On Fri, Dec 04, 2020 at 11:50:25AM +0100, Arturo Borrero Gonzalez wrote: > In busy firewalls that run conntrackd in NOTRACK with both internal and external caches disabled, > external_inject can get lots of traffic. In case of issues injecting or updating conntrack entries > a log entry will be generated, the infamous inject-addX, inject-updX messages. > > But there is nothing end users can do about this error message, which is purely internal. This > patch is basically cosmetic, relaxing the message from ERROR to WARNING. The information reported > is also extended a bit. The idea is to leave ERROR messages to issues that would *stop* or > *prevent* conntrackd from working at all. > > Another nice thing to do in the future is to rate-limit this message, which is generated in the > data path and can easily fill log files. But ideally, the actual root cause would be fixed, and > there would be no WARNING message reported at all, meaning that all conntrack entries are smoothly > synced between the firewalls in the cluster. We can work on that later. Also applied.
