Monitoring ruleset updates

From nftables wiki
Jump to navigation Jump to search

nft can display notifications of ruleset updates through: 

 % nft monitor

This subscribes nft to any kind of ruleset update.

You can filter out events per type of:

  • object: tables, chains, rules, sets and elements.
  • event: new and destroy.

The output format can be:

  • plain text (ie. native nft format)
  • xml
  • json

The following example shows how to follow track of rule updates only: 

 % nft monitor rules

In case, you only want to receive only new rules: 

 % nft monitor new rules

A bit more developed example

Type the following in a terminal: 

 term1% nft monitor

From a different terminal, if you type this: 

 term2% nft add table inet filter
 term2% nft add chain inet filter forward
 term2% nft add rule inet filter forward counter accept
 term2% nft flush table inet filter forward
 term2% nft flush ruleset

Then, if you go back to the term1, you'll see: 

 term1% nft monitor
 add table inet filter
 add chain inet filter forward
 add rule inet filter forward counter packets 0 bytes 0 accept
 delete rule inet filter forward handle 4
 delete chain inet filter forward
 delete table inet filter
Retrieved from "http://wiki.nftables.org/wiki-nftables/index.php?title=Monitoring_ruleset_updates&oldid=19"