On Wed, Mar 11, 2020 at 08:52:01PM +0100, Florian Westphal wrote:
> since commit b884fa46177659 ("netfilter: conntrack: unify sysctl handling")
> conntrack no longer exposes most of its sysctls (e.g. tcp timeouts
> settings) to network namespaces that are not owned by the initial user
> namespace.
>
> This patch exposes all sysctls even if the namespace is unpriviliged.
Applied, thanks.
