On 25 April 2017 at 15:18, Pablo Neira Ayuso <[email protected]> wrote: >> >> Yes. The timer based approach is... timer based (async). >> >> It doesn't fit in an environment where you need to sync events as soon >> as they happen. > > IIRC the timer based works like this: > > 1) If event occurs, sync message is send. > 2) After some time, we send a message to tell the other peer the entry > is still there. > 3) If no message is received, then the entry expires. >
the ALARM mode requires to commit the external cache instead of the conns being directly injected into the kernel. I think the new RequestResync method (or whatever other alternative) provides a good tradeoff between methods and increases general usefulness of conntrackd. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html
