ipsets: permit default timeout of 0

Allow ipsets to be created with a default timeout of 0. This permits timed entries to be added if required even though the default is 0 (indefinite) Prior to this change a default timeout value of 0 would create a set without timeout support. Fixes: FS#3977 Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
author: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk> 2021-08-14 06:54:13 +0100
committer: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk> 2021-08-14 18:27:42 +0100
commit: 40e5f6a2bd0b5406eff7e1d2d4f95bbf8f9410a4 (patch)
tree: 40f7f43931d4df343dc038ad213bd1fe83f60985
parent: a4355a6faea2c4d59c90cd52851fa9aab4ccee5c (diff)
download: firewall3-40e5f6a2bd0b5406eff7e1d2d4f95bbf8f9410a4.tar.gz
1 files changed, 2 insertions, 1 deletions
diff --git a/ipsets.c b/ipsets.c
index ba31e64..e7cde16 100644
--- a/ipsets.c
+++ b/ipsets.c
@@ -266,6 +266,7 @@ fw3_alloc_ipset(struct fw3_state *state)
 	ipset->enabled    = true;
 	ipset->family     = FW3_FAMILY_V4;
 	ipset->reload_set = false;
+	ipset->timeout    = -1; /* no timeout by default */
 
 	list_add_tail(&ipset->list, &state->ipsets);
 
@@ -395,7 +396,7 @@ create_ipset(struct fw3_ipset *ipset, struct fw3_state *state)
 		       ipset->portrange.port_min, ipset->portrange.port_max);
 	}
 
-	if (ipset->timeout > 0)
+	if (ipset->timeout >= 0)
 		fw3_pr(" timeout %u", ipset->timeout);
 
 	if (ipset->maxelem > 0)
author	Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>	2021-08-14 06:54:13 +0100
committer	Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>	2021-08-14 18:27:42 +0100
commit	40e5f6a2bd0b5406eff7e1d2d4f95bbf8f9410a4 (patch)
tree	40f7f43931d4df343dc038ad213bd1fe83f60985
parent	a4355a6faea2c4d59c90cd52851fa9aab4ccee5c (diff)
download	firewall3-40e5f6a2bd0b5406eff7e1d2d4f95bbf8f9410a4.tar.gz