doc: Add comment possibility to man page

Commenting is really useful in complex rulesets, however it is not
documented that they can be added to any rule.

This patch adds commenting possibility to the man page.

Signed-off-by: Máté Eckl <ecklm94@gmail.com>
Acked-by: Duncan Roe <duncan_roe@optusnet.com.au>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/doc/nft.txt b/doc/nft.txt
index 749529687a9b8a6ca66f84ed0b810b959c12c1c6..703cca18c84c10d95a1891c947cfa77b19e2262a 100644 (file)
--- a/doc/nft.txt
+++ b/doc/nft.txt
@@ -356,8 +356,8 @@ are *accept* (which is the default) or *drop*.
 RULES
 -----
 [verse]
-{add | insert} *rule* ['family'] 'table' 'chain' [ {handle | position} 'handle' | index 'index' ] 'statement'...
-replace *rule* ['family'] 'table' 'chain' handle 'handle' 'statement'...
+{add | insert} *rule* ['family'] 'table' 'chain' [ {handle | position} 'handle' | index 'index' ] 'statement' ... [ comment 'comment' ]
+replace *rule* ['family'] 'table' 'chain' handle 'handle' 'statement' ... [ comment 'comment' ]
 delete *rule* ['family'] 'table' 'chain' handle 'handle'
 
 Rules are added to chains in the given table. If the family is not specified, the
@@ -373,6 +373,11 @@ rule  index might change if a rule was inserted or deleted before the referred
 one. If the referred rule was deleted, the command is rejected by the kernel
 just as if an invalid 'handle' was given.
 
+A 'comment' is a single word or a double-quoted (") multi-word string which can
+be used to make notes regarding the actual rule. *Note:* If you use bash for
+adding rules, you have to escape the quotation marks (eg. \"enable ssh for
+servers\")
+
 [horizontal]
 *add*:: Add a new rule described by the list of statements. The
 rule is appended to the given chain unless a position is specified, in which