diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2020-03-11 13:00:01 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2020-03-18 19:10:02 +0100 |
commit | 1fe6089ddd87ee7869d24c0f8849951220cc9b85 (patch) | |
tree | 5d46d6d74efac46d27e0605c1b50cb7ac08620db /include | |
parent | 3f3e897f429659ff6c8387245d0d4115952a6c31 (diff) |
src: support for restoring element counters
This patch allows you to restore counters in dynamic sets:
table ip test {
set test {
type ipv4_addr
size 65535
flags dynamic,timeout
timeout 30d
gc-interval 1d
elements = { 192.168.10.13 expires 19d23h52m27s576ms counter packets 51 bytes 17265 }
}
chain output {
type filter hook output priority 0;
update @test { ip saddr }
}
}
You can also add counters to elements from the control place, ie.
table ip test {
set test {
type ipv4_addr
size 65535
elements = { 192.168.2.1 counter packets 75 bytes 19043 }
}
chain output {
type filter hook output priority filter; policy accept;
ip daddr @test
}
}
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include')
-rw-r--r-- | include/netlink.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/include/netlink.h b/include/netlink.h index c2eb8949..0a5fde3c 100644 --- a/include/netlink.h +++ b/include/netlink.h @@ -113,6 +113,7 @@ extern void netlink_gen_data(const struct expr *expr, extern void netlink_gen_raw_data(const mpz_t value, enum byteorder byteorder, unsigned int len, struct nft_data_linearize *data); +extern struct nftnl_expr *netlink_gen_stmt_stateful(const struct stmt *stmt); extern struct expr *netlink_alloc_value(const struct location *loc, const struct nft_data_delinearize *nld); |