Skip to content

Fix nfqueuu #274

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 3 commits into from
Closed

Fix nfqueuu #274

wants to merge 3 commits into from

Conversation

@aojea
Copy link
Contributor

@aojea aojea commented Oct 26, 2025

aojea and others added 3 commits October 26, 2025 08:37
@aojea
add example network policies manifests
f450693
@aojea
apply network policies to existing connections.
f5e8b1b 
The dataplane uses conntrack labels to identify the connections that are
already processed and skip the ones that are processed and established.
The dataplane now inspect the existing connections in the conntrack
table and evaluates against the current network policies, if one of the
connections is no longer valid the label is removed, so the packets gets
requeued and reevaluated.

The strict mode is enabled by default and runs at most every 30 seconds
once there is a change triggered in the dataplane, this is to avoid
performance issues for listing conntrack entries too often.
@aojea
fix nfqueue withoptions
c19c493
@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: aojea

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot requested a review from thockin October 26, 2025 07:38
@k8s-ci-robot k8s-ci-robot added approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. size/XL Denotes a PR that changes 500-999 lines, ignoring generated files. labels Oct 26, 2025
@aojea aojea mentioned this pull request Oct 26, 2025
Merged
@aojea
Copy link
Contributor Author

aojea commented Oct 26, 2025

/hold

@k8s-ci-robot k8s-ci-robot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Oct 26, 2025
@aojea
Copy link
Contributor Author

aojea commented Oct 28, 2025

upstream fixed we can use the new release on the original PR #268

@aojea aojea closed this Oct 28, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@danwinship danwinship Awaiting requested review from danwinship

@thockin thockin Awaiting requested review from thockin

Assignees

No one assigned

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. size/XL Denotes a PR that changes 500-999 lines, ignoring generated files.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@aojea @k8s-ci-robot