[CentOS] netfilter kernel crash in ip_ct_refresh_acct / ip_conntrack with centos 5.x

Tue Sep 16 12:32:33 UTC 2008
Pasi Kärkkäinen <pasik at iki.fi>

On Tue, Sep 16, 2008 at 04:22:00AM -0700, Akemi Yagi wrote:
> On Tue, Sep 16, 2008 at 12:38 AM, Pasi Kärkkäinen <pasik at iki.fi> wrote:
> > Hello!
> >
> > Has anyone seen this netfilter kernel crash?
> >
> > Images from the console of the crashed firewall:
> > http://pasik.reaktio.net/centos5-kernel-crash/
> >
> > Firewall is HP DL360 G4 server running CentOS 5.x 32 bit.
> >
> > I've seen this firewall crashing multiple times, but I only started investigating it lately..
> >
> > It has happened using CentOS 5.0, 5.1 and now also with 5.2. I'm not sure if
> > it was the same bug earlier, but at least the last two times (with CentOS 5.2)
> > it has been the same, see screenshots.
> >
> > Last lines of the console output:
> >
> > EIP: [<f8af2c5c>] __ip_ct_refresh_acct+0xa1/0x129 [ip_conntrack] SS:ESP 0068:c0724e4c
> >  <0>Kernel panic - not syncing: Fatal exception in interrupt
> >
> > At the moment firewall is running CentOS 5.2, Linux kernel 2.6.18-92.1.10.el5.centos.plus.
> >
> > Any tips how to resolve this?
> 
> You might want to look at this upstream bugzilla:
> 
> https://bugzilla.redhat.com/show_bug.cgi?id=456664
> 
> There is a quick fix in comment #24 that you can try out without
> having to rebuild kernel.
> 

Thanks for the reply, but I don't believe I'm seeing that bug.. it seems to
be for RHEL 4. 

I'm seeing "my" bug randomly, during normal use.. not when I'm unloading
modules or anything. 

-- Pasi