On 10 May 2017 at 12:55, Phil Sutter <[email protected]> wrote: > This adds support for printing the process ID and name for changes which > 'nft monitor' reports: > > | nft -a -p monitor > | add chain ip t2 bla3 # pid 11616 (nft) > > If '-n' was given in addition to '-p', parsing the process name from > /proc/<pid>/cmdline is suppressed. > > Signed-off-by: Phil Sutter <[email protected]> > Cc: Florian Westphal <[email protected]> > --- > include/nftables.h | 1 + > src/main.c | 12 ++++++++++- > src/netlink.c | 60 > +++++++++++++++++++++++++++++++++++++++++++++++++----- > src/rule.c | 2 -- > 4 files changed, 67 insertions(+), 8 deletions(-) >
If you are about to parse the textual nft output anyway, (which doesn't seems like a good idea BTW), why you don't simply add a rule comment?: % nft add rule inet filter input counter comment "added by my app" -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html
