Adding a comment to iptable rules which shows up upon 'iptables - -list'
Hervé Eychenne
rv@eychenne.org
Fri, 11 Jan 2002 00:38:22 +0100
On Thu, Jan 10, 2002 at 10:30:00AM -0600, Bechtolsheim, Stephan wrote:
> I would like iptables allow adding a comment to a rule e.g.
> iptables ... -A ... --comment='Prevent spoofing from 10.X type of
> addresses'
> which later shows up when I do a
> iptables --list
>
> This would make the final output of iptables --list much more readable.
I don't think that comments have to reside in kernel space.
iptables -n -L doesn't need to be so human readable.
/proc content is not really "readable" either, after all.
According to me, comment are dedicated to configuration files (script,
here), certainly not kernel rules.
RV