nft set statistics/info

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello,

nftables hides set details from userspace, in particular,
the backend that is used to store set elements.

For debugging it would be good to export the chosen
backend to userspace.

Another item i'd like to export is set->nelems counter.

Before I start working on this, how should that look like?

Option 1 is to just include two exta attributes in nf_tables_fill_set().

We could restrict it to nft --debug=netlink so the information isn't
shown by nftables but by libnftnl.

Option 2 is to add a new type of GET request that only dumps
such extra set info.  Frontend could then support something like

nft get setinfo inet mytable set3

which would dump the set backend name and the set->nelems counter.

Yet another option would be to include the info in normal
list ruleset/list sets etc, but print it just like a comment, e.g.

 nft list ruleset
table inet t {
        set s1 {
                type ipv4_addr			# nft_rbtree_lookup
                flags interval
                elements = { 10.0.0.0-11.0.0.0, 172.16.0.0/16 }
		# nelems 4
        }


Whats your take on this?




[Index of Archives]     [Netfitler Users]     [Berkeley Packet Filter]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux