Closed k0ste closed 5 years ago
I'm also check on my current kernel 4.17.13 - the same issue But previous version 1.2_2.3.0.1262.97099ff-1 works fine with this kernel.
[Sun Nov 18 07:53:52 2018] xt_ndpi: loading out-of-tree module taints kernel.
[Sun Nov 18 07:53:52 2018] xt_ndpi: Unknown symbol nf_ct_ext_add (err 0)
[Sun Nov 18 07:53:52 2018] xt_ndpi: Unknown symbol nf_ct_netns_get (err 0)
[Sun Nov 18 07:53:52 2018] xt_ndpi: Unknown symbol nf_ct_extend_unregister (err 0)
[Sun Nov 18 07:53:52 2018] xt_ndpi: Unknown symbol nf_ct_l3proto_module_put (err 0)
[Sun Nov 18 07:53:52 2018] xt_ndpi: Unknown symbol nf_ct_iterate_cleanup_net (err 0)
[Sun Nov 18 07:53:52 2018] xt_ndpi: Unknown symbol nf_ct_extend_custom_register (err 0)
[Sun Nov 18 07:53:52 2018] xt_ndpi: Unknown symbol nf_ct_l3proto_try_module_get (err 0)
[Sun Nov 18 07:53:52 2018] xt_ndpi: Unknown symbol nf_ct_netns_put (err 0)
[Sun Nov 18 07:55:52 2018] xt_ndpi: Unknown symbol nf_ct_ext_add (err 0)
[Sun Nov 18 07:55:52 2018] xt_ndpi: Unknown symbol nf_ct_netns_get (err 0)
[Sun Nov 18 07:55:52 2018] xt_ndpi: Unknown symbol nf_ct_extend_unregister (err 0)
[Sun Nov 18 07:55:52 2018] xt_ndpi: Unknown symbol nf_ct_l3proto_module_put (err 0)
[Sun Nov 18 07:55:52 2018] xt_ndpi: Unknown symbol nf_ct_iterate_cleanup_net (err 0)
[Sun Nov 18 07:55:52 2018] xt_ndpi: Unknown symbol nf_ct_extend_custom_register (err 0)
[Sun Nov 18 07:55:52 2018] xt_ndpi: Unknown symbol nf_ct_l3proto_try_module_get (err 0)
[Sun Nov 18 07:55:52 2018] xt_ndpi: Unknown symbol nf_ct_netns_put (err 0)
[Sun Nov 18 08:00:42 2018] xt_ndpi v1.2 ndpi 2.3.0-1262-97099ff IPv6=YES debug_message=no
BT: hash_size 0k, hash_expiation 0 sec, log_size 128kb
sizeof hash_ip4p_node=44 id_struct=296 PATRICIA_MAXBITS=128
flow_struct=2016 packet_struct=1400
flow_tcp_struct=37 flow_udp_struct=26 int_one_line_struct=16
ndpi_ip_addr_t=16 ndpi_protocol=8 nf_ct_ext_ndpi=60
spinlock_t=4
NF_EXT_ID 9
[Sun Nov 18 08:00:42 2018] xt_ndpi MAX_PROTOCOLS 320 LAST_PROTOCOL 244
@k0ste I am trying to understand and reproduce the issue. On what OS are you building the module?
@elico GCC 8.2.1, vanilla kernel.
Same problem here, using Kernel 4.19.5 and GCC 8.2.1 With Kernel 4.18.14 its working. But I really need some features from 4.19.x
Building modules, stage 2. MODPOST 1 modules _WARNING: "nf_ct_l3proto_try_module_get" [/tmp/nDPI/ndpi-netfilter/src/xt_ndpi.ko] undefined! WARNING: "nf_ct_l3proto_module_put" [/tmp/nDPI/ndpi-netfilter/src/xt_ndpi.ko] undefined!_ CC /tmp/nDPI/ndpi-netfilter/src/xt_ndpi.mod.o LD [M] /tmp/nDPI/ndpi-netfilter/src/xt_ndpi.ko
In the 4.19 kernel, nf_conntrack has been significantly modified.
@vel21ripn due to nftables?
Code review. Several pointers to the functions of working with conntrack were packed into one structure, and also renamed some variables and functions.
I will try with kernel 4.19.8 (released today). And see what happens with the nf_ct_l3proto_try_module_get and nf_ct_l3proto_module_put.
Kernel changes these things in 4.19 (maybe in >= 4.18.15 )
Try to use commit 97f4744
Kernel 4.19.8
[root@linux01 tmp]# git clone https://github.com/vel21ripn/nDPI.git
Cloning into 'nDPI'...
remote: Enumerating objects: 11, done.
remote: Counting objects: 100% (11/11), done.
remote: Compressing objects: 100% (8/8), done.
remote: Total 10525 (delta 3), reused 9 (delta 3), pack-reused 10514
Receiving objects: 100% (10525/10525), 25.31 MiB | 748.00 KiB/s, done.
Resolving deltas: 100% (7115/7115), done.
[root@linux01 tmp]# cd nDPI/
[root@linux01 nDPI]# git checkout netfilter-2.2
Already on 'netfilter-2.2'
Your branch is up to date with 'origin/netfilter-2.2'.
[root@linux01 nDPI]# ./autogen.sh
autoreconf: Entering directory `.'
autoreconf: configure.ac: not using Gettext
autoreconf: running: aclocal --force -I m4
autoreconf: configure.ac: tracing
autoreconf: running: libtoolize --copy --force
libtoolize: putting auxiliary files in '.'.
libtoolize: copying file './ltmain.sh'
libtoolize: putting macros in AC_CONFIG_MACRO_DIRS, 'm4'.
libtoolize: copying file 'm4/libtool.m4'
libtoolize: copying file 'm4/ltoptions.m4'
libtoolize: copying file 'm4/ltsugar.m4'
libtoolize: copying file 'm4/ltversion.m4'
libtoolize: copying file 'm4/lt~obsolete.m4'
autoreconf: running: /usr/bin/autoconf --force
autoreconf: running: /usr/bin/autoheader --force
autoreconf: running: automake --add-missing --copy --force-missing
configure.ac:7: installing './compile'
configure.ac:7: installing './config.guess'
configure.ac:7: installing './config.sub'
configure.ac:5: installing './install-sh'
configure.ac:5: installing './missing'
example/Makefile.am: installing './depcomp'
parallel-tests: installing './test-driver'
autoreconf: Leaving directory `.'
checking for a BSD-compatible install... /usr/bin/install -c
checking whether build environment is sane... yes
checking for a thread-safe mkdir -p... /usr/bin/mkdir -p
checking for gawk... gawk
checking whether make sets $(MAKE)... yes
checking whether make supports nested variables... yes
checking build system type... x86_64-pc-linux-gnu
checking host system type... x86_64-pc-linux-gnu
checking how to print strings... printf
checking whether make supports the include directive... yes (GNU style)
checking for gcc... gcc
checking whether the C compiler works... yes
checking for C compiler default output file name... a.out
checking for suffix of executables...
checking whether we are cross compiling... no
checking for suffix of object files... o
checking whether we are using the GNU C compiler... yes
checking whether gcc accepts -g... yes
checking for gcc option to accept ISO C89... none needed
checking whether gcc understands -c and -o together... yes
checking dependency style of gcc... gcc3
checking for a sed that does not truncate output... /usr/bin/sed
checking for grep that handles long lines and -e... /usr/bin/grep
checking for egrep... /usr/bin/grep -E
checking for fgrep... /usr/bin/grep -F
checking for ld used by gcc... /usr/bin/ld
checking if the linker (/usr/bin/ld) is GNU ld... yes
checking for BSD- or MS-compatible name lister (nm)... /usr/bin/nm -B
checking the name lister (/usr/bin/nm -B) interface... BSD nm
checking whether ln -s works... yes
checking the maximum length of command line arguments... 1572864
checking how to convert x86_64-pc-linux-gnu file names to x86_64-pc-linux-gnu format... func_convert_file_noop
checking how to convert x86_64-pc-linux-gnu file names to toolchain format... func_convert_file_noop
checking for /usr/bin/ld option to reload object files... -r
checking for objdump... objdump
checking how to recognize dependent libraries... pass_all
checking for dlltool... no
checking how to associate runtime and link libraries... printf %s\n
checking for ar... ar
checking for archiver @FILE support... @
checking for strip... strip
checking for ranlib... ranlib
checking command to parse /usr/bin/nm -B output from gcc object... ok
checking for sysroot... no
checking for a working dd... /usr/bin/dd
checking how to truncate binary pipes... /usr/bin/dd bs=4096 count=1
checking for mt... no
checking if : is a manifest tool... no
checking how to run the C preprocessor... gcc -E
checking for ANSI C header files... yes
checking for sys/types.h... yes
checking for sys/stat.h... yes
checking for stdlib.h... yes
checking for string.h... yes
checking for memory.h... yes
checking for strings.h... yes
checking for inttypes.h... yes
checking for stdint.h... yes
checking for unistd.h... yes
checking for dlfcn.h... yes
checking for objdir... .libs
checking if gcc supports -fno-rtti -fno-exceptions... no
checking for gcc option to produce PIC... -fPIC -DPIC
checking if gcc PIC flag -fPIC -DPIC works... yes
checking if gcc static flag -static works... yes
checking if gcc supports -c -o file.o... yes
checking if gcc supports -c -o file.o... (cached) yes
checking whether the gcc linker (/usr/bin/ld -m elf_x86_64) supports shared libraries... yes
checking whether -lc should be explicitly linked in... no
checking dynamic linker characteristics... GNU/Linux ld.so
checking how to hardcode library paths into programs... immediate
checking whether stripping libraries is possible... yes
checking if libtool supports shared libraries... yes
checking whether to build shared libraries... yes
checking whether to build static libraries... yes
checking for gcc... (cached) gcc
checking whether we are using the GNU C compiler... (cached) yes
checking whether gcc accepts -g... (cached) yes
checking for gcc option to accept ISO C89... (cached) none needed
checking whether gcc understands -c and -o together... (cached) yes
checking dependency style of gcc... (cached) gcc3
checking whether gcc is Clang... no
checking whether pthreads work with -pthread... yes
checking for joinable pthread attribute... PTHREAD_CREATE_JOINABLE
checking whether more special flags are required for pthreads... no
checking for PTHREAD_PRIO_INHERIT... yes
checking netinet/in.h usability... yes
checking netinet/in.h presence... yes
checking for netinet/in.h... yes
checking for stdint.h... (cached) yes
checking for stdlib.h... (cached) yes
checking for string.h... (cached) yes
checking for unistd.h... (cached) yes
checking for numa_available in -lnuma... yes
which: no clang in (/usr/local/sbin:/usr/local/bin:/usr/bin:/usr/bin/site_perl:/usr/bin/vendor_perl:/usr/bin/core_perl)
checking for pcap_open_live in -lpcap... yes
checking for json_object_new_object in -ljson-c... yes
checking for pthread_setaffinity_np in -lpthread... yes
checking that generated files are newer than configure... done
configure: creating ./config.status
config.status: creating Makefile
config.status: creating example/Makefile
config.status: creating tests/Makefile
config.status: creating libndpi.pc
config.status: creating src/include/ndpi_define.h
config.status: creating src/lib/Makefile
config.status: creating src/include/ndpi_config.h
config.status: executing depfiles commands
config.status: executing libtool commands
[root@linux01 nDPI]# cd src/lib/
[root@linux01 lib]# make ndpi_network_list.c.inc
depbase=`echo ndpi_network_list_compile.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
gcc -DHAVE_CONFIG_H -I. -I../../src/include -I../../src/include/ -I../../src/lib/third_party/include/ -g -O2 -I/usr/include/json-c -fPIC -DPIC -DNDPI_LIB_COMPILATION -MT ndpi_network_list_compile.o -MD -MP -MF $depbase.Tpo -c -o ndpi_network_list_compile.o ndpi_network_list_compile.c &&\
mv -f $depbase.Tpo $depbase.Po
ndpi_network_list_compile.c: In function ‘main’:
ndpi_network_list_compile.c:324:5: warning: ‘strncat’ specified bound 512 equals destination size [-Wstringop-overflow=]
strncat(pnl->comments,wordarg,sizeof(pnl->comments));
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ndpi_network_list_compile.c:385:4: warning: ‘strncat’ specified bound 512 equals destination size [-Wstringop-overflow=]
strncat(pnl->comments,word,sizeof(pnl->comments));
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/bin/sh ../../libtool --tag=CC --mode=link gcc -g -O2 -I/usr/include/json-c -fPIC -DPIC -DNDPI_LIB_COMPILATION -ljson-c -o ndpi_network_list_compile ndpi_network_list_compile.o
libtool: link: gcc -g -O2 -I/usr/include/json-c -fPIC -DPIC -DNDPI_LIB_COMPILATION -o ndpi_network_list_compile ndpi_network_list_compile.o -ljson-c
./ndpi_network_list_compile -o ndpi_network_list.c.inc ndpi_network_list_tor.yaml ndpi_network_list_std.yaml
Warning: line 78: '52.82.0.0/14' is not network
Warning: line 423: '141.101.88.0/19' is not network
Warning: line 609: '209.148.214.135/21' is not network
Warning: line 717: '208.64.201.0/22' is not network
Warning: line 723: '159.122.189.48/21' is not network
Warning: line 795: '1.44.48.64/23' is not network
Warning: line 796: '1.44.69.80/25' is not network
Warning: line 797: '2.46.138.52/28' is not network
Warning: line 798: '2.47.103.32/23' is not network
Warning: line 852: '169.55.60.170/27' is not network
Warning: line 854: '169.63.76.17/25' is not network
Warning: line 855: '169.63.73.64/25' is not network
Warning: line 860: '185.60.218.53/27' is not network
[root@linux01 lib]# cd ../../ndpi-netfilter/
[root@linux01 ndpi-netfilter]# make
make -C ipt
make[1]: Entering directory '/tmp/nDPI/ndpi-netfilter/ipt'
cc -fPIC -I../.. -I../../src/include -I../../src/lib -I../src -I../libre -DOPENDPI_NETFILTER_MODULE -O2 -Wall -D_INIT=libxt_ndpi_init -c -o libxt_ndpi.o libxt_ndpi.c;
cc -shared -o libxt_ndpi.so libxt_ndpi.o;
rm libxt_ndpi.o
make[1]: Leaving directory '/tmp/nDPI/ndpi-netfilter/ipt'
make -C src
make[1]: Entering directory '/tmp/nDPI/ndpi-netfilter/src'
make -C /lib/modules/4.19.8-arch1-1-nfcustom/build M=$PWD modules -w;
make[2]: Entering directory '/usr/lib/modules/4.19.8-arch1-1-nfcustom/build'
CC [M] /tmp/nDPI/ndpi-netfilter/src/main.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/third_party/src/node.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/third_party/src/ahocorasick.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/third_party/src/libcache.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/third_party/src/hash.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/third_party/src/ndpi_patricia.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/ndpi_main.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/afp.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/ajp.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/aimini.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/amqp.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/applejuice.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/apple_push.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/armagetron.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/ayiya.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/battlefield.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/bgp.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/bittorrent.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/bjnp.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/checkmk.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/citrix.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/ciscovpn.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/coap.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/collectd.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/corba.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/crossfire.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/csgo.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/dcerpc.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/diameter.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/dhcp.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/dhcpv6.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/directconnect.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/directdownloadlink.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/dns.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/dofus.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/drda.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/dropbox.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/eaq.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/edonkey.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/fasttrack.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/fbzero.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/fiesta.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/fix.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/florensia.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/ftp_control.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/ftp_data.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/git.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/gnutella.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/gtp.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/guildwars.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/h323.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/halflife2_and_mods.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/hangout.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/hep.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/http.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/http_activesync.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/iax.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/icecast.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/ipp.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/irc.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/jabber.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/kakaotalk_voice.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/kerberos.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/kontiki.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/ldap.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/lisp.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/lotus_notes.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/mail_imap.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/mail_pop.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/mail_smtp.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/maplestory.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/memcached.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/mdns.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/mgcp.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/mpegts.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/mqtt.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/msn.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/mssql_tds.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/mysql.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/netbios.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/netflow.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/nfs.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/nintendo.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/noe.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/non_tcp_udp.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/ntp.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/openft.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/openvpn.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/oracle.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/oscar.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/pando.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/megaco.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/pcanywhere.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/postgres.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/pplive.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/ppstream.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/pptp.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/qq.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/quic.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/radius.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/rdp.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/redis_net.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/rsync.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/rtp.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/rtcp.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/rtmp.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/rtsp.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/rx.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/sflow.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/shoutcast.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/sip.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/skinny.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/skype.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/smb.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/smpp.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/snmp.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/socks45.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/someip.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/sopcast.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/soulseek.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/spotify.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/ssdp.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/ssh.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/ssl.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/starcraft.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/stealthnet.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/steam.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/stun.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/syslog.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/teamviewer.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/teamspeak.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/telnet.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/telegram.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/teredo.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/tftp.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/thunder.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/tinc.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/tor.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/tcp_udp.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/tvants.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/tvuplayer.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/ubntac2.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/usenet.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/vhua.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/viber.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/vmware.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/vnc.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/whatsapp.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/warcraft3.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/whoisdas.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/world_of_kung_fu.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/world_of_warcraft.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/xbox.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/xdmcp.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/yahoo.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/zattoo.o
CC [M] /tmp/nDPI/ndpi-netfilter/src/../../src/lib/protocols/zeromq.o
LD [M] /tmp/nDPI/ndpi-netfilter/src/xt_ndpi.o
Building modules, stage 2.
MODPOST 1 modules
CC /tmp/nDPI/ndpi-netfilter/src/xt_ndpi.mod.o
LD [M] /tmp/nDPI/ndpi-netfilter/src/xt_ndpi.ko
make[2]: Leaving directory '/usr/lib/modules/4.19.8-arch1-1-nfcustom/build'
make[1]: Leaving directory '/tmp/nDPI/ndpi-netfilter/src'
[root@linux01 ndpi-netfilter]# insmod src/xt_ndpi.ko
insmod: ERROR: could not insert module src/xt_ndpi.ko: Unknown symbol in module
[root@linux01 ndpi-netfilter]# dmesg -TL | grep -i ndpi
[Wed Dec 12 08:42:00 2018] xt_ndpi: loading out-of-tree module taints kernel.
[Wed Dec 12 08:42:00 2018] xt_ndpi: module verification failed: signature and/or required key missing - tainting kernel
[Wed Dec 12 08:42:00 2018] xt_ndpi: Unknown symbol nf_ct_ext_add (err -2)
[Wed Dec 12 08:42:00 2018] xt_ndpi: Unknown symbol nf_ct_netns_get (err -2)
[Wed Dec 12 08:42:00 2018] xt_ndpi: Unknown symbol nf_ct_extend_unregister (err -2)
[Wed Dec 12 08:42:00 2018] xt_ndpi: Unknown symbol nf_ct_iterate_cleanup_net (err -2)
[Wed Dec 12 08:42:00 2018] xt_ndpi: Unknown symbol nf_ct_extend_custom_register (err -2)
[Wed Dec 12 08:42:00 2018] xt_ndpi: Unknown symbol nf_ct_netns_put (err -2)
insmod does not automatically load dependent modules. Use "modprobe nf_conntrack" before insmod src/xt_ndpi.ko
Yes... I forgot about this. Now module loads fine:
[Wed Dec 12 13:00:57 2018] xt_ndpi: loading out-of-tree module taints kernel.
[Wed Dec 12 13:00:57 2018] xt_ndpi: module verification failed: signature and/or required key missing - tainting kernel
[Wed Dec 12 13:00:57 2018] [NDPI] Missmatch 'ggpht.com' proto YouTube origin PlayStore
[Wed Dec 12 13:00:57 2018] xt_ndpi: Warning! Hostdef 'ggpht.com' missmatch! Skipping.
[Wed Dec 12 13:00:57 2018] xt_ndpi v1.2 ndpi 2.4.0-1320-97f4744 IPv6=YES debug_message=no
BT: hash_size 0k, hash_expiation 0 sec, log_size 128kb
sizeof hash_ip4p_node=44 id_struct=296 PATRICIA_MAXBITS=128
flow_struct=2024 packet_struct=1400
flow_tcp_struct=41 flow_udp_struct=27 int_one_line_struct=16
ndpi_ip_addr_t=16 ndpi_protocol=8 nf_ct_ext_ndpi=60
spinlock_t=4
NF_EXT_ID 9
[Wed Dec 12 13:00:57 2018] xt_ndpi MAX_PROTOCOLS 320 LAST_PROTOCOL 243
And I found issue.
My ndpi_load
for test host:
modprobe nf_conntrack
modprobe nf_conntrack_netlink
modprobe nf_nat_ipv4
modprobe nf_nat
modprobe nf_reject_ipv4
modprobe nf_defrag_ipv4
modprobe nf_conntrack_pptp
modprobe nf_conntrack_proto_gre
modprobe nfnetlink
modprobe xt_ndpi
conntrack -F
iptables -t mangle -A PREROUTING -m ndpi --all
iptables -t mangle -A POSTROUTING -m ndpi --all
iptables -t mangle -A PREROUTING -p icmp -j MARK --set-mark 11
iptables -t mangle -A POSTROUTING -p icmp -j MARK --set-mark 11
iptables -t mangle -A PREROUTING -m ndpi --proto unknown
iptables -t mangle -A POSTROUTING -m ndpi --proto unknown
Now if icmp from this host or to this host - this okay. Any other proto, like ssh or http - test host stuck without traces.
@k0ste I can not reproduce the problem :(
I close this. This is not kernel updates issue.
see at:
Module loading: