Folks, Can someone tell me why nf_conntrack_htable_size is both an exported symbol, and available in sysfs to be changed? Doing so will surely cause the system to fall over immediately since this is value is used within the hashing code in conntrack. It is /supposed/ to only be changed under a lock, or at init time when there is not a need to lock it. Perhaps we can get this unexported asap and the value replaced with a function that returns the current value instead? Same goes for the module parameter that can freely be messed around with. Thanks, Jon. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html