why is nf_conntrack_htable_size exported?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Folks,

Can someone tell me why nf_conntrack_htable_size is both an exported
symbol, and available in sysfs to be changed? Doing so will surely cause
the system to fall over immediately since this is value is used within
the hashing code in conntrack. It is /supposed/ to only be changed under
a lock, or at init time when there is not a need to lock it.

Perhaps we can get this unexported asap and the value replaced with a
function that returns the current value instead? Same goes for the
module parameter that can freely be messed around with.

Thanks,

Jon.


--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[Index of Archives]     [Netfitler Users]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux