Monitoring ruleset updates
nft can display notifications of ruleset updates through:
% nft monitor
This subscribes nft to any kind of ruleset update.
You can filter out events per type of:
- object: tables, chains, rules, sets and elements.
- event: new and destroy.
The output format can be:
- plain text (ie. native nft format)
The following example shows how to follow track of rule updates only:
% nft monitor rules
In case, you only want to receive only new rules:
% nft monitor new rules
A bit more developed example
Type the following in a terminal:
term1% nft monitor
From a different terminal, if you type this:
term2% nft add table inet filter term2% nft add chain inet filter forward term2% nft add rule inet filter forward counter accept term2% nft flush table inet filter forward term2% nft flush ruleset
Then, if you go back to the term1, you'll see:
term1% nft monitor add table inet filter add chain inet filter forward add rule inet filter forward counter packets 0 bytes 0 accept delete rule inet filter forward handle 4 delete chain inet filter forward delete table inet filter