Struct NftablesConfig 

pub struct NftablesConfig { /* private fields */ }

A complete declarative nftables ruleset. Construct via Self::new + fluent setters; commit via the diff/apply flow on Connection<Nftables>.

See the module-level docs for usage.

Implementations

impl NftablesConfig

pub async fn diff(&self, conn: &Connection<Nftables>) -> Result<NftablesDiff>

Compute the diff between this declared config and the kernel’s current state.

Rule-identity caveat (0.16)

Rules without a handle_key are always added — there’s no diff identity for them. Rules with a handle_key are matched against kernel rules by the key (the kernel doesn’t know our keys; we just emit the same set as we declared, and any extras are deleted on apply). Full byte-canonical diff is a follow-up; this gets the user a working declarative apply now with explicit churn-vs-correctness trade-off.

impl NftablesConfig

pub fn new() -> Self

Construct an empty config. Add tables via Self::table.

pub fn table<F>(self, name: impl Into<String>, family: Family, f: F) -> Self

where F: FnOnce(DeclaredTableBuilder) -> DeclaredTableBuilder,

Declare a table. The closure receives a DeclaredTableBuilder that lets you nest chains, rules, and flowtables inside the table — matching the visual hierarchy of nft list ruleset.

pub fn tables(&self) -> &[DeclaredTable]

All declared tables. Borrowed view.

pub fn is_empty(&self) -> bool

Is this config empty?

Trait Implementations

impl Clone for NftablesConfig

fn clone(&self) -> NftablesConfig

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for NftablesConfig

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Default for NftablesConfig

fn default() -> NftablesConfig

Returns the “default value” for a type.