This patch adds a new command to nft - the trace command. The trace command reads NFLOG messages, parses TRACE: messages and prints the rules in a human readable format. To trace, you have to set the trace mark on a packet and run "nft trace". Patch is split into 5 parts, - adding the command, - storing the chain policy during delinearize for later use - creating a rule cache to look up the rules - implementing the actual command - code to log a packet header 'similar' to ip/nftables LOG Markus Koetter (5): parser: add trace command netlink: delinarize chain policy rule: make cache creation a function trace: implement commands action trace: add log for packets include/Makefile.am | 2 + include/log.h | 17 ++ include/rule.h | 15 + include/trace.h | 2 + src/Makefile.am | 2 + src/evaluate.c | 2 + src/log.c | 779 ++++++++++++++++++++++++++++++++++++++++++++++++++++ src/netlink.c | 4 + src/parser_bison.y | 16 +- src/rule.c | 121 ++++++-- src/scanner.l | 1 + src/trace.c | 361 ++++++++++++++++++++++++ 12 files changed, 1291 insertions(+), 31 deletions(-) create mode 100644 include/log.h create mode 100644 include/trace.h create mode 100644 src/log.c create mode 100644 src/trace.c -- 1.9.1 -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
