<html>
<head>
<base href="https://bugzilla.netfilter.org/" />
</head>
<body>
<p>
<div>
<b><a class="bz_bug_link
bz_status_NEW "
title="NEW - Trying to delete offloaded flow with conntrack results in EBUSY"
href="https://bugzilla.netfilter.org/show_bug.cgi?id=1680#c3">Comment # 3</a>
on <a class="bz_bug_link
bz_status_NEW "
title="NEW - Trying to delete offloaded flow with conntrack results in EBUSY"
href="https://bugzilla.netfilter.org/show_bug.cgi?id=1680">bug 1680</a>
from <span class="vcard"><a class="email" href="mailto:demiobenour@gmail.com" title="Demi M. Obenour <demiobenour@gmail.com>"> <span class="fn">Demi M. Obenour</span></a>
</span></b>
<pre>(In reply to Pablo Neira Ayuso from <a href="show_bug.cgi?id=1680#c1">comment #1</a>)
<span class="quote">> There is a kernel patch to allow for this, starting 6.3
>
> commit 9b7c68b3911aef84afa4cbfc31bce20f10570d51
> Author: Paul Blakey <<a href="mailto:paulb@nvidia.com">paulb@nvidia.com</a>>
> Date: Wed Mar 22 09:35:32 2023 +0200
>
> netfilter: ctnetlink: Support offloaded conntrack entry deletion
>
> Currently, offloaded conntrack entries (flows) can only be deleted
> after they are removed from offload, which is either by timeout,
> tcp state change or tc ct rule deletion. This can cause issues for
> users wishing to manually delete or flush existing entries.
>
> Support deletion of offloaded conntrack entries.
>
> Example usage:
> # Delete all offloaded (and non offloaded) conntrack entries
> # whose source address is 1.2.3.4
> $ conntrack -D -s 1.2.3.4
> # Delete all entries
> $ conntrack -F
>
> it should be possible to cherry-pick it to earlier kernel versions.</span >
Should this patch be backported to stable releases?</pre>
</div>
</p>
<hr>
<span>You are receiving this mail because:</span>
<ul>
<li>You are watching all bug changes.</li>
</ul>
</body>
</html>