Opened 12 years ago
Closed 11 years ago
#11109 closed defect (fixed)
linux (CentOS) host hangs when "stopping" iptables
| Reported by: | mcfip | Owned by: | |
|---|---|---|---|
| Component: | other | Version: | VirtualBox 4.2.2 |
| Keywords: | Cc: | ||
| Guest type: | other | Host type: | other |
Description
It does not appear anyone has reported this issue to VirtualBox. I hope I did not overlook a previous report.
Guest: Windows 7. Host: CentOS 6.3
After upgrading to 4.2 (now on 4.2.2), my host hangs whenever I stop or restart iptables. When iptables tries to unload the network modules, it hangs while trying to unload the last module. I do not recall this happening before 4.2, but I found a thread on the CentOS forum that is identical to my issue in 4.1.x versions.
My system will reboot / shutdown fine if I do not load a VM session.
Once I load (and unload) a VM session, my host will hang everytime while unloading network modules within the iptables script to stop iptables. This is reproducible 100% of the time.
The hang occurs in iptables script when it trys to unload remaning netfilter modules used by ipv4 and ipv6.
netfilters to unload == x_tables nf_nat nf_conntrack
The first two unload fine. When it unloads nf_conntrack, a referring module" xt_state is found and it calls rmmod to unload it.
The script hangs when the "modprobe -r $mod" command (modprobe -r xt_state) is executed for the xl_state module.
A CentOS thread describes the same issue from other users:
http://www.centos.org/modules/newbb/viewtopic.php?topic_id=39553&forum=59
There is a work-around at the bottom of the thread but this is not ideal and is not recommended (per the comments in the iptables-config file.
I am attaching a vbox.log for the "guest" and a vboxsvr.log for the "host".
P{lease let me know if you need more information from my system. I can easily retest and get any log info you may need.
Mike
Attachments (3)
Change History (6)
by , 12 years ago
comment:1 by , 11 years ago
This problem could be related to #11178. I am attaching the patch for vboxnetflt kernel module. You can try in out following these steps (you need to be root):
- go to VirtualBox installation directory (depends on distro, try /usr/share/virtualbox/src/vboxhost);
- apply the patch:
patch -p0 -i <path_to_netflt_conntrack_leak.patch>
- rebuild the modules:
/etc/init.d/vboxdrv setup
Please let me know the results.
by , 11 years ago
| Attachment: | netflt_conntrack_leak.patch added |
|---|
Fix for connection leak problem that may explain the hang
comment:3 by , 11 years ago
| Resolution: | → fixed |
|---|---|
| Status: | new → closed |
No response. Please reopen if necessary.
VBox Guest (Win 7 x64 Pro) log