[tproxy] Virtual Private Connection crash kernel 2.6.17 with
cttproxt 2.0.5
Zhou Li
zhou.li at ca-jc.com
Wed Sep 13 11:18:16 CEST 2006
Sadly, this bug still exist in new cttproxy-2.0.5
Environment:
Windows 2000 <--> Linux with tproxy <--> VPN server.
Linux kernel is 2.6.17 with cttproxy-2.6.17-2.0.5 all four patch.
When I do Virtual Private Connectio from Win2000 to VPN server, the linux box will be crash,
the following are crashing messages:
BUG: unable to handle kernel paging request at virtual address 00003f0a
printing eip:
*pde = 00000000
Oops: 0002 [#1]
Modules linked in: ebt_vlan ebtable_broute ebtables ipt_TPROXY iptable_tproxy iptable_nat iptable_mangle iptable_filter ipt_hashlimit ipt_connlimit xt_state xt_pkttype xt_multiport xt_mark xt_length xt_conntrack ipt_REJECT ipt_LOG ip_queue ip_nat_snmp_basic ip_nat_pptp ip_nat_irc ip_nat_ftp ip_nat ip_conntrack_pptp ip_conntrack_irc ip_conntrack_ftp ip_conntrack nfnetlink ip_tables e100 mii bridge llc usbhid dm_mod sd_mod isofs ide_cd cdrom ide_disk pcspkr i2c_i801 piix ide_core shpchp ehci_hcd uhci_hcd usbcore i2c_i810 i2c_algo_bit i2c_core
CPU: 0
EIP: 0060:[<e0a0773d>] Not tainted VLI
EFLAGS: 00010212 (2.6.17.11-3tr #1)
EIP is at ip_nat_reserved_unregister_all+0x2c/0x6f [ip_nat]
eax: d76146e8 ebx: d76146f0 ecx: 00000000 edx: 00003f06
esi: d76146f0 edi: d7614630 ebp: e0a04e20 esp: c0345cf0
ds: 007b es: 007b ss: 0068
Process swapper (pid: 0, threadinfo=c0344000 task=c02eef80)
Stack: d7614630 d7614630 d7614694 e09f883e d7614630 d7614630 e09f962f d7614630
d7614630 d76a305c e09f50a0 d7614630 df6d0f40 d76a3000 00000000 0000002d
c213e7dc c034e103 a658a8c0 c02f3f06 d76a305c d7614694 c0345d78 e0a03053
Call Trace:
<e09f883e> ip_ct_unlink_expect+0x34/0x3f [ip_conntrack] <e09f962f> ip_conntrack_unexpect_related+0xbb/0xdb [ip_conntrack]
<e09f50a0> pptp_nat_expected+0xa0/0x153 [ip_nat_pptp] <c034e103> init_cyrix+0xcb/0x29c
<e0a03053> pptp_expectfn+0x53/0x5a [ip_conntrack_pptp] <e09f8989> find_expectation+0x87/0x98 [ip_conntrack]
<e09f935c> init_conntrack+0xf9/0x112 [ip_conntrack] <c034e103> init_cyrix+0xcb/0x29c
<e09f9453> ip_conntrack_in+0xde/0x1de [ip_conntrack] <e08ba69f> br_nf_pre_routing_finish+0x0/0x2a5 [bridge]
<c0262a80> nf_iterate+0x3f/0x5f <e08ba69f> br_nf_pre_routing_finish+0x0/0x2a5 [bridge]
<c0262ae7> nf_hook_slow+0x47/0xa7 <e08ba69f> br_nf_pre_routing_finish+0x0/0x2a5 [bridge]
<e08b76e2> br_handle_frame_finish+0x0/0xe0 [bridge] <e08baf03> br_nf_pre_routing+0x2f4/0x312 [bridge]
<e08ba69f> br_nf_pre_routing_finish+0x0/0x2a5 [bridge] <c0262a80> nf_iterate+0x3f/0x5f
<e08b76e2> br_handle_frame_finish+0x0/0xe0 [bridge] <c0262ae7> nf_hook_slow+0x47/0xa7
<e08b76e2> br_handle_frame_finish+0x0/0xe0 [bridge] <e08b7921> br_handle_frame+0x133/0x162 [bridge]
<e08b76e2> br_handle_frame_finish+0x0/0xe0 [bridge] <c025506c> netif_receive_skb+0x149/0x1f9
<e09dc8eb> e100_rx_indicate+0x128/0x14b [e100] <e09dc949> e100_rx_clean+0x3b/0xdf [e100]
<e09dcc13> e100_poll+0x33/0xab [e100] <c025524c> net_rx_action+0x59/0xbf
<c0116e3c> __do_softirq+0x34/0x7d <c0116ea7> do_softirq+0x22/0x26
<c01049c7> do_IRQ+0x47/0x4f <c01033ca> common_interrupt+0x1a/0x20
<c0100ab7> default_idle+0x2b/0x53 <c0100b2c> cpu_idle+0x39/0x4e
<c034660a> start_kernel+0x180/0x182
Code: 56 53 b8 00 e0 ff ff 8b 7c 24 10 21 e0 81 40 14 00 01 00 00 8b 77 5c 8d 47 5c 39 c6 74 48 8d 46 f8 8b 36 8b 48 04 8b 10 8d 58 08 <89> 4a 04 89 11 c7 40 04 00 02 20 00 8b 50 08 8b 4b 04 c7 00 00
EIP: [<e0a0773d>] ip_nat_reserved_unregister_all+0x2c/0x6f [ip_nat] SS:ESP 0068:c0345cf0
<0>Kernel panic - not syncing: Fatal exception in interrupt
It is seem crash by nat reserved, so I disable NAT reservations in kernel config and recompile it then test it again,
It will not be crash, but I don't konw if tproxy will work well without 01-nat_reservations?
// Zhou Li
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/tproxy/attachments/20060913/6a3cd897/attachment.htm
More information about the tproxy
mailing list