Page MenuHomePhabricator

FTP connection tracking slightly broken
Closed, ResolvedPublicBUG

Description

I upgraded a system from 1.1.8 to 1.2.0-rc7 and ftp connection tracking stopped working. The problem is easy enough to work around by running the following command anytime the router reboots:

echo 1 > /proc/sys/net/netfilter/nf_conntrack_helper

However, this might be something to warn about?

Details

Difficulty level
Unknown (require assessment)
Version
1.2.0-rc7
Why the issue appeared?
Will be filled on close
bmtauer created this task.Wed, Nov 14, 3:51 PM
syncer triaged this task as Normal priority.
syncer assigned this task to dmbaturin.
dmbaturin closed this task as Resolved.Sun, Nov 18, 2:46 PM

Unfortunately this is still not enabled in 1.2.0-rc8.

My guess at the problem is maybe the nf_conntrack_helper module is being loaded after the sysctl.d settings have already been applied? I found a workaround by adding the following to /config/scripts/vyatta-postconfig-bootup.script

Enable conntrack helper

modprobe nfnetlink_cthelper
echo 1 > /proc/sys/net/netfilter/nf_conntrack_helper