# Low-Level Binding Reference (`LibNftables.Bindings.Generated`)

This document describes the generated low-level .NET bindings for `libnftables`.

## Generation policy

- Source of truth: `/usr/include/nftables/libnftables.h`
- Generator: SWIG C# (`./eng/regen-bindings.sh`)
- Generated files are under `src/LibNftables.Bindings/Generated/`.
- Do not manually edit generated files. Regenerate instead.

## Primary generated types

- `libnftables`: static entrypoint for native calls and exported constants.
- `SWIGTYPE_p_nft_ctx`: opaque native context pointer wrapper.
- `nft_debug_level`: generated native debug enum.
- `nft_optimize_flags`: generated native optimize enum.

## API groups

### 1) Context lifecycle

- `nft_ctx_new(uint flags)`
- `nft_ctx_free(SWIGTYPE_p_nft_ctx ctx)`

These allocate/free the native `nft_ctx` handle.

### 2) Context behavior flags

- Dry-run:
  - `nft_ctx_get_dry_run(...)`
  - `nft_ctx_set_dry_run(...)`
- Optimize:
  - `nft_ctx_get_optimize(...)`
  - `nft_ctx_set_optimize(...)`
- Input flags:
  - `nft_ctx_input_get_flags(...)`
  - `nft_ctx_input_set_flags(...)`
- Output flags:
  - `nft_ctx_output_get_flags(...)`
  - `nft_ctx_output_set_flags(...)`
- Debug flags:
  - `nft_ctx_output_get_debug(...)`
  - `nft_ctx_output_set_debug(...)`

### 3) Buffered output/error capture

- Output buffer:
  - `nft_ctx_buffer_output(...)`
  - `nft_ctx_unbuffer_output(...)`
  - `nft_ctx_get_output_buffer(...)`
- Error buffer:
  - `nft_ctx_buffer_error(...)`
  - `nft_ctx_unbuffer_error(...)`
  - `nft_ctx_get_error_buffer(...)`

### 4) Include paths and variables

- Include paths:
  - `nft_ctx_add_include_path(...)`
  - `nft_ctx_clear_include_paths(...)`
- Variables:
  - `nft_ctx_add_var(...)`
  - `nft_ctx_clear_vars(...)`

### 5) Command execution

- `nft_run_cmd_from_buffer(...)`
- `nft_run_cmd_from_filename(...)`

These are the low-level command execution entrypoints.

## Constants exposed via generated class

`libnftables` exposes native constants as static readonly fields, including:

- `NFT_CTX_DEFAULT`
- `NFT_CTX_INPUT_*`
- `NFT_CTX_OUTPUT_*`

Use the high-level enums in `LibNftables` when possible.

## Relation to high-level API

Use low-level generated bindings only when you need direct native semantics.

For application code, prefer:

- `NftablesClient` / `INftablesClient` for workflow operations (validate/apply/snapshot/restore)
- `NftContext` for advanced managed control over native context settings