Received: by 2002:a05:7412:d8a:b0:e2:908c:2ebd with SMTP id b10csp2219406rdg;
        Sun, 15 Oct 2023 17:46:03 -0700 (PDT)
X-Google-Smtp-Source: AGHT+IE5UF2gd2zywaDJlw3HZsG8syHbmxeNo2ZWFnBt+yboALPk1HZR5tYeMocZxUv+mlWfSdb4
X-Received: by 2002:a05:6808:1c4:b0:3a7:6213:6897 with SMTP id x4-20020a05680801c400b003a762136897mr30382530oic.11.1697417162656;
        Sun, 15 Oct 2023 17:46:02 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1697417162; cv=none;
        d=google.com; s=arc-20160816;
        b=QqvBT6ZHW4Vkv7IFnE2ASjKygPK2lapxorLmmGwOaaLnFOAVTYOC6CqFGIPIpXazH5
         QV7WbgIL5/Wf9WzOwsicjWBWBigUefpmpQjgHvGTGUUa4sVPZH0lnI2SdHWobzmIVcyN
         Cc5WLqbtqvLA8JMh+Jq7BWvHjd/NlwkdfplIlSi2SXJyF65AyNMTlXyrLL1xyV5sOkHq
         GMpTttITjManAga5pIGpqESf2Cp3HunzjFxjc9zsQN4ZU9W1P5UiCjT6k0YPZNyOGscI
         eC2J27kpstawV/4DeE3sTkdX+mGECfmEYQLgTrxwg+oXbum8L0ov0IoWEYI4PpHR0VVe
         4y4A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:in-reply-to:content-disposition:mime-version
         :references:message-id:subject:cc:to:from:date:dkim-signature;
        bh=J7+oJHozaJp3ARwDpXhkbVM/mB5nFnC7YhE1nMQs+T4=;
        fh=JZS8MWBf+P3VWSZSGvAL6lxd0YVND0SosCq9q+KYiy4=;
        b=FRyNDFAItdPC2dGvYx7r8pIhRf05YmZ4pz5Op4nEUCx/j+SeFTpnDD5WKlc79DWEnO
         CHqs+qM/lfYrg6ZvmPuFg9mEUevylkhd1pWjYjSXcKfpgAtEcy9nFUp/qnEsZImKBDKd
         +SwYy4F5faGW7s5JoWj90Ug5FpkfyjJcVXz4s6I+n7Beq9kJzHoLYH7sb2ZmlcgF/GCe
         qmrlaCz5du2QAZkqhMdBygtW8UpKHEmVXUUtZbUJ9PXRAB1VViGqtDtluVyYhGMGiUJL
         YTbYPKS73GwAr3vSXdxsylxKR9DvIWdImtmdIHAd+zSMbwe7QwvKTZAlPMHTQNfY/Xfx
         Pocw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20230601 header.b=H5Lioq5q;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:4 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from howler.vger.email (howler.vger.email. [2620:137:e000::3:4])
        by mx.google.com with ESMTPS id w63-20020a638242000000b005ac341a88ccsi5803650pgd.6.2023.10.15.17.46.02
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Sun, 15 Oct 2023 17:46:02 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:4 as permitted sender) client-ip=2620:137:e000::3:4;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20230601 header.b=H5Lioq5q;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:4 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0])
	by howler.vger.email (Postfix) with ESMTP id CC077807D54C;
	Sun, 15 Oct 2023 17:45:09 -0700 (PDT)
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.103.10 at howler.vger.email
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S230182AbjJPAUP (ORCPT <rfc822;0x7f454c46@gmail.com> + 99 others);
        Sun, 15 Oct 2023 20:20:15 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:49064 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S229459AbjJPAUO (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Sun, 15 Oct 2023 20:20:14 -0400
Received: from mail-pg1-x534.google.com (mail-pg1-x534.google.com [IPv6:2607:f8b0:4864:20::534])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E957E95;
        Sun, 15 Oct 2023 17:20:12 -0700 (PDT)
Received: by mail-pg1-x534.google.com with SMTP id 41be03b00d2f7-564b6276941so2913880a12.3;
        Sun, 15 Oct 2023 17:20:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20230601; t=1697415612; x=1698020412; darn=vger.kernel.org;
        h=in-reply-to:content-disposition:mime-version:references:message-id
         :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to;
        bh=J7+oJHozaJp3ARwDpXhkbVM/mB5nFnC7YhE1nMQs+T4=;
        b=H5Lioq5qmpGifqA6SvWPci0idUCzLn1sTwxXBI44W7s7aACMgPxsIx9a/ZfaMdxJqq
         /gPD9xwnTamQLP/WUxu/D8hkV++dFwuRTLJoGRyrayzjMNXgxsRtS3AA7kjXAAgSidLR
         0z09wb4m6u038ZHU+uRICQZ6f8BGdRkWqx++ffMAUn75feSQmW7kTcN6yRAZ1bjcjTeW
         13VdwJG1vKrBDfOjdVnBEyD684YWvf+9G1CW5s7OEFKT+hZJUkXv4r+pNbWZYEphBHLS
         3VVP9IjDI8RLdBXSZkMP+ch8D2PWF9DrYNhLOrpG/8z8BurFT7P9jNoafqajv+swiJtO
         wXhw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1697415612; x=1698020412;
        h=in-reply-to:content-disposition:mime-version:references:message-id
         :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date
         :message-id:reply-to;
        bh=J7+oJHozaJp3ARwDpXhkbVM/mB5nFnC7YhE1nMQs+T4=;
        b=kAuvRCrKLCVbErky284Rq36AmGHLIZbhGVLOn1yiB8zBXIX5y7jFOaFyV0LNPVa/RC
         C4j3yWvzIQkJKux/hx8QLcth2ECMOy9I+xjKV/aruy2SOFRu/N2Pg2n6tkXoaVvnmOLP
         yLoFdegkLDX6OCjuIDWjMTCyjT9QW3lsc91pQ/ys0ctH9f+am1Yw9su8475kr2Jqp2qx
         jDQMBFCDXfqxQI7N95fh5cXgy7jmgxsAN2yMb2ny5vJMnnDpvjtb6EkPqmXChPGuxyKO
         gg81pqFJ3ydLiGpk05E0R2erQ11SnkLn5nKA8fJ384BDPLG0A1qOmXhtaDfXbAWchQ1X
         2sQQ==
X-Gm-Message-State: AOJu0Yyjp6UVBYhjzWiZygBCiyJmHQ18i6ydKlhXlPOHERqcQNCPPeQ1
        5sXtLHh4otjJYft3v8OkNx0=
X-Received: by 2002:a05:6a20:7f95:b0:140:3aa:e2ce with SMTP id d21-20020a056a207f9500b0014003aae2cemr43344864pzj.42.1697415612184;
        Sun, 15 Oct 2023 17:20:12 -0700 (PDT)
Received: from debian.me ([103.131.18.64])
        by smtp.gmail.com with ESMTPSA id x6-20020a170902ec8600b001c44c8d857esm7208939plg.120.2023.10.15.17.20.11
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Sun, 15 Oct 2023 17:20:11 -0700 (PDT)
Received: by debian.me (Postfix, from userid 1000)
        id 3520A801B59F; Mon, 16 Oct 2023 07:20:07 +0700 (WIB)
Date:   Mon, 16 Oct 2023 07:20:06 +0700
From:   Bagas Sanjaya <bagasdotme@gmail.com>
To:     Vladimir Smelhaus <vl.sm@email.cz>,
        Linux Netfilter <netfilter@vger.kernel.org>,
        coreteam@netfilter.org,
        Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
        Linux Regressions <regressions@lists.linux.dev>
Cc:     Pablo Neira Ayuso <pablo@netfilter.org>,
        Jozsef Kadlecsik <kadlec@netfilter.org>,
        Florian Westphal <fw@strlen.de>
Subject: Re: Flowtables ignore timeout settings in recent kernels
Message-ID: <ZSyBtn8cplLWoNn-@debian.me>
References: <ughg4v$130b$1@ciao.gmane.io>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512;
        protocol="application/pgp-signature"; boundary="N2rAuLPZGqdFV0iZ"
Content-Disposition: inline
In-Reply-To: <ughg4v$130b$1@ciao.gmane.io>
X-Spam-Status: No, score=-0.6 required=5.0 tests=DKIM_SIGNED,DKIM_VALID,
	DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM,
	HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE,
	SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on howler.vger.email
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (howler.vger.email [0.0.0.0]); Sun, 15 Oct 2023 17:45:10 -0700 (PDT)


--N2rAuLPZGqdFV0iZ
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Sun, Oct 15, 2023 at 09:56:14PM +0200, Vladimir Smelhaus wrote:
> Netfilter ignores the timeout settings for a flowtable
>=20
> # sysctl -a -r flowtable
> net.netfilter.nf_flowtable_tcp_timeout =3D 30
> net.netfilter.nf_flowtable_udp_timeout =3D 30
>=20
> Situation. A long udp connection (tunnel) with some data flowing through a
> router. The connection is sent to a flowtable on the router. It's a few
> packets per second, more here and there, a pause here and there, and so on
> over and over. The pauses are minimal and are also limited by the tunnel
> settings to be no longer than 25 seconds. Everything is satisfying to make
> the connection last continuously in the flowtable and not reappear in
> forward. However, the connection keeps dropping out of the flowtable. It
> stays in the flowtable (offloaded) for a second at most and then it is
> kicked out, back to forward.
>=20
> In an attached test script you can see counters that should be zero but a=
re not. If I watch the normal packet flow on a particular router, I can see=
 packets in the conntrack table that should be OFFLOAD as ASSURED.
>=20
> Tested in kernel 6.5.6. In an old(er) kernel 5.10 it works as expected.
>=20

Then please perform bisection to find a culprit that introduces your
regression (see Documentation/admin-guide/bug-bisect.rst in the kernel
sources for reference). Also, it'd been great if you also post the
reproducer script inline (within your email) instead, as some MUAs
(like mutt that I'm using now) may ignore the attachment.

Anyway, thanks for the regression report. I'm adding it to regzbot:

#regzbot ^introduced: v5.10..v6.5

--=20
An old man doll... just what I always wanted! - Clara

--N2rAuLPZGqdFV0iZ
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iHUEABYKAB0WIQSSYQ6Cy7oyFNCHrUH2uYlJVVFOowUCZSyBsAAKCRD2uYlJVVFO
oxD9AQDAp/pXr+d44wTxEyg9copCJnaEVKIixfFsamXwbWpI/QD/W2ZAb9J8yPcv
V/en2pgBB1CgZDhm7JzlxcWUrsKROwM=
=u4d8
-----END PGP SIGNATURE-----

--N2rAuLPZGqdFV0iZ--