
<html>

    <head>

      <base href="https://bugzilla.netfilter.org/" />

    </head>

    <body><table border="1" cellspacing="0" cellpadding="8">

        <tr>

          <th>Bug ID</th>

          <td><a class="bz_bug_link 

          bz_status_NEW "

   title="NEW - conntrackd will not accept connection records into kernel table from another machine"

   href="https://bugzilla.netfilter.org/show_bug.cgi?id=1123">1123</a>

          </td>

        </tr>


        <tr>

          <th>Summary</th>

          <td>conntrackd will not accept connection records into kernel table from another machine

          </td>

        </tr>


        <tr>

          <th>Product</th>

          <td>conntrack-tools

          </td>

        </tr>


        <tr>

          <th>Version</th>

          <td>unspecified

          </td>

        </tr>


        <tr>

          <th>Hardware</th>

          <td>x86_64

          </td>

        </tr>


        <tr>

          <th>OS</th>

          <td>other

          </td>

        </tr>


        <tr>

          <th>Status</th>

          <td>NEW

          </td>

        </tr>


        <tr>

          <th>Severity</th>

          <td>major

          </td>

        </tr>


        <tr>

          <th>Priority</th>

          <td>P5

          </td>

        </tr>


        <tr>

          <th>Component</th>

          <td>conntrack-daemon

          </td>

        </tr>


        <tr>

          <th>Assignee</th>

          <td>netfilter-buglog@lists.netfilter.org

          </td>

        </tr>


        <tr>

          <th>Reporter</th>

          <td>gerald@palmerhouse.net

          </td>

        </tr></table>

      <p>

        <div>

        <pre>OS localhost 4.9.8-1-ARCH #1 SMP PREEMPT Mon Feb 6 12:59:40 CET 2017 x86_64

GNU/Linux


conntrackd version 1.4.4

conntrackd gives the error:

[Thu Feb 16 17:56:27 2017] (pid=1312) [ERROR] inject-add2: Invalid argument

Thu Feb 16 17:56:27 2017    icmp     1 src=192.168.0.15 dst=67.36.196.10 type=8

code=0 id=5486 [UNREPLIED]

[Thu Feb 16 17:56:27 2017] (pid=1312) [ERROR] inject-upd1: Invalid argument

Thu Feb 16 17:56:27 2017    icmp     1 src=192.168.0.15 dst=67.36.196.10 type=8

code=0 id=5486


for each connection it attempts to add to the local table


when 

DisableExternalCache On


conntrackd WILL add to external table when the external cache is enabled

but errors with the cache is disabled


with the external cache disabled

entries DO NOT appear in conntrack -L

entries DO NOT appear in conntrackd -e 

entries DO NOT appear in conntrackd -i

failures show in conntrackd -s


conntrackd.conf

Sync {

    Mode FTFW {

        DisableExternalCache On

        CommitTimeout 1800

        PurgeTimeout 5

    }


    UDP {

        IPv4_address 192.168.0.31

        IPv4_Destination_Address 192.168.0.30

        Port 3780

        Interface ens8

        SndSocketBuffer 24985600

        RcvSocketBuffer 24985600

        Checksum on

    }

}


General {

    Nice -20

    HashSize 32768

    HashLimit 131072

    LogFile on

    Syslog on

    LockFile /var/lock/conntrack.lock

    UNIX {

        Path /var/run/conntrackd.ctl

        Backlog 20

    }

    NetlinkBufferSize 2097152

    NetlinkBufferSizeMaxGrowth 8388608

    Filter From Userspace {

        Protocol Accept {

            TCP

            UDP

            ICMP # This requires a Linux kernel >= 2.6.31

        }

        Address Ignore {

            IPv4_address 127.0.0.1 # loopback

            IPv4_address 192.168.0.30

            IPv4_address 192.168.0.31

        }

    }

}</pre>

        </div>

      </p>

      <hr>

      <span>You are receiving this mail because:</span>

      
      <ul>

          <li>You are watching all bug changes.</li>

      </ul>

    </body>

</html>