Hello, there is a race or something like this in the netfilter-modules
in linux-2.4.0-test1-ac20. Compile nearly everything except the
compatibility code as modules:
CONFIG_IP_NF_CONNTRACK=m
CONFIG_IP_NF_FTP=m
CONFIG_IP_NF_QUEUE=m
CONFIG_IP_NF_IPTABLES=m
CONFIG_IP_NF_MATCH_LIMIT=m
CONFIG_IP_NF_MATCH_MAC=m
CONFIG_IP_NF_MATCH_MARK=m
CONFIG_IP_NF_MATCH_MULTIPORT=m
CONFIG_IP_NF_MATCH_TOS=m
CONFIG_IP_NF_MATCH_STATE=m
CONFIG_IP_NF_MATCH_UNCLEAN=m
CONFIG_IP_NF_MATCH_OWNER=m
CONFIG_IP_NF_FILTER=m
CONFIG_IP_NF_TARGET_REJECT=m
CONFIG_IP_NF_TARGET_MIRROR=m
CONFIG_IP_NF_NAT=m
CONFIG_IP_NF_NAT_NEEDED=y
CONFIG_IP_NF_TARGET_MASQUERADE=m
CONFIG_IP_NF_TARGET_REDIRECT=m
CONFIG_IP_NF_MANGLE=m
CONFIG_IP_NF_TARGET_TOS=m
CONFIG_IP_NF_TARGET_MARK=m
CONFIG_IP_NF_TARGET_LOG=m
# CONFIG_IP_NF_COMPAT_IPCHAINS is not set
# CONFIG_IP_NF_COMPAT_IPFWADM is not set
And then run this simple script:
while true; echo test1; do modprobe iptable_nat; echo test2; rmmod
iptable_nat; rmmod ip_conntrack; rmmod ip_tables; done
After some lines, you'll get disconnected when running this from
telnet. (It seems that every TCP connection without a flushed buffer
will get disconnected.)
After reconnecting, if you type "lsmod", you will see things like:
router|00:52:12|~> lsmod
Module Size Used by
lsmod: QM_INFO: Invalid argument
router|00:52:14|~>
After that, you won't be able to use these modules anymore.
This is especially annoying if you want to integrate the module-load
into /etc/ppp/ip-up and -down scripts, because you need masquerading
only then, because if switched on earlier, the connection which
triggers auto-dial will never succeed, because it will be masqueraded
to the wrong (dummy) ip-address of the ppp-interface.
Xuân. :o)
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Fri Jun 23 2000 - 21:00:16 EST