On 03/17/2010 02:13 PM, Jan Engelhardt wrote:
On Wednesday 2010-03-17 19:48, Tim Gardner wrote:
@@ -36,6 +37,7 @@ static void recent_help(void)
" --hitcount hits For check and update commands above.\n"
" Specifies that the match will only occur if source address seen hits times.\n"
" May be used in conjunction with the seconds option.\n"
+" --reap Remove entries that have expired. Can only be used with --seconds\n"
What's going to happen if you mix a "--reap --seconds 60" rule with
"--reap --seconds 3600" rule?
If both rules are operating on the same '--name', then I would expect
the rule that is invoked to reap according to the '--seconds' specified
in that rule.
Mixing rules like this on the same table doesn't seem like a likely
scenario to me.
+/* Only allowed with --rcheck and --update */
+#define XT_RECENT_MODIFIERS (XT_RECENT_TTL|XT_RECENT_REAP)
+
+#define XT_RECENT_VALID_FLAGS (XT_RECENT_CHECK|XT_RECENT_SET|XT_RECENT_UPDATE|\
+ XT_RECENT_REMOVE|XT_RECENT_TTL|XT_RECENT_REAP)
+
Since these two are only used on the kernel side, it would have made
sense to put them into xt_recent.c only.
rtg
--
Tim Gardner timg@xxxxxxx www.tpi.com
OR 503-601-0234 x102 MT 406-443-5357
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
