Ticket #1379 (closed bug: wontfix)

Opened 3 years ago

Last modified 2 years ago

Deluge keeps trying to load net-pf-10 when ipv6 is disabled

Reported by: kirrun Owned by:
Priority: trivial Milestone: Future
Component: core Version: 1.3.0_dev
Keywords: Cc:

Description

Deluge keeps trying to load net-pf-10 resulting in grsec log being deluged like this: 

Oct 25 12:10:17 kirServ kernel: [1226293.336190] grsec: From 195.206.52.6: denied kernel module auto-load of net-pf-10 by /usr/bin/deluged[deluged:8825] uid/euid:1001/1001 gid/egid:1004/1004, parent /sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Oct 25 12:10:17 kirServ kernel: [1226293.336420] grsec: From 195.206.52.6: denied kernel module auto-load of net-pf-10 by /usr/bin/deluged[deluged:8825] uid/euid:1001/1001 gid/egid:1004/1004, parent /sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Oct 25 12:10:17 kirServ kernel: [1226293.336530] grsec: From 195.206.52.6: denied kernel module auto-load of net-pf-10 by /usr/bin/deluged[deluged:8825] uid/euid:1001/1001 gid/egid:1004/1004, parent /sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Oct 25 12:10:17 kirServ kernel: [1226293.336558] grsec: From 195.206.52.6: denied kernel module auto-load of net-pf-10 by /usr/bin/deluged[deluged:8825] uid/euid:1001/1001 gid/egid:1004/1004, parent /sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Oct 25 12:10:17 kirServ kernel: [1226293.336630] grsec: From 195.206.52.6: denied kernel module auto-load of net-pf-10 by /usr/bin/deluged[deluged:8825] uid/euid:1001/1001 gid/egid:1004/1004, parent /sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Oct 25 12:10:17 kirServ kernel: [1226293.336681] grsec: more alerts, logging disabled for 10 seconds

The system is not ipv6 aware — net-pf-10 is aliased to off. But grsec catches attempt to load it even before aliases are checked.

This is deluge's problem as no other program behaves like this.

Change History

Changed 3 years ago by naikoto

(offtopic) I had same issue. afaik, ipv6 isn't a module in most cases but compiled into kernel. so alias/blacklist doesn't work (for me). if it annoys you, allow net-pf-10 and use sysctl net.ipv6.conf.all.disable_ipv6=1

Changed 2 years ago by Cas

  • priority changed from major to trivial
  • type changed from defect to bug

Changed 2 years ago by Cas

  • status changed from new to closed
  • resolution set to wontfix
  • summary changed from Deluge keeps trying to load net-pf-10 to Deluge keeps trying to load net-pf-10 when ipv6 is disabled

In fact I am closing this as naikoto suggestion should be good enough.

A quick search shows that others are dealing with the log entry rather than the program generating the error, one person mentions apache also raising same alert.  http://www.atomicorp.com/forum/viewtopic.php?f=3&t=4191  http://wiki.centos.org/FAQ/CentOS5#head-47912ebdae3b5ac10ff76053ef057c366b421dc4

Note: See TracTickets for help on using tickets.