Prev: tracing: Remove sysprof
Next: (none)
From: auto401300 on 17 Jul 2010 03:30
Hi!

Has something broken with netfilter/iptables logging in 2.6.35-rc,
or is there something new I should set in .config since .34?


I just verified that if I boot .34 and ping the pc it does logging:

Jul 17 09:42:49 xxxxx kernel: Linux version 2.6.34-ab (root(a)xxxxx)
(gcc version 4.4.4 (Debian 4.4.4-1) ) #1 SMP PREEMPT Mon May 17
09:15
:15 EEST 2010
.....
Jul 17 09:44:52 xxxxx kernel: DENY in: IN=eth0 OUT= MAC=xxxxx
SRC=xxxxx DST=xxxxx LEN=60 TOS=0x00 PREC=0x00 TTL=127 ID=38945
PROTO=ICMP TYPE=8 CODE=0 ID=512 SEQ=256


but if I boot .35-rc4 and ping:

Jul 17 09:48:08 xxxxx kernel: Linux version 2.6.35-rc4-aa
(root(a)xxxxx) (gcc version 4.4.4 (Debian 4.4.4-6) ) #1 SMP PREEMPT
Mon Jul 5 15:22:02 EEST 2010
.....
nothing from iptables in log


userspace is same, only booted different kernel versions


thanks.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo(a)vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
From: Maciej Rutecki on 20 Jul 2010 09:00
On sobota, 17 lipca 2010 o 09:20:36 auto401300(a)hushmail.com wrote:
> Hi!
>
> Has something broken with netfilter/iptables logging in 2.6.35-rc,
> or is there something new I should set in .config since .34?
>
>
> I just verified that if I boot .34 and ping the pc it does logging:
>
> Jul 17 09:42:49 xxxxx kernel: Linux version 2.6.34-ab (root(a)xxxxx)
> (gcc version 4.4.4 (Debian 4.4.4-1) ) #1 SMP PREEMPT Mon May 17
> 09:15
>
> :15 EEST 2010
>
> ....
> Jul 17 09:44:52 xxxxx kernel: DENY in: IN=eth0 OUT= MAC=xxxxx
> SRC=xxxxx DST=xxxxx LEN=60 TOS=0x00 PREC=0x00 TTL=127 ID=38945
> PROTO=ICMP TYPE=8 CODE=0 ID=512 SEQ=256
>
>
> but if I boot .35-rc4 and ping:
>
> Jul 17 09:48:08 xxxxx kernel: Linux version 2.6.35-rc4-aa
> (root(a)xxxxx) (gcc version 4.4.4 (Debian 4.4.4-6) ) #1 SMP PREEMPT
> Mon Jul 5 15:22:02 EEST 2010
> ....
> nothing from iptables in log
>
>
> userspace is same, only booted different kernel versions

I created a Bugzilla entry at
https://bugzilla.kernel.org/show_bug.cgi?id=16423
for your bug report, please add your address to the CC list in there, thanks!

--
Maciej Rutecki
http://www.maciek.unixy.pl
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo(a)vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
From: auto401300 on 20 Jul 2010 15:30


On Tue, 20 Jul 2010 15:51:03 +0300 Maciej Rutecki
<maciej.rutecki(a)gmail.com> wrote:
>On sobota, 17 lipca 2010 o 09:20:36 auto401300(a)hushmail.com wrote:
>> Hi!
>>
>> Has something broken with netfilter/iptables logging in 2.6.35-
>rc,
>> or is there something new I should set in .config since .34?
>>
>>
>> I just verified that if I boot .34 and ping the pc it does
>logging:
>>
>> Jul 17 09:42:49 xxxxx kernel: Linux version 2.6.34-ab
>(root(a)xxxxx)
>> (gcc version 4.4.4 (Debian 4.4.4-1) ) #1 SMP PREEMPT Mon May 17
>> 09:15
>>
>> :15 EEST 2010
>>
>> ....
>> Jul 17 09:44:52 xxxxx kernel: DENY in: IN=eth0 OUT= MAC=xxxxx
>> SRC=xxxxx DST=xxxxx LEN=60 TOS=0x00 PREC=0x00 TTL=127 ID=38945
>> PROTO=ICMP TYPE=8 CODE=0 ID=512 SEQ=256
>>
>>
>> but if I boot .35-rc4 and ping:
>>
>> Jul 17 09:48:08 xxxxx kernel: Linux version 2.6.35-rc4-aa
>> (root(a)xxxxx) (gcc version 4.4.4 (Debian 4.4.4-6) ) #1 SMP
>PREEMPT
>> Mon Jul 5 15:22:02 EEST 2010
>> ....
>> nothing from iptables in log
>>
>>
>> userspace is same, only booted different kernel versions
>
>I created a Bugzilla entry at
>https://bugzilla.kernel.org/show_bug.cgi?id=16423
>for your bug report, please add your address to the CC list in
>there, thanks!
>
>--
>Maciej Rutecki
>http://www.maciek.unixy.pl


I just thought that whole initramfs may be also different and tried
to compile
..34 again to test if it still does iptables logging with current
toolchain but
just now debian kernel-package is broken due to
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=589700
I will try again when that is fixed

thanks.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo(a)vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
From: auto401300 on 21 Jul 2010 09:00


On Tue, 20 Jul 2010 15:51:03 +0300 Maciej Rutecki
<maciej.rutecki(a)gmail.com> wrote:
>On sobota, 17 lipca 2010 o 09:20:36 auto401300(a)hushmail.com wrote:
>> Hi!
>>
>> Has something broken with netfilter/iptables logging in 2.6.35-
>rc,
>> or is there something new I should set in .config since .34?
>>
>>
>> I just verified that if I boot .34 and ping the pc it does
>logging:
>>
>> Jul 17 09:42:49 xxxxx kernel: Linux version 2.6.34-ab
>(root(a)xxxxx)
>> (gcc version 4.4.4 (Debian 4.4.4-1) ) #1 SMP PREEMPT Mon May 17
>> 09:15
>>
>> :15 EEST 2010
>>
>> ....
>> Jul 17 09:44:52 xxxxx kernel: DENY in: IN=eth0 OUT= MAC=xxxxx
>> SRC=xxxxx DST=xxxxx LEN=60 TOS=0x00 PREC=0x00 TTL=127 ID=38945
>> PROTO=ICMP TYPE=8 CODE=0 ID=512 SEQ=256
>>
>>
>> but if I boot .35-rc4 and ping:
>>
>> Jul 17 09:48:08 xxxxx kernel: Linux version 2.6.35-rc4-aa
>> (root(a)xxxxx) (gcc version 4.4.4 (Debian 4.4.4-6) ) #1 SMP
>PREEMPT
>> Mon Jul 5 15:22:02 EEST 2010
>> ....
>> nothing from iptables in log
>>
>>
>> userspace is same, only booted different kernel versions
>
>I created a Bugzilla entry at
>https://bugzilla.kernel.org/show_bug.cgi?id=16423
>for your bug report, please add your address to the CC list in
>there, thanks!
>
>--
>Maciej Rutecki
>http://www.maciek.unixy.pl




Verified now with debian kernel-package 12.036

2.6.34 does netfilter/iptables logging
2.6.35-rc5 does not
both compiled with same toolchain



thanks.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo(a)vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
 | 
Pages: 1
Prev: tracing: Remove sysprof
Next: (none)