]> git.ipfire.org Git - thirdparty/kernel/stable.git/commitdiff
projects / thirdparty / kernel / stable.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: faa6099)
netfilter: conntrack: table full detailed log
authorlvxiafei <lvxiafei@sensetime.com>
Thu, 22 May 2025 09:19:54 +0000 (17:19 +0800)
committerPablo Neira Ayuso <pablo@netfilter.org>
Fri, 25 Jul 2025 16:35:30 +0000 (18:35 +0200)
Add the netns field in the "nf_conntrack: table full, dropping packet"
log to help locate the specific netns when the table is full.

Signed-off-by: lvxiafei <lvxiafei@sensetime.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
net/netfilter/nf_conntrack_core.c patch | blob | blame | history

diff --git a/net/netfilter/nf_conntrack_core.c b/net/netfilter/nf_conntrack_core.c
index 2a90945aef896f6b95c5a21f92c71a0cf276a107..fbd901b3b7cee47f7864160d967e179e8ef17082 100644 (file)
--- a/net/netfilter/nf_conntrack_core.c
+++ b/net/netfilter/nf_conntrack_core.c
@@ -1673,7 +1673,11 @@ __nf_conntrack_alloc(struct net *net,
                        if (!conntrack_gc_work.early_drop)
                                conntrack_gc_work.early_drop = true;
                        atomic_dec(&cnet->count);
-                       net_warn_ratelimited("nf_conntrack: table full, dropping packet\n");
+                       if (net == &init_net)
+                               net_warn_ratelimited("nf_conntrack: table full, dropping packet\n");
+                       else
+                               net_warn_ratelimited("nf_conntrack: table full in netns %u, dropping packet\n",
+                                                    net->ns.inum);
                        return ERR_PTR(-ENOMEM);
                }
        }
Mirror https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git