# RESTful HTTP API for nftables sets

Early work in progress.

Configuration contains hashed tokens, which can in the future be used to authorize modifications for a list of nftables sets:

```
tokensets:
  $2y$05$ZifkrfFg2XZU2ds7Lrcl9usJVyxHro9Ezjo84OMpsBSau4pEu42eS:
    - SomeSet
```

Generate token hashes using any bcrypt hashing tool, `htpasswd` from the `apache-utils` suite works well:

```
$ htpasswd -Bn x
```

Ignore the username part.

### TODO

- Expanding to further nftables functionality. For this, the ACL configuration should be reworked to operate on API paths (for example `/set/foo`) instead of set names to make it useful for paths other than sets.
- Improve logging, introduce a debug flag.
- Add tests (which may need to be run in a privileged container to simulate nftables).