| Summary: | sys-kernel/gentoo-sources-3.13.5 - kernel panic using nftables' log | ||
|---|---|---|---|
| Product: | Gentoo Linux | Reporter: | William <sirrobin2318> |
| Component: | [OLD] Core system | Assignee: | Gentoo Kernel Bug Wranglers and Kernel Maintainers <kernel> |
| Status: | RESOLVED NEEDINFO | ||
| Severity: | normal | ||
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | AMD64 | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Package list: | Runtime testing required: | --- | |
| Attachments: | my .config | ||
Created attachment 371426 [details]
my .config
Oh, the nftables rule I quoted works because no logging is requested. This would kernel panic:
table firewall {
chain incoming {
type filter hook input priority 0;
ip protocol icmp log drop
accept
}
}
And the a ping results to "kernel panic not syncing, Fatal exception in interrupt"
Can I see the panic, please? Maybe the full dmesg and also your emerge --info |
Nftables works fine as long as you don't enable logging. Something like this: table firewall { chain incoming { type filter hook input priority 0; ip protocol icmp drop accept } } Ping the interface, the kernel panics in ipt_log_fn, nf_log_packet. Reproducible: Always Steps to Reproduce: 1. add rule in nftables that logs an event 2. trigger rule 3. watch machine die Actual Results: kernel panic Expected Results: no kernel panic I'll attach my .config.