diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2008-06-02 01:37:24 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2008-06-02 01:37:24 +0200 |
commit | 66c0ebb31d976b5d1b0b8ab7242918165927ca32 (patch) | |
tree | 9fb1276b062fb15fffa80db14ce3c15a0c4aa6bc /ulogd.init | |
parent | f72bf0ed59d14270d7b820626f9c7a7c67f40c00 (diff) |
improve netlink overrun handling of NFCT
This patch improves the overrun handling. The logic behind this patch
consists of two steps:
1) duplicate the netlink buffer size if the size does not goes after the
upper boundary.
2) scheduling a resynchronization (in two seconds) with the kernel conntrack
table if we hit ENOBUFS. During the resynchronization, the NFCT plugin dumps
the current table and purges the objects that do not exist anymore.
This patch also introduces two new clauses, the netlink_socket_buffer_size
and netlink_socket_buffer_maxsize that set the size of the netlink socket
buffer.
Diffstat (limited to 'ulogd.init')
0 files changed, 0 insertions, 0 deletions