Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753265AbcJKD54 (ORCPT ); Mon, 10 Oct 2016 23:57:56 -0400 Received: from nacho.alt.net ([208.90.169.18]:60027 "EHLO nacho.alt.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751028AbcJKD5z (ORCPT ); Mon, 10 Oct 2016 23:57:55 -0400 Comment: DKIM? See http://www.dkim.org Comment: DomainKeys? See http://antispam.yahoo.com/domainkeys DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=default; d=alt.net; h=Received:Received:Received:Date:To:cc:Subject:In-Reply-To:Message-ID:References:User-Agent:MIME-Version:Content-Type:X-Delivery-Agent:From:Reply-To; b=PAUjjjNJLN1+rIbYSkEalQk2GiTTY7zkB2FnXcMxaCjArODZEb5SfhvHaWd8ew 0fPHJSUApVRVA20igA7VEZuDni0aIWa6ICP08AHnBwhF6EsxwmZYXLdcxhv4MgzV +PQDNxbjiZ+jPFpduXB20lbHIwitlhs9wp1n9oPViB+C8=; Date: Tue, 11 Oct 2016 03:57:52 +0000 (UTC) To: Liping Zhang cc: Vishwanath Pai , Pablo Neira Ayuso , Justin Piszcz , linux-kernel@vger.kernel.org, Linux Kernel Network Developers Subject: Re: kernel v4.8: iptables logs are truncated with the 4.8 kernel? In-Reply-To: Message-ID: References: User-Agent: Alpine 2.00 (LNX 1167 2008-08-23) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Delivery-Agent: TMDA/1.1.12 (Macallan) From: Chris Caputo Reply-To: Chris Caputo Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 922 Lines: 28 On Tue, 11 Oct 2016, Liping Zhang wrote: > Yes, thanks for clarifying this. There's a bug in kernel, can you try > this patch: > > diff --git a/net/netfilter/xt_NFLOG.c b/net/netfilter/xt_NFLOG.c > index 018eed7..8c069b4 100644 > --- a/net/netfilter/xt_NFLOG.c > +++ b/net/netfilter/xt_NFLOG.c > @@ -32,6 +32,7 @@ nflog_tg(struct sk_buff *skb, const struct > xt_action_param *par) > li.u.ulog.copy_len = info->len; > li.u.ulog.group = info->group; > li.u.ulog.qthreshold = info->threshold; > + li.u.ulog.flags = 0; > > if (info->flags & XT_NFLOG_F_COPY_LEN) > li.u.ulog.flags |= NF_LOG_F_COPY_LEN; I have tested the above patch with 4.8.1, with and without nflog-size defined in an iptables configuration, and it works well. The ulogd-2.0.5 segfaults no longer happen when nflog-size is not present in a target. I recommend this fix. Thanks, Chris