diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2017-12-04 13:28:25 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2018-03-05 16:30:15 +0100 |
commit | db0697ce7f6020b525cee072e7c0c85512daabda (patch) | |
tree | 9458d01874a354f8bdacfae794d9e0b0d48ebf63 /src/scanner.l | |
parent | ed183e43dbe5a896909470be172ad6ee45219f76 (diff) |
src: support for flowtable listing
This patch allows you to dump existing flowtable.
# nft list ruleset
table ip x {
flowtable x {
hook ingress priority 10
devices = { eth0, tap0 }
}
}
You can also list existing flowtables via:
# nft list flowtables
table ip x {
flowtable x {
hook ingress priority 10
devices = { eth0, tap0 }
}
}
You need a Linux kernel >= 4.16-rc to test this new feature.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/scanner.l')
-rw-r--r-- | src/scanner.l | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/src/scanner.l b/src/scanner.l index 05c70afe..3ea33b09 100644 --- a/src/scanner.l +++ b/src/scanner.l @@ -299,6 +299,8 @@ addrstring ({macaddr}|{ip4addr}|{ip6addr}) "meter" { return METER; } "meters" { return METERS; } +"flowtables" { return FLOWTABLES; } + "counter" { return COUNTER; } "name" { return NAME; } "packets" { return PACKETS; } |