In nftables, I can have comments on a rule,
just like the old "iptables -m comment --help":
table x {
chain y {
ct state vmap @z comment "quickly allow known flows"
}
}
I want to add comments to the chain itself, e.g.
table x {
chain y {
comment "input and filter chains call this first,"
comment "to quickly deal with packets we should always allow."
comment "this comment lines are NOPs that never match"
ct state ...
...
}
}
But the parser doesn't like this.
The parser will accept an unnecessary non-terminal like "counter":
counter comment "input and filter chains call this first,"
...but obviously that's undesirable.
Are there "always true" and "always false" matchers, like this?
false comment "input and filter chains call this first,"
I couldn't see one in parser_bison.y.
