2.4.23/others and ip_conntrack causing hangs

From: James Bourne (jbourne_at_hardrock.org)
Date: 11/30/03

  • Next message: William Lee Irwin III: "Re: Oops with tmpfs on both 2.4.22 & 2.6.0-test11" 
    Date:	Sun, 30 Nov 2003 12:21:33 -0700 (MST)
To: linux-kernel@vger.kernel.org, <coreteam@netfilter.org>

    Hi all,
    I wanted to bring up an issue with ip_conntrack in 2.4.23, 2.4.22, and at
    least 2.4.21 (sorry, didn't try 2.4.20).

    The issue is that as long as there are connections being tracked, the
    ip_conntrack module will not unload. I can understand why this might be,
    but the problem is that ip_conntrack will hang rmmod and modprobe -r until
    such time as all the connections have been closed.

    I think we need something like an ip_conntrack_flush or else completely drop
    the connections when the module is unloaded (as previously done) as this
    becomes an issue for people who need to drop their ip_tables and reload the
    modules (perhaps to correct other issues) especially ip_conntrack...

    The only way to reload the modules right now (yes, I know removing modules
    from a running kernel is dodgey anyway) is to completely drop the network
    interfaces which kills off the connections *anyway*. So, dropping the
    connections shouldn't be an issue.

    Thanks for the consideration.

    Regards
    James 

    -- 
James Bourne                  | Email:            jbourne@hardrock.org          
Unix Systems Administrator    | WWW:           http://www.hardrock.org
Custom Unix Programming       | Linux:  The choice of a GNU generation
----------------------------------------------------------------------
 "All you need's an occasional kick in the philosophy." Frank Herbert  
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/
  • Next message: William Lee Irwin III: "Re: Oops with tmpfs on both 2.4.22 & 2.6.0-test11"

    Relevant Pages

    • IPFilter Questions
      ... reload the NAT rules if I changed them. ... The problem is that I dont remember the rest of this command ... rules in memory, break any current connections, and load the ... I am looking for the best way to clear the current ruleset and load ...
      (comp.security.firewalls)
    • Re: Socket holding pattern
      ... AS> Another possibility is to open the relevant file handles (sockets) ... AS> hold file handles to active connections. ... reload those objects and such. ... coding and design skills. ...
      (comp.lang.perl.misc)
    • Re: [netfilter-core] 2.4.23/others and ip_conntrack causing hangs
      ... > such time as all the connections have been closed. ... this is exactly what the code does on unload: ... Unfortunately, some packets are still referencing connections, so the ... send the line "unsubscribe linux-kernel" in ...
      (Linux-Kernel)
    • Re: Application variables not resetting
      ... prevents connections. ... Try to see if touching the web.config does this. ... restart the application to reload the variables. ... Publishing) to get it to work. ...
      (microsoft.public.dotnet.framework.aspnet)
    • Re: file as a directory
      ... And network connections, and pipes are files ... You can't just go around pretending an element in an array is the ... recursion _has_ to stop somewhere. ... send the line "unsubscribe linux-kernel" in ...
      (Linux-Kernel)