Hi,
I've run into a problem, which causes an Ooops during ip_nat_cleanup_conntrack().
I call ip_nat_setup_info() from my PREROUTING hook (right after conntrack,
and before nat), everything works correctly, NAT is applied to both
directions. The oops occurs exactly when the conntrack entry times out (I
was looking at
/proc/net/ip_conntrack).
The backtrace shows that a NULL pointer is dereferenced in
ip_nat_cleanup_conntrack() at this line:
LIST_DELETE(&bysource[hash_by_src(&conn->tuplehash[IP_CT_DIR_ORIGINAL]
.tuple.src,
conn->tuplehash[IP_CT_DIR_ORIGINAL]
.tuple.dst.protonum)],
&info->bysource);
As it seems either info->bysource->prev or info->bysource->next is NULL.
Anyone with an idea why this might happen? The same code works if I call
ip_nat_setup_info() from POSTROUTING.
I can't see the difference between simple DNAT (which works), from my TPROXY
DNAT, which works but oopses.
Anyone with an idea?
--
Bazsi
PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1
