search

svinota / pyroute2

Python Netlink and PF_ROUTE library — network configuration and monitoring
https://pyroute2.org/
Other
960 stars 248 forks source link

Deleting issue in Conntrack #915

Open ohashemzadeh opened 2 years ago

ohashemzadeh commented 2 years ago

Hello. I get error while trying to delete entry in Conntrack.

from pr2modules.conntrack import Conntrack
from pr2modules.conntrack import ConntrackEntry
from pr2modules.netlink.nfnetlink.nfctsocket import NFCTAttrTuple

entry = {"daddr": "192.168.122.67", "saddr": "192.168.122.1", "sport": 34857, "dport": 5599,  "proto": 6}
ct = Conntrack()
entry: NFCTAttrTuple = NFCTAttrTuple(**nfcattrtuple_kwargs)
ct.delete(entry=entry)

I also tried

ct = Conntrack()
ct.entry('del', tuple_orig=NFCTAttrTuple(saddr='192.168.122.1', daddr='192.168.122.67',proto=6, sport=34857, dport=5599))

and

ct = Conntrack()
ct_dumped_entries = conntrack.dump_entries(tuple_orig=NFCTAttrTuple())
ct_entries = list(conntrack_dumped_entries)
some_entry = ct_entries[0]
ct.delete(entry=some_entry)

Here is full stack trace:

 File "/root/myprojects/myproject01/policy/models/conntrack.py", line 70, in delete_by_nfcattrtuple
    conntrack.delete(entry=entry)
  File "/root/myprojects/myproject01/.venv/lib/python3.8/site-packages/pr2modules/conntrack.py", line 172, in delete
    for ndmsg in self.entry('del', tuple_orig=tuple_orig):
  File "/root/myprojects/myproject01/.venv/lib/python3.8/site-packages/pr2modules/conntrack.py", line 176, in entry
    for res in super(Conntrack, self).entry(cmd, **kwargs):
  File "/root/myprojects/myproject01/.venv/lib/python3.8/site-packages/pr2modules/netlink/nlsocket.py", line 908, in nlm_request
    for msg in self.get(
  File "/root/myprojects/myproject01/.venv/lib/python3.8/site-packages/pr2modules/netlink/nlsocket.py", line 734, in get
    raise msg['header']['error']
pr2modules.netlink.exceptions.NetlinkError: (2, 'No such file or directory')
svinota commented 2 years ago

family is important:

nt = NFCTAttrTuple(
    saddr="192.168.122.1",
    daddr="192.168.122.67",
    sport=44056,
    dport=443,
    family=AF_INET,
    proto=IPPROTO_TCP
)
ct.delete(nt)
svinota commented 2 years ago

But it looks that there's another bug — the entry gets deleted, but the response is not as expected, so there is an exception.

To be fixed asap.