On Fri, Apr 08, 2016 at 12:19:21PM +0200, Pablo Neira Ayuso wrote: > On Thu, Apr 07, 2016 at 08:31:42PM +0200, Mart Frauenlob wrote: > > +.PP > > +The tables "dying" and "unconfirmed" are basically only useful for debugging purposes. > > +Under normal operation, it is hard to see entries in any of them. > > +There are corner cases, where it is valid to see entries in the > > +unconfirmed table: > > +1) when packets that are enqueued via nfqueue, or > > +2) when conntrackd runs in event reliable mode. BTW, I have reworded this: "The tables "dying" and "unconfirmed" are basically only useful for debugging purposes. Under normal operation, it is hard to see entries in any of them. There are corner cases, where it is valid to see entries in the unconfirmed table, eg. when packets that are enqueued via nfqueue, and the dying table, eg. when conntrackd runs in event reliable mode." Actually, you can see entries in the dying table when conntrackd reliable event mode is on, instead of the unconfirmed table. Sorry about that. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
