On Mon, Mar 08, 2010 at 09:59:57PM +0100, Christian Fischer wrote:
> On Monday 08 March 2010, Pasi Kärkkäinen wrote:
> > On Mon, Mar 08, 2010 at 09:43:16PM +0100, Christian Fischer wrote:
> > > Hi Folks,
> > >
> > > hope that helps a bit.
> > >
> > > Tried 3.4.2, gentoo xen-sources-2.6.31-r10, to ran into the heavy
> > > discussed hotplug script bug.
> > >
> > > That's (in my case) not a udev or driver problem, the problem is
> > > iptables. It hangs in frob_iptable() (vif-common.sh), the forward state
> > > rule never returns.
> > >
> > > I've simply commented out the handle_iptable call in vif-bridge, don't
> > > need that because I have shorewall running.
> > >
> > >
> > > Confirmed with:
> > >
> > > xen-3.4.2
> > > iptables-1.4.3.2
> > > gentoo xen-sources-2.6.31-r10
> > > gentoo xen-sources-2.6.29-r4
> > > udev-146-r1
> > >
> > > nothing more checked.
> >
> > Can you paste the actual iptables rule/line that doesn't work for you?
> >
> > -- Pasi
>
> iptables "$c" FORWARD -m state --state RELATED,ESTABLISHED -m physdev \
> --physdev-out "$vif" -j ACCEPT 2>/dev/null
>
> which expands to
>
> iptables -I FORWARD -m state --state RELATED,ESTABLISHED -m physdev \
> --physdev-out vif32.0 -j ACCEPT 2>/dev/null
>
>
> It returns immediately if I enter this on the command promt, running from
> inside the script fails.
>
Hmm.. do you get any errors about that iptables command in kernel "dmesg" ?
I remember reading about that bridging + --physdev-out stuff being deprecated
in newer kernels..
-- Pasi
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
|