Add AUTO_COMMENT option

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8214 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb

Shorewall-common/changelog.txt

@@ -19,6 +19,8 @@ Changes in 4.1.5
 
 9)  Automatic macro comments.
 
+10) But make automatic macro comments optional.
+
 Changes in 4.1.4
 
 1)  Fix do_test() to accept 0 and to use the same mask as

Shorewall-common/releasenotes.txt

@@ -123,9 +123,11 @@ New Features in 4.1.5.
 4)  Shorewall-perl now generates an error when a MAC address appears in
     a traffic shaping rule in the OUTPUT or POSTROUTING chains.
 
-5)  Macros are now self-commenting. If there is not a current comment
+5)  Macros are now self-commenting under control of a new AUTO_COMMENT
-    when a macro is invoked, the behavior under Shorewall-perl is as if
+    option in shorewall.conf. When this option is set, if there is not
-    the first line of the macro file was "COMMENT <macro name>".
+    a current comment when a macro is invoked, the behavior under
+    Shorewall-perl is as if the first line of the macro file was
+    "COMMENT <macro name>".
 
     So, if you have this rule:
 
@@ -135,6 +137,10 @@ New Features in 4.1.5.
     viewed with 'iptables -L' or 'shorewall show loc2fw' or 'shorewall
     dump'.
 
+    The AUTO_COMMENT option has a default value of 'Yes' and is only
+    available under Shorewall-perl The option is ignored by
+    Shorewall-shell.
+
 New Features in Shorewall 4.1.
 
 1)  Shorewall 4.1 contains experimental support for multiple Internet

Shorewall-common/shorewall.conf

@@ -179,6 +179,8 @@ MULTICAST=No
 
 DONT_LOAD=
 
+AUTO_COMMENT=Yes
+
 ###############################################################################
 #			P A C K E T   D I S P O S I T I O N
 ###############################################################################

Shorewall-perl/Shorewall/Chains.pm

@@ -375,7 +375,7 @@ sub clear_comment() {
 sub macro_comment( $ ) {
     my $macro = $_[0];
     
-    $comment = $macro unless $comment || ! $capabilities{COMMENTS};
+    $comment = $macro unless $comment || ! ( $capabilities{COMMENTS} && $config{AUTO_COMMENT} );
 }
 
 #

Shorewall-perl/Shorewall/Config.pm

@@ -353,6 +353,7 @@ sub initialize() {
 		MULTICAST => undef,
 		DONT_LOAD => '',
 		BROKEN_ROUTING => '',
+		AUTO_COMMENT => '' ,
 		#
 		# Packet Disposition
 		#
@@ -1880,6 +1881,7 @@ sub get_configuration( $ ) {
     default_yes_no 'KEEP_RT_TABLES'             , '';
     default_yes_no 'DELETE_THEN_ADD'            , 'Yes';
     default_yes_no 'BROKEN_ROUTING'             , '';
+    default_yes_no 'AUTO_COMMENT'               , 'Yes';
     default_yes_no 'MULTICAST'                  , '';
     default_yes_no 'MARK_IN_FORWARD_CHAIN'      , '';
     

manpages/shorewall.conf.xml

@@ -240,6 +240,18 @@
         </listitem>
       </varlistentry>
 
+      <varlistentry>
+        <term><emphasis role="bold">AUTO_COMMENT=</emphasis>[<emphasis
+        role="bold">Yes</emphasis>|<emphasis role="bold">No</emphasis>]</term>
+
+        <listitem>
+          <para>Added in Shorewall-perl 4.1.5. If set, if there is not a
+          current comment when a macro is invoked, the behavior is as if the
+          first line of the macro file was "COMMENT &lt;macro name&gt;". The
+          AUTO_COMMENT option has a default value of 'Yes'.</para>
+        </listitem>
+      </varlistentry>
+
       <varlistentry>
         <term><emphasis role="bold">BIGDPORTLISTS=</emphasis>[<emphasis
         role="bold">Yes</emphasis>|<emphasis role="bold">No</emphasis>]</term>