[pve-devel] applied: [PATCH firewall] log and ignore ENOBUFS in nfct_catch
Thomas Lamprecht
t.lamprecht at proxmox.com
Wed Jan 9 16:52:40 CET 2019
On 1/9/19 3:32 PM, David Limbeck wrote:
> nfct_catch sets ENOBUFS if not enough buffer space is available. log
> and continue operation instead of stopping. in addition log possible
> other errors set by nfct_catch
>
> Signed-off-by: David Limbeck <d.limbeck at proxmox.com>
> ---
> src/pvefw-logger.c | 8 ++++++--
> 1 file changed, 6 insertions(+), 2 deletions(-)
>
> diff --git a/src/pvefw-logger.c b/src/pvefw-logger.c
> index 9c6fe4a..f77f56f 100644
> --- a/src/pvefw-logger.c
> +++ b/src/pvefw-logger.c
> @@ -954,8 +954,12 @@ nfct_read_cb(GIOChannel *source,
> {
> int res;
> if ((res = nfct_catch(nfcth)) < 0) {
> - log_status_message(3, "error catching nfct");
> - return FALSE;
> + if (errno == ENOBUFS) {
> + log_status_message(3, "nfct_catch returned ENOBUFS: conntrack information may be incomplete");
> + } else {
> + log_status_message(3, "error catching nfct: %s", strerror(errno));
> + return FALSE;
> + }
> }
> return TRUE;
> }
>
applied, thanks!
More information about the pve-devel
mailing list