From 3ed5e31f4a323d7f054b6120d05134195dc681f0 Mon Sep 17 00:00:00 2001
From: Patrick McHardy <kaber@trash.net>
Date: Wed, 27 Apr 2016 12:29:50 +0100
Subject: src: add flow statement

The flow statement allows to instantiate per flow statements for user
defined flows. This can so far be used for per flow accounting or limiting,
similar to what the iptables hashlimit provides. Flows can be aged using
the timeout option.

Examples:

 # nft filter input flow ip saddr . tcp dport limit rate 10/second
 # nft filter input flow table acct iif . ip saddr timeout 60s counter

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 include/expression.h | 1 +
 1 file changed, 1 insertion(+)

(limited to 'include/expression.h')

diff --git a/include/expression.h b/include/expression.h
index fc184106..6e5e835e 100644
--- a/include/expression.h
+++ b/include/expression.h
@@ -237,6 +237,7 @@ struct expr {
 			uint64_t		timeout;
 			uint64_t		expiration;
 			const char		*comment;
+			struct stmt		*stmt;
 		};
 		struct {
 			/* EXPR_UNARY */
-- 
cgit v1.2.3