From: Patrick McHardy <kaber@trash.net>
To: Douglas Diniz <dgdiniz@gmail.com>
Cc: Eric Dumazet <eric.dumazet@gmail.com>,
Afi Gjermund <afigjermund@gmail.com>,
Jan Engelhardt <jengelh@medozas.de>,
netfilter-devel@vger.kernel.org
Subject: Re: nf_conntrack_count versus '/proc/net/nf_conntrack | wc -l' count
Date: Thu, 18 Feb 2010 19:22:31 +0100 [thread overview]
Message-ID: <4B7D8567.2060301@trash.net> (raw)
In-Reply-To: <5415ae081002181012x4f7c95a4ncec563f69ae3562e@mail.gmail.com>
Douglas Diniz wrote:
> I'm facing the same problem. I'm working in a embedded system with
> kernel 2.6.20-6. When I send a ping (or any other protocol) through
> eth0 to eth1 (or vice versa) the conntrack count isn't decremented. If
> I send the ping through any other interface (eth0 to wifi, eth1 to
> wifi, wifi to eth0 and wifi to eth1) I have no problem.
> The problem seems to be only between the ethernet interfaces.
> I debug the netfilter and I saw that when the problem occurs the "use"
> variable inside conntract structure in > 1, so this variable is only
> decremented by 1, not reaching in 0, and then the destroy_conntrack
> function is not called.
>
> So I think that the problem is more low level, and some events aren't
> reaching netfilter, and the "use"variable isn't decremented properly.
>
> This could be a problem with the ethernet driver?
Yes, although you'd likely notice other effects like running
out of memory if it was leaking the packets.
next prev parent reply other threads:[~2010-02-18 18:22 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-02-15 17:27 nf_conntrack_count versus '/proc/net/nf_conntrack | wc -l' count Afi Gjermund
2010-02-15 17:29 ` Patrick McHardy
2010-02-15 17:46 ` Jan Engelhardt
2010-02-15 18:04 ` Afi Gjermund
2010-02-15 19:00 ` Jan Engelhardt
2010-02-15 19:30 ` Afi Gjermund
2010-02-15 19:45 ` Afi Gjermund
2010-02-15 20:04 ` Eric Dumazet
2010-02-15 20:33 ` Jan Engelhardt
2010-02-15 21:08 ` Afi Gjermund
2010-02-15 21:52 ` Eric Dumazet
2010-02-15 22:00 ` Afi Gjermund
2010-02-15 22:02 ` Eric Dumazet
2010-02-15 22:10 ` Afi Gjermund
2010-02-18 17:40 ` Afi Gjermund
2010-02-18 17:51 ` Eric Dumazet
2010-02-18 17:55 ` Afi Gjermund
2010-02-18 18:07 ` Eric Dumazet
2010-02-18 18:13 ` Afi Gjermund
2010-02-18 18:19 ` Patrick McHardy
2010-02-18 19:39 ` Afi Gjermund
2010-02-19 0:53 ` Afi Gjermund
2010-02-19 14:12 ` Eric Dumazet
2010-02-19 14:29 ` Patrick McHardy
2010-02-18 18:12 ` Douglas Diniz
2010-02-18 18:22 ` Patrick McHardy [this message]
2010-02-18 18:35 ` Douglas Diniz
2010-02-15 21:17 ` Eric Dumazet
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4B7D8567.2060301@trash.net \
--to=kaber@trash.net \
--cc=afigjermund@gmail.com \
--cc=dgdiniz@gmail.com \
--cc=eric.dumazet@gmail.com \
--cc=jengelh@medozas.de \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.