<html>
<head>
<base href="https://bugzilla.netfilter.org/" />
</head>
<body><table border="1" cellspacing="0" cellpadding="8">
<tr>
<th>Bug ID</th>
<td><a class="bz_bug_link
bz_status_NEW "
title="NEW - Sets with timeouts can be saved to a file but not reloaded"
href="https://bugzilla.netfilter.org/show_bug.cgi?id=1153">1153</a>
</td>
</tr>
<tr>
<th>Summary</th>
<td>Sets with timeouts can be saved to a file but not reloaded
</td>
</tr>
<tr>
<th>Product</th>
<td>nftables
</td>
</tr>
<tr>
<th>Version</th>
<td>unspecified
</td>
</tr>
<tr>
<th>Hardware</th>
<td>All
</td>
</tr>
<tr>
<th>OS</th>
<td>Debian GNU/Linux
</td>
</tr>
<tr>
<th>Status</th>
<td>NEW
</td>
</tr>
<tr>
<th>Severity</th>
<td>normal
</td>
</tr>
<tr>
<th>Priority</th>
<td>P5
</td>
</tr>
<tr>
<th>Component</th>
<td>nft
</td>
</tr>
<tr>
<th>Assignee</th>
<td>pablo@netfilter.org
</td>
</tr>
<tr>
<th>Reporter</th>
<td>bugzilla@piven.net
</td>
</tr></table>
<p>
<div>
<pre>I have a set defined as
set ssh_attack_hosts {
type ipv4_addr
flags timeout
}
and have an external program write entries into this set using something like
nft add element firewall ssh_attack_hosts { 10.10.10.10 timeout 1d }
This works fine and if I "nft list set firewall ssh_attack_hosts
<span class="quote">>saved.set.file", I get a file containing something like</span >
table ip firewall {
set ssh_attack_hosts {
type ipv4_addr
flags timeout
elements = { 10.10.10.10 timeout 1d expires 23h54m29s}
}
}
However, if I try to read that set back into nftables (nft -f saved.set.file),
nft complains about the existence of the "expires" information:
saved.set.file:5:56-62: Error: syntax error, unexpected string, expecting comma
or '}'
elements = { 10.10.10.10 timeout 1d expires 23h54m29s}
^^^^^^^
(The ^^^ is under "expires" if the wrapping pixies are misbehaving.)
My expectation is that the expiration time should be read and saved in the
set... is this a reasonable expectation?
(This is with nft 0.7.)
Thanks! -- Don</pre>
</div>
</p>
<hr>
<span>You are receiving this mail because:</span>
<ul>
<li>You are watching all bug changes.</li>
</ul>
</body>
</html>