diff options
Diffstat (limited to 'doc/nft.txt')
-rw-r--r-- | doc/nft.txt | 18 |
1 files changed, 9 insertions, 9 deletions
diff --git a/doc/nft.txt b/doc/nft.txt index 45af5bb9..a4ab4a8e 100644 --- a/doc/nft.txt +++ b/doc/nft.txt @@ -9,7 +9,7 @@ nft - Administration tool of the nftables framework for packet filtering and cla SYNOPSIS -------- [verse] -*nft* [ *-nNscaeSupy* ] [ *-I* 'directory' ] [ *-f* 'filename' | *-i* | 'cmd' ...] +*nft* [ *-nNscaeSupyj* ] [ *-I* 'directory' ] [ *-f* 'filename' | *-i* | 'cmd' ...] *nft* *-h* *nft* *-v* @@ -74,6 +74,10 @@ For a full summary of options, run *nft --help*. When inserting items into the ruleset using *add*, *insert* or *replace* commands, print notifications just like *nft monitor*. +*-j*:: +*--json*:: + Format output in JSON. See libnftables-json(5) for a schema description. + *-I*:: *--includepath directory*:: Add the directory 'directory' to the list of directories to be searched for included files. This @@ -228,7 +232,6 @@ RULESET ------- [verse] {list | flush} *ruleset* ['family'] -export [*ruleset*] 'format' The *ruleset* keyword is used to identify the whole set of tables, chains, etc. currently in place in kernel. The following *ruleset* commands exist: @@ -241,15 +244,12 @@ all tables and whatever they contain, effectively leading to an empty ruleset - no packet filtering will happen anymore, so the kernel accepts any valid packet it receives. -*export*:: Print the ruleset in machine readable format. The mandatory 'format' -parameter may be either xml or json. - It is possible to limit *list* and *flush* to a specific address family only. For a list of valid family names, see <<ADDRESS_FAMILIES>> above. -Note that contrary to what one might assume, the output generated by *export* is -not parseable by *nft -f*. Instead, the output of *list* command serves well for -that purpose. +By design, *list ruleset* command output may be used as input to *nft -f*. +Effectively, this is the nft-equivalent of *iptables-save* and +*iptables-restore*. TABLES ------ @@ -783,7 +783,7 @@ Netlink socket with 3. SEE ALSO -------- [verse] -iptables(8), ip6tables(8), arptables(8), ebtables(8), ip(8), tc(8) +libnftables(3), libnftables-json(5), iptables(8), ip6tables(8), arptables(8), ebtables(8), ip(8), tc(8) There is an official wiki at: https://wiki.nftables.org |