hi
i would like to use conntrack_tools on my centos server. i use the rpms from centalt but when i launch
conntrack -C I got conntrack v0.9.13 (conntrack-tools): Can't open /proc/sys/net/netfilter/nf_conntrack_count
Does someone already succeed in using it?
Thanks in advance for any answer
Eric Doutreleau wrote:
hi
i would like to use conntrack_tools on my centos server. i use the rpms from centalt but when i launch
conntrack -C I got conntrack v0.9.13 (conntrack-tools): Can't open /proc/sys/net/netfilter/nf_conntrack_count
Does someone already succeed in using it?
Thanks in advance for any answer
5 minutes of google-ing gave me answer:
You need to also install 'libnetfilter_conntrack" rpm, at least it looks like it.
Visit http://centos.alt.ru/pub/conntrack-tools/ and download appropriate rpm's, or download from RPMForge, but alt.ru version looks newer.
Ljubomir
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
On Tue, Apr 26, 2011 at 11:35:29PM +0200, Ljubomir Ljubojevic wrote:
Visit http://centos.alt.ru/pub/conntrack-tools/ and download appropriate rpm's, or download from RPMForge, but alt.ru version looks newer.
A quick note to the rpmforge-suggest mailing list is generally all it takes to get a version bump for existing packages.
John
well i have already installed these packages. i was wondering what is creating these files on the /proc filesystems?
Le 26/04/2011 23:35, Ljubomir Ljubojevic a écrit :
Eric Doutreleau wrote:
hi
i would like to use conntrack_tools on my centos server. i use the rpms from centalt but when i launch
conntrack -C I got conntrack v0.9.13 (conntrack-tools): Can't open /proc/sys/net/netfilter/nf_conntrack_count
Does someone already succeed in using it?
Thanks in advance for any answer
5 minutes of google-ing gave me answer:
You need to also install 'libnetfilter_conntrack" rpm, at least it looks like it.
Visit http://centos.alt.ru/pub/conntrack-tools/ and download appropriate rpm's, or download from RPMForge, but alt.ru version looks newer.
Ljubomir
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
On Wed, Apr 27, 2011 at 09:03:01AM +0200, Eric Doutreleau wrote:
well i have already installed these packages. i was wondering what is creating these files on the /proc filesystems?
Out of curiousity what does "uname -a" return on that system? If you could paste the _full_ output here it would be helpful. Thanks.
John
thanks for your interest
here is the output
Linux patan.int-evry.fr 2.6.18-238.5.1.el5 #1 SMP Fri Apr 1 18:42:32 EDT 2011 i686 i686 i386 GNU/Linux
Le 27/04/2011 09:12, John R. Dennison a écrit :
On Wed, Apr 27, 2011 at 09:03:01AM +0200, Eric Doutreleau wrote:
well i have already installed these packages. i was wondering what is creating these files on the /proc filesystems?
Out of curiousity what does "uname -a" return on that system? If you could paste the _full_ output here it would be helpful. Thanks.
John
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
On Wed, Apr 27, 2011 at 09:20:38AM +0200, Eric Doutreleau wrote:
Linux patan.int-evry.fr 2.6.18-238.5.1.el5 #1 SMP Fri Apr 1 18:42:32 EDT 2011 i686 i686 i386 GNU/Linux
Thanks. I was curious if this might be a case of a kernel without the necessary support such as an OpenVZ kernel. That doesn't seem to be the case here. See my last response for what I believe to be the cause of the issue you are having.
John
yes indeed i look through the sources and the path is hardcoded it s really strange some packages for centos are built but obviously don't work.
Le 27/04/2011 11:15, John R. Dennison a écrit :
On Wed, Apr 27, 2011 at 09:20:38AM +0200, Eric Doutreleau wrote:
Linux patan.int-evry.fr 2.6.18-238.5.1.el5 #1 SMP Fri Apr 1 18:42:32 EDT 2011 i686 i686 i386 GNU/Linux
Thanks. I was curious if this might be a case of a kernel without the necessary support such as an OpenVZ kernel. That doesn't seem to be the case here. See my last response for what I believe to be the cause of the issue you are having.
John
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
On Wednesday, April 27, 2011 11:32:08 AM Eric Doutreleau wrote:
yes indeed i look through the sources and the path is hardcoded it s really strange some packages for centos are built but obviously don't work.
You may want to take this up with the centalt people since it seems to be a problem with their package not with CentOS.
/Peter
On Wed, Apr 27, 2011 at 11:32:08AM +0200, Eric Doutreleau wrote:
yes indeed i look through the sources and the path is hardcoded it s really strange some packages for centos are built but obviously don't work.
I am by no means an expert on connection tracking, but poking through the sources from alt.ru I don't get the impression that the package as supplied works at all. It's possible I am doing things incorrectly, however.
I am seeing segfaults with conntrackd and my earlier thought that it was just a /proc path issue may not be fully correct as it's looking for "nf_conntrack_count" and not "ip_conntrack_count" which is what is present on the boxes I've looked at.
Just for reference: I rebuilt libnetfilter_conntrack, along with conntrack_tools, both from alt.ru, so there was no version mismatch.
If you ever get this working drop me a line; I'd be curious to know whether the package is indeed not working or I'm just doing something brain-dead.
John
John R. Dennison wrote:
On Wed, Apr 27, 2011 at 11:32:08AM +0200, Eric Doutreleau wrote:
yes indeed i look through the sources and the path is hardcoded it s really strange some packages for centos are built but obviously don't work.
I am by no means an expert on connection tracking, but poking through the sources from alt.ru I don't get the impression that the package as supplied works at all. It's possible I am doing things incorrectly, however.
I am seeing segfaults with conntrackd and my earlier thought that it was just a /proc path issue may not be fully correct as it's looking for "nf_conntrack_count" and not "ip_conntrack_count" which is what is present on the boxes I've looked at.
Just for reference: I rebuilt libnetfilter_conntrack, along with conntrack_tools, both from alt.ru, so there was no version mismatch.
If you ever get this working drop me a line; I'd be curious to know whether the package is indeed not working or I'm just doing something brain-dead.
Has anybody tried to use RPMForge package?
Ljubomir
John
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
On Wed, Apr 27, 2011 at 12:38:22PM +0200, Ljubomir Ljubojevic wrote:
Has anybody tried to use RPMForge package?
I don't see a conntrack-tools in rpmforge, nor in epel for that matter; rpmforge has libnetfilter_conntrack but it's too low of a version to use with the alt.ru conntract_tools package.
John
On Wed, Apr 27, 2011 at 09:03:01AM +0200, Eric Doutreleau wrote:
well i have already installed these packages. i was wondering what is creating these files on the /proc filesystems?
The conntrack* modules create those virtual files.
The conntrack_tools package is looking at the wrong directory it seems; I believe it should be looking at /proc/sys/net/ipv4/netfilter.
John
-
Eric Doutreleau -
John R. Dennison -
Ljubomir Ljubojevic -
Peter Kjellström