* network namespaces and conntrack
@ 2015-09-26 8:54 Corin Langosch
0 siblings, 0 replies; only message in thread
From: Corin Langosch @ 2015-09-26 8:54 UTC (permalink / raw)
To: netfilter
Hi guys,
do network namespaces share conntrack data structures under the hood or does each netns get its own? So is it possible
that a (malicious) program in netns1 can overflow conntrack on the host or any other netns or is it safe? Can the tables
(size, hash size, ...) be tuned individually for each netns?
Cheers
Corin
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2015-09-26 8:54 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-09-26 8:54 network namespaces and conntrack Corin Langosch
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.