[tproxy] Crashing kernel
Michal Pokrywka
mpokrywka at hoga.pl
Wed Nov 29 12:32:48 CET 2006
Hello,
I used successfully tproxy patch with squid and 2.6.12 kernel.
Recently I tried to consolidate my boxes using xen,
I used new upcoming debian kernel (2.6.18) and patched it with
tproxy. I also enabled TPROXY feature in debian's squid (2.6.STABLE5).
TProxy seems working - rewrites source ip, but kernel crashes
frequently - few times a day, under light - only testing usage.
TProxy is run in unpriviledged xen domain. I managed to capture
few oopses, attached. Only iptables rules used on this box:
iptables -t tproxy -F *
iptables -t tproxy -X
iptables -t tproxy -N redir-to-squid
iptables -t tproxy -A redir-to-squid -j TPROXY --on-port 3128 --on-ip 192.168.1.100
iptables -t tproxy -N check-ip
iptables -t tproxy -A check-ip -s 192.168.0.0/16 -j redir-to-squid
iptables -t tproxy -A PREROUTING -i eth0 -p tcp --dport 80 -j check-ip
Let me know if you have any ideas how to prevent crashes, or if any other
info is needed.
Thanks
Michal Pokrywka
-------------- next part --------------
A non-text attachment was scrubbed...
Name: oops1.log
Type: application/octet-stream
Size: 2294 bytes
Desc: not available
Url : http://lists.balabit.hu/pipermail/tproxy/attachments/20061129/55142f02/oops1.obj
-------------- next part --------------
A non-text attachment was scrubbed...
Name: oops2.log
Type: application/octet-stream
Size: 2023 bytes
Desc: not available
Url : http://lists.balabit.hu/pipermail/tproxy/attachments/20061129/55142f02/oops2.obj
-------------- next part --------------
A non-text attachment was scrubbed...
Name: oops3.log
Type: application/octet-stream
Size: 2096 bytes
Desc: not available
Url : http://lists.balabit.hu/pipermail/tproxy/attachments/20061129/55142f02/oops3.obj
More information about the tproxy
mailing list