[pve-devel] applied: [PATCH firewall] log and ignore ENOBUFS in nfct_catch

Thomas Lamprecht t.lamprecht at proxmox.com
Wed Jan 9 16:52:40 CET 2019


On 1/9/19 3:32 PM, David Limbeck wrote:
> nfct_catch sets ENOBUFS if not enough buffer space is available. log
> and continue operation instead of stopping. in addition log possible
> other errors set by nfct_catch
> 
> Signed-off-by: David Limbeck <d.limbeck at proxmox.com>
> ---
>  src/pvefw-logger.c | 8 ++++++--
>  1 file changed, 6 insertions(+), 2 deletions(-)
> 
> diff --git a/src/pvefw-logger.c b/src/pvefw-logger.c
> index 9c6fe4a..f77f56f 100644
> --- a/src/pvefw-logger.c
> +++ b/src/pvefw-logger.c
> @@ -954,8 +954,12 @@ nfct_read_cb(GIOChannel *source,
>  {
>      int res;
>      if ((res = nfct_catch(nfcth)) < 0) {
> -        log_status_message(3, "error catching nfct");
> -        return FALSE;
> +        if (errno == ENOBUFS) {
> +            log_status_message(3, "nfct_catch returned ENOBUFS: conntrack information may be incomplete");
> +        } else {
> +            log_status_message(3, "error catching nfct: %s", strerror(errno));
> +            return FALSE;
> +        }
>      }
>      return TRUE;
>  }
> 

applied, thanks!




More information about the pve-devel mailing list