From mboxrd@z Thu Jan 1 00:00:00 1970 From: nic-lartc@studentergaarden.dk Date: Tue, 31 Jul 2007 12:30:52 +0000 Subject: [LARTC] Operation failed: such conntrack doesn't exist - when it Message-Id: <46AF2B7C.8060204@studentergaarden.dk> List-Id: MIME-Version: 1.0 Content-Type: text/plain; charset="windows-1252" Content-Transfer-Encoding: quoted-printable To: lartc@vger.kernel.org Hi gurus I want to destroy all state table entries/reset all connections=20 for a particular client. When I issue conntrack -L -s , it=20 lists loads of state entries. When I issue conntrack -D -s it answers "NFNETLINK answers: No such file or directory=20 Operation failed: such conntrack doesn't exist." I have googled the problem, but can find only either unanswered or=20 "there was actually really a bug in conntrack on that kernel verision,=20 it is now fixed" posts from a while back. Is this an error or is my syntax wrong/I am doing something silly? Debugging info, including kernel version and strace (I am root): dragon:/home/nicolas# conntrack -L -s 172.16.98.255 tcp 6 431690 ESTABLISHED src=172.16.98.255 dst 9.85.135.xxx=20 sportI56 dport=80 packets=3D4 bytes=1033 src 9.85.135.xxx=20 dst=130.226.169.xxx sport=80 dportI56 packets=3D3 bytes=1091 [ASSURED]=20 mark=3D0 use=3D1 tcp 6 431983 ESTABLISHED src=172.16.98.255 dst 7.46.110.xxx=20 sport=1050 dport=1863 packets27 bytes=16935 src 7.46.110.xxx=20 dst=130.226.169.xxx sport=1863 dport=1050 packets=177 bytes=17375=20 [ASSURED] mark=3D0 use=3D1 tcp 6 315337 ESTABLISHED src=172.16.98.255 dst=80.252.91.xxx=20 sportH82 dport=80 packets=16 bytesg68 src=80.252.91.xxx=20 dst=130.226.169.xxx sport=80 dportH82 packets=13 bytes=8626 [ASSURED]=20 mark=3D0 use=3D2 ... more cut for clarity ... dragon:/home/nicolas# conntrack -D -s 172.16.98.255 NFNETLINK answers: No such file or directory Operation failed: such conntrack doesn't exist dragon:/home/nicolas# uname -a Linux dragon 2.6.18-4-686 #1 SMP Wed May 9 23:03:12 UTC 2007 i686 GNU/Linux (Debian Etch) strace dragon:/home/nicolas# strace conntrack -D -s 172.16.98.255 execve("/usr/sbin/conntrack", ["conntrack", "-D", "-s",=20 "172.16.98.255"], [/* 19 vars */]) =3D 0 uname({sys=3D"Linux", node=3D"dragon", ...}) =3D 0 brk(0) =3D 0x804e000 access("/etc/ld.so.nohwcap", F_OK) =3D -1 ENOENT (No such file or=20 directory) mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,=20 0) =3D 0xb7fde000 access("/etc/ld.so.preload", R_OK) =3D -1 ENOENT (No such file or=20 directory) mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,=20 0) =3D 0xb7fdd000 open("/etc/ld.so.cache", O_RDONLY) =3D 3 fstat64(3, {st_mode=3DS_IFREG|0644, st_size=17386, ...}) =3D 0 mmap2(NULL, 17386, PROT_READ, MAP_PRIVATE, 3, 0) =3D 0xb7fd8000 close(3) =3D 0 access("/etc/ld.so.nohwcap", F_OK) =3D -1 ENOENT (No such file or=20 directory) open("/usr/lib/libnetfilter_conntrack.so.1", O_RDONLY) =3D 3 read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0000\24\0"...,=20 512) =3D 512 fstat64(3, {st_mode=3DS_IFREG|0644, st_size=19232, ...}) =3D 0 mmap2(NULL, 22420, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0)=20 =3D 0xb7fd2000 mmap2(0xb7fd7000, 4096, PROT_READ|PROT_WRITE,=20 MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x4) =3D 0xb7fd7000 close(3) =3D 0 access("/etc/ld.so.nohwcap", F_OK) =3D -1 ENOENT (No such file or=20 directory) open("/lib/tls/i686/cmov/libdl.so.2", O_RDONLY) =3D 3 read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\20\f\0"...,=20 512) =3D 512 fstat64(3, {st_mode=3DS_IFREG|0644, st_size=9592, ...}) =3D 0 mmap2(NULL, 12404, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0)=20 =3D 0xb7fce000 mmap2(0xb7fd0000, 8192, PROT_READ|PROT_WRITE,=20 MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1) =3D 0xb7fd0000 close(3) =3D 0 access("/etc/ld.so.nohwcap", F_OK) =3D -1 ENOENT (No such file or=20 directory) open("/lib/tls/i686/cmov/libc.so.6", O_RDONLY) =3D 3 read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\240O\1"...,=20 512) =3D 512 fstat64(3, {st_mode=3DS_IFREG|0644, st_size=1241392, ...}) =3D 0 mmap2(NULL, 1247388, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3,=20 0) =3D 0xb7e9d000 mmap2(0xb7fc4000, 28672, PROT_READ|PROT_WRITE,=20 MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x127) =3D 0xb7fc4000 mmap2(0xb7fcb000, 10396, PROT_READ|PROT_WRITE,=20 MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) =3D 0xb7fcb000 close(3) =3D 0 access("/etc/ld.so.nohwcap", F_OK) =3D -1 ENOENT (No such file or=20 directory) open("/usr/lib/libnfnetlink.so.1", O_RDONLY) =3D 3 read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\220\v\0"...,=20 512) =3D 512 fstat64(3, {st_mode=3DS_IFREG|0644, st_size=10956, ...}) =3D 0 mmap2(NULL, 14252, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0)=20 =3D 0xb7e99000 mmap2(0xb7e9c000, 4096, PROT_READ|PROT_WRITE,=20 MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2) =3D 0xb7e9c000 close(3) =3D 0 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,=20 0) =3D 0xb7e98000 mprotect(0xb7fc4000, 20480, PROT_READ) =3D 0 set_thread_area({entry_number:-1 -> 6, base_addr:0xb7e98ae0,=20 limit:1048575, seg_32bit:1, contents:0, read_exec_only:0,=20 limit_in_pages:1, seg_not_present:0, useable:1}) =3D 0 munmap(0xb7fd8000, 17386) =3D 0 brk(0) =3D 0x804e000 brk(0x806f000) =3D 0x806f000 socket(PF_NETLINK, SOCK_RAW, 12) =3D 3 getsockname(3, {sa_family=AF_NETLINK, pid=3D0, groups=00000000}, [12]) =3D 0 time(NULL) =3D 1185884349 bind(3, {sa_family=AF_NETLINK, pid=3D0, groups=00000000}, 12) =3D 0 getsockname(3, {sa_family=AF_NETLINK, pid=1925, groups=00000000}, [12]) =3D= 0 bind(3, {sa_family=AF_NETLINK, pid=1925, groups=00000000}, 12) =3D 0 open("/usr/lib/libnetfilter_conntrack//nfct_l3proto_ipv4-0.0.31.so",=20 O_RDONLY) =3D 4 read(4, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0000\5\0"...,=20 512) =3D 512 fstat64(4, {st_mode=3DS_IFREG|0644, st_size708, ...}) =3D 0 mmap2(NULL, 6632, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 4, 0)=20 =3D 0xb7fdb000 mmap2(0xb7fdc000, 4096, PROT_READ|PROT_WRITE,=20 MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0) =3D 0xb7fdc000 close(4) =3D 0 sendmsg(3, {msg_name(12)=3D{sa_family=AF_NETLINK, pid=3D0, groups=00000000}= ,=20 msg_iov(1)=3D[{"8\0\0\0\2\1\5\3\277(\257F\0\0\0\0\2\0\0\0$\0\1\200\24\0"...= ,=20 56}], msg_controllen=3D0, msg_flags=3D0}, 0) =3D 56 recvmsg(3, {msg_name(12)=3D{sa_family=AF_NETLINK, pid=3D0, groups=00000000}= ,=20 msg_iov(1)=3D[{"$\0\0\0\2\0\0\0\277(\257F\205\7\0\0\376\377\377\3778\0"...,= =20 8192}], msg_controllen=3D0, msg_flags=3D0}, 0) =3D 36 dup(2) =3D 4 fcntl64(4, F_GETFL) =3D 0x8002 (flags O_RDWR|O_LARGEFIL= E) fstat64(4, {st_mode=3DS_IFCHR|0620, st_rdev=3Dmakedev(136, 0), ...}) =3D 0 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,=20 0) =3D 0xb7fda000 _llseek(4, 0, 0xbfa51594, SEEK_CUR) =3D -1 ESPIPE (Illegal seek) write(4, "NFNETLINK answers: No such file "..., 45NFNETLINK answers: No=20 such file or directory ) =3D 45 close(4) =3D 0 munmap(0xb7fda000, 4096) =3D 0 close(3) =3D 0 write(2, "Operation failed: such conntrack"..., 47Operation failed: such=20 conntrack doesn't exist ) =3D 47 exit_group(1) =3D ? Process 1925 detached _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc