From 685a06447ee472c77a961acc469186ed2064e34c Mon Sep 17 00:00:00 2001 From: Duncan Roe Date: Sun, 4 Nov 2018 14:56:39 +1100 Subject: doc: libnftables.adoc misc cleanups Ensure split-off fragments of long lines start with if the original long line did. Split 1 remaining long line at sentence boundary. Fix spelling of "eg." to "e.g." Signed-off-by: Duncan Roe Signed-off-by: Pablo Neira Ayuso --- doc/libnftables.adoc | 26 ++++++++++++++------------ 1 file changed, 14 insertions(+), 12 deletions(-) (limited to 'doc/libnftables.adoc') diff --git a/doc/libnftables.adoc b/doc/libnftables.adoc index 00750678..12deebcb 100644 --- a/doc/libnftables.adoc +++ b/doc/libnftables.adoc @@ -89,34 +89,32 @@ enum { NFT_CTX_OUTPUT_GUID = (1 << 6), NFT_CTX_OUTPUT_NUMERIC_PROTO = (1 << 7), NFT_CTX_OUTPUT_NUMERIC_PRIO = (1 << 8), + NFT_CTX_OUTPUT_NUMERIC_SYMBOL = (1 << 9), }; ---- NFT_CTX_OUTPUT_REVERSEDNS:: - Reverse DNS lookups are performed for IP addresses when printing. Note that this may add significant delay to *list* commands depending on DNS resolver speed. + Reverse DNS lookups are performed for IP addresses when printing. + Note that this may add significant delay to *list* commands depending on DNS resolver speed. NFT_CTX_OUTPUT_SERVICE:: Print port numbers as services as described in the /etc/services file. NFT_CTX_OUTPUT_STATELESS:: If stateless output has been requested then stateful data is not printed. -Stateful data refers to those objects that carry run-time data, eg. the *counter* statement holds packet and byte counter values, making it stateful. + Stateful data refers to those objects that carry run-time data, e.g. the *counter* statement holds packet and byte counter values, making it stateful. NFT_CTX_OUTPUT_HANDLE:: Upon insertion into the ruleset, some elements are assigned a unique handle for identification purposes. -For example, when deleting a table or chain, it may be identified either by name or handle. -Rules on the other hand must be deleted by handle because there is no other way to uniquely identify them. -This flag makes ruleset listings include handle values. + For example, when deleting a table or chain, it may be identified either by name or handle. + Rules on the other hand must be deleted by handle because there is no other way to uniquely identify them. + This flag makes ruleset listings include handle values. NFT_CTX_OUTPUT_JSON:: If enabled at compile-time, libnftables accepts input in JSON format and is able to print output in JSON format as well. -See *libnftables-json*(5) for a description of the supported schema. -This flag controls JSON output format, input is auto-detected. + See *libnftables-json*(5) for a description of the supported schema. + This flag controls JSON output format, input is auto-detected. NFT_CTX_OUTPUT_ECHO:: The echo setting makes libnftables print the changes once they are committed to the kernel, just like a running instance of *nft monitor* would. -Amongst other things, this allows to retrieve an added rule's handle atomically. + Amongst other things, this allows to retrieve an added rule's handle atomically. NFT_CTX_OUTPUT_GUID:: Display UID and GID as described in the /etc/passwd and /etc/group files. - -The *nft_ctx_output_get_flags*() function returns the output flags setting's value in 'ctx'. - -The *nft_ctx_output_set_flags*() function sets the output flags setting in 'ctx' to the value of 'val'. NFT_CTX_OUTPUT_NUMERIC_PROTO:: Display layer 4 protocol numerically. NFT_CTX_OUTPUT_NUMERIC_PRIO:: @@ -126,6 +124,10 @@ NFT_CTX_OUTPUT_NUMERIC_SYMBOL:: NFT_CTX_OUTPUT_NUMERIC_ALL:: Display all numerically. +The *nft_ctx_output_get_flags*() function returns the output flags setting's value in 'ctx'. + +The *nft_ctx_output_set_flags*() function sets the output flags setting in 'ctx' to the value of 'val'. + === nft_ctx_output_get_debug() and nft_ctx_output_set_debug() Libnftables supports separate debugging of different parts of its internals. To facilitate this, debugging output is controlled via a bit mask. -- cgit v1.2.3