After Update got an Error with DPI

, ,

System Version NethServer release 7.4.1708 (Final)
Kernel 3.10.0-693.11.1.el7.x86_64

After the Update from today i got an error Deep Packet Inspection (DPI) module is not available
Restart the system and select a Linux kernel with DPI module support.

The banner is yellow, it’s a warning. Errors are displayed in red. :slight_smile:
It’s a false alarm, probably. Let’s check. List all ndpi modules:

[root@nsec-primary ~]# find /lib/modules/ -name \*ndpi\* -ls
1034839    0 drwxr-xr-x   2 root     root           27 Dec  1 06:11 /lib/modules/3.10.0-693.2.1.el7.x86_64/weak-updates/xt_ndpi
1023571    0 lrwxrwxrwx   1 root     root           62 Dec  1 06:11 /lib/modules/3.10.0-693.2.1.el7.x86_64/weak-updates/xt_ndpi/xt_ndpi.ko.xz -> /lib/modules/3.10.0-693.el7.x86_64/extra/xt_ndpi/xt_ndpi.ko.xz
69201529    0 drwxr-xr-x   2 root     root           27 Dec  1 06:12 /lib/modules/3.10.0-693.5.2.el7.x86_64/weak-updates/xt_ndpi
69201531    0 lrwxrwxrwx   1 root     root           62 Dec  1 06:11 /lib/modules/3.10.0-693.5.2.el7.x86_64/weak-updates/xt_ndpi/xt_ndpi.ko.xz -> /lib/modules/3.10.0-693.el7.x86_64/extra/xt_ndpi/xt_ndpi.ko.xz
34215561    0 drwxr-xr-x   2 root     root           27 Dec  1 06:11 /lib/modules/3.10.0-693.el7.x86_64/extra/xt_ndpi
34571196  168 -rw-r--r--   1 root     root       168188 Nov 24 17:48 /lib/modules/3.10.0-693.el7.x86_64/extra/xt_ndpi/xt_ndpi.ko.xz

See where the system expects it to be:

[root@nsec-primary ~]# /usr/sbin/modinfo -F filename xt_ndpi

See it’s loaded:

[root@nsec-primary ~]# lsmod | grep xt_ndpi
xt_ndpi               498584  557 
nf_conntrack          133387  30 nf_nat_ftp,nf_nat_irc,nf_nat_sip,nf_nat_amanda,xt_ndpi,xt_CT,nf_nat_snmp_basic,nf_conntrack_netbios_ns,nf_conntrack_proto_gre,nf_nat,xt_state,nf_nat_h323,nf_nat_ipv4,nf_nat_pptp,nf_nat_tftp,xt_conntrack,nf_conntrack_amanda,nf_nat_masquerade_ipv4,nf_conntrack_netlink,nf_conntrack_broadcast,xt_connmark,nf_conntrack_ftp,nf_conntrack_irc,nf_conntrack_sip,nf_conntrack_h323,nf_conntrack_ipv4,nf_conntrack_pptp,nf_conntrack_sane,nf_conntrack_snmp,nf_conntrack_tftp

What kernel is running?

[root@nsec-primary ~]# uname -r

As you can see I have the module loaded and located where the system expects it to be.
Please, repeat the above command in your system and report here.

I think that we need to at least reword the yellow banner text. Or remove it completely.
If the module is loaded the system works correctly. When you reboot you get the newer ndpi.
The idea behind that message is to invite to reboot to activate a new kernel with a newer (and probably better) nDPI support.
I’d go for removal, please chime in quickly if you want to keep it.


Same issue after updating this morning
Kernel : 3.10.0-693.11.1.el7.x86_64

DPI module is not loaded for me.

/usr/sbin/modinfo -F filename xt_ndpi
modinfo: ERROR: Module xt_ndpi not found.

The command to check if loaded is lsmod, please re-read carefully my post above. :slight_smile:
Could you please report the output of all the above commands?

Have you rebooted after the update?
If no, do reboot and check if the banner goes away.

[details=Summary][root@gateway ~]# find /lib/modules/ -name *ndpi* -ls
101425765 0 drwxr-xr-x 2 root root 27 Nov 24 14:54 /lib/modules/3.10.0-693.el7.x86_64/extra/xt_ndpi
101425767 168 -rw-r–r-- 1 root root 168188 Nov 24 11:48 /lib/modules/3.10.0-693.el7.x86_64/extra/xt_ndpi/xt_ndpi.ko.xz
972601 0 drwxr-xr-x 2 root root 27 Nov 24 14:55 /lib/modules/3.10.0-693.5.2.el7.x86_64/weak-updates/xt_ndpi
1436559 0 lrwxrwxrwx 1 root root 62 Nov 24 14:54 /lib/modules/3.10.0-693.5.2.el7.x86_64/weak-updates/xt_ndpi/xt_ndpi.ko.xz -> /lib/modules/3.10.0-693.el7.x86_64/extra/xt_ndpi/xt_ndpi.ko.xz

[details=Summary][root@gateway ~]# /usr/sbin/modinfo -F filename xt_ndpi
modinfo: ERROR: Module xt_ndpi not found.

[details=Summary][root@gateway ~]# lsmod | grep xt_ndpi
[root@gateway ~]#

[details=Summary][root@gateway ~]# uname -r

Rebooted twice

Ill add that this started when I enabled squid again, set a firewall rule to allow a specific program, deleted the rule, and disabled squid because I cannot access certain parts of websites, such as google account page. Website times out with an SSL error. Still happening after squid is disabled and 2 reboots. Might have something to do with the DPI issues?

Grrr, nobody verified the issue:

Could you please run:
yum --enablerepo=nethserver-testing update kmod-xt_ndpi nethserver-firewall-base

1 Like

I don’t think so.

got an error

It should be harmless. Could you please re-run all the above commands and post the output? Thank you.

Im trying to diagnose another issue as well. Cannot access certain ssl sites. Im going to have to reinstall the server i think…I might try deleting squid/firewall and see if a refresh of those helps. Ill post the output asap.

ok I tried again and it is already installed. DPI seems fixed though squid doesnt work…stopped working after an update maybe, I will see when the last update to squid was. And maybe post a new thread :joy:


I also woke up with the same problem, had some firewall rules that made use of DPI, and firewall and DPI modes were with warnings, however in the services part the firewall appeared completely stopped, it did not start and neither did the server restart, all the computers in the network did not have internet, so what I did was uninstall the firewall and DPI modules, and reinstall the Firewall module, instantly the warnings were removed and everything worked again, the DPI module still not I install it, I’m waiting…


after update yum --enablerepo=nethserver-testing update kmod-xt_ndpi nethserver-firewall-base everything seems to be ok with the dpi module. thanks a lot @filippo_carletti


and sorry for the delay :sweat: