Andrew Vagin <avagin@xxxxxxxxxxxxx> wrote: > > I think it would be nice if we could keep it that way. > > If everything fails we could proably intoduce a 'larval' dummy list > > similar to the one used by template conntracks? > > I'm not sure, that this is required. Could you elaborate when this can > be useful? You can dump the lists via ctnetlink. Its meant as a debugging aid in case one suspects refcnt leaks. Granted, in this situation there should be no leak since we put the newly allocated entry in the error case. > Now I see only overhead, because we need to take the nf_conntrack_lock > lock to add conntrack in a list. True. I don't have any preference, I guess I'd just do the insertion into the unconfirmed list when we know we cannot track to keep the "unhashed" bug trap in the destroy function. Pablo, any preference? -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
