I have used rules along the lines of iptables -A INPUT -s 10.0.0.0/8 -m comment --comment "Comment up to 256 characters" -j ACCEPT with success, now I'm wondering if I can extend that to something like iptables -A INPUT -m comment --comment "Comment up to 256 characters" for situations where comments longer that 256 characters are needed to adequately document a situation. For example iptables -A INPUT -m comment --comment "The below rule covers a complex situation where multiple systems on the same subnet require access on the given ports but IP addresses for systems on that subnet change over time, the purposes for the access are:" iptables -A INPUT -m comment --comment "(first purpose described)" iptables -A INPUT -m comment --comment "(second purpose described)"
