From d64ef34a99610a6fb54d43660ac31555da858231 Mon Sep 17 00:00:00 2001
From: "Pablo M. Bermudo Garay" <pablombg@gmail.com>
Date: Wed, 22 Jun 2016 19:07:01 +0200
Subject: iptables-compat: use nft built-in comments support

After this patch, iptables-compat uses nft built-in comments support
instead of comment match.

This change simplifies the treatment of comments in nft after load a
rule set through iptables-compat-restore.

Signed-off-by: Pablo M. Bermudo Garay <pablombg@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 iptables/nft.h | 1 +
 1 file changed, 1 insertion(+)

(limited to 'iptables/nft.h')

diff --git a/iptables/nft.h b/iptables/nft.h
index 281e1c69..9e02eeb1 100644
--- a/iptables/nft.h
+++ b/iptables/nft.h
@@ -104,6 +104,7 @@ int add_match(struct nftnl_rule *r, struct xt_entry_match *m);
 int add_target(struct nftnl_rule *r, struct xt_entry_target *t);
 int add_jumpto(struct nftnl_rule *r, const char *name, int verdict);
 int add_action(struct nftnl_rule *r, struct iptables_command_state *cs, bool goto_set);
+int add_comment(struct nftnl_rule *r, const char *comment);
 
 enum nft_rule_print {
 	NFT_RULE_APPEND,
-- 
cgit v1.2.3