diff options
Diffstat (limited to 'doc/nft.txt')
-rw-r--r-- | doc/nft.txt | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/doc/nft.txt b/doc/nft.txt index 74952968..703cca18 100644 --- a/doc/nft.txt +++ b/doc/nft.txt @@ -356,8 +356,8 @@ are *accept* (which is the default) or *drop*. RULES ----- [verse] -{add | insert} *rule* ['family'] 'table' 'chain' [ {handle | position} 'handle' | index 'index' ] 'statement'... -replace *rule* ['family'] 'table' 'chain' handle 'handle' 'statement'... +{add | insert} *rule* ['family'] 'table' 'chain' [ {handle | position} 'handle' | index 'index' ] 'statement' ... [ comment 'comment' ] +replace *rule* ['family'] 'table' 'chain' handle 'handle' 'statement' ... [ comment 'comment' ] delete *rule* ['family'] 'table' 'chain' handle 'handle' Rules are added to chains in the given table. If the family is not specified, the @@ -373,6 +373,11 @@ rule index might change if a rule was inserted or deleted before the referred one. If the referred rule was deleted, the command is rejected by the kernel just as if an invalid 'handle' was given. +A 'comment' is a single word or a double-quoted (") multi-word string which can +be used to make notes regarding the actual rule. *Note:* If you use bash for +adding rules, you have to escape the quotation marks (eg. \"enable ssh for +servers\") + [horizontal] *add*:: Add a new rule described by the list of statements. The rule is appended to the given chain unless a position is specified, in which |