From b2c827223395682ee231504385f692267d1a3bfb Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Wed, 26 Feb 2014 01:51:31 +0100
Subject: src: add support for rule human-readable comments

This patch adds support for human-readable comments:

  nft add rule filter input accept comment \"accept all traffic\"

Note that comments *always* come at the end of the rule. This uses
the new data area that allows you to attach information to the rule
via netlink.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 src/netlink_delinearize.c | 11 +++++++++++
 1 file changed, 11 insertions(+)

(limited to 'src/netlink_delinearize.c')

diff --git a/src/netlink_delinearize.c b/src/netlink_delinearize.c
index 5eec6cfb..ca720913 100644
--- a/src/netlink_delinearize.c
+++ b/src/netlink_delinearize.c
@@ -884,9 +884,20 @@ struct rule *netlink_delinearize_rule(struct netlink_ctx *ctx,
 	h.table  = xstrdup(nft_rule_attr_get_str(nlr, NFT_RULE_ATTR_TABLE));
 	h.chain  = xstrdup(nft_rule_attr_get_str(nlr, NFT_RULE_ATTR_CHAIN));
 	h.handle = nft_rule_attr_get_u64(nlr, NFT_RULE_ATTR_HANDLE);
+
 	if (nft_rule_attr_is_set(nlr, NFT_RULE_ATTR_POSITION))
 		h.position = nft_rule_attr_get_u64(nlr, NFT_RULE_ATTR_POSITION);
 
+	if (nft_rule_attr_is_set(nlr, NFT_RULE_ATTR_USERDATA)) {
+		uint32_t len;
+		const void *data;
+
+		data = nft_rule_attr_get_data(nlr, NFT_RULE_ATTR_USERDATA,
+					      &len);
+		h.comment = xmalloc(len);
+		memcpy((char *)h.comment, data, len);
+	}
+
 	pctx->rule = rule_alloc(&netlink_location, &h);
 	pctx->table = table_lookup(&h);
 	assert(pctx->table != NULL);
-- 
cgit v1.2.3