Hi, Recently I have been looking at the ovs-conntrack branch. I am interested in the use of netfilter conntrack templates within the kernel for storing rule information that can then be linked to the packet skb and in turn used when passed to the nf_conntrack kernel module.
I notice that a new template is created when a new rule is added to the kernel with nf_conntrack_alloc and nf_conntrack_tmpl_insert (conntrack.c/ovs_ct_copy_action). However, I do not see anywhere in the code that removes template even when the rule itself is expired. Looking at the source code for the nf functions above it appears that they set up a timeout to trigger deletion but do not start the timer (nf_conntrack_confirm sets this). Am I missing something in the code for handling the cleanup of this memory or is there a possible memory leak here? The ovs-conntrack version I am using was taken from the tip of the branch in mid September. Thanks, John
_______________________________________________ discuss mailing list discuss@openvswitch.org http://openvswitch.org/mailman/listinfo/discuss
