Le jeudi 30 juin 2011 à 15:26 -0700, Sam Roberts a écrit :
> On Wed, Jun 29, 2011 at 11:20 PM, Kuzin Andrey <kuzinandrey@xxxxxxxxx> wrote:
> > On 29.06.2011 14:08, Eric Dumazet wrote:
> >> But if some packets are never dequeued (because something is wrong with
> >> your program, failing to give verdict), they stay forever in the list
> >> and each dequeue is slower since it has to go past these packets...
>
> > I'am using NFQUEUE several years on our main network router, and problem
> > with packets stuck in the queue is still not resolved.
>
> Is there any way to see what the current queue is in the kernel? How
> deep, and what the IDs are?
>
check third column (queue_total) of :
# cat /proc/net/netfilter/nfnetlink_queue
0 15363 1024 2 65535 160 0 2208 1
queue_number peer_pid queue_total copy_mode copy_range queue_dropped queue_user_dropped id_sequence 1
Here my test program 'forgot' to give a verdict to 1024 packets.
So all new packets are dropped (160 so far)
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
