netfilter: nft_set_hash: skip fixed hash if timeout is specified

Fixed hash supports to timeouts, so skip it. Otherwise, userspace hits
EOPNOTSUPP.

Fixes: 6c03ae210c ("netfilter: nft_set_hash: add non-resizable hashtable implementation")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
This commit is contained in:
Pablo Neira Ayuso 2018-03-05 16:07:38 +01:00
parent ce380619fa
commit 0d3601d299

View File

@ -674,7 +674,7 @@ static const struct nft_set_ops *
nft_hash_select_ops(const struct nft_ctx *ctx, const struct nft_set_desc *desc,
u32 flags)
{
if (desc->size) {
if (desc->size && !(flags & NFT_SET_TIMEOUT)) {
switch (desc->klen) {
case 4:
return &nft_hash_fast_ops;