From: Liping Zhang
When we do "cat /proc/net/nf_conntrack", and meanwhile resize the conntrack
hash table via /sys/module/nf_conntrack/parameters/hashsize, race will
happen, because reader can observe a newly allocated hash but the old size
(or vice versa). So oops will happen like follows:
BU
From: Liping Zhang
When user adjust the hash size via /sys/module/nf_conntrack/parameters/hashsize,
something will break because race condition happened.
This patch set aim to fix these bugs.
When we do "cat /proc/net/nf_conntrack", and at the same time do hash resize,
nf_conntrack_htable_size
From: Liping Zhang
Imagine such situation, nf_conntrack_htable_size now is 4096, we are doing
ctnl_untimeout, and iterate on 3000# bucket.
Meanwhile, another user try to reduce hash size to 2048, then all nf_conn
are removed to the new hashtable. When this hash resize operation finished,
we stil
From: Liping Zhang
Similar to ctnl_untimeout, when hash resize happened, we should try
to do unhelp from the 0# bucket again.
Signed-off-by: Liping Zhang
---
V2: no need to use nf_conntrack_generation to check hash resize happen.
net/netfilter/nf_conntrack_helper.c | 20 ++--
>Good catch, but ...
>
>> diff --git a/include/net/netfilter/nf_conntrack_core.h
>> b/include/net/netfilter/nf_conntrack_core.h
>> index 3e2f332..4f6453a 100644
>> --- a/include/net/netfilter/nf_conntrack_core.h
>> +++ b/include/net/netfilter/nf_conntrack_core.h
>> @@ -82,6 +82,7 @@ print_tuple(st
I reversed the logic. I'm also considering this thread closed. The new
thread can be found with the subject "[PATCH 1/1 rev.1] nft:
configure.ac: Replace magic dblatex dep." If anyone could direct any
further questions or comments to that thread, it would be much appreciated.
Thanks,
Nicholas V
The difference between this patch and the original one is that this
patch defaults pdf documentation generation to 'disabled' instead of
'enabled'.
Thanks,
Nicholas Vinson
On 07/02/2016 11:34 AM, Nicholas Vinson wrote:
> Add a configure switch to enable and disable PDF document generation.
> This
Add a configure switch to enable and disable PDF document generation.
This switch is to replace the current method of automatically detecting
dblatex and building the PDF documentation when present.
Signed-off-by: Nicholas Vinson
---
configure.ac | 19 +--
1 file changed, 13 inse
Liping Zhang wrote:
> From: Liping Zhang
>
> When we do "cat /proc/net/nf_conntrack", and meanwhile resize the conntrack
> hash table via /sys/module/nf_conntrack/parameters/hashsize, race will
> happen, because reader can observe a newly allocated hash but the old size
> (or vice versa). So oop
Hello,
On lør, 2016-06-25 at 15:30 +0200, Anders K. Pedersen wrote:
> With nftables 0.6 I'm getting a syntax error, when I try to use the
> feature that was introduced
> by http://git.netfilter.org/nftables/commit
> /?id=a9467e55973b10c2e8fe37525514c961580f8506 . For example:
>
> # nft filter inp
From: Liping Zhang
Imagine such situation, nf_conntrack_htable_size now is 4096, we are doing
ctnl_untimeout, and iterate on 3000# bucket.
Meanwhile, another user try to reduce hash size to 2048, then all nf_conn
are removed to the new hashtable. When this hash resize operation finished,
we stil
From: Liping Zhang
When user adjust the hash size via /sys/module/nf_conntrack/parameters/hashsize,
something will break because race condition happened.
This patch set aim to fix these bugs.
When we do "cat /proc/net/nf_conntrack", and at the same time do hash resize,
nf_conntrack_htable_size
From: Liping Zhang
When we do "cat /proc/net/nf_conntrack", and meanwhile resize the conntrack
hash table via /sys/module/nf_conntrack/parameters/hashsize, race will
happen, because reader can observe a newly allocated hash but the old size
(or vice versa). So oops will happen like follows:
BU
From: Liping Zhang
Similar to ctnl_untimeout, when hash resize happened, we should try
to do unhelp from the 0# bucket again.
Signed-off-by: Liping Zhang
---
net/netfilter/nf_conntrack_helper.c | 14 --
1 file changed, 12 insertions(+), 2 deletions(-)
diff --git a/net/netfilter/nf
Hi!
The Netfilter project presents:
libmnl 1.0.4
libmnl is a minimalistic user-space library oriented to Netlink
developers. There are a lot of common tasks in parsing, validating,
constructing of both the Netlink header and TLVs that are repetitive
and easy to get wrong. This library ai
15 matches
Mail list logo