bugzilla-daemon@bugzilla.netfilter.org
2006-Feb-07 23:19 UTC
[Bug 442] skb->data_len corrupted in NF_IP_LOCAL_OUT in mangle table
https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=442 ------- Additional Comments From tpaskett@cymphonix.com 2006-02-07 23:19 MET ------- (In reply to comment #0)> I have confirmed this does not happen in 2.6.13.5 and below and starts to happen > in 2.6.14 all the way to 2.6.15.2 If you have a REDIRECT rule for squid like this: > > iptables -t nat -A PREROUTING -p tcp --dport 80 -s 172.16.1.5/32 -j REDIRECT > --to 3128 > > The skb->data_len and skb->len get messed up in mangle->NF_IP_LOCAL_OUT. The skb > is fine in NF_IP_LOCAL_IN. Values in the pre 2.6.14 kernels have 1500 or less > for the values as it should be. In 2.6.14+ it will be random high numbers like > 23344. I'm looking into the patch for 2.6.14, but thought I would enlist your > help. To track this down I made a simple target that prink'd the value of those > vars and put it in the OUTPUT chain of the mangle table. iptables user space > v1.2.9. Thanks!Looks like this is specific to the e1000 driver. Other cards and drivers work OK. Not usre if anything needs to be changed in iptables. I'll keep looking. -- Configure bugmail: https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon@bugzilla.netfilter.org
2006-Feb-07 23:19 UTC
[Bug 442] skb->data_len corrupted in NF_IP_LOCAL_OUT in mangle table
https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=442 ------- Additional Comments From tpaskett@cymphonix.com 2006-02-07 23:19 MET ------- (In reply to comment #0)> I have confirmed this does not happen in 2.6.13.5 and below and starts to happen > in 2.6.14 all the way to 2.6.15.2 If you have a REDIRECT rule for squid like this: > > iptables -t nat -A PREROUTING -p tcp --dport 80 -s 172.16.1.5/32 -j REDIRECT > --to 3128 > > The skb->data_len and skb->len get messed up in mangle->NF_IP_LOCAL_OUT. The skb > is fine in NF_IP_LOCAL_IN. Values in the pre 2.6.14 kernels have 1500 or less > for the values as it should be. In 2.6.14+ it will be random high numbers like > 23344. I'm looking into the patch for 2.6.14, but thought I would enlist your > help. To track this down I made a simple target that prink'd the value of those > vars and put it in the OUTPUT chain of the mangle table. iptables user space > v1.2.9. Thanks!Looks like this is specific to the e1000 driver. Other cards and drivers work OK. Not usre if anything needs to be changed in iptables. I'll keep looking. -- Configure bugmail: https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You reported the bug, or are watching the reporter.
bugzilla-daemon@bugzilla.netfilter.org
2006-Feb-09 15:41 UTC
[Bug 442] skb->data_len corrupted in NF_IP_LOCAL_OUT in mangle table
https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=442 ------- Additional Comments From laforge@netfilter.org 2006-02-09 15:41 MET ------- If it's e1000 specific, please post a mail to netdev@vger.kernel.org, cc to jesse brandenburg (the e1000 maintainer) and make sure to mention MASQUERADE and e100 in the subject. -- Configure bugmail: https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You reported the bug, or are watching the reporter.
bugzilla-daemon@bugzilla.netfilter.org
2006-Feb-17 09:42 UTC
[Bug 442] skb->data_len corrupted in NF_IP_LOCAL_OUT in mangle table
https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=442 ------- Additional Comments From kaber@trash.net 2006-02-17 09:42 MET ------- Any chance you have TSO enabled (ethttool -k <dev)? -- Configure bugmail: https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon@bugzilla.netfilter.org
2006-Feb-17 09:42 UTC
[Bug 442] skb->data_len corrupted in NF_IP_LOCAL_OUT in mangle table
https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=442 ------- Additional Comments From kaber@trash.net 2006-02-17 09:42 MET ------- Any chance you have TSO enabled (ethttool -k <dev)? -- Configure bugmail: https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You reported the bug, or are watching the reporter.