iptables stop: VmallocTotal: 118776 kB VmallocUsed: 5556 kB VmallocChunk: 57472 kB iptables start: VmallocTotal: 118776 kB VmallocUsed: 34948 kB VmallocChunk: 57472 kB Total lines for iptables filter, nat and mangle tables are about 5000 Total chars fo the same output (wc -m output) is 536212 bytes. On Wed, Jul 7, 2010 at 8:13 PM, Jan Engelhardt <jengelh@xxxxxxxxxx> wrote: > On Tuesday 2010-07-06 11:27, Oguz Yilmaz wrote: > >>Hi all, >> >>Symptom of my problem was: >> >>System can not ping to 127.0.0.1 >>I try to add an basic iptables rules >>iptables -I OUTPUT -j ACCEPT >>and command returned with an error including a long number.(like the >>error message when you want to add DNAT to an unsupoorted chain) > > Long number - was a known bug. Please update to at least 1.4.3. > > > >>In the dmesg log: >> >>allocation failed: out of vmalloc space - use vmalloc=<size> to increase size. >>printk: 2 messages suppressed. > > Do you happen to have too many rules? > (Though rules are cheap, like 20MB for 100000) > -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
