| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <49C7CB9B.1040409@trash.net> Date: Mon, 23 Mar 2009 18:49:15 +0100 From: Patrick McHardy <kaber@...sh.net> To: Joakim Tjernlund <Joakim.Tjernlund@...nsmode.se> CC: avorontsov@...mvista.com, netdev@...r.kernel.org Subject: Re: ucc_geth: nf_conntrack: table full, dropping packet. Joakim Tjernlund wrote: > Patrick McHardy <kaber@...sh.net> wrote on 23/03/2009 13:29:33: > > >>> There is no /proc/net/netfilter/nf_conntrack. There is a >>> /proc/net/nf_conntrack though and it is empty. If I telnet >>> to the board I see: >>> >> That means that something is leaking conntrack references, most likely >> by leaking skbs. Since I haven't seen any other reports, my guess would >> be the ucc_geth driver. >> > > Mucking around with the ucc_geth driver I found that if I: > - Move TX from IRQ to NAPI context > - double the weight. > - after booting up, wait a few mins until the JFFS2 GC kernel thread has > stopped > scanning the FS > > Then the "nf_conntrack: table full, dropping packet." msgs stops. > Does this seem right to you guys? No. As I said, something seems to be leaking packets. You should be able to confirm that by checking the sk_buff slabs in /proc/slabinfo. If that *doesn't* show any signs of a leak, please run "conntrack -E" to capture the conntrack events before the "table full" message appears and post the output. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists