kernel-packages team mailing list archive
-
kernel-packages team
-
Mailing list archive
-
Message #166818
[Bug 1556419] Re: nf_conntrack: automatic helper assignment is deprecated
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=a9006892643a8f4e885b692de0708bcb35a7d530
netfilter: nf_ct_helper: allow to disable automatic helper assignment
This patch allows you to disable automatic conntrack helper lookup based
on TCP/UDP ports, eg. echo 0 >
/proc/sys/net/netfilter/nf_conntrack_helper [ Note: flows that already
got a helper will keep using it even if automatic helper assignment has
been disabled ] Once this behaviour has been disabled, you have to
explicitly use the iptables CT target to attach helper to flows. There
are good reasons to stop supporting automatic helper assignment, for
further information, please read:
http://www.netfilter.org/news.html#2012-04-03 This patch also adds one
message to inform that automatic helper assignment is deprecated and it
will be removed soon (this is spotted only once, with the first flow
that gets a helper attached to make it as less annoying as possible).
https://home.regit.org/netfilter-en/secure-use-of-helpers/
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1556419
Title:
nf_conntrack: automatic helper assignment is deprecated
Status in iptables package in Ubuntu:
New
Status in linux package in Ubuntu:
Confirmed
Bug description:
Get this logged into journalctl (since a moment):
kernel: nf_conntrack: automatic helper assignment is deprecated and
it will be removed soon. Use the iptables CT target to attach helpers
instead.
ProblemType: Bug
DistroRelease: Ubuntu 16.04
Package: linux-image-4.4.0-13-generic 4.4.0-13.29
ProcVersionSignature: Ubuntu 4.4.0-13.29-generic 4.4.5
Uname: Linux 4.4.0-13-generic x86_64
NonfreeKernelModules: nvidia_uvm nvidia_modeset nvidia
ApportVersion: 2.20-0ubuntu3
Architecture: amd64
AudioDevicesInUse:
USER PID ACCESS COMMAND
/dev/snd/controlC1: oem 1942 F.... pulseaudio
/dev/snd/pcmC0D0p: oem 1942 F...m pulseaudio
/dev/snd/controlC0: oem 1942 F.... pulseaudio
CurrentDesktop: GNOME
Date: Sat Mar 12 14:52:09 2016
HibernationDevice: RESUME=UUID=0a9ca7f0-6eeb-4b21-b70f-670fa600de16
IwConfig:
eth0 no wireless extensions.
eth1 no wireless extensions.
lo no wireless extensions.
Lsusb:
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 003 Device 002: ID 046d:c062 Logitech, Inc. M-UAS144 [LS1 Laser Mouse]
Bus 003 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 002 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
MachineType: ASUSTEK COMPUTER INC P5W DH Deluxe
ProcFB:
ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-4.4.0-13-generic root=UUID=7c755ed6-51cc-4b75-88ac-9c75acf82749 ro
RelatedPackageVersions:
linux-restricted-modules-4.4.0-13-generic N/A
linux-backports-modules-4.4.0-13-generic N/A
linux-firmware 1.156
RfKill:
SourcePackage: linux
UpgradeStatus: No upgrade log present (probably fresh install)
dmi.bios.date: 07/22/2010
dmi.bios.vendor: American Megatrends Inc.
dmi.bios.version: 3002
dmi.board.asset.tag: To Be Filled By O.E.M.
dmi.board.name: P5W DH Deluxe
dmi.board.vendor: ASUSTeK Computer INC.
dmi.board.version: Rev 1.xx
dmi.chassis.asset.tag: Asset-1234567890
dmi.chassis.type: 3
dmi.chassis.vendor: Chassis Manufacture
dmi.chassis.version: Chassis Version
dmi.modalias: dmi:bvnAmericanMegatrendsInc.:bvr3002:bd07/22/2010:svnASUSTEKCOMPUTERINC:pnP5WDHDeluxe:pvrSystemVersion:rvnASUSTeKComputerINC.:rnP5WDHDeluxe:rvrRev1.xx:cvnChassisManufacture:ct3:cvrChassisVersion:
dmi.product.name: P5W DH Deluxe
dmi.product.version: System Version
dmi.sys.vendor: ASUSTEK COMPUTER INC
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/iptables/+bug/1556419/+subscriptions
References
