path: root/doc/nft.txt
diff options
Diffstat (limited to 'doc/nft.txt')
1 files changed, 9 insertions, 9 deletions
diff --git a/doc/nft.txt b/doc/nft.txt
index 45af5bb9..a4ab4a8e 100644
--- a/doc/nft.txt
+++ b/doc/nft.txt
@@ -9,7 +9,7 @@ nft - Administration tool of the nftables framework for packet filtering and cla
-*nft* [ *-nNscaeSupy* ] [ *-I* 'directory' ] [ *-f* 'filename' | *-i* | 'cmd' ...]
+*nft* [ *-nNscaeSupyj* ] [ *-I* 'directory' ] [ *-f* 'filename' | *-i* | 'cmd' ...]
*nft* *-h*
*nft* *-v*
@@ -74,6 +74,10 @@ For a full summary of options, run *nft --help*.
When inserting items into the ruleset using *add*, *insert* or *replace* commands, print notifications
just like *nft monitor*.
+ Format output in JSON. See libnftables-json(5) for a schema description.
*--includepath directory*::
Add the directory 'directory' to the list of directories to be searched for included files. This
@@ -228,7 +232,6 @@ RULESET
{list | flush} *ruleset* ['family']
-export [*ruleset*] 'format'
The *ruleset* keyword is used to identify the whole set of tables, chains, etc.
currently in place in kernel. The following *ruleset* commands exist:
@@ -241,15 +244,12 @@ all tables and whatever they contain, effectively leading to an empty ruleset -
no packet filtering will happen anymore, so the kernel accepts any valid packet
it receives.
-*export*:: Print the ruleset in machine readable format. The mandatory 'format'
-parameter may be either xml or json.
It is possible to limit *list* and *flush* to a specific address family only.
For a list of valid family names, see <<ADDRESS_FAMILIES>> above.
-Note that contrary to what one might assume, the output generated by *export* is
-not parseable by *nft -f*. Instead, the output of *list* command serves well for
-that purpose.
+By design, *list ruleset* command output may be used as input to *nft -f*.
+Effectively, this is the nft-equivalent of *iptables-save* and
@@ -783,7 +783,7 @@ Netlink socket with 3.
-iptables(8), ip6tables(8), arptables(8), ebtables(8), ip(8), tc(8)
+libnftables(3), libnftables-json(5), iptables(8), ip6tables(8), arptables(8), ebtables(8), ip(8), tc(8)
There is an official wiki at: