0001090: conntrack tools fail to add "unknown" protocol entries

ID	Project	Category	View Status	Date Submitted	Last Update

0001090	Rocky-Linux-9	conntrack-tools	public	2022-11-25 19:37	2025-04-09 15:00

Reporter	Jacek Tomasiak	Assigned To	Louis Abel
Priority	normal	Severity	minor	Reproducibility	always
Status	closed	Resolution	unable to reproduce

Summary	0001090: conntrack tools fail to add "unknown" protocol entries
Description	Between version 1.4.4 and 1.4.5 of conntrack-tools (1.0.7 and 1.0.8 of libnetfilter_conntrack) upstream switched from libnfnetlink to libmnl for building and parsing netlink messages. This introduced regression in handling entries with protocols which are not natively supported by conntrack (e.g. igmp). Trying to create such entries resulted in "Operation failed: invalid parameters" errors. Upstream fix for this problem is already available at https://git.netfilter.org/libnetfilter_conntrack/commit/src/conntrack/build_mnl.c?id=45ec4b51e8290759e0d87d9405965be1352a4325
Steps To Reproduce	$ sudo conntrack -I -s 192.168.1.9 -d 101.168.1.9 -t 300 -p igmp expected output: conntrack v1.4.5 (conntrack-tools): 1 flow entries have been created. actual output: conntrack v1.4.5 (conntrack-tools): Operation failed: invalid parameters
Tags	No tags attached.

Date Modified	Username	Field	Change
2022-11-25 19:37	Jacek Tomasiak	New Issue
2025-04-09 15:00	Louis Abel	Assigned To	=> Louis Abel
2025-04-09 15:00	Louis Abel	Status	new => closed
2025-04-09 15:00	Louis Abel	Resolution	open => unable to reproduce
2025-04-09 15:00	Louis Abel	Note Added: 0009743

Louis Abel 2025-04-09 15:00 administrator ~0009743	Closing as unable to reproduce on Rocky Linux 9.5. This issue is likely fixed. [nazu@router ~]$ sudo conntrack -I -s 192.168.1.9 -d 101.168.1.9 -t 300 -p igmp conntrack v1.4.7 (conntrack-tools): 1 flow entries have been created.