Control: close -1 3.7.0-1 On Thu, 27 Aug 2015 17:32:02 +1000 report...@rather.puzzling.org wrote: > Package: iproute2 > Version: 3.16.0-2 > Severity: normal > > 0-0-17:20:59, Thu Aug 27 tconnors@pi:~ (bash) > 7185,30> sudo ss -anu > State Recv-Q Send-Q Local Address:Port Peer Address:Port > 0-0-17:21:54, Thu Aug 27 tconnors@pi:~ (bash) > > Not sure whether it's a kernel 3.18 thing or not, because rkhunter > didn't use to false-detect that it thought a whole bunch of UDP ports > were being used. An another box running kernel 3.17, I do get > expected output: > > 445024,1> sudo ss -anu > State Recv-Q Send-Q Local Address:Port Peer Address:Port > UNCONN 0 0 *:36557 *:* > ... > > Issue not fixed with iproute2 from testing. > > > Eg, from rkhunter: > Port number: UDP:123 is being used by /usr/sbin/ntpd > > > 6853,29> ps 714 > PID TTY STAT TIME COMMAND > 714 ? Ss 2:32 /usr/sbin/ntpd -p /var/run/ntpd.pid -g -u 102:104 > > 6854,30> cat /proc/714/net/udp > sl local_address rem_address st tx_queue rx_queue tr tm->when retrnsmt uid timeout inode ref pointer drops > 31: 00000000:82C3 00000000:0000 07 00000000:00000000 00:00000000 00000000 0 0 9385 2 db301400 0 > 57: 00000000:03DD 00000000:0000 07 00000000:00000000 00:00000000 00000000 0 0 7244 2 db301180 0 > 69: 00000000:14E9 00000000:0000 07 00000000:00000000 00:00000000 00000000 110 0 8592 2 db300c80 0 > 93: 00000000:0801 00000000:0000 07 00000000:00000000 00:00000000 00000000 0 0 9363 2 db300280 0 > 108: 00000000:A510 00000000:0000 07 00000000:00000000 00:00000000 00000000 0 0 9660 2 d87fe280 0 > 128: 00000000:8324 00000000:0000 07 00000000:00000000 00:00000000 00000000 0 0 9693 2 d87fe500 0 > 179: 00000000:0357 00000000:0000 07 00000000:00000000 00:00000000 00000000 0 0 3555 2 db300000 0 > 192: 00000000:B664 00000000:0000 07 00000000:00000000 00:00000000 00000000 0 0 8067 2 db300a00 0 > 203: 00000000:006F 00000000:0000 07 00000000:00000000 00:00000000 00000000 0 0 7241 2 db300f00 0 > 210: 00000000:9F76 00000000:0000 07 00000000:00000000 00:00000000 00000000 110 0 8594 2 db300780 0 > 215: 1C01A8C0:007B 00000000:0000 07 00000000:00000000 00:00000000 00000000 0 0 9450 2 d87fe000 0 > 215: 0100007F:007B 00000000:0000 07 00000000:00000000 00:00000000 00000000 0 0 9449 2 db301b80 0 > 215: 00000000:007B 00000000:0000 07 00000000:00000000 00:00000000 00000000 0 0 9438 2 db301680 0 > 245: 00000000:E899 00000000:0000 07 00000000:00000000 00:00000000 00000000 0 0 9729 2 d87fe780 0 > > 6855,31> sudo lsof -p 714 > COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME > ntpd 714 ntp cwd DIR 0,13 4096 2 / (192.168.1.17:/piroot) > ntpd 714 ntp rtd DIR 0,13 4096 2 / (192.168.1.17:/piroot) > ntpd 714 ntp txt REG 0,13 453328 2054 /usr/sbin/ntpd (192.168.1.17:/piroot) > ntpd 714 ntp mem REG 0,13 38612 171210 /lib/arm- linux-gnueabihf/libnss_nis-2.19.so (192.168.1.17:/piroot) > ntpd 714 ntp mem REG 0,13 71628 149467 /lib/arm- linux-gnueabihf/libnsl-2.19.so (192.168.1.17:/piroot) > ntpd 714 ntp mem REG 0,13 30592 166482 /lib/arm- linux-gnueabihf/libnss_compat-2.19.so (192.168.1.17:/piroot) > ntpd 714 ntp mem REG 0,13 75644 171217 /lib/arm- linux-gnueabihf/libresolv-2.19.so (192.168.1.17:/piroot) > ntpd 714 ntp mem REG 0,13 18048 171207 /lib/arm- linux-gnueabihf/libnss_dns-2.19.so (192.168.1.17:/piroot) > ntpd 714 ntp mem REG 0,13 9600 133334 /lib/arm- linux-gnueabihf/libnss_mdns4_minimal.so.2 (192.168.1.17:/piroot) > ntpd 714 ntp mem REG 0,13 42724 171208 /lib/arm- linux-gnueabihf/libnss_files-2.19.so (192.168.1.17:/piroot) > ntpd 714 ntp mem REG 0,13 17868 147644 /lib/arm- linux-gnueabihf/libattr.so.1.1.0 (192.168.1.17:/piroot)
Hi, This was fixed upstream in 3.1.0, so closing this bug now. -- Kind regards, Luca Boccassi
signature.asc
Description: This is a digitally signed message part