[Devel] [PATCH RHEL COMMIT] ve/netfilter: ve_printk for "nf_conntrack: table full"
Konstantin Khorenko
khorenko at virtuozzo.com
Fri Oct 1 18:26:31 MSK 2021
The commit is pushed to "branch-rh9-5.14.vz9.1.x-ovz" and will appear at https://src.openvz.org/scm/ovz/vzkernel.git
after ark-5.14
------>
commit db13916ca2f9ae207c09dc9a2a5d492c24cf31ce
Author: Vasily Averin <vvs at odin.com>
Date: Mon May 18 12:29:57 2015 +0400
ve/netfilter: ve_printk for "nf_conntrack: table full"
port of diff-ve-printk-conntrack-tables-full from rh6-based kernels
"nf_conntrack: table full, dropping packet" message
should be visible both in CT and on HN and
should contain CTID for reading simplicity.
https://bugzilla.openvz.org/show_bug.cgi?id=2940
Signed-off-by: Vasily Averin <vvs at openvz.org>
(cherry picked from vz8 commit f365fd69413efb39ae1362e59f8539c65c6f8457)
Signed-off-by: Konstantin Khorenko <khorenko at virtuozzo.com>
---
net/netfilter/nf_conntrack_core.c | 6 +++++-
net/netfilter/nf_conntrack_expect.c | 6 +++++-
2 files changed, 10 insertions(+), 2 deletions(-)
diff --git a/net/netfilter/nf_conntrack_core.c b/net/netfilter/nf_conntrack_core.c
index d31dbccbe7bd..68209532f0be 100644
--- a/net/netfilter/nf_conntrack_core.c
+++ b/net/netfilter/nf_conntrack_core.c
@@ -53,6 +53,8 @@
#include <net/netns/hash.h>
#include <net/ip.h>
+#include <linux/ve.h>
+
#include "nf_internals.h"
__cacheline_aligned_in_smp spinlock_t nf_conntrack_locks[CONNTRACK_LOCKS];
@@ -1478,7 +1480,9 @@ __nf_conntrack_alloc(struct net *net,
if (!conntrack_gc_work.early_drop)
conntrack_gc_work.early_drop = true;
atomic_dec(&cnet->count);
- net_warn_ratelimited("nf_conntrack: table full, dropping packet\n");
+ net_veboth_ratelimited(KERN_WARNING "VE%s: "
+ "nf_conntrack table full, dropping packet\n",
+ net->owner_ve->ve_name);
return ERR_PTR(-ENOMEM);
}
}
diff --git a/net/netfilter/nf_conntrack_expect.c b/net/netfilter/nf_conntrack_expect.c
index 13c071fbe2ef..5523aa53492b 100644
--- a/net/netfilter/nf_conntrack_expect.c
+++ b/net/netfilter/nf_conntrack_expect.c
@@ -32,6 +32,8 @@
#include <net/netfilter/nf_conntrack_tuple.h>
#include <net/netfilter/nf_conntrack_zones.h>
+#include <linux/ve.h>
+
unsigned int nf_ct_expect_hsize __read_mostly;
EXPORT_SYMBOL_GPL(nf_ct_expect_hsize);
@@ -468,7 +470,9 @@ static inline int __nf_ct_expect_check(struct nf_conntrack_expect *expect,
cnet = nf_ct_pernet(net);
if (cnet->expect_count >= nf_ct_expect_max) {
- net_warn_ratelimited("nf_conntrack: expectation table full\n");
+ net_veboth_ratelimited(KERN_WARNING "VE%s "
+ "nf_conntrack: expectation table full\n",
+ net->owner_ve->ve_name);
ret = -EMFILE;
}
out:
More information about the Devel
mailing list