Expand description
Contains the global structure of an Nftables document.
See https://manpages.debian.org/testing/libnftables1/libnftables-json.5.en.html#GLOBAL_STRUCTURE.
Structs§
- CTExpectation
- This object represents a named conntrack expectation.
- CTHelper
- Enable the specified conntrack helper for this packet.
- CTTimeout
- This object represents a named conntrack timeout policy.
- Chain
- This object describes a chain.
- Counter
- This object represents a named counter.
- Element
- Manipulate element(s) in a named set.
- Flow
Table - Flowtables allow you to accelerate packet forwarding in software (and in hardware if your NIC supports it) by using a conntrack-based network stack bypass.
- Limit
- This object represents a named limit.
- Map
- Named map that holds expression elements. Maps are a special form of sets in that they translate a unique key to a value.
- Metainfo
Object - Library information in output.
- Meter
- Nftables
- In general, any JSON input or output is enclosed in an object with a single property named nftables.
- Quota
- This object represents a named quota.
- Rule
- This object describes a rule.
- Ruleset
- Represents the live ruleset (to be flushed).
- Set
- Named set that holds expression elements.
- SynProxy
- SynProxy intercepts new TCP connections and handles the initial 3-way handshake using syncookies instead of conntrack to establish the connection.
- Table
- This object describes a table.
Enums§
- Flush
Object - Empty contents in given object, e.g. remove all chains from given table or remove all elements from given set.
- Limit
Unit - A unit used in limits.
- NfCmd
- A command is an object with a single property whose name identifies the command.
- NfList
Object - A ruleset element in an nftables document.
- NfObject
- A ruleset element or command in an nftables document.
- Reset
Object - Reset state in suitable objects, i.e. zero their internal counter.
- SetFlag
- Describes a set’s flags.
- SetOp
- Describes an operator on set.
- SetPolicy
- Describes a set’s policy.
- SetType
- Describes a set’s datatype.
- SetType
Value - Wrapper for single or concatenated set types.
The set type might be a string, such as
"ipv4_addr"or an array consisting of strings (for concatenated types).