[nft,2/2] segtree: add timeout for range and prefix expressions in sets

Message ID 20180516210351.29050-2-pablo@netfilter.org
State Under Review
Delegated to: Pablo Neira
Headers show
Series
  • [nft,1/2] segtree: missing comments in range and prefix expressions in sets
Related show

Commit Message

Pablo Neira Ayuso May 16, 2018, 9:03 p.m.
# nft add table x
 # nft add set x y { type ipv4_addr\; flags timeout,interval\; }
 # nft add element x y { 7.4.4.5-8.8.8.8 comment "good guy" timeout 30s}
 # nft list ruleset
 table ip x {
       set y {
                type ipv4_addr
                flags interval,timeout
                elements = { 7.4.4.5-8.8.8.8 timeout 30s expires 27s956ms comment "good guy" }
        }
 }

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 src/segtree.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

Patch

diff --git a/src/segtree.c b/src/segtree.c
index 7a443632ece5..28d45c920c3c 100644
--- a/src/segtree.c
+++ b/src/segtree.c
@@ -542,6 +542,8 @@  static void set_insert_interval(struct expr *set, struct seg_tree *tree,
 	if (ei->expr != NULL) {
 		if (ei->expr->comment)
 			expr->comment = xstrdup(ei->expr->comment);
+		if (ei->expr->timeout)
+			expr->timeout = ei->expr->timeout;
 		if (ei->expr->ops->type == EXPR_MAPPING)
 			expr = mapping_expr_alloc(&ei->expr->location, expr,
 						  expr_get(ei->expr->right));
@@ -831,6 +833,10 @@  void interval_map_decompose(struct expr *set)
 			tmp = set_elem_expr_alloc(&low->location, tmp);
 			if (low->comment)
 				tmp->comment = xstrdup(low->comment);
+			if (low->timeout)
+				tmp->timeout = low->timeout;
+			if (low->expiration)
+				tmp->expiration = low->expiration;
 
 			if (low->ops->type == EXPR_MAPPING)
 				tmp = mapping_expr_alloc(&tmp->location, tmp, low->right);
@@ -848,6 +854,10 @@  void interval_map_decompose(struct expr *set)
 			prefix = set_elem_expr_alloc(&low->location, prefix);
 			if (low->comment)
 				prefix->comment = xstrdup(low->comment);
+			if (low->timeout)
+				prefix->timeout = low->timeout;
+			if (low->expiration)
+				prefix->expiration = low->expiration;
 
 			if (low->ops->type == EXPR_MAPPING)
 				prefix = mapping_expr_alloc(&low->location, prefix,