From: "Remy D. Farley" <one-d-wide@protonmail.com>
To: Donald Hunter <donald.hunter@gmail.com>,
Jakub Kicinski <kuba@kernel.org>,
netdev@vger.kernel.org
Cc: Pablo Neira Ayuso <pablo@netfilter.org>,
Florian Westphal <fw@strlen.de>, Phil Sutter <phil@nwl.cc>,
netfilter-devel@vger.kernel.org, coreteam@netfilter.org,
"Remy D. Farley" <one-d-wide@protonmail.com>
Subject: [PATCH net-next v7 3/5] doc/netlink: nftables: Update attribute sets
Date: Mon, 02 Feb 2026 09:41:03 +0000 [thread overview]
Message-ID: <20260202093928.742879-4-one-d-wide@protonmail.com> (raw)
In-Reply-To: <20260202093928.742879-1-one-d-wide@protonmail.com>
New attribute sets:
- log-attrs
- numgen-attrs
- range-attrs
- compat-target-attrs
- compat-match-attrs
- compat-attrs
Added missing attributes:
- table-attrs (pad, owner)
- set-attrs (type, count)
Added missing checks:
- range-attrs
- expr-bitwise-attrs
- compat-target-attrs
- compat-match-attrs
- compat-attrs
Annotated doc comment or associated enum:
- batch-attrs
- verdict-attrs
- expr-payload-attrs
Fixed byte order:
- nft-counter-attrs
- expr-counter-attrs
- rule-compat-attrs
Reviewed-by: Donald Hunter <donald.hunter@gmail.com>
Signed-off-by: Remy D. Farley <one-d-wide@protonmail.com>
---
Documentation/netlink/specs/nftables.yaml | 206 +++++++++++++++++++++-
1 file changed, 202 insertions(+), 4 deletions(-)
diff --git a/Documentation/netlink/specs/nftables.yaml b/Documentation/netlink/specs/nftables.yaml
index f15f825cb..2ddf89c70 100644
--- a/Documentation/netlink/specs/nftables.yaml
+++ b/Documentation/netlink/specs/nftables.yaml
@@ -387,16 +387,100 @@ definitions:
attribute-sets:
-
- name: empty-attrs
+ name: log-attrs
+ doc: log expression netlink attributes
attributes:
+ # Mentioned in nft_log_init()
-
- name: name
+ name: group
+ doc: netlink group to send messages to
+ type: u16
+ byte-order: big-endian
+ -
+ name: prefix
+ doc: prefix to prepend to log messages
type: string
+ -
+ name: snaplen
+ doc: length of payload to include in netlink message
+ type: u32
+ byte-order: big-endian
+ -
+ name: qthreshold
+ doc: queue threshold
+ type: u16
+ byte-order: big-endian
+ -
+ name: level
+ doc: log level
+ type: u32
+ enum: log-level
+ byte-order: big-endian
+ -
+ name: flags
+ doc: logging flags
+ type: u32
+ enum: log-flags
+ byte-order: big-endian
+ -
+ name: numgen-attrs
+ doc: nf_tables number generator expression netlink attributes
+ attributes:
+ -
+ name: dreg
+ doc: destination register
+ type: u32
+ enum: registers
+ -
+ name: modulus
+ doc: maximum counter value
+ type: u32
+ byte-order: big-endian
+ -
+ name: type
+ doc: operation type
+ type: u32
+ byte-order: big-endian
+ enum: numgen-types
+ -
+ name: offset
+ doc: offset to be added to the counter
+ type: u32
+ byte-order: big-endian
+ -
+ name: range-attrs
+ attributes:
+ # Mentioned in net/netfilter/nft_range.c
+ -
+ name: sreg
+ doc: source register of data to compare
+ type: u32
+ byte-order: big-endian
+ enum: registers
+ -
+ name: op
+ doc: cmp operation
+ type: u32
+ byte-order: big-endian
+ enum: range-ops
+ checks:
+ max: 256
+ -
+ name: from-data
+ doc: data range from
+ type: nest
+ nested-attributes: data-attrs
+ -
+ name: to-data
+ doc: data range to
+ type: nest
+ nested-attributes: data-attrs
-
name: batch-attrs
attributes:
-
name: genid
+ doc: generation ID for this changeset
type: u32
byte-order: big-endian
-
@@ -423,10 +507,18 @@ attribute-sets:
type: u64
byte-order: big-endian
doc: numeric handle of the table
+ -
+ name: pad
+ type: pad
-
name: userdata
type: binary
doc: user data
+ -
+ name: owner
+ type: u32
+ byte-order: big-endian
+ doc: owner of this table through netlink portID
-
name: chain-attrs
attributes:
@@ -530,9 +622,11 @@ attribute-sets:
-
name: bytes
type: u64
+ byte-order: big-endian
-
name: packets
type: u64
+ byte-order: big-endian
-
name: rule-attrs
attributes:
@@ -602,15 +696,18 @@ attribute-sets:
selector: name
doc: type specific data
-
+ # Mentioned in nft_parse_compat() in net/netfilter/nft_compat.c
name: rule-compat-attrs
attributes:
-
name: proto
- type: binary
+ type: u32
+ byte-order: big-endian
doc: numeric value of the handled protocol
-
name: flags
- type: binary
+ type: u32
+ byte-order: big-endian
doc: bitmask of flags
-
name: set-attrs
@@ -699,6 +796,15 @@ attribute-sets:
type: nest
nested-attributes: set-list-attrs
doc: list of expressions
+ -
+ name: type
+ type: string
+ doc: set backend type
+ -
+ name: count
+ type: u32
+ byte-order: big-endian
+ doc: number of set elements
-
name: set-desc-attrs
attributes:
@@ -968,6 +1074,8 @@ attribute-sets:
type: u32
byte-order: big-endian
enum: bitwise-ops
+ checks:
+ max: 255
-
name: data
type: nest
@@ -1004,25 +1112,31 @@ attribute-sets:
attributes:
-
name: code
+ doc: nf_tables verdict
type: u32
byte-order: big-endian
enum: verdict-code
-
name: chain
+ doc: jump target chain name
type: string
-
name: chain-id
+ doc: jump target chain ID
type: u32
+ byte-order: big-endian
-
name: expr-counter-attrs
attributes:
-
name: bytes
type: u64
+ byte-order: big-endian
doc: Number of bytes
-
name: packets
type: u64
+ byte-order: big-endian
doc: Number of packets
-
name: pad
@@ -1107,6 +1221,25 @@ attribute-sets:
type: u32
byte-order: big-endian
enum: lookup-flags
+ -
+ name: expr-masq-attrs
+ attributes:
+ -
+ name: flags
+ type: u32
+ byte-order: big-endian
+ enum: nat-range-flags
+ enum-as-flags: true
+ -
+ name: reg-proto-min
+ type: u32
+ byte-order: big-endian
+ enum: registers
+ -
+ name: reg-proto-max
+ type: u32
+ byte-order: big-endian
+ enum: registers
-
name: expr-meta-attrs
attributes:
@@ -1158,37 +1291,49 @@ attribute-sets:
enum-as-flags: true
-
name: expr-payload-attrs
+ doc: nf_tables payload expression netlink attributes
attributes:
-
name: dreg
+ doc: destination register to load data into
type: u32
byte-order: big-endian
+ enum: registers
-
name: base
+ doc: payload base
type: u32
+ enum: payload-base
byte-order: big-endian
-
name: offset
+ doc: payload offset relative to base
type: u32
byte-order: big-endian
-
name: len
+ doc: payload length
type: u32
byte-order: big-endian
-
name: sreg
+ doc: source register to load data from
type: u32
byte-order: big-endian
+ enum: registers
-
name: csum-type
+ doc: checksum type
type: u32
byte-order: big-endian
-
name: csum-offset
+ doc: checksum offset relative to base
type: u32
byte-order: big-endian
-
name: csum-flags
+ doc: checksum flags
type: u32
byte-order: big-endian
-
@@ -1254,6 +1399,59 @@ attribute-sets:
type: u32
byte-order: big-endian
doc: id of object map
+ -
+ name: compat-target-attrs
+ header: linux/netfilter/nf_tables_compat.h
+ attributes:
+ -
+ name: name
+ type: string
+ checks:
+ max-len: 32
+ -
+ name: rev
+ type: u32
+ byte-order: big-endian
+ -
+ name: info
+ type: binary
+ -
+ name: compat-match-attrs
+ header: linux/netfilter/nf_tables_compat.h
+ attributes:
+ -
+ name: name
+ type: string
+ checks:
+ max-len: 32
+ -
+ name: rev
+ type: u32
+ byte-order: big-endian
+ checks:
+ max: 255
+ -
+ name: info
+ type: binary
+ -
+ name: compat-attrs
+ header: linux/netfilter/nf_tables_compat.h
+ attributes:
+ -
+ name: name
+ type: string
+ checks:
+ max-len: 32
+ -
+ name: rev
+ type: u32
+ byte-order: big-endian
+ checks:
+ max: 255
+ -
+ name: type
+ type: u32
+ byte-order: big-endian
sub-messages:
-
--
2.51.2
next prev parent reply other threads:[~2026-02-02 9:41 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-02-02 9:40 [PATCH net-next v7 0/5] doc/netlink: Expand nftables specification Remy D. Farley
2026-02-02 9:40 ` [PATCH net-next v7 1/5] doc/netlink: netlink-raw: Add max check Remy D. Farley
2026-02-02 9:40 ` [PATCH net-next v7 2/5] doc/netlink: nftables: Add definitions Remy D. Farley
2026-02-03 9:04 ` Donald Hunter
2026-02-02 9:41 ` Remy D. Farley [this message]
2026-02-03 3:19 ` [net-next,v7,3/5] doc/netlink: nftables: Update attribute sets Jakub Kicinski
2026-02-02 9:41 ` [PATCH net-next v7 4/5] doc/netlink: nftables: Add sub-messages Remy D. Farley
2026-02-02 9:41 ` [PATCH net-next v7 5/5] doc/netlink: nftables: Fill out operation attributes Remy D. Farley
2026-02-03 3:19 ` [net-next,v7,5/5] " Jakub Kicinski
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260202093928.742879-4-one-d-wide@protonmail.com \
--to=one-d-wide@protonmail.com \
--cc=coreteam@netfilter.org \
--cc=donald.hunter@gmail.com \
--cc=fw@strlen.de \
--cc=kuba@kernel.org \
--cc=netdev@vger.kernel.org \
--cc=netfilter-devel@vger.kernel.org \
--cc=pablo@netfilter.org \
--cc=phil@nwl.cc \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox