Re: [PATCH nf v2] netfilter: conntrack: connection timeout after re-register

From: Florian Westphal
Date: Wed Oct 14 2020 - 15:35:58 EST

Next message: Michael Auchter: "[RFC PATCH 3/3] of: dynamic: add device links barrier before detach"
Previous message: Jason Andryuk: "Re: [SUSPECTED SPAM][PATCH 0/2] Remove Xen PVH dependency on PCI"
In reply to: Francesco Ruggeri: "Re: [PATCH nf v2] netfilter: conntrack: connection timeout after re-register"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Francesco Ruggeri <fruggeri@xxxxxxxxxx> wrote:
> On Wed, Oct 14, 2020 at 1:23 AM Florian Westphal <fw@xxxxxxxxx> wrote:
> >
> > Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote:
> > > Legacy would still be flawed though.
> >
> > Its fine too, new rule blob gets handled (and match/target checkentry
> > called) before old one is dismantled.
> >
> > We only have a 0 refcount + hook unregister when rules get
> > flushed/removed explicitly.
>
> Should the patch be used in the meantime while this gets
> worked out?

I think the patch is correct, and I do NOT see a better solution.

Next message: Michael Auchter: "[RFC PATCH 3/3] of: dynamic: add device links barrier before detach"
Previous message: Jason Andryuk: "Re: [SUSPECTED SPAM][PATCH 0/2] Remove Xen PVH dependency on PCI"
In reply to: Francesco Ruggeri: "Re: [PATCH nf v2] netfilter: conntrack: connection timeout after re-register"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]