{"id":23384324,"url":"https://github.com/nftables-rs/nftables-rs","last_synced_at":"2025-04-04T23:06:36.076Z","repository":{"id":60703284,"uuid":"527896186","full_name":"nftables-rs/nftables-rs","owner":"nftables-rs","description":"Safe abstraction for nftables JSON API (libnftables-json).","archived":false,"fork":false,"pushed_at":"2025-03-26T09:35:10.000Z","size":461,"stargazers_count":42,"open_issues_count":5,"forks_count":17,"subscribers_count":8,"default_branch":"main","last_synced_at":"2025-03-28T22:11:22.640Z","etag":null,"topics":["firewall","nft","nftables","rust"],"latest_commit_sha":null,"homepage":"https://crates.io/crates/nftables","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/nftables-rs.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE-APACHE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-08-23T08:19:21.000Z","updated_at":"2025-03-26T09:34:46.000Z","dependencies_parsed_at":"2024-02-11T17:30:52.096Z","dependency_job_id":"2459f502-d168-4377-9b19-80e1bf605f40","html_url":"https://github.com/nftables-rs/nftables-rs","commit_stats":{"total_commits":17,"total_committers":5,"mean_commits":3.4,"dds":0.3529411764705882,"last_synced_commit":"720d2c75db0d0481fe092aee72a6754ff18afcb0"},"previous_names":["nftables-rs/nftables-rs","namib-project/nftables-rs"],"tags_count":13,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nftables-rs%2Fnftables-rs","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nftables-rs%2Fnftables-rs/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nftables-rs%2Fnftables-rs/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nftables-rs%2Fnftables-rs/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/nftables-rs","download_url":"https://codeload.github.com/nftables-rs/nftables-rs/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247261599,"owners_count":20910108,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["firewall","nft","nftables","rust"],"created_at":"2024-12-21T23:07:25.185Z","updated_at":"2025-04-04T23:06:36.060Z","avatar_url":"https://github.com/nftables-rs.png","language":"Rust","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003ch1\u003e\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"README.md\"\u003e\n    \u003cimg src=\"https://avatars.githubusercontent.com/u/74997251?s=400\u0026u=72b0315c726d0b2e0a85d7da71cfc18ce8fb0d14\u0026v=4\" alt=\"Logo\" width=\"160\" height=\"160\"\u003e\n  \u003c/a\u003e\n  \u003cbr\u003enftables-rs\n\u003c/h1\u003e\n\n\u003ch3 align='center'\u003e Automate modern Linux firewalls with nftables through its declarative and imperative JSON API in Rust. \u003c/h3\u003e\n\n\u003c!-- primary badges --------------------------------------\u003e\n\u003cp align=\"center\"\u003e\n  \u003c!-- version --\u003e\n  \u003ca href=\"https://crates.io/crates/nftables\"\u003e\u003cimg src='https://img.shields.io/crates/v/nftables.svg' /\u003e\u003c/a\u003e\n  \u003c!-- downloads --\u003e\n  \u003ca href=\"https://crates.io/crates/nftables\"\u003e\u003cimg alt=\"Crates.io Total Downloads\" src=\"https://img.shields.io/crates/d/nftables\"\u003e\u003c/a\u003e\n  \u003c!-- docs.io --\u003e\n  \u003ca href=\"https://docs.rs/nftables/latest/nftables/\"\u003e\u003cimg alt=\"rs\" src=\"https://img.shields.io/badge/docs.rs-nftables-green.svg\"\u003e\u003c/a\u003e\n  \u003c!-- actions: rust --\u003e\n  \u003ca href=\"https://github.com/nftables-rs/nftables-rs/actions/workflows/rust.yml\"\u003e\u003cimg alt=\"Actions Workflow Status\" src=\"https://github.com/nftables-rs/nftables-rs/actions/workflows/rust.yml/badge.svg\"\u003e\u003c/a\u003e\n  \u003c!-- license --\u003e\n  \u003ca href=\"LICENSE-MIT\"\u003e\u003cimg alt=\"License\" src=\"https://img.shields.io/crates/l/nftables.svg\"\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003cbr/\u003e\n\n## Features 🌟\n\n- 🛡️ **Safe and Easy-to-Use Abstraction**: Provides a high-level, safe abstraction over the [nftables JSON API](https://manpages.debian.org/testing/libnftables1/libnftables-json.5.en.html), making it easier and safer to work with nftables in Rust.\n\n- 🛠️ **Comprehensive Functions**: Includes a wide range of functions to create, read, and apply nftables rulesets directly from Rust, streamlining the management of firewall rules.\n\n- 📄 **JSON Parsing and Generation**: Offers detailed parsing and generation capabilities for nftables rulesets in JSON format, enabling seamless integration and manipulation of rulesets.\n\n- 💾 **JSON Schema generation for nftables**: Allows to create and export a JSON Schema for further usage derived from the explicit Rust types.\n\n- 💡 **Inspired by nftnl-rs**: While taking inspiration from [nftnl-rs](https://github.com/mullvad/nftnl-rs), `nftables-rs` focuses on utilizing the JSON API for broader accessibility and catering to diverse use cases.\n\n## Motivation\n\n`nftables-rs` is a Rust library designed to provide a safe and easy-to-use abstraction over the nftables JSON API, known as libnftables-json.\n\nThis library is engineered for developers who need to interact with nftables, the Linux kernel's next-generation firewalling tool, directly from Rust applications.\nBy abstracting the underlying JSON API, nftables-rs facilitates the creation, manipulation, and application of firewall rulesets without requiring deep knowledge of nftables' internal workings.\n\n## Installation\n\n```toml\n[dependencies]\nnftables = \"0.5\"\n```\n\nLinux nftables v0.9.3 or newer is required at runtime: `nft --version`\n\n## Example\n\nHere are some examples that show use cases of this library.\nCheck out the `tests/` directory for more usage examples.\n\n### Apply ruleset to nftables\n\nThis example applies a ruleset that creates and deletes a table to nftables.\n\n```rust\nuse nftables::{batch::Batch, helper, schema, types};\n\n/// Applies a ruleset to nftables.\nfn test_apply_ruleset() {\n    let ruleset = example_ruleset();\n    helper::apply_ruleset(\u0026ruleset).unwrap();\n}\n\nfn example_ruleset() -\u003e schema::Nftables\u003c'static\u003e {\n    let mut batch = Batch::new();\n    batch.add(schema::NfListObject::Table(schema::Table {\n        family: types::NfFamily::IP,\n        name: \"test-table-01\".into(),\n        ..Default::default()\n    }));\n    batch.delete(schema::NfListObject::Table(schema::Table {\n        family: types::NfFamily::IP,\n        name: \"test-table-01\".into(),\n        ..Default::default()\n    }));\n    batch.to_nftables()\n}\n```\n\n### Parse/Generate nftables ruleset in JSON format\n\nThis example compares nftables' native JSON out to the JSON payload generated by this library.\n\n```rust\nfn test_chain_table_rule_inet() {\n    // nft add table inet some_inet_table\n    // nft add chain inet some_inet_table some_inet_chain '{ type filter hook forward priority 0; policy accept; }'\n    let expected: Nftables = Nftables {\n        objects: Cow::Borrowed(\u0026[\n            NfObject::CmdObject(NfCmd::Add(NfListObject::Table(Table {\n                family: NfFamily::INet,\n                name: Cow::Borrowed(\"some_inet_table\"),\n                handle: None,\n            }))),\n            NfObject::CmdObject(NfCmd::Add(NfListObject::Chain(Chain {\n                family: NfFamily::INet,\n                table: Cow::Borrowed(\"some_inet_table\"),\n                name: Cow::Borrowed(\"some_inet_chain\"),\n                newname: None,\n                handle: None,\n                _type: Some(NfChainType::Filter),\n                hook: Some(NfHook::Forward),\n                prio: None,\n                dev: None,\n                policy: Some(NfChainPolicy::Accept),\n            }))),\n        ]),\n    };\n    let json = json!({\"nftables\":[{\"add\":{\"table\":{\"family\":\"inet\",\"name\":\"some_inet_table\"}}},{\"add\":{\"chain\":{\"family\":\"inet\",\"table\":\"some_inet_table\",\"name\":\"some_inet_chain\",\"type\":\"filter\",\"hook\":\"forward\",\"policy\":\"accept\"}}}]});\n    println!(\"{}\", \u0026json);\n    let parsed: Nftables = serde_json::from_value(json).unwrap();\n    assert_eq!(expected, parsed);\n}\n```\n\n### Export JSON Schema\n\nExport a JSON Schema to a file (if no path is set it defaults to `./nftables.schema.json`).\n\n```bash\n./nftables-rs schema \u003cexport-path | './nftables.schema.json'\u003e\n```\n\n## MSRV (Minimum Supported Rust Version)\n\nThe MSRV of this crate is currently: **Rust 1.76**\n\nThe MSRV will only be increased by a minor or major release of this crate.\n\n## License\n\nLicensed under either of\n\n* Apache License, Version 2.0\n  ([LICENSE-APACHE](LICENSE-APACHE) or http://www.apache.org/licenses/LICENSE-2.0)\n* MIT license\n  ([LICENSE-MIT](LICENSE-MIT) or http://opensource.org/licenses/MIT)\n\nat your option.\n\n## Contribution\n\nUnless you explicitly state otherwise, any contribution intentionally submitted\nfor inclusion in the work by you, as defined in the Apache-2.0 license, shall be\ndual licensed as above, without any additional terms or conditions.\n\n## Maintainers\n\nThis project is currently maintained by the following developers:\n\n|       Name       |      Email Address       |                GitHub Username               |\n|:----------------:|:------------------------:|:--------------------------------------------:|\n| Jasper Wiegratz  | wiegratz@uni-bremen.de   |       [@jwhb](https://github.com/jwhb)       |\n| Jan Romann       | jan.romann@uni-bremen.de |      [@JKRhb](https://github.com/JKRhb)      |\n\nWrite access to the main branch and to crates.io is exclusively granted to the maintainers listed above.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnftables-rs%2Fnftables-rs","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnftables-rs%2Fnftables-rs","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnftables-rs%2Fnftables-rs/lists"}