d0b38630ac
Any create/update/delete operation that returns a validation or marshalling error can leave the message batch in an incomplete state due to short-circuiting. This can result in either: - Non-atomic transactions if Flush is called (incomplete batch) - Users being unable to clear the incomplete batch (no API exposed) This change ensures that errors are collected and deferred until Flush. Instead of returning immediately, the following methods now append errors to a slice checked at Flush: - AddSet - DelRule - SetAddElements See: https://github.com/google/nftables/issues/323 |
||
|---|---|---|
| .github/workflows | ||
| alignedbuff | ||
| binaryutil | ||
| expr | ||
| integration | ||
| internal | ||
| userdata | ||
| xt | ||
| CONTRIBUTING.md | ||
| LICENSE | ||
| README.md | ||
| chain.go | ||
| compat_policy.go | ||
| compat_policy_test.go | ||
| conn.go | ||
| counter.go | ||
| doc.go | ||
| flowtable.go | ||
| gen.go | ||
| go.mod | ||
| go.sum | ||
| monitor.go | ||
| monitor_test.go | ||
| nftables_test.go | ||
| obj.go | ||
| quota.go | ||
| rule.go | ||
| set.go | ||
| set_test.go | ||
| table.go | ||
| util.go | ||
| util_test.go | ||
README.md
This is not the correct repository for issues with the Linux nftables project! This repository contains a third-party Go package to programmatically interact with nftables. Find the official nftables website at https://wiki.nftables.org/
This package manipulates Linux nftables (the iptables successor). It is implemented in pure Go, i.e. does not wrap libnftnl.
This is not an official Google product.
Breaking changes
This package is in very early stages, and only contains enough data types and functions to install very basic nftables rules. It is likely that mistakes with the data types/API will be identified as more functionality is added.
Contributions
Contributions are very welcome!