netfilter: add new hook nfnl subsystem (e2cf17d3) · Commits · Linaro / qcomlt / demos / linux

Commit e2cf17d3 authored 3 years ago by Florian Westphal Committed by Pablo Neira Ayuso 3 years ago

netfilter: add new hook nfnl subsystem


This nfnl subsystem allows to dump the list of all active netfiler hooks,
e.g. defrag, conntrack, nf/ip/arp/ip6tables and so on.

This helps to see what kind of features are currently enabled in
the network stack.

Sample output from nft tool using this infra:

 $ nft list hook ip input
 family ip hook input {
   +0000000010 nft_do_chain_inet [nf_tables] # nft table firewalld INPUT
   +0000000100 nf_nat_ipv4_local_in [nf_nat]
   +2147483647 ipv4_confirm [nf_conntrack]
 }

Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

parent 7b4b2fa3

No related branches found

No related tags found

No related merge requests found

Hide whitespace changes

Inline Side-by-side

Showing with 443 additions and 1 deletion

Please register or to comment