diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2014-02-26 01:51:31 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2014-02-27 17:10:26 +0100 |
commit | b2c827223395682ee231504385f692267d1a3bfb (patch) | |
tree | 6489771dd4cd450799c9d59b9ecde6bedbd45df0 /src/netlink.c | |
parent | e61e363e5603352322b59f7c09c968392ba1cef6 (diff) |
src: add support for rule human-readable comments
This patch adds support for human-readable comments:
nft add rule filter input accept comment \"accept all traffic\"
Note that comments *always* come at the end of the rule. This uses
the new data area that allows you to attach information to the rule
via netlink.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/netlink.c')
-rw-r--r-- | src/netlink.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/src/netlink.c b/src/netlink.c index b036dcef..b2bd3c5c 100644 --- a/src/netlink.c +++ b/src/netlink.c @@ -120,6 +120,10 @@ struct nft_rule *alloc_nft_rule(const struct handle *h) nft_rule_attr_set_u64(nlr, NFT_RULE_ATTR_HANDLE, h->handle); if (h->position) nft_rule_attr_set_u64(nlr, NFT_RULE_ATTR_POSITION, h->position); + if (h->comment) { + nft_rule_attr_set_data(nlr, NFT_RULE_ATTR_USERDATA, + h->comment, strlen(h->comment) + 1); + } return nlr; } |