ENOBUFS in nfq under heavy load

Stanisław Pitucha viraptor at gmail.com
Wed Jul 18 11:47:55 CEST 2007


On 7/17/07, Patrick McHardy <kaber at trash.net> wrote:
> Stanis³aw Pitucha wrote:
> > By stops I mean that it hangs on nfq_destroy_queue() if there was
> > ENOBUFS before.
>
> Please try to find out what the kernel is doing using sysrq.

Right... not the kernel really :) - libnfnetlink stops at
libnfnetlink-0.0.25/src/libnfnetlink.c:659 (in nfnl_talk()). It's just
waiting for a datagram from netfilter - recvmsg(nfnlh->fd, &msg, 0).
So kernel as far as I can tell... forgot about that socket completely
- so nothing happens. I can't see any calls to NF happening after
that. If there's any possibility to get NF in debug mode, I can
recompile and post it - is there?
But I don't know if that's recoverable at all - should I be trying to
close queue after ENOBUFS? Maybe the socket is closed by design.

> ENODEV can happen when sending a verdict for or unbinding a non-existant
> queue.

http://pastebin.ca/624472
here I get ENOBUFS on read on line 4, so it breaks out of loop and
tries to clean up.

Additionally - I tried to force opening new queue after receiving
ENOBUFS. It does one or two successful reads and throws another
ENOBUFS.

Anyone knows how to solve this? Or should I just write own module?...



More information about the netfilter-devel mailing list