Element timeouts

From nftables wiki
Revision as of 08:20, 28 October 2016 by Arturo (talk | contribs) (Create page with a very basic syntax reference to element timeouts.)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

The set infrastructure support establishing timeouts. A given set element which is given a timeout will be deleted from the set after the timeout expires.

Example, with per-element timeout:

% nft add table inet filter
% nft add set inet filter myset {type ipv4_addr\; flags timeout\; }
% nft add element inet filter myset {10.0.0.1 timeout 10s }
% nft list ruleset
table inet filter {
	set myset {
		type ipv4_addr
		flags timeout
		elements = { 10.0.0.1 timeout 10s expires 8s}
	}
}