Hi there,
this patch is giving me some trouble as it breaks deletion of conntrack
entries in software that doesn't set the version flag to anything else
but 0.
I'm not entirely sure what is going on here but a piece of software I am
using is now unable to delete conntrack entries and is therefor not
functioning.
Specifically this piece of code seems to fail:
https://github.com/wlanslovenija/tunneldigger/blob/master/broker/src/tunneldigger_broker/conntrack.py#L112
That software relies heavily on libnetfilter_conntrack, which itself,
with this patch, seems to be broken as well:
[felix@x1 utils]$ sudo ./conntrack_create
TEST: create conntrack (OK)
[felix@x1 utils]$ sudo ./conntrack_delete
TEST: delete conntrack (-1)(No such file or directory)
If in libnetfilter_conntrack I edit utils/conntrack_delete.c and change
the line
nfct_set_attr_u8(ct, ATTR_L3PROTO, AF_INET);
to read
nfct_set_attr_u8(ct, ATTR_L3PROTO, AF_UNSPEC);
it starts working again.
As I said, I haven't entirely figured out why this patch breaks
previously working software and what I need to do on my end to unbreak
my software that is using libnetfilter_conntrack. I haven't found a way
to make libnetfilter_conntrack set any other version than NFNETLINK_V0
for the messages it sends, which I presume would fix my problem.
Any hints would be greatly appreciated.
Regards,
Felix
