Reword rule comments

Reword various rule comments to be more explicit and also annotate the flow
offloading rule while we're at it.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>

defaults.c

@@ -224,7 +224,7 @@ fw3_print_default_head_rules(struct fw3_ipt_handle *handle,
 			for (i = 0; i < ARRAY_SIZE(chains); i += 2)
 			{
 				r = fw3_ipt_rule_new(handle);
-				fw3_ipt_rule_comment(r, "user chain for %s", chains[i+1]);
+				fw3_ipt_rule_comment(r, "Custom %s rule chain", chains[i+1]);
 				fw3_ipt_rule_target(r, "%s_rule", chains[i+1]);
 				fw3_ipt_rule_append(r, chains[i]);
 			}
@@ -233,6 +233,7 @@ fw3_print_default_head_rules(struct fw3_ipt_handle *handle,
 		if (defs->flow_offloading)
 		{
 			r = fw3_ipt_rule_new(handle);
+			fw3_ipt_rule_comment(r, "Traffic offloading");
 			fw3_ipt_rule_extra(r, "-m conntrack --ctstate RELATED,ESTABLISHED");
 			fw3_ipt_rule_target(r, "FLOWOFFLOAD");
 			fw3_ipt_rule_append(r, "FORWARD");
@@ -288,12 +289,12 @@ fw3_print_default_head_rules(struct fw3_ipt_handle *handle,
 		if (defs->custom_chains)
 		{
 			r = fw3_ipt_rule_new(handle);
-			fw3_ipt_rule_comment(r, "user chain for prerouting");
+			fw3_ipt_rule_comment(r, "Custom prerouting rule chain");
 			fw3_ipt_rule_target(r, "prerouting_rule");
 			fw3_ipt_rule_append(r, "PREROUTING");
 
 			r = fw3_ipt_rule_new(handle);
-			fw3_ipt_rule_comment(r, "user chain for postrouting");
+			fw3_ipt_rule_comment(r, "Custom postrouting rule chain");
 			fw3_ipt_rule_target(r, "postrouting_rule");
 			fw3_ipt_rule_append(r, "POSTROUTING");
 		}

forwards.c

@@ -183,7 +183,7 @@ print_forward(struct fw3_ipt_handle *handle, struct fw3_forward *forward)
 	}
 
 	r = fw3_ipt_rule_new(handle);
-	fw3_ipt_rule_comment(r, "forwarding %s -> %s", s, d);
+	fw3_ipt_rule_comment(r, "Zone %s to %s forwarding policy", s, d);
 	set_target(r, forward);
 	append_chain(r, forward);
 }

zones.c

@@ -381,7 +381,7 @@ print_zone_chain(struct fw3_ipt_handle *handle, struct fw3_state *state,
 			for (i = 0; i < sizeof(flt_chains)/sizeof(flt_chains[0]); i += 2)
 			{
 				r = fw3_ipt_rule_new(handle);
-				fw3_ipt_rule_comment(r, "user chain for %s", flt_chains[i+1]);
+				fw3_ipt_rule_comment(r, "Custom %s %s rule chain", zone->name, flt_chains[i+1]);
 				fw3_ipt_rule_target(r, "%s_%s_rule", flt_chains[i+1], zone->name);
 				fw3_ipt_rule_append(r, "zone_%s_%s", zone->name, flt_chains[i]);
 			}
@@ -391,7 +391,7 @@ print_zone_chain(struct fw3_ipt_handle *handle, struct fw3_state *state,
 			for (i = 0; i < sizeof(nat_chains)/sizeof(nat_chains[0]); i += 2)
 			{
 				r = fw3_ipt_rule_new(handle);
-				fw3_ipt_rule_comment(r, "user chain for %s", nat_chains[i+1]);
+				fw3_ipt_rule_comment(r, "Custom %s %s rule chain", zone->name, nat_chains[i+1]);
 				fw3_ipt_rule_target(r, "%s_%s_rule", nat_chains[i+1], zone->name);
 				fw3_ipt_rule_append(r, "zone_%s_%s", zone->name, nat_chains[i]);
 			}
@@ -509,7 +509,7 @@ print_interface_rule(struct fw3_ipt_handle *handle, struct fw3_state *state,
 				fw3_ipt_rule_addarg(r, false, "--tcp-flags", "SYN,RST");
 				fw3_ipt_rule_addarg(r, false, "SYN", NULL);
 				fw3_ipt_rule_limit(r, &zone->log_limit);
-				fw3_ipt_rule_comment(r, "%s (mtu_fix logging)", zone->name);
+				fw3_ipt_rule_comment(r, "Zone %s MTU fix logging", zone->name);
 				fw3_ipt_rule_target(r, "LOG");
 				fw3_ipt_rule_addarg(r, false, "--log-prefix", buf);
 				fw3_ipt_rule_replace(r, "FORWARD");
@@ -518,7 +518,7 @@ print_interface_rule(struct fw3_ipt_handle *handle, struct fw3_state *state,
 			r = fw3_ipt_rule_create(handle, &tcp, NULL, dev, NULL, sub);
 			fw3_ipt_rule_addarg(r, false, "--tcp-flags", "SYN,RST");
 			fw3_ipt_rule_addarg(r, false, "SYN", NULL);
-			fw3_ipt_rule_comment(r, "%s (mtu_fix)", zone->name);
+			fw3_ipt_rule_comment(r, "Zone %s MTU fixing", zone->name);
 			fw3_ipt_rule_target(r, "TCPMSS");
 			fw3_ipt_rule_addarg(r, false, "--clamp-mss-to-pmtu", NULL);
 			fw3_ipt_rule_replace(r, "FORWARD");