netfilter buglog - Feb 2006 - [Bug 442] skb->data_len corrupted in NF_IP_LOCAL_OUT in mangle table

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=442





------- Additional Comments From tpaskett@cymphonix.com  2006-02-07 23:19 MET
-------
(In reply to comment #0)
> I have confirmed this does not happen in 2.6.13.5 and below and starts to
happen
> in 2.6.14 all the way to 2.6.15.2 If you have a REDIRECT rule for squid
like this:
> 
> iptables -t nat -A PREROUTING -p tcp --dport 80 -s 172.16.1.5/32 -j
REDIRECT
> --to 3128
> 
> The skb->data_len and skb->len get messed up in
mangle->NF_IP_LOCAL_OUT. The skb
> is fine in NF_IP_LOCAL_IN. Values in the pre 2.6.14 kernels have 1500 or
less
> for the values as it should be. In 2.6.14+ it will be random high numbers
like
> 23344. I'm looking into the patch for 2.6.14, but thought I would
enlist your
> help. To track this down I made a simple target that prink'd the value
of those
> vars and put it in the OUTPUT chain of the mangle table. iptables user
space
> v1.2.9. Thanks!


Looks like this is specific to the e1000 driver. Other cards and drivers work
OK. Not usre if anything needs to be changed in iptables. I'll keep looking.

-- 
Configure bugmail:
https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=442





------- Additional Comments From tpaskett@cymphonix.com  2006-02-07 23:19 MET
-------
(In reply to comment #0)
> I have confirmed this does not happen in 2.6.13.5 and below and starts to
happen
> in 2.6.14 all the way to 2.6.15.2 If you have a REDIRECT rule for squid
like this:
> 
> iptables -t nat -A PREROUTING -p tcp --dport 80 -s 172.16.1.5/32 -j
REDIRECT
> --to 3128
> 
> The skb->data_len and skb->len get messed up in
mangle->NF_IP_LOCAL_OUT. The skb
> is fine in NF_IP_LOCAL_IN. Values in the pre 2.6.14 kernels have 1500 or
less
> for the values as it should be. In 2.6.14+ it will be random high numbers
like
> 23344. I'm looking into the patch for 2.6.14, but thought I would
enlist your
> help. To track this down I made a simple target that prink'd the value
of those
> vars and put it in the OUTPUT chain of the mangle table. iptables user
space
> v1.2.9. Thanks!


Looks like this is specific to the e1000 driver. Other cards and drivers work
OK. Not usre if anything needs to be changed in iptables. I'll keep looking.

-- 
Configure bugmail:
https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You reported the bug, or are watching the reporter.

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=442





------- Additional Comments From laforge@netfilter.org  2006-02-09 15:41 MET
-------
If it's e1000 specific, please post a mail to netdev@vger.kernel.org, cc to
jesse  brandenburg (the e1000 maintainer) and make sure to mention MASQUERADE
and e100 in the subject.


-- 
Configure bugmail:
https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You reported the bug, or are watching the reporter.

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=442





------- Additional Comments From kaber@trash.net  2006-02-17 09:42 MET -------
Any chance you have TSO enabled (ethttool -k <dev)?

-- 
Configure bugmail:
https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=442





------- Additional Comments From kaber@trash.net  2006-02-17 09:42 MET -------
Any chance you have TSO enabled (ethttool -k <dev)?

-- 
Configure bugmail:
https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You reported the bug, or are watching the reporter.