[pve-devel] [PATCH firewall] make nfct_catch non-blocking

Wolfgang Bumiller w.bumiller at proxmox.com
Thu Jan 10 13:49:02 CET 2019


On Thu, Jan 10, 2019 at 12:08:28PM +0100, David Limbeck wrote:
> nfct_catch blocks if the callback always returns NFCT_CB_CONTINUE. this
> works around the problem by setting the underlying file descriptor to
> O_NONBLOCK. this should allow the callback to run multiple times and
> catch as many events as possible before nfct_catch returns.
> 
> Signed-off-by: David Limbeck <d.limbeck at proxmox.com>
> ---
> maybe this improves the ENOBUFS situation? it should result in equal or
> more messages though as the callback is run multiple times before
> nfct_catch returns.

I wouldn't expect a change in the ENOBUFS situation but rather just more
output happening which may have previously been lost from already-read
packet parts.

@Alexandre, could you give this a try?




More information about the pve-devel mailing list