iptables hangs when trying to start or restart.
Posted: 2012/07/01 04:51:32
Hello all,
I seem to have a broken centos 6.2 firewall on my server.
If I use system-config-firewall to edit ports and such and try to apply the new rule set, the firewall gui hangs.
Then if trying to start iptables via "service iptables start" it hangs at "Applying Firewall rules:" as well.
/var/log/messages
[code]Jul 1 00:39:09 fileserver2 smbd[14978]: [2012/07/01 00:39:09.330152, 0] lib/util_sock.c:474(read_fd_with_timeout)
Jul 1 00:39:09 fileserver2 smbd[14978]: [2012/07/01 00:39:09.330279, 0] lib/util_sock.c:1441(get_peer_addr_internal)
Jul 1 00:39:09 fileserver2 smbd[14978]: getpeername failed. Error was Transport endpoint is not connected
Jul 1 00:39:09 fileserver2 smbd[14978]: read_fd_with_timeout: client 0.0.0.0 read error = Connection reset by peer.
Jul 1 00:40:50 fileserver2 kernel: INFO: task modprobe:13356 blocked for more than 120 seconds.
Jul 1 00:40:50 fileserver2 kernel: "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
Jul 1 00:40:50 fileserver2 kernel: modprobe D 0000000000000000 0 13356 1 0x00000084
Jul 1 00:40:50 fileserver2 kernel: ffff8800c8eafe48 0000000000000082 ffffea0001a969c8 0000000000000000
Jul 1 00:40:50 fileserver2 kernel: ffff8800c8eafdd8 ffffffff81010b2e ffff8800c8eafde8 ffffffff81114941
Jul 1 00:40:50 fileserver2 kernel: ffff880219b5fab8 ffff8800c8eaffd8 000000000000f4e8 ffff880219b5fab8
Jul 1 00:40:50 fileserver2 kernel: Call Trace:
Jul 1 00:40:50 fileserver2 kernel: [<ffffffff81010b2e>] ? copy_user_generic+0xe/0x20
Jul 1 00:40:50 fileserver2 kernel: [<ffffffff81114941>] ? probe_kernel_write+0x41/0x70
Jul 1 00:40:50 fileserver2 kernel: [<ffffffff814ee15e>] __mutex_lock_slowpath+0x13e/0x180
Jul 1 00:40:50 fileserver2 kernel: [<ffffffffa00af000>] ? ip_tables_init+0x0/0xb0 [ip_tables]
Jul 1 00:40:50 fileserver2 kernel: [<ffffffff814edffb>] mutex_lock+0x2b/0x50
Jul 1 00:40:50 fileserver2 kernel: [<ffffffffa00af000>] ? ip_tables_init+0x0/0xb0 [ip_tables]
Jul 1 00:40:50 fileserver2 kernel: [<ffffffff814287ad>] register_pernet_subsys+0x1d/0x50
Jul 1 00:40:50 fileserver2 kernel: [<ffffffffa00af015>] ip_tables_init+0x15/0xb0 [ip_tables]
Jul 1 00:40:50 fileserver2 kernel: [<ffffffff8100204c>] do_one_initcall+0x3c/0x1d0
Jul 1 00:40:50 fileserver2 kernel: [<ffffffff810af5f1>] sys_init_module+0xe1/0x250
Jul 1 00:40:50 fileserver2 kernel: [<ffffffff8100b0f2>] system_call_fastpath+0x16/0x1b
Jul 1 00:41:49 fileserver2 smbd[2136]: [2012/07/01 00:41:49.335989, 0] smbd/server.c:281(remove_child_pid)
Jul 1 00:41:49 fileserver2 smbd[2136]: Could not find child 15215 -- ignoring
Jul 1 00:42:03 fileserver2 smbd[15213]: [2012/07/01 00:42:03.326799, 0] lib/util_sock.c:474(read_fd_with_timeout)
Jul 1 00:42:03 fileserver2 smbd[15213]: [2012/07/01 00:42:03.326900, 0] lib/util_sock.c:1441(get_peer_addr_internal)
Jul 1 00:42:03 fileserver2 smbd[15213]: getpeername failed. Error was Transport endpoint is not connected
Jul 1 00:42:03 fileserver2 smbd[15213]: read_fd_with_timeout: client 0.0.0.0 read error = Connection reset by peer.
Jul 1 00:42:33 fileserver2 smbd[15252]: [2012/07/01 00:42:33.324764, 0] lib/util_sock.c:474(read_fd_with_timeout)
Jul 1 00:42:33 fileserver2 smbd[15252]: [2012/07/01 00:42:33.324880, 0] lib/util_sock.c:1441(get_peer_addr_internal)
Jul 1 00:42:33 fileserver2 smbd[15252]: getpeername failed. Error was Transport endpoint is not connected
Jul 1 00:42:33 fileserver2 smbd[15252]: read_fd_with_timeout: client 0.0.0.0 read error = Connection reset by peer.
Jul 1 00:42:50 fileserver2 kernel: INFO: task modprobe:13356 blocked for more than 120 seconds.
Jul 1 00:42:50 fileserver2 kernel: "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
Jul 1 00:42:50 fileserver2 kernel: modprobe D 0000000000000000 0 13356 1 0x00000084
Jul 1 00:42:50 fileserver2 kernel: ffff8800c8eafe48 0000000000000082 ffffea0001a969c8 0000000000000000
Jul 1 00:42:50 fileserver2 kernel: ffff8800c8eafdd8 ffffffff81010b2e ffff8800c8eafde8 ffffffff81114941
Jul 1 00:42:50 fileserver2 kernel: ffff880219b5fab8 ffff8800c8eaffd8 000000000000f4e8 ffff880219b5fab8
Jul 1 00:42:50 fileserver2 kernel: Call Trace:
Jul 1 00:42:50 fileserver2 kernel: [<ffffffff81010b2e>] ? copy_user_generic+0xe/0x20
Jul 1 00:42:50 fileserver2 kernel: [<ffffffff81114941>] ? probe_kernel_write+0x41/0x70
Jul 1 00:42:50 fileserver2 kernel: [<ffffffff814ee15e>] __mutex_lock_slowpath+0x13e/0x180
Jul 1 00:42:50 fileserver2 kernel: [<ffffffffa00af000>] ? ip_tables_init+0x0/0xb0 [ip_tables]
Jul 1 00:42:50 fileserver2 kernel: [<ffffffff814edffb>] mutex_lock+0x2b/0x50
Jul 1 00:42:50 fileserver2 kernel: [<ffffffffa00af000>] ? ip_tables_init+0x0/0xb0 [ip_tables]
Jul 1 00:42:50 fileserver2 kernel: [<ffffffff814287ad>] register_pernet_subsys+0x1d/0x50
Jul 1 00:42:50 fileserver2 kernel: [<ffffffffa00af015>] ip_tables_init+0x15/0xb0 [ip_tables]
Jul 1 00:42:50 fileserver2 kernel: [<ffffffff8100204c>] do_one_initcall+0x3c/0x1d0
Jul 1 00:42:50 fileserver2 kernel: [<ffffffff810af5f1>] sys_init_module+0xe1/0x250
Jul 1 00:42:50 fileserver2 kernel: [<ffffffff8100b0f2>] system_call_fastpath+0x16/0x1b
[/code]
It keeps repeating the same thing over and over again.
The only way to get iptables back up is to restart the server.
What is the cause of this and why?
I seem to have a broken centos 6.2 firewall on my server.
If I use system-config-firewall to edit ports and such and try to apply the new rule set, the firewall gui hangs.
Then if trying to start iptables via "service iptables start" it hangs at "Applying Firewall rules:" as well.
/var/log/messages
[code]Jul 1 00:39:09 fileserver2 smbd[14978]: [2012/07/01 00:39:09.330152, 0] lib/util_sock.c:474(read_fd_with_timeout)
Jul 1 00:39:09 fileserver2 smbd[14978]: [2012/07/01 00:39:09.330279, 0] lib/util_sock.c:1441(get_peer_addr_internal)
Jul 1 00:39:09 fileserver2 smbd[14978]: getpeername failed. Error was Transport endpoint is not connected
Jul 1 00:39:09 fileserver2 smbd[14978]: read_fd_with_timeout: client 0.0.0.0 read error = Connection reset by peer.
Jul 1 00:40:50 fileserver2 kernel: INFO: task modprobe:13356 blocked for more than 120 seconds.
Jul 1 00:40:50 fileserver2 kernel: "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
Jul 1 00:40:50 fileserver2 kernel: modprobe D 0000000000000000 0 13356 1 0x00000084
Jul 1 00:40:50 fileserver2 kernel: ffff8800c8eafe48 0000000000000082 ffffea0001a969c8 0000000000000000
Jul 1 00:40:50 fileserver2 kernel: ffff8800c8eafdd8 ffffffff81010b2e ffff8800c8eafde8 ffffffff81114941
Jul 1 00:40:50 fileserver2 kernel: ffff880219b5fab8 ffff8800c8eaffd8 000000000000f4e8 ffff880219b5fab8
Jul 1 00:40:50 fileserver2 kernel: Call Trace:
Jul 1 00:40:50 fileserver2 kernel: [<ffffffff81010b2e>] ? copy_user_generic+0xe/0x20
Jul 1 00:40:50 fileserver2 kernel: [<ffffffff81114941>] ? probe_kernel_write+0x41/0x70
Jul 1 00:40:50 fileserver2 kernel: [<ffffffff814ee15e>] __mutex_lock_slowpath+0x13e/0x180
Jul 1 00:40:50 fileserver2 kernel: [<ffffffffa00af000>] ? ip_tables_init+0x0/0xb0 [ip_tables]
Jul 1 00:40:50 fileserver2 kernel: [<ffffffff814edffb>] mutex_lock+0x2b/0x50
Jul 1 00:40:50 fileserver2 kernel: [<ffffffffa00af000>] ? ip_tables_init+0x0/0xb0 [ip_tables]
Jul 1 00:40:50 fileserver2 kernel: [<ffffffff814287ad>] register_pernet_subsys+0x1d/0x50
Jul 1 00:40:50 fileserver2 kernel: [<ffffffffa00af015>] ip_tables_init+0x15/0xb0 [ip_tables]
Jul 1 00:40:50 fileserver2 kernel: [<ffffffff8100204c>] do_one_initcall+0x3c/0x1d0
Jul 1 00:40:50 fileserver2 kernel: [<ffffffff810af5f1>] sys_init_module+0xe1/0x250
Jul 1 00:40:50 fileserver2 kernel: [<ffffffff8100b0f2>] system_call_fastpath+0x16/0x1b
Jul 1 00:41:49 fileserver2 smbd[2136]: [2012/07/01 00:41:49.335989, 0] smbd/server.c:281(remove_child_pid)
Jul 1 00:41:49 fileserver2 smbd[2136]: Could not find child 15215 -- ignoring
Jul 1 00:42:03 fileserver2 smbd[15213]: [2012/07/01 00:42:03.326799, 0] lib/util_sock.c:474(read_fd_with_timeout)
Jul 1 00:42:03 fileserver2 smbd[15213]: [2012/07/01 00:42:03.326900, 0] lib/util_sock.c:1441(get_peer_addr_internal)
Jul 1 00:42:03 fileserver2 smbd[15213]: getpeername failed. Error was Transport endpoint is not connected
Jul 1 00:42:03 fileserver2 smbd[15213]: read_fd_with_timeout: client 0.0.0.0 read error = Connection reset by peer.
Jul 1 00:42:33 fileserver2 smbd[15252]: [2012/07/01 00:42:33.324764, 0] lib/util_sock.c:474(read_fd_with_timeout)
Jul 1 00:42:33 fileserver2 smbd[15252]: [2012/07/01 00:42:33.324880, 0] lib/util_sock.c:1441(get_peer_addr_internal)
Jul 1 00:42:33 fileserver2 smbd[15252]: getpeername failed. Error was Transport endpoint is not connected
Jul 1 00:42:33 fileserver2 smbd[15252]: read_fd_with_timeout: client 0.0.0.0 read error = Connection reset by peer.
Jul 1 00:42:50 fileserver2 kernel: INFO: task modprobe:13356 blocked for more than 120 seconds.
Jul 1 00:42:50 fileserver2 kernel: "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
Jul 1 00:42:50 fileserver2 kernel: modprobe D 0000000000000000 0 13356 1 0x00000084
Jul 1 00:42:50 fileserver2 kernel: ffff8800c8eafe48 0000000000000082 ffffea0001a969c8 0000000000000000
Jul 1 00:42:50 fileserver2 kernel: ffff8800c8eafdd8 ffffffff81010b2e ffff8800c8eafde8 ffffffff81114941
Jul 1 00:42:50 fileserver2 kernel: ffff880219b5fab8 ffff8800c8eaffd8 000000000000f4e8 ffff880219b5fab8
Jul 1 00:42:50 fileserver2 kernel: Call Trace:
Jul 1 00:42:50 fileserver2 kernel: [<ffffffff81010b2e>] ? copy_user_generic+0xe/0x20
Jul 1 00:42:50 fileserver2 kernel: [<ffffffff81114941>] ? probe_kernel_write+0x41/0x70
Jul 1 00:42:50 fileserver2 kernel: [<ffffffff814ee15e>] __mutex_lock_slowpath+0x13e/0x180
Jul 1 00:42:50 fileserver2 kernel: [<ffffffffa00af000>] ? ip_tables_init+0x0/0xb0 [ip_tables]
Jul 1 00:42:50 fileserver2 kernel: [<ffffffff814edffb>] mutex_lock+0x2b/0x50
Jul 1 00:42:50 fileserver2 kernel: [<ffffffffa00af000>] ? ip_tables_init+0x0/0xb0 [ip_tables]
Jul 1 00:42:50 fileserver2 kernel: [<ffffffff814287ad>] register_pernet_subsys+0x1d/0x50
Jul 1 00:42:50 fileserver2 kernel: [<ffffffffa00af015>] ip_tables_init+0x15/0xb0 [ip_tables]
Jul 1 00:42:50 fileserver2 kernel: [<ffffffff8100204c>] do_one_initcall+0x3c/0x1d0
Jul 1 00:42:50 fileserver2 kernel: [<ffffffff810af5f1>] sys_init_module+0xe1/0x250
Jul 1 00:42:50 fileserver2 kernel: [<ffffffff8100b0f2>] system_call_fastpath+0x16/0x1b
[/code]
It keeps repeating the same thing over and over again.
The only way to get iptables back up is to restart the server.
What is the cause of this and why?