[OpenWrt-Devel] conntrack from conntrack-tools not working on x86_64

Sun Jun 10 18:43:44 EDT 2018

I'm trying to use the conntrack package from conntrack-tools on a LEDE
v17.01.4 -tag based x86_64 build, but the kmod-nf-conntrack-netlink
module won't load.

I initially added the conntrack package to a build with the following
options set:
CONFIG_KERNEL_NAMESPACES=y
CONFIG_KERNEL_NET_NS=y

It builds and installs but running 'conntrack -E' returns no data when
there is traffic flowing from / through the device. Running 'conntrack
-S' does return some data, with an 'Operation failed: Invalid
argument' error message.

Things I have tried:
tried removing this patch
(./target/linux/generic/patches-4.4/902-debloat_proc.patch), same
results
tried disabling network namespaces from config above, same results
tried using newest conntrack-tools makefile from master, same results

Any advice on where else to look?

-Eric

Below is console output from conntrac on the device + build box config:

openwrt:~# conntrack -S
entries                 357
searched                258
found                   7712
new                     4821
invalid                 0
ignore                  3
delete                  5004
delete_list             1232
insert                  1049
insert_failed           0
drop                    0
early_drop              0
icmp_error              0
expect_new              0
expect_create           0
expect_delete           0
search_restart          0
conntrack v1.4.4 (conntrack-tools): Operation failed: Invalid argument

openwrt:~# dmesg | grep netlink
[   11.544651] Initializing XFRM netlink socket
[   13.516257] ctnetlink v0.93: registering with nfnetlink.
[   13.521585] ctnetlink_init: cannot register notifier.
[   13.584224] ctnetlink_init: cannot register pernet operations
[   13.985039] ctnetlink v0.93: registering with nfnetlink.
[   13.990374] ctnetlink_init: cannot register notifier.
[   14.054239] ctnetlink_init: cannot register pernet operations
[   14.431403] ctnetlink v0.93: registering with nfnetlink.
[   14.436760] ctnetlink_init: cannot register notifier.
[   14.484196] ctnetlink_init: cannot register pernet operations
[   14.628563] ctnetlink v0.93: registering with nfnetlink.
[   14.633888] ctnetlink_init: cannot register notifier.
[   14.674213] ctnetlink_init: cannot register pernet operations
[   14.819267] kmodloader: - nf_conntrack_netlink - 0

openwrt:~# insmod nf_conntrack_netlink
[  619.770179] ctnetlink v0.93: registering with nfnetlink.
[  619.775510] ctnetlink_init: cannot register notifier.
[  619.859595] ctnetlink_init: cannot register pernet operations
failed to insert /lib/modules/4.4.92/nf_conntrack_netlink.ko

build-box:~/openwrt$ grep 'conntrack\|netlink' .config
CONFIG_PACKAGE_kmod-ipt-conntrack=y
CONFIG_PACKAGE_kmod-ipt-conntrack-extra=y
CONFIG_PACKAGE_kmod-nf-conntrack=y
CONFIG_PACKAGE_kmod-nf-conntrack-event=y
CONFIG_PACKAGE_kmod-nf-conntrack-netlink=y
CONFIG_PACKAGE_kmod-nf-conntrack6=y
CONFIG_PACKAGE_kmod-nfnetlink=y
CONFIG_PACKAGE_kmod-nfnetlink-log=y
# CONFIG_PACKAGE_kmod-nfnetlink-queue is not set
CONFIG_PACKAGE_libnetfilter-conntrack=y
CONFIG_PACKAGE_libnfnetlink=y
CONFIG_PACKAGE_conntrack=y
# CONFIG_PACKAGE_conntrackd is not set
CONFIG_PACKAGE_iptables-mod-conntrack-extra=y
CONFIG_PACKAGE_strongswan-mod-kernel-netlink=y

_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/listinfo/openwrt-devel