src: add support for rule human-readable comments

This patch adds support for human-readable comments: nft add rule filter input accept comment \"accept all traffic\" Note that comments *always* come at the end of the rule. This uses the new data area that allows you to attach information to the rule via netlink. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Pablo Neira Ayuso <pablo@netfilter.org> 2014-02-26 01:51:31 +0100
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2014-02-27 17:10:26 +0100
commit: b2c827223395682ee231504385f692267d1a3bfb (patch)
tree: 6489771dd4cd450799c9d59b9ecde6bedbd45df0 /src/netlink.c
parent: e61e363e5603352322b59f7c09c968392ba1cef6 (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/src/netlink.c b/src/netlink.c
index b036dcef..b2bd3c5c 100644
--- a/src/netlink.c
+++ b/src/netlink.c
@@ -120,6 +120,10 @@ struct nft_rule *alloc_nft_rule(const struct handle *h)
 		nft_rule_attr_set_u64(nlr, NFT_RULE_ATTR_HANDLE, h->handle);
 	if (h->position)
 		nft_rule_attr_set_u64(nlr, NFT_RULE_ATTR_POSITION, h->position);
+	if (h->comment) {
+		nft_rule_attr_set_data(nlr, NFT_RULE_ATTR_USERDATA,
+				       h->comment, strlen(h->comment) + 1);
+	}
 	return nlr;
 }
author	Pablo Neira Ayuso <pablo@netfilter.org>	2014-02-26 01:51:31 +0100
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2014-02-27 17:10:26 +0100
commit	b2c827223395682ee231504385f692267d1a3bfb (patch)
tree	6489771dd4cd450799c9d59b9ecde6bedbd45df0 /src/netlink.c
parent	e61e363e5603352322b59f7c09c968392ba1cef6 (diff)