netfilter buglog - Jun 2011 - [Bug 722] New: double entry of nf_conntrack_max in /proc

http://bugzilla.netfilter.org/show_bug.cgi?id=722

           Summary: double entry of nf_conntrack_max in /proc
           Product: netfilter/iptables
           Version: linux-2.6.x
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: major
          Priority: P5
         Component: nf_conntrack
        AssignedTo: netfilter-buglog at lists.netfilter.org
        ReportedBy: jb.1234abcd at gmail.com
   Estimated Hours: 0.0


Which one is used (read, updated) ?

# ls -al /proc/sys/net/
total 0
dr-xr-xr-x 0 root root 0 Jun  7 20:20 .
dr-xr-xr-x 1 root root 0 Jun  2 18:34 ..
dr-xr-xr-x 0 root root 0 Jun  8 09:58 core
dr-xr-xr-x 0 root root 0 Jun  8 09:58 ipv4
dr-xr-xr-x 0 root root 0 Jun  8 09:58 ipv6
dr-xr-xr-x 0 root root 0 Jun  8 09:58 netfilter
-rw-r--r-- 1 root root 0 Jun  8 09:58 nf_conntrack_max
dr-xr-xr-x 0 root root 0 Jun  8 09:58 unix
# cat /proc/sys/net/nf_conntrack_max 
47420

# ls -al /proc/sys/net/netfilter/
...
-rw-r--r-- 1 root root 0 Jun  8 09:59 /proc/sys/net/netfilter/nf_conntrack_max
...
# cat /proc/sys/net/netfilter/nf_conntrack_max 
47420

# sysctl -a |grep -i nf_conntrack_max
net.netfilter.nf_conntrack_max = 47420
net.nf_conntrack_max = 47420

My system is Fedora 15, but I assume it is not distro-specific.
# uname -r
2.6.38.6-27.fc15.i686

Installed packages:
libnetfilter_conntrack.i686         0.9.1-1.fc15   @koji-override-0/$releasever
iptables.i686                    1.4.10-2.fc15     @koji-override-0/$releasever
iptables-ipv6.i686               1.4.10-2.fc15     @koji-override-0/$releasever

JB


-- 
Configure bugmail: http://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
You are watching all bug changes.

http://bugzilla.netfilter.org/show_bug.cgi?id=722


Jan Engelhardt <jengelh at medozas.de> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |jengelh at medozas.de




--- Comment #1 from Jan Engelhardt <jengelh at medozas.de>  2011-06-24
20:21:02 ---
Did it occur to you that this could be for (the argument of) compatibility? :)

The sysctl in the netfilter. group is of course the modern one.


-- 
Configure bugmail: http://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
You are watching all bug changes.

http://bugzilla.netfilter.org/show_bug.cgi?id=722





--- Comment #2 from jb.1234abcd at gmail.com  2011-06-25 15:27:01 ---
(In reply to comment #1)
> Did it occur to you that this could be for (the argument of) compatibility?
:)
> 
> The sysctl in the netfilter. group is of course the modern one.
> 
Well, then it would be a temp duality anyway.
I assumed it could be a case of an overlooked field.
Anyway, I wanted to let the devs know :-)
When they are ready they will just close this report.


-- 
Configure bugmail: http://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
You are watching all bug changes.

http://bugzilla.netfilter.org/show_bug.cgi?id=722

Jozsef Kadlecsik <kadlec at netfilter.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
                 CC|                            |kadlec at netfilter.org
         Resolution|                            |INVALID

--- Comment #3 from Jozsef Kadlecsik <kadlec at netfilter.org> 2012-12-06
19:30:23 CET ---
As Jan wrote, it's for backward compatibility.

-- 
Configure bugmail: http://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.