port of diff-ve-printk-conntrack-tables-full from rh6-based kernels "nf_conntrack: table full, dropping packet" message should be visible both in CT and on HN and should contain CTID for reading simplicity.
https://bugzilla.openvz.org/show_bug.cgi?id=2940 Signed-off-by: Vasily Averin <v...@openvz.org>
diff --git a/net/netfilter/nf_conntrack_core.c b/net/netfilter/nf_conntrack_core.c index 495b859..017c755 100644 --- a/net/netfilter/nf_conntrack_core.c +++ b/net/netfilter/nf_conntrack_core.c @@ -696,7 +696,9 @@ __nf_conntrack_alloc(struct net *net, u16 zone, unlikely(atomic_read(&net->ct.count) > ct_max)) { if (!early_drop(net, hash_bucket(hash, net))) { atomic_dec(&net->ct.count); - net_warn_ratelimited("nf_conntrack: table full, dropping packet\n"); + net_veboth_ratelimited(KERN_WARNING "VE%u: " + "nf_conntrack table full, dropping packet\n", + net->owner_ve->veid); return ERR_PTR(-ENOMEM); } } diff --git a/net/netfilter/nf_conntrack_expect.c b/net/netfilter/nf_conntrack_expect.c index d80db92..bfa95fd 100644 --- a/net/netfilter/nf_conntrack_expect.c +++ b/net/netfilter/nf_conntrack_expect.c @@ -408,7 +408,9 @@ static inline int __nf_ct_expect_check(struct nf_conntrack_expect *expect) } if (net->ct.expect_count >= init_net.ct.expect_max) { - net_warn_ratelimited("nf_conntrack: expectation table full\n"); + net_veboth_ratelimited(KERN_WARNING "VE%u " + "nf_conntrack: expectation table full\n", + net->owner_ve->veid); ret = -EMFILE; } out:
_______________________________________________ Devel mailing list Devel@openvz.org https://lists.openvz.org/mailman/listinfo/devel