Re: [PATCH nf v2] netfilter: conntrack: connection timeout after re-register
From: Francesco Ruggeri
Date: Wed Oct 14 2020 - 14:43:08 EST
On Wed, Oct 14, 2020 at 1:23 AM Florian Westphal <fw@xxxxxxxxx> wrote:
>
> Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote:
> > Legacy would still be flawed though.
>
> Its fine too, new rule blob gets handled (and match/target checkentry
> called) before old one is dismantled.
>
> We only have a 0 refcount + hook unregister when rules get
> flushed/removed explicitly.
Should the patch be used in the meantime while this gets
worked out?
Francesco