On Tue, Aug 04, 2015 at 05:56:32PM +0200, Andreas Schultz wrote: > Hi, > > Can someone confirm that the nfacct subsystem is not network namespace > aware/safe? > > From checking the code, it would appear that all nfacct targets are kept > in a global list. This would mean that unrelated namespaces can interfere > with each other. There is no netns support for nfacct yet, but it should be easy to add. Patches are welcome :) -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
