[tproxy] 2.6.12 patch on 2.6.11 kernel
KOVACS Krisztian
hidden at balabit.hu
Wed Nov 2 08:51:43 CET 2005
Hi,
On Wednesday 02 November 2005 00.02, Tudor Alexandru Dragos wrote:
> Make files but no other major problem. When the kernel
> is compiled with SMP support the kernel freeze when
> the –j TPROXY rule is hit by any package
more exactly
> is crash on a writelock.
> The last line is executed is in ip_nat_core.c
>
> if (have_to_hash) {
> unsigned int srchash
> =
> hash_by_src(&conntrack->tuplehash[IP_CT_DIR_ORIGINAL]
> .tuple);
> WRITE_LOCK(&ip_nat_lock); <-- here is
> hangs
> list_add(&info->bysource,
> &bysource[srchash]);
> WRITE_UNLOCK(&ip_nat_lock);
> }
>
> I have tried the compiling the kernel without SMP and
> is almost working
I get some kernel panic even with
> no tproxy rule at all But I didn’t have time to
> investigate
.
Uh, I've found exactly the same problem last friday, but did not have
time to release a new patch before my four-day-long weekend. Sorry
about this, I'll create an updated release today.
> Anybody manage to apply the patch on 2.6.11 kernel ?
>
> I have spent a lot of time applying a lot of patched
> on this kernel (I intended to use it in a extremely
> experimental network) so I am not too happy to change
> it because until now I never have problems with it. Do
> I have any chance to make it work or should I use a
> clean vanilla kernel sources.
> Sorry if is sound’s kind of stupid applying a patch
> for kernel 2.6.12 on a 2.6.11 that is already
> extremely blotted with other patches.
Differences in the tproxy patch between 2.6.11 and 2.6.12 were quite
small, so applying the patch should be easy. I don't say it will work
out-of-the-box, but there shouldn't be any serious incompatibilities.
(Like those between 2.6.10 and 2.6.11.)
--
Regards,
Krisztian Kovacs
More information about the tproxy
mailing list