[CentOS] netfilter kernel crash in ip_ct_refresh_acct / ip_conntrack with centos 5.x

Fri Sep 19 19:55:22 UTC 2008
Jake Holmquist <jake.holmquist at manhattan.edu>

> Hello!
> Has anyone seen this netfilter kernel crash?
> Images from the console of the crashed firewall:
> http://pasik.reaktio.net/centos5-kernel-crash/
> Firewall is HP DL360 G4 server running CentOS 5.x 32 bit.
> I've seen this firewall crashing multiple times, but I only started
investigating it lately..
> It has happened using CentOS 5.0, 5.1 and now also with 5.2. I'm not sure
> it was the same bug earlier, but at least the last two times (with CentOS
> it has been the same, see screenshots.
> Last lines of the console output:
> EIP: [<f8af2c5c>] __ip_ct_refresh_acct+0xa1/0x129 [ip_conntrack] SS:ESP
>  <0>Kernel panic - not syncing: Fatal exception in interrupt
> At the moment firewall is running CentOS 5.2, Linux kernel
> Any tips how to resolve this?

Take a look here:

Looks like a test kernel is available....

We've been having this problem for quite some time - actually moved our
production box to RHEL 4.x