From: Pablo Neira <pablo@eurodev.net>
To: Amin Azez <azez@ufomechanic.net>
Cc: netfilter-devel@lists.netfilter.org
Subject: Re: missing conntrack protocol on updates
Date: Sun, 05 Jun 2005 01:07:53 +0200 [thread overview]
Message-ID: <42A23449.5020708@eurodev.net> (raw)
In-Reply-To: <42A033E9.3020907@ufomechanic.net>
Hi Amin,
Amin Azez wrote:
> Of course as I am using a custom conntrack kernel module which also
> dumps out the mac addresses the fault could be here, I wondered if you
> would leave that grep running for a while to see if the fault is a
> general one?
>
> [UPDATE] src=192.168.0.252 dst=192.168.0.233 sport=80 dport=2118
> src=192.168.0.233 dst=192.168.0.252 sport=2118 dport=80 timeout=432000
> orig_packets=1 orig_bytes=52 reply_packets=1 reply_bytes=52
> src_mac=00:09:5b:bb:d2:aa dst_mac=00:01:02:12:c6:3a
> [UPDATE] src=192.168.0.252 dst=192.168.0.233 sport=80 dport=2128
> src=192.168.0.233 dst=192.168.0.252 sport=2128 dport=80 timeout=432000
> orig_packets=1 orig_bytes=52 reply_packets=1 reply_bytes=52
> src_mac=00:09:5b:bb:d2:aa dst_mac=00:01:02:12:c6:3a
> [UPDATE] src=192.168.0.252 dst=192.168.0.233 sport=80 dport=2133
> src=192.168.0.233 dst=192.168.0.252 sport=2133 dport=80 timeout=432000
> orig_packets=1 orig_bytes=52 reply_packets=1 reply_bytes=52
> src_mac=00:09:5b:bb:d2:aa dst_mac=00:01:02:12:c6:3a
> [UPDATE] src=192.168.0.252 dst=192.168.0.233 sport=80 dport=2134
> src=192.168.0.233 dst=192.168.0.252 sport=2134 dport=80 timeout=432000
> orig_packets=1 orig_bytes=52 reply_packets=1 reply_bytes=52
> src_mac=00:09:5b:bb:d2:aa dst_mac=00:01:02:12:c6:3a
This seems related to you hack. All those update messages tell me that
you are sending a netlink event message for every IPCT_PROTINFO_VOLATILE
event, aren't you? Maybe you're doing something similar, I'd need to see
the code anyway.
If my guess is correct, such loss of messages is related to the nature
of the netlink sockets. Netlink is a unreliable protocol. Under *heavy*
loads and if the messages are sent from interrupt context it will be
likely to drop messages for spamming events.
--
Pablo
next prev parent reply other threads:[~2005-06-04 23:07 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-06-03 10:41 missing conntrack protocol on updates Amin Azez
2005-06-04 23:07 ` Pablo Neira [this message]
2005-06-13 15:09 ` Amin Azez
2005-06-14 2:30 ` Pablo Neira
2005-06-14 9:37 ` Amin Azez
2005-06-16 16:11 ` solved " Amin Azez
2005-06-18 19:41 ` Pablo Neira
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=42A23449.5020708@eurodev.net \
--to=pablo@eurodev.net \
--cc=azez@ufomechanic.net \
--cc=netfilter-devel@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.