From 6d80e0f154920b5d26aa764459ec0450a8a12b58 Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Tue, 17 Mar 2020 14:50:38 +0100
Subject: src: support for counter in set definition

This patch allows you to turn on counter for each element in the set.

 table ip x {
	set y {
		typeof ip saddr
		counter
		elements = { 192.168.10.35, 192.168.10.101, 192.168.10.135 }
	}

	chain z {
		type filter hook output priority filter; policy accept;
		ip daddr @y
	}
 }

This example shows how to turn on counters globally in the set 'y'.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 src/mnl.c | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'src/mnl.c')

diff --git a/src/mnl.c b/src/mnl.c
index a517712c..18a73e28 100644
--- a/src/mnl.c
+++ b/src/mnl.c
@@ -1026,6 +1026,11 @@ int mnl_nft_set_add(struct netlink_ctx *ctx, struct cmd *cmd,
 			   nftnl_udata_buf_len(udbuf));
 	nftnl_udata_buf_free(udbuf);
 
+	if (set->stmt) {
+		nftnl_set_set_data(nls, NFTNL_SET_EXPR,
+				   netlink_gen_stmt_stateful(set->stmt), 0);
+	}
+
 	netlink_dump_set(nls, ctx);
 
 	nlh = nftnl_nlmsg_build_hdr(nftnl_batch_buffer(ctx->batch),
-- 
cgit v1.2.3