Re: WARNING: at net/ipv4/netfilter/nf_nat_standalone.c:89 nf_nat_fn+0x33/0x155()
From: Nir Tzachar
Date: Fri Oct 10 2008 - 16:51:05 EST
On Fri, Oct 10, 2008 at 10:49 PM, Nir Tzachar <nir.tzachar@xxxxxxxxx> wrote:
> Patrick McHardy wrote:
>> Patrick McHardy wrote:
>>> Nir Tzachar wrote:
>>>> Hello.
>>>>
>>>> The following warning is reproducible with the code below on 2.6.25.6,
>>>> which uses sendmsg on a udp socket using two iovecs:
>>>>
>>>> ....
>>>> And I always get the following warning twice:
>>>>
>>>> [ 6658.338116] ------------[ cut here ]------------
>>>> [ 6658.338121] WARNING: at net/ipv4/netfilter/nf_nat_standalone.c:89
>>>> nf_nat_fn+0x33/0x155()
>>>
>>> Thanks for the report. Does this patch fix it?
>>
>> Actually, this can't be it. Let me look again.
>
>>Found it - we lost an ifdef during the transition to nf_conntrack
>>guarding an exception from defragmentation on loopback input.
>
>>This patch should fix the warning.
>
>
Yes, the patch below fixes the problem.
10x.
> ["x" (text/plain)]
>
> diff --git a/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c \
> b/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c index 5a955c4..7eb0b61 100644
> --- a/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c
> +++ b/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c
> @@ -150,10 +150,12 @@ static unsigned int
> ipv4_conntrack_defrag(unsigned int hooknum,
> const struct net_device *out,
> int (*okfn)(struct sk_buff *))
> {
> +#if !defined(CONFIG_NF_NAT) && !defined(CONFIG_NF_NAT_MODULE)
> /* Previously seen (loopback)? Ignore. Do this before
> fragment check. */
> if (skb->nfct)
> return NF_ACCEPT;
> +#endif
>
> /* Gather fragments. */
> if (ip_hdr(skb)->frag_off & htons(IP_MF | IP_OFFSET)) {
>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/