Applied with small nitpick.
On Thu, Oct 01, 2020 at 11:30:27AM +0200, Devin Bayer wrote:
> +# declare a set, bound to table "filter", in family "ip".
> +# Timeout and size are mandatory because we will add elements from packet
> path.
> +# Entries will timeout after one minute, after which they might be
> +# re-added if limit condition persists.
> +nft add set ip filter blackhole \
> + "{ type ipv4_addr; timeout 1m; size 65536 }"
> +
> +# declare a set to store the limit per saddr.
> +# This must be separate from blackhole since the timeout is different
> +nft add set ip filter flood \
> + "{ type ipv4_addr; flags dynamic; timeout 10s; size 128000 }"
Missing semi-colons after size.
Please, double-check that what I have applied looks correct to you.
Thanks.
