From: senthilkumaar2021 <senthilkumaar2021@gmail.com>
To: marek@piasta.pl
Cc: netfilter@vger.kernel.org
Subject: kernel panic
Date: Mon, 17 May 2010 15:12:09 +0530 [thread overview]
Message-ID: <4BF10F71.2050409@gmail.com> (raw)
Hi
Thanks for the reply
I was using kernel 2.6.28.5 and 2.6.30.5 but i got kernel panic in both
versions
my iptable and ebtable are as follows
iptables -t mangle -N DIVERT
iptables -t mangle -A DIVERT -j MARK --set-mark 1
iptables -t mangle -A DIVERT -j ACCEPT
iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT
iptables -t mangle -A PREROUTING -p tcp --dport 80 -j TPROXY --tproxy-mark 0x1/0x1 --on-port 3129
ebtables -t broute -A BROUTING -i $CLIENT_IFACE -p ipv4 --ip-proto tcp --ip-dport 80 -j redirect --redirect-target DROP
ebtables -t broute -A BROUTING -i $INET_IFACE -p ipv4 --ip-proto tcp --ip-sport 80 -j redirect --redirect-target DROP
Regards
senthil
> Hi,
>
> >I am using iptables version 1.43 and getting the following error in
> >machine while using squid in tproxy.we are using Linux machine as
> >bridge too
> >i was able to capture part of the error only please help me in solving
> >the issue
>
> What kernel version are you using? I don't know if it's the same
> problem but I was experiencing kernel panic with tproxy in recent
> kernels if there were any traffic to port 80 to the box itself. I was
> able to workaround the problem using RETURN target on the local traffic
> before "-m socket" match and DIVERT target.
>
> XX.XX.XX.XX in the example is the local box address.
>
> My mangle starts this way:
>
> IPTM="${IPT} -t mangle"
> echo $" * Launching mangle RULEZ..."
>
>
> # Setup a chain DIVERT to mark packets
> $IPTM -N DIVERT
> $IPTM -A DIVERT -j MARK --set-mark 1
> $IPTM -A DIVERT -j ACCEPT
>
> # Bez przekierowywania na proxy w przypadku polaczen do
> lokalnego serwera www (videocache)
> $IPTM -A PREROUTING -p tcp -d XX.XX.XX.XX --dport 80 -j ACCEPT
>
> # Use DIVERT to prevent existing connections going through
> TPROXY twice
> $IPTM -A PREROUTING -p tcp -m socket -j DIVERT --dport 80
> # regula dla ruchu klienci->swiat
> $IPTM -A PREROUTING -p tcp -m socket -j DIVERT --sport 80
>
>
> Hope this helps.
>
> Best regards,
> Marek
next reply other threads:[~2010-05-17 9:42 UTC|newest]
Thread overview: 116+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-05-17 9:42 senthilkumaar2021 [this message]
-- strict thread matches above, loose matches on Subject: below --
2023-11-13 9:21 Kernel panic Yao Yongxian
2023-11-13 18:02 ` Jan Kiszka
2019-10-15 7:21 Kernel Panic Christophe DUMONT
2019-10-15 17:13 ` Valentin Vidić
2019-10-15 20:20 ` Valdis Klētnieks
2019-10-16 7:34 ` Christophe DUMONT
2019-10-16 14:16 ` Valdis Klētnieks
2019-10-17 7:48 ` Christophe DUMONT
2019-10-17 7:54 ` Valentin Vidić
2019-10-22 9:38 ` Christophe DUMONT
2019-10-22 17:20 ` Greg KH
2019-04-01 6:43 kernel panic Victor L
2018-07-09 1:00 Ansuel Smith
2018-07-09 4:54 ` Vasanthakumar Thiagarajan
2016-12-06 6:23 Kernel Panic Samuel Holland
2016-12-06 18:19 ` Jason A. Donenfeld
2016-12-06 18:26 ` Samuel Holland
2016-12-06 18:31 ` Jason A. Donenfeld
2016-12-06 22:39 ` Jason A. Donenfeld
2016-12-07 0:44 ` PaX Team
2016-12-07 10:38 ` Jason A. Donenfeld
[not found] ` <CAHmME9pVCDu88c6n+LV9Mtd5Ohu8o-7RSQB4kRjsHGRQ3jF8zw@mail.gmail.com>
[not found] ` <20161208231626.GA5230@grsecurity.net>
2016-12-09 11:17 ` Jason A. Donenfeld
[not found] ` <20161209121144.GA31448@grsecurity.net>
2016-12-09 12:56 ` Jason A. Donenfeld
2016-12-09 13:27 ` Jason A. Donenfeld
2016-12-09 15:54 ` Jason A. Donenfeld
2015-10-15 11:23 kernel panic jinzhao at wingtech.com
2015-10-16 11:36 ` Mulyadi Santosa
2013-09-17 2:59 Kernel panic zhang xintao
2013-09-17 2:57 kernel panic zhang xintao
2013-09-17 14:45 ` Brian Jackson
[not found] <510F87A6.1060002@sap.com>
2013-02-04 19:52 ` Helge Deller
2013-02-04 20:48 ` John David Anglin
2012-12-02 17:30 Kernel panic Stefan Beller
2012-12-02 17:51 ` Stefan Beller
2012-12-02 19:13 ` rh
[not found] <201201191202.q0JC243u029201@curly.dor.state.ma.us>
2012-01-19 15:26 ` Ron Murray
2011-10-24 11:19 kernel panic nick bray
2011-10-25 20:55 ` Bjorn Helgaas
2011-10-26 10:00 ` Len Brown
2011-10-26 10:00 ` Len Brown
2011-10-26 14:53 ` Bjorn Helgaas
[not found] ` <4EA82832.2070201@ntlworld.com>
2011-10-26 16:18 ` Bjorn Helgaas
[not found] ` <4EA83F5D.20001@ntlworld.com>
2011-10-26 18:10 ` Bjorn Helgaas
2011-10-26 18:10 ` Bjorn Helgaas
2011-10-28 2:13 ` Thomas Renninger
2011-10-31 12:24 ` Thomas Renninger
2010-09-15 13:21 Tigran Mkrtchyan
2010-09-16 15:35 ` Benny Halevy
2010-09-17 6:33 ` Tigran Mkrtchyan
2010-09-17 8:23 ` Benny Halevy
2010-05-18 4:23 senthilkumaar2021
2010-05-18 4:47 ` Justin P. Mattock
2010-05-18 4:55 ` senthilkumaar2021
2010-05-18 5:05 ` Eric Dumazet
[not found] ` <4BF222C8.6000200@gmail.com>
2010-05-18 5:49 ` Eric Dumazet
2010-05-18 5:08 ` Justin P. Mattock
2010-05-17 8:55 senthilkumaar2021
[not found] <9a5eeacd0804210350v79db27f0of73a29c55e2b7311@mail.gmail.com>
2008-04-21 10:56 ` Kernel panic Matthias Andersson
2008-04-21 11:07 ` Bart Van Assche
2007-12-23 21:27 Jörg Sommer
2006-09-25 12:32 kernel panic Jacques Rodary
2006-09-07 16:42 Miha Verlic
2006-08-24 18:01 febo
2006-03-31 4:31 Samuel Díaz García
2006-04-01 6:21 ` Samuel Díaz García
2006-02-24 10:15 Rogel Miguez
2005-09-23 13:37 Kernel panic sharad
[not found] <4GLD8-5Wa-27@gated-at.bofh.it>
2005-08-29 23:50 ` kernel panic Robert Hancock
2005-08-29 6:43 manomugdha biswas
2004-09-27 9:22 lp4u
2004-09-27 11:09 ` Frank Steiner
2004-09-27 13:41 ` elijah wright
2004-09-27 9:08 lp4u
2004-09-27 12:39 ` Josh Boyer
2004-04-12 10:39 osmaker@hu
2004-04-12 10:43 ` osmaker@hu
2004-04-12 12:26 ` Zwane Mwaikambo
2004-02-11 1:16 Kernel Panic Krishna Kumar
2004-02-11 0:32 Niranjan
[not found] <S263478AbTLEJ0s/20031205092648Z+878@vger.kernel.org>
2003-12-05 9:34 ` Kernel panic neel vanan
2003-12-05 14:19 ` William Lee Irwin III
2003-12-06 5:47 ` William Lee Irwin III
2003-07-24 4:47 kernel panic mount me
2003-07-24 7:29 ` Gábor Lénárt
2003-07-26 1:21 ` Fname Lname
2003-04-16 12:45 Kernel panic Allshouse, Brian M (Sabre)
2003-04-07 14:48 Kernel Panic Jamie Harris
2003-04-06 7:00 Recomended IDE-RAID MB Andrew B. Cramer
2003-04-07 13:43 ` Kernel Panic Ben Clewett
2003-04-07 13:48 ` Jamie Harris
2003-04-07 14:22 ` Ben Clewett
2003-03-26 20:22 David van Hoose
2003-03-26 11:28 ` dan carpenter
2002-10-29 20:06 Kernel panic Aman
2002-10-30 19:57 ` Matt Porter
2002-04-06 4:16 Daniel Mundy
2002-04-06 18:05 ` Alan Cox
2002-03-05 22:31 Hanno Böck
2002-03-06 1:40 ` Lionel Bouton
2002-03-06 1:50 ` Andre Hedrick
2002-02-19 18:27 kernel panic chiranjeevi vaka
2002-02-19 18:50 ` Justin Carlson
2002-02-21 17:17 ` Fernando Korndorfer
2002-01-04 4:11 Balaji
2002-01-02 19:34 nntp
2001-12-15 18:47 mempool design Benjamin LaHaise
2001-12-15 22:18 ` Ingo Molnar
2001-12-17 15:04 ` Andrea Arcangeli
2001-12-17 15:38 ` Victor Yodaiken
2001-12-17 17:33 ` kernel panic Geoffrey
2001-06-28 12:47 karanth karanth
2000-11-17 17:44 Kernel Panic Dave Seff
2000-11-18 19:29 ` Chmouel Boudjnah
1998-04-02 17:31 kernel panic Ulf Carlsson
1998-04-02 17:29 ` ralf
1998-04-02 18:55 ` Dong Liu
1998-04-02 18:47 ` ralf
1998-04-02 19:22 ` Dong Liu
1998-04-02 20:37 ` ralf
1998-04-02 21:10 ` Dong Liu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4BF10F71.2050409@gmail.com \
--to=senthilkumaar2021@gmail.com \
--cc=marek@piasta.pl \
--cc=netfilter@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.