Comment 6 for bug 1457196
Revision history for this message
| Darren Birkett (darren-birkett) wrote | #6 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
(Get the code!)
Thanks Jimmy,
I wonder if we need to have conntrackd installed at all. It's prime use is to be able to synchronise state between linux firewalls, in an HA firewall environment (clearly we are not using it for that in our deployments). A secondary use is to gather, and log, connection statistics. It seems that if we generally find the stats logs useless, there's not much point in conntrackd running.
Note, removing conntrackd does not unload the kernel conntrack modules or disable the netfilter conntrack framework. It simply means we are not gathering ostensibly useless logging. The kernel conntrack flows can still be interrogated with the 'conntrack' userspace cli tool, for real time debugging.
Soliciting further opinion.