From 1ff21a68502d67e056100da7e0da074467bc08ed Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Sat, 9 Feb 2013 18:22:13 +0100
Subject: add xtables-events

Add new program to listen to rule updates:

shell$ xtables-events
-A INPUT -m state --state ESTABLISHED -j ACCEPT
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-D INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-D INPUT -m state --state ESTABLISHED -j ACCEPT

You can use `-c' option to display counters.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 iptables/nft.h | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'iptables/nft.h')

diff --git a/iptables/nft.h b/iptables/nft.h
index 834fff0d..3cffb777 100644
--- a/iptables/nft.h
+++ b/iptables/nft.h
@@ -56,6 +56,13 @@ int nft_rule_list_save(struct nft_handle *h, const char *chain, const char *tabl
 int nft_rule_save(struct nft_handle *h, const char *table, bool counters);
 int nft_rule_flush(struct nft_handle *h, const char *chain, const char *table);
 
+enum nft_rule_print {
+	NFT_RULE_APPEND,
+	NFT_RULE_DEL,
+};
+
+void nft_rule_print_save(struct nft_rule *r, enum nft_rule_print type, bool counters);
+
 /*
  * global commit and abort
  */
-- 
cgit v1.2.3