diff options
author | Laura Garcia Liebana <nevola@gmail.com> | 2019-06-18 12:11:02 +0300 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2019-06-19 18:48:36 +0300 |
commit | 79ebb5bb4e38a58ca796dd242b855a4982e101d7 (patch) | |
tree | 3699b34059266b749667aea4dc780db366136648 /net/netfilter/nft_dynset.c | |
parent | 2f0513d487d2619c751fd08f5b7c64e759435ff4 (diff) | |
download | linux-79ebb5bb4e38a58ca796dd242b855a4982e101d7.tar.xz |
netfilter: nf_tables: enable set expiration time for set elements
Currently, the expiration of every element in a set or map
is a read-only parameter generated at kernel side.
This change will permit to set a certain expiration date
per element that will be required, for example, during
stateful replication among several nodes.
This patch handles the NFTA_SET_ELEM_EXPIRATION in order
to configure the expiration parameter per element, or
will use the timeout in the case that the expiration
is not set.
Signed-off-by: Laura Garcia Liebana <nevola@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net/netfilter/nft_dynset.c')
-rw-r--r-- | net/netfilter/nft_dynset.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/net/netfilter/nft_dynset.c b/net/netfilter/nft_dynset.c index 8394560aa695..bfb9f7463b03 100644 --- a/net/netfilter/nft_dynset.c +++ b/net/netfilter/nft_dynset.c @@ -60,7 +60,7 @@ static void *nft_dynset_new(struct nft_set *set, const struct nft_expr *expr, elem = nft_set_elem_init(set, &priv->tmpl, ®s->data[priv->sreg_key], ®s->data[priv->sreg_data], - timeout, GFP_ATOMIC); + timeout, 0, GFP_ATOMIC); if (elem == NULL) goto err1; |