I have applied the tproxy 2.6.12-2.0.2. patch on 2.6.11-hardened-r15 (Gentoo SElinux default kernel). The patch applied almost clean I have to fix some Make files but no other major problem. When the kernel is compiled with SMP support the kernel freeze when the j TPROXY rule is hit by any package more exactly is crash on a writelock. The last line is executed is in ip_nat_core.c if (have_to_hash) { unsigned int srchash = hash_by_src(&conntrack->tuplehash[IP_CT_DIR_ORIGINAL] .tuple); WRITE_LOCK(&ip_nat_lock); <-- here is hangs list_add(&info->bysource, &bysource[srchash]); WRITE_UNLOCK(&ip_nat_lock); } I have tried the compiling the kernel without SMP and is almost working I get some kernel panic even with no tproxy rule at all But I didnt have time to investigate . Anybody manage to apply the patch on 2.6.11 kernel ? I have spent a lot of time applying a lot of patched on this kernel (I intended to use it in a extremely experimental network) so I am not too happy to change it because until now I never have problems with it. Do I have any chance to make it work or should I use a clean vanilla kernel sources. Sorry if is sounds kind of stupid applying a patch for kernel 2.6.12 on a 2.6.11 that is already extremely blotted with other patches. P.S: The problems manifests even with the stock hardened Gentoo kernel with no others patched but the one from the portage. (Not in enforce mode) __________________________________ Yahoo! FareChase: Search multiple travel sites in one click. http://farechase.yahoo.com