On Tue, Jun 25, 2019 at 04:48:59PM -0400, Felix Kaechele wrote:
> Commit f8e608982022 ("netfilter: ctnetlink: Resolve conntrack
> L3-protocol flush regression") introduced a regression in which deletion
> of conntrack entries would fail because the L3 protocol information
> is replaced by AF_UNSPEC. As a result the search for the entry to be
> deleted would turn up empty due to the tuple used to perform the search
> is now different from the tuple used to initially set up the entry.
>
> For flushing the conntrack table we do however want to keep the option
> for nfgenmsg->version to have a non-zero value to allow for newer
> user-space tools to request treatment under the new behavior. With that
> it is possible to independently flush tables for a defined L3 protocol.
> This was introduced with the enhancements in in commit 59c08c69c278
> ("netfilter: ctnetlink: Support L3 protocol-filter on flush").
>
> Older user-space tools will retain the behavior of flushing all tables
> regardless of defined L3 protocol.
Applied, thanks Felix.
