table ip limits {
limit foo {
limit rate 5/second
^^^^^
}
}
This behaviour is inconsistent and breaks the restoration of saved
rule-sets with "nft -f".
Fixes: c0697eabe832 ("src: add stateful object support for limit")
Signed-off-by: Pablo M. Bermudo Garay <pablombg@xxxxxxxxx>
---
src/rule.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/rule.c b/src/rule.c
index cbc40e2..bb9add0 100644
--- a/src/rule.c
+++ b/src/rule.c
@@ -1316,7 +1316,7 @@ static void obj_print_data(const struct obj *obj,
opts->nl, opts->tab, opts->tab);
switch (obj->limit.type) {
case NFT_LIMIT_PKTS:
- nft_print(octx, "limit rate %s%" PRIu64 "/%s",
+ nft_print(octx, "rate %s%" PRIu64 "/%s",
inv ? "over " : "", obj->limit.rate,
get_unit(obj->limit.unit));
if (obj->limit.burst > 0)
@@ -1326,7 +1326,7 @@ static void obj_print_data(const struct obj *obj,
case NFT_LIMIT_PKT_BYTES:
data_unit = get_rate(obj->limit.rate, &rate);
- nft_print(octx, "limit rate %s%" PRIu64 " %s/%s",
+ nft_print(octx, "rate %s%" PRIu64 " %s/%s",
inv ? "over " : "", rate, data_unit,
get_unit(obj->limit.unit));
if (obj->limit.burst > 0) {
--
2.15.1
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
