On Thu, 28 Feb 2002, Brad Chapman wrote: > I am currently writing my conntrack expiration patch for the > non-newnat version of the conntrack core. When I examined the core on > ways to properly destroy a connection entry, I found several: > > ct->ct_general->destroy() > skb->nfct->master->destroy() > destroy_conntrack() > ip_conntrack_put() > nf_conntrack_put() > > Which one of these will properly destroy a connection entry and > notify the NAT subsystem as well? (I seem to be torn between > skb->nfct->master->destroy() and destroy_conntrack())
Actually, there is no *single* function to do it :-). Look at the code in ip_conntrack_proto_tcp.c on how a connection is destroyed when a single RST is received as response. You have to make sure you could delete the timer belonging to the connection, then you call the timeout function (which will call the proper destroy function(s)). Regards, Jozsef - E-mail : [EMAIL PROTECTED], [EMAIL PROTECTED] WWW-Home: http://www.kfki.hu/~kadlec Address : KFKI Research Institute for Particle and Nuclear Physics H-1525 Budapest 114, POB. 49, Hungary
