Florian! On Fri, Jul 04, 2025 at 04:04:39PM +0200, Florian Westphal wrote: > Phil Sutter <phil@xxxxxx> wrote: > > Please keep in mind we already have 'nft list hooks' which provides > > hints in that direction. It does not show which flowtable/chain actually > > binds to a given device, though. > > Its possible to extend it: > - add NF_HOOK_OP_NFT_FT to enum nf_hook_ops_type > - add > > static int nfnl_hook_put_nft_ft_info(struct sk_buff *nlskb, > const struct nfnl_dump_hook_data *ctx, > unsigned int seq, > struct nf_flowtable *ft) > > to nfnetlink_hook.c > > it can use container_of to get to the nft_flowtable struct. > It might be possibe to share some code with nfnl_hook_put_nft_chain_info > and reuse some of the same netlink attributes. > > - call it from nfnl_hook_dump_one. > > I think it would use useful to have, independent of "eth*" support. I entirely missed the fact that 'list hooks' output sucks with flowtables only and is fine with chains! Thanks for the quick howto, I'll implement this next week. Thanks, Phil
