Fix Conn.Get to correctly set IP family for partial IPv6 filters#46
Merged
ti-mo merged 1 commit intoti-mo:masterfrom Jul 7, 2025
Merged
Fix Conn.Get to correctly set IP family for partial IPv6 filters#46ti-mo merged 1 commit intoti-mo:masterfrom
ti-mo merged 1 commit intoti-mo:masterfrom
Conversation
Conn.Get supports filters with only one of TupleOrig or TupleReply defined. However, when using such a partial filter with IPv6 addresses, the function failed to set the correct IP family (ProtoIPv6) in the netfilter header, resulting in the error: netfilter query: netlink receive: invalid argument This change updates the condition to set the protocol family to IPv6 if either TupleOrig or TupleReply uses an IPv6 address. Signed-off-by: Milan Lenco <milan@zededa.com>
Owner
|
Thanks for the patch! |
Pull Request Test Coverage Report for Build 16051692218Details
💛 - Coveralls |
milan-zededa
added a commit
to milan-zededa/eve-libs
that referenced
this pull request
Jul 7, 2025
Library github.com/ti-mo/conntrack was patched to properly handle conntrack retrieval for IPv6 entries. This is the PR with the fix: ti-mo/conntrack#46 We use this library inside nettrace to capture information provided by conntrack, such as packets/bytes seen in both directions, state of the connection as seen by conntrack, etc. Signed-off-by: Milan Lenco <milan@zededa.com>
milan-zededa
added a commit
to milan-zededa/eve-libs
that referenced
this pull request
Jul 7, 2025
Library github.com/ti-mo/conntrack was patched to properly handle conntrack retrieval for IPv6 entries. This is the PR with the fix: ti-mo/conntrack#46 We use this library inside nettrace to capture information provided by conntrack, such as the number of packets/bytes seen in both directions, state of the connection as observed by conntrack, etc. Signed-off-by: Milan Lenco <milan@zededa.com>
milan-zededa
added a commit
to milan-zededa/eve-libs
that referenced
this pull request
Jul 7, 2025
Library github.com/ti-mo/conntrack was patched to properly handle conntrack retrieval for IPv6 entries. This is the PR with the fix: ti-mo/conntrack#46 We use this library inside nettrace to capture information provided by conntrack, such as the number of packets/bytes seen in both directions, state of the connection as observed by conntrack, etc. Signed-off-by: Milan Lenco <milan@zededa.com>
eriknordmark
pushed a commit
to lf-edge/eve-libs
that referenced
this pull request
Jul 8, 2025
Library github.com/ti-mo/conntrack was patched to properly handle conntrack retrieval for IPv6 entries. This is the PR with the fix: ti-mo/conntrack#46 We use this library inside nettrace to capture information provided by conntrack, such as the number of packets/bytes seen in both directions, state of the connection as observed by conntrack, etc. Signed-off-by: Milan Lenco <milan@zededa.com>
milan-zededa
added a commit
to milan-zededa/eve
that referenced
this pull request
Jul 9, 2025
Update eve-libs dependency, which now uses the latest github.com/ti-mo/conntrack library that was patched to properly handle conntrack retrieval for IPv6 entries. This is the PR with the fix: ti-mo/conntrack#46 We use this library inside eve-libs/nettrace to capture information provided by conntrack, such as the number of packets/bytes seen in both directions, state of the connection as observed by conntrack, etc. Signed-off-by: Milan Lenco <milan@zededa.com>
milan-zededa
added a commit
to milan-zededa/eve
that referenced
this pull request
Jul 11, 2025
Update eve-libs dependency, which now uses the latest github.com/ti-mo/conntrack library that was patched to properly handle conntrack retrieval for IPv6 entries. This is the PR with the fix: ti-mo/conntrack#46 We use this library inside eve-libs/nettrace to capture information provided by conntrack, such as the number of packets/bytes seen in both directions, state of the connection as observed by conntrack, etc. Signed-off-by: Milan Lenco <milan@zededa.com>
milan-zededa
added a commit
to milan-zededa/eve
that referenced
this pull request
Jul 14, 2025
Update eve-libs dependency, which now uses the latest github.com/ti-mo/conntrack library that was patched to properly handle conntrack retrieval for IPv6 entries. This is the PR with the fix: ti-mo/conntrack#46 We use this library inside eve-libs/nettrace to capture information provided by conntrack, such as the number of packets/bytes seen in both directions, state of the connection as observed by conntrack, etc. Signed-off-by: Milan Lenco <milan@zededa.com>
milan-zededa
added a commit
to milan-zededa/eve
that referenced
this pull request
Jul 14, 2025
Update eve-libs dependency, which now uses the latest github.com/ti-mo/conntrack library that was patched to properly handle conntrack retrieval for IPv6 entries. This is the PR with the fix: ti-mo/conntrack#46 We use this library inside eve-libs/nettrace to capture information provided by conntrack, such as the number of packets/bytes seen in both directions, state of the connection as observed by conntrack, etc. Also included is the update of AWS SDK go library from v1 to v2: lf-edge/eve-libs#39 Lastly, eve-libs was patched to support AWS datastore over IPv6 connectivity: lf-edge/eve-libs#40 Signed-off-by: Milan Lenco <milan@zededa.com>
milan-zededa
added a commit
to milan-zededa/eve
that referenced
this pull request
Jul 17, 2025
Update eve-libs dependency, which now uses the latest github.com/ti-mo/conntrack library that was patched to properly handle conntrack retrieval for IPv6 entries. This is the PR with the fix: ti-mo/conntrack#46 We use this library inside eve-libs/nettrace to capture information provided by conntrack, such as the number of packets/bytes seen in both directions, state of the connection as observed by conntrack, etc. Signed-off-by: Milan Lenco <milan@zededa.com>
milan-zededa
added a commit
to milan-zededa/eve
that referenced
this pull request
Jul 21, 2025
Update eve-libs dependency, which now uses the latest github.com/ti-mo/conntrack library that was patched to properly handle conntrack retrieval for IPv6 entries. This is the PR with the fix: ti-mo/conntrack#46 We use this library inside eve-libs/nettrace to capture information provided by conntrack, such as the number of packets/bytes seen in both directions, state of the connection as observed by conntrack, etc. Signed-off-by: Milan Lenco <milan@zededa.com>
milan-zededa
added a commit
to milan-zededa/eve
that referenced
this pull request
Jul 21, 2025
Update eve-libs dependency, which now uses the latest github.com/ti-mo/conntrack library that was patched to properly handle conntrack retrieval for IPv6 entries. This is the PR with the fix: ti-mo/conntrack#46 We use this library inside eve-libs/nettrace to capture information provided by conntrack, such as the number of packets/bytes seen in both directions, state of the connection as observed by conntrack, etc. Signed-off-by: Milan Lenco <milan@zededa.com>
eriknordmark
pushed a commit
to lf-edge/eve
that referenced
this pull request
Jul 22, 2025
Update eve-libs dependency, which now uses the latest github.com/ti-mo/conntrack library that was patched to properly handle conntrack retrieval for IPv6 entries. This is the PR with the fix: ti-mo/conntrack#46 We use this library inside eve-libs/nettrace to capture information provided by conntrack, such as the number of packets/bytes seen in both directions, state of the connection as observed by conntrack, etc. Signed-off-by: Milan Lenco <milan@zededa.com>
sultatos
pushed a commit
to sultatos/eve
that referenced
this pull request
Jul 29, 2025
Update eve-libs dependency, which now uses the latest github.com/ti-mo/conntrack library that was patched to properly handle conntrack retrieval for IPv6 entries. This is the PR with the fix: ti-mo/conntrack#46 We use this library inside eve-libs/nettrace to capture information provided by conntrack, such as the number of packets/bytes seen in both directions, state of the connection as observed by conntrack, etc. Signed-off-by: Milan Lenco <milan@zededa.com>
milan-zededa
added a commit
to milan-zededa/eve
that referenced
this pull request
Jul 30, 2025
Update eve-libs dependency, which now uses the latest github.com/ti-mo/conntrack library that was patched to properly handle conntrack retrieval for IPv6 entries. This is the PR with the fix: ti-mo/conntrack#46 We use this library inside eve-libs/nettrace to capture information provided by conntrack, such as the number of packets/bytes seen in both directions, state of the connection as observed by conntrack, etc. Signed-off-by: Milan Lenco <milan@zededa.com> (cherry picked from commit cbc7b61)
milan-zededa
added a commit
to milan-zededa/eve
that referenced
this pull request
Jul 30, 2025
Update eve-libs dependency, which now uses the latest github.com/ti-mo/conntrack library that was patched to properly handle conntrack retrieval for IPv6 entries. This is the PR with the fix: ti-mo/conntrack#46 We use this library inside eve-libs/nettrace to capture information provided by conntrack, such as the number of packets/bytes seen in both directions, state of the connection as observed by conntrack, etc. Signed-off-by: Milan Lenco <milan@zededa.com> (cherry picked from commit cbc7b61)
OhmSpectator
pushed a commit
to lf-edge/eve
that referenced
this pull request
Jul 30, 2025
Update eve-libs dependency, which now uses the latest github.com/ti-mo/conntrack library that was patched to properly handle conntrack retrieval for IPv6 entries. This is the PR with the fix: ti-mo/conntrack#46 We use this library inside eve-libs/nettrace to capture information provided by conntrack, such as the number of packets/bytes seen in both directions, state of the connection as observed by conntrack, etc. Signed-off-by: Milan Lenco <milan@zededa.com> (cherry picked from commit cbc7b61)
eriknordmark
pushed a commit
to lf-edge/eve-libs
that referenced
this pull request
Feb 10, 2026
Library github.com/ti-mo/conntrack was patched to properly handle conntrack retrieval for IPv6 entries. This is the PR with the fix: ti-mo/conntrack#46 We use this library inside nettrace to capture information provided by conntrack, such as the number of packets/bytes seen in both directions, state of the connection as observed by conntrack, etc. Signed-off-by: Milan Lenco <milan@zededa.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Conn.Getsupports filters with only one ofTupleOrigorTupleReplydefined. However, when using such a partial filter with IPv6 addresses, the function failed to set the correct IP family (ProtoIPv6) in the netfilter header, resulting in the error:This change updates the condition to set the protocol family to IPv6 if either
TupleOrigorTupleReplyuses an IPv6 address.