Hi, On Tue, Apr 30, 2024 at 06:25:47PM +0300, Evgen Bendyak wrote: > In my firewall based on nftables, I use several different log > subsystem groups for packet capturing. This setup is used for a server > providing access to a large number of internet clients, with each > client in a separate VLAN. To expand the number of virtual networks, > QinQ technology is utilized. One group captures ARP packets (in > certain situations for new clients) coming from the network, for > further analysis. Another group captures DHCP packets sent by clients. > Also present groups for other various subsystems. These are not > heavily loaded groups in terms of packet volume. In the application > where this is processed, each group is handled by its own subsystem. > Each subsystem creates its own thread, where the relevant group for > that service is opened. Sometimes, after a restart, one group or > another would fail to function. It appeared as if data was coming > through the netlink socket, but when nflog_handle_packet was called, > the callback would not trigger. That's when I began investigating what > was wrong. Oh I see, this is log not queue. For some reason I considered this was the queue subsystem instead. Thanks for explaining.
