From b0f6a45b25dd1b8e4ab0e3b2dd2a00d918ae29c0 Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Tue, 3 Jul 2018 17:24:05 +0200
Subject: src: add --literal option

Default not to print the service name as we discussed during the NFWS.

 # nft list ruleset
 table ip x {
        chain y {
                tcp dport 22
                ip saddr 1.1.1.1
        }
 }

 # nft -l list ruleset
 table ip x {
        chain y {
                tcp dport ssh
                ip saddr 1.1.1.1
        }
 }

 # nft -ll list ruleset
 table ip x {
        chain y {
                tcp dport 22
                ip saddr 1dot1dot1dot1.cloudflare-dns.com
        }
 }

Then, -ll displays FQDN. just like the (now deprecated) --ip2name (-N)
option.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 doc/libnftables.adoc | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

(limited to 'doc/libnftables.adoc')

diff --git a/doc/libnftables.adoc b/doc/libnftables.adoc
index adfc9420..0387652f 100644
--- a/doc/libnftables.adoc
+++ b/doc/libnftables.adoc
@@ -25,8 +25,8 @@ void nft_ctx_output_set_numeric(struct nft_ctx* '\*ctx'*,
 bool nft_ctx_output_get_stateless(struct nft_ctx* '\*ctx'*);
 void nft_ctx_output_set_stateless(struct nft_ctx* '\*ctx'*, bool* 'val'*);
 
-bool nft_ctx_output_get_ip2name(struct nft_ctx* '\*ctx'*);
-void nft_ctx_output_set_ip2name(struct nft_ctx* '\*ctx'*, bool* 'val'*);
+enum nft_literal_level nft_ctx_output_get_literal(struct nft_ctx* '\*ctx'*);
+void nft_ctx_output_set_literal(struct nft_ctx* '\*ctx'*, bool* 'val'*);
 
 unsigned int nft_ctx_output_get_debug(struct nft_ctx* '\*ctx'*);
 void nft_ctx_output_set_debug(struct nft_ctx* '\*ctx'*, unsigned int* 'mask'*);
@@ -133,14 +133,14 @@ The *nft_ctx_output_get_stateless*() function returns the stateless output setti
 
 The *nft_ctx_output_set_stateless*() function sets the stateless output setting in 'ctx' to the value of 'val'.
 
-=== nft_ctx_output_get_ip2name() and nft_ctx_output_set_ip2name()
-The ip2name setting controls whether reverse DNS lookups are performed for IP addresses when printing them.
+=== nft_ctx_output_get_literal() and nft_ctx_output_set_literal()
+The literal setting controls whether reverse DNS lookups are performed for IP addresses when printing them.
 Note that this may add significant delay to *list* commands depending on DNS resolver speed.
-The default setting is *false*.
+The default setting is *NFT_LITERAL_NONE*.
 
-The *nft_ctx_output_get_ip2name*() function returns the ip2name output setting's value in 'ctx'.
+The *nft_ctx_output_get_literal*() function returns the literal output setting's value in 'ctx'.
 
-The *nft_ctx_output_set_ip2name*() function sets the ip2name output setting in 'ctx' to the value of 'val'.
+The *nft_ctx_output_set_literal*() function sets the literal output setting in 'ctx' to the value of 'val'.
 
 === nft_ctx_output_get_debug() and nft_ctx_output_set_debug()
 Libnftables supports separate debugging of different parts of its internals.
-- 
cgit v1.2.3