On Wednesday 2010-03-17 19:48, Tim Gardner wrote: > >@@ -36,6 +37,7 @@ static void recent_help(void) > " --hitcount hits For check and update commands above.\n" > " Specifies that the match will only occur if source address seen hits times.\n" > " May be used in conjunction with the seconds option.\n" >+" --reap Remove entries that have expired. Can only be used with --seconds\n" What's going to happen if you mix a "--reap --seconds 60" rule with "--reap --seconds 3600" rule? >+/* Only allowed with --rcheck and --update */ >+#define XT_RECENT_MODIFIERS (XT_RECENT_TTL|XT_RECENT_REAP) >+ >+#define XT_RECENT_VALID_FLAGS (XT_RECENT_CHECK|XT_RECENT_SET|XT_RECENT_UPDATE|\ >+ XT_RECENT_REMOVE|XT_RECENT_TTL|XT_RECENT_REAP) >+ Since these two are only used on the kernel side, it would have made sense to put them into xt_recent.c only. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
