conntrackd crash after few seconds

conntrackd crash after few seconds

[Nicolas RENAULT]

Hello,
thanks for the work !
and sorry for bad english.

informations :

debian wheezy     3.2.0-4-amd64 #1 SMP Debian 3.2.57-3+deb7u2 x86_64 
GNU/Linux
packages
ii  conntrack                        1:1.2.1-1 amd64        Program to 
modify the conntrack tables
ii  conntrackd                       1:1.2.1-1 amd64        Connection 
tracking daemon
ii  libnetfilter-conntrack3:amd64    1.0.1-1 amd64

conntrackd.conf
--------------------------------------------------
Sync {
     Mode FTFW {
         DisableExternalCache On
     }
     UDP {
         IPv4_address 10.98.145.5
         IPv4_Destination_Address 10.98.145.6
         Port 3780
         Interface eth2
         SndSocketBuffer 1249280
         RcvSocketBuffer 1249280
         Checksum on
     }
}
General {
     Nice -20
     Scheduler {
         Type FIFO
         Priority 99
     }
     HashSize 32768
     HashLimit 131072
     LogFile on
     Syslog off
     LockFile /var/lock/conntrack.lock
     UNIX {
         Path /var/run/conntrackd.ctl
         Backlog 20
     }
     NetlinkBufferSize 2097152
     NetlinkBufferSizeMaxGrowth 8388608
     NetlinkOverrunResync On
     NetlinkEventsReliable Off
     PollSecs 15
     EventIterationLimit 100
     Filter From Userspace {
         Protocol Accept {
             TCP
         }
         Address Ignore {
             IPv4_address 127.0.0.1
         }
     }
}
----------------------------------------------------------

My problem :

when a start de deamon :  /etc/init.d/conntrackd start
i can see this line for ten secondes in "ps faux"

root      3764  0.0  0.0  14836  2484 ?        S<s  16:53   0:00 
/usr/sbin/conntrackd -d -C /etc/conntrackd/conntrackd.conf

and then disapear.

a try to run  with  (after deleting /var/lock/conntrack.lock )

conntrackd -C /etc/conntrackd/conntrackd.conf

then i have :

conntrackd: api.c:526: __build_query_exp: Assertion `ssh != ((void *)0)' 
failed.
abandon

at about ten seconds.

any ideas ?

others informations , i use the same conf file without any problems on 
squeeze (2.6.32-5) with .
ii  conntrack                          1:0.9.14-2 Program to modify the 
conntrack tables
ii  conntrackd                         1:0.9.14-2 Connection tracking daemon
ii  libnetfilter-conntrack3            0.0.101-1

only a every two hours avg load peak activity.

regards

-- 
Nicolas

Re: conntrackd crash after few seconds

[Martin Kraus]

On Thu, Jun 05, 2014 at 05:19:26PM +0200, Nicolas RENAULT wrote:
> informations :
> 
> debian wheezy     3.2.0-4-amd64 #1 SMP Debian 3.2.57-3+deb7u2 x86_64

Hi. 

We had crashes on debian wheezy which were solved by upgrade to

linux-image-3.13-0.bpo.1-amd64

from wheezy backports.

mk

Re: conntrackd crash after few seconds

[Arturo Borrero Gonzalez]

On 5 June 2014 17:19, Nicolas RENAULT <nicolas_renault@yahoo.fr> wrote:
>
> others informations , i use the same conf file without any problems on
> squeeze (2.6.32-5) with .
> ii  conntrack                          1:0.9.14-2 Program to modify the
> conntrack tables
> ii  conntrackd                         1:0.9.14-2 Connection tracking daemon
> ii  libnetfilter-conntrack3            0.0.101-1
>
> only a every two hours avg load peak activity.
>

Is this the same as the Debian bug #746464 [0]?

regards.

[0] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=746464

-- 
Arturo Borrero Gonz√°lez

Re: conntrackd crash after few seconds

[Martin Kraus]

On Thu, Jun 05, 2014 at 05:59:19PM +0200, Arturo Borrero Gonzalez wrote:
> On 5 June 2014 17:49, Martin Kraus <lists_mk@wujiman.net> wrote:
> 
> > On Thu, Jun 05, 2014 at 05:19:26PM +0200, Nicolas RENAULT wrote:
> > > informations :
> > >
> > > debian wheezy     3.2.0-4-amd64 #1 SMP Debian 3.2.57-3+deb7u2 x86_64
> >
> > Hi.
> >
> > We had crashes on debian wheezy which were solved by upgrade to
> >
> > linux-image-3.13-0.bpo.1-amd64
> >
> 
> 
> Is this the same as the Debian bug #746464 [0]?

probably not. we hit a kernel panic and when I redirected kernel console to
the serial port for another run it showed that there was a stalled cpu core running
conntrackd process and everything was just dead.

mk

Re: conntrackd crash after few seconds

[Nicolas RENAULT]

Le 05/06/2014 18:06, Martin Kraus a écrit :
> On Thu, Jun 05, 2014 at 05:59:19PM +0200, Arturo Borrero Gonzalez wrote:
>> On 5 June 2014 17:49, Martin Kraus <lists_mk@wujiman.net> wrote:
>>
>>> On Thu, Jun 05, 2014 at 05:19:26PM +0200, Nicolas RENAULT wrote:
>>>> informations :
>>>>
>>>> debian wheezy     3.2.0-4-amd64 #1 SMP Debian 3.2.57-3+deb7u2 x86_64
>>> Hi.
>>>
>>> We had crashes on debian wheezy which were solved by upgrade to
>>>
>>> linux-image-3.13-0.bpo.1-amd64
>>>
>>
>> Is this the same as the Debian bug #746464 [0]?
> probably not. we hit a kernel panic and when I redirected kernel console to
> the serial port for another run it showed that there was a stalled cpu core running
> conntrackd process and everything was just dead.
>
> mk
Hi,

thanks for the reply.

some more informations :

I don't have kernel panic and so on , as i say in the first post it's 
just conntrackd that stop running after about 10 secondes. no message in 
syslog or messages or deamon.log or conntrackd.log....

I use conntrackd but i'm not a specialist so when i say that a try to 
run it with

conntrackd -C /etc/conntrackd/conntrackd.conf         i'm right ?

on the firt post my conntrackd.conf is good or not ?  perhaps i made a 
mistake on the buffer size or thinks like that ?

I will try to update to  linux-image-3.13-0.bpo.1-amd64 but i hope that 
it will not broke others thinks :)

regards

-- 
Nicolas

Re: conntrackd crash after few seconds

[Nicolas RENAULT]

Le 05/06/2014 18:06, Martin Kraus a écrit :
> On Thu, Jun 05, 2014 at 05:59:19PM +0200, Arturo Borrero Gonzalez wrote:
>> On 5 June 2014 17:49, Martin Kraus <lists_mk@wujiman.net> wrote:
>>
>>> On Thu, Jun 05, 2014 at 05:19:26PM +0200, Nicolas RENAULT wrote:
>>>> informations :
>>>>
>>>> debian wheezy     3.2.0-4-amd64 #1 SMP Debian 3.2.57-3+deb7u2 x86_64
>>> Hi.
>>>
>>> We had crashes on debian wheezy which were solved by upgrade to
>>>
>>> linux-image-3.13-0.bpo.1-amd64
>>>
>>
>> Is this the same as the Debian bug #746464 [0]?
> probably not. we hit a kernel panic and when I redirected kernel console to
> the serial port for another run it showed that there was a stalled cpu core running
> conntrackd process and everything was just dead.
>
> mk
Hi,

I find the solution , the proble come from conntrackd.conf it was made 
from the one on a squeeze and with the example bring with the package a 
made this one :

Sync {
     Mode FTFW {
         DisableExternalCache On
     }
     UDP {
         IPv4_address 10.98.145.5
         IPv4_Destination_Address 10.98.145.6
         Port 3780
         Interface eth2
         SndSocketBuffer 1249280
         RcvSocketBuffer 1249280
         Checksum on
     }
}
General {
     HashSize 8192
     HashLimit 65535
     Syslog on
     LockFile /var/lock/conntrackd.lock
     UNIX {
         Path /var/run/conntrackd.sock
         Backlog 20
     }
     SocketBufferSize 262142
     SocketBufferSizeMaxGrown 655355
     Filter {
         Protocol Accept {
             TCP
         }
         Address Ignore {
             IPv4_address 10.98.0.0/16     #dedicated link #
         }
     }
}


diff :
                 old         new
HashSize  32768   8192
HashLimit 131072 65535

- NetlinkBufferSize 2097152
- NetlinkBufferSizeMaxGrowth 8388608
- NetlinkOverrunResync On
- NetlinkEventsReliable Off
- PollSecs 15
- EventIterationLimit 100
- Filter From Userspace {

+ SocketBufferSize 262142
+ SocketBufferSizeMaxGrown 655355
+ Filter {

can someone look at my new conntrackd.conf and says if i forget 
somethinks important ?.

regards


-- 
Nicolas

Re: conntrackd crash after few seconds

[Pablo Neira Ayuso]

On Thu, Jun 05, 2014 at 05:19:26PM +0200, Nicolas RENAULT wrote:
> General {
>     Nice -20
>     Scheduler {
>         Type FIFO
>         Priority 99
>     }
>     HashSize 32768
>     HashLimit 131072
>     LogFile on
>     Syslog off
>     LockFile /var/lock/conntrack.lock
>     UNIX {
>         Path /var/run/conntrackd.ctl
>         Backlog 20
>     }
>     NetlinkBufferSize 2097152
>     NetlinkBufferSizeMaxGrowth 8388608
>     NetlinkOverrunResync On
>     NetlinkEventsReliable Off
>     PollSecs 15

I guess the assertion happens after 15 seconds.

conntrack-tools 1.2 includes expectation support which is broken with
PollSecs. The code for polling expectations is missing. Thus, the
assertion problem that you're reporting.

The problem is still there in 1.4.x, this needs a patch.