[PATCH 4/4] first conntrack ID must be 1 not 2

Martin Josefsson gandalf at wlug.westbo.se
Fri Feb 17 09:45:16 CET 2006

On Fri, 17 Feb 2006, Jozsef Kadlecsik wrote:

> > > Some clever solution should only be found to spread the expectations
> > > over multiple, separatedly locked buckets...
> >
> > I've talked to Harald about this and as a start we can start by
> > allowing masks only for the source part of the tuple. That
> > means we can hash by destinations.
> That's actually fine! Now I should complete that hashtrie/hashtable
> testing I have been planning...

Great that you are testing hashtrie, it works fine in all my simple tests
but there might still be a lot of bugs in it, especially in the forced
eviction, it might not be optimal, me and rusty tried to come up with a
way to make it fair wrt the depth in the tree we are evicting at.

If you have any suggestions and/or patches, please let me know :)

Are you using the 060104 version, that's the latest version I have of the
userspace code.
I have an old untested patch against nf_conntrack as well but it needs
some rewriting of the conntrack locking in order to avoid an SMP deadlock.


More information about the netfilter-devel mailing list