diff options
author | Varsha Rao <rvarsha016@gmail.com> | 2017-06-06 11:55:40 +0530 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2017-06-06 18:03:09 +0200 |
commit | 37988cf255e51efba0d81dbc43eb4f0a41e99813 (patch) | |
tree | 1f04339606a8b1dfbbbd24c52d880f9d9212e50c /src/expression.c | |
parent | 1eccbfaae7d5339a8370d0bbd0a36516dda72356 (diff) |
src: Remove expire information from list stateless ruleset.
As expires is stateful information. This patch removes expire
information from list stateless ruleset. With nft -s option, the
ruleset will be as following.
table ip firewall {
set host {
type ipv4_addr
flags timeout
elements = { 10.0.0.2 timeout 10m }
}
}
Signed-off-by: Varsha Rao <rvarsha016@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/expression.c')
-rw-r--r-- | src/expression.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/expression.c b/src/expression.c index 55dd3911..4fef8300 100644 --- a/src/expression.c +++ b/src/expression.c @@ -962,7 +962,7 @@ static void set_elem_expr_print(const struct expr *expr) printf(" timeout "); time_print(expr->timeout / 1000); } - if (expr->expiration) { + if (!stateless_output && expr->expiration) { printf(" expires "); time_print(expr->expiration / 1000); } |