* ipset -L causing kernel panic when using macipmap
@ 2004-12-03 14:48 Peter Surda
2004-12-06 9:36 ` Jozsef Kadlecsik
0 siblings, 1 reply; 4+ messages in thread
From: Peter Surda @ 2004-12-03 14:48 UTC (permalink / raw)
To: netfilter-devel
Hello,
I don't know if this is the correct mailing list for ipset, but there
doesn't seem to be much other information online so I'm trying it here.
I'm using kernel 2.4.26, iptables 1.2.11 and ipset 1.0 (at least I think
it is 1.0, changelog claims this) and am playing with it a little.
Using ipmap, everything seems to work fine. When I use macipmap however,
-L causes a kernel panic immediately without any output from ipset
itself. It happens regardless of the number of elements, I tested it
with 0, 2 and 3. Other commands, like -A or -T seem to work correctly
though.
Exact way to reproduce:
modprobe ip_set
modprobe ip_set_macipmap
ipset -N lan macipmap --network 10.0.0.0/24
# I also tried --from, --to and --network 10.0.0.0/255.255.255.0 with
the same results
ipset -L
# immediate panic
As I said, when I do the same with ipmap instead of macipmap, everything
seems to work ok.
Is this perhaps know and fixed in cvs or something? If not, I could do
some more tests or post more details if I know which ones, or try to
debug it myself.
Yours sincerely,
shurdeek
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: ipset -L causing kernel panic when using macipmap
2004-12-03 14:48 ipset -L causing kernel panic when using macipmap Peter Surda
@ 2004-12-06 9:36 ` Jozsef Kadlecsik
2004-12-06 10:04 ` Peter Surda
0 siblings, 1 reply; 4+ messages in thread
From: Jozsef Kadlecsik @ 2004-12-06 9:36 UTC (permalink / raw)
To: Peter Surda; +Cc: netfilter-devel
Hi,
On Fri, 3 Dec 2004, Peter Surda wrote:
> I don't know if this is the correct mailing list for ipset, but there
> doesn't seem to be much other information online so I'm trying it here.
>
> I'm using kernel 2.4.26, iptables 1.2.11 and ipset 1.0 (at least I think
> it is 1.0, changelog claims this) and am playing with it a little.
'ipset -v' always reports the version number.
Please use ipset 2.0 (i.e ipset utility and the kernel part from
patch-o-matic-ng) from the svn repository or download the snapshots from
http://people.netfilter.org/kadlec/ipset/install.html.
It was a useful report because the bug was still present in 2.0 and
was fixed now.
Best regards,
Jozsef
-
E-mail : kadlec@blackhole.kfki.hu, kadlec@sunserv.kfki.hu
PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt
Address : KFKI Research Institute for Particle and Nuclear Physics
H-1525 Budapest 114, POB. 49, Hungary
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: ipset -L causing kernel panic when using macipmap
2004-12-06 9:36 ` Jozsef Kadlecsik
@ 2004-12-06 10:04 ` Peter Surda
2004-12-06 10:37 ` Jozsef Kadlecsik
0 siblings, 1 reply; 4+ messages in thread
From: Peter Surda @ 2004-12-06 10:04 UTC (permalink / raw)
Cc: netfilter-devel
Jozsef Kadlecsik wrote:
>'ipset -v' always reports the version number.
>
>
Yes it was 1.0.
>Please use ipset 2.0 (i.e ipset utility and the kernel part from
>patch-o-matic-ng) from the svn repository or download the snapshots from
>http://people.netfilter.org/kadlec/ipset/install.html.
>
>It was a useful report because the bug was still present in 2.0 and
>was fixed now.
>
>
A whole upgrade is quite complicated, because I have my own distribution
with a lot of patches in kernel and iptables and I wouldn't have the
time to test it after an upgrade at the moment. In the meantime I'll try
to backport this fix and also -S and -R functionality instead :-).
Do I see correctly that the bug was a "- -" instead of "-" in the
list_members function or is it more complicated and I have to use the
whole diff of p-o-m-ng between 1.12. and 6.12.?
>Best regards,
>Jozsef
>
>
Thnx,
Peter
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: ipset -L causing kernel panic when using macipmap
2004-12-06 10:04 ` Peter Surda
@ 2004-12-06 10:37 ` Jozsef Kadlecsik
0 siblings, 0 replies; 4+ messages in thread
From: Jozsef Kadlecsik @ 2004-12-06 10:37 UTC (permalink / raw)
To: Peter Surda; +Cc: netfilter-devel
On Mon, 6 Dec 2004, Peter Surda wrote:
> >Please use ipset 2.0 (i.e ipset utility and the kernel part from
> >patch-o-matic-ng) from the svn repository or download the snapshots from
> >http://people.netfilter.org/kadlec/ipset/install.html.
> >
> A whole upgrade is quite complicated, because I have my own distribution
> with a lot of patches in kernel and iptables and I wouldn't have the
> time to test it after an upgrade at the moment. In the meantime I'll try
> to backport this fix and also -S and -R functionality instead :-).
ipset does not conflict with anything else: only Makefile and Config.in
are affected from the other parts of the kernel tree. You could even copy
the files over your tree from patch-o-matic-ng.
The internals were completely reorganized in 2.0 to achieve the goals, so
you should actually reimplement -S and -R from scratch in ipset 1.0.
> Do I see correctly that the bug was a "- -" instead of "-" in the
> list_members function or is it more complicated and I have to use the
> whole diff of p-o-m-ng between 1.12. and 6.12.?
No, that was due to a stupid memcpy bug in ip_set_macipmap.c itself in
2.0.
Best regards,
Jozsef
-
E-mail : kadlec@blackhole.kfki.hu, kadlec@sunserv.kfki.hu
PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt
Address : KFKI Research Institute for Particle and Nuclear Physics
H-1525 Budapest 114, POB. 49, Hungary
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2004-12-06 10:37 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2004-12-03 14:48 ipset -L causing kernel panic when using macipmap Peter Surda
2004-12-06 9:36 ` Jozsef Kadlecsik
2004-12-06 10:04 ` Peter Surda
2004-12-06 10:37 ` Jozsef Kadlecsik
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.