Corey Johnston wrote:
> Update on IPF 4.1.16
>
> - It seems that ipnat -sl crashes the network.
>
> The system lists all the active ipnat rules and then tries to list the
> active sessions and then the network drops-out. All interfaces die,
> and even
> the console locks-up as it appears all network services are unavailable.
> Reboot appears to be the only remedy.
>
> - happens consistently
>
> I ran into this when trying to discover the source of the ipnat slows i
> mentioned earlier.
> I'll try and be more specific, but it looks like there is a fairly
> significant problem, at least on the Solaris build, with NAT.
Bah, I forgot to look at this before.
Patch attached.
Darren
Index: ip_nat.c
===================================================================
RCS file: /devel/CVS/IP-Filter/ip_nat.c,v
retrieving revision 2.195.2.69
diff -c -r2.195.2.69 ip_nat.c
*** ip_nat.c 18 Dec 2006 17:04:33 -0000 2.195.2.69
--- ip_nat.c 19 Dec 2006 14:25:44 -0000
***************
*** 4933,4938 ****
--- 4933,4939 ----
}
break;
default :
+ RWLOCK_EXIT(&ipf_nat);
return EINVAL;
}
***************
*** 5032,5039 ****
break;
}
! if ((count == 1) || (error != 0))
break;
READ_ENTER(&ipf_nat);
--- 5033,5042 ----
break;
}
! if ((count == 1) || (error != 0)) {
! RWLOCK_EXIT(&ipf_nat);
break;
+ }
READ_ENTER(&ipf_nat);
