Hello Craig,
The answer is no. :(
I think it is something with garbage colector because if
you modify line 32 in file:
/usr/src/linux/net/ipv4/netfilter/ip_set_iptree.c
#define IPTREE_GC_TIME 5*60
to:
#define IPTREE_GC_TIME 1*60
(and recompile kernel modules)
this funny feature is available for one minute instead of 5
( after modules ip_set and ip_set_iptree are loaded
into memory )
After IPTREE_GC_TIME all is ok for some unknown period of
time, but finally this malfunction comes again.
Łukasz Nierychło
Łukasz (and Jozsef),
I am experiencing the same problem you cited below.
The funny thing is that I am almost sure that it was working for several
weeks, but now I see the exact behavior in your email.
Did you ever find a solution to this?
