-
-
Notifications
You must be signed in to change notification settings - Fork 110
Description
Hi,
After setting up port forwarding to sslproxy's listening port connection to sslproxy got stuck and in dmesg the following erros appeared:
[283850.712141] INFO: task sslproxy:27726 blocked for more than 120 seconds.
[283850.712150] Not tainted 4.14.22-v7+ #1096
[283850.712153] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[283850.712157] sslproxy D 0 27726 27725 0x00000001
[283850.712183] [<80776e60>] (__schedule) from [<807774d8>] (schedule+0x50/0xa8)
[283850.712194] [<807774d8>] (schedule) from [<8064e91c>] (__lock_sock+0x74/0x9c)
[283850.712203] [<8064e91c>] (__lock_sock) from [<8064e9ac>] (lock_sock_nested+0x68/0x70)
[283850.712218] [<8064e9ac>] (lock_sock_nested) from [<7f1785d4>] (getorigdst+0x3c/0x19c [nf_conntrack_ipv4])
[283850.712237] [<7f1785d4>] (getorigdst [nf_conntrack_ipv4]) from [<806ad578>] (nf_getsockopt+0x4c/0x64)
[283850.712246] [<806ad578>] (nf_getsockopt) from [<806baea4>] (ip_getsockopt+0xb0/0xec)
[283850.712256] [<806baea4>] (ip_getsockopt) from [<806c3378>] (tcp_getsockopt+0x34/0x50)
[283850.712265] [<806c3378>] (tcp_getsockopt) from [<8064cbf0>] (sock_common_getsockopt+0x30/0x38)
[283850.712273] [<8064cbf0>] (sock_common_getsockopt) from [<8064c1bc>] (SyS_getsockopt+0x68/0xac)
[283850.712282] [<8064c1bc>] (SyS_getsockopt) from [<80108080>] (ret_fast_syscall+0x0/0x28)
This is the netfilter port forwarding rule I used:
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3080
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 443 -j REDIRECT --to-port 3443
The same firewall rules were used on Dietpi Jessie and it was working. So don't really know what went wrong here. I used the stock sslproxy.conf. Only changed the listening ports. And process cannot be killed anymore!
Please advise. Thanks!