Jump to content

[ODROID C2] Kernel Panic and reboot - iptables bug?

zanzibar

By zanzibar
in Amlogic meson

 Share

Recommended Posts

zanzibar

zanzibar

Posted
Posted

Hello,

Recently I have discovered bug in kernel or maybe iptables with using Huawei E3372h LTE Hi-Link USB dongle (or maybe other devices which exposes HTTP interfaces over cdc_ether). Odroid enters into kernel panic and reboot.

I am using ARMBIAN 5.85 stable Debian GNU/Linux 9 (stretch) 4.19.42-meson64. 

kernel:[   60.801868] Internal error: Oops: 96000004 [#1] PREEMPT SMP

The steps to recreate the bug:

1) disable or remove NetworkManager, use only IPv4,

2) set network interfaces in /etc/network/interfaces 

source /etc/network/interfaces.d/*

auto lo
iface lo inet loopback

auto eth0
allow-hotplug eth0
iface eth0 inet static
        address 10.0.0.1
        netmask 255.255.255.0

allow-hotplug enxXXX
iface enxXXX inet dhcp

enxXXX - is example name of your E3372h (virtual?) ethernet interface.

 

3) check settings in /etc/sysctl.conf - you need have some routing capabilites on - mine is: 

kernel.printk = 3 4 1 3

net.ipv4.conf.default.rp_filter=1
net.ipv4.conf.all.rp_filter=1

net.ipv4.tcp_syncookies=1

net.ipv4.ip_forward=1

net.ipv4.conf.all.accept_redirects = 0
net.ipv6.conf.all.accept_redirects = 0

net.ipv4.conf.all.secure_redirects = 0

net.ipv4.conf.all.send_redirects = 0

net.ipv4.conf.all.accept_source_route = 0
net.ipv6.conf.all.accept_source_route = 0

net.ipv6.conf.all.disable_ipv6=1
net.ipv4.icmp_echo_ignore_broadcasts=1
net.ipv4.icmp_echo_ignore_all=1

vm.swappiness=100

4) set iptables rules to forward packets between local eth0 and usb dongle ethernet: 

*nat
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
-A POSTROUTING -o enxXXX -j MASQUERADE
COMMIT

*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT DROP [0:0]
:interfaces - [0:0]
:open - [0:0]
-A INPUT -m conntrack --ctstate ESTABLISHED -j ACCEPT
-A INPUT -j interfaces
-A INPUT -j open
-A INPUT -j DROP

-A FORWARD -i enxXXX -o eth0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i eth0 -o enxXXX -p tcp -m multiport --dports 80,443,9001,9111,3690 -j ACCEPT
-A FORWARD -i eth0 -o enxXXX -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A FORWARD -j DROP

-A OUTPUT -j ACCEPT
-A interfaces -i lo -j ACCEPT
COMMIT

5) connect to local eth0 other computer (set static IP to eg. 10.0.0.2, netmask 255.255.255.0 and gateway 10.0.0.1),

6) from other computer you should be able to ping E3372h eth interface: 192.168.8.1,

7) open web browser (I have Firefox) - enter address: http://192.168.8.1

8) after 5-10 seconds kernel panic occurs

9) after reboot there is a green background on screen via HDMI (need to hard power off and on to start without green screen).

 

I have attached two fotos: 1 - kernel oops messages; 2 - green screen.

 

Has anyone had a similar problem?

 

 

 

kernel_oops_odroidc2.jpg

green_screen_after_kernel_oops_odroidc2.jpg

<
Guest
This topic is now closed to further replies.
 Share
Go to topic listing
×
×
  • Create New...

Important Information

Terms of Use - Privacy Policy - Guidelines

  I accept