On Dec 31 2007 01:19, Patrick McHardy wrote: >> On Fri, 28 Dec 2007, Patrick McHardy wrote: >> <CUT> >> > > And my bigtime question would be: where is the other counter actually? >> > > struct xt_quota_info only has one counter! Does netfilter secretly >> > > allocate matchinfos per-cpu? >> > > >> > >> > Not secretly, but yes, the entire ruleset exists once per CPU. That >> > also seems to be the problem, at the time the master idea was thought >> > of we always dumped entries from CPU 0, today its from the current >> > CPU, but the only one that actually has correct counters is CPU 0. >> >> What happens when CPU#0 is disabled (CPU hotplug)? > > Nothing, its simply unused except for counter synchronization and > the ->master thing this thread is about. > 01:57 ccgmbh:~ # taskset 1 iptables -I OUTPUT -m quota --quota 123456 Now suppose CPU#0 was deactivated (taskset only to show what's meant). Then iptables would always show the wrong quota. - To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
