Re: [PATCH nf v2] netfilter: conntrack: connection timeout after re-register

From: Francesco Ruggeri
Date: Fri Oct 09 2020 - 16:02:50 EST


On Fri, Oct 9, 2020 at 12:49 PM Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxx> wrote:
> What is the rationale behind "remove the conntrack hooks when there are no
> rule left referring to conntrack"? Performance optimization?

That seems to be the case. See commit 4d3a57f23dec ("netfilter: conntrack:
do not enable connection tracking unless needed").

Francesco