diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2018-05-16 23:03:51 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2018-05-24 09:42:30 +0200 |
commit | be90e03dd1fa374aeaebb4de3174b97c3bd224f8 (patch) | |
tree | 227acb9ff0a95d11df5d03cc1ce7dd6d3f0a94be /src | |
parent | 0f60b462cdfe771900369719dcfcd1daca50ebae (diff) |
segtree: add timeout for range and prefix expressions in sets
# nft add table x
# nft add set x y { type ipv4_addr\; flags timeout,interval\; }
# nft add element x y { 7.4.4.5-8.8.8.8 comment "good guy" timeout 30s}
# nft list ruleset
table ip x {
set y {
type ipv4_addr
flags interval,timeout
elements = { 7.4.4.5-8.8.8.8 timeout 30s expires 27s956ms comment "good guy" }
}
}
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src')
-rw-r--r-- | src/segtree.c | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/src/segtree.c b/src/segtree.c index 7a443632..28d45c92 100644 --- a/src/segtree.c +++ b/src/segtree.c @@ -542,6 +542,8 @@ static void set_insert_interval(struct expr *set, struct seg_tree *tree, if (ei->expr != NULL) { if (ei->expr->comment) expr->comment = xstrdup(ei->expr->comment); + if (ei->expr->timeout) + expr->timeout = ei->expr->timeout; if (ei->expr->ops->type == EXPR_MAPPING) expr = mapping_expr_alloc(&ei->expr->location, expr, expr_get(ei->expr->right)); @@ -831,6 +833,10 @@ void interval_map_decompose(struct expr *set) tmp = set_elem_expr_alloc(&low->location, tmp); if (low->comment) tmp->comment = xstrdup(low->comment); + if (low->timeout) + tmp->timeout = low->timeout; + if (low->expiration) + tmp->expiration = low->expiration; if (low->ops->type == EXPR_MAPPING) tmp = mapping_expr_alloc(&tmp->location, tmp, low->right); @@ -848,6 +854,10 @@ void interval_map_decompose(struct expr *set) prefix = set_elem_expr_alloc(&low->location, prefix); if (low->comment) prefix->comment = xstrdup(low->comment); + if (low->timeout) + prefix->timeout = low->timeout; + if (low->expiration) + prefix->expiration = low->expiration; if (low->ops->type == EXPR_MAPPING) prefix = mapping_expr_alloc(&low->location, prefix, |