3efc75f481
Add GetGen method to retrieve current generation ID
nftables uses generation IDs (gen IDs) for optimistic concurrency
control. This commit adds a GetGen method to expose current gen ID so
that users can retrieve it explicitly.
Typical usage:
1. Call GetGen to retrieve current gen ID.
2. Read the the current state.
3. Send the batch along with the gen ID by calling Flush.
If the state changes before the flush, the kernel will reject the
batch, preventing stale writes.
- https://wiki.nftables.org/wiki-nftables/index.php/Portal:DeveloperDocs/nftables_internals#Batched_handlers
- https://docs.kernel.org/networking/netlink_spec/nftables.html#getgen
-
|
||
|---|---|---|
| .github/workflows | ||
| alignedbuff | ||
| binaryutil | ||
| expr | ||
| integration | ||
| internal | ||
| userdata | ||
| xt | ||
| CONTRIBUTING.md | ||
| LICENSE | ||
| README.md | ||
| chain.go | ||
| compat_policy.go | ||
| compat_policy_test.go | ||
| conn.go | ||
| counter.go | ||
| doc.go | ||
| flowtable.go | ||
| gen.go | ||
| go.mod | ||
| go.sum | ||
| monitor.go | ||
| monitor_test.go | ||
| nftables_test.go | ||
| obj.go | ||
| quota.go | ||
| rule.go | ||
| set.go | ||
| set_test.go | ||
| table.go | ||
| util.go | ||
| util_test.go | ||
README.md
This is not the correct repository for issues with the Linux nftables project! This repository contains a third-party Go package to programmatically interact with nftables. Find the official nftables website at https://wiki.nftables.org/
This package manipulates Linux nftables (the iptables successor). It is implemented in pure Go, i.e. does not wrap libnftnl.
This is not an official Google product.
Breaking changes
This package is in very early stages, and only contains enough data types and functions to install very basic nftables rules. It is likely that mistakes with the data types/API will be identified as more functionality is added.
Contributions
Contributions are very welcome!