Opened 4 years ago

Closed 3 years ago

#1379 closed bug (WontFix)

Deluge keeps trying to load net-pf-10 when ipv6 is disabled

Reported by: kirrun Owned by:
Priority: trivial Milestone: Future
Component: Core Version: 1.3.0_dev
Keywords: Cc:

Description

Deluge keeps trying to load net-pf-10 resulting in grsec log being deluged like this:

Oct 25 12:10:17 kirServ kernel: [1226293.336190] grsec: From 195.206.52.6: denied kernel module auto-load of net-pf-10 by /usr/bin/deluged[deluged:8825] uid/euid:1001/1001 gid/egid:1004/1004, parent /sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Oct 25 12:10:17 kirServ kernel: [1226293.336420] grsec: From 195.206.52.6: denied kernel module auto-load of net-pf-10 by /usr/bin/deluged[deluged:8825] uid/euid:1001/1001 gid/egid:1004/1004, parent /sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Oct 25 12:10:17 kirServ kernel: [1226293.336530] grsec: From 195.206.52.6: denied kernel module auto-load of net-pf-10 by /usr/bin/deluged[deluged:8825] uid/euid:1001/1001 gid/egid:1004/1004, parent /sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Oct 25 12:10:17 kirServ kernel: [1226293.336558] grsec: From 195.206.52.6: denied kernel module auto-load of net-pf-10 by /usr/bin/deluged[deluged:8825] uid/euid:1001/1001 gid/egid:1004/1004, parent /sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Oct 25 12:10:17 kirServ kernel: [1226293.336630] grsec: From 195.206.52.6: denied kernel module auto-load of net-pf-10 by /usr/bin/deluged[deluged:8825] uid/euid:1001/1001 gid/egid:1004/1004, parent /sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Oct 25 12:10:17 kirServ kernel: [1226293.336681] grsec: more alerts, logging disabled for 10 seconds

The system is not ipv6 aware — net-pf-10 is aliased to off. But grsec catches attempt to load it even before aliases are checked.

This is deluge's problem as no other program behaves like this.

Change History (3)

comment:1 Changed 4 years ago by naikoto

(offtopic) I had same issue. afaik, ipv6 isn't a module in most cases but compiled into kernel.
so alias/blacklist doesn't work (for me). if it annoys you, allow net-pf-10 and use sysctl net.ipv6.conf.all.disable_ipv6=1

comment:2 Changed 3 years ago by Cas

  • Priority changed from major to trivial
  • Type changed from defect to bug

comment:3 Changed 3 years ago by Cas

  • Resolution set to wontfix
  • Status changed from new to closed
  • Summary changed from Deluge keeps trying to load net-pf-10 to Deluge keeps trying to load net-pf-10 when ipv6 is disabled

In fact I am closing this as naikoto suggestion should be good enough.

A quick search shows that others are dealing with the log entry rather than the program generating the error, one person mentions apache also raising same alert.
http://www.atomicorp.com/forum/viewtopic.php?f=3&t=4191
http://wiki.centos.org/FAQ/CentOS5#head-47912ebdae3b5ac10ff76053ef057c366b421dc4

Note: See TracTickets for help on using tickets.