1260748823 M * smash havnt had any issues with iptables in years :/
1260749197 M * Bertl need to setup a test system first, but you could try with 2.6.31.x and the same config
1260749288 M * smash 2.6.32 config wasnt compatible to 2.6.31.6 last time I tried
1260749332 M * smash a make (silent)oldconfig will just wanna redo it all over
1260749686 M * Bertl make oldconfig should work, maybe you need to answer a few questions, but should be otherwise fine
1260749842 M * smash as I said it'll start all over
1260749845 M * smash from the beginning
1260749845 M * smash ;)
1260749907 M * smash I might test it without a vs patch tho (booting debian lenny's standard kernel then)
1260749947 M * Bertl can't hurt either, but I'd avoid patches alltogether, i.e. use vanilla
1260749977 M * smash yea
1260749982 M * smash only patch I use is vs tho
1260749995 M * smash but wlel you said you didnt touch the networking code in that regard
1260750001 M * smash (sure it could still be some regression)
1260750046 M * smash I will do further testing this night since it's in production mode and I want to avoid downtime of services as much as I can
1260750069 M * smash if its still doing that weird behavior atleast we know its not linuxvserver that fails here and I can blame the netfilter guys
1260750616 J * cuba33ci ~cuba33ci@118-160-171-66.dynamic.hinet.net
1260751276 M * smash I was just testing a bit Bertl the packets that were not matched by PREROUTING
1260751279 M * smash were matched in INPUT
1260751309 M * smash every parameter the same just thats its not -t nat -A PREROUTING but just "-A INPUT"
1260751340 M * Bertl what kind of traffic?
1260751343 M * smash the conclusion is the one I initially drew from that .. somehoe the packets just dont pass prerouting (and no they're not locally generated)
1260751346 M * smash udp
1260751351 M * smash one can emulate it with nc
1260751361 M * smash just ascii
1260751377 M * Bertl (I was asking that before, because for traffic directed to the host it is expected to use input/output, not pre/postrouting)
1260751388 M * smash well it is directed to the node
1260751397 M * Bertl which is the host
1260751400 M * smash yes
1260751402 M * smash thats my point
1260751409 M * smash thats why I thought you rewrote some of the network stack code
1260751414 M * smash to make sure packets are redirected
1260751415 M * Bertl so, expected and fine
1260751429 M * smash well but why do some match?
1260751431 M * Bertl no, we do not change the network behaviour in Linux-VServer 
1260751450 M * smash as I said above I have 3 rules .. all three consist of string matches (in the current test run)
1260751460 M * Bertl those which a forwarded will use pre/postrouting
1260751465 M * smash if I send "ABC" => passes prerouting gets redirect
1260751469 M * Bertl *are
1260751470 M * smash if I send "DEF" => passes prerouting gets redirect
1260751486 M * smash if I send "GHI" => doesnt pass prerouting ends up in INPUT
1260751554 M * smash all three packets are sent to the node and according to your logic above should never reach prerouting
1260751562 M * smash but they do (2 of them do) the 3rd doesnt
1260751622 M * smash or well rather all should go through prerouting
1260751629 M * smash unless the packets are generated locally
1260751657 M * smash but they dont .. thats my whole point here :(
1260751709 M * Bertl upload your complete iptables and routing setup somewhere and I can take a look at it
1260753727 Q * FaUl Ping timeout: 480 seconds
1260753948 J * FaUl immo@shell.chaostreff-dortmund.de
1260760577 Q * manana Ping timeout: 480 seconds
1260760936 Q * larsivi Read error: Connection reset by peer
1260760966 J * larsivi ~larsivi@37.80-202-217.nextgentel.com
1260763227 J * saulus_ ~saulus@c152104.adsl.hansenet.de
1260763636 Q * SauLus Ping timeout: 480 seconds
1260763637 N * saulus_ SauLus
1260764625 Q * FireEgl Quit: Leaving...
1260764716 Q * derjohn_mob Ping timeout: 480 seconds
1260765518 J * geb ~geb@earth.gebura.eu.org
1260765539 M * Bertl off to bed now ... have a good one everyone!
1260765544 N * Bertl Bertl_zZ
1260765572 J * FireEgl Proteus@2001:470:e056:1:4::9
1260769952 Q * vServer_User Ping timeout: 480 seconds
1260769976 J * vServer_User ~vServer_U@host90-152-15-246.ipv4.regusnet.com
1260770509 J * thierryp ~thierry@home.parmentelat.net
1260771406 Q * nenolod Ping timeout: 480 seconds
1260771791 Q * thierryp Remote host closed the connection
1260772181 Q * niki Ping timeout: 480 seconds
1260772219 J * ghislain ~AQUEOS@LPuteaux-151-41-11-129.w217-128.abo.wanadoo.fr
1260772623 J * derjohn_mob ~aj@tmo-108-40.customers.d1-online.com
1260773175 J * nenolod ~nenolod@petrie.dereferenced.org
1260773516 Q * nenolod Quit: Leaving
1260773537 J * nenolod ~nenolod@petrie.dereferenced.org
1260773803 J * thierryp ~thierry@home.parmentelat.net
1260774231 Q * thierryp Remote host closed the connection
1260776092 Q * geb Ping timeout: 480 seconds
1260776621 J * davidkarban ~david@80.250.18.198
1260777061 J * geb ~geb@159.4.82-79.rev.gaoland.net
1260777540 J * manana ~mayday090@84.17.25.149
1260777899 Q * manana Remote host closed the connection
1260777988 J * friendly ~friendly@ppp118-209-31-140.lns20.mel4.internode.on.net
1260778036 J * manana ~mayday090@84.17.25.149
1260778704 J * thierryp ~thierry@zankai.inria.fr
1260778757 J * thierryp_ ~thierry@zankai.inria.fr
1260778757 Q * thierryp Read error: Connection reset by peer
1260779787 Q * derjohn_mob Ping timeout: 480 seconds
1260780091 J * kir ~kir@swsoft-msk-nat.sw.ru
1260780466 J * sharkjaw ~gab@90.149.121.45
1260780676 Q * thierryp_ Remote host closed the connection
1260781085 J * bonbons ~bonbons@2001:960:7ab:0:2c0:9fff:fe2d:39d
1260781404 J * thierryp ~thierry@vis201b.inria.fr
1260781701 J * ksn ~kuben@41.151.28.26
1260781702 Q * ksn Read error: Connection reset by peer
1260781733 J * ksn ~kuben@41.151.28.26
1260781733 Q * ksn Read error: Connection reset by peer
1260781788 J * ksn ~kuben@41.151.28.26
1260781789 Q * ksn Read error: Connection reset by peer
1260782515 J * barismetin ~barismeti@zanzibar.inria.fr
1260783821 J * derjohn_mob ~aj@80.85.196.112
1260784331 J * BenG ~bengreen@cpc2-aztw22-2-0-cust521.aztw.cable.virginmedia.com
1260785260 J * gnuk ~F404ror@pla93-3-82-240-11-251.fbx.proxad.net
1260786491 Q * thierryp Remote host closed the connection
1260787147 J * thierryp ~thierry@zankai.inria.fr
1260787375 J * balbir ~balbir@122.161.47.176
1260787876 J * yarihm ~yarihm@80-219-169-125.dclient.hispeed.ch
1260787991 Q * gnuk Ping timeout: 480 seconds
1260788278 Q * friendly Quit: Leaving.
1260788502 J * gnuk ~F404ror@pla93-3-82-240-11-251.fbx.proxad.net
1260789235 Q * balbir Read error: Connection reset by peer
1260794793 Q * jpic Ping timeout: 480 seconds
1260795724 M * mrjack rehi
1260796037 J * hparker ~hparker@linux.homershut.net
1260797953 M * thierryp daniel_hozac: hi
1260798113 M * thierryp I'm trying to locate a chroot-friendly yum for fedora12
1260798143 M * thierryp stock yum version is 3.2.25
1260798212 M * thierryp is this available yet ?
1260798437 J * balbir ~balbir@122.163.143.149
1260799513 Q * sharkjaw Ping timeout: 480 seconds
1260799592 Q * cuba33ci Remote host closed the connection
1260799826 Q * yarihm Quit: This computer has gone to sleep
1260799890 J * yarihm ~yarihm@80-219-169-125.dclient.hispeed.ch
1260799966 Q * hparker Quit: Read error: 104 (Peer reset by connection)
1260800111 J * hparker ~hparker@2001:470:1f0f:32c:290:96ff:fe50:40fa
1260800293 Q * yarihm Quit: This computer has gone to sleep
1260800752 Q * davidkarban Quit: Ex-Chat
1260802279 J * SlackLnx ~SlackWare@a85-139-11-169.cpe.netcabo.pt
1260802432 J * cuba33ci ~cuba33ci@118-160-168-140.dynamic.hinet.net
1260802859 N * Bertl_zZ Bertl
1260802863 M * Bertl morning folks!
1260803308 Q * manana Ping timeout: 480 seconds
1260803440 Q * thierryp Remote host closed the connection
1260803540 J * thierryp ~thierry@zankai.inria.fr
1260805126 J * jpic ~jpic@chocolatpistache.com
1260805373 J * manana ~mayday090@84.17.25.149
1260805928 Q * balbir Ping timeout: 480 seconds
1260807163 Q * thierryp Ping timeout: 480 seconds
1260807191 J * dowdle ~dowdle@scott.coe.montana.edu
1260808458 Q * kir Quit: Leaving.
1260808935 J * balbir ~balbir@122.163.143.149
1260809155 Q * barismetin Quit: Leaving...
1260809998 J * thierryp ~thierry@home.parmentelat.net
1260811905 Q * geb Quit: /
1260814254 J * vServer_User_Zz ~vServer_U@host90-152-15-246.ipv4.regusnet.com
1260814342 Q * vServer_User Ping timeout: 480 seconds
1260814675 Q * derjohn_mob Ping timeout: 480 seconds
1260814852 Q * vServer_User_Zz Remote host closed the connection
1260814866 J * vServer_User ~vServer_U@host90-152-15-246.ipv4.regusnet.com
1260815227 J * hijacker ~hijacker@87-126-142-51.btc-net.bg
1260815403 Q * hijacker_ Ping timeout: 480 seconds
1260815979 J * imcsk8 ~ichavero@148.229.1.11
1260816335 Q * gnuk Ping timeout: 480 seconds
1260816444 J * gnuk ~F404ror@pla93-3-82-240-11-251.fbx.proxad.net
1260817220 J * hijacker_ ~hijacker@213.91.163.5
1260817274 Q * SlackLnx Ping timeout: 480 seconds
1260818435 Q * gnuk Quit: NoFeature
1260818590 M * Guest968 2.6.31.8 conflicts a bit with vserver patch due to ext4 changes
1260818597 N * Guest968 arekm
1260818738 M * Bertl ah, .31.8 is out?
1260818768 M * Bertl will check shortly
1260819096 M * arachnist .32.1 also seems to be out
1260819685 Q * BenG Quit: I Leave
1260823602 Q * hparker Quit: Read error: 104 (Peer reset by connection)
1260824132 Q * hijacker Ping timeout: 480 seconds
1260824149 J * hijacker ~hijacker@213.91.163.5
1260824649 Q * hijacker Ping timeout: 480 seconds
1260824896 J * blues ~blues@afb1.neoplus.adsl.tpnet.pl
1260825012 Q * blues_ Ping timeout: 480 seconds
1260825317 J * hijacker ~hijacker@87-126-142-51.btc-net.bg
1260826509 J * hparker ~hparker@2001:470:1f0f:32c:215:f2ff:fe60:79d4
1260828682 Q * thierryp Remote host closed the connection
1260829408 J * derjohn_mob ~aj@d004032.adsl.hansenet.de
1260829568 J * thierryp ~thierry@home.parmentelat.net
1260829869 Q * hijacker Ping timeout: 480 seconds
1260829885 J * hijacker ~hijacker@213.91.163.5
1260830545 Q * hijacker Quit: Leaving
1260830793 J * BenG ~bengreen@cpc2-aztw22-2-0-cust521.aztw.cable.virginmedia.com
1260834167 Q * quasisane Quit: leaving
1260834203 M * BenG anyone any idea how to get two guests to share an IP address?
1260834250 M * BenG I'll try adding the same ip to both configs, see what happens, but if anyone has done this already, let me know
1260834271 M * Bertl works, but not advised
1260834318 Q * dowdle Remote host closed the connection
1260834318 M * Bertl usually a better approach is to assign private IPs to both guests, and S/DNAT the ports
1260834614 M * BenG I want to be able to have an instance of apache running on one guest (on the shared IP), then to be able to stop it and run it on the other guest
1260834655 M * BenG hmm, yeah, S/DNAT would still work
1260834659 M * BenG cheers Bertl 
1260834670 M * Bertl you're welcome!
1260834700 M * Bertl the S/DNAT actually allows you to run them side by side, and switch with the rule
1260834832 M * BenG yep, I figured, even better!
1260834869 M * BenG actaully, not sure that would work with what I have planned, but interesting nonetheless
1260835190 J * quasisane ~sanep@c-75-67-251-206.hsd1.nh.comcast.net