rpms/conntrack-tools
5
0
Fork 0
Code Issues Pull Requests Releases Activity

import conntrack-tools-1.4.4-11.el8

Browse Source
This commit is contained in:
CentOS Sources 2023-03-28 08:29:29 +00:00 committed by root
parent 5b84f8b989
commit 60ac84dde1
2 changed files with 44 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
SOURCES/0005-conntrackd-set-default-hashtable-buckets-and-max-ent.patch Normal file
View File

@ -0,0 +1,38 @@
From c63bdecd96375309d32239c7a83d985ac51704c5 Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Mon, 8 Mar 2021 16:29:25 +0100
Subject: [PATCH] conntrackd: set default hashtable buckets and max entries if
not specified
Fall back to 65536 buckets and 262144 entries.
It would be probably good to add code to autoadjust by reading
/proc/sys/net/netfilter/nf_conntrack_buckets and
/proc/sys/net/nf_conntrack_max.
Closes: https://bugzilla.netfilter.org/show_bug.cgi?id=1491
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
(cherry picked from commit 3276471d23d4d96d55e9a0fb7a10983d8097dc45)
---
src/read_config_yy.y | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/src/read_config_yy.y b/src/read_config_yy.y
index cc0eb183bde34..7f6dae821e5a2 100644
--- a/src/read_config_yy.y
+++ b/src/read_config_yy.y
@@ -1924,5 +1924,11 @@ init_config(char *filename)
NF_NETLINK_CONNTRACK_DESTROY;
}
+ /* default hashtable buckets and maximum number of entries */
+ if (!CONFIG(hashsize))
+ CONFIG(hashsize) = 65536;
+ if (!CONFIG(limit))
+ CONFIG(limit) = 262144;
+
return 0;
}
--
2.38.0

7
SPECS/conntrack-tools.spec
View File

@ -1,6 +1,6 @@
Name: conntrack-tools Name: conntrack-tools
Version: 1.4.4 Version: 1.4.4
Release: 10%{?dist} Release: 11%{?dist}
Summary: Manipulate netfilter connection tracking table and run High Availability Summary: Manipulate netfilter connection tracking table and run High Availability
Group: System Environment/Base Group: System Environment/Base
License: GPLv2 License: GPLv2
@ -13,6 +13,7 @@ Patch1: conntrack-tools-1.4.4-nat_tuple-leak.patch
Patch2: conntrack-tools-1.4.4-free-pktb-after-use.patch Patch2: conntrack-tools-1.4.4-free-pktb-after-use.patch
Patch3: conntrack-Fix-CIDR-to-mask-conversion-on-Big-Endian.patch Patch3: conntrack-Fix-CIDR-to-mask-conversion-on-Big-Endian.patch
Patch4: nfct-helper-Fix-NFCTH_ATTR_PROTO_L4NUM-size.patch Patch4: nfct-helper-Fix-NFCTH_ATTR_PROTO_L4NUM-size.patch
Patch5: 0005-conntrackd-set-default-hashtable-buckets-and-max-ent.patch
BuildRequires: libnfnetlink-devel >= 1.0.1, libnetfilter_conntrack-devel >= 1.0.6 BuildRequires: libnfnetlink-devel >= 1.0.1, libnetfilter_conntrack-devel >= 1.0.6
BuildRequires: libnetfilter_cttimeout-devel >= 1.0.0, libnetfilter_cthelper-devel >= 1.0.0 BuildRequires: libnetfilter_cttimeout-devel >= 1.0.0, libnetfilter_cthelper-devel >= 1.0.0
@ -51,6 +52,7 @@ show an event message (one line) per newly established connection.
%patch2 -p1 %patch2 -p1
%patch3 -p1 %patch3 -p1
%patch4 -p1 %patch4 -p1
%patch5 -p1
%build %build
export LDFLAGS="${LDFLAGS} -Wl,-z,lazy" export LDFLAGS="${LDFLAGS} -Wl,-z,lazy"
@ -93,6 +95,9 @@ install -m 0644 %{SOURCE2} %{buildroot}%{_sysconfdir}/conntrackd/
%systemd_postun conntrackd.service %systemd_postun conntrackd.service
%changelog %changelog
* Fri Nov 04 2022 Phil Sutter <psutter@redhat.com> - 1.4.4-11
- conntrackd: set default hashtable buckets and max entries if not specified
* Mon Nov 18 2019 Phil Sutter <psutter@redhat.com> - 1.4.4-10 * Mon Nov 18 2019 Phil Sutter <psutter@redhat.com> - 1.4.4-10
- Fix issues on Big Endian (rhbz#1750744) - Fix issues on Big Endian (rhbz#1750744)