conntrack-tools-1.4.5-17.el9
- conntrackd: set default hashtable buckets and max entries if not specified Resolves: rhbz#2126627
This commit is contained in:
parent
f3deedded7
commit
e87baa7117
@ -0,0 +1,38 @@
|
|||||||
|
From b304d193f869c9ac9526d88dc82f7e94a7cb8cd5 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Pablo Neira Ayuso <pablo@netfilter.org>
|
||||||
|
Date: Mon, 8 Mar 2021 16:29:25 +0100
|
||||||
|
Subject: [PATCH] conntrackd: set default hashtable buckets and max entries if
|
||||||
|
not specified
|
||||||
|
|
||||||
|
Fall back to 65536 buckets and 262144 entries.
|
||||||
|
|
||||||
|
It would be probably good to add code to autoadjust by reading
|
||||||
|
/proc/sys/net/netfilter/nf_conntrack_buckets and
|
||||||
|
/proc/sys/net/nf_conntrack_max.
|
||||||
|
|
||||||
|
Closes: https://bugzilla.netfilter.org/show_bug.cgi?id=1491
|
||||||
|
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
||||||
|
(cherry picked from commit 3276471d23d4d96d55e9a0fb7a10983d8097dc45)
|
||||||
|
---
|
||||||
|
src/read_config_yy.y | 6 ++++++
|
||||||
|
1 file changed, 6 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/src/read_config_yy.y b/src/read_config_yy.y
|
||||||
|
index d208a6a0617cf..dc67d11952901 100644
|
||||||
|
--- a/src/read_config_yy.y
|
||||||
|
+++ b/src/read_config_yy.y
|
||||||
|
@@ -1780,5 +1780,11 @@ init_config(char *filename)
|
||||||
|
NF_NETLINK_CONNTRACK_DESTROY;
|
||||||
|
}
|
||||||
|
|
||||||
|
+ /* default hashtable buckets and maximum number of entries */
|
||||||
|
+ if (!CONFIG(hashsize))
|
||||||
|
+ CONFIG(hashsize) = 65536;
|
||||||
|
+ if (!CONFIG(limit))
|
||||||
|
+ CONFIG(limit) = 262144;
|
||||||
|
+
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
--
|
||||||
|
2.38.0
|
||||||
|
|
@ -1,6 +1,6 @@
|
|||||||
Name: conntrack-tools
|
Name: conntrack-tools
|
||||||
Version: 1.4.5
|
Version: 1.4.5
|
||||||
Release: 16%{?dist}
|
Release: 17%{?dist}
|
||||||
Summary: Manipulate netfilter connection tracking table and run High Availability
|
Summary: Manipulate netfilter connection tracking table and run High Availability
|
||||||
License: GPLv2
|
License: GPLv2
|
||||||
URL: http://conntrack-tools.netfilter.org/
|
URL: http://conntrack-tools.netfilter.org/
|
||||||
@ -27,6 +27,7 @@ Patch16: 0016-connntrack-Fix-for-memleak-when-parsing-j-arg.patch
|
|||||||
Patch17: 0017-src-fix-strncpy-Wstringop-truncation-warnings.patch
|
Patch17: 0017-src-fix-strncpy-Wstringop-truncation-warnings.patch
|
||||||
Patch18: 0018-conntrack-fix-compiler-warnings.patch
|
Patch18: 0018-conntrack-fix-compiler-warnings.patch
|
||||||
Patch19: 0019-local-Avoid-sockaddr_un-sun_path-buffer-overflow.patch
|
Patch19: 0019-local-Avoid-sockaddr_un-sun_path-buffer-overflow.patch
|
||||||
|
Patch20: 0020-conntrackd-set-default-hashtable-buckets-and-max-ent.patch
|
||||||
|
|
||||||
BuildRequires: gcc
|
BuildRequires: gcc
|
||||||
BuildRequires: libnfnetlink-devel >= 1.0.1, libnetfilter_conntrack-devel >= 1.0.7
|
BuildRequires: libnfnetlink-devel >= 1.0.1, libnetfilter_conntrack-devel >= 1.0.7
|
||||||
@ -107,6 +108,9 @@ install -m 0644 %{SOURCE2} %{buildroot}%{_sysconfdir}/conntrackd/
|
|||||||
%systemd_postun conntrackd.service
|
%systemd_postun conntrackd.service
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Tue Nov 29 2022 Phil Sutter <psutter@redhat.com> - 1.4.5-17
|
||||||
|
- conntrackd: set default hashtable buckets and max entries if not specified
|
||||||
|
|
||||||
* Tue Sep 06 2022 Phil Sutter <psutter@redhat.com> - 1.4.5-16
|
* Tue Sep 06 2022 Phil Sutter <psutter@redhat.com> - 1.4.5-16
|
||||||
- local: Avoid sockaddr_un::sun_path buffer overflow
|
- local: Avoid sockaddr_un::sun_path buffer overflow
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user