From: mingching.tiew@redtone.com> To: tproxy@lists.balabit.hu> Date: Tue, 8 Jul 2008 14:47:26 +0800> Subject: Re: [tproxy] tproxy 4.1.0 in bridge mode> > sameer khan wrote:> > hi guys> > > > i am trying to work out tproxy 4.1.0 bridge mode, any one using it> > please me know what kernel, iptables and squid version. > > > > I have test it with kernel 2.6.24.19 but ebtables causes kernel> > panic, really am confused. > > > > > > We can't see through the crystal ball to know what ebtables > commands you have used to panic the kernel, you should> test your ebtables thingie with a stock kernel without applying> any patches. If it still panic, file a bug report with the linux kernel > team, it has nothing to do with tproxy.> > > _______________________________________________> tproxy mailing list> tproxy@lists.balabit.hu> https://lists.balabit.hu/mailman/listinfo/tproxy hey ming thanks for reply, i read the command if i m not mistaken written by yourself INSIDE_DEV=eth0OUTSIDE_DEV=eth1 ebtables -t broute -A BROUTING -i $INSIDE_DEV -p ipv4 \ --ip-protocol tcp --ip-destination-port 80 \ -j redirect --redirect-target DROP ebtables -t broute -A BROUTING -i $OUTSIDE_DEV -p ipv4 \ --ip-protocol tcp --ip-source-port 80 \ -j redirect --redirect-target DROPthe above command are causing kernel panic. so if you may be kind enough enlighten me. which kernel version you test with and the version of iptables and squid. thanks, really appreciated any help
Invite your Facebook friends to chat on Messenger http://clk.atdmt.com/UKM/go/101719649/direct/01/
sameer khan wrote:
for reply, i read the command if i m not mistaken written by yourself INSIDE_DEV=eth0 OUTSIDE_DEV=eth1 ebtables -t broute -A BROUTING -i $INSIDE_DEV -p ipv4 \ --ip-protocol tcp --ip-destination-port 80 \ -j redirect --redirect-target DROP ebtables -t broute -A BROUTING -i $OUTSIDE_DEV -p ipv4 \ --ip-protocol tcp --ip-source-port 80 \ -j redirect --redirect-target DROP
Sometime ago I did launched a kernel bug report about these command can cause kernel to panic, due to some "regression" introduced between kernel 2.6.23-2.6.24, but it was fixed already - sometime ago. By the way, there is no such kernel release version 2.6.24.19, the highest number is 2.6.24.7 - which I think is a safe choice. Funny where do you get your kernel from ? Also "tproxy" patch might be the one which causes the panic when working under bridge. As I mentioned, it's best you do some work to isolate the problem. Just conduct some experiments, with and without tproxy patch, then you would know who is the culprit. Kernel core dump will also give you additional information. Ming-Ching
Hello, sameer khan írta:
From: mingching.tiew@redtone.com To: tproxy@lists.balabit.hu Date: Tue, 8 Jul 2008 14:47:26 +0800 Subject: Re: [tproxy] tproxy 4.1.0 in bridge mode
sameer khan wrote:
hi guys
i am trying to work out tproxy 4.1.0 bridge mode, any one using it please me know what kernel, iptables and squid version.
I have test it with kernel 2.6.24.19 but ebtables causes kernel panic, really am confused.
We can't see through the crystal ball to know what ebtables commands you have used to panic the kernel, you should test your ebtables thingie with a stock kernel without applying any patches. If it still panic, file a bug report with the linux kernel team, it has nothing to do with tproxy.
_______________________________________________ tproxy mailing list tproxy@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/tproxy
hey ming
thanks for reply, i read the command if i m not mistaken written by yourself
INSIDE_DEV=eth0
OUTSIDE_DEV=eth1
ebtables -t broute -A BROUTING -i $INSIDE_DEV -p ipv4 \
--ip-protocol tcp --ip-destination-port 80 \
-j redirect --redirect-target DROP
ebtables -t broute -A BROUTING -i $OUTSIDE_DEV -p ipv4 \
--ip-protocol tcp --ip-source-port 80 \
-j redirect --redirect-target DROP
the above command are causing kernel panic. so if you may be kind enough enlighten me. which kernel version you test with and the version of iptables and squid.
Did you try without the TProxy patch? And what is the text of the kernel panic? The backtrace may help. -- Panther
Laszlo Attila Toth wrote:
Hello,
sameer khan írta:
From: mingching.tiew@redtone.com To: tproxy@lists.balabit.hu Date: Tue, 8 Jul 2008 14:47:26 +0800 Subject: Re: [tproxy] tproxy 4.1.0 in bridge mode
sameer khan wrote:
hi guys
i am trying to work out tproxy 4.1.0 bridge mode, any one using it please me know what kernel, iptables and squid version.
I have test it with kernel 2.6.24.19 but ebtables causes kernel panic, really am confused.
We can't see through the crystal ball to know what ebtables commands you have used to panic the kernel, you should test your ebtables thingie with a stock kernel without applying any patches. If it still panic, file a bug report with the linux kernel team, it has nothing to do with tproxy.
_______________________________________________ tproxy mailing list tproxy@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/tproxy
hey ming
thanks for reply, i read the command if i m not mistaken written by yourself
INSIDE_DEV=eth0
OUTSIDE_DEV=eth1
ebtables -t broute -A BROUTING -i $INSIDE_DEV -p ipv4 \
--ip-protocol tcp --ip-destination-port 80 \
-j redirect --redirect-target DROP
ebtables -t broute -A BROUTING -i $OUTSIDE_DEV -p ipv4 \
--ip-protocol tcp --ip-source-port 80 \
-j redirect --redirect-target DROP
the above command are causing kernel panic. so if you may be kind enough enlighten me. which kernel version you test with and the version of iptables and squid.
Did you try without the TProxy patch? And what is the text of the kernel panic? The backtrace may help.
I did a quick check on the kernel changelog, the bug I reported was fixed after 2.6.24.4. Anyone using versions below is repeating what I have already reported. The original poster mentioned about 2.6.24.19 which must be a mistake. There is no such kernel version. It must be a version below 2.6.24.4. Ming-Ching
participants (3)
-
Laszlo Attila Toth
-
Ming-Ching Tiew
-
sameer khan