On Mon, Nov 21, 2011 at 11:50:36PM +0000, Alex Bligh wrote: > > > --On 22 November 2011 00:39:42 +0100 Pablo Neira Ayuso > <pablo@xxxxxxxxxxxxx> wrote: > > >I didn't try with this script, but the problem can be easily > >triggered with: > > > >0) make sure nf_conntrack_netlink and nf_conntrack_ipv4 are loaded. > >1) container is started. > >2) connect to it via lxc-console. > >3) generate some traffic with the container to create some conntrack > > entries in its table. > >4) stop the container: hit the oops. > > > >I've been testing the patch that I proposed with this recipe, now it > >works fine. > > > >I'll pass my patch for 3.2-rc soon, in case you want to make further > >testing of it. > > I will try to, when I have a minute. Occasionally I was getting a > double oops before. My theory at the time was that this was to do > with passing traffic /as/ the container was being destroyed. I have > little to substantiate that, but that was the reason for the perl > script (which really just runs a ping as the container is being > destroyed, which ensures there are conntrack entries). I think my fix is OK but more validation is always welcome, so I'd appreciate if you validate this with your script ;-). -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
