bugzilla-daemon at netfilter.org
2020-Jun-22 16:12 UTC
[Bug 1435] New: segfault when using iptables-nft and iptables-legacy inside a container
https://bugzilla.netfilter.org/show_bug.cgi?id=1435
Bug ID: 1435
Summary: segfault when using iptables-nft and iptables-legacy
inside a container
Product: libnftnl
Version: unspecified
Hardware: x86_64
OS: All
Status: NEW
Severity: enhancement
Priority: P5
Component: libnftnl
Assignee: pablo at netfilter.org
Reporter: antonio.ojea.garcia at gmail.com
Created attachment 594
--> https://bugzilla.netfilter.org/attachment.cgi?id=594&action=edit
coredump ip6tables
I can not reproduce the issue on demand, but it happens in a CI system that
runs containers, and some of them uses iptables-nft inside of the namespace ,
however, the host system uses iptables-legacy.
iptables segfaults with the following message:
ip6tables[2546654]: segfault at 80 ip 00007fc5c0c65964 sp 00007fff334008b8
error 4 in libnftnl.so.11.2.0[7fc5c0c60000+19000]
Code: 83 c4 08 5b 5d 41 5c 41 5d c3 0f 1f 40 00 48 83 c4 08 31 c0 5b 5d 41 5c
41 5d c3 66 66 2e 0f 1f 84 00 00 00 00 00 f3 0f 1e fa <48> 8b 87 80 00 00
00 48
83 ef 80
48 39 f8 74 1b 85 f6 75 0c eb 18
attached some of the coredumps I was able to obtain.
Please let me know if I can provide more information.
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20200622/210fefe9/attachment.html>
bugzilla-daemon at netfilter.org
2020-Jun-22 16:13 UTC
[Bug 1435] segfault when using iptables-nft and iptables-legacy inside a container
https://bugzilla.netfilter.org/show_bug.cgi?id=1435 --- Comment #1 from Antonio Ojea <antonio.ojea.garcia at gmail.com> --- Created attachment 595 --> https://bugzilla.netfilter.org/attachment.cgi?id=595&action=edit coredump iptables -- You are receiving this mail because: You are watching all bug changes. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20200622/b188a6ab/attachment.html>
bugzilla-daemon at netfilter.org
2020-Jun-22 16:13 UTC
[Bug 1435] segfault when using iptables-nft and iptables-legacy inside a container
https://bugzilla.netfilter.org/show_bug.cgi?id=1435
Antonio Ojea <antonio.ojea.garcia at gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Severity|enhancement |major
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20200622/fe371ae9/attachment.html>
bugzilla-daemon at netfilter.org
2020-Jun-22 16:22 UTC
[Bug 1435] segfault when using iptables-nft and iptables-legacy inside a container
https://bugzilla.netfilter.org/show_bug.cgi?id=1435 --- Comment #2 from Antonio Ojea <antonio.ojea.garcia at gmail.com> --- iptables version iptables v1.8.4 (legacy): no command specified Try `iptables -h' or 'iptables --help' for more information. -- You are receiving this mail because: You are watching all bug changes. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20200622/764fd55c/attachment.html>
Apparently Analagous Threads
- [Bug 1730] New: nft does not handle IPv6 addresses with embedded IPv4 addresses
- [Bug 1728] New: Regression: iptables lock is now waited for without --wait
- [Bug 1766] New: nfqueue randomly drops packets with same tuple
- [Bug 1742] New: using nfqueue breaks SCTP connection (tracking)
- [Bug 1435] segfault when using iptables-nft and iptables-legacy inside a container