Jesper Dangaard Brouer wrote: > I have added a stats counter to prove my case, which I think we should add to the kernel (to detect the case in the future). > The DDoS attack has disappeared, so I guess I'll try to see if I can reproduce the problem in my testlab. > > > > [PATCH] net: netfilter conntrack extended with extra stat counter. > > From: Jesper Dangaard Brouer <hawk@xxxxxxx> > > I suspect an unfortunatly series of events occuring under a DDoS > attack, in function __nf_conntrack_find() nf_contrack_core.c. > > Adding a stats counter to see if the search is restarted too often. Applied, thanks Jesper. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
