URGENT: SuSE 8.0 freezes when using iptables..
Hi I just upgraded a server running SuSE 7.2 (kernel 2.4.16, SuSEFirewall(=ipchains)) to SuSE 8.0 (kernel 2.4.18, SuSEFirewall2(=iptables)).. The inside nic is a Intel ethernet card and the outside nic is a IBM olympic token ring card. The server is running as a internet gateway, router with masqurading and firewall. After the upgrade when using some protocols like ftp the server freezes and the caps lock and scroll lock LED's on the keyboard blinks. I found out that using wget from the server against a ftp site made the server freeze. Then I tried stopping SuSEFirewall2 and there by removing any routing. Tried wget again - works fine.. Restarting the firewall and wget makes the server freeze... Can iptables make the server freeze like that?? Earlier we had some problems with stability in the token ring drivers in the original kernel of kernel 7.2 (2.4.7). But after upgrading the kernel 2.4.16 the problems disapered. As stated above the ipchains in SuSE 7.2 worked perfectly is the any issues in downgrading the firewall and continue using ipchains? Without conf files (I don't have them at hand before tomorrow) can anyone give me a lead to were the problem might be??? The /var/log/messages doesn't contain any clue. Is there a log file some where or some I need to turn on to get some debug info??? Thanks, Christian Bjørnbak --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.375 / Virus Database: 210 - Release Date: 10-07-2002
On Sunday 14 July 2002 13:27, Christian Bjørnbak wrote:
Hi
I just upgraded a server running SuSE 7.2 (kernel 2.4.16, SuSEFirewall(=ipchains)) to SuSE 8.0 (kernel 2.4.18, SuSEFirewall2(=iptables))..
The inside nic is a Intel ethernet card and the outside nic is a IBM olympic token ring card.
The server is running as a internet gateway, router with masqurading and firewall.
After the upgrade when using some protocols like ftp the server freezes and the caps lock and scroll lock LED's on the keyboard blinks.
That means kernel panic.
I found out that using wget from the server against a ftp site made the server freeze. Then I tried stopping SuSEFirewall2 and there by removing any routing. Tried wget again - works fine.. Restarting the firewall and wget makes the server freeze...
Can iptables make the server freeze like that??
I don't think so, probably it's a NIC driver problem Which Intel driver are you using? If it's the e100 or the eepro100 you first could try to use the other driver, I had problems with the Intel driver (e100) but the eepro100 driver works without problems.
Earlier we had some problems with stability in the token ring drivers in the original kernel of kernel 7.2 (2.4.7). But after upgrading the kernel 2.4.16 the problems disapered.
You also could try downgrade the kernel to that 2.4.16 and see if that solves the problem.
As stated above the ipchains in SuSE 7.2 worked perfectly is the any issues in downgrading the firewall and continue using ipchains?
I don't think so, but if it is a NIC driver problem it wouldn't solve the problem.
Without conf files (I don't have them at hand before tomorrow) can anyone give me a lead to were the problem might be???
The /var/log/messages doesn't contain any clue. Is there a log file some where or some I need to turn on to get some debug info???
If it's still possible you could look at tty10 (press <ALT> F10), maybe there are some messages there which doesn't get written to the logfiles due to the freeze. -- GertJan
I just upgraded a server running SuSE 7.2 (kernel 2.4.16, SuSEFirewall(=ipchains)) to SuSE 8.0 (kernel 2.4.18, SuSEFirewall2(=iptables))..
That is not good, since 8.0 uses a complete different Structure in it's system and pathlocations. Copy all configs and additional files to a backupmedium and the setup again to lose double files. This may be the problem. Maybe there is an old driver in the old kernle left, that's installed with the new 2.4er kernel. After Installation use yast online update.
The inside nic is a Intel ethernet card and the outside nic is a IBM olympic token ring card.
That means kernel panic.
Sounds like NIC-Problem. Why you use this NIC (IBM)? Is is because of missing connectors on newer NIC's?
I don't think so, probably it's a NIC driver problem Which Intel driver are you using? If it's the e100 or the eepro100 you first could try to use the other driver, I had problems with the Intel driver (e100) but the eepro100 driver works without problems.
I used the eepro100 dirvers since two years and had no problems. Use Yast2 to autodetect the NIC's again. Use for the second NIC standard drivers. Philippe
participants (3)
-
Christian Bjørnbak -
GertJan Spoelman -
Philippe Vogel