kernel bug at xt_recent.c:610 stopping lxc guest (lxc-stop)

This bug is missing log files that will aid in diagnosing the problem. From a terminal window please run:

apport-collect 869068

and then change the status of the bug to 'Confirmed'.

If, due to the nature of the issue you have encountered, you are unable to run this command, please add a comment stating that fact and change the bug status to 'Confirmed'.

This change has been made by an automated script, maintained by the Ubuntu Kernel Team.

Frieder - please attach the relevant config files. I'm unable to reproduce this problem, but I'm also kind of an lxc novice. I've got libvirt-bin and lxc installed, and have the virbr0 interface up, but can't seem to get the container to run after creating /etc/lxc/centos_test.conf.

I looked into the lxc container again and after a while I finally stumbled over its iptables setup.
The bug already pointed to this place but I totally forgot about that.

Here are the iptables settings:
iptables -A INPUT -i eth0 -p tcp -m tcp --dport 21 -m state --state NEW -m recent --set --name FTP --rsource
iptables -A INPUT -i eth0 -p tcp -m tcp --dport 21 -m state --state NEW -m recent --update --seconds 60 --hitcount 20 --rttl --name FTP --rsource -j DROP

I've created a script to fully create a centos test installation using a precreated image from openVZ.
The script will download, patch and create a config (all files are in /lxc/centos_test) for the lxc.

To start the container and reproduce the bug:
lxc-start -n centos
ssh root@192.168.122.8
# execute above iptables there
exit
lxc-stop -n centos

anything ongoing here? Or should I report this bug to the lxc-project?

Is this still an issue with Precise?

it is still an issue with precise see 'precise_3.2.0-17-generic_xt_recent.c:610.log'

Just to be sure, I presume that executing 'iptables -F INPUT' within the container before lxc-stop avoids the problem ?

yes, flushing avoids this problem

I'm probably never gonna get around to this.

Frieder Bürzele, this bug was reported a while ago and there hasn't been any activity in it recently. We were wondering if this is still an issue? If so, could you please test for this with the latest development release of Ubuntu? ISO images are available from http://cdimage.ubuntu.com/daily-live/current/ .

If it remains an issue, could you please run the following command in the development release from a Terminal (Applications->Accessories->Terminal), as it will automatically gather and attach updated debug information to this report:

apport-collect -p linux <replace-with-bug-number>

Also, could you please test the latest upstream kernel available following https://wiki.ubuntu.com/KernelMainlineBuilds ? It will allow additional upstream developers to examine the issue. Please do not test the daily folder, but the one all the way at the bottom. Once you've tested the upstream kernel, please comment on which kernel version specifically you tested. If this bug is fixed in the mainline kernel, please add the following tags:
kernel-fixed-upstream
kernel-fixed-upstream-VERSION-NUMBER

where VERSION-NUMBER is the version number of the kernel you tested. For example:
kernel-fixed-upstream-v3.11-rc5

This can be done by clicking on the yellow circle with a black pencil icon next to the word Tags located at the bottom of the bug description. As well, please remove the tag:
needs-upstream-testing

If the mainline kernel does not fix this bug, please add the following tags:
kernel-bug-exists-upstream
kernel-bug-exists-upstream-VERSION-NUMBER

As well, please remove the tag:
needs-upstream-testing

Once testing of the upstream kernel is complete, please mark this bug's Status as Confirmed. Please let us know your results. Thank you for your understanding.

[Expired for linux (Ubuntu) because there has been no activity for 60 days.]