Kernel / iptables issue

2025-04-09

This has hapenned 5+ times, and I don't know exactly why it happens.

The system keeps pingable, but all services become unaccessible as if the ports were closed, and the only solution is a hard reboot.

This happened again today. Called the data center and asked for the tech to take a look at the console. Here's what he got:

-=-
Answer : This is what the console screen showed:

ipt_unclean: TCP option 73 after end
ipt_unclean: TCP option 111 0 len
ipt_unclean: TCP option 8 after end
ipt_unclean: TCP option 111 0 len
ipt_unclean: TCP option 111 0 len
ipt_unclean: TCP option 111 0 len
ipt_unclean: TCP option 2 after end
ipt_unclean: TCP option 111 0 len

And the system was unresponsive to the keyboard.
-=-

Looking at /etc/messages, the the last logs before the 'crash' were from pure-ftp, and we found several ipt_unclean entries:

Mar 26 11:08:33 rio kernel: ipt_unclean: TCP option 73 after end
Mar 26 11:08:36 rio kernel: ipt_unclean: TCP option 73 after end
Mar 26 11:08:42 rio kernel: ipt_unclean: TCP option 73 after end
Mar 26 11:08:52 rio kernel: ipt_unclean: TCP option 8 after end
Mar 26 11:08:54 rio kernel: ipt_unclean: TCP option 8 after end
Mar 26 11:08:55 rio kernel: ipt_unclean: TCP option 8 after end
Mar 26 11:10:21 rio kernel: ipt_unclean: TCP option 8 after end
Mar 26 11:10:42 rio kernel: ipt_unclean: TCP option 73 after end
Mar 26 11:10:43 rio kernel: ipt_unclean: TCP option 8 after end
Mar 26 11:12:54 rio kernel: ipt_unclean: TCP flags bad: 21
Mar 26 11:13:09 rio kernel: ipt_unclean: TCP flags bad: 21
Mar 26 11:13:09 rio kernel: ipt_unclean: TCP flags bad: 21
Mar 26 11:13:11 rio kernel: ipt_unclean: TCP flags bad: 21
Mar 26 11:14:14 rio kernel: ipt_unclean: TCP flags bad: 21

Here's part of our iptables config:

root@rio [/]# iptables -L | grep UNCLEAN
IN_UNCLEAN all -- anywhere anywhere unclean
OUT_UNCLEAN all -- anywhere anywhere unclean
Chain IN_UNCLEAN (1 references)
UNCLEAN all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level warning prefix `** UNCLEAN ** '
Chain OUT_UNCLEAN (1 references)
UNCLEAN all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level warning prefix `** UNCLEAN ** '
Chain UNCLEAN (2 references)

Does anyone have any idea of what may be going on here? I know there used to be an ipt_unclean bug, but that's old, right?

The system is a Dual Xeon, 1GB RAM, SCSI, running RH9 (2.4.20-30.9smp).

Thanks for any inputs.