HPE Community
Operating System - Linux
1829104 Members
4936 Online
109986 Solutions
New Discussion

problems with iptables

 
NPI
Occasional Advisor

‎04-21-2006 12:18 AM

‎04-21-2006 12:18 AM

problems with iptables

Hello,

we have a problem that we don't understand from whom is genererated, so if anyone knows how to help...

When we shutdown our server, it hungs while trying to stop iptables services. It stays pending and if we want to shut down we have to do it manually (or by iLO).
Unfortunatly, as it is a quite important server we can't do many tries...

Details:
-it's a Proliant DL740 with RHAS4, named "nptux01".
It's the main node of a cluster of 46 nodes.
We have configured nptux01 to be the gateway of these nodes, as you can see from the configuration that I paste below (bond0 is the public interface, eth0 is the private interface
for all comunications, eth1 is a private interface dedicated to NFS)

Iptables configuration:
# Generated by iptables-save v1.2.5 on Thu Apr 3 20:54:13 2003
*filter
:FORWARD DROP [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A FORWARD -m state -i bond0 -o eth0 --state ESTABLISHED,RELATED -j ACCEPT
-A FORWARD -i eth0 -o bond0 -j ACCEPT
-A FORWARD -m state -i bond0 -o eth1 --state ESTABLISHED,RELATED -j ACCEPT
-A FORWARD -i eth1 -o bond0 -j ACCEPT
-A FORWARD -j LOG
COMMIT
# Completed on Thu Apr 3 20:54:13 2003
# Generated by iptables-save v1.2.5 on Thu Apr 3 20:54:13 2003
*nat
:OUTPUT ACCEPT [0:0]
:PREROUTING ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
-A POSTROUTING -o bond0 -j MASQUERADE
COMMIT
# Completed on Thu Apr 3 20:54:13 2003
# Generated by webmin
*mangle
:FORWARD ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:PREROUTING ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
COMMIT
# Completed

-# uname -a
Linux nptux01 2.6.9-34.ELhugemem #1 SMP Fri Feb 24 17:04:34 EST 2006 i686 i686 i386 GNU/Linux

-# cat /etc/issue
Red Hat Enterprise Linux AS release 4 (Nahant Update 3)

-I attach the ooutput of dmesg

If you have questions, feel free to ask...


Thanks in advance,
Filippo
0 Kudos
Reply
4 REPLIES 4
Steven E. Protter
Exalted Contributor

‎04-21-2006 12:30 AM

‎04-21-2006 12:30 AM

Re: problems with iptables

Shalom Filippo,

I see nothing here to explain the behavior.

What run level is iptables started and stopped at?

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Sergejs Svitnevs
Honored Contributor

‎04-21-2006 12:57 AM

‎04-21-2006 12:57 AM

Re: problems with iptables

Seems you have to update your kernel package.
According to:
https://rhn.redhat.com/errata/RHSA-2006-0132.html#Red%20Hat%20Enterprise%20Linux%20AS%20(v.%204)
,your kernel version has a Bug nr.165744.

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=165744

I offer you to make the regular update of your affected system.


Regards,
0 Kudos
Reply
NPI
Occasional Advisor

‎04-21-2006 01:36 AM

‎04-21-2006 01:36 AM

Re: problems with iptables

# chkconfig --list iptables
iptables 0:off 1:off 2:on 3:on 4:on 5:on 6:off

We start the system at runlevel 3.



We'll try to update the kernel and do a reboot as soon as possible (not today...), to see if the solve the problem with that.


Thanks for the answerws: we'll make you know.


Filippo




0 Kudos
Reply
Manuel Wolfshant
Trusted Contributor

‎04-21-2006 02:16 PM

‎04-21-2006 02:16 PM

Re: problems with iptables

It looks like you have already applied the last kernel update (2.6.9-34).

It looks like you might need to reopen the bug, unless you have been hit by a different problem.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.