suggestion to add comments
Ronny Freigang
freigang at novedia.de
Wed Sep 29 16:02:46 CEST 2004
Hello,
i want to make a little suggestion for future versions of iptables.
I would like to add a comment to every rule and chain to document the rules
directly on the system. I think that would reduce the complexity, if you
look at many rules after a while to change something and asking yourself
what rule x or y is doing and why you have inserted it.
Something like that:
iptables -N project_abc --comment "customer access chain for project_abc"
iptables -I FORWARD -s 230.24.1.199 -d 192.168.30.5 --dport 80 -m
state --state NEW -j ACCEPT --comment "external webserver access for
customer xy"
I hope you have time to add my little suggestion in future versions of
iptables :)
best regards
Ronny Freigang
More information about the netfilter-devel
mailing list