On Thu, Aug 28, 2025 at 12:34:15AM +0200, Pablo Neira Ayuso wrote: > On Mon, Aug 18, 2025 at 11:47:08AM +0800, Yi Chen wrote: > > This patch adds a hint when: > > > > # modprobe nf_conntrack_ftp > > # nfct helper del ftp inet tcp > > # nfct helper add ftp inet tcp > > *nfct v1.4.8: netlink error: File exists* > > > > or other type of helper. > > This patch changes EEXIST by EBUSY: > > https://patchwork.ozlabs.org/project/netfilter-devel/patch/20250818112220.26641-1-phil@xxxxxx/ > > This userspace patch is not very useful after this. Oh! I missed that nfnl_cthelper_create() also just passes through the return code from nf_conntrack_helper_register(). > So maybe a follow up fix to retain EEXIST for nfnetlink_cthelper in > the kernel is needed? > > I mean, return EEXIST in nfnetlink_cthelper but EBUSY in case of > insmod, ie. add a bool insmod flag to the helper register/unregister > functions to return EBUSY for insmod and EEXIST for > nfnetlink_cthelper. Do we need to retain the old return code? I would just update the patch to print the message for EBUSY instead of EEXIST. Cheers, Phil
