After upgrading to kernel 2.6.8.1, oidentd can no longer look up the details of masqueraded connections. The recent change: o [NETFILTER]: Change permissions of /proc/net/ip_conntrack to 0440 From 2.6.7 to 2.6.8 seems to be responsible. Changing to GROUP="root" in /etc/conf.d/oidentd works around the problem, as does changing the permissions on the ip_conntrack file. I'm unsure of what the best solution is though. Reproducible: Always Steps to Reproduce:
oidentd-2.0.8 has the -m switch for masqueraded/NAT connections, please try with that option - also there's an oidentd_masq.conf supplied with the package that has some useful comments :>
Thanks Christoph. I think I would have been using the -m option as everything was fine until I upgraded the kernel. I believe the change revolved around the permissions on /proc/net/ip_conntrack changing meaning that oidentd no longer had the ability to read the file to work its magic. Having said that, to be honest I don't really remember too clearly and no longer use it. In the ~3 years since the bug was filed my memory has become a little hazy. I'd be tempted to close this bug as no one else seems to have reported it. Perhaps I was doing something wrong after all.
Ok, I'll close this as CANTFIX since I don't have any masquerading here to test it :)
