On Monday 24 November 2008 22:58:09 Patrick McHardy wrote:
> Rusty Russell wrote:
> > if (net_ratelimit())
> > printk("conntrack_ftp: partial %s %u+%u\n",
> > search[dir][i].pattern,
> > ntohl(th->seq), datalen);
>
> Its strange that FTP is apparently working since we drop those packets.
> I'm not sure about downgrading that message, its there to inform the
> user of an exceptional action (dropping of packets within conntrack).
Actually, we drop the packets *so* it will work. The idea is that they'll
coalesce and send the whole packet next time.
If not, well, they don't get any more packes through, but without connection
tracking the other connections wouldn't work anyway (if the conntrack is being
used for NAT or filtering).
IIRC wu-ftpd used to trigger this (multiple write syscalls for the ip address
and nagle sometimes hit in the middle; go figure).
Cheers,
Rusty.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
