Pablo Neira Ayuso wrote:
> As for now, the creation and update of conntracks via ctnetlink do not
> propagate an event to userspace. This can result in inconsistent
> situations if several userspace processes modify the connection tracking
> table by means of ctnetlink at the same time. Specifically, using the
> conntrack-cli while running an instance of conntrackde unsynchronizes
> the cache of conntrackd with the kernel conntrack table. Note that
> deletions do not suffer from this problem.
> 
> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

Same problem, the previous patch rejects one chunk if you try to apply
it to current davem's tree. The one attached should be fine.

-- 
"Los honestos son inadaptados sociales" -- Les Luthiers