From 35b6c75e6259b90709d4bb70a7742f47a974eb1a Mon Sep 17 00:00:00 2001
From: m0duspwnens <josh.patterson@securityonionsolutions.com>
Date: Wed, 8 Nov 2023 15:47:52 -0500
Subject: [PATCH 1/2] add docs about bpf comments

---
 bpf.rst | 18 +++++++++++++++++-
 1 file changed, 17 insertions(+), 1 deletion(-)

diff --git a/bpf.rst b/bpf.rst
index 37401191..d56211f6 100644
--- a/bpf.rst
+++ b/bpf.rst
@@ -53,7 +53,23 @@ For example:
 
    | Please note that :ref:`stenographer` should correctly record traffic on a VLAN but won't log the actual VLAN tags due to the way that :ref:`af-packet` works:
    | https://github.com/google/stenographer/issues/211
-   
+
+Adding Comments
+~~~~~~~~~~~~~~~
+
+Comments can be added to the filters via the SOC UI.
+
+For example:
+
+::
+
+   | # labeast
+   | not host 192.168.1.2 and not host 192.168.1.3 &&
+   | # labwest
+   | not host 192.168.1.4 or not host 192.168.1.5 &&
+   | # labcentral
+   | not host 192.168.1.6 or not host 192.168.1.27
+
 Troubleshooting BPF using tcpdump
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

From 89bf58bd709434110235d04f606c8b07fbe7d65d Mon Sep 17 00:00:00 2001
From: m0duspwnens <josh.patterson@securityonionsolutions.com>
Date: Wed, 8 Nov 2023 15:48:55 -0500
Subject: [PATCH 2/2] specify 2.4.30 for bpf comments

---
 bpf.rst | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bpf.rst b/bpf.rst
index d56211f6..3cacf5ef 100644
--- a/bpf.rst
+++ b/bpf.rst
@@ -57,7 +57,7 @@ For example:
 Adding Comments
 ~~~~~~~~~~~~~~~
 
-Comments can be added to the filters via the SOC UI.
+As of version 2.4.30, comments can be added to the filters via the SOC UI.
 
 For example: