Page MenuHomePhabricator

FTP connection tracking slightly broken
Closed, ResolvedPublicBUG


I upgraded a system from 1.1.8 to 1.2.0-rc7 and ftp connection tracking stopped working. The problem is easy enough to work around by running the following command anytime the router reboots:

echo 1 > /proc/sys/net/netfilter/nf_conntrack_helper

However, this might be something to warn about?


Difficulty level
Unknown (require assessment)
Why the issue appeared?
Will be filled on close
bmtauer created this task.Nov 14 2018, 3:51 PM
syncer triaged this task as Normal priority.
syncer assigned this task to dmbaturin.
dmbaturin closed this task as Resolved.Nov 18 2018, 2:46 PM

Unfortunately this is still not enabled in 1.2.0-rc8.

My guess at the problem is maybe the nf_conntrack_helper module is being loaded after the sysctl.d settings have already been applied? I found a workaround by adding the following to /config/scripts/vyatta-postconfig-bootup.script

Enable conntrack helper

modprobe nfnetlink_cthelper
echo 1 > /proc/sys/net/netfilter/nf_conntrack_helper

pasik added a subscriber: pasik.Nov 20 2018, 8:20 AM