Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote: > > It will help for SEEN_REPLY. But I don't see how it will avoid this > > patch. > > Not current time from ctnetlink, but use the ecache extension to store > the timestamp when the conntrack is allocated, ecache is already > initialized from init_conntrack() path. OK, so we do ktime_get_real() twice. I think its way worse than this proposal, but okay. I'll work on this.
