search

Chion82 / netfilter-full-cone-nat

A kernel module to turn MASQUERADE into full cone SNAT
GNU General Public License v2.0
427 stars 121 forks source link

Warning: failed to register a conntrack notifier #14

Closed love4taylor closed 6 years ago

love4taylor commented 6 years ago 
xt_FULLCONENAT: warning: failed to register a conntrack notifier. Disable active GC for mappings.

设备是: LEDE, Kernel 4.14.42, NF_CONNTRACK_EVENTS 已开. 即使是 Kernel 4.16.0-1 的 Debian x86 上也是有这个警告. 是否可以无视?

Chion82 commented 6 years ago 
rmmod nf_conntrack_netlink

检查有什么程序依赖 nf_conntrack_netlink 这个模块,比如经常调用 conntrack 命令的程序。 目前 xt_FULLCONENAT 无法与 nf_conntrack_netlink 完美共存,报这个警告的时候虽然不影响正常表现,但是会影响些许性能和内存占用。

LGA1150 commented 6 years ago

为此高通 SFE fastpath 给内核打了补丁以支持多个注册回调 https://github.com/nitroshift/mvebu-fastpath/blob/master/952-net-conntrack-events-support-multiple-registrant.patch 这也是 https://github.com/Chion82/netfilter-full-cone-nat/commit/d36ea63af6100e85ea144c6810391d242dbd4ca2 修复的问题

ghost commented 5 years ago

@Chion82 dnsmasq-full通过libnetfilter-contrack间接依赖于kmod-nf-contrack-netlink

BirkhoffLee commented 5 years ago

請問如果是編譯 x86_64 OpenWrt 的話,這個 patch 要怎麼打?