Package: oidentd
Version: 2.0.3-1
Severity: important
Since 2.6.9 the format of the ip_conntrack changed. Unfortunately the
exact format is dependent on the CONFIG_IP_NF_CT_ACCT option, so I don't
think there is a trivial fix for this.
When CONFIG_IP_NF_CT_ACCT is set, "packets=nnn bytes=nnn" is added in
the ip_conntrack file. A solution to this would probably require a
different way of parsing the ip_conntrack file?
The offending line in the code is src/kernel/linux.c:290
ret = sscanf(buf,
"%15s %*d %*d ESTABLISHED src=%d.%d.%d.%d dst=%d.%d.%d.%d
sport=%d dport=%d %*s %*s %*s dport=%d",
proto, &l1, &l2, &l3, &l4, &r1, &r2, &r3, &r4,
&lportm_temp, &fportm_temp, &mport_temp);
A simple fix here is replacing these lines by
ret = sscanf(buf,
"%15s %*d %*d ESTABLISHED src=%d.%d.%d.%d dst=%d.%d.%d.%d
sport=%d dport=%d %*s %*s %*s %*s %*s dport=%d",
proto, &l1, &l2, &l3, &l4, &r1, &r2, &r3, &r4,
&lportm_temp, &fportm_temp, &mport_temp);
but this will break oidentd when CONFIG_IP_NF_CT_ACCT is not set.
>From ChangeLog-2.6.9:
<[EMAIL PROTECTED]>
[NETFILTER]: Connection based accounting
This patch adds a config option to enable per-flow packet and
byte
accounting to ip_conntrack.
Signed-off-by: Harald Welte <[EMAIL PROTECTED]>
Signed-off-by: David S. Miller <davem@redhat.com>
This might also be relevant? (Also from Changelog-2.6.9)
<[EMAIL PROTECTED]>
[NETFILTER]: Move /proc/net/ip_conntrack to seq_file
This patch makes ip_conntrack use the seq_file API
Signed-off-by: Harald Welte <[EMAIL PROTECTED]>
Signed-off-by: David S. Miller <davem@redhat.com>
-- System Information:
Debian Release: 3.1
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.10
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)
Versions of packages oidentd depends on:
ii libc6 2.3.2.ds1-20 GNU C Library: Shared libraries an
-- no debconf information
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
