| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <3938975.V1JGlkzPkU@spock>
Date: Wed, 10 Feb 2016 19:34:40 +0200
From: Oleksandr Natalenko <oleksandr@...alenko.name>
To: Pablo Neira Ayuso <pablo@...filter.org>
Cc: Patrick McHardy <kaber@...sh.net>,
Jozsef Kadlecsik <kadlec@...ckhole.kfki.hu>,
"David S. Miller" <davem@...emloft.net>,
netfilter-devel@...r.kernel.org, coreteam@...filter.org,
netdev@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: kernel BUG at net/netfilter/nf_nat_core.c:395
Hi.
With 4.4.1 I've got BUG_ON() triggered in net/netfilter/nf_nat_core.c:395,
nf_nat_setup_info(), today on my home router.
Here is full trace got via netconsole: [1]
I perform LAN NATting using nftables like this:
===
table ip nat {
chain prerouting {
type nat hook prerouting priority -150;
}
chain postrouting {
type nat hook postrouting priority -150;
oifname enp2s0 ip saddr 172.17.28.0/24 counter snat 1.2.3.4
oifname enp2s0 ip saddr 172.17.29.0/24 counter snat 1.2.3.4
oifname enp2s0 ip saddr 172.17.31.0/24 counter snat 1.2.3.4
oifname enp2s0 ip saddr 172.17.35.0/24 counter snat 1.2.3.4
oifname enp2s0 ip saddr 172.17.37.0/24 counter snat 1.2.3.4
oifname tun0 ip saddr 172.17.28.0/24 counter masquerade
oifname tun0 ip saddr 172.17.29.0/24 counter masquerade
oifname tinc0 ip saddr 172.17.28.0/24 counter masquerade
oifname tinc0 ip saddr 172.17.29.0/24 counter masquerade
}
}
===
Traffic filtering is done via nftables as well.
Ideas? What could I do to debug the issue better?
[1] https://gist.github.com/bbb3712f40a7753537fe
Powered by blists - more mailing lists