On Wed, Jun 20, 2018 at 2:32 PM, Florian Westphal <[email protected]> wrote:
Thanks for v2. It takes care of a corner case so that a duplicated entry won't be re-added in the second time. Just some nits in the commit message as below. Acked-by: Yi-Hung Wei <[email protected]> > When doing list walk, we lookup the tuple in the conntrack table. > If the lookup fails we we remove this tuple from our list because s/we we/we > the conntrack entry is gone. > The second constaint allows GC to be taken over by other s/constaint/constraint > cpu too (e.g. because a cpu was offlined or napi got moved to another > cpu). > > We can't pretend the 'doubtful' entry wasn't in our list. > Instead, when we don't find an entry indicate via IS_ERR > that entry was removed ('did not exist' or withheld > ('might-be-unconfirmed'). > > This most likely also fixes a xt_connlimit imbalance earlier reported by > Dmitry Andrianov. > > Cc: Dmitry Andrianov <[email protected]> > Reported-by: Justin Pettit <[email protected]> > Reported-by: Yi-Hung Wei <[email protected]> > Signed-off-by: Florian Westphal <[email protected]> > --- -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html
