Fw: [Bug 103177] /etc/init.d/iptables stop hangs after upgrade to iptables-1.2.8-8.72.3
Stephen Smoogen
smoogen at lanl.gov
Mon Jan 5 23:06:03 UTC 2004
Has anyone seen a connection leak with the iptables and
ip_conntrack_ftp (Bug 112622). We have found that pinging a host and
doing ftp from it causes the module to 'lose' the connection and
eventually the kernel runs out of memory. Because of the bug in 103177,
we have found that you cant remove the ip_conntrack_ftp :) to clear it
up.
On Tue, 6 Jan 2004, Michael Schwendt wrote:
>On 05 Jan 2004 17:57:00 -0500, seth vidal wrote:
>
>> > I looked at the patch in comment #36 - it looks close - but off by a bit
>> > Those section are (for the most part) present in 5040 - but not in the
>> > kernel. I'll see if I can combine a patch out of those to make a 5040
>> > that applies clean. Though you're right 90% of 5040 is completely old.
>> >
>>
>> the last 3 patch sections from 5040 work.
>
>What was the last kernel release from Red Hat that had patch 5040
>applied?
>
>The beginning of the patch adds some IRC/DCC stuff which is not in the
>kernel.
>
>But the ip_conntrack fix should really be made patch #911.
>
>
--
Stephen John Smoogen smoogen at lanl.gov
Los Alamos National Labrador CCN-5 Sched 5/40 PH: 5-8058
Ta-03 SM-261 MailStop P208 DP 17U Los Alamos, NM 87545
-- So shines a good deed in a weary world. = Willy Wonka --
More information about the fedora-legacy-list
mailing list