Han, On Sat, Dec 30, 2023 at 11:32:57AM +0100, Han Boetes wrote: > for the purpose of a brute-forcers script, I'd like to get a list of > elements of a table. > > The best I get so far is: "nft list set sshd_blacklist sshd_blacklist" > > Which produces the whole table, with entries like > "xxx.xxx.103.115-xxx.xxx.103.116, xxx.xxx.103.118/31" which are very nice > for human readability, but rather clumsy for scripting. Exactly, which is why there is JSON output support. ;) > Therefore, my feature request: please add an option to produce the elements > of a list one by one. Something like: > > nft -e list set sshd_blacklist sshd_blacklist > xxx.xxx.103.115 > xxx.xxx.103.116 > xxx.xxx.103.118 > xxx.xxx.103.119 My script for exporting blacklist size into SNMP looks like this: | #!/bin/sh | | rule4no="$(nft -j list set inet system blacklist4 | \ | jq '.nftables[1].set.elem|length')" | rule6no="$(nft -j list set inet system blacklist6 | \ | jq '.nftables[1].set.elem|length')" | | echo "nftables blacklists size" | exit $((rule4no + rule6no)) Cheers, Phil
