Hello, Some time ago I've read somewhere that local traffic in IMQ could hung up the whole system but it was corrected long time ago. So I was very surprised yesterday when it occurred not true. While testing IMQ I've observed for some time that - if you tag some local traffic with iptables both in pre- and postrouting - kernel is hunging up. It is happening quite quick with SMP compiled kernel but without SMP is also possible. After setting soft lockups debbuging they are visible. And then I've found this strange thing: packets outgoing from lo to any local address are hooked to IMQ queue from PREROUTING (on ingress). I know they are going there from OUTPUT for routing decision and should be delivered to hooks in PREROUTING like IMQ, but they also should not have IMQ flag set at the moment (they will be "tagged" by iptables in the POSTROUTING future!). But for some reasons (probably some shortcut) they do have this flag and IMQ egress queue is not on their way. So I added this short test in imq_nf_hook and my soft lockups are gone. Jarek P. PS: The included patch could be applied after linux-2.6.16-imq2 patch or eg. my yesterday version linux-2.6.17.4-imq0.
diff -Nru linux-2.6.17.4-imq/drivers/net/imq.c linux-2.6.17.4-imq2/drivers/net/imq.c --- linux-2.6.17.4-imq/drivers/net/imq.c 2006-07-11 22:00:00.000000000 +0200 +++ linux-2.6.17.4-imq2/drivers/net/imq.c 2006-07-12 22:15:51.000000000 +0200 @@ -234,7 +234,8 @@ const struct net_device *outdev, int (*okfn)(struct sk_buff *)) { - if ((*pskb)->imq_flags & IMQ_F_ENQUEUE) + if ((*pskb)->imq_flags & IMQ_F_ENQUEUE && !(hook == NF_IP_PRE_ROUTING + && indev == &loopback_dev)) return NF_QUEUE; return NF_ACCEPT;
_______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc