Re: [PATCH V3] netfilter: netns nf_conntrack: per-netns net.netfilter.nf_conntrack_max sysctl
From: lvxiafei
Date: Wed Apr 09 2025 - 05:14:47 EST
Florian Westphal <fw@xxxxxxxxx> wrote:
> Whats the function of nf_conntrack_max?
> After this change its always 0?
nf_conntrack_max is a global (ancestor) limit, by default
nf_conntrack_max = max_factor * nf_conntrack_htable_size.
init_net.ct.sysctl_max is a parameter for each netns, and
setting it will not affect the value of nf_conntrack_max.