On Mon, Apr 14, 2014 at 12:17:03PM +0200, Arturo Borrero Gonzalez wrote: > The following series implements a basic nftables monitor via Netlink messages. > > Most of the work in first patches is related to refactorization/generalization > of code. > > The final patch is the big one. > > About the syntax, i'm proposing: > % nft monitor [added|deleted] [tables|chains|sets|elements|rules] [xml|json] > > The straight-forward way of test this new feature is to simply run: > % nft monitor > > Other examples: > * report new tables in XML format > % nft monitor added tables xml > * report deleted elements in standar nft syntax > % nft monitor deleted elements > * report all added/deleted rules in JSON format > % nft monitor rules json > > Handling set/set_elems is one of the harders parts of event reporting. > I've succesfully tested many cases (maps, named sets, anon-sets..), but I guess > more tuning can be done in the future, with some additional use and testing > by the community. Series applied, thanks Arturo. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
