Re: [Fwd: Question with printk warnings in ip_conntrack with 2.4.20.]

All of lore.kernel.org
 help / color / mirror / Atom feed

From: jpiszcz <jpiszcz@lucidpixels.com>
To: linux-kernel@vger.kernel.org
Subject: Re: [Fwd: Question with printk warnings in ip_conntrack with 2.4.20.]
Date: Thu, 05 Dec 2002 18:29:19 -0500	[thread overview]
Message-ID: <3DEFE14F.8040403@lucidpixels.com> (raw)

  Stange?  I am just using vcheck (perl script) that goes out and checks 
out software for the latest versions.

Here is an example of what happens when I run it:
http://www.tu-ilmenau.de/~gomar/stuff/vcheck/

All it does is goes out to http/ftps site, matches a regex to check for 
the latest version of whatever you have, ie: sample entry:

prog util-linux = {
  version   = 2.11y
  urgency   = high
  dl        = no
  lastcheck = "2002-12-05 06:07"
  url       = 
ftp://ftp.win.tue.nl/pub/home/aeb/linux-local/utils/util-linux/
  regex     = util-linux-(__VER__)\.tar
}

This program is very useful and those warnings highly annoying. :)
Will there possibly be a /proc or kernel config option for warnings such 
as these?


Dec  5 18:20:23 lucidpixels kernel: ip_conntrack: max number of expected 
connections 1 of ftp reached for 192.168.168.12->199.232.41.7, reusing
Dec  5 18:20:25 lucidpixels kernel: ip_conntrack: max number of expected 
connections 1 of ftp reached for 192.168.168.12->204.214.92.161, reusing
Dec  5 18:20:27 lucidpixels kernel: ip_conntrack: max number of expected 
connections 1 of ftp reached for 192.168.168.12->209.249.29.67, reusing
Dec  5 18:20:30 lucidpixels kernel: ip_conntrack: max number of expected 
connections 1 of ftp reached for 192.168.168.12->209.249.29.67, reusing
Dec  5 18:20:35 lucidpixels kernel: ip_conntrack: max number of expected 
connections 1 of ftp reached for 192.168.168.12->195.37.77.171, reusing
Dec  5 18:21:00 lucidpixels kernel: ip_conntrack: max number of expected 
connections 1 of ftp reached for 192.168.168.12->216.180.224.6, reusing
Dec  5 18:21:06 lucidpixels kernel: BLOCK: IN=eth1 OUT= 
MAC=00:a0:24:05:eb:87:00:c0:7b:b1:8d:3b:08:00 SRC=130.239.18.137 
DST=66.45.37.187 LEN=1500 TOS=0x00 PREC=0x00 TTL=232 ID=47301 DF 
PROTO=ICMP TYPE=8 CODE=0 ID=0 SEQ=0
Dec  5 18:21:18 lucidpixels kernel: ip_conntrack: max number of expected 
connections 1 of ftp reached for 192.168.168.12->130.239.18.137, reusing
Dec  5 18:21:29 lucidpixels kernel: ip_conntrack: max number of expected 
connections 1 of ftp reached for 192.168.168.12->130.239.18.137, reusing
Dec  5 18:21:38 lucidpixels kernel: ip_conntrack: max number of expected 
connections 1 of ftp reached for 192.168.168.12->195.40.6.41, reusing
Dec  5 18:21:42 lucidpixels kernel: ip_conntrack: max number of expected 
connections 1 of ftp reached for 192.168.168.12->204.80.150.47, reusing
Dec  5 18:21:44 lucidpixels kernel: ip_conntrack: max number of expected 
connections 1 of ftp reached for 192.168.168.12->199.232.41.7, reusing
Dec  5 18:21:47 lucidpixels kernel: BLOCK: IN=eth1 OUT= 
MAC=00:a0:24:05:eb:87:00:c0:7b:b1:8d:3b:08:00 SRC=130.239.18.137 
DST=66.45.37.187 LEN=1500 TOS=0x00 PREC=0x00 TTL=232 ID=28140 DF 
PROTO=ICMP TYPE=8 CODE=0 ID=0 SEQ=2
Dec  5 18:21:57 lucidpixels kernel: ip_conntrack: max number of expected 
connections 1 of ftp reached for 192.168.168.12->199.232.41.7, reusing
Dec  5 18:22:20 lucidpixels last message repeated 3 times
Dec  5 18:22:21 lucidpixels kernel: BLOCK: IN=eth1 OUT= 
MAC=00:a0:24:05:eb:87:00:c0:7b:b1:8d:3b:08:00 SRC=130.239.18.173 
DST=66.45.37.187 LEN=1500 TOS=0x00 PREC=0x00 TTL=232 ID=48463 DF 
PROTO=ICMP TYPE=8 CODE=0 ID=0 SEQ=0
Dec  5 18:22:25 lucidpixels kernel: ip_conntrack: max number of expected 
connections 1 of ftp reached for 192.168.168.12->130.239.18.173, reusing
Dec  5 18:22:34 lucidpixels kernel: ip_conntrack: max number of expected 
connections 1 of ftp reached for 192.168.168.12->130.239.18.137, reusing
Dec  5 18:22:36 lucidpixels kernel: ip_conntrack: max number of expected 
connections 1 of ftp reached for 192.168.168.12->199.232.41.7, reusing
Dec  5 18:22:42 lucidpixels kernel: ip_conntrack: max number of expected 
connections 1 of ftp reached for 192.168.168.12->143.239.1.60, reusing
Dec  5 18:22:43 lucidpixels kernel: BLOCK: IN=eth1 OUT= 
MAC=00:a0:24:05:eb:87:00:c0:7b:b1:8d:3b:08:00 SRC=130.239.18.173 
DST=66.45.37.187 LEN=1500 TOS=0x00 PREC=0x00 TTL=232 ID=63220 DF 
PROTO=ICMP TYPE=8 CODE=0 ID=0 SEQ=2

Harald Welte wrote:

>>Nov 29 03:29:26 lucidpixels kernel: ip_conntrack: max number of expected 
>>connections 1 of ftp reached for 192.168.xxx.xxx->129.128.5.191, reusing
>>Nov 29 03:29:30 lucidpixels kernel: ip_conntrack: max number of expected 
>>connections 1 of ftp reached for 192.168.xxx.xxx->129.132.7.170, reusing
>>Nov 29 03:29:36 lucidpixels kernel: ip_conntrack: max number of expected 
>>connections 1 of ftp reached for 192.168.xxx.xxx->195.113.31.123, reusing
>>
>>These fill up my logs (kern.info) which I use for logging iptables 
>>blocked packets.
>>    
>>
>
>the issue is that somebody is doing something very strange to your ftp
>server.  Inside an FTP session, there's always only one expectation,
>since there is only one unestablished data session per control session
>at any given point in time.
>
>  
>
>>Is there anyway to turn this feature off dynamically or should one just 
>>comment out line #970 in 
>>/usr/src/linux/net/ipv4/netfilter/ip_conntrack_core.c ?
>>    
>>
>
>feel free to remove the comment.  but in normal ftp protocol behaviour,
>the lines above should never be printed.
>
>  
>

next             reply	other threads:[~2002-12-05 23:21 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2002-12-05 23:29 jpiszcz [this message]
  -- strict thread matches above, loose matches on Subject: below --
2002-11-30  1:12 [Fwd: Question with printk warnings in ip_conntrack with 2.4.20.] David S. Miller
2002-12-05 20:07 ` Harald Welte
2002-12-05 23:25   ` jpiszcz
2002-12-06 13:59     ` Jozsef Kadlecsik
2002-12-06 14:27       ` jpiszcz

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=3DEFE14F.8040403@lucidpixels.com \
    --to=jpiszcz@lucidpixels.com \
    --cc=linux-kernel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.