Commit cc8ec108 authored by Paul Blakey's avatar Paul Blakey Committed by openeuler-sync-bot
Browse files

netfilter: ctnetlink: Support offloaded conntrack entry deletion 

stable inclusion
from stable-v5.10.182
commit 468bebc426ba19f285ea4d9d9135c7584d123e20
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I8GJZJ

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=468bebc426ba19f285ea4d9d9135c7584d123e20



--------------------------------

commit 9b7c68b3 upstream.

Currently, offloaded conntrack entries (flows) can only be deleted
after they are removed from offload, which is either by timeout,
tcp state change or tc ct rule deletion. This can cause issues for
users wishing to manually delete or flush existing entries.

Support deletion of offloaded conntrack entries.

Example usage:
 # Delete all offloaded (and non offloaded) conntrack entries
 # whose source address is 1.2.3.4
 $ conntrack -D -s 1.2.3.4
 # Delete all entries
 $ conntrack -F

Signed-off-by: default avatarPaul Blakey <paulb@nvidia.com>
Reviewed-by: default avatarSimon Horman <simon.horman@corigine.com>
Acked-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: default avatarFlorian Westphal <fw@strlen.de>
Cc: Demi Marie Obenour <demi@invisiblethingslab.com>
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: default avatarsanglipeng <sanglipeng1@jd.com>
(cherry picked from commit 72ca2dfb)
parent eee8ee16
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment