How to disable or remove ethernet in openwrt? - linux-kernel

I'm using vocore2, and present the boot time of my vocore2 running OpenWrt 19.07.3 is 30seconds, I want to decrease it by 10 seconds, while going through dmesg log I found starting ethernet takes around 7sec, so disabling ethernet will decrease boottime by 7sec.
[ 15.022570] kmodloader: done loading kernel modules from /etc/modules.d/*
[ 22.710060] br-lan: port 1(eth0.1) entered blocking state
[ 22.715623] br-lan: port 1(eth0.1) entered disabled state
[ 22.721459] device eth0.1 entered promiscuous mode
[ 22.726517] device eth0 entered promiscuous mode
[ 22.751465] br-lan: port 1(eth0.1) entered blocking state
[ 22.757014] br-lan: port 1(eth0.1) entered forwarding state
[ 22.762876] IPv6: ADDRCONF(NETDEV_UP): br-lan: link is not ready
[ 23.722126] efuse_probe: efuse = 10000012
[ 23.899450] tssi_1_target_pwr_g_band = 25
[ 29.820162] <==== rt28xx_init, Status=0
[ 29.844215] IPv6: ADDRCONF(NETDEV_CHANGE): br-lan: link becomes ready
[ 32.083358] br-lan: port 2(ra0) entered blocking state
[ 32.088656] br-lan: port 2(ra0) entered disabled state
[ 32.094226] device ra0 entered promiscuous mode
[ 32.098903] br-lan: port 2(ra0) entered blocking state
[ 32.104169] br-lan: port 2(ra0) entered forwarding state
So how to remove ethernet in openwrt?

Change your board config to delete those ethernet port.
From the result I found in google. This board is coming from this patch
From the boardconfig patch, it seems that the esw block is the ethernet config for this board. Remove it could work. I didn't tried any board from vocore2. Please take your own risk if there is no other recovery method than the ethernet port.

Related

Linux firewalld discards local UDP packet although ACCEPT rule is hit

On a RHEL8 system, I'm receiving UDP packet for destination port 2152 (gtp-user) from an external interface and they are not reaching the application listening on the UDP socket opened for that port. I see packets reaching the application fine if I stop firewalld. As soon as firewalld is started, packets get discarded.
I added a rule to explicitly accept these packets and I see my ACCEPT rule is now being hit with counter matching exactly the number of packets generated (1987 packets in dump below)
iptables -L -v
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
6755 4273K ACCEPT all -- any any anywhere anywhere state RELATED,ESTABLISHED
1 28 ACCEPT icmp -- any any anywhere anywhere
150 10358 ACCEPT all -- lo any anywhere anywhere
0 0 ACCEPT tcp -- any any anywhere anywhere state NEW tcp dpt:ssh
1987 1492K ACCEPT udp -- any any anywhere anywhere udp dpt:gtp-user
11 3849 REJECT all -- any any anywhere anywhere reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 REJECT all -- any any anywhere anywhere reject-with icmp-host-prohibited
Still packets are not reaching the application and when enabling log-denied=all I see in /var/log/messages a FINAL_REJECT entry for each packet sent while firewalld is running
kernel: FINAL_REJECT: IN=ens161 OUT= MAC=00:50:56:8a:de:55:00:50:56:8a:93:57:08:00 SRC=168.168.31.201 DST=168.168.31.31 LEN=751 TOS=0x18 PREC=0x60 TTL=100 ID=3109 DF PROTO=UDP SPT=2152 DPT=2152
Any ideas of why firewalld would reject these UDP packets after hitting the ACCEPT rule ?

Adding a multicast route to an interface in OSX

I have a VM running in Fusion that I want to hit by routing a specific endpoint address through the virtual ethernet interface (multicast DNS, in particular). First I was sending packets and inspecting with Wireshark noticing that nothing was getting through. Then I thought to check the routing table
$ netstat -rn | grep vmnet8
Destination Gateway Flags Refs Use Netif Expire
172.16.12/24 link#29 UC 2 0 vmnet8 !
172.16.12.255 ff:ff:ff:ff:ff:ff UHLWbI 0 35 vmnet8 !
But unlike other interfaces,
Destination Gateway Flags Refs Use Netif Expire
224.0.0.251 a1:10:5e:50:0:fb UHmLWI 0 732 en0
224.0.0.251 a1:10:5e:50:0:fb UHmLWI 0 0 en8
There was no multicast route. So I added it:
$ sudo route add -host 224.0.0.251 -interface vmnet8
add host 224.0.0.251: gateway vmnet8
And so it was true
$ netstat -rn | grep vmnet8
Destination Gateway Flags Refs Use Netif Expire
172.16.12/24 link#29 UC 2 0 vmnet8 !
172.16.12.255 ff:ff:ff:ff:ff:ff UHLWbI 0 35 vmnet8 !
224.0.0.251 a1:10:5e:50:0:fb UHmLS 0 13 vmnet8
I was also sure to check the interface flags to ensure it had been configured to support multicast
$ ifconfig vmnet8
vmnet8: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
ether 00:70:61:c0:11:08
inet 172.16.12.1 netmask 0xffffff00 broadcast 172.16.12.255
Still, no multicast packets I send are getting through. I noted that the other interface's multicast route have different flags than the default ones given to my added route. Namely UHmLWI vs UHmLS. The differences I can see are insignificant. From man netstat:
I RTF_IFSCOPE Route is associated with an interface scope
S RTF_STATIC Manually added
W RTF_WASCLONED Route was generated as a result of cloning
Then again, I'm not claiming to be a routing expert. Perhaps a multicast route entry must be made somehow differently?
You'll note that the Use column is non-zero, despite no packets showing in a sniffer.

How to enable routing in OS X El Capitan

I've got a Linux VMware virtual machine (guest) configured with a NAT adapter on a 192.168.56.0 subnet. Its IP address is 192.168.56.128 and my Mac (host) got 192.168.56.1. Guest's default gateway is automatically set to 192.168.56.2 and is able to ping google. Host's Wi-Fi IP is 192.168.0.2,
I've configured my Wi-Fi router with following routing table to forward packets of 192.168.56.0 to 192.168.0.2 (my Mac)
pi#raspberrypi ~ $ route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default 172.16.4.1 0.0.0.0 UG 0 0 0 eth0
172.16.4.0 * 255.255.252.0 U 0 0 0 eth0
192.168.0.0 * 255.255.255.0 U 0 0 0 wlan0
192.168.56.0 192.168.0.2 255.255.255.255 UGH 0 0 0 wlan0
192.168.57.0 192.168.0.2 255.255.255.255 UGH 0 0 0 wlan0
But I'm unable to ping guest from any other device on the Wi-Fi network (192.168.0.0). So it's obvious that my Mac running OS X El Capitan is not forwarding the packets from 192.168.0.0 to 192.168.56.0
Not sure about your specific case. In my case I just had two ethernets on the same MacMini and one host being one of these ethernets. The only thing I had to do is sudo sysctl -w net.inet.ip.forwarding=1
https://roelant.net/2015/share-your-vpn-mac-el-capitan.html however noted another variable as well (sudo sysctl -w net.inet.ip.fw.enable=1) and went into a NAT scenario (which I did not need)

Cannot access with IP from other devices, localhost server on MAC

I have set the default localhost server to run on my MAC with apache with the default settings. I can access the local server using localhost and the IP from the server it self but cannot access from another PC using the IP connected on the same WIFI network with a simple router.
I have disabled the firewall on mac but nothing.
This is my /etc/hosts file:
127.0.0.1 localhost
255.255.255.255 broadcasthost
::1 localhost
The mac IP on wifi is 192.168.10.102, the other PC IP is 192.168.10.105
Apache is set to listen on port 80, http.conf
Listen 80
sudo tcpdump -i en0 result:
15:35:28.384152 IP 192.168.10.105.63630 > 192.168.10.102.http: Flags [S], seq 2700046236, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
15:35:28.674606 IP 192.168.10.105.63631 > 192.168.10.102.http: Flags [S], seq 3459374519, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
15:35:29.335909 IP 192.168.10.102.51270 > 192.168.10.1.domain: 50623+ PTR? 103.10.168.192.in-addr.arpa. (45)
15:35:29.343300 IP 192.168.10.1.domain > 192.168.10.102.51270: 50623 NXDomain* 0/1/0 (95)
15:35:29.593550 IP 192.168.10.105.netbios-dgm > 192.168.10.255.netbios-dgm: NBT UDP PACKET(138)
15:35:30.345378 IP 192.168.10.102.58188 > 192.168.10.1.domain: 60091+ PTR? 255.10.168.192.in-addr.arpa. (45)
15:35:30.352597 IP 192.168.10.1.domain > 192.168.10.102.58188: 60091 NXDomain* 0/1/0 (95)
15:35:31.337113 ARP, Request who-has 192.168.10.102 tell 192.168.10.1, length 28
NOTE
While restarting the MAC computer for a couple of seconds I am able to access the localhost server with IP from the other computer...
Also the MAC has installed Symanctec End Point Protection which I cannot find a way to disable it even I have sudo permissions.
Any ideas?
After loosing almost 1 day and a half I found that Endpoint Security of Symantec blocked incomming connections. I came across this script that saved my days (disables service):
https://gist.github.com/phoob/671e65332c86682d5674
Also this is valid:
https://gist.github.com/bubenkoff/4043130
Hope helps some one other.

Linux USB Enumeration and uevents

I read an article at http://www.technovelty.org/code/linux/plugging-in-usb.html. Its just very good.
In which function exactly the enumeration of a connected device is done by host and in which function uevent is sent ?
I introduced printks in usb_new_device etc functions and If i use "udevadm monitor --kernel", it is showing the kernel events even before the enumeration function which is called in usb_new_device in hub.c ?
Log follows
[ 110.819399] 123456 hub_irq
[ 110.824952] 123456 hub_port_connect_change
[ 110.979624] 123456 hub_port_init
[ 111.059625] usb 2-1.2: new high speed USB device using fsl-ehci and address 3
[ 111.189722] 123456 usb_new_device
[ 111.196219] usb 2-1.2: New USB device found, idVendor=05ac, idProduct=12a0
[ 111.203113] usb 2-1.2: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 111.210438] usb 2-1.2: Product: iPhone
[ 111.214196] usb 2-1.2: Manufacturer: Apple Inc.
[ 111.218728] usb 2-1.2: SerialNumber: 9356b662a93170509226069e5adf53f2351d774e
KERNEL[110.940183] add /devices/platform/fsl-ehci.1/usb2/2-1/2-1.2 (usb)
Check the timestamps though udevadm out put is at the end(udevadm runs in user space) its actuallt got the event at [ 110.940183] where as usb_new_device was called at [ 111.189722]
I am almost Linux kernel illiterate, so not 100% sure of this info..but managed to trace the USB init with the help of http://www.cs.fsu.edu/~baker/devices/lxr/http/find?v=2.6.11.8
Here is the flow of USB Host code (Please correct me if this is wrong), on Linux 2.6.11.8 kernel
usb_init() // invoked in ../core/usb.c it initializes host, major, usbfs and usb_hub
usb_hub_init() // in core/hub.c it creates a kernel thread hub_thread()
hub_thread() // in core/hub.c
hub_events() // next this if called
hub_port_connect_change() // then this..

Resources