ct helper ipv6

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi
When I try to use CT HELPER for the ipv6, nft it dies and I have to
restart the pc. But it works well for ip and inet.

nft add ct helper ip6 filter ftp-std { type \"ftp\" protocol tcp\; }
nft add rule ip6 filter WAN-IN iifname $IF_WAN_1 tcp sport $UP_PORTS
tcp dport $UP_PORTS ct helper set \"ftp-std\" counter accept

Kernel: RIP: strlen+0x0/0x20 RSP: ffffae1b4c67f980
kernel: Code: f8 48 89 f9 74 09 48 83 c1 01 80 39 00 75 f7 31 d2 44 0f
b6 04 16 44 88 04 11 48 83 c2 01 45 84 c0 75 ee c3 0f 1f 80 00 00 00 00
<80> 3f 00 74 10 48 89 f8 48 >
kernel:  ? entry_SYSCALL_64_after_hwframe+0x3d/0xa2
kernel:  do_syscall_64+0x74/0x180
kernel:  ? __sys_recvmsg+0x4e/0x90
kernel:  SYSC_sendto+0xe9/0x150
kernel:  sock_sendmsg+0x36/0x40
kernel:  netlink_sendmsg+0x1ff/0x3c0
kernel:  netlink_unicast+0x19e/0x260
kernel:  ? __netlink_lookup+0xd0/0x130
kernel:  ? __alloc_skb+0x82/0x1e0
kernel:  ? _cond_resched+0x15/0x30
kernel:  ? netlink_recvmsg+0x35b/0x420
kernel:  nfnetlink_rcv+0x72/0x778 [nfnetlink]
kernel:  netlink_rcv_skb+0x4c/0x120
kernel:  ? nfnetlink_net_exit_batch+0x60/0x60 [nfnetlink]
kernel:  nfnetlink_rcv_msg+0x222/0x260 [nfnetlink]
kernel:  ? nf_tables_dump_flowtable_done+0x30/0x30 [nf_tables]
kernel:  ? nf_tables_getobj+0x280/0x280 [nf_tables]
kernel:  ? validate_nla+0x11a/0x200
kernel:  nf_tables_getobj+0xed/0x280 [nf_tables]
kernel:  __netlink_dump_start+0x164/0x1d0
kernel:  netlink_dump+0x11c/0x2b0
kernel:  nf_tables_dump_obj+0x176/0x200 [nf_tables]
kernel:  nf_tables_fill_obj_info+0x18a/0x230 [nf_tables]
kernel:  nft_ct_helper_obj_dump+0x33/0xe0 [nft_ct]
kernel: Call Trace:
kernel: DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7:
0000000000000400
kernel: DR0: 0000000000000000 DR1: 0000000000000000 DR2:
0000000000000000
kernel: CR2: 0000000000000010 CR3: 000000030a6ee001 CR4:
00000000003606e0
kernel: CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
kernel: FS:  00007f9323f3f740(0000) GS:ffff9d11af300000(0000)
knlGS:0000000000000000
kernel: R13: ffff9d0f80ce003c R14: 0000000000000000 R15:
ffffffff9a313600
kernel: R10: ffff9d0fbb2f9380 R11: ffff9d10c4746bc0 R12:
ffff9d1198e78d00
kernel: RBP: ffff9d1158ee6840 R08: 0000000000000004 R09:
ffff9d0f80ce0040
kernel: RDX: 0000000000000000 RSI: ffff9d1158ee6840 RDI:
0000000000000010
kernel: RAX: 0000000000000000 RBX: 0000000000000010 RCX:
0000000000000000
kernel: RSP: 0018:ffffae1b4c67f980 EFLAGS: 00010246
kernel: RIP: 0010:strlen+0x0/0x20

nftable ver. 0.9.0 and 0.8.5 Kenerl ver.  4.16.13-300.fc28.x86_64,
4.14.xxx
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux