diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2014-02-26 01:51:31 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2014-02-27 17:10:26 +0100 |
commit | b2c827223395682ee231504385f692267d1a3bfb (patch) | |
tree | 6489771dd4cd450799c9d59b9ecde6bedbd45df0 /src/rule.c | |
parent | e61e363e5603352322b59f7c09c968392ba1cef6 (diff) |
src: add support for rule human-readable comments
This patch adds support for human-readable comments:
nft add rule filter input accept comment \"accept all traffic\"
Note that comments *always* come at the end of the rule. This uses
the new data area that allows you to attach information to the rule
via netlink.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/rule.c')
-rw-r--r-- | src/rule.c | 8 |
1 files changed, 7 insertions, 1 deletions
@@ -31,6 +31,7 @@ void handle_free(struct handle *h) xfree(h->table); xfree(h->chain); xfree(h->set); + xfree(h->comment); } void handle_merge(struct handle *dst, const struct handle *src) @@ -47,6 +48,8 @@ void handle_merge(struct handle *dst, const struct handle *src) dst->handle = src->handle; if (dst->position == 0) dst->position = src->position; + if (dst->comment == NULL && src->comment != NULL) + dst->comment = xstrdup(src->comment); } struct set *set_alloc(const struct location *loc) @@ -154,7 +157,6 @@ void rule_print(const struct rule *rule) } if (handle_output > 0) printf(" # handle %" PRIu64, rule->handle.handle); - printf("\n"); } struct scope *scope_init(struct scope *scope, const struct scope *parent) @@ -351,6 +353,10 @@ static void chain_print(const struct chain *chain) list_for_each_entry(rule, &chain->rules, list) { printf("\t\t"); rule_print(rule); + if (rule->handle.comment) + printf(" comment \"%s\"\n", rule->handle.comment); + else + printf("\n"); } printf("\t}\n"); } |