From 46763359adc3be45f7202dc0a130718203bfafce Mon Sep 17 00:00:00 2001
From: Jeremy Sowden <jeremy@azazel.net>
Date: Mon, 21 Oct 2019 22:49:22 +0100
Subject: src: add --terse to suppress output of set elements.

Listing an entire ruleset or a table with `nft list` prints the elements
of all set definitions within the ruleset or table.  Seeing the full set
contents is not often necessary especially when requesting to see
someone's ruleset for help and support purposes.  Add a new option '-t,
--terse' options to suppress the output of set contents.

Link: https://bugzilla.netfilter.org/show_bug.cgi?id=1374
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 doc/libnftables.adoc | 21 ++++++++++++---------
 doc/nft.txt          |  4 ++++
 2 files changed, 16 insertions(+), 9 deletions(-)

(limited to 'doc')

diff --git a/doc/libnftables.adoc b/doc/libnftables.adoc
index ea9626af..8ce1196f 100644
--- a/doc/libnftables.adoc
+++ b/doc/libnftables.adoc
@@ -80,16 +80,17 @@ The flags setting controls the output format.
 
 ----
 enum {
-        NFT_CTX_OUTPUT_REVERSEDNS  = (1 << 0),
-        NFT_CTX_OUTPUT_SERVICE     = (1 << 1),
-        NFT_CTX_OUTPUT_STATELESS   = (1 << 2),
-        NFT_CTX_OUTPUT_HANDLE      = (1 << 3),
-        NFT_CTX_OUTPUT_JSON        = (1 << 4),
-        NFT_CTX_OUTPUT_ECHO        = (1 << 5),
-        NFT_CTX_OUTPUT_GUID        = (1 << 6),
-        NFT_CTX_OUTPUT_NUMERIC_PROTO = (1 << 7),
-        NFT_CTX_OUTPUT_NUMERIC_PRIO = (1 << 8),
+        NFT_CTX_OUTPUT_REVERSEDNS     = (1 << 0),
+        NFT_CTX_OUTPUT_SERVICE        = (1 << 1),
+        NFT_CTX_OUTPUT_STATELESS      = (1 << 2),
+        NFT_CTX_OUTPUT_HANDLE         = (1 << 3),
+        NFT_CTX_OUTPUT_JSON           = (1 << 4),
+        NFT_CTX_OUTPUT_ECHO           = (1 << 5),
+        NFT_CTX_OUTPUT_GUID           = (1 << 6),
+        NFT_CTX_OUTPUT_NUMERIC_PROTO  = (1 << 7),
+        NFT_CTX_OUTPUT_NUMERIC_PRIO   = (1 << 8),
         NFT_CTX_OUTPUT_NUMERIC_SYMBOL = (1 << 9),
+        NFT_CTX_OUTPUT_TERSE          = (1 << 11),
 };
 ----
 
@@ -123,6 +124,8 @@ NFT_CTX_OUTPUT_NUMERIC_SYMBOL::
 	Display expression datatype as numeric value.
 NFT_CTX_OUTPUT_NUMERIC_ALL::
 	Display all numerically.
+NFT_CTX_OUTPUT_TERSE::
+	If terse output has been requested, then the contents of sets are not printed.
 
 The *nft_ctx_output_get_flags*() function returns the output flags setting's value in 'ctx'.
 
diff --git a/doc/nft.txt b/doc/nft.txt
index 616640a8..2c790099 100644
--- a/doc/nft.txt
+++ b/doc/nft.txt
@@ -97,6 +97,10 @@ For a full summary of options, run *nft --help*.
 *--numeric-time*::
 	Show time, day and hour values in numeric format.
 
+*-t*::
+*--terse*::
+	Omit contents of sets from output.
+
 INPUT FILE FORMATS
 ------------------
 LEXICAL CONVENTIONS
-- 
cgit v1.2.3