--On 22 November 2011 00:39:42 +0100 Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote:
I didn't try with this script, but the problem can be easily triggered with: 0) make sure nf_conntrack_netlink and nf_conntrack_ipv4 are loaded. 1) container is started. 2) connect to it via lxc-console. 3) generate some traffic with the container to create some conntrack entries in its table. 4) stop the container: hit the oops. I've been testing the patch that I proposed with this recipe, now it works fine. I'll pass my patch for 3.2-rc soon, in case you want to make further testing of it.
I will try to, when I have a minute. Occasionally I was getting a double oops before. My theory at the time was that this was to do with passing traffic /as/ the container was being destroyed. I have little to substantiate that, but that was the reason for the perl script (which really just runs a ping as the container is being destroyed, which ensures there are conntrack entries). -- Alex Bligh -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
