[pve-devel] [PATCH firewall] log and ignore ENOBUFS in nfct_catch
David Limbeck
d.limbeck at proxmox.com
Wed Jan 9 15:32:10 CET 2019
nfct_catch sets ENOBUFS if not enough buffer space is available. log
and continue operation instead of stopping. in addition log possible
other errors set by nfct_catch
Signed-off-by: David Limbeck <d.limbeck at proxmox.com>
---
src/pvefw-logger.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/src/pvefw-logger.c b/src/pvefw-logger.c
index 9c6fe4a..f77f56f 100644
--- a/src/pvefw-logger.c
+++ b/src/pvefw-logger.c
@@ -954,8 +954,12 @@ nfct_read_cb(GIOChannel *source,
{
int res;
if ((res = nfct_catch(nfcth)) < 0) {
- log_status_message(3, "error catching nfct");
- return FALSE;
+ if (errno == ENOBUFS) {
+ log_status_message(3, "nfct_catch returned ENOBUFS: conntrack information may be incomplete");
+ } else {
+ log_status_message(3, "error catching nfct: %s", strerror(errno));
+ return FALSE;
+ }
}
return TRUE;
}
--
2.11.0
More information about the pve-devel
mailing list