0
zanzibar

[ODROID C2] Kernel Panic and reboot - iptables bug?

Recommended Posts

Hello,

Recently I have discovered bug in kernel or maybe iptables with using Huawei E3372h LTE Hi-Link USB dongle (or maybe other devices which exposes HTTP interfaces over cdc_ether). Odroid enters into kernel panic and reboot.

I am using ARMBIAN 5.85 stable Debian GNU/Linux 9 (stretch) 4.19.42-meson64.

kernel:[   60.801868] Internal error: Oops: 96000004 [#1] PREEMPT SMP

The steps to recreate the bug:

1) disable or remove NetworkManager, use only IPv4,

2) set network interfaces in /etc/network/interfaces

source /etc/network/interfaces.d/*

auto lo
iface lo inet loopback

auto eth0
allow-hotplug eth0
iface eth0 inet static
        address 10.0.0.1
        netmask 255.255.255.0

allow-hotplug enxXXX
iface enxXXX inet dhcp

enxXXX - is example name of your E3372h (virtual?) ethernet interface.

 

3) check settings in /etc/sysctl.conf - you need have some routing capabilites on - mine is:

kernel.printk = 3 4 1 3

net.ipv4.conf.default.rp_filter=1
net.ipv4.conf.all.rp_filter=1

net.ipv4.tcp_syncookies=1

net.ipv4.ip_forward=1

net.ipv4.conf.all.accept_redirects = 0
net.ipv6.conf.all.accept_redirects = 0

net.ipv4.conf.all.secure_redirects = 0

net.ipv4.conf.all.send_redirects = 0

net.ipv4.conf.all.accept_source_route = 0
net.ipv6.conf.all.accept_source_route = 0

net.ipv6.conf.all.disable_ipv6=1
net.ipv4.icmp_echo_ignore_broadcasts=1
net.ipv4.icmp_echo_ignore_all=1

vm.swappiness=100

4) set iptables rules to forward packets between local eth0 and usb dongle ethernet:

*nat
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
-A POSTROUTING -o enxXXX -j MASQUERADE
COMMIT

*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT DROP [0:0]
:interfaces - [0:0]
:open - [0:0]
-A INPUT -m conntrack --ctstate ESTABLISHED -j ACCEPT
-A INPUT -j interfaces
-A INPUT -j open
-A INPUT -j DROP

-A FORWARD -i enxXXX -o eth0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i eth0 -o enxXXX -p tcp -m multiport --dports 80,443,9001,9111,3690 -j ACCEPT
-A FORWARD -i eth0 -o enxXXX -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A FORWARD -j DROP

-A OUTPUT -j ACCEPT
-A interfaces -i lo -j ACCEPT
COMMIT

5) connect to local eth0 other computer (set static IP to eg. 10.0.0.2, netmask 255.255.255.0 and gateway 10.0.0.1),

6) from other computer you should be able to ping E3372h eth interface: 192.168.8.1,

7) open web browser (I have Firefox) - enter address: http://192.168.8.1

8) after 5-10 seconds kernel panic occurs

9) after reboot there is a green background on screen via HDMI (need to hard power off and on to start without green screen).

 

I have attached two fotos: 1 - kernel oops messages; 2 - green screen.

 

Has anyone had a similar problem?

 

 

 

kernel_oops_odroidc2.jpg

green_screen_after_kernel_oops_odroidc2.jpg

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
0