bugzilla-daemon at netfilter.org
2020-Jun-22 16:12 UTC
[Bug 1435] New: segfault when using iptables-nft and iptables-legacy inside a container
https://bugzilla.netfilter.org/show_bug.cgi?id=1435 Bug ID: 1435 Summary: segfault when using iptables-nft and iptables-legacy inside a container Product: libnftnl Version: unspecified Hardware: x86_64 OS: All Status: NEW Severity: enhancement Priority: P5 Component: libnftnl Assignee: pablo at netfilter.org Reporter: antonio.ojea.garcia at gmail.com Created attachment 594 --> https://bugzilla.netfilter.org/attachment.cgi?id=594&action=edit coredump ip6tables I can not reproduce the issue on demand, but it happens in a CI system that runs containers, and some of them uses iptables-nft inside of the namespace , however, the host system uses iptables-legacy. iptables segfaults with the following message: ip6tables[2546654]: segfault at 80 ip 00007fc5c0c65964 sp 00007fff334008b8 error 4 in libnftnl.so.11.2.0[7fc5c0c60000+19000] Code: 83 c4 08 5b 5d 41 5c 41 5d c3 0f 1f 40 00 48 83 c4 08 31 c0 5b 5d 41 5c 41 5d c3 66 66 2e 0f 1f 84 00 00 00 00 00 f3 0f 1e fa <48> 8b 87 80 00 00 00 48 83 ef 80 48 39 f8 74 1b 85 f6 75 0c eb 18 attached some of the coredumps I was able to obtain. Please let me know if I can provide more information. -- You are receiving this mail because: You are watching all bug changes. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20200622/210fefe9/attachment.html>
bugzilla-daemon at netfilter.org
2020-Jun-22 16:13 UTC
[Bug 1435] segfault when using iptables-nft and iptables-legacy inside a container
https://bugzilla.netfilter.org/show_bug.cgi?id=1435 --- Comment #1 from Antonio Ojea <antonio.ojea.garcia at gmail.com> --- Created attachment 595 --> https://bugzilla.netfilter.org/attachment.cgi?id=595&action=edit coredump iptables -- You are receiving this mail because: You are watching all bug changes. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20200622/b188a6ab/attachment.html>
bugzilla-daemon at netfilter.org
2020-Jun-22 16:13 UTC
[Bug 1435] segfault when using iptables-nft and iptables-legacy inside a container
https://bugzilla.netfilter.org/show_bug.cgi?id=1435 Antonio Ojea <antonio.ojea.garcia at gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Severity|enhancement |major -- You are receiving this mail because: You are watching all bug changes. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20200622/fe371ae9/attachment.html>
bugzilla-daemon at netfilter.org
2020-Jun-22 16:22 UTC
[Bug 1435] segfault when using iptables-nft and iptables-legacy inside a container
https://bugzilla.netfilter.org/show_bug.cgi?id=1435 --- Comment #2 from Antonio Ojea <antonio.ojea.garcia at gmail.com> --- iptables version iptables v1.8.4 (legacy): no command specified Try `iptables -h' or 'iptables --help' for more information. -- You are receiving this mail because: You are watching all bug changes. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20200622/764fd55c/attachment.html>
Possibly Parallel Threads
- [Bug 1730] New: nft does not handle IPv6 addresses with embedded IPv4 addresses
- [Bug 1728] New: Regression: iptables lock is now waited for without --wait
- [Bug 1766] New: nfqueue randomly drops packets with same tuple
- [Bug 1742] New: using nfqueue breaks SCTP connection (tracking)
- [Bug 1435] segfault when using iptables-nft and iptables-legacy inside a container