[v3.2.24] ct: endless loop when initializing netfilter/ct cache
Thomas Graf
tgraf at suug.ch
Fri Nov 7 06:37:18 PST 2014
On 11/07/14 at 01:57pm, Holger Eitzenberger wrote:
> Hi Thomas,
>
> > That makes sense. Insertion through pickup became exponetionally
> > more expensive.
> >
> > The right thing to do here is to introduce a flag to disable the
> > dup check for individual caches and even cache types such as CT
> > which do not require the dup check at all.
>
> Yes, the insert is O(n^2) since introducing dup check. With
> thousands of conntracks it is currently unusable.
>
> If you want I can cook an RFC path for that.
That sounds great. Thanks!
More information about the libnl
mailing list