port of diff-ve-printk-conntrack-tables-full from rh6-based kernels
"nf_conntrack: table full, dropping packet" message
should be visible both in CT and on HN and
should contain CTID for reading simplicity.
https://bugzilla.openvz.org/show_bug.cgi?id=2940
Signed-off-by: Vasily Averin <v...@openvz.org>
diff --git a/net/netfilter/nf_conntrack_core.c
b/net/netfilter/nf_conntrack_core.c
index 495b859..017c755 100644
--- a/net/netfilter/nf_conntrack_core.c
+++ b/net/netfilter/nf_conntrack_core.c
@@ -696,7 +696,9 @@ __nf_conntrack_alloc(struct net *net, u16 zone,
unlikely(atomic_read(&net->ct.count) > ct_max)) {
if (!early_drop(net, hash_bucket(hash, net))) {
atomic_dec(&net->ct.count);
- net_warn_ratelimited("nf_conntrack: table full,
dropping packet\n");
+ net_veboth_ratelimited(KERN_WARNING "VE%u: "
+ "nf_conntrack table full,
dropping packet\n",
+ net->owner_ve->veid);
return ERR_PTR(-ENOMEM);
}
}
diff --git a/net/netfilter/nf_conntrack_expect.c
b/net/netfilter/nf_conntrack_expect.c
index d80db92..bfa95fd 100644
--- a/net/netfilter/nf_conntrack_expect.c
+++ b/net/netfilter/nf_conntrack_expect.c
@@ -408,7 +408,9 @@ static inline int __nf_ct_expect_check(struct
nf_conntrack_expect *expect)
}
if (net->ct.expect_count >= init_net.ct.expect_max) {
- net_warn_ratelimited("nf_conntrack: expectation table full\n");
+ net_veboth_ratelimited(KERN_WARNING "VE%u "
+ "nf_conntrack: expectation table
full\n",
+ net->owner_ve->veid);
ret = -EMFILE;
}
out:
_______________________________________________
Devel mailing list
Devel@openvz.org
https://lists.openvz.org/mailman/listinfo/devel
