[Bug 1680] New: Trying to delete offloaded flow with conntrack results in EBUSY

Tue May 16 02:00:47 CEST 2023

https://bugzilla.netfilter.org/show_bug.cgi?id=1680

            Bug ID: 1680
           Summary: Trying to delete offloaded flow with conntrack results
                    in EBUSY
           Product: nftables
           Version: unspecified
          Hardware: All
                OS: other
            Status: NEW
          Severity: major
          Priority: P5
         Component: kernel
          Assignee: pablo at netfilter.org
          Reporter: demiobenour at gmail.com

If I am using a flowtable to accelerate forwarding and try to use conntrack to
delete the offloaded flows, conntrack fails with EBUSY.  This is a problem if
the purpose of deleting the flows is to enforce changed firewall rules.

This was found while investigating
https://github.com/QubesOS/qubes-issues/issues/8212 (found by Marek
Marczykowski-Górecki).

-- 
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20230516/327163a3/attachment.html>