Hi guys, do network namespaces share conntrack data structures under the hood or does each netns get its own? So is it possible that a (malicious) program in netns1 can overflow conntrack on the host or any other netns or is it safe? Can the tables (size, hash size, ...) be tuned individually for each netns? Cheers Corin -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
