Page MenuHomeVyOS Platform

FTP connection tracking slightly broken
Closed, ResolvedPublicBUG


I upgraded a system from 1.1.8 to 1.2.0-rc7 and ftp connection tracking stopped working. The problem is easy enough to work around by running the following command anytime the router reboots:

echo 1 > /proc/sys/net/netfilter/nf_conntrack_helper

However, this might be something to warn about?


Difficulty level
Unknown (require assessment)
Why the issue appeared?
Will be filled on close

Event Timeline

bmtauer created this task.Nov 14 2018, 3:51 PM
syncer assigned this task to dmbaturin.Nov 15 2018, 12:53 AM
syncer triaged this task as Normal priority.
syncer edited projects, added VyOS 1.2 Crux (VyOS 1.2.0-rc8); removed VyOS 1.2 Crux.
dmbaturin closed this task as Resolved.Nov 18 2018, 2:46 PM

Unfortunately this is still not enabled in 1.2.0-rc8.

My guess at the problem is maybe the nf_conntrack_helper module is being loaded after the sysctl.d settings have already been applied? I found a workaround by adding the following to /config/scripts/vyatta-postconfig-bootup.script

Enable conntrack helper

modprobe nfnetlink_cthelper
echo 1 > /proc/sys/net/netfilter/nf_conntrack_helper

pasik added a subscriber: pasik.Nov 20 2018, 8:20 AM