Le lundi 15 février 2010 à 21:33 +0100, Jan Engelhardt a écrit : > On Monday 2010-02-15 21:04, Eric Dumazet wrote: > >Le lundi 15 février 2010 à 11:30 -0800, Afi Gjermund a écrit : > >> root@titan ~# ./conntrack -L conntrack > >> udp 17 179 src=0.0.0.0 dst=0.0.0.0 sport=0 dport=0 packets=89099 > >> bytes=12968758 src=0.0.0.0 dst=0.0.0.0 sport=0 dport=0 packets=110358 > >> bytes=17041625 [ASSURED] mark=0 use=1 > >> udp 17 179 src=0.0.0.0 dst=0.0.0.0 sport=0 dport=0 packets=87867 > >> bytes=12816098 src=0.0.0.0 dst=0.0.0.0 sport=0 dport=0 packets=107497 > >> bytes=16573614 [ASSURED] mark=0 use=1 > >> conntrack v0.9.14 (conntrack-tools): 2 flow entries have been shown. > >> > > > >This looks strange... > > Could it be that there are ct entries in other namespaces that > conntrack -L and /proc/net/nf_conntrack does not show, > but which nf_conntrack_count counts? > If the procfs files are netns safe at all.. Well, its an embedded platform, I doubt it is namespace enabled :) (and kernel version is 2.6.26.5, not yet namespace ready for conntrack) -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
