netfilter: ctnetlink: remove expired entries first - linux - Linux Kernel (branches are rebased on master from time to time)

diff options

author	Florian Westphal <fw@strlen.de>	2021-12-09 17:39:26 +0100
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2021-12-16 14:10:52 +0100
commit	76f12e632a15a20c8de3532d64a0708cf0e32f11 (patch)
tree	626ed65ee87def3d18f3cc6491eff9e600cea62e /net/netfilter/x_tables.c
parent	ebb966d3bdfed581ecccbb4a7432341baf7619b4 (diff)
download	linux-76f12e632a15a20c8de3532d64a0708cf0e32f11.tar.bz2

netfilter: ctnetlink: remove expired entries first

When dumping conntrack table to userspace via ctnetlink, check if the ct has already expired before doing any of the 'skip' checks. This expires dead entries faster. /proc handler also removes outdated entries first. Reported-by: Vitaly Zuevsky <vzuevsky@ns1.com> Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

Diffstat (limited to 'net/netfilter/x_tables.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: