Hi, 2004-08-31, k keltezéssel 01:34-kor security ezt írta: > Aug 30 20:42:24 gateway kernel: NF_IP_ASSERT: > net/ipv4/netfilter/ip_conntrack_core.c:1115(ip_conntrack_alter_reply) > Aug 30 20:42:24 gateway kernel: NF_IP_ASSERT: > net/ipv4/netfilter/ip_conntrack_core.c:1115(ip_conntrack_alter_reply) > Aug 30 20:44:24 gateway kernel: LIST_DELETE: > net/ipv4/netfilter/ip_conntrack_core.c:300 > `&ct->tuplehash[IP_CT_DIR_REPLY]'(f3cedca4) not in > &ip_conntrack_hash[hr]. > > I have search in bugzilla and google and, apparently, this bug has been solve > since kernel 2.6.5. > But i have kernel 2.6.8.1 and i have try kernel 2.6.6 and 2.6.7: same crash > > But it hard to "see" because i can stay 1 week without crash, or 5mn. > > I have the "local NAT" activated. As always, the first thing you should try is testing the memory of your computer. The problems seems to be caused by trying to call ip_nat_setup_info() on an already confirmed connection, which is known to cause hash corruption. BTW, while running memtest, could you send us the nat table of your iptables ruleset, along with the routing setup? And also a list of loaded (iptables-related) kernel modules would be useful. -- Regards, Krisztian KOVACS
