On Thu, Feb 27, 2025 at 01:32:34PM +0000, Jensen, Nicklas Bo wrote: > nf_conncount is supposed to skip garbage collection if it has already run garbage collection in the same jiffy. Unfortunately, this is broken when jiffies wrap around which this patch fixes. > > The problem is that last_gc in the nf_conncount_list struct is an u32, but jiffies is an unsigned long which is 8 bytes on my systems. When those two are compared it only works until last_gc wraps around. > > See bug report https://bugzilla.netfilter.org/show_bug.cgi?id=1778 for more details. Applied as: ("netfilter: nf_conncount: garbage collection is not skipped when jiffies wrap around")
