Hi,
I am looking for a way to efficiently collect meter values (several
times per second).
1. So far the only way I found is to use nft command line binary or
libnftables. But I do not think it is particularly efficient, since it
requires to re-exec nft binary/recreate of nft_ctx for every call.
When nft is used in interactive mode or the same ntf_ctx is reused,
meter values are not updated between subsequent calls:
nft> list meter filter meter_in
table ip filter {
meter meter_in {
type inet_proto . ipv4_addr
size 65535
flags dynamic
elements = { udp . 10.127.0.77 counter packets 107631
bytes 104115478, udp . 10.127.0.81 counter packets 111136 bytes
107497046, udp . 10.127.0.85 counter packets 207759 bytes 200961171, udp
. 10.127.0.89 counter packets 165015 bytes 159615602 }
}
}
nft> list meter filter meter_in
table ip filter {
meter meter_in {
type inet_proto . ipv4_addr
size 65535
flags dynamic
elements = { udp . 10.127.0.77 counter packets 107631
bytes 104115478, udp . 10.127.0.81 counter packets 111136 bytes
107497046, udp . 10.127.0.85 counter packets 207759 bytes 200961171, udp
. 10.127.0.89 counter packets 165015 bytes 159615602 }
}
}
I believe this is a bug.
2. Is there any userspace collector similar to ulogd2 to collect meter
values?
3. I can write a simple collector myself. But I need nftables Netlink
API documentation, similar to
http://man7.org/linux/man-pages/man7/rtnetlink.7.html
Is there any NFNL_SUBSYS_NFTABLES documentation?
Best regards,
Piotr
