Commit b987e863 authored Sep 03, 2024 by Pablo Neira Ayuso Committed by Greg Kroah-Hartman Oct 17, 2024

netfilter: nf_tables: reject element expiration with no timeout



[ Upstream commit d2dc429e ]

If element timeout is unset and set provides no default timeout, the
element expiration is silently ignored, reject this instead to let user
know this is unsupported.

Also prepare for supporting timeout that never expire, where zero
timeout and expiration must be also rejected.

Fixes: 8e1102d5 ("netfilter: nf_tables: support timeouts larger than 23 days")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>

parent 616aa287

Show whitespace changes

Inline Side-by-side

CodeLinaro @codelinaro
mentioned in commit b877b7c1
· Nov 05, 2025

mentioned in commit b877b7c1

mentioned in commit b877b7c1228a8a8f9f791443adbdc06d8972e3f2

Toggle commit list
CodeLinaro @codelinaro
mentioned in commit 43283148
· Nov 05, 2025

mentioned in commit 43283148

mentioned in commit 4328314829026b80ecbb5aa9ff83402856147c77

Toggle commit list

Please to comment