Hello,
On Fri, 23 Mar 2007, Frédéric Massot wrote:
> >>>> I regularly have errors (kernel: dst cache overflow) and crash of a
> >>>> firewall under Linux 2.6.17 and the route patch from Julian Anastasov.
> >
> > I assume IP_ROUTE_MULTIPATH_CACHED is disabled. Do you have
> > BRIDGE_NETFILTER enabled/used?
>
> - IP_ROUTE_MULTIPATH_CACHED is not set
> - BRIDGE_NETFILTER is set, but I do not use it.
ok, then can you try the attached patch, it solves dst cache
problem for another user, may be it will help you too. This patch can
be used with or without routes patches. It makes sure we don't leak
dst entry in bridge-netfilter. If the patch does not help let me know
and we can add some printks to catch the problem.
Regards
--
Julian Anastasov <ja@xxxxxx>
Bridge-Netfilter should be gentle when calling ip_route_input,
skb->dst can be already set.
diff -urp v2.6.20/linux/net/bridge/br_netfilter.c linux/net/bridge/br_netfilter.c
--- v2.6.20/linux/net/bridge/br_netfilter.c 2007-02-11 01:06:29.000000000 +0200
+++ linux/net/bridge/br_netfilter.c 2007-03-23 01:07:40.000000000 +0200
@@ -269,6 +269,10 @@ static int br_nf_pre_routing_finish(stru
struct nf_bridge_info *nf_bridge = skb->nf_bridge;
int err;
+ /* Old skb->dst is not expected, it is lost in all cases */
+ dst_release(skb->dst);
+ skb->dst = NULL;
+
if (nf_bridge->mask & BRNF_PKT_TYPE) {
skb->pkt_type = PACKET_OTHERHOST;
nf_bridge->mask ^= BRNF_PKT_TYPE;
_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
