diff options
author | Ander Juaristi <a@juaristi.eus> | 2019-07-09 20:03:52 +0200 |
---|---|---|
committer | Florian Westphal <fw@strlen.de> | 2019-08-29 11:10:47 +0200 |
commit | a87f2a2227be29cc1e91f3301cec963f02aa5178 (patch) | |
tree | 9d0b62596a2f04e4cfcae8f6b09ce15590082ec7 /include | |
parent | 03478af1bea03eafd43df94334cb001ed26145a3 (diff) |
netfilter: support for element deletion
This patch implements element deletion from ruleset.
Example:
table ip set-test {
set testset {
type ipv4_addr;
flags timeout;
}
chain outputchain {
policy accept;
type filter hook output priority filter;
delete @testset { ip saddr }
}
}
Signed-off-by: Ander Juaristi <a@juaristi.eus>
Signed-off-by: Florian Westphal <fw@strlen.de>
Diffstat (limited to 'include')
-rw-r--r-- | include/linux/netfilter/nf_tables.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/include/linux/netfilter/nf_tables.h b/include/linux/netfilter/nf_tables.h index 82abaa18..ec153399 100644 --- a/include/linux/netfilter/nf_tables.h +++ b/include/linux/netfilter/nf_tables.h @@ -636,6 +636,7 @@ enum nft_lookup_attributes { enum nft_dynset_ops { NFT_DYNSET_OP_ADD, NFT_DYNSET_OP_UPDATE, + NFT_DYNSET_OP_DELETE, }; enum nft_dynset_flags { |