[Bug 820] Quotas not limiting the exact specified limit
bugzilla-daemon at netfilter.org
bugzilla-daemon at netfilter.org
Mon Jul 1 22:37:41 CEST 2013
https://bugzilla.netfilter.org/show_bug.cgi?id=820
Phil Oester <netfilter at linuxace.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|ASSIGNED |RESOLVED
Resolution| |WONTFIX
Severity|critical |normal
--- Comment #8 from Phil Oester <netfilter at linuxace.com> 2013-07-01 22:37:38 CEST ---
I see the difference - you are using an old kernel, which does not have this
patch:
commit 49daf6a22622d4e1619aeaad5f9f0472bf89daff
Author: Changli Gao <xiaosuo at gmail.com>
Date: Fri Jul 23 14:07:47 2010 +0200
xt_quota: report initial quota value instead of current value to userspace
We should copy the initial value to userspace for iptables-save and
to allow removal of specific quota rules.
So on newer kernels, you will always see the same quota value everytime you run
iptables -L. Perhaps you should upgrade?
Regardless, as previously stated, the per-cpu nature of iptables rulesets mean
you should always use the same CPU (via taskset) if you wish to see the packet
counters increasing as they should.
Closing this bug - nothing can be done unfortunately.
--
Configure bugmail: https://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.
More information about the netfilter-buglog
mailing list