Description of problem: I just allowed up2date to update my kernel from 2.4.20-18.7smp to 2.4.20-19.7smp. When I rebooted to use the new kernel, my /var/log/messages got filled with rejections (by iptables) of messages to be sent to the other machine on the LAN. They come in batches of four, every 30 seconds. My iptables settings have not been changed since it was working normally. Here is part of iptables configuration: $IPT -A OUTPUT -o lo -j ACCEPT $IPT -A OUTPUT -j BADIP $IPT -A OUTPUT -j SHUN $IPT -A OUTPUT -p ! icmp -o $EXTDEV -s ! $EXTERNALIP -j LDROP $IPT -A OUTPUT -p ! icmp -o $INTDEV -s ! $INTERNALIP -j LDROP $IPT -A OUTPUT -p ! icmp -j OUT $IPT -A OUTPUT -p icmp -j OUT_ICMP $IPT -A OUTPUT -j LDROP $IPT -N OUT $IPT -A OUT -p tcp -j FLAGS $IPT -A OUT -m state --state ESTABLISHED,RELATED -j ACCEPT [rules to accept output of only those I permit] [LDROP logs and drops stuff it sees] Version-Release number of selected component (if applicable): kernel version 2.4.20-19.7smp How reproducible: Always. Never stops. Steps to Reproduce: 1. Boot system 2. Look for IPT messages in /var/log/messages 3. Actual results: Here is part of the /var/log/messages as the machine was booting up. These messages continue every 30 seconds forever. Jul 21 19:05:09 valinux kernel: EXT3 FS 2.4-0.9.19, 19 August 2002 on sd(8,7), internal journal Jul 21 19:05:09 valinux kernel: EXT3-fs: mounted filesystem with ordered data mode. Jul 21 19:05:09 valinux kernel: st: Version 20030406, bufsize 32768, max init. bufs 4, s/g segs 16 Jul 21 19:05:09 valinux kernel: Attached scsi tape st0 at scsi0, channel 0, id 11, lun 0 Jul 21 19:05:09 valinux kernel: ip_tables: (C) 2000-2002 Netfilter core team Jul 21 19:05:09 valinux kernel: ip_conntrack version 2.1 (4096 buckets, 32768 max) - 292 bytes per conntrack Jul 21 19:05:09 valinux kernel: eepro100.c:v1.09j-t 9/29/99 Donald Becker http://www.scyld.com/network/eepro100.html Jul 21 19:05:09 valinux kernel: eepro100.c: $Revision: 1.36 $ 2000/11/17 Modified by Andrey V. Savochkin <saw.com.sg> and others Jul 21 19:05:09 valinux kernel: eth0: Intel Corp. 82557/8/9 [Ethernet Pro 100], 00:90:27:43:12:75, IRQ 17. Jul 21 19:05:09 valinux kernel: Board assembly 721383-006, Physical connectors present: RJ45 Jul 21 19:05:09 valinux kernel: Primary interface chip i82555 PHY #1. Jul 21 19:05:09 valinux kernel: General self-test: passed. Jul 21 19:05:09 valinux kernel: Serial sub-system self-test: passed. Jul 21 19:05:09 valinux kernel: Internal registers self-test: passed. Jul 21 19:05:09 valinux kernel: ROM checksum self-test: passed (0x04f4518b). Jul 21 19:05:09 valinux kernel: IPT Drop: IN= OUT=eth0 SRC=192.168.1.250 DST=192.168.1.201 LEN=116 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=637 DPT=32771 LEN=96 Jul 21 19:05:09 valinux kernel: IPT Drop: IN= OUT=eth0 SRC=192.168.1.250 DST=192.168.1.201 LEN=116 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=639 DPT=32771 LEN=96 Jul 21 19:05:09 valinux kernel: IPT Drop: IN= OUT=eth0 SRC=192.168.1.250 DST=192.168.1.201 LEN=120 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=640 DPT=32771 LEN=100 Jul 21 19:05:09 valinux kernel: IPT Drop: IN= OUT=eth0 SRC=192.168.1.250 DST=192.168.1.201 LEN=116 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=641 DPT=32771 LEN=96 Jul 21 19:05:09 valinux kernel: IPT Drop: IN= OUT=eth0 SRC=192.168.1.250 DST=192.168.1.201 LEN=120 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=642 DPT=32771 LEN=100 Expected results: Same as above, but WITHOUT the IPT Drop messages. Additional info:
Thanks for the bug report. However, Red Hat no longer maintains this version of the product. Please upgrade to the latest version and open a new bug if the problem persists. The Fedora Legacy project (http://fedoralegacy.org/) maintains some older releases, and if you believe this bug is interesting to them, please report the problem in the bug tracker at: http://bugzilla.fedora.us/