From a87f2a2227be29cc1e91f3301cec963f02aa5178 Mon Sep 17 00:00:00 2001
From: Ander Juaristi <a@juaristi.eus>
Date: Tue, 9 Jul 2019 20:03:52 +0200
Subject: netfilter: support for element deletion

This patch implements element deletion from ruleset.

Example:

	table ip set-test {
		set testset {
			type ipv4_addr;
			flags timeout;
		}

		chain outputchain {
			policy accept;
			type filter hook output priority filter;

			delete @testset { ip saddr }
		}
	}

Signed-off-by: Ander Juaristi <a@juaristi.eus>
Signed-off-by: Florian Westphal <fw@strlen.de>
---
 include/linux/netfilter/nf_tables.h | 1 +
 1 file changed, 1 insertion(+)

(limited to 'include')

diff --git a/include/linux/netfilter/nf_tables.h b/include/linux/netfilter/nf_tables.h
index 82abaa18..ec153399 100644
--- a/include/linux/netfilter/nf_tables.h
+++ b/include/linux/netfilter/nf_tables.h
@@ -636,6 +636,7 @@ enum nft_lookup_attributes {
 enum nft_dynset_ops {
 	NFT_DYNSET_OP_ADD,
 	NFT_DYNSET_OP_UPDATE,
+	NFT_DYNSET_OP_DELETE,
 };
 
 enum nft_dynset_flags {
-- 
cgit v1.2.3