From 6cb33c62c8007593d8a85aa202fa173043877135 Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Thu, 7 Aug 2008 14:53:12 +0200
Subject: cache iterators: rework cache_reset_timers

This patch adds the clause PurgeTimeout that sets the new timer
when conntrackd -t is called. This command is particularly useful
when the sysadmin triggers hand-overs between several nodes without
rebooting as it reduces the timers of the remaining entries in
the kernel. Thus, avoiding clashes between new and old entries that
may trigger INVALID packets.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 src/read_config_lex.l | 1 +
 1 file changed, 1 insertion(+)

(limited to 'src/read_config_lex.l')

diff --git a/src/read_config_lex.l b/src/read_config_lex.l
index 584a4a3..79d5b89 100644
--- a/src/read_config_lex.l
+++ b/src/read_config_lex.l
@@ -111,6 +111,7 @@ notrack		[N|n][O|o][T|t][R|r][A|a][C|c][K|k]
 "State"				{ return T_STATE; }
 "Accept"			{ return T_ACCEPT; }
 "Ignore"			{ return T_IGNORE; }
+"PurgeTimeout"			{ return T_PURGE; }
 
 {is_on}			{ return T_ON; }
 {is_off}		{ return T_OFF; }
-- 
cgit v1.2.3