On Tuesday 2011-05-24 11:14, gapsf@xxxxxxxxx wrote: >>>There is no doubt that for nftables frontends will be written too, so the question is: >>>"Will nfatbles be able to find out various information >>>about their own current state: tables, chains, rules, etc?" > >JE> You can already obtain this information by using libiptc, iterating over >JE> all rules and testing for a particular src/dst address (very much like >JE> poor man's `grep -s 1.2.3.4\b` on the text output). > >According to Wikipedia "libiptc ... shouldn't be used as a public API, >and is known to change, which breaks programs that use it" The API ain't beautiful, it is undocumented, and using a standard option parser on the text output is much more telling than dealing with the binary pieces. Change is a natural occurrence, Wikipedia overexaggerates on the problems. >and libiptc is a 3d party project - not netfilter.org's and outdated, isn't it? Certainly not. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
