[PATCH] netfilter: nf_conntrack: table full detailed log
From: lvxiafei
Date: Thu May 08 2025 - 04:15:01 EST
From: lvxiafei <lvxiafei@xxxxxxxxxxxxx>
Add the netns field in the "nf_conntrack: table full,
dropping packet" log to help locate the specific netns
when the table is full.
Signed-off-by: lvxiafei <lvxiafei@xxxxxxxxxxxxx>
---
net/netfilter/nf_conntrack_core.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/net/netfilter/nf_conntrack_core.c b/net/netfilter/nf_conntrack_core.c
index 7f8b245e287a..71849960cf0c 100644
--- a/net/netfilter/nf_conntrack_core.c
+++ b/net/netfilter/nf_conntrack_core.c
@@ -1659,7 +1659,8 @@ __nf_conntrack_alloc(struct net *net,
if (!conntrack_gc_work.early_drop)
conntrack_gc_work.early_drop = true;
atomic_dec(&cnet->count);
- net_warn_ratelimited("nf_conntrack: table full, dropping packet\n");
+ net_warn_ratelimited("nf_conntrack: table full in netns %u, dropping packet\n",
+ net->ns.inum);
return ERR_PTR(-ENOMEM);
}
}
--
2.40.1