Its not a systemd system. Here is the difference After fresh Reboot (No CT logs) [root@wc01 ~]# lsmod Module Size Used by nfnetlink 14606 1 After running conntrack -L Command now the nfnetlink shows "used by" nf_conntrack_netlink: [root@wc01 ~]# lsmod Module Size Used by nf_conntrack_netlink 36271 0 nfnetlink 14606 2 nf_conntrack_netlink Best Regards, Muhammad Faisal On Thu, Mar 16, 2017 at 11:52 PM, V Kurien <kurien.varugis@xxxxxxxxx> wrote: > Not sure I get it, which kmod is missing? That is why I asked you to > difference the output of lsmod. Is this a systemd system or upstart? > > On Thu, Mar 16, 2017 at 11:33 AM, Muhammad Faisal <faisalusuf@xxxxxxxxx> wrote: >> Hi Kurien, >> What i did i put conntrack -L command in rc.local in order to load the >> module but this step did not resolve the issue. From below you can see >> >> Mar 17 00:23:34 wc01 kernel: Netfilter messages via NETLINK v0.30. >> (This is resulted due to conntrack -L command in rc.local but still no >> logs upon reboot) >> >> Then I ran the conntrack -L command again manually after system reboot >> then the below message appeared followed by conntrack events in syslog >> messages started: >> >> Mar 17 00:26:01 wc01 kernel: ctnetlink v0.93: registering with >> nfnetlink. (this module registered upon running the conntrack -L >> again) >> >> Clearly the required kernel module is not being loaded after a system >> restart. How to resolve this issue? >> Best Regards, >> Muhammad Faisal >> >> Disclaimer: >> Information in this e-mail and attachments is confidential and may be >> legally privileged. Only intended recipients are authorized to use it. >> If you have received this message in error, please delete it and all >> copies of the message from your system and notify the sender >> immediately by return e-mail. I'm neither liable for incomplete >> transmission of the information in this communication nor for damage >> caused by any virus transmitted through this e-mail. >> >> >> >> On Thu, Mar 16, 2017 at 11:16 PM, V Kurien <kurien.varugis@xxxxxxxxx> wrote: >>> I'd do the following: >>> a) Run lsmod when the system is not showing messages. >>> b) Run lsmod after running conntrack -L >>> >>> >>> On Thu, Mar 16, 2017 at 10:32 AM, Muhammad Faisal <faisalusuf@xxxxxxxxx> wrote: >>>> Hello, >>>> Any suggestion on this? >>>> Best Regards, >>>> Muhammad Faisal >>>> >>>> Disclaimer: >>>> Information in this e-mail and attachments is confidential and may be >>>> legally privileged. Only intended recipients are authorized to use it. >>>> If you have received this message in error, please delete it and all >>>> copies of the message from your system and notify the sender >>>> immediately by return e-mail. I'm neither liable for incomplete >>>> transmission of the information in this communication nor for damage >>>> caused by any virus transmitted through this e-mail. >>>> >>>> >>>> >>>> On Thu, Mar 16, 2017 at 12:01 AM, Muhammad Faisal <faisalusuf@xxxxxxxxx> wrote: >>>>> Hello, >>>>> Im able to reproduce the problem. The messages stopped upon system >>>>> reboot. The logs starts when conntrack -L command is executed. The >>>>> interesting fact is the following message appeared when I ran the >>>>> conntrack -L command. This mean NETLINK things is not getting started >>>>> unless conntrack command is ran by the user. >>>>> >>>>> Mar 16 00:51:53 wc01 kernel: Netfilter messages via NETLINK v0.30. >>>>> >>>>> What is the solution ? >>>>> Best Regards, >>>>> Muhammad Faisal >>>>> >>>>> Disclaimer: >>>>> Information in this e-mail and attachments is confidential and may be >>>>> legally privileged. Only intended recipients are authorized to use it. >>>>> If you have received this message in error, please delete it and all >>>>> copies of the message from your system and notify the sender >>>>> immediately by return e-mail. I'm neither liable for incomplete >>>>> transmission of the information in this communication nor for damage >>>>> caused by any virus transmitted through this e-mail. >>>>> >>>>> >>>>> >>>>> On Tue, Mar 14, 2017 at 11:48 PM, Muhammad Faisal <faisalusuf@xxxxxxxxx> wrote: >>>>>> Hi Eric, >>>>>> >>>>>>> This looks rather strange. Could you have a task running in background >>>>>>> and removing conntrack related kernel module ? >>>>>> >>>>>> Pardon, I couldnt get what you mean? Please elaborate >>>>>> >>>>>> Also the Ravin response is also witnessing there is some problem for >>>>>> which conntrack -L command is requried to run periodically. Strange >>>>>> though! >>>>>> >>>>>> >>>>>> >>>>>> On Tue, Mar 14, 2017 at 1:02 PM, Eric Leblond <eric@xxxxxxxxx> wrote: >>>>>>> Hi, >>>>>>> >>>>>>> On Tue, 2017-03-14 at 10:05 +0500, Muhammad Faisal wrote: >>>>>>>> Hello, >>>>>>>> Anyone experienced this behavior with ulogd2? >>>>>>>> >>>>>>>> We have setup nat server with src-nat event logging using ulogd2. >>>>>>>> After running for couple of day all of sudden the ulogd2 messages >>>>>>>> stopped. There was nothing related to connection events. >>>>>>>> >>>>>>>> When i run conntrack -L command and then conntrack -E command the >>>>>>>> logs >>>>>>>> starts appearing. >>>>>>>> >>>>>>>> Please help me out i did not find any clue why this is happening. >>>>>>> >>>>>>> This looks rather strange. Could you have a task running in background >>>>>>> and removing conntrack related kernel module ? >>>>>>> >>>>>>> BR, >>>>>>> >>>>>>>> >>>>>>>> Thanks >>>>>>>> Best Regards, >>>>>>>> Muhammad Faisal >>>>>>>> >>>>>>>> Disclaimer: >>>>>>>> Information in this e-mail and attachments is confidential and may be >>>>>>>> legally privileged. Only intended recipients are authorized to use >>>>>>>> it. >>>>>>>> If you have received this message in error, please delete it and all >>>>>>>> copies of the message from your system and notify the sender >>>>>>>> immediately by return e-mail. I'm neither liable for incomplete >>>>>>>> transmission of the information in this communication nor for damage >>>>>>>> caused by any virus transmitted through this e-mail. >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> On Mon, Mar 13, 2017 at 8:38 PM, Muhammad Faisal <faisalusuf@xxxxxxxx >>>>>>>> m> wrote: >>>>>>>> > Hello, >>>>>>>> > We have setup nat server with src-nat event logging using ulogd2. >>>>>>>> > After running for couple of day all of sudden the ulogd2 messages >>>>>>>> > stopped. There was nothing related to connection events. >>>>>>>> > >>>>>>>> > When i run conntrack -L command and then conntrack -E command the >>>>>>>> > logs >>>>>>>> > starts appearing. >>>>>>>> > >>>>>>>> > Please help me out i did not find any clue why this is happening. >>>>>>>> > >>>>>>>> > Cent OS 6 >>>>>>>> > Conntrack v1.4 >>>>>>>> > >>>>>>>> > [root@wc01 ~]# ulogd -V >>>>>>>> > ulogd Version 2.0.5 >>>>>>>> > >>>>>>>> > Installed Packages >>>>>>>> > Name : libnet >>>>>>>> > Arch : x86_64 >>>>>>>> > Version : 1.1.6 >>>>>>>> > Release : 7.el6 >>>>>>>> > Size : 141 k >>>>>>>> > Repo : installed >>>>>>>> > From repo : epel >>>>>>>> > >>>>>>>> > Available Packages >>>>>>>> > Name : libnet >>>>>>>> > Arch : i686 >>>>>>>> > Version : 1.1.6 >>>>>>>> > Release : 7.el6 >>>>>>>> > Size : 59 k >>>>>>>> > Repo : epel >>>>>>>> > >>>>>>>> > Name : libnet-devel >>>>>>>> > Arch : i686 >>>>>>>> > Version : 1.1.6 >>>>>>>> > Release : 7.el6 >>>>>>>> > Size : 181 k >>>>>>>> > Repo : epel >>>>>>>> > >>>>>>>> > Name : libnet-devel >>>>>>>> > Arch : x86_64 >>>>>>>> > Version : 1.1.6 >>>>>>>> > Release : 7.el6 >>>>>>>> > Size : 181 k >>>>>>>> > Repo : epel >>>>>>>> > >>>>>>>> > Name : libnet10 >>>>>>>> > Arch : i686 >>>>>>>> > Version : 1.0.2a >>>>>>>> > Release : 18.el6 >>>>>>>> > Size : 39 k >>>>>>>> > Repo : epel >>>>>>>> > >>>>>>>> > Name : libnet10 >>>>>>>> > Arch : x86_64 >>>>>>>> > Version : 1.0.2a >>>>>>>> > Release : 18.el6 >>>>>>>> > Size : 37 k >>>>>>>> > Repo : epel >>>>>>>> > >>>>>>>> > Name : libnet10-devel >>>>>>>> > Arch : i686 >>>>>>>> > Version : 1.0.2a >>>>>>>> > Release : 18.el6 >>>>>>>> > Size : 21 k >>>>>>>> > Repo : epel >>>>>>>> > >>>>>>>> > Name : libnet10-devel >>>>>>>> > Arch : x86_64 >>>>>>>> > Version : 1.0.2a >>>>>>>> > Release : 18.el6 >>>>>>>> > Size : 21 k >>>>>>>> > Repo : epel >>>>>>>> > >>>>>>>> > Name : libnetfilter_acct >>>>>>>> > Arch : i686 >>>>>>>> > Version : 1.0.2 >>>>>>>> > Release : 1.el6 >>>>>>>> > Size : 18 k >>>>>>>> > Repo : epel >>>>>>>> > >>>>>>>> > Name : libnetfilter_acct >>>>>>>> > Arch : x86_64 >>>>>>>> > Version : 1.0.2 >>>>>>>> > Release : 1.el6 >>>>>>>> > Size : 18 k >>>>>>>> > Repo : epel >>>>>>>> > >>>>>>>> > Name : libnetfilter_acct-devel >>>>>>>> > Arch : i686 >>>>>>>> > Version : 1.0.2 >>>>>>>> > Release : 1.el6 >>>>>>>> > Size : 22 k >>>>>>>> > Repo : epel >>>>>>>> > >>>>>>>> > Name : libnetfilter_acct-devel >>>>>>>> > Arch : x86_64 >>>>>>>> > Version : 1.0.2 >>>>>>>> > Release : 1.el6 >>>>>>>> > Size : 22 k >>>>>>>> > Repo : epel >>>>>>>> > >>>>>>>> > Name : libnetfilter_conntrack >>>>>>>> > Arch : i686 >>>>>>>> > Version : 0.0.100 >>>>>>>> > Release : 2.el6 >>>>>>>> > Size : 39 k >>>>>>>> > Repo : base >>>>>>>> > >>>>>>>> > Name : libnetfilter_conntrack >>>>>>>> > Arch : x86_64 >>>>>>>> > Version : 0.0.100 >>>>>>>> > Release : 2.el6 >>>>>>>> > Size : 38 k >>>>>>>> > Repo : base >>>>>>>> > >>>>>>>> > Name : libnetfilter_conntrack-devel >>>>>>>> > Arch : i686 >>>>>>>> > Version : 0.0.100 >>>>>>>> > Release : 2.el6 >>>>>>>> > Size : 14 k >>>>>>>> > Repo : base >>>>>>>> > >>>>>>>> > >>>>>>>> > Name : libnetfilter_conntrack-devel >>>>>>>> > Arch : x86_64 >>>>>>>> > Version : 0.0.100 >>>>>>>> > Release : 2.el6 >>>>>>>> > Size : 14 k >>>>>>>> > Repo : base >>>>>>>> > >>>>>>>> > >>>>>>>> > Name : libnetfilter_cthelper >>>>>>>> > Arch : i686 >>>>>>>> > Version : 1.0.0 >>>>>>>> > Release : 3.el6 >>>>>>>> > Size : 17 k >>>>>>>> > Repo : epel >>>>>>>> > >>>>>>>> > Name : libnetfilter_cthelper >>>>>>>> > Arch : x86_64 >>>>>>>> > Version : 1.0.0 >>>>>>>> > Release : 3.el6 >>>>>>>> > Size : 16 k >>>>>>>> > Repo : epel >>>>>>>> > >>>>>>>> > >>>>>>>> > Name : libnetfilter_cthelper-devel >>>>>>>> > Arch : i686 >>>>>>>> > Version : 1.0.0 >>>>>>>> > Release : 3.el6 >>>>>>>> > Size : 14 k >>>>>>>> > Repo : epel >>>>>>>> > >>>>>>>> > Name : libnetfilter_cthelper-devel >>>>>>>> > Arch : x86_64 >>>>>>>> > Version : 1.0.0 >>>>>>>> > Release : 3.el6 >>>>>>>> > Size : 14 k >>>>>>>> > Repo : epel >>>>>>>> > >>>>>>>> > >>>>>>>> > Name : libnetfilter_log >>>>>>>> > Arch : i686 >>>>>>>> > Version : 1.0.1 >>>>>>>> > Release : 7.el6 >>>>>>>> > Size : 21 k >>>>>>>> > Repo : epel >>>>>>>> > >>>>>>>> > Name : libnetfilter_log >>>>>>>> > Arch : x86_64 >>>>>>>> > Version : 1.0.1 >>>>>>>> > Release : 7.el6 >>>>>>>> > Size : 21 k >>>>>>>> > Repo : epel >>>>>>>> > >>>>>>>> > Name : libnetfilter_log-devel >>>>>>>> > Arch : i686 >>>>>>>> > Version : 1.0.1 >>>>>>>> > Release : 7.el6 >>>>>>>> > Size : 8.9 k >>>>>>>> > Repo : epel >>>>>>>> > >>>>>>>> > Name : libnetfilter_log-devel >>>>>>>> > Arch : x86_64 >>>>>>>> > Version : 1.0.1 >>>>>>>> > Release : 7.el6 >>>>>>>> > Size : 8.9 k >>>>>>>> > Repo : epel >>>>>>>> > >>>>>>>> > >>>>>>>> > Name : libnetfilter_queue >>>>>>>> > Arch : i686 >>>>>>>> > Version : 1.0.1 >>>>>>>> > Release : 3.el6 >>>>>>>> > Size : 18 k >>>>>>>> > Repo : base >>>>>>>> > >>>>>>>> > Name : libnetfilter_queue >>>>>>>> > Arch : x86_64 >>>>>>>> > Version : 1.0.1 >>>>>>>> > Release : 3.el6 >>>>>>>> > Size : 18 k >>>>>>>> > Repo : base >>>>>>>> > >>>>>>>> > Name : libnetfilter_queue-devel >>>>>>>> > Arch : i686 >>>>>>>> > Version : 1.0.1 >>>>>>>> > Release : 3.el6 >>>>>>>> > Size : 8.4 k >>>>>>>> > Repo : base >>>>>>>> > >>>>>>>> > Name : libnetfilter_queue-devel >>>>>>>> > Arch : x86_64 >>>>>>>> > Version : 1.0.1 >>>>>>>> > Release : 3.el6 >>>>>>>> > Size : 8.4 k >>>>>>>> > Repo : base >>>>>>>> > Best Regards, >>>>>>>> > Muhammad Faisal >>>>>>>> > >>>>>>>> > Disclaimer: >>>>>>>> > Information in this e-mail and attachments is confidential and may >>>>>>>> > be >>>>>>>> > legally privileged. Only intended recipients are authorized to use >>>>>>>> > it. >>>>>>>> > If you have received this message in error, please delete it and >>>>>>>> > all >>>>>>>> > copies of the message from your system and notify the sender >>>>>>>> > immediately by return e-mail. I'm neither liable for incomplete >>>>>>>> > transmission of the information in this communication nor for >>>>>>>> > damage >>>>>>>> > caused by any virus transmitted through this e-mail. >>>>>>>> >>>>>>>> -- >>>>>>>> To unsubscribe from this list: send the line "unsubscribe netfilter" >>>>>>>> in >>>>>>>> the body of a message to majordomo@xxxxxxxxxxxxxxx >>>>>>>> More majordomo info at http://vger.kernel.org/majordomo-info.html >>>>>>> -- >>>>>>> Eric Leblond <eric@xxxxxxxxx> >>>> -- >>>> To unsubscribe from this list: send the line "unsubscribe netfilter" in >>>> the body of a message to majordomo@xxxxxxxxxxxxxxx >>>> More majordomo info at http://vger.kernel.org/majordomo-info.html -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
