Modify

Opened 2 years ago

Closed 2 years ago

#21415 closed defect (fixed)

Realtime Connections incomplete

Reported by: anonymous Owned by: developers
Priority: response-needed Milestone:
Component: base system Version: Trunk
Keywords: Cc:

Description

latest trunk shows only connections initiated from lan hosts but not the ones originating from router itself.

Attachments (0)

Change History (12)

comment:1 Changed 2 years ago by jow

  • Priority changed from normal to response-needed

Do those connections appear in /proc/net/nf_conntrack ?

comment:2 Changed 2 years ago by anonymous

yes, everything shows up in conntrack. this is how it looks like in luci

http://s24.postimg.org/d2v21aqdh/Screenshot.png

comment:3 Changed 2 years ago by anonymous

oh and i just noticed, looks like UDP connections are not shown.

comment:4 Changed 2 years ago by anonymous

any updates on this issue?

comment:5 Changed 2 years ago by jow

  • Resolution set to worksforme
  • Status changed from new to closed

LuCI filters connections from/to 127.0.0.1 - see https://github.com/openwrt/luci/blob/master/modules/luci-mod-admin-full/src/luci-bwc.c#L524, this is intentional behaviour though and is done to not spam the connection list with shortlived UDP connections caused by the DNS reverse lookups for the "Source" and "Destination" columns.

It is not filtering connections from 127.0.0.1 to any other destination as this ticket ic claiming.

comment:6 Changed 2 years ago by anonymous

the problem was incorrectly described in the beginning. as you can see from screenshot it filters all UDP connections not only shortlived ones (there was a client running torrent).

at last it doesn't show dnscrypt-proxy connections (from 127.0.0.1 to dnscrypt-proxy server) that's how i noticed this.

i'm about try latest trunk and will reopen the ticket if it won't show these.

comment:7 Changed 2 years ago by anonymous

  • Resolution worksforme deleted
  • Status changed from closed to reopened

comment:8 Changed 2 years ago by anonymous

no dnscrypt-proxy or l2tp connections displayed at r48531

comment:9 Changed 2 years ago by jow

Show me the relevant lines from /proc/net/nf_conntrack please.

comment:10 Changed 2 years ago by anonymous

here it is:

root@OpenWrt:~# cat /proc/net/nf_conntrack
ipv4     2 tcp      6 7439 ESTABLISHED src=192.168.5.2 dst=192.168.5.1 sport=37589 dport=22 packets=140 bytes=9365 src=192.168.5.1 dst=192.168.5.2 sport=22 dport=37589 packets=102 bytes=53014 [ASSURED] mark=0 use=2
'''ipv4     2 udp      17 177 src=10.10.1.5 dst=35.146.218.10 sport=1701 dport=12801 packets=51283 bytes=6012852 src=35.146.218.10 dst=10.10.1.5 sport=12801 dport=1701 packets=81921 bytes=105044213 [ASSURED] mark=0 use=2'''
ipv4     2 tcp      6 7395 ESTABLISHED src=192.168.5.2 dst=216.58.209.132 sport=38545 dport=443 packets=14 bytes=2280 src=216.58.209.132 dst=10.10.1.5 sport=443 dport=38545 packets=12 bytes=5136 [ASSURED] mark=0 use=2
ipv4     2 tcp      6 97 TIME_WAIT src=192.168.5.2 dst=216.58.211.78 sport=53082 dport=80 packets=6 bytes=1111 src=216.58.211.78 dst=10.10.1.5 sport=80 dport=53082 packets=4 bytes=663 [ASSURED] mark=0 use=2
ipv4     2 tcp      6 7437 ESTABLISHED src=192.168.5.2 dst=216.58.211.67 sport=51729 dport=80 packets=9 bytes=750 src=216.58.211.67 dst=10.10.1.5 sport=80 dport=51729 packets=8 bytes=424 [ASSURED] mark=0 use=2
'''ipv4     2 udp      17 42 src=10.10.1.5 dst=176.56.237.171 sport=57349 dport=443 packets=22 bytes=11880 src=176.56.237.171 dst=10.10.1.5 sport=443 dport=57349 packets=22 bytes=10539 [ASSURED] mark=0 use=2'''
ipv4     2 tcp      6 7401 ESTABLISHED src=192.168.5.2 dst=216.58.211.67 sport=55685 dport=443 packets=40 bytes=2317 src=216.58.211.67 dst=10.10.1.5 sport=443 dport=55685 packets=64 bytes=79183 [ASSURED] mark=0 use=2
'''ipv4     2 udp      17 177 src=192.168.0.42 dst=131.32.41.251 sport=1701 dport=7006 packets=54040 bytes=8110784 src=131.32.41.251 dst=192.168.0.42 sport=7006 dport=1701 packets=155423 bytes=112730340 [ASSURED] mark=0 use=2'''
ipv4     2 tcp      6 98 TIME_WAIT src=192.168.5.2 dst=216.58.211.78 sport=53083 dport=80 packets=31 bytes=1901 src=216.58.211.78 dst=10.10.1.5 sport=80 dport=53083 packets=32 bytes=39717 [ASSURED] mark=0 use=2
ipv4     2 tcp      6 7395 ESTABLISHED src=192.168.5.2 dst=216.58.211.78 sport=47732 dport=443 packets=13 bytes=1305 src=216.58.211.78 dst=10.10.1.5 sport=443 dport=47732 packets=11 bytes=5029 [ASSURED] mark=0 use=2

btw the connections from 127.0.0.1 to 127.0.0.1 that you tried to filter were never even shown in luci, because dnscrypt-proxy makes a lot of these and i almost forgot about it until i ran nf_conntrack and saw them from console.

another thing, removing the 3 lines in luci-bwc.c#L524 didn't change anything as well as reverting some other luci changes (https://github.com/openwrt/luci/commit/258836441babd7939b7e13a4abd19502b922928d) which means i tried to build image with modified luci while the image built with the original luci code downloaded from github?!?

comment:12 Changed 2 years ago by jow

  • Resolution set to fixed
  • Status changed from reopened to closed

Add Comment

Modify Ticket

Action
as closed .
The resolution will be deleted. Next status will be 'reopened'.
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.