From c5a3c8918330f3b5af883ee5b071989e8917177b Mon Sep 17 00:00:00 2001
From: Elise Lennion <elise.lennion@gmail.com>
Date: Mon, 16 Jan 2017 18:40:40 -0200
Subject: src: Allow to list ruleset without stateful information

Currently only counter and quota have stateful information.

For named counters, packets and bytes are displayed as 0.

Standard list ruleset:

table ip filter {
	counter https {
		packets 161942 bytes 10253353
	}

	chain output {
		type filter hook output priority 0; policy accept;
		counter name tcp dport map { https : "https"}
		tcp dport https counter packets 171211 bytes 10869045
		tcp dport https quota 25 mbytes used 10 mbytes
	}
}

With stateless option, -s:

table ip filter {
	counter https {
		packets 0 bytes 0
	}

	chain output {
		type filter hook output priority 0; policy accept;
		counter name tcp dport map { https : "https"}
		tcp dport https counter
		tcp dport https quota 25 mbytes
	}
}

Signed-off-by: Elise Lennion <elise.lennion@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 include/nftables.h | 1 +
 1 file changed, 1 insertion(+)

(limited to 'include/nftables.h')

diff --git a/include/nftables.h b/include/nftables.h
index d3f471b7..760bbff5 100644
--- a/include/nftables.h
+++ b/include/nftables.h
@@ -29,6 +29,7 @@ extern unsigned int numeric_output;
 extern unsigned int ip2name_output;
 extern unsigned int handle_output;
 extern unsigned int debug_level;
+extern bool stateless_output;
 extern const char *include_paths[INCLUDE_PATHS_MAX];
 
 enum nftables_exit_codes {
-- 
cgit v1.2.3