[PATCH nft] doc: Add comment possibility to man page

Máté Eckl <ecklm94@xxxxxxxxx> · Mon, 6 Aug 2018 20:58:21 +0200

Commenting is really useful in complex rulesets, however it is not
documented that they can be added to any rule.

This patch adds commenting possibility to the man page.

Signed-off-by: Máté Eckl <ecklm94@xxxxxxxxx>
---
This patch should be applied after '[PATCH nft] doc: fix syntax for RULES' which
is important, because otherwise a2x procudes a strange error message.

	asciidoc: ERROR: nft.txt: line 359: illegal style name: add | insert] *rule* ['family'] 'table' 'chain' [ {handle | position} 'handle' | index 'index' ] 'statement' ... [ comment 'comment'

The mentionet patch is meaningful though so it should not be a problem.

 doc/nft.txt | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/doc/nft.txt b/doc/nft.txt
index 7495296..703cca1 100644
--- a/doc/nft.txt
+++ b/doc/nft.txt
@@ -356,8 +356,8 @@ are *accept* (which is the default) or *drop*.
 RULES
 -----
 [verse]
-{add | insert} *rule* ['family'] 'table' 'chain' [ {handle | position} 'handle' | index 'index' ] 'statement'...
-replace *rule* ['family'] 'table' 'chain' handle 'handle' 'statement'...
+{add | insert} *rule* ['family'] 'table' 'chain' [ {handle | position} 'handle' | index 'index' ] 'statement' ... [ comment 'comment' ]
+replace *rule* ['family'] 'table' 'chain' handle 'handle' 'statement' ... [ comment 'comment' ]
 delete *rule* ['family'] 'table' 'chain' handle 'handle'
 
 Rules are added to chains in the given table. If the family is not specified, the
@@ -373,6 +373,11 @@ rule  index might change if a rule was inserted or deleted before the referred
 one. If the referred rule was deleted, the command is rejected by the kernel
 just as if an invalid 'handle' was given.
 
+A 'comment' is a single word or a double-quoted (") multi-word string which can
+be used to make notes regarding the actual rule. *Note:* If you use bash for
+adding rules, you have to escape the quotation marks (eg. \"enable ssh for
+servers\")
+
 [horizontal]
 *add*:: Add a new rule described by the list of statements. The
 rule is appended to the given chain unless a position is specified, in which
-- 
ecklm

--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html






