doc: Add comment possibility to man page

Commenting is really useful in complex rulesets, however it is not
documented that they can be added to any rule.

This patch adds commenting possibility to the man page.

Signed-off-by: Máté Eckl <ecklm94@gmail.com>
Acked-by: Duncan Roe <duncan_roe@optusnet.com.au>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

1 files changed, 7 insertions, 2 deletions

diff --git a/doc/nft.txt b/doc/nft.txt
index 74952968..703cca18 100644
--- a/doc/nft.txt
+++ b/doc/nft.txt
@@ -356,8 +356,8 @@ are *accept* (which is the default) or *drop*.
 RULES
 -----
 [verse]
-{add | insert} *rule* ['family'] 'table' 'chain' [ {handle | position} 'handle' | index 'index' ] 'statement'...
-replace *rule* ['family'] 'table' 'chain' handle 'handle' 'statement'...
+{add | insert} *rule* ['family'] 'table' 'chain' [ {handle | position} 'handle' | index 'index' ] 'statement' ... [ comment 'comment' ]
+replace *rule* ['family'] 'table' 'chain' handle 'handle' 'statement' ... [ comment 'comment' ]
 delete *rule* ['family'] 'table' 'chain' handle 'handle'
 
 Rules are added to chains in the given table. If the family is not specified, the
@@ -373,6 +373,11 @@ rule  index might change if a rule was inserted or deleted before the referred
 one. If the referred rule was deleted, the command is rejected by the kernel
 just as if an invalid 'handle' was given.
 
+A 'comment' is a single word or a double-quoted (") multi-word string which can
+be used to make notes regarding the actual rule. *Note:* If you use bash for
+adding rules, you have to escape the quotation marks (eg. \"enable ssh for
+servers\")
+
 [horizontal]
 *add*:: Add a new rule described by the list of statements. The
 rule is appended to the given chain unless a position is specified, in which