diff options
| author | Patrick McHardy <kaber@trash.net> | 2015-03-26 08:39:36 -0400 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2015-04-01 05:17:28 -0400 |
| commit | 761da2935d6e18d178582dbdf315a3a458555505 (patch) | |
| tree | b84059c3b996269b05c4a08793a6b67528a28eba /include/uapi | |
| parent | 9911674fcf1f239ff3c87e56177c4826e33dfd95 (diff) | |
netfilter: nf_tables: add set timeout API support
Add set timeout support to the netlink API. Sets with timeout support
enabled can have a default timeout value and garbage collection interval
specified.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include/uapi')
| -rw-r--r-- | include/uapi/linux/netfilter/nf_tables.h | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/include/uapi/linux/netfilter/nf_tables.h b/include/uapi/linux/netfilter/nf_tables.h index b9783931503b..971d245e7378 100644 --- a/include/uapi/linux/netfilter/nf_tables.h +++ b/include/uapi/linux/netfilter/nf_tables.h | |||
| @@ -208,12 +208,14 @@ enum nft_rule_compat_attributes { | |||
| 208 | * @NFT_SET_CONSTANT: set contents may not change while bound | 208 | * @NFT_SET_CONSTANT: set contents may not change while bound |
| 209 | * @NFT_SET_INTERVAL: set contains intervals | 209 | * @NFT_SET_INTERVAL: set contains intervals |
| 210 | * @NFT_SET_MAP: set is used as a dictionary | 210 | * @NFT_SET_MAP: set is used as a dictionary |
| 211 | * @NFT_SET_TIMEOUT: set uses timeouts | ||
| 211 | */ | 212 | */ |
| 212 | enum nft_set_flags { | 213 | enum nft_set_flags { |
| 213 | NFT_SET_ANONYMOUS = 0x1, | 214 | NFT_SET_ANONYMOUS = 0x1, |
| 214 | NFT_SET_CONSTANT = 0x2, | 215 | NFT_SET_CONSTANT = 0x2, |
| 215 | NFT_SET_INTERVAL = 0x4, | 216 | NFT_SET_INTERVAL = 0x4, |
| 216 | NFT_SET_MAP = 0x8, | 217 | NFT_SET_MAP = 0x8, |
| 218 | NFT_SET_TIMEOUT = 0x10, | ||
| 217 | }; | 219 | }; |
| 218 | 220 | ||
| 219 | /** | 221 | /** |
| @@ -252,6 +254,8 @@ enum nft_set_desc_attributes { | |||
| 252 | * @NFTA_SET_POLICY: selection policy (NLA_U32) | 254 | * @NFTA_SET_POLICY: selection policy (NLA_U32) |
| 253 | * @NFTA_SET_DESC: set description (NLA_NESTED) | 255 | * @NFTA_SET_DESC: set description (NLA_NESTED) |
| 254 | * @NFTA_SET_ID: uniquely identifies a set in a transaction (NLA_U32) | 256 | * @NFTA_SET_ID: uniquely identifies a set in a transaction (NLA_U32) |
| 257 | * @NFTA_SET_TIMEOUT: default timeout value (NLA_U64) | ||
| 258 | * @NFTA_SET_GC_INTERVAL: garbage collection interval (NLA_U32) | ||
| 255 | */ | 259 | */ |
| 256 | enum nft_set_attributes { | 260 | enum nft_set_attributes { |
| 257 | NFTA_SET_UNSPEC, | 261 | NFTA_SET_UNSPEC, |
| @@ -265,6 +269,8 @@ enum nft_set_attributes { | |||
| 265 | NFTA_SET_POLICY, | 269 | NFTA_SET_POLICY, |
| 266 | NFTA_SET_DESC, | 270 | NFTA_SET_DESC, |
| 267 | NFTA_SET_ID, | 271 | NFTA_SET_ID, |
| 272 | NFTA_SET_TIMEOUT, | ||
| 273 | NFTA_SET_GC_INTERVAL, | ||
| 268 | __NFTA_SET_MAX | 274 | __NFTA_SET_MAX |
| 269 | }; | 275 | }; |
| 270 | #define NFTA_SET_MAX (__NFTA_SET_MAX - 1) | 276 | #define NFTA_SET_MAX (__NFTA_SET_MAX - 1) |