| blob | bd938bd01b6bf2ca32061226ca025ef17cf1a43e |
1 # SPDX-License-Identifier: ((GPL-2.0 WITH Linux-syscall-note) OR BSD-3-Clause)
3 name: nftables
4 protocol: netlink-raw
5 protonum: 12
7 doc:
8 Netfilter nftables configuration over netlink.
10 definitions:
11 -
12 name: nfgenmsg
13 type: struct
14 members:
15 -
16 name: nfgen-family
17 type: u8
18 -
19 name: version
20 type: u8
21 -
22 name: res-id
23 byte-order: big-endian
24 type: u16
25 -
26 name: meta-keys
27 type: enum
28 entries:
29 - len
30 - protocol
31 - priority
32 - mark
33 - iif
34 - oif
35 - iifname
36 - oifname
37 - iftype
38 - oiftype
39 - skuid
40 - skgid
41 - nftrace
42 - rtclassid
43 - secmark
44 - nfproto
45 - l4-proto
46 - bri-iifname
47 - bri-oifname
48 - pkttype
49 - cpu
50 - iifgroup
51 - oifgroup
52 - cgroup
53 - prandom
54 - secpath
55 - iifkind
56 - oifkind
57 - bri-iifpvid
58 - bri-iifvproto
59 - time-ns
60 - time-day
61 - time-hour
62 - sdif
63 - sdifname
64 - bri-broute
65 -
66 name: bitwise-ops
67 type: enum
68 entries:
69 - bool
70 - lshift
71 - rshift
72 -
73 name: cmp-ops
74 type: enum
75 entries:
76 - eq
77 - neq
78 - lt
79 - lte
80 - gt
81 - gte
82 -
83 name: object-type
84 type: enum
85 entries:
86 - unspec
87 - counter
88 - quota
89 - ct-helper
90 - limit
91 - connlimit
92 - tunnel
93 - ct-timeout
94 - secmark
95 - ct-expect
96 - synproxy
97 -
98 name: nat-range-flags
99 type: flags
100 entries:
101 - map-ips
102 - proto-specified
103 - proto-random
104 - persistent
105 - proto-random-fully
106 - proto-offset
107 - netmap
108 -
109 name: table-flags
110 type: flags
111 entries:
112 - dormant
113 - owner
114 - persist
115 -
116 name: chain-flags
117 type: flags
118 entries:
119 - base
120 - hw-offload
121 - binding
122 -
123 name: set-flags
124 type: flags
125 entries:
126 - anonymous
127 - constant
128 - interval
129 - map
130 - timeout
131 - eval
132 - object
133 - concat
134 - expr
135 -
136 name: lookup-flags
137 type: flags
138 entries:
139 - invert
140 -
141 name: ct-keys
142 type: enum
143 entries:
144 - state
145 - direction
146 - status
147 - mark
148 - secmark
149 - expiration
150 - helper
151 - l3protocol
152 - src
153 - dst
154 - protocol
155 - proto-src
156 - proto-dst
157 - labels
158 - pkts
159 - bytes
160 - avgpkt
161 - zone
162 - eventmask
163 - src-ip
164 - dst-ip
165 - src-ip6
166 - dst-ip6
167 - ct-id
168 -
169 name: ct-direction
170 type: enum
171 entries:
172 - original
173 - reply
174 -
175 name: quota-flags
176 type: flags
177 entries:
178 - invert
179 - depleted
180 -
181 name: verdict-code
182 type: enum
183 entries:
184 - name: continue
185 value: 0xffffffff
186 - name: break
187 value: 0xfffffffe
188 - name: jump
189 value: 0xfffffffd
190 - name: goto
191 value: 0xfffffffc
192 - name: return
193 value: 0xfffffffb
194 - name: drop
195 value: 0
196 - name: accept
197 value: 1
198 - name: stolen
199 value: 2
200 - name: queue
201 value: 3
202 - name: repeat
203 value: 4
204 -
205 name: fib-result
206 type: enum
207 entries:
208 - oif
209 - oifname
210 - addrtype
211 -
212 name: fib-flags
213 type: flags
214 entries:
215 - saddr
216 - daddr
217 - mark
218 - iif
219 - oif
220 - present
221 -
222 name: reject-types
223 type: enum
224 entries:
225 - icmp-unreach
226 - tcp-rst
227 - icmpx-unreach
229 attribute-sets:
230 -
231 name: empty-attrs
232 attributes:
233 -
234 name: name
235 type: string
236 -
237 name: batch-attrs
238 attributes:
239 -
240 name: genid
241 type: u32
242 byte-order: big-endian
243 -
244 name: table-attrs
245 attributes:
246 -
247 name: name
248 type: string
249 doc: name of the table
250 -
251 name: flags
252 type: u32
253 byte-order: big-endian
254 doc: bitmask of flags
255 enum: table-flags
256 enum-as-flags: true
257 -
258 name: use
259 type: u32
260 byte-order: big-endian
261 doc: number of chains in this table
262 -
263 name: handle
264 type: u64
265 byte-order: big-endian
266 doc: numeric handle of the table
267 -
268 name: userdata
269 type: binary
270 doc: user data
271 -
272 name: chain-attrs
273 attributes:
274 -
275 name: table
276 type: string
277 doc: name of the table containing the chain
278 -
279 name: handle
280 type: u64
281 byte-order: big-endian
282 doc: numeric handle of the chain
283 -
284 name: name
285 type: string
286 doc: name of the chain
287 -
288 name: hook
289 type: nest
290 nested-attributes: nft-hook-attrs
291 doc: hook specification for basechains
292 -
293 name: policy
294 type: u32
295 byte-order: big-endian
296 doc: numeric policy of the chain
297 -
298 name: use
299 type: u32
300 byte-order: big-endian
301 doc: number of references to this chain
302 -
303 name: type
304 type: string
305 doc: type name of the chain
306 -
307 name: counters
308 type: nest
309 nested-attributes: nft-counter-attrs
310 doc: counter specification of the chain
311 -
312 name: flags
313 type: u32
314 byte-order: big-endian
315 doc: chain flags
316 enum: chain-flags
317 enum-as-flags: true
318 -
319 name: id
320 type: u32
321 byte-order: big-endian
322 doc: uniquely identifies a chain in a transaction
323 -
324 name: userdata
325 type: binary
326 doc: user data
327 -
328 name: counter-attrs
329 attributes:
330 -
331 name: bytes
332 type: u64
333 byte-order: big-endian
334 -
335 name: packets
336 type: u64
337 byte-order: big-endian
338 -
339 name: pad
340 type: pad
341 -
342 name: nft-hook-attrs
343 attributes:
344 -
345 name: num
346 type: u32
347 byte-order: big-endian
348 -
349 name: priority
350 type: s32
351 byte-order: big-endian
352 -
353 name: dev
354 type: string
355 doc: net device name
356 -
357 name: devs
358 type: nest
359 nested-attributes: hook-dev-attrs
360 doc: list of net devices
361 -
362 name: hook-dev-attrs
363 attributes:
364 -
365 name: name
366 type: string
367 multi-attr: true
368 -
369 name: nft-counter-attrs
370 attributes:
371 -
372 name: bytes
373 type: u64
374 -
375 name: packets
376 type: u64
377 -
378 name: rule-attrs
379 attributes:
380 -
381 name: table
382 type: string
383 doc: name of the table containing the rule
384 -
385 name: chain
386 type: string
387 doc: name of the chain containing the rule
388 -
389 name: handle
390 type: u64
391 byte-order: big-endian
392 doc: numeric handle of the rule
393 -
394 name: expressions
395 type: nest
396 nested-attributes: expr-list-attrs
397 doc: list of expressions
398 -
399 name: compat
400 type: nest
401 nested-attributes: rule-compat-attrs
402 doc: compatibility specifications of the rule
403 -
404 name: position
405 type: u64
406 byte-order: big-endian
407 doc: numeric handle of the previous rule
408 -
409 name: userdata
410 type: binary
411 doc: user data
412 -
413 name: id
414 type: u32
415 doc: uniquely identifies a rule in a transaction
416 -
417 name: position-id
418 type: u32
419 doc: transaction unique identifier of the previous rule
420 -
421 name: chain-id
422 type: u32
423 doc: add the rule to chain by ID, alternative to chain name
424 -
425 name: expr-list-attrs
426 attributes:
427 -
428 name: elem
429 type: nest
430 nested-attributes: expr-attrs
431 multi-attr: true
432 -
433 name: expr-attrs
434 attributes:
435 -
436 name: name
437 type: string
438 doc: name of the expression type
439 -
440 name: data
441 type: sub-message
442 sub-message: expr-ops
443 selector: name
444 doc: type specific data
445 -
446 name: rule-compat-attrs
447 attributes:
448 -
449 name: proto
450 type: binary
451 doc: numeric value of the handled protocol
452 -
453 name: flags
454 type: binary
455 doc: bitmask of flags
456 -
457 name: set-attrs
458 attributes:
459 -
460 name: table
461 type: string
462 doc: table name
463 -
464 name: name
465 type: string
466 doc: set name
467 -
468 name: flags
469 type: u32
470 enum: set-flags
471 byte-order: big-endian
472 doc: bitmask of enum nft_set_flags
473 -
474 name: key-type
475 type: u32
476 byte-order: big-endian
477 doc: key data type, informational purpose only
478 -
479 name: key-len
480 type: u32
481 byte-order: big-endian
482 doc: key data length
483 -
484 name: data-type
485 type: u32
486 byte-order: big-endian
487 doc: mapping data type
488 -
489 name: data-len
490 type: u32
491 byte-order: big-endian
492 doc: mapping data length
493 -
494 name: policy
495 type: u32
496 byte-order: big-endian
497 doc: selection policy
498 -
499 name: desc
500 type: nest
501 nested-attributes: set-desc-attrs
502 doc: set description
503 -
504 name: id
505 type: u32
506 doc: uniquely identifies a set in a transaction
507 -
508 name: timeout
509 type: u64
510 doc: default timeout value
511 -
512 name: gc-interval
513 type: u32
514 doc: garbage collection interval
515 -
516 name: userdata
517 type: binary
518 doc: user data
519 -
520 name: pad
521 type: pad
522 -
523 name: obj-type
524 type: u32
525 byte-order: big-endian
526 doc: stateful object type
527 -
528 name: handle
529 type: u64
530 byte-order: big-endian
531 doc: set handle
532 -
533 name: expr
534 type: nest
535 nested-attributes: expr-attrs
536 doc: set expression
537 multi-attr: true
538 -
539 name: expressions
540 type: nest
541 nested-attributes: set-list-attrs
542 doc: list of expressions
543 -
544 name: set-desc-attrs
545 attributes:
546 -
547 name: size
548 type: u32
549 byte-order: big-endian
550 doc: number of elements in set
551 -
552 name: concat
553 type: nest
554 nested-attributes: set-desc-concat-attrs
555 doc: description of field concatenation
556 multi-attr: true
557 -
558 name: set-desc-concat-attrs
559 attributes:
560 -
561 name: elem
562 type: nest
563 nested-attributes: set-field-attrs
564 -
565 name: set-field-attrs
566 attributes:
567 -
568 name: len
569 type: u32
570 byte-order: big-endian
571 -
572 name: set-list-attrs
573 attributes:
574 -
575 name: elem
576 type: nest
577 nested-attributes: expr-attrs
578 multi-attr: true
579 -
580 name: setelem-attrs
581 attributes:
582 -
583 name: key
584 type: nest
585 nested-attributes: data-attrs
586 doc: key value
587 -
588 name: data
589 type: nest
590 nested-attributes: data-attrs
591 doc: data value of mapping
592 -
593 name: flags
594 type: binary
595 doc: bitmask of nft_set_elem_flags
596 -
597 name: timeout
598 type: u64
599 doc: timeout value
600 -
601 name: expiration
602 type: u64
603 doc: expiration time
604 -
605 name: userdata
606 type: binary
607 doc: user data
608 -
609 name: expr
610 type: nest
611 nested-attributes: expr-attrs
612 doc: expression
613 -
614 name: objref
615 type: string
616 doc: stateful object reference
617 -
618 name: key-end
619 type: nest
620 nested-attributes: data-attrs
621 doc: closing key value
622 -
623 name: expressions
624 type: nest
625 nested-attributes: expr-list-attrs
626 doc: list of expressions
627 -
628 name: setelem-list-elem-attrs
629 attributes:
630 -
631 name: elem
632 type: nest
633 nested-attributes: setelem-attrs
634 multi-attr: true
635 -
636 name: setelem-list-attrs
637 attributes:
638 -
639 name: table
640 type: string
641 -
642 name: set
643 type: string
644 -
645 name: elements
646 type: nest
647 nested-attributes: setelem-list-elem-attrs
648 -
649 name: set-id
650 type: u32
651 -
652 name: gen-attrs
653 attributes:
654 -
655 name: id
656 type: u32
657 byte-order: big-endian
658 doc: ruleset generation id
659 -
660 name: proc-pid
661 type: u32
662 byte-order: big-endian
663 -
664 name: proc-name
665 type: string
666 -
667 name: obj-attrs
668 attributes:
669 -
670 name: table
671 type: string
672 doc: name of the table containing the expression
673 -
674 name: name
675 type: string
676 doc: name of this expression type
677 -
678 name: type
679 type: u32
680 enum: object-type
681 byte-order: big-endian
682 doc: stateful object type
683 -
684 name: data
685 type: sub-message
686 sub-message: obj-data
687 selector: type
688 doc: stateful object data
689 -
690 name: use
691 type: u32
692 byte-order: big-endian
693 doc: number of references to this expression
694 -
695 name: handle
696 type: u64
697 byte-order: big-endian
698 doc: object handle
699 -
700 name: pad
701 type: pad
702 -
703 name: userdata
704 type: binary
705 doc: user data
706 -
707 name: quota-attrs
708 attributes:
709 -
710 name: bytes
711 type: u64
712 byte-order: big-endian
713 -
714 name: flags
715 type: u32
716 byte-order: big-endian
717 enum: quota-flags
718 -
719 name: pad
720 type: pad
721 -
722 name: consumed
723 type: u64
724 byte-order: big-endian
725 -
726 name: flowtable-attrs
727 attributes:
728 -
729 name: table
730 type: string
731 -
732 name: name
733 type: string
734 -
735 name: hook
736 type: nest
737 nested-attributes: flowtable-hook-attrs
738 -
739 name: use
740 type: u32
741 byte-order: big-endian
742 -
743 name: handle
744 type: u64
745 byte-order: big-endian
746 -
747 name: pad
748 type: pad
749 -
750 name: flags
751 type: u32
752 byte-order: big-endian
753 -
754 name: flowtable-hook-attrs
755 attributes:
756 -
757 name: num
758 type: u32
759 byte-order: big-endian
760 -
761 name: priority
762 type: u32
763 byte-order: big-endian
764 -
765 name: devs
766 type: nest
767 nested-attributes: hook-dev-attrs
768 -
769 name: expr-bitwise-attrs
770 attributes:
771 -
772 name: sreg
773 type: u32
774 byte-order: big-endian
775 -
776 name: dreg
777 type: u32
778 byte-order: big-endian
779 -
780 name: len
781 type: u32
782 byte-order: big-endian
783 -
784 name: mask
785 type: nest
786 nested-attributes: data-attrs
787 -
788 name: xor
789 type: nest
790 nested-attributes: data-attrs
791 -
792 name: op
793 type: u32
794 byte-order: big-endian
795 enum: bitwise-ops
796 -
797 name: data
798 type: nest
799 nested-attributes: data-attrs
800 -
801 name: expr-cmp-attrs
802 attributes:
803 -
804 name: sreg
805 type: u32
806 byte-order: big-endian
807 -
808 name: op
809 type: u32
810 byte-order: big-endian
811 enum: cmp-ops
812 -
813 name: data
814 type: nest
815 nested-attributes: data-attrs
816 -
817 name: data-attrs
818 attributes:
819 -
820 name: value
821 type: binary
822 # sub-type: u8
823 -
824 name: verdict
825 type: nest
826 nested-attributes: verdict-attrs
827 -
828 name: verdict-attrs
829 attributes:
830 -
831 name: code
832 type: u32
833 byte-order: big-endian
834 enum: verdict-code
835 -
836 name: chain
837 type: string
838 -
839 name: chain-id
840 type: u32
841 -
842 name: expr-counter-attrs
843 attributes:
844 -
845 name: bytes
846 type: u64
847 doc: Number of bytes
848 -
849 name: packets
850 type: u64
851 doc: Number of packets
852 -
853 name: pad
854 type: pad
855 -
856 name: expr-fib-attrs
857 attributes:
858 -
859 name: dreg
860 type: u32
861 byte-order: big-endian
862 -
863 name: result
864 type: u32
865 byte-order: big-endian
866 enum: fib-result
867 -
868 name: flags
869 type: u32
870 byte-order: big-endian
871 enum: fib-flags
872 -
873 name: expr-ct-attrs
874 attributes:
875 -
876 name: dreg
877 type: u32
878 byte-order: big-endian
879 -
880 name: key
881 type: u32
882 byte-order: big-endian
883 enum: ct-keys
884 -
885 name: direction
886 type: u8
887 enum: ct-direction
888 -
889 name: sreg
890 type: u32
891 byte-order: big-endian
892 -
893 name: expr-flow-offload-attrs
894 attributes:
895 -
896 name: name
897 type: string
898 doc: Flow offload table name
899 -
900 name: expr-immediate-attrs
901 attributes:
902 -
903 name: dreg
904 type: u32
905 byte-order: big-endian
906 -
907 name: data
908 type: nest
909 nested-attributes: data-attrs
910 -
911 name: expr-lookup-attrs
912 attributes:
913 -
914 name: set
915 type: string
916 doc: Name of set to use
917 -
918 name: set id
919 type: u32
920 byte-order: big-endian
921 doc: ID of set to use
922 -
923 name: sreg
924 type: u32
925 byte-order: big-endian
926 -
927 name: dreg
928 type: u32
929 byte-order: big-endian
930 -
931 name: flags
932 type: u32
933 byte-order: big-endian
934 enum: lookup-flags
935 -
936 name: expr-meta-attrs
937 attributes:
938 -
939 name: dreg
940 type: u32
941 byte-order: big-endian
942 -
943 name: key
944 type: u32
945 byte-order: big-endian
946 enum: meta-keys
947 -
948 name: sreg
949 type: u32
950 byte-order: big-endian
951 -
952 name: expr-nat-attrs
953 attributes:
954 -
955 name: type
956 type: u32
957 byte-order: big-endian
958 -
959 name: family
960 type: u32
961 byte-order: big-endian
962 -
963 name: reg-addr-min
964 type: u32
965 byte-order: big-endian
966 -
967 name: reg-addr-max
968 type: u32
969 byte-order: big-endian
970 -
971 name: reg-proto-min
972 type: u32
973 byte-order: big-endian
974 -
975 name: reg-proto-max
976 type: u32
977 byte-order: big-endian
978 -
979 name: flags
980 type: u32
981 byte-order: big-endian
982 enum: nat-range-flags
983 enum-as-flags: true
984 -
985 name: expr-payload-attrs
986 attributes:
987 -
988 name: dreg
989 type: u32
990 byte-order: big-endian
991 -
992 name: base
993 type: u32
994 byte-order: big-endian
995 -
996 name: offset
997 type: u32
998 byte-order: big-endian
999 -
1000 name: len
1001 type: u32
1002 byte-order: big-endian
1003 -
1004 name: sreg
1005 type: u32
1006 byte-order: big-endian
1007 -
1008 name: csum-type
1009 type: u32
1010 byte-order: big-endian
1011 -
1012 name: csum-offset
1013 type: u32
1014 byte-order: big-endian
1015 -
1016 name: csum-flags
1017 type: u32
1018 byte-order: big-endian
1019 -
1020 name: expr-reject-attrs
1021 attributes:
1022 -
1023 name: type
1024 type: u32
1025 byte-order: big-endian
1026 enum: reject-types
1027 -
1028 name: icmp-code
1029 type: u8
1030 -
1031 name: expr-target-attrs
1032 attributes:
1033 -
1034 name: name
1035 type: string
1036 -
1037 name: rev
1038 type: u32
1039 byte-order: big-endian
1040 -
1041 name: info
1042 type: binary
1043 -
1044 name: expr-tproxy-attrs
1045 attributes:
1046 -
1047 name: family
1048 type: u32
1049 byte-order: big-endian
1050 -
1051 name: reg-addr
1052 type: u32
1053 byte-order: big-endian
1054 -
1055 name: reg-port
1056 type: u32
1057 byte-order: big-endian
1058 -
1059 name: expr-objref-attrs
1060 attributes:
1061 -
1062 name: imm-type
1063 type: u32
1064 byte-order: big-endian
1065 -
1066 name: imm-name
1067 type: string
1068 doc: object name
1069 -
1070 name: set-sreg
1071 type: u32
1072 byte-order: big-endian
1073 -
1074 name: set-name
1075 type: string
1076 doc: name of object map
1077 -
1078 name: set-id
1079 type: u32
1080 byte-order: big-endian
1081 doc: id of object map
1083 sub-messages:
1084 -
1085 name: expr-ops
1086 formats:
1087 -
1088 value: bitwise
1089 attribute-set: expr-bitwise-attrs
1090 -
1091 value: cmp
1092 attribute-set: expr-cmp-attrs
1093 -
1094 value: counter
1095 attribute-set: expr-counter-attrs
1096 -
1097 value: ct
1098 attribute-set: expr-ct-attrs
1099 -
1100 value: fib
1101 attribute-set: expr-fib-attrs
1102 -
1103 value: flow_offload
1104 attribute-set: expr-flow-offload-attrs
1105 -
1106 value: immediate
1107 attribute-set: expr-immediate-attrs
1108 -
1109 value: lookup
1110 attribute-set: expr-lookup-attrs
1111 -
1112 value: meta
1113 attribute-set: expr-meta-attrs
1114 -
1115 value: nat
1116 attribute-set: expr-nat-attrs
1117 -
1118 value: objref
1119 attribute-set: expr-objref-attrs
1120 -
1121 value: payload
1122 attribute-set: expr-payload-attrs
1123 -
1124 value: quota
1125 attribute-set: quota-attrs
1126 -
1127 value: reject
1128 attribute-set: expr-reject-attrs
1129 -
1130 value: target
1131 attribute-set: expr-target-attrs
1132 -
1133 value: tproxy
1134 attribute-set: expr-tproxy-attrs
1135 -
1136 name: obj-data
1137 formats:
1138 -
1139 value: counter
1140 attribute-set: counter-attrs
1141 -
1142 value: quota
1143 attribute-set: quota-attrs
1145 operations:
1146 enum-model: directional
1147 list:
1148 -
1149 name: batch-begin
1150 doc: Start a batch of operations
1151 attribute-set: batch-attrs
1152 fixed-header: nfgenmsg
1153 do:
1154 request:
1155 value: 0x10
1156 attributes:
1157 - genid
1158 reply:
1159 value: 0x10
1160 attributes:
1161 - genid
1162 -
1163 name: batch-end
1164 doc: Finish a batch of operations
1165 attribute-set: batch-attrs
1166 fixed-header: nfgenmsg
1167 do:
1168 request:
1169 value: 0x11
1170 attributes:
1171 - genid
1172 -
1173 name: newtable
1174 doc: Create a new table.
1175 attribute-set: table-attrs
1176 fixed-header: nfgenmsg
1177 do:
1178 request:
1179 value: 0xa00
1180 attributes:
1181 - name
1182 -
1183 name: gettable
1184 doc: Get / dump tables.
1185 attribute-set: table-attrs
1186 fixed-header: nfgenmsg
1187 do:
1188 request:
1189 value: 0xa01
1190 attributes:
1191 - name
1192 reply:
1193 value: 0xa00
1194 attributes:
1195 - name
1196 -
1197 name: deltable
1198 doc: Delete an existing table.
1199 attribute-set: table-attrs
1200 fixed-header: nfgenmsg
1201 do:
1202 request:
1203 value: 0xa02
1204 attributes:
1205 - name
1206 -
1207 name: destroytable
1208 doc: Delete an existing table with destroy semantics (ignoring ENOENT errors).
1209 attribute-set: table-attrs
1210 fixed-header: nfgenmsg
1211 do:
1212 request:
1213 value: 0xa1a
1214 attributes:
1215 - name
1216 -
1217 name: newchain
1218 doc: Create a new chain.
1219 attribute-set: chain-attrs
1220 fixed-header: nfgenmsg
1221 do:
1222 request:
1223 value: 0xa03
1224 attributes:
1225 - name
1226 -
1227 name: getchain
1228 doc: Get / dump chains.
1229 attribute-set: chain-attrs
1230 fixed-header: nfgenmsg
1231 do:
1232 request:
1233 value: 0xa04
1234 attributes:
1235 - name
1236 reply:
1237 value: 0xa03
1238 attributes:
1239 - name
1240 -
1241 name: delchain
1242 doc: Delete an existing chain.
1243 attribute-set: chain-attrs
1244 fixed-header: nfgenmsg
1245 do:
1246 request:
1247 value: 0xa05
1248 attributes:
1249 - name
1250 -
1251 name: destroychain
1252 doc: Delete an existing chain with destroy semantics (ignoring ENOENT errors).
1253 attribute-set: chain-attrs
1254 fixed-header: nfgenmsg
1255 do:
1256 request:
1257 value: 0xa1b
1258 attributes:
1259 - name
1260 -
1261 name: newrule
1262 doc: Create a new rule.
1263 attribute-set: rule-attrs
1264 fixed-header: nfgenmsg
1265 do:
1266 request:
1267 value: 0xa06
1268 attributes:
1269 - name
1270 -
1271 name: getrule
1272 doc: Get / dump rules.
1273 attribute-set: rule-attrs
1274 fixed-header: nfgenmsg
1275 do:
1276 request:
1277 value: 0xa07
1278 attributes:
1279 - name
1280 reply:
1281 value: 0xa06
1282 attributes:
1283 - name
1284 -
1285 name: getrule-reset
1286 doc: Get / dump rules and reset stateful expressions.
1287 attribute-set: rule-attrs
1288 fixed-header: nfgenmsg
1289 do:
1290 request:
1291 value: 0xa19
1292 attributes:
1293 - name
1294 reply:
1295 value: 0xa06
1296 attributes:
1297 - name
1298 -
1299 name: delrule
1300 doc: Delete an existing rule.
1301 attribute-set: rule-attrs
1302 fixed-header: nfgenmsg
1303 do:
1304 request:
1305 value: 0xa08
1306 attributes:
1307 - name
1308 -
1309 name: destroyrule
1310 doc: Delete an existing rule with destroy semantics (ignoring ENOENT errors).
1311 attribute-set: rule-attrs
1312 fixed-header: nfgenmsg
1313 do:
1314 request:
1315 value: 0xa1c
1316 attributes:
1317 - name
1318 -
1319 name: newset
1320 doc: Create a new set.
1321 attribute-set: set-attrs
1322 fixed-header: nfgenmsg
1323 do:
1324 request:
1325 value: 0xa09
1326 attributes:
1327 - name
1328 -
1329 name: getset
1330 doc: Get / dump sets.
1331 attribute-set: set-attrs
1332 fixed-header: nfgenmsg
1333 do:
1334 request:
1335 value: 0xa0a
1336 attributes:
1337 - name
1338 reply:
1339 value: 0xa09
1340 attributes:
1341 - name
1342 -
1343 name: delset
1344 doc: Delete an existing set.
1345 attribute-set: set-attrs
1346 fixed-header: nfgenmsg
1347 do:
1348 request:
1349 value: 0xa0b
1350 attributes:
1351 - name
1352 -
1353 name: destroyset
1354 doc: Delete an existing set with destroy semantics (ignoring ENOENT errors).
1355 attribute-set: set-attrs
1356 fixed-header: nfgenmsg
1357 do:
1358 request:
1359 value: 0xa1d
1360 attributes:
1361 - name
1362 -
1363 name: newsetelem
1364 doc: Create a new set element.
1365 attribute-set: setelem-list-attrs
1366 fixed-header: nfgenmsg
1367 do:
1368 request:
1369 value: 0xa0c
1370 attributes:
1371 - name
1372 -
1373 name: getsetelem
1374 doc: Get / dump set elements.
1375 attribute-set: setelem-list-attrs
1376 fixed-header: nfgenmsg
1377 do:
1378 request:
1379 value: 0xa0d
1380 attributes:
1381 - name
1382 reply:
1383 value: 0xa0c
1384 attributes:
1385 - name
1386 -
1387 name: getsetelem-reset
1388 doc: Get / dump set elements and reset stateful expressions.
1389 attribute-set: setelem-list-attrs
1390 fixed-header: nfgenmsg
1391 do:
1392 request:
1393 value: 0xa21
1394 attributes:
1395 - name
1396 reply:
1397 value: 0xa0c
1398 attributes:
1399 - name
1400 -
1401 name: delsetelem
1402 doc: Delete an existing set element.
1403 attribute-set: setelem-list-attrs
1404 fixed-header: nfgenmsg
1405 do:
1406 request:
1407 value: 0xa0e
1408 attributes:
1409 - name
1410 -
1411 name: destroysetelem
1412 doc: Delete an existing set element with destroy semantics.
1413 attribute-set: setelem-list-attrs
1414 fixed-header: nfgenmsg
1415 do:
1416 request:
1417 value: 0xa1e
1418 attributes:
1419 - name
1420 -
1421 name: getgen
1422 doc: Get / dump rule-set generation.
1423 attribute-set: gen-attrs
1424 fixed-header: nfgenmsg
1425 do:
1426 request:
1427 value: 0xa10
1428 attributes:
1429 - name
1430 reply:
1431 value: 0xa0f
1432 attributes:
1433 - name
1434 -
1435 name: newobj
1436 doc: Create a new stateful object.
1437 attribute-set: obj-attrs
1438 fixed-header: nfgenmsg
1439 do:
1440 request:
1441 value: 0xa12
1442 attributes:
1443 - name
1444 -
1445 name: getobj
1446 doc: Get / dump stateful objects.
1447 attribute-set: obj-attrs
1448 fixed-header: nfgenmsg
1449 do:
1450 request:
1451 value: 0xa13
1452 attributes:
1453 - name
1454 reply:
1455 value: 0xa12
1456 attributes:
1457 - name
1458 -
1459 name: delobj
1460 doc: Delete an existing stateful object.
1461 attribute-set: obj-attrs
1462 fixed-header: nfgenmsg
1463 do:
1464 request:
1465 value: 0xa14
1466 attributes:
1467 - name
1468 -
1469 name: destroyobj
1470 doc: Delete an existing stateful object with destroy semantics.
1471 attribute-set: obj-attrs
1472 fixed-header: nfgenmsg
1473 do:
1474 request:
1475 value: 0xa1f
1476 attributes:
1477 - name
1478 -
1479 name: newflowtable
1480 doc: Create a new flow table.
1481 attribute-set: flowtable-attrs
1482 fixed-header: nfgenmsg
1483 do:
1484 request:
1485 value: 0xa16
1486 attributes:
1487 - name
1488 -
1489 name: getflowtable
1490 doc: Get / dump flow tables.
1491 attribute-set: flowtable-attrs
1492 fixed-header: nfgenmsg
1493 do:
1494 request:
1495 value: 0xa17
1496 attributes:
1497 - name
1498 reply:
1499 value: 0xa16
1500 attributes:
1501 - name
1502 -
1503 name: delflowtable
1504 doc: Delete an existing flow table.
1505 attribute-set: flowtable-attrs
1506 fixed-header: nfgenmsg
1507 do:
1508 request:
1509 value: 0xa18
1510 attributes:
1511 - name
1512 -
1513 name: destroyflowtable
1514 doc: Delete an existing flow table with destroy semantics.
1515 attribute-set: flowtable-attrs
1516 fixed-header: nfgenmsg
1517 do:
1518 request:
1519 value: 0xa20
1520 attributes:
1521 - name
1523 mcast-groups:
1524 list:
1525 -
1526 name: mgmt