Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote:
> Default not to print the service name as we discussed during the NFWS.
>
> # nft list ruleset
> table ip x {
> chain y {
> ...
> tcp dport 22 counter packets 0 bytes 0
> }
> }
>
> Still, if you want it to be displayed, you can pass -NN.
>
> # nft list ruleset -NN
> table ip x {
> chain y {
> ...
> tcp dport ssh counter packets 0 bytes 0
> }
> }
>
> Single -N still retains the same behaviour, ie. display FQDN. --ip2name
> option is still left in place but the new --literal is preferred.
Maybe add a --port2name instead?
Or always print literal port, its coming from internal list so no
penalty (unlike e.g. reverse dns).
Is this to discourage literal service names?
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
