Hi, On Tue, Jun 25, 2019 at 4:45 PM Felix Kaechele <felix@xxxxxxxxxxx> wrote: > No worries. I appreciate you taking the time helping me out. > > >> this patch is giving me some trouble as it breaks deletion of conntrack > >> entries in software that doesn't set the version flag to anything else > >> but 0. > > > > I might be a bit slow, but I have some trouble understanding this > > sentence. Is what you are saying that software that sets version to > > anything but 0 breaks? > > Yeah, definitely not my best work of prose ;-) > What I was trying to say is: Any software that remains with the version > set to 0 will not work. By association, since libnetfilter_conntrack > explicitly sets the version to 0, anything that uses > libnetfilter_conntrack will be unable to delete a specific entry in the > conntrack table. Thanks, now I follow. I now see that you are talking about the deleting and not flushing. Unless anyone beats me to it, I will try to take a closer look at the problem later today. Pablos patch implements the first thing that I wanted to try (only read and use version/family when flushing), and I see that Nicolas has made some suggestions. If you could first try Pablo's patch with Nicolas' changes, that would be great as the change should revert behavior of delete back to how it was before my change. BR, Kristian
