Hi, I plan to use netfilter conntrack events to count the number of connections which timed out without having received a reply. To make this as efficient as possible I only want to monitor destroy events. I have noticed three issues with that and wrote patches to solve them. They follow in separate mails. Please let me know what you think about them and if they could be useful for other people as well. patch1: export ct->status on all conntrack events patch2: set SEEN_REPLY before destroying a conntrack on TCP RST patch3: new status flag SEEN_RELATED Regards, Fabian -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
