err(1, "pledge");
 
 	/* configuration */
-	if (argc == 2) {
-		if (strlen(argv[1]) > sizeof(table))
+	if (argc == 2)
+		if (strlcpy(table, argv[1], TABLE_LEN) >= sizeof(table))
 			errx(1, "table name is too long");
-		strlcpy(table, argv[1], TABLE_LEN);
-	}
 
 	/* get socket structure */
-	if(getpeername(STDIN_FILENO, (struct sockaddr *)&sock, &slen))
+	if (getpeername(STDIN_FILENO, (struct sockaddr *)&sock, &slen))
 		err(1, "getpeername");
 
 	/* get ip */
 	status = getnameinfo((struct sockaddr *)&sock, slen, ip, sizeof(ip),
 						  NULL, 0, NI_NUMERICHOST);
 
-	if(status != 0) {
+	if (status != 0) {
 		syslog(LOG_DAEMON, "getnameinfo error");
 		exit(1);
 	}
 
 	syslog(LOG_DAEMON, "blocking %s", ip);
-	switch(sock.ss_family) {
-	case AF_INET: /* FALLTHROUGHT */
+	switch (sock.ss_family) {
+	case AF_INET: /* FALLTHROUGH */
 	case AF_INET6:
-		execlp("/usr/bin/doas", "doas", "/sbin/pfctl", "-t", table, "-T", "add", ip, NULL);
+		execl("/usr/bin/doas", "doas", "/sbin/pfctl", "-t", table, "-T", "add", ip, NULL);
 		break;
 	default:
 		exit(2);