* Re: Fw: Re: 2.6.14-rc1 Critical bug: machine complete freeze
[not found] ` <432D15BC.3070500@gmail.com>
@ 2005-09-18 15:03 ` Patrick McHardy
[not found] ` <432D944D.9020800@gmail.com>
0 siblings, 1 reply; 2+ messages in thread
From: Patrick McHardy @ 2005-09-18 15:03 UTC (permalink / raw)
To: patrizio.bassi; +Cc: Netfilter Development Mailinglist
[moved to netfilter-devel]
Patrizio Bassi wrote:
> Patrick McHardy ha scritto:
>> Please try if turning it off helps. The deadlock is pretty likely to
>> happen in other situations too, its best not to use event notifications
>> currently.
>>
> yes, i tested and it works now.
> as trivial and fast fix you can block both by config script.
Just turning off event notifications should be fine .. I want people
to use the netbios helper.
> i have some big problems with forwarding and bridge configuration too.
> i've been investigating to find the real problem, in order to report a
> valid bug-entry.
>
> in few words:
> iptables works perfectly, apart for icmp forwarding.
> it's not a iptables wrong config, because if i destroy the chains and i
> reload them it works perfectly.
>
> test situation:
>
> Client -> Router with bridge
>
> I start the Router, apply iptables rules, connect to internet, perfect.
> I start the Client, try to ping the router or google, nothing.
> Destroy iptables, reload rules in the Router.
> Client can ping google and router.
>
> My iptables script was about 1 year old, and worked perfectly.
> New kernel (dunno which...2.6.1x) introduced this problem.
Try adding some logging rules to see why it gets dropped (-m state
--state INVALID for example).
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: Fw: Re: 2.6.14-rc1 Critical bug: machine complete freeze
[not found] ` <432D944D.9020800@gmail.com>
@ 2005-09-18 16:58 ` Patrick McHardy
0 siblings, 0 replies; 2+ messages in thread
From: Patrick McHardy @ 2005-09-18 16:58 UTC (permalink / raw)
To: patrizio.bassi; +Cc: Netfilter Development Mailinglist
Patrizio Bassi wrote:
> Patrick McHardy ha scritto:
>
>>> My iptables script was about 1 year old, and worked perfectly.
>>> New kernel (dunno which...2.6.1x) introduced this problem.
>>>
>> Try adding some logging rules to see why it gets dropped (-m state
>> --state INVALID for example).
>>
> the question is: why first time it's dropped and after reload not?
If the ping is already running before you load your NAT rules their
might already be state for the "connection" without NAT initialized.
> i've also supposed a time problem..waiting for bridge propagating and so
> on.
>
> after some mins i tried, and got same problem, so there must be some
> initialization problems.
>
> i suspect in bridge interface enabling/disabling and iptables in
> following bridge changes.
I don't know your setup, so I can't comment on this. But again,
some logging rules should at least tell whats happening to the
packets.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2005-09-18 16:58 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <20050917133943.30983afd.akpm@osdl.org>
[not found] ` <432C8178.40201@trash.net>
[not found] ` <432C8398.9060202@gmail.com>
[not found] ` <432C8590.9070600@trash.net>
[not found] ` <432D15BC.3070500@gmail.com>
2005-09-18 15:03 ` Fw: Re: 2.6.14-rc1 Critical bug: machine complete freeze Patrick McHardy
[not found] ` <432D944D.9020800@gmail.com>
2005-09-18 16:58 ` Patrick McHardy
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.