bugzilla-daemon at bugzilla.netfilter.org
2009-Oct-23 08:30 UTC
[Bug 508] ip6tables conntrack marks all incoming packets as INVALID
http://bugzilla.netfilter.org/show_bug.cgi?id=508 devurandom at gmx.net changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |devurandom at gmx.net ------- Comment #5 from devurandom at gmx.net 2009-10-23 10:30 ------- I am having the same issue on a 2.6.29-hardened kernel. # grep -i ip_nf_conntrack /usr/src/linux/.config returns no matches grep -i nf_conntrack /usr/src/linux/.config CONFIG_NF_CONNTRACK=m # CONFIG_NF_CONNTRACK_MARK is not set # CONFIG_NF_CONNTRACK_EVENTS is not set # CONFIG_NF_CONNTRACK_AMANDA is not set # CONFIG_NF_CONNTRACK_FTP is not set # CONFIG_NF_CONNTRACK_H323 is not set # CONFIG_NF_CONNTRACK_IRC is not set # CONFIG_NF_CONNTRACK_NETBIOS_NS is not set # CONFIG_NF_CONNTRACK_PPTP is not set # CONFIG_NF_CONNTRACK_SIP is not set # CONFIG_NF_CONNTRACK_TFTP is not set CONFIG_NF_CONNTRACK_IPV4=m # CONFIG_NF_CONNTRACK_PROC_COMPAT is not set CONFIG_NF_CONNTRACK_IPV6=m # grep -i match_state /usr/src/linux/.config CONFIG_NETFILTER_XT_MATCH_STATE=m ip6tables rules: [2028:211788] -A INPUT -m state --state INVALID -j LOG [0:0] -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT Can you tell please me what is wrong with my config here? -- Configure bugmail: http://bugzilla.netfilter.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at bugzilla.netfilter.org
2009-Oct-23 08:31 UTC
[Bug 508] ip6tables conntrack marks all incoming packets as INVALID
http://bugzilla.netfilter.org/show_bug.cgi?id=508 ------- Comment #6 from devurandom at gmx.net 2009-10-23 10:31 ------- P.S: The nf_conntrack modules are loaded: # lsmod | grep nf_ nf_conntrack_ipv6 23864 5 ipv6 578024 28 nf_conntrack_ipv6,sit nf_nat 28326 2 ipt_MASQUERADE,iptable_nat nf_conntrack_ipv4 10128 7 iptable_nat,nf_nat nf_conntrack 99757 6 nf_conntrack_ipv6,xt_state,ipt_MASQUERADE,iptable_nat,nf_nat,nf_conntrack_ipv4 nf_defrag_ipv4 1624 1 nf_conntrack_ipv4 -- Configure bugmail: http://bugzilla.netfilter.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.