Element timeouts
Jump to navigation
Jump to search
The set infrastructure support establishing timeouts. A given set element which is given a timeout will be deleted from the set after the timeout expires.
Example, with per-element timeout:
% nft add table inet filter
% nft add set inet filter myset {type ipv4_addr\; flags timeout\; }
% nft add element inet filter myset {10.0.0.1 timeout 10s }
% nft list ruleset
table inet filter {
set myset {
type ipv4_addr
flags timeout
elements = { 10.0.0.1 timeout 10s expires 8s}
}
}
Among other things you can use this feature by Updating sets from the packet path.