• Florian Westphal's avatar
    netfilter: conntrack: remove timer from ecache extension · 9500507c
    Florian Westphal authored
    This brings the (per-conntrack) ecache extension back to 24 bytes in size
    (was 152 byte on x86_64 with lockdep on).
    
    When event delivery fails, re-delivery is attempted via work queue.
    
    Redelivery is attempted at least every 0.1 seconds, but can happen
    more frequently if userspace is not congested.
    
    The nf_ct_release_dying_list() function is removed.
    With this patch, ownership of the to-be-redelivered conntracks
    (on-dying-list-with-DYING-bit not yet set) is with the work queue,
    which will release the references once event is out.
    
    Joint work with Pablo Neira Ayuso.
    Signed-off-by: default avatarFlorian Westphal <fw@strlen.de>
    Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
    9500507c
conntrack.h 2.72 KB