Hi, The connection tracking system stores one hash tuple of layer 3/4 information for each packet's original direction, and one for the reply direction. The are embedded in the conntrack struct which stores the actual connection state. I'm curious why this is. Is it so connection state can be looked up with only partial information, e.g. only the reply direction information? If that's true, then in which cases do we only have partial information? My assumption would be that information on both direction would be available in the packet. I'm also curious why these hash tuples are stored in a doubly linked list, rather than a singly linked list. Is it just for more efficient deletion? Thank you, Will -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
