[Netkit.users] Connection tracking in netkit
Massimo Rimondini
rimondin at dia.uniroma3.it
Wed Mar 24 12:50:13 CET 2010
Dear Marco,
yes, you are right: I can see this happening on a small sample lab.
The conntrack table is apparently empty, even though the network
operation is correct and confirms that something is expected to be
observed in the table. /proc/sys/net/netfilter/nf_conntrack_count also
reads 0.
Looks as if you have come across what resembles a kernel bug, although I
could not find any other traces of users signaling a similar issue.
Things being such, I'm afraid the most concrete suggestion to circumvent
the problem would be to compile a different kernel. Instructions are
provided in the kernel README file, which is also available here:
http://wiki.netkit.org/download/netkit-kernel/README.
Sorry for this annoying inconvenience.
Regards,
Massimo.
Marco wrote:
> Hi,
>
> I've noticed that support for netfilter connection tracking in the netkit
> kernel 2.6.26.5-netkit-K2.8 seems to be incomplete (for lack of a better
> term). What I mean is that of all the connections going on on the virtual
> machine, only some are shown in /proc/net/nf_conntrack; in particular, ICMP
> connections are never shown (whereas they do show up in other normal Linux
> systems I tried).
> Ii seems all the relevant options (nf_conntrack, nf_conntrack_ipv4) are
> compiled in the kernel. However, I can observe the above behavior
> consistently. I'm not sure where to look next. I'm using the standard
> filesystem (netkit-fs-i386-F5.1).
>
>
> Thank you
> Marco
> _______________________________________________
> Netkit.users mailing list
> Netkit.users a list.dia.uniroma3.it
> http://list.dia.uniroma3.it/mailman/listinfo/netkit.users
>
>
More information about the Netkit.users
mailing list