On 16/10/10 19:59, Pablo Neira Ayuso wrote: > On 16/10/10 14:57, Italo Valcy wrote: >> Hi guys, >> >> Thank you Jan, Pablo, for the reply. It's like I imagined. One doubt: >> the 'id' field of nf_conntrack struct is unique? (I'd like to use it as >> index to the struct that I'll use to track the timestamps...) > > Yes, it is. Well, to be precise there have been lots of discussions in the past on the uniqueness of the conntrack ID. Some situations in which we can find two different conntracks with the same ID may occur due to race conditions in the event delivery. To avoid problems I use the original tuple and the id to identify one conntrack (part of the conntrack-tools). I suggest you to do so. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
