On 05.05.2021 21:53, Florian Westphal wrote: > Ali, sorry for coming back to this again and again. > > What do you think of this change? > > Its an incremental change on top of your patch. > > The only real change is that this will skip window check if > conntrack thinks connection is closing already. > > In addition, tcp window check is skipped in that case. > > This is supposed to expedite conntrack eviction in case of tuple reuse > by some nat/pat middlebox, or a peer that has lower timeouts than > conntrack before a port is re-used. Thanks Florian, this looks sane for me, I will give a try and report back here. -- Ali Abdallah | SUSE Linux L3 Engineer GPG fingerprint: 51A0 F4A0 C8CF C98F 842E A9A8 B945 56F8 1C85 D0D5
