nftables

Go to file

Nikita Vorontsov 1148f1a84f add DestroyTable and SetDestroyElements (#322 ) These methods are like their DeleteTable and SetDeleteElements counterparts, but they do not return an error if the specified table/set does not exist.		2025-09-02 14:08:18 +02:00
.github/workflows	Add integration tests for nftables package	2025-01-15 12:42:22 +01:00
alignedbuff	alignedbuff: fix alignment test issue on 32-bit machines (#211 )	2022-12-12 08:51:36 +01:00
binaryutil	add int32 and string types to alignedbuff (#195 )	2022-10-15 21:04:45 +02:00
expr	ct: Add optional direction fields (#317 )	2025-06-06 11:18:25 +02:00
integration	Add integration tests for nftables package	2025-01-15 12:42:22 +01:00
internal	Set rule handle during flush (#299 )	2025-03-26 09:24:33 +01:00
userdata	add support for comments in set elements (#293 )	2025-01-15 09:36:42 +01:00
xt	feat: add xt.Comment (#260 )	2024-04-22 08:53:34 +02:00
CONTRIBUTING.md	Initial commit	2018-05-24 22:09:26 -07:00
LICENSE	Initial commit	2018-05-24 22:09:26 -07:00
README.md	README: switch to GitHub actions badge	2021-05-14 17:48:51 +02:00
chain.go	Set rule handle during flush (#299 )	2025-03-26 09:24:33 +01:00
compat_policy.go	Fix: add NFTA_RULE_COMPAT attribute (#207 )	2022-12-08 09:05:15 +01:00
compat_policy_test.go	Fix: add NFTA_RULE_COMPAT attribute (#207 )	2022-12-08 09:05:15 +01:00
conn.go	Add GetGen method to retrieve current generation ID (#325 )	2025-09-02 14:05:05 +02:00
counter.go	refactor nftable Object handling (NamedObj type) (#259 )	2024-07-29 08:43:58 +02:00
doc.go	Restructure code base into smaller files (#15 )	2019-05-03 23:54:09 +02:00
flowtable.go	Set rule handle during flush (#299 )	2025-03-26 09:24:33 +01:00
gen.go	Add GetGen method to retrieve current generation ID (#325 )	2025-09-02 14:05:05 +02:00
go.mod	Automatically set socket read & write buffer sizes (#312 )	2025-07-02 09:53:17 +02:00
go.sum	Automatically set socket read & write buffer sizes (#312 )	2025-07-02 09:53:17 +02:00
monitor.go	Implement AddGenerationalMonitor to deliver monitor events in batches (#283 )	2024-11-09 12:07:36 +01:00
monitor_test.go	Add GetGen method to retrieve current generation ID (#325 )	2025-09-02 14:05:05 +02:00
nftables_test.go	add DestroyTable and SetDestroyElements (#322 )	2025-09-02 14:08:18 +02:00
obj.go	Set rule handle during flush (#299 )	2025-03-26 09:24:33 +01:00
quota.go	Fix Fib parsing (#296 )	2025-01-16 09:15:33 +01:00
rule.go	Deprecate Rule.Flags field (#304 )	2025-03-26 09:57:20 +01:00
set.go	add DestroyTable and SetDestroyElements (#322 )	2025-09-02 14:08:18 +02:00
set_test.go	fix set.KeyType overwrite for vmap (#319 )	2025-07-14 13:43:15 +02:00
table.go	add DestroyTable and SetDestroyElements (#322 )	2025-09-02 14:08:18 +02:00
util.go	Fix incorrect size check in NFGenMsg (#287 )	2024-12-13 07:30:25 +01:00
util_test.go	NAT: prefix test	2024-01-12 21:30:04 +01:00

README.md

This is not the correct repository for issues with the Linux nftables project! This repository contains a third-party Go package to programmatically interact with nftables. Find the official nftables website at https://wiki.nftables.org/

This package manipulates Linux nftables (the iptables successor). It is implemented in pure Go, i.e. does not wrap libnftnl.

This is not an official Google product.

Breaking changes

This package is in very early stages, and only contains enough data types and functions to install very basic nftables rules. It is likely that mistakes with the data types/API will be identified as more functionality is added.

Contributions

Contributions are very welcome!