[pkg-netfilter-team] Bug#896716: Confirmed
Jeremy Sowden
jeremy at azazel.net
Tue Dec 20 14:46:34 GMT 2022
Control: tag -1 confirmed
I don't have a MIPS environment to hand, but I do have a Stretch s390x
VM, so on the assumption that this is an endianness bug, I tried to
replicate it there -- successfully. I manually added and removed an
ICMP flow with conntrack:
azazel at debian-s390x:~$ sudo conntrack -I --src 192.168.122.123 --dst 192.168.96.1 --protonum icmp --timeout 120 --icmp-type 8 --icmp-code 0
conntrack v1.4.4 (conntrack-tools): 1 flow entries have been created.
azazel at debian-s390x:~$ sudo conntrack -D
icmp 1 118 src=0.0.0.0 dst=0.0.0.0 type=0 code=0 id=0 [UNREPLIED] src=0.0.0.0 dst=0.0.0.0 type=0 code=0 id=0 mark=0 use=1
conntrack v1.4.4 (conntrack-tools): 1 flow entries have been deleted.
and the test programme output the following:
azazel at debian-s390x:~/tmp$ sudo ./ct_filter
[UPDATE] icmp 1 120 src=0.0.0.0 dst=0.0.0.0 type=0 code=0 id=0 [UNREPLIED] src=0.0.0.0 dst=0.0.0.0 type=0 code=0 id=0 mark=0
[DESTROY] icmp 1 src=0.0.0.0 dst=0.0.0.0 type=0 code=0 id=0 [UNREPLIED] src=0.0.0.0 dst=0.0.0.0 type=0 code=0 id=0
By contrast, nothing was output when doing the same on an amd64 host.
J.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-netfilter-team/attachments/20221220/2f3cb5fa/attachment.sig>
More information about the pkg-netfilter-team
mailing list