On Tuesday 2009-03-17 14:11, Krzysztof Oledzki wrote: > On Tue, 17 Mar 2009, Holger Eitzenberger wrote: >> On Mon, Mar 16, 2009 at 05:56:52PM +0100, Patrick McHardy wrote: >> >>> Currently the default is set based on the old config option. >>> When unset, no acct-extend is allocated for *new* conntracks. >>> The old ones that do have an acct-extend are still displayed. >> >> I think the current implementation is unfortunate, because the >> connbytes match auto-selects CONFIG_NF_CT_ACCT, and you end up having >> the message always and can't get rid of it other than patching >> it out. > > This is not exactly true. CONFIG_NF_CT_ACCT only selects the default value, you > are still able to disable it with sysctl. The implication is that xt_connbytes will not do the right thing anymore as soon as user accounting is turned off, either by flipping the sysctl value or deactivating the kconfig option. That is not good. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
