From b2c827223395682ee231504385f692267d1a3bfb Mon Sep 17 00:00:00 2001 From: Pablo Neira Ayuso Date: Wed, 26 Feb 2014 01:51:31 +0100 Subject: src: add support for rule human-readable comments This patch adds support for human-readable comments: nft add rule filter input accept comment \"accept all traffic\" Note that comments *always* come at the end of the rule. This uses the new data area that allows you to attach information to the rule via netlink. Signed-off-by: Pablo Neira Ayuso --- src/rule.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) (limited to 'src/rule.c') diff --git a/src/rule.c b/src/rule.c index ab96e62e..0e04282e 100644 --- a/src/rule.c +++ b/src/rule.c @@ -31,6 +31,7 @@ void handle_free(struct handle *h) xfree(h->table); xfree(h->chain); xfree(h->set); + xfree(h->comment); } void handle_merge(struct handle *dst, const struct handle *src) @@ -47,6 +48,8 @@ void handle_merge(struct handle *dst, const struct handle *src) dst->handle = src->handle; if (dst->position == 0) dst->position = src->position; + if (dst->comment == NULL && src->comment != NULL) + dst->comment = xstrdup(src->comment); } struct set *set_alloc(const struct location *loc) @@ -154,7 +157,6 @@ void rule_print(const struct rule *rule) } if (handle_output > 0) printf(" # handle %" PRIu64, rule->handle.handle); - printf("\n"); } struct scope *scope_init(struct scope *scope, const struct scope *parent) @@ -351,6 +353,10 @@ static void chain_print(const struct chain *chain) list_for_each_entry(rule, &chain->rules, list) { printf("\t\t"); rule_print(rule); + if (rule->handle.comment) + printf(" comment \"%s\"\n", rule->handle.comment); + else + printf("\n"); } printf("\t}\n"); } -- cgit v1.2.3