On Monday 2009-03-16 17:56, Patrick McHardy wrote: > Jan Engelhardt wrote: >> A forum made me (re)aware of >> >> Mar 15 18:20:25 wild-thing kernel: nf_conntrack version 0.5.0 (16384 buckets, >> 65536 max) >> Mar 15 18:20:25 wild-thing kernel: CONFIG_NF_CT_ACCT is deprecated and will be >> removed soon. Plase use >> Mar 15 18:20:25 wild-thing kernel: nf_conntrack.acct=1 kernel paramater, >> acct=1 nf_conntrack module option or >> Mar 15 18:20:25 wild-thing kernel: sysctl net.netfilter.nf_conntrack_acct=1 to >> enable it. >> >> which prompted me to look into this a bit in detail. I was wondering >> which functionality I would lose on not setting nf_conntrack.acct. To >> my surprise, there is no loss of functionality, as the "nf_ct_acct" >> in nf_conntrack_acct.c nor /proc/sys/net/netfilter/nf_conntrack_acct >> which is the accompanied sysctl file cause the packet or byte >> counters to disappear from `conntrack -L` or /proc/net/nf_conntrack. >> >> Should the message be removed? Should the missing check for >> nf_ct_acct be included? > > Currently the default is set based on the old config option. > When unset, no acct-extend is allocated for *new* conntracks. > The old ones that do have an acct-extend are still displayed. > Does that explain your observation? Absolutely, thanks for the clarification. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
