Hi list Short story: My scenario: conntrack-tools-0.9.7 libnetfilter_conntrack-0.0.94 libnfnetlink-0.0.38 kernel 2.6.25.5 Mode ALARM conntrackd -c from node master: looking logs: a lot of [ERROR] commit: Invalid argument Mon Jun 9 15:01:26 2008 tcp 6 180 TIME_WAIT src=192.168.200.14 dst=62.149.195.137 sport=47144 dport=80 src=x.x.x.x dst=192.168.200.14 sport=80 dport=47144 [ASSURED] mark=0 and at the end: [Mon Jun 9 15:01:26 2008] (pid=13176) [notice] Committed 1172 new entries [Mon Jun 9 15:01:26 2008] (pid=13176) [notice] 3294 entries can't be committed Any hints? Long story is: I have a similar scenario on backend cluster firewall using conntrack-tools-0.9.6 libnfnetlink-0.0.33 libnetfilter_conntrack-0.0.89 kernel 2.6.24.3 Mode ALARM All is working great and I don't get any 'entries can't be committed' Same packages on frontend firewall I got: 'entries can't be committed' and often a kernel panic (related to nfnetlink) Upgrading to conntrack-tools-0.9.7 libnetfilter_conntrack-0.0.94 libnfnetlink-0.0.38 kernel 2.6.25.5 Mode ALARM solved kernel panic issues but still I got 'entries can't be committed' [ERROR] commit: Invalid argument Pablo, have you any idea? Thanks in advance -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
