path: root/doc/libnftables.adoc
diff options
authorPablo Neira Ayuso <>2018-10-27 11:44:09 +0200
committerPablo Neira Ayuso <>2018-10-29 15:07:35 +0100
commit0c6379953ab575b3b71dda4bcd94b940f0f68447 (patch)
tree5c05aef9bd8a372faa1317bfe7895f3858e8ed70 /doc/libnftables.adoc
parenta42d2865bc7e96fe63276e22acd523d996aaf0a4 (diff)
src: add nft_ctx_output_{get,set}_stateless() to nft_ctx_output_{get,flags}_flags
Add NFT_CTX_OUTPUT_STATELESS flag and enable stateless printing from new output flags interface. This patch adds nft_output_save_flags() and nft_output_restore_flags() to temporarily disable stateful printing Signed-off-by: Pablo Neira Ayuso <>
Diffstat (limited to 'doc/libnftables.adoc')
1 files changed, 4 insertions, 14 deletions
diff --git a/doc/libnftables.adoc b/doc/libnftables.adoc
index 9655834f..c0ce5be2 100644
--- a/doc/libnftables.adoc
+++ b/doc/libnftables.adoc
@@ -25,9 +25,6 @@ enum nft_numeric_level nft_ctx_output_get_numeric(struct nft_ctx* '\*ctx'*);
void nft_ctx_output_set_numeric(struct nft_ctx* '\*ctx'*,
enum nft_numeric_level* 'level'*);
-bool nft_ctx_output_get_stateless(struct nft_ctx* '\*ctx'*);
-void nft_ctx_output_set_stateless(struct nft_ctx* '\*ctx'*, bool* 'val'*);
unsigned int nft_ctx_output_get_debug(struct nft_ctx* '\*ctx'*);
void nft_ctx_output_set_debug(struct nft_ctx* '\*ctx'*, unsigned int* 'mask'*);
@@ -98,6 +95,7 @@ The flags setting controls the output format.
enum {
@@ -105,6 +103,9 @@ NFT_CTX_OUTPUT_REVERSEDNS::
Reverse DNS lookups are performed for IP addresses when printing. Note that this may add significant delay to *list* commands depending on DNS resolver speed.
Print port numbers as services as described in the /etc/services file.
+ If stateless output has been requested then stateful data is not printed.
+Stateful data refers to those objects that carry run-time data, eg. the *counter* statement holds packet and byte counter values, making it stateful.
The *nft_ctx_output_get_flags*() function returns the output flags setting's value in 'ctx'.
@@ -141,17 +142,6 @@ The *nft_ctx_output_get_numeric*() function returns the numeric output setting's
The *nft_ctx_output_set_numeric*() function sets the numeric output setting in 'ctx' to the value of 'level'.
-=== nft_ctx_output_get_stateless() and nft_ctx_output_set_stateless()
-In nftables, there are stateful objects, i.e. ruleset elements which carry run-time data.
-For example the *counter* statement holds packet and byte counter values, making it stateful.
-If stateless output has been requested, this data is omitted when printing ruleset elements.
-The default setting is *false*.
-The *nft_ctx_output_get_stateless*() function returns the stateless output setting's value in 'ctx'.
-The *nft_ctx_output_set_stateless*() function sets the stateless output setting in 'ctx' to the value of 'val'.
=== nft_ctx_output_get_debug() and nft_ctx_output_set_debug()
Libnftables supports separate debugging of different parts of its internals.
To facilitate this, debugging output is controlled via a bit mask.