From 87908ff7a12c969ca21338ab7ed27ed93a9b09c3 Mon Sep 17 00:00:00 2001
From: Patrick McHardy <kaber@trash.net>
Date: Sat, 11 Apr 2015 14:54:19 +0100
Subject: datatype: fix parsing of time type

Properly detect time strings in the lexer without quotation marks.

Signed-off-by: Patrick McHardy <kaber@trash.net>
---
 src/scanner.l | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'src/scanner.l')

diff --git a/src/scanner.l b/src/scanner.l
index 73c4f8b1..27d95bfc 100644
--- a/src/scanner.l
+++ b/src/scanner.l
@@ -117,6 +117,8 @@ quotedstring	\"[^"]*\"
 comment		#.*$
 slash		\/
 
+timestring	([0-9]+d)?([0-9]+h)?([0-9]+m)?([0-9]+s)?
+
 hex4		([[:xdigit:]]{1,4})
 v680		(({hex4}:){7}{hex4})
 v670		((:)((:{hex4}){7}))
@@ -457,6 +459,11 @@ addrstring	({macaddr}|{ip4addr}|{ip6addr})
 				return STRING;
 			}
 
+{timestring}		{
+				yylval->string = xstrdup(yytext);
+				return STRING;
+			}
+
 {decstring}		{
 				errno = 0;
 				yylval->val = strtoull(yytext, NULL, 0);
-- 
cgit v1.2.3


From 38a077f7af8a2151b565e3cb324901b48afd299e Mon Sep 17 00:00:00 2001
From: Patrick McHardy <kaber@trash.net>
Date: Mon, 23 Mar 2015 21:34:57 +0000
Subject: set: add timeout support for sets

Timeout support can be enabled in one of two ways:

1. Using a default timeout value:

set test {
	type ipv4_addr;
	timeout 1h;
}

2. Using the timeout flag without a default:

set test {
	type ipv4_addr;
	flags timeout;
}

Optionally a garbage collection interval can be specified using

gc-interval <interval>;

Signed-off-by: Patrick McHardy <kaber@trash.net>
---
 src/scanner.l | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'src/scanner.l')

diff --git a/src/scanner.l b/src/scanner.l
index 27d95bfc..4231d270 100644
--- a/src/scanner.l
+++ b/src/scanner.l
@@ -271,6 +271,8 @@ addrstring	({macaddr}|{ip4addr}|{ip6addr})
 
 "constant"		{ return CONSTANT; }
 "interval"		{ return INTERVAL; }
+"timeout"		{ return TIMEOUT; }
+"gc-interval"		{ return GC_INTERVAL; }
 "elements"		{ return ELEMENTS; }
 
 "policy"		{ return POLICY; }
-- 
cgit v1.2.3


From a9467e55973b10c2e8fe37525514c961580f8506 Mon Sep 17 00:00:00 2001
From: Patrick McHardy <kaber@trash.net>
Date: Thu, 19 Mar 2015 13:34:18 +0000
Subject: nftables: add set statemet

The set statement is used to dynamically add or update elements in a set.

Syntax:

# nft filter input set add tcp dport @myset
# nft filter input set add ip saddr timeout 10s @myset
# nft filter input set update ip saddr timeout 10s @myset

Signed-off-by: Patrick McHardy <kaber@trash.net>
---
 src/scanner.l | 1 +
 1 file changed, 1 insertion(+)

(limited to 'src/scanner.l')

diff --git a/src/scanner.l b/src/scanner.l
index 4231d270..985ea2a3 100644
--- a/src/scanner.l
+++ b/src/scanner.l
@@ -257,6 +257,7 @@ addrstring	({macaddr}|{ip4addr}|{ip6addr})
 "inet"			{ return INET; }
 
 "add"			{ return ADD; }
+"update"		{ return UPDATE; }
 "create"		{ return CREATE; }
 "insert"		{ return INSERT; }
 "delete"		{ return DELETE; }
-- 
cgit v1.2.3