Ticket #725 (closed defect: fixed)

Opened 2 years ago

Last modified 1 week ago

fw_conntrack miscounts NATed connections

Reported by: wferi Assigned to: kenyon
Priority: normal Milestone:
Component: plugins Version: 1.2.6
Severity: normal Keywords:
Cc:

Description

I couldn't find a definitive guide to the format of /proc/net/ip_conntrack, but on my systems (mostly Linux 2.6.26) the fw_conntrack plugin (version 1.2.6) mishandles it on two accounts:

  • the src and dst fields numbers are different for udp and tcp lines;
  • the [UNREPLIED] flag can be inserted in between, changing numbering again.

The attached patch seems to fix it for me, but #532 suggests that other changes are in order as well.

Attachments

fw_conntrack.patch (1.2 kB) - added by wferi on 02/09/10 17:14:49.
refreshed patch against version 1.4.5

Change History

04/12/09 23:44:59 changed by janl

  • owner changed from nobody to bjorn.

02/09/10 17:14:49 changed by wferi

  • attachment fw_conntrack.patch added.

refreshed patch against version 1.4.5

23/09/11 17:39:50 changed by alext

I've rewritten this plugin in perl (attached to #843). This version now counts natted connections correctly, as well as using the conntrack tool if it's available.

30/01/12 00:43:23 changed by kenyon

  • owner changed from bjorn to kenyon.
  • status changed from new to assigned.

30/01/12 01:46:42 changed by kenyon

  • status changed from assigned to closed.
  • resolution set to fixed.

Fixed in r4619, thanks!