search

immortalwrt / immortalwrt

An opensource OpenWrt variant for mainland China users.
https://downloads.immortalwrt.org
Other
6.12k stars 1.73k forks source link

BPI-R4 硬件流量分载无效 #1353

Closed yuban10703 closed 2 months ago

yuban10703 commented 3 months ago

Describe the bug

防火墙的硬件流量分载好像是默认启用的,但是好像并没有生效(测速时占用CPU),ppe的bind里也没有连接

root@ImmortalWrt:~# cat /sys/kernel/debug/ppe*/bind
root@ImmortalWrt:~#

在openwrt的main分支上硬件流量分载是生效的,测速时无CPU占用,bind里也有连接

root@OpenWrt:~# cat /sys/kernel/debug/ppe*/bind
007e0 BND IPv4 5T orig=10.1.1.136:5653->101.95.52.102:80 new=222.67.134.24:5653->101.95.52.102:80 eth=0a:d5:17:47:e9:f4->d0:d0:4b:06:ec:cd etype=6488 vlan=0,0 ib1=205200ca ib2=00f09f0e packets=19640 bytes=1193136
007e4 BND IPv4 5T orig=10.1.1.136:5652->101.95.52.102:80 new=222.67.134.24:5652->101.95.52.102:80 eth=0a:d5:17:47:e9:f4->d0:d0:4b:06:ec:cd etype=6488 vlan=0,0 ib1=205200ca ib2=00f09f0e packets=20017 bytes=1212592
00fe8 BND IPv4 5T orig=10.1.1.136:5655->101.95.52.102:80 new=222.67.134.24:5655->101.95.52.102:80 eth=0a:d5:17:47:e9:f4->d0:d0:4b:06:ec:cd etype=6488 vlan=0,0 ib1=205200ca ib2=00f09f0e packets=10299 bytes=619202
00fec BND IPv4 5T orig=10.1.1.136:5654->101.95.52.102:80 new=222.67.134.24:5654->101.95.52.102:80 eth=0a:d5:17:47:e9:f4->d0:d0:4b:06:ec:cd etype=6488 vlan=0,0 ib1=205200ca ib2=00f09f0e packets=13238 bytes=795952
017d0 BND IPv4 5T orig=10.1.1.136:5657->101.95.52.102:80 new=222.67.134.24:5657->101.95.52.102:80 eth=0a:d5:17:47:e9:f4->d0:d0:4b:06:ec:cd etype=6488 vlan=0,0 ib1=205200ca ib2=00f09f0e packets=15570 bytes=939172
017d4 BND IPv4 5T orig=10.1.1.136:5656->101.95.52.102:80 new=222.67.134.24:5656->101.95.52.102:80 eth=0a:d5:17:47:e9:f4->d0:d0:4b:06:ec:cd etype=6488 vlan=0,0 ib1=205200ca ib2=00f09f0e packets=18515 bytes=1121690
00198 BND IPv4 5T orig=101.95.52.102:80->222.67.134.24:5655 new=101.95.52.102:80->10.1.1.136:5655 eth=0a:d5:17:47:e9:f3->8c:0e:60:67:9f:3a etype=0008 vlan=0,0 ib1=205000ca ib2=00f08501 packets=43381 bytes=65678834
0019c BND IPv4 5T orig=101.95.52.102:80->222.67.134.24:5654 new=101.95.52.102:80->10.1.1.136:5654 eth=0a:d5:17:47:e9:f3->8c:0e:60:67:9f:3a etype=0008 vlan=0,0 ib1=205000ca ib2=00f08501 packets=56421 bytes=85421394
00990 BND IPv4 5T orig=101.95.52.102:80->222.67.134.24:5653 new=101.95.52.102:80->10.1.1.136:5653 eth=0a:d5:17:47:e9:f3->8c:0e:60:67:9f:3a etype=0008 vlan=0,0 ib1=205000ca ib2=00f08501 packets=111697 bytes=169105162
00994 BND IPv4 5T orig=101.95.52.102:80->222.67.134.24:5652 new=101.95.52.102:80->10.1.1.136:5652 eth=0a:d5:17:47:e9:f3->8c:0e:60:67:9f:3a etype=0008 vlan=0,0 ib1=205000ca ib2=00f08501 packets=106872 bytes=161804208
019a0 BND IPv4 5T orig=101.95.52.102:80->222.67.134.24:5657 new=101.95.52.102:80->10.1.1.136:5657 eth=0a:d5:17:47:e9:f3->8c:0e:60:67:9f:3a etype=0008 vlan=0,0 ib1=205000ca ib2=00f08501 packets=80560 bytes=121967624
019a4 BND IPv4 5T orig=101.95.52.102:80->222.67.134.24:5656 new=101.95.52.102:80->10.1.1.136:5656 eth=0a:d5:17:47:e9:f3->8c:0e:60:67:9f:3a etype=0008 vlan=0,0 ib1=205000ca ib2=00f08501 packets=89388 bytes=135333432
root@OpenWrt:~#

是imm没支持硬件流量分载么

ImmortalWrt version

r0-dd4624e

ImmortalWrt release

SNAPSHOT

ImmortalWrt target/subtarget

mediatek/filogic

Device

Bananapi BPI-R4

Image kind

Self-built image

Steps to reproduce

No response

Actual behaviour

No response

Expected behaviour

No response

Additional info

openwrt 内核日志 ``` [ 0.000000] Booting Linux on physical CPU 0x0000000000 [0x411fd090] [ 0.000000] Linux version 6.6.35 (yuban10703@ubuntu) (aarch64-openwrt-linux-musl-gcc (OpenWrt GCC 13.3.0 r0-fd085a7) 13.3.0, GNU ld (GNU Binutils) 2.42) #0 SMP Tue Jul 2 12:04:49 2024 [ 0.000000] Machine model: Bananapi BPI-R4 [ 0.000000] OF: reserved mem: 0x0000000042ff0000..0x0000000042ffffff (64 KiB) map non-reusable ramoops@42ff0000 [ 0.000000] OF: reserved mem: 0x0000000043000000..0x000000004304ffff (320 KiB) nomap non-reusable secmon@43000000 [ 0.000000] Zone ranges: [ 0.000000] DMA [mem 0x0000000040000000-0x00000000ffffffff] [ 0.000000] DMA32 empty [ 0.000000] Normal [mem 0x0000000100000000-0x000000013fffffff] [ 0.000000] Movable zone start for each node [ 0.000000] Early memory node ranges [ 0.000000] node 0: [mem 0x0000000040000000-0x0000000042ffffff] [ 0.000000] node 0: [mem 0x0000000043000000-0x000000004304ffff] [ 0.000000] node 0: [mem 0x0000000043050000-0x000000013fffffff] [ 0.000000] Initmem setup node 0 [mem 0x0000000040000000-0x000000013fffffff] [ 0.000000] psci: probing for conduit method from DT. [ 0.000000] psci: PSCIv1.1 detected in firmware. [ 0.000000] psci: Using standard PSCI v0.2 function IDs [ 0.000000] psci: MIGRATE_INFO_TYPE not supported. [ 0.000000] psci: SMC Calling Convention v1.4 [ 0.000000] percpu: Embedded 18 pages/cpu s34536 r8192 d31000 u73728 [ 0.000000] pcpu-alloc: s34536 r8192 d31000 u73728 alloc=18*4096 [ 0.000000] pcpu-alloc: [0] 0 [0] 1 [0] 2 [0] 3 [ 0.000000] Detected VIPT I-cache on CPU0 [ 0.000000] CPU features: detected: GIC system register CPU interface [ 0.000000] CPU features: detected: Spectre-BHB [ 0.000000] CPU features: kernel page table isolation disabled by kernel configuration [ 0.000000] alternatives: applying boot alternatives [ 0.000000] Kernel command line: console=ttyS0,115200n1 pci=pcie_bus_perf root=/dev/fit0 rootwait [ 0.000000] Dentry cache hash table entries: 524288 (order: 10, 4194304 bytes, linear) [ 0.000000] Inode-cache hash table entries: 262144 (order: 9, 2097152 bytes, linear) [ 0.000000] Built 1 zonelists, mobility grouping on. Total pages: 1032192 [ 0.000000] mem auto-init: stack:off, heap alloc:off, heap free:off [ 0.000000] software IO TLB: area num 4. [ 0.000000] software IO TLB: mapped [mem 0x00000000fa7b4000-0x00000000fe7b4000] (64MB) [ 0.000000] Memory: 4034368K/4194304K available (8576K kernel code, 894K rwdata, 2520K rodata, 384K init, 287K bss, 159936K reserved, 0K cma-reserved) [ 0.000000] SLUB: HWalign=64, Order=0-3, MinObjects=0, CPUs=4, Nodes=1 [ 0.000000] rcu: Hierarchical RCU implementation. [ 0.000000] Tracing variant of Tasks RCU enabled. [ 0.000000] rcu: RCU calculated value of scheduler-enlistment delay is 10 jiffies. [ 0.000000] NR_IRQS: 64, nr_irqs: 64, preallocated irqs: 0 [ 0.000000] GICv3: GIC: Using split EOI/Deactivate mode [ 0.000000] GICv3: 416 SPIs implemented [ 0.000000] GICv3: 0 Extended SPIs implemented [ 0.000000] Root IRQ handler: gic_handle_irq [ 0.000000] GICv3: GICv3 features: 16 PPIs [ 0.000000] GICv3: CPU0: found redistributor 0 region 0:0x000000000c080000 [ 0.000000] rcu: srcu_init: Setting srcu_struct sizes based on contention. [ 0.000000] arch_timer: cp15 timer(s) running at 13.00MHz (phys). [ 0.000000] clocksource: arch_sys_counter: mask: 0xffffffffffffff max_cycles: 0x2ff89eacb, max_idle_ns: 440795202429 ns [ 0.000000] sched_clock: 56 bits at 13MHz, resolution 76ns, wraps every 4398046511101ns [ 0.000058] Calibrating delay loop (skipped), value calculated using timer frequency.. 26.00 BogoMIPS (lpj=130000) [ 0.000065] pid_max: default: 32768 minimum: 301 [ 0.002159] Mount-cache hash table entries: 8192 (order: 4, 65536 bytes, linear) [ 0.002172] Mountpoint-cache hash table entries: 8192 (order: 4, 65536 bytes, linear) [ 0.003656] cacheinfo: Unable to detect cache hierarchy for CPU 0 [ 0.003946] RCU Tasks Trace: Setting shift to 2 and lim to 1 rcu_task_cb_adjust=1. [ 0.004023] rcu: Hierarchical SRCU implementation. [ 0.004025] rcu: Max phase no-delay instances is 1000. [ 0.004310] smp: Bringing up secondary CPUs ... [ 0.004524] Detected VIPT I-cache on CPU1 [ 0.004559] GICv3: CPU1: found redistributor 1 region 0:0x000000000c0a0000 [ 0.004578] CPU1: Booted secondary processor 0x0000000001 [0x411fd090] [ 0.004826] Detected VIPT I-cache on CPU2 [ 0.004847] GICv3: CPU2: found redistributor 2 region 0:0x000000000c0c0000 [ 0.004856] CPU2: Booted secondary processor 0x0000000002 [0x411fd090] [ 0.005083] Detected VIPT I-cache on CPU3 [ 0.005103] GICv3: CPU3: found redistributor 3 region 0:0x000000000c0e0000 [ 0.005113] CPU3: Booted secondary processor 0x0000000003 [0x411fd090] [ 0.005139] smp: Brought up 1 node, 4 CPUs [ 0.005143] SMP: Total of 4 processors activated. [ 0.005145] CPU features: detected: 32-bit EL0 Support [ 0.005147] CPU features: detected: CRC32 instructions [ 0.005165] spectre-bhb mitigation disabled by compile time option [ 0.005179] CPU features: emulated: Privileged Access Never (PAN) using TTBR0_EL1 switching [ 0.005182] CPU: All CPU(s) started at EL2 [ 0.005184] alternatives: applying system-wide alternatives [ 0.008211] clocksource: jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 19112604462750000 ns [ 0.008222] futex hash table entries: 1024 (order: 4, 65536 bytes, linear) [ 0.009162] pinctrl core: initialized pinctrl subsystem [ 0.009794] NET: Registered PF_NETLINK/PF_ROUTE protocol family [ 0.010324] DMA: preallocated 512 KiB GFP_KERNEL pool for atomic allocations [ 0.010426] DMA: preallocated 512 KiB GFP_KERNEL|GFP_DMA pool for atomic allocations [ 0.010519] DMA: preallocated 512 KiB GFP_KERNEL|GFP_DMA32 pool for atomic allocations [ 0.010783] thermal_sys: Registered thermal governor 'fair_share' [ 0.010785] thermal_sys: Registered thermal governor 'bang_bang' [ 0.010787] thermal_sys: Registered thermal governor 'step_wise' [ 0.010789] thermal_sys: Registered thermal governor 'user_space' [ 0.010831] ASID allocator initialised with 65536 entries [ 0.011595] pstore: Using crash dump compression: deflate [ 0.011600] printk: console [ramoops-1] enabled [ 0.011811] pstore: Registered ramoops as persistent store backend [ 0.011816] ramoops: using 0x10000@0x42ff0000, ecc: 0 [ 0.018489] Modules: 29568 pages in range for non-PLT usage [ 0.018496] Modules: 521088 pages in range for PLT usage [ 0.019303] cryptd: max_cpu_qlen set to 1000 [ 0.020868] SCSI subsystem initialized [ 0.020943] libata version 3.00 loaded. [ 0.021779] clocksource: Switched to clocksource arch_sys_counter [ 0.023500] NET: Registered PF_INET protocol family [ 0.023634] IP idents hash table entries: 65536 (order: 7, 524288 bytes, linear) [ 0.026021] tcp_listen_portaddr_hash hash table entries: 2048 (order: 3, 32768 bytes, linear) [ 0.026044] Table-perturb hash table entries: 65536 (order: 6, 262144 bytes, linear) [ 0.026053] TCP established hash table entries: 32768 (order: 6, 262144 bytes, linear) [ 0.026154] TCP bind hash table entries: 32768 (order: 8, 1048576 bytes, linear) [ 0.026564] TCP: Hash tables configured (established 32768 bind 32768) [ 0.026654] UDP hash table entries: 2048 (order: 4, 65536 bytes, linear) [ 0.026712] UDP-Lite hash table entries: 2048 (order: 4, 65536 bytes, linear) [ 0.026953] NET: Registered PF_UNIX/PF_LOCAL protocol family [ 0.026992] PCI: CLS 0 bytes, default 64 [ 0.027837] workingset: timestamp_bits=46 max_order=20 bucket_order=0 [ 0.031405] squashfs: version 4.0 (2009/01/31) Phillip Lougher [ 0.031411] jffs2: version 2.2 (NAND) (SUMMARY) (LZMA) (RTIME) (CMODE_PRIORITY) (c) 2001-2006 Red Hat, Inc. [ 0.048218] jitterentropy: Initialization failed with host not compliant with requirements: 9 [ 0.049128] mtk-xsphy soc:xphy@11e10000: failed to get ref_clk(id-1) [ 0.049651] mtk-pcie-gen3 11280000.pcie: host bridge /soc/pcie@11280000 ranges: [ 0.049669] mtk-pcie-gen3 11280000.pcie: Parsing ranges property... [ 0.049681] mtk-pcie-gen3 11280000.pcie: IO 0x0020000000..0x00201fffff -> 0x0020000000 [ 0.049694] mtk-pcie-gen3 11280000.pcie: MEM 0x0020200000..0x0027ffffff -> 0x0020200000 [ 0.049784] mtk-pcie-gen3 11290000.pcie: host bridge /soc/pcie@11290000 ranges: [ 0.049794] mtk-pcie-gen3 11290000.pcie: Parsing ranges property... [ 0.049804] mtk-pcie-gen3 11290000.pcie: IO 0x0028000000..0x00281fffff -> 0x0028000000 [ 0.049814] mtk-pcie-gen3 11290000.pcie: MEM 0x0028200000..0x002fffffff -> 0x0028200000 [ 0.049833] /soc/pcie@11290000: Failed to get clk index: 0 ret: -517 [ 0.049841] mtk-pcie-gen3 11290000.pcie: failed to get clocks [ 0.049901] mtk-pcie-gen3 11300000.pcie: host bridge /soc/pcie@11300000 ranges: [ 0.049911] mtk-pcie-gen3 11300000.pcie: Parsing ranges property... [ 0.049920] mtk-pcie-gen3 11300000.pcie: IO 0x0030000000..0x00301fffff -> 0x0030000000 [ 0.049928] mtk-pcie-gen3 11300000.pcie: MEM 0x0030200000..0x0037ffffff -> 0x0030200000 [ 0.049945] /soc/pcie@11300000: Failed to get clk index: 0 ret: -517 [ 0.049953] mtk-pcie-gen3 11300000.pcie: failed to get clocks [ 0.050025] mtk-pcie-gen3 11310000.pcie: host bridge /soc/pcie@11310000 ranges: [ 0.050035] mtk-pcie-gen3 11310000.pcie: Parsing ranges property... [ 0.050044] mtk-pcie-gen3 11310000.pcie: IO 0x0038000000..0x00381fffff -> 0x0038000000 [ 0.050052] mtk-pcie-gen3 11310000.pcie: MEM 0x0038200000..0x003fffffff -> 0x0038200000 [ 0.050068] /soc/pcie@11310000: Failed to get clk index: 0 ret: -517 [ 0.050075] mtk-pcie-gen3 11310000.pcie: failed to get clocks [ 0.054540] Serial: 8250/16550 driver, 3 ports, IRQ sharing disabled [ 0.055328] printk: console [ttyS0] disabled [ 0.075606] 11000000.serial: ttyS0 at MMIO 0x11000000 (irq = 99, base_baud = 2500000) is a ST16650V2 [ 0.075642] printk: console [ttyS0] enabled [ 0.990796] 11000100.serial: ttyS1 at MMIO 0x11000100 (irq = 100, base_baud = 2500000) is a ST16650V2 [ 1.020654] 11000200.serial: ttyS2 at MMIO 0x11000200 (irq = 101, base_baud = 2500000) is a ST16650V2 [ 1.032538] loop: module loaded [ 1.036912] spi-nand spi0.0: Winbond SPI NAND was found. [ 1.042246] spi-nand spi0.0: 128 MiB, block size: 128 KiB, page size: 2048, OOB size: 64 [ 1.050489] 2 fixed-partitions partitions found on MTD device spi0.0 [ 1.056876] OF: Bad cell count for /soc/spi@11007000/spi_nand@0/partitions [ 1.063752] OF: Bad cell count for /soc/spi@11007000/spi_nand@0/partitions [ 1.070737] Creating 2 MTD partitions on "spi0.0": [ 1.075524] 0x000000000000-0x000000200000 : "bl2" [ 1.081623] 0x000000200000-0x000008000000 : "ubi" [ 1.158853] ubi0: default fastmap pool size: 50 [ 1.163398] ubi0: default fastmap WL pool size: 25 [ 1.168178] ubi0: attaching mtd1 [ 1.992493] ubi0: scanning is finished [ 2.006076] ubi0: attached mtd1 (name "ubi", size 126 MiB) [ 2.011561] ubi0: PEB size: 131072 bytes (128 KiB), LEB size: 126976 bytes [ 2.018430] ubi0: min./max. I/O unit sizes: 2048/2048, sub-page size 2048 [ 2.025208] ubi0: VID header offset: 2048 (aligned 2048), data offset: 4096 [ 2.032159] ubi0: good PEBs: 1008, bad PEBs: 0, corrupted PEBs: 0 [ 2.038240] ubi0: user volume: 7, internal volumes: 1, max. volumes count: 128 [ 2.045451] ubi0: max/mean erase counter: 2/1, WL threshold: 4096, image sequence number: 0 [ 2.053788] ubi0: available PEBs: 0, total reserved PEBs: 1008, PEBs reserved for bad PEB handling: 20 [ 2.063087] ubi0: background thread "ubi_bgt0d" started, PID 241 [ 2.063167] OF: Bad cell count for /soc/spi@11007000/spi_nand@0/partitions [ 2.076036] OF: Bad cell count for /soc/spi@11007000/spi_nand@0/partitions [ 2.084573] block ubiblock0_4: created from ubi0:4(fit) [ 2.223193] i2c_dev: i2c /dev entries driver [ 2.230452] mtk-wdt 1001c000.watchdog: Watchdog enabled (timeout=31 sec, nowayout=0) [ 2.238533] mtk-cpufreq mtk-cpufreq: failed to initialize dvfs info for cpu0 [ 2.246056] mtk-msdc 11230000.mmc: Got CD GPIO [ 2.246214] NET: Registered PF_INET6 protocol family [ 2.255864] Segment Routing with IPv6 [ 2.259531] In-situ OAM (IOAM) with IPv6 [ 2.263526] NET: Registered PF_PACKET protocol family [ 2.268644] 8021q: 802.1Q VLAN Support v1.8 [ 2.285388] phy phy-soc:xphy@11e10000.3: type_sw - reg 0x218, index 0 [ 2.292628] mtk-pcie-gen3 11280000.pcie: host bridge /soc/pcie@11280000 ranges: [ 2.299943] mtk-pcie-gen3 11280000.pcie: Parsing ranges property... [ 2.306221] mtk-pcie-gen3 11280000.pcie: IO 0x0020000000..0x00201fffff -> 0x0020000000 [ 2.314655] mtk-pcie-gen3 11280000.pcie: MEM 0x0020200000..0x0027ffffff -> 0x0020200000 [ 2.346652] mmc0: host does not support reading read-only switch, assuming write-enable [ 2.356522] mmc0: new high speed SDXC card at address 59b4 [ 2.362611] mmcblk0: mmc0:59b4 SDU1 58.2 GiB [ 2.370247] Alternate GPT is invalid, using primary GPT. [ 2.376097] mmcblk0: p1 p2 p3 p4 p5 p6 p7 [ 2.671788] mtk-pcie-gen3 11280000.pcie: PCIe link down, current LTSSM state: polling.compliance (0x3000003) [ 2.681633] mtk-pcie-gen3: probe of 11280000.pcie failed with error -110 [ 2.688675] mtk-pcie-gen3 11290000.pcie: host bridge /soc/pcie@11290000 ranges: [ 2.695990] mtk-pcie-gen3 11290000.pcie: Parsing ranges property... [ 2.702257] mtk-pcie-gen3 11290000.pcie: IO 0x0028000000..0x00281fffff -> 0x0028000000 [ 2.710687] mtk-pcie-gen3 11290000.pcie: MEM 0x0028200000..0x002fffffff -> 0x0028200000 [ 3.051786] mtk-pcie-gen3 11290000.pcie: PCIe link down, current LTSSM state: detect.quiet (0x1) [ 3.060567] mtk-pcie-gen3: probe of 11290000.pcie failed with error -110 [ 3.067437] mtk-pcie-gen3 11300000.pcie: host bridge /soc/pcie@11300000 ranges: [ 3.074750] mtk-pcie-gen3 11300000.pcie: Parsing ranges property... [ 3.081010] mtk-pcie-gen3 11300000.pcie: IO 0x0030000000..0x00301fffff -> 0x0030000000 [ 3.089443] mtk-pcie-gen3 11300000.pcie: MEM 0x0030200000..0x0037ffffff -> 0x0030200000 [ 3.431787] mtk-pcie-gen3 11300000.pcie: PCIe link down, current LTSSM state: detect.quiet (0x1) [ 3.440567] mtk-pcie-gen3: probe of 11300000.pcie failed with error -110 [ 3.447429] mtk-pcie-gen3 11310000.pcie: host bridge /soc/pcie@11310000 ranges: [ 3.454739] mtk-pcie-gen3 11310000.pcie: Parsing ranges property... [ 3.460999] mtk-pcie-gen3 11310000.pcie: IO 0x0038000000..0x00381fffff -> 0x0038000000 [ 3.469431] mtk-pcie-gen3 11310000.pcie: MEM 0x0038200000..0x003fffffff -> 0x0038200000 [ 3.811788] mtk-pcie-gen3 11310000.pcie: PCIe link down, current LTSSM state: detect.quiet (0x1) [ 3.820567] mtk-pcie-gen3: probe of 11310000.pcie failed with error -110 [ 3.828007] FIT: Detected U-Boot 2024.01-OpenWrt-r0-fd085a7 [ 3.833581] FIT: Selected configuration: "config-mt7988a-bananapi-bpi-r4" (OpenWrt bananapi_bpi-r4) [ 3.842624] FIT: kernel sub-image 0x00001000..0x0056a91b "kernel-1" (ARM64 OpenWrt Linux-6.6.35) [ 3.852358] FIT: flat_dt sub-image 0x0056b000..0x00575921 "fdt-1" (ARM64 OpenWrt bananapi_bpi-r4 device tree blob) [ 3.863569] FIT: flat_dt sub-image 0x00576000..0x00576611 "fdt-mt7988a-bananapi-bpi-r4-emmc" (ARM64 OpenWrt bananapi_bpi-r4 device tree overlay mt7988a-bananapi-bpi-r4-emmc) [ 3.879898] FIT: flat_dt sub-image 0x00577000..0x0057711c "fdt-mt7988a-bananapi-bpi-r4-rtc" (ARM64 OpenWrt bananapi_bpi-r4 device tree overlay mt7988a-bananapi-bpi-r4-rtc) [ 3.896055] FIT: flat_dt sub-image 0x00578000..0x005785c9 "fdt-mt7988a-bananapi-bpi-r4-sd" (ARM64 OpenWrt bananapi_bpi-r4 device tree overlay mt7988a-bananapi-bpi-r4-sd) [ 3.912037] FIT: flat_dt sub-image 0x00579000..0x005798f0 "fdt-mt7988a-bananapi-bpi-r4-wifi-mt7996a" (ARM64 OpenWrt bananapi_bpi-r4 device tree overlay mt7988a-bananapi-bpi-r4-wifi-mt7996a) [ 3.929752] FIT: filesystem sub-image 0x0057a000..0x02ce0fff "rootfs-1" (ARM64 OpenWrt bananapi_bpi-r4 rootfs) [ 3.940586] block mmcblk0p7: mapped 1 uImage.FIT filesystem sub-image as /dev/fit0 [ 3.948340] block mmcblk0p7: mapped remaining space as /dev/fitrw [ 4.083286] mtk_soc_eth 15100000.ethernet: generated random MAC address 65:74:68:25:64:00 [ 4.094075] mtk_soc_eth 15100000.ethernet eth0: mediatek frame engine at 0xffffffc082580000, irq 103 [ 4.103744] mtk_soc_eth 15100000.ethernet eth1: mediatek frame engine at 0xffffffc082580000, irq 103 [ 4.113430] mtk_soc_eth 15100000.ethernet eth2: mediatek frame engine at 0xffffffc082580000, irq 103 [ 4.206467] mt7530-mmio 15020000.switch: configuring for fixed/internal link mode [ 4.213990] mt7530-mmio 15020000.switch: Link is Up - 10Gbps/Full - flow control rx/tx [ 4.238275] mt7530-mmio 15020000.switch wan (uninitialized): PHY [mt7530-0:00] driver [MediaTek MT7988 PHY] (irq=112) [ 4.273553] mt7530-mmio 15020000.switch lan1 (uninitialized): PHY [mt7530-0:01] driver [MediaTek MT7988 PHY] (irq=113) [ 4.309422] mt7530-mmio 15020000.switch lan2 (uninitialized): PHY [mt7530-0:02] driver [MediaTek MT7988 PHY] (irq=114) [ 4.345278] mt7530-mmio 15020000.switch lan3 (uninitialized): PHY [mt7530-0:03] driver [MediaTek MT7988 PHY] (irq=115) [ 4.356268] mtk_soc_eth 15100000.ethernet eth0: entered promiscuous mode [ 4.362980] DSA: tree 0 setup [ 4.366189] clk: Disabling unused clocks [ 4.374682] VFS: Mounted root (squashfs filesystem) readonly on device 259:0. [ 4.381918] Freeing unused kernel memory: 384K [ 4.386397] Run /sbin/init as init process [ 4.390482] with arguments: [ 4.393442] /sbin/init [ 4.396138] with environment: [ 4.399267] HOME=/ [ 4.401616] TERM=linux [ 4.534982] init: Console is alive [ 4.538463] init: - watchdog - [ 4.879828] kmodloader: loading kernel modules from /etc/modules-boot.d/* [ 4.897563] usbcore: registered new interface driver usbfs [ 4.903095] usbcore: registered new interface driver hub [ 4.908423] usbcore: registered new device driver usb [ 4.913994] gpio_button_hotplug: loading out-of-tree module taints kernel. [ 4.923855] xhci-mtk 11200000.usb: supply vbus not found, using dummy regulator [ 4.931238] xhci-mtk 11200000.usb: supply vusb33 not found, using dummy regulator [ 4.939161] xhci-mtk 11200000.usb: xHCI Host Controller [ 4.944481] xhci-mtk 11200000.usb: new USB bus registered, assigned bus number 1 [ 4.954920] xhci-mtk 11200000.usb: hcc params 0x01403f99 hci version 0x110 quirks 0x0000000000200010 [ 4.964079] xhci-mtk 11200000.usb: irq 116, io mem 0x11200000 [ 4.969883] xhci-mtk 11200000.usb: xHCI Host Controller [ 4.975128] xhci-mtk 11200000.usb: new USB bus registered, assigned bus number 2 [ 4.982518] xhci-mtk 11200000.usb: Host supports USB 3.2 Enhanced SuperSpeed [ 4.989844] hub 1-0:1.0: USB hub found [ 4.993611] hub 1-0:1.0: 1 port detected [ 4.997709] usb usb2: We don't know the algorithms for LPM for this host, disabling LPM. [ 5.005999] hub 2-0:1.0: USB hub found [ 5.009756] hub 2-0:1.0: 1 port detected [ 5.016120] kmodloader: done loading kernel modules from /etc/modules-boot.d/* [ 5.024746] init: - preinit - [ 5.360139] mtk_soc_eth 15100000.ethernet eth0: configuring for fixed/internal link mode [ 5.368323] mtk_soc_eth 15100000.ethernet eth0: Link is Up - 10Gbps/Full - flow control rx/tx [ 5.378375] mt7530-mmio 15020000.switch lan1: configuring for phy/internal link mode [ 5.391972] usb 2-1: new SuperSpeed USB device number 2 using xhci-mtk [ 5.424483] hub 2-1:1.0: USB hub found [ 5.428387] hub 2-1:1.0: 4 ports detected [ 5.571780] usb 1-1: new high-speed USB device number 2 using xhci-mtk [ 5.754036] hub 1-1:1.0: USB hub found [ 5.757957] hub 1-1:1.0: 5 ports detected [ 6.451807] usb 1-1.5: new high-speed USB device number 3 using xhci-mtk [ 6.561788] random: crng init done [ 7.748569] F2FS-fs (fitrw): Disable nat_bits due to incorrect cp_ver (13171852707645217961, 16244739690097663111) [ 7.762730] F2FS-fs (fitrw): Mounted with checkpoint version = 8f5dca9 [ 7.771169] mount_root: switching to f2fs overlay [ 7.778895] overlayfs: null uuid detected in lower fs '/', falling back to xino=off,index=off,nfs_export=off. [ 7.790279] urandom-seed: Seed file not found (/etc/urandom.seed) [ 7.830274] procd: - early - [ 7.833208] procd: - watchdog - [ 8.361005] procd: - watchdog - [ 8.364986] procd: - ubus - [ 8.521163] procd: - init - [ 8.712574] kmodloader: loading kernel modules from /etc/modules.d/* [ 8.730242] tun: Universal TUN/TAP device driver, 1.6 [ 8.747492] pca954x 1-0070: supply vdd not found, using dummy regulator [ 8.754807] i2c i2c-1: Added multiplexed i2c bus 2 [ 8.759690] i2c i2c-1: Added multiplexed i2c bus 3 [ 8.764608] i2c i2c-1: Added multiplexed i2c bus 4 [ 8.769468] i2c i2c-1: Added multiplexed i2c bus 5 [ 8.774257] pca954x 1-0070: registered 4 multiplexed busses for I2C switch pca9545 [ 8.779580] urngd: v1.0.2 started. [ 8.786494] GACT probability on [ 8.789999] Mirror/redirect action on [ 8.795684] u32 classifier [ 8.798394] input device check on [ 8.802078] Actions configured [ 8.808501] crypto-safexcel 15600000.crypto: can't request region for resource [mem 0x15600000-0x1577ffff] [ 8.818166] crypto-safexcel 15600000.crypto: failed to get resource [ 8.824424] crypto-safexcel: probe of 15600000.crypto failed with error -16 [ 8.836545] at24 2-0050: supply vcc not found, using dummy regulator [ 8.873633] at24 2-0057: supply vcc not found, using dummy regulator [ 8.880571] at24 2-0057: 256 byte 24c02 EEPROM, writable, 1 bytes/write [ 8.887767] Loading modules backported from Linux version v6.6.15-0-g51f354b815c4 [ 8.895249] Backport generated by backports.git 193becf2 [ 8.913001] sfp sfp1: Host maximum power 3.0W [ 8.917868] sfp sfp2: Host maximum power 3.0W [ 8.928039] xt_time: kernel timezone is -0000 [ 8.961503] PPP generic driver version 2.4.2 [ 8.966296] NET: Registered PF_PPPOX protocol family [ 8.972533] wireguard: WireGuard 1.0.0 loaded. See www.wireguard.com for information. [ 8.980360] wireguard: Copyright (C) 2015-2019 Jason A. Donenfeld . All Rights Reserved. [ 8.994376] kmodloader: done loading kernel modules from /etc/modules.d/* [ 9.233267] sfp sfp1: module OEM SFP-2G5 rev 1.0 sn 2G522112324218 dc 220801 [ 9.242781] mtk_soc_eth 15100000.ethernet eth2: switched to inband/2500base-x link mode [ 9.262204] sfp sfp2: module OEM ZX-10GSFPP0.5M30 rev 03 sn 2403290029 dc 240329 [ 9.271636] mtk_soc_eth 15100000.ethernet eth1: switched to inband/10gbase-r link mode [ 11.054189] mtk_soc_eth 15100000.ethernet eth0: Link is Down [ 11.074475] mtk_soc_eth 15100000.ethernet eth0: configuring for fixed/internal link mode [ 11.082675] mtk_soc_eth 15100000.ethernet eth0: Link is Up - 10Gbps/Full - flow control rx/tx [ 11.084620] mt7530-mmio 15020000.switch lan1: configuring for phy/internal link mode [ 11.099651] br-lan: port 1(lan1) entered blocking state [ 11.104922] br-lan: port 1(lan1) entered disabled state [ 11.110178] mt7530-mmio 15020000.switch lan1: entered allmulticast mode [ 11.116810] mtk_soc_eth 15100000.ethernet eth0: entered allmulticast mode [ 11.123801] mt7530-mmio 15020000.switch lan1: entered promiscuous mode [ 11.136579] mt7530-mmio 15020000.switch lan2: configuring for phy/internal link mode [ 11.148083] br-lan: port 2(lan2) entered blocking state [ 11.153352] br-lan: port 2(lan2) entered disabled state [ 11.158604] mt7530-mmio 15020000.switch lan2: entered allmulticast mode [ 11.165428] mt7530-mmio 15020000.switch lan2: entered promiscuous mode [ 11.174508] mt7530-mmio 15020000.switch lan3: configuring for phy/internal link mode [ 11.183025] br-lan: port 3(lan3) entered blocking state [ 11.188261] br-lan: port 3(lan3) entered disabled state [ 11.193542] mt7530-mmio 15020000.switch lan3: entered allmulticast mode [ 11.200610] mt7530-mmio 15020000.switch lan3: entered promiscuous mode [ 11.208924] mtk_soc_eth 15100000.ethernet eth1: configuring for inband/10gbase-r link mode [ 11.230966] br-lan: port 4(eth1) entered blocking state [ 11.236238] br-lan: port 4(eth1) entered disabled state [ 11.241480] mtk_soc_eth 15100000.ethernet eth1: entered allmulticast mode [ 11.248375] mtk_soc_eth 15100000.ethernet eth1: entered promiscuous mode [ 11.255888] mtk_soc_eth 15100000.ethernet eth2: configuring for inband/2500base-x link mode [ 11.314399] mtk_soc_eth 15100000.ethernet eth1: Link is Up - 10Gbps/Full - flow control off [ 11.323094] br-lan: port 4(eth1) entered blocking state [ 11.328323] br-lan: port 4(eth1) entered forwarding state [ 15.444068] mtk_soc_eth 15100000.ethernet eth2: Link is Up - 2.5Gbps/Full - flow control off ```
immortalwrt内核日志 ``` [ 0.000000] Booting Linux on physical CPU 0x0000000000 [0x411fd090] [ 0.000000] Linux version 6.6.35 (yuban10703@ubuntu) (aarch64-openwrt-linux-musl-gcc (OpenWrt GCC 13.3.0 r0-dd4624e) 13.3.0, GNU ld (GNU Binutils) 2.42) #0 SMP Tue Jul 2 07:42:18 2024 [ 0.000000] Machine model: Bananapi BPI-R4 [ 0.000000] OF: reserved mem: 0x0000000042ff0000..0x0000000042ffffff (64 KiB) map non-reusable ramoops@42ff0000 [ 0.000000] OF: reserved mem: 0x0000000043000000..0x000000004304ffff (320 KiB) nomap non-reusable secmon@43000000 [ 0.000000] Zone ranges: [ 0.000000] DMA [mem 0x0000000040000000-0x00000000ffffffff] [ 0.000000] DMA32 empty [ 0.000000] Normal [mem 0x0000000100000000-0x000000013fffffff] [ 0.000000] Movable zone start for each node [ 0.000000] Early memory node ranges [ 0.000000] node 0: [mem 0x0000000040000000-0x0000000042ffffff] [ 0.000000] node 0: [mem 0x0000000043000000-0x000000004304ffff] [ 0.000000] node 0: [mem 0x0000000043050000-0x000000013fffffff] [ 0.000000] Initmem setup node 0 [mem 0x0000000040000000-0x000000013fffffff] [ 0.000000] psci: probing for conduit method from DT. [ 0.000000] psci: PSCIv1.1 detected in firmware. [ 0.000000] psci: Using standard PSCI v0.2 function IDs [ 0.000000] psci: MIGRATE_INFO_TYPE not supported. [ 0.000000] psci: SMC Calling Convention v1.4 [ 0.000000] percpu: Embedded 18 pages/cpu s34536 r8192 d31000 u73728 [ 0.000000] pcpu-alloc: s34536 r8192 d31000 u73728 alloc=18*4096 [ 0.000000] pcpu-alloc: [0] 0 [0] 1 [0] 2 [0] 3 [ 0.000000] Detected VIPT I-cache on CPU0 [ 0.000000] CPU features: detected: GIC system register CPU interface [ 0.000000] CPU features: detected: Spectre-BHB [ 0.000000] CPU features: kernel page table isolation disabled by kernel configuration [ 0.000000] alternatives: applying boot alternatives [ 0.000000] Kernel command line: console=ttyS0,115200n1 pci=pcie_bus_perf root=/dev/fit0 rootwait [ 0.000000] Dentry cache hash table entries: 524288 (order: 10, 4194304 bytes, linear) [ 0.000000] Inode-cache hash table entries: 262144 (order: 9, 2097152 bytes, linear) [ 0.000000] Built 1 zonelists, mobility grouping on. Total pages: 1032192 [ 0.000000] mem auto-init: stack:off, heap alloc:off, heap free:off [ 0.000000] software IO TLB: area num 4. [ 0.000000] software IO TLB: mapped [mem 0x00000000fa7b4000-0x00000000fe7b4000] (64MB) [ 0.000000] Memory: 4034432K/4194304K available (8512K kernel code, 894K rwdata, 2508K rodata, 384K init, 287K bss, 159872K reserved, 0K cma-reserved) [ 0.000000] SLUB: HWalign=64, Order=0-3, MinObjects=0, CPUs=4, Nodes=1 [ 0.000000] rcu: Hierarchical RCU implementation. [ 0.000000] Tracing variant of Tasks RCU enabled. [ 0.000000] rcu: RCU calculated value of scheduler-enlistment delay is 10 jiffies. [ 0.000000] NR_IRQS: 64, nr_irqs: 64, preallocated irqs: 0 [ 0.000000] GICv3: GIC: Using split EOI/Deactivate mode [ 0.000000] GICv3: 416 SPIs implemented [ 0.000000] GICv3: 0 Extended SPIs implemented [ 0.000000] Root IRQ handler: gic_handle_irq [ 0.000000] GICv3: GICv3 features: 16 PPIs [ 0.000000] GICv3: CPU0: found redistributor 0 region 0:0x000000000c080000 [ 0.000000] rcu: srcu_init: Setting srcu_struct sizes based on contention. [ 0.000000] arch_timer: cp15 timer(s) running at 13.00MHz (phys). [ 0.000000] clocksource: arch_sys_counter: mask: 0xffffffffffffff max_cycles: 0x2ff89eacb, max_idle_ns: 440795202429 ns [ 0.000000] sched_clock: 56 bits at 13MHz, resolution 76ns, wraps every 4398046511101ns [ 0.000056] Calibrating delay loop (skipped), value calculated using timer frequency.. 26.00 BogoMIPS (lpj=130000) [ 0.000063] pid_max: default: 32768 minimum: 301 [ 0.002167] Mount-cache hash table entries: 8192 (order: 4, 65536 bytes, linear) [ 0.002180] Mountpoint-cache hash table entries: 8192 (order: 4, 65536 bytes, linear) [ 0.003672] cacheinfo: Unable to detect cache hierarchy for CPU 0 [ 0.003948] RCU Tasks Trace: Setting shift to 2 and lim to 1 rcu_task_cb_adjust=1. [ 0.004027] rcu: Hierarchical SRCU implementation. [ 0.004029] rcu: Max phase no-delay instances is 1000. [ 0.004305] smp: Bringing up secondary CPUs ... [ 0.004516] Detected VIPT I-cache on CPU1 [ 0.004550] GICv3: CPU1: found redistributor 1 region 0:0x000000000c0a0000 [ 0.004570] CPU1: Booted secondary processor 0x0000000001 [0x411fd090] [ 0.004813] Detected VIPT I-cache on CPU2 [ 0.004833] GICv3: CPU2: found redistributor 2 region 0:0x000000000c0c0000 [ 0.004843] CPU2: Booted secondary processor 0x0000000002 [0x411fd090] [ 0.005069] Detected VIPT I-cache on CPU3 [ 0.005089] GICv3: CPU3: found redistributor 3 region 0:0x000000000c0e0000 [ 0.005099] CPU3: Booted secondary processor 0x0000000003 [0x411fd090] [ 0.005128] smp: Brought up 1 node, 4 CPUs [ 0.005132] SMP: Total of 4 processors activated. [ 0.005134] CPU features: detected: 32-bit EL0 Support [ 0.005136] CPU features: detected: CRC32 instructions [ 0.005153] spectre-bhb mitigation disabled by compile time option [ 0.005153] spectre-bhb mitigation disabled by compile time option [ 0.005166] CPU features: emulated: Privileged Access Never (PAN) using TTBR0_EL1 switching [ 0.005169] CPU: All CPU(s) started at EL2 [ 0.005171] alternatives: applying system-wide alternatives [ 0.008266] clocksource: jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 19112604462750000 ns [ 0.008278] futex hash table entries: 1024 (order: 4, 65536 bytes, linear) [ 0.009233] pinctrl core: initialized pinctrl subsystem [ 0.009911] NET: Registered PF_NETLINK/PF_ROUTE protocol family [ 0.010216] DMA: preallocated 512 KiB GFP_KERNEL pool for atomic allocations [ 0.010317] DMA: preallocated 512 KiB GFP_KERNEL|GFP_DMA pool for atomic allocations [ 0.010411] DMA: preallocated 512 KiB GFP_KERNEL|GFP_DMA32 pool for atomic allocations [ 0.010672] thermal_sys: Registered thermal governor 'fair_share' [ 0.010674] thermal_sys: Registered thermal governor 'bang_bang' [ 0.010676] thermal_sys: Registered thermal governor 'step_wise' [ 0.010678] thermal_sys: Registered thermal governor 'user_space' [ 0.010715] ASID allocator initialised with 65536 entries [ 0.011465] pstore: Using crash dump compression: deflate [ 0.011470] printk: console [ramoops-1] enabled [ 0.011689] pstore: Registered ramoops as persistent store backend [ 0.011694] ramoops: using 0x10000@0x42ff0000, ecc: 0 [ 0.018424] Modules: 29584 pages in range for non-PLT usage [ 0.018432] Modules: 521104 pages in range for PLT usage [ 0.019191] cryptd: max_cpu_qlen set to 1000 [ 0.020728] SCSI subsystem initialized [ 0.020788] libata version 3.00 loaded. [ 0.021647] clocksource: Switched to clocksource arch_sys_counter [ 0.023372] NET: Registered PF_INET protocol family [ 0.023499] IP idents hash table entries: 65536 (order: 7, 524288 bytes, linear) [ 0.025828] tcp_listen_portaddr_hash hash table entries: 2048 (order: 3, 32768 bytes, linear) [ 0.025850] Table-perturb hash table entries: 65536 (order: 6, 262144 bytes, linear) [ 0.025860] TCP established hash table entries: 32768 (order: 6, 262144 bytes, linear) [ 0.025966] TCP bind hash table entries: 32768 (order: 8, 1048576 bytes, linear) [ 0.026378] TCP: Hash tables configured (established 32768 bind 32768) [ 0.026466] UDP hash table entries: 2048 (order: 4, 65536 bytes, linear) [ 0.026523] UDP-Lite hash table entries: 2048 (order: 4, 65536 bytes, linear) [ 0.026742] NET: Registered PF_UNIX/PF_LOCAL protocol family [ 0.026788] PCI: CLS 0 bytes, default 64 [ 0.027672] workingset: timestamp_bits=46 max_order=20 bucket_order=0 [ 0.031261] squashfs: version 4.0 (2009/01/31) Phillip Lougher [ 0.031267] jffs2: version 2.2 (NAND) (SUMMARY) (LZMA) (RTIME) (CMODE_PRIORITY) (c) 2001-2006 Red Hat, Inc. [ 0.048121] jitterentropy: Initialization failed with host not compliant with requirements: 9 [ 0.049009] mtk-xsphy soc:xphy@11e10000: failed to get ref_clk(id-1) [ 0.049530] mtk-pcie-gen3 11280000.pcie: host bridge /soc/pcie@11280000 ranges: [ 0.049550] mtk-pcie-gen3 11280000.pcie: Parsing ranges property... [ 0.049560] mtk-pcie-gen3 11280000.pcie: IO 0x0020000000..0x00201fffff -> 0x0020000000 [ 0.049573] mtk-pcie-gen3 11280000.pcie: MEM 0x0020200000..0x0027ffffff -> 0x0020200000 [ 0.049662] mtk-pcie-gen3 11290000.pcie: host bridge /soc/pcie@11290000 ranges: [ 0.049673] mtk-pcie-gen3 11290000.pcie: Parsing ranges property... [ 0.049682] mtk-pcie-gen3 11290000.pcie: IO 0x0028000000..0x00281fffff -> 0x0028000000 [ 0.049692] mtk-pcie-gen3 11290000.pcie: MEM 0x0028200000..0x002fffffff -> 0x0028200000 [ 0.049710] /soc/pcie@11290000: Failed to get clk index: 0 ret: -517 [ 0.049718] mtk-pcie-gen3 11290000.pcie: failed to get clocks [ 0.049779] mtk-pcie-gen3 11300000.pcie: host bridge /soc/pcie@11300000 ranges: [ 0.049788] mtk-pcie-gen3 11300000.pcie: Parsing ranges property... [ 0.049797] mtk-pcie-gen3 11300000.pcie: IO 0x0030000000..0x00301fffff -> 0x0030000000 [ 0.049806] mtk-pcie-gen3 11300000.pcie: MEM 0x0030200000..0x0037ffffff -> 0x0030200000 [ 0.049822] /soc/pcie@11300000: Failed to get clk index: 0 ret: -517 [ 0.049829] mtk-pcie-gen3 11300000.pcie: failed to get clocks [ 0.049902] mtk-pcie-gen3 11310000.pcie: host bridge /soc/pcie@11310000 ranges: [ 0.049911] mtk-pcie-gen3 11310000.pcie: Parsing ranges property... [ 0.049920] mtk-pcie-gen3 11310000.pcie: IO 0x0038000000..0x00381fffff -> 0x0038000000 [ 0.049929] mtk-pcie-gen3 11310000.pcie: MEM 0x0038200000..0x003fffffff -> 0x0038200000 [ 0.049945] /soc/pcie@11310000: Failed to get clk index: 0 ret: -517 [ 0.049953] mtk-pcie-gen3 11310000.pcie: failed to get clocks [ 0.054378] Serial: 8250/16550 driver, 3 ports, IRQ sharing disabled [ 0.055148] printk: console [ttyS0] disabled [ 0.075430] 11000000.serial: ttyS0 at MMIO 0x11000000 (irq = 99, base_baud = 2500000) is a ST16650V2 [ 0.075466] printk: console [ttyS0] enabled [ 0.996816] 11000100.serial: ttyS1 at MMIO 0x11000100 (irq = 100, base_baud = 2500000) is a ST16650V2 [ 1.026685] 11000200.serial: ttyS2 at MMIO 0x11000200 (irq = 101, base_baud = 2500000) is a ST16650V2 [ 1.038483] loop: module loaded [ 1.042924] spi-nand spi0.0: Winbond SPI NAND was found. [ 1.048241] spi-nand spi0.0: 128 MiB, block size: 128 KiB, page size: 2048, OOB size: 64 [ 1.056483] 2 fixed-partitions partitions found on MTD device spi0.0 [ 1.062849] OF: Bad cell count for /soc/spi@11007000/spi_nand@0/partitions [ 1.069720] OF: Bad cell count for /soc/spi@11007000/spi_nand@0/partitions [ 1.076761] Creating 2 MTD partitions on "spi0.0": [ 1.081543] 0x000000000000-0x000000200000 : "bl2" [ 1.087705] 0x000000200000-0x000008000000 : "ubi" [ 1.164727] ubi0: default fastmap pool size: 50 [ 1.169257] ubi0: default fastmap WL pool size: 25 [ 1.174045] ubi0: attaching mtd1 [ 1.992096] ubi0: scanning is finished [ 2.005645] ubi0: attached mtd1 (name "ubi", size 126 MiB) [ 2.011131] ubi0: PEB size: 131072 bytes (128 KiB), LEB size: 126976 bytes [ 2.018001] ubi0: min./max. I/O unit sizes: 2048/2048, sub-page size 2048 [ 2.024778] ubi0: VID header offset: 2048 (aligned 2048), data offset: 4096 [ 2.031728] ubi0: good PEBs: 1008, bad PEBs: 0, corrupted PEBs: 0 [ 2.037808] ubi0: user volume: 7, internal volumes: 1, max. volumes count: 128 [ 2.045018] ubi0: max/mean erase counter: 2/1, WL threshold: 4096, image sequence number: 0 [ 2.053355] ubi0: available PEBs: 0, total reserved PEBs: 1008, PEBs reserved for bad PEB handling: 20 [ 2.062652] ubi0: background thread "ubi_bgt0d" started, PID 242 [ 2.062734] OF: Bad cell count for /soc/spi@11007000/spi_nand@0/partitions [ 2.075618] OF: Bad cell count for /soc/spi@11007000/spi_nand@0/partitions [ 2.084188] block ubiblock0_4: created from ubi0:4(fit) [ 2.223063] i2c_dev: i2c /dev entries driver [ 2.230306] mtk-wdt 1001c000.watchdog: Watchdog enabled (timeout=31 sec, nowayout=0) [ 2.238416] mtk-cpufreq mtk-cpufreq: failed to initialize dvfs info for cpu0 [ 2.245958] mtk-msdc 11230000.mmc: Got CD GPIO [ 2.246081] NET: Registered PF_INET6 protocol family [ 2.255841] Segment Routing with IPv6 [ 2.259508] In-situ OAM (IOAM) with IPv6 [ 2.263463] NET: Registered PF_PACKET protocol family [ 2.268553] 8021q: 802.1Q VLAN Support v1.8 [ 2.285188] phy phy-soc:xphy@11e10000.3: type_sw - reg 0x218, index 0 [ 2.292387] mtk-pcie-gen3 11280000.pcie: host bridge /soc/pcie@11280000 ranges: [ 2.299704] mtk-pcie-gen3 11280000.pcie: Parsing ranges property... [ 2.305974] mtk-pcie-gen3 11280000.pcie: IO 0x0020000000..0x00201fffff -> 0x0020000000 [ 2.314407] mtk-pcie-gen3 11280000.pcie: MEM 0x0020200000..0x0027ffffff -> 0x0020200000 [ 2.348743] mmc0: host does not support reading read-only switch, assuming write-enable [ 2.358558] mmc0: new high speed SDXC card at address 59b4 [ 2.364628] mmcblk0: mmc0:59b4 SDU1 58.2 GiB [ 2.372145] Alternate GPT is invalid, using primary GPT. [ 2.377965] mmcblk0: p1 p2 p3 p4 p5 p6 p7 [ 2.671660] mtk-pcie-gen3 11280000.pcie: PCIe link down, current LTSSM state: polling.compliance (0x3000003) [ 2.681504] mtk-pcie-gen3: probe of 11280000.pcie failed with error -110 [ 2.688537] mtk-pcie-gen3 11290000.pcie: host bridge /soc/pcie@11290000 ranges: [ 2.695855] mtk-pcie-gen3 11290000.pcie: Parsing ranges property... [ 2.702123] mtk-pcie-gen3 11290000.pcie: IO 0x0028000000..0x00281fffff -> 0x0028000000 [ 2.710554] mtk-pcie-gen3 11290000.pcie: MEM 0x0028200000..0x002fffffff -> 0x0028200000 [ 3.051660] mtk-pcie-gen3 11290000.pcie: PCIe link down, current LTSSM state: detect.quiet (0x1) [ 3.060442] mtk-pcie-gen3: probe of 11290000.pcie failed with error -110 [ 3.067319] mtk-pcie-gen3 11300000.pcie: host bridge /soc/pcie@11300000 ranges: [ 3.074632] mtk-pcie-gen3 11300000.pcie: Parsing ranges property... [ 3.080893] mtk-pcie-gen3 11300000.pcie: IO 0x0030000000..0x00301fffff -> 0x0030000000 [ 3.089327] mtk-pcie-gen3 11300000.pcie: MEM 0x0030200000..0x0037ffffff -> 0x0030200000 [ 3.431648] mtk-pcie-gen3 11300000.pcie: PCIe link down, current LTSSM state: detect.quiet (0x1) [ 3.440428] mtk-pcie-gen3: probe of 11300000.pcie failed with error -110 [ 3.447288] mtk-pcie-gen3 11310000.pcie: host bridge /soc/pcie@11310000 ranges: [ 3.454598] mtk-pcie-gen3 11310000.pcie: Parsing ranges property... [ 3.460858] mtk-pcie-gen3 11310000.pcie: IO 0x0038000000..0x00381fffff -> 0x0038000000 [ 3.469290] mtk-pcie-gen3 11310000.pcie: MEM 0x0038200000..0x003fffffff -> 0x0038200000 [ 3.811659] mtk-pcie-gen3 11310000.pcie: PCIe link down, current LTSSM state: detect.quiet (0x1) [ 3.820437] mtk-pcie-gen3: probe of 11310000.pcie failed with error -110 [ 3.827862] FIT: Detected U-Boot 2024.01-OpenWrt-r0-fd085a7 [ 3.833432] FIT: Selected configuration: "config-mt7988a-bananapi-bpi-r4" (OpenWrt bananapi_bpi-r4) [ 3.842475] FIT: kernel sub-image 0x00001000..0x00563919 "kernel-1" (ARM64 OpenWrt Linux-6.6.35) [ 3.852214] FIT: flat_dt sub-image 0x00564000..0x0056e921 "fdt-1" (ARM64 OpenWrt bananapi_bpi-r4 device tree blob) [ 3.863425] FIT: flat_dt sub-image 0x0056f000..0x0056f611 "fdt-mt7988a-bananapi-bpi-r4-emmc" (ARM64 OpenWrt bananapi_bpi-r4 device tree overlay mt7988a-bananapi-bpi-r4-emmc) [ 3.879754] FIT: flat_dt sub-image 0x00570000..0x0057011c "fdt-mt7988a-bananapi-bpi-r4-rtc" (ARM64 OpenWrt bananapi_bpi-r4 device tree overlay mt7988a-bananapi-bpi-r4-rtc) [ 3.895909] FIT: flat_dt sub-image 0x00571000..0x005715c9 "fdt-mt7988a-bananapi-bpi-r4-sd" (ARM64 OpenWrt bananapi_bpi-r4 device tree overlay mt7988a-bananapi-bpi-r4-sd) [ 3.911892] FIT: flat_dt sub-image 0x00572000..0x005728f0 "fdt-mt7988a-bananapi-bpi-r4-wifi-mt7996a" (ARM64 OpenWrt bananapi_bpi-r4 device tree overlay mt7988a-bananapi-bpi-r4-wifi-mt7996a) [ 3.929606] FIT: filesystem sub-image 0x00573000..0x00f1afff "rootfs-1" (ARM64 OpenWrt bananapi_bpi-r4 rootfs) [ 3.940442] block mmcblk0p7: mapped 1 uImage.FIT filesystem sub-image as /dev/fit0 [ 3.948181] block mmcblk0p7: mapped remaining space as /dev/fitrw [ 4.083138] mtk_soc_eth 15100000.ethernet: generated random MAC address 65:74:68:25:64:00 [ 4.093921] mtk_soc_eth 15100000.ethernet eth0: mediatek frame engine at 0xffffffc082580000, irq 103 [ 4.103595] mtk_soc_eth 15100000.ethernet eth1: mediatek frame engine at 0xffffffc082580000, irq 103 [ 4.113243] mtk_soc_eth 15100000.ethernet eth2: mediatek frame engine at 0xffffffc082580000, irq 103 [ 4.205061] mt7530-mmio 15020000.switch: configuring for fixed/internal link mode [ 4.212574] mt7530-mmio 15020000.switch: Link is Up - 10Gbps/Full - flow control rx/tx [ 4.238389] mt7530-mmio 15020000.switch wan (uninitialized): PHY [mt7530-0:00] driver [MediaTek MT7988 PHY] (irq=112) [ 4.273687] mt7530-mmio 15020000.switch lan1 (uninitialized): PHY [mt7530-0:01] driver [MediaTek MT7988 PHY] (irq=113) [ 4.310398] mt7530-mmio 15020000.switch lan2 (uninitialized): PHY [mt7530-0:02] driver [MediaTek MT7988 PHY] (irq=114) [ 4.346326] mt7530-mmio 15020000.switch lan3 (uninitialized): PHY [mt7530-0:03] driver [MediaTek MT7988 PHY] (irq=115) [ 4.357321] mtk_soc_eth 15100000.ethernet eth0: entered promiscuous mode [ 4.364036] DSA: tree 0 setup [ 4.367240] clk: Disabling unused clocks [ 4.375663] VFS: Mounted root (squashfs filesystem) readonly on device 259:0. [ 4.382916] Freeing unused kernel memory: 384K [ 4.387393] Run /sbin/init as init process [ 4.391478] with arguments: [ 4.394438] /sbin/init [ 4.397134] with environment: [ 4.400263] HOME=/ [ 4.402615] TERM=linux [ 4.530281] init: Console is alive [ 4.533784] init: - watchdog - [ 4.818399] kmodloader: loading kernel modules from /etc/modules-boot.d/* [ 4.840714] usbcore: registered new interface driver usbfs [ 4.846261] usbcore: registered new interface driver hub [ 4.851582] usbcore: registered new device driver usb [ 4.857124] gpio_button_hotplug: loading out-of-tree module taints kernel. [ 4.866935] xhci-mtk 11200000.usb: supply vbus not found, using dummy regulator [ 4.874363] xhci-mtk 11200000.usb: supply vusb33 not found, using dummy regulator [ 4.882280] xhci-mtk 11200000.usb: xHCI Host Controller [ 4.887508] xhci-mtk 11200000.usb: new USB bus registered, assigned bus number 1 [ 4.897955] xhci-mtk 11200000.usb: hcc params 0x01403f99 hci version 0x110 quirks 0x0000000000200010 [ 4.907112] xhci-mtk 11200000.usb: irq 116, io mem 0x11200000 [ 4.912926] xhci-mtk 11200000.usb: xHCI Host Controller [ 4.918142] xhci-mtk 11200000.usb: new USB bus registered, assigned bus number 2 [ 4.925530] xhci-mtk 11200000.usb: Host supports USB 3.2 Enhanced SuperSpeed [ 4.932847] hub 1-0:1.0: USB hub found [ 4.936607] hub 1-0:1.0: 1 port detected [ 4.940712] usb usb2: We don't know the algorithms for LPM for this host, disabling LPM. [ 4.948989] hub 2-0:1.0: USB hub found [ 4.952769] hub 2-0:1.0: 1 port detected [ 4.959054] kmodloader: done loading kernel modules from /etc/modules-boot.d/* [ 4.975499] init: - preinit - [ 5.194516] mtk_soc_eth 15100000.ethernet eth0: configuring for fixed/internal link mode [ 5.202662] mtk_soc_eth 15100000.ethernet eth0: Link is Up - 10Gbps/Full - flow control rx/tx [ 5.209054] mt7530-mmio 15020000.switch lan1: configuring for phy/internal link mode [ 5.401653] usb 1-1: new high-speed USB device number 2 using xhci-mtk [ 5.584287] hub 1-1:1.0: USB hub found [ 5.588169] hub 1-1:1.0: 5 ports detected [ 5.731724] usb 2-1: new SuperSpeed USB device number 2 using xhci-mtk [ 5.764247] hub 2-1:1.0: USB hub found [ 5.768163] hub 2-1:1.0: 4 ports detected [ 6.281667] usb 1-1.5: new high-speed USB device number 3 using xhci-mtk [ 6.501652] random: crng init done [ 7.317934] mount_root: overlay filesystem in /dev/fitrw has not been formatted yet [ 7.661615] F2FS-fs (fitrw): Found nat_bits in checkpoint [ 7.672736] F2FS-fs (fitrw): Mounted with checkpoint version = 8f5dc87 [ 7.679827] mount_root: overlay filesystem has not been fully initialized yet [ 7.687141] mount_root: switching to f2fs overlay [ 7.693327] overlayfs: null uuid detected in lower fs '/', falling back to xino=off,index=off,nfs_export=off. [ 7.704120] urandom-seed: Seed file not found (/etc/urandom.seed) [ 7.745659] procd: - early - [ 7.748581] procd: - watchdog - [ 8.285563] procd: - watchdog - [ 8.288974] procd: - ubus - [ 8.445147] procd: - init - [ 8.634664] kmodloader: loading kernel modules from /etc/modules.d/* [ 8.647548] NET: Registered PF_ALG protocol family [ 8.655534] sit: IPv6, IPv4 and MPLS over IPv4 tunneling driver [ 8.662914] cryptodev: driver 1.13 loaded. [ 8.679074] pca954x 1-0070: supply vdd not found, using dummy regulator [ 8.686411] i2c i2c-1: Added multiplexed i2c bus 2 [ 8.691294] i2c i2c-1: Added multiplexed i2c bus 3 [ 8.696180] i2c i2c-1: Added multiplexed i2c bus 4 [ 8.701054] i2c i2c-1: Added multiplexed i2c bus 5 [ 8.705899] pca954x 1-0070: registered 4 multiplexed busses for I2C switch pca9545 [ 8.716989] crypto-safexcel 15600000.crypto: can't request region for resource [mem 0x15600000-0x1577ffff] [ 8.726671] crypto-safexcel 15600000.crypto: failed to get resource [ 8.732935] crypto-safexcel: probe of 15600000.crypto failed with error -16 [ 8.743459] at24 2-0050: supply vcc not found, using dummy regulator [ 8.748427] urngd: v1.0.2 started. [ 8.773737] at24 2-0057: supply vcc not found, using dummy regulator [ 8.780681] at24 2-0057: 256 byte 24c02 EEPROM, writable, 1 bytes/write [ 8.787884] Loading modules backported from Linux version v6.6.15-0-g51f354b815c4 [ 8.795365] Backport generated by backports.git 193becf2 [ 8.804996] sfp sfp1: Host maximum power 3.0W [ 8.812126] sfp sfp2: Host maximum power 3.0W [ 8.844270] PPP generic driver version 2.4.2 [ 8.849006] PPP MPPE Compression module registered [ 8.854151] NET: Registered PF_PPPOX protocol family [ 8.860341] kmodloader: done loading kernel modules from /etc/modules.d/* [ 9.122950] sfp sfp1: module OEM SFP-2G5 rev 1.0 sn 2G522112324218 dc 220801 [ 9.132372] mtk_soc_eth 15100000.ethernet eth2: switched to inband/2500base-x link mode [ 9.151656] sfp sfp2: module OEM ZX-10GSFPP0.5M30 rev 03 sn 2403290029 dc 240329 [ 9.161045] mtk_soc_eth 15100000.ethernet eth1: switched to inband/10gbase-r link mode [ 13.227798] mtk_soc_eth 15100000.ethernet eth0: Link is Down [ 13.249745] mtk_soc_eth 15100000.ethernet eth0: configuring for fixed/internal link mode [ 13.257988] mtk_soc_eth 15100000.ethernet eth0: Link is Up - 10Gbps/Full - flow control rx/tx [ 13.259973] mt7530-mmio 15020000.switch lan1: configuring for phy/internal link mode [ 13.275125] br-lan: port 1(lan1) entered blocking state [ 13.280362] br-lan: port 1(lan1) entered disabled state [ 13.285662] mt7530-mmio 15020000.switch lan1: entered allmulticast mode [ 13.292299] mtk_soc_eth 15100000.ethernet eth0: entered allmulticast mode [ 13.299307] mt7530-mmio 15020000.switch lan1: entered promiscuous mode [ 13.310492] mt7530-mmio 15020000.switch lan2: configuring for phy/internal link mode [ 13.318629] br-lan: port 2(lan2) entered blocking state [ 13.323901] br-lan: port 2(lan2) entered disabled state [ 13.329149] mt7530-mmio 15020000.switch lan2: entered allmulticast mode [ 13.335992] mt7530-mmio 15020000.switch lan2: entered promiscuous mode [ 13.345969] mt7530-mmio 15020000.switch lan3: configuring for phy/internal link mode [ 13.354445] br-lan: port 3(lan3) entered blocking state [ 13.359687] br-lan: port 3(lan3) entered disabled state [ 13.364990] mt7530-mmio 15020000.switch lan3: entered allmulticast mode [ 13.371854] mt7530-mmio 15020000.switch lan3: entered promiscuous mode [ 13.380268] mtk_soc_eth 15100000.ethernet eth1: configuring for inband/10gbase-r link mode [ 13.402548] br-lan: port 4(eth1) entered blocking state [ 13.407786] br-lan: port 4(eth1) entered disabled state [ 13.413064] mtk_soc_eth 15100000.ethernet eth1: entered allmulticast mode [ 13.420002] mtk_soc_eth 15100000.ethernet eth1: entered promiscuous mode [ 13.429358] mt7530-mmio 15020000.switch wan: configuring for phy/internal link mode [ 13.437996] br-wan: port 1(wan) entered blocking state [ 13.443180] br-wan: port 1(wan) entered disabled state [ 13.448341] mt7530-mmio 15020000.switch wan: entered allmulticast mode [ 13.455181] mt7530-mmio 15020000.switch wan: entered promiscuous mode [ 13.463933] mtk_soc_eth 15100000.ethernet eth2: configuring for inband/2500base-x link mode [ 13.477951] br-wan: port 2(eth2) entered blocking state [ 13.483255] br-wan: port 2(eth2) entered disabled state [ 13.488528] mtk_soc_eth 15100000.ethernet eth2: entered allmulticast mode [ 13.494692] mtk_soc_eth 15100000.ethernet eth1: Link is Up - 10Gbps/Full - flow control off [ 13.495612] mtk_soc_eth 15100000.ethernet eth2: entered promiscuous mode [ 13.510585] br-lan: port 4(eth1) entered blocking state [ 13.515858] br-lan: port 4(eth1) entered forwarding state [ 17.673931] mtk_soc_eth 15100000.ethernet eth2: Link is Up - 2.5Gbps/Full - flow control off [ 17.682409] br-wan: port 2(eth2) entered blocking state [ 17.687627] br-wan: port 2(eth2) entered forwarding state ```

Diffconfig

CONFIG_TARGET_mediatek=y
CONFIG_TARGET_mediatek_filogic=y
CONFIG_TARGET_mediatek_filogic_DEVICE_bananapi_bpi-r4=y
CONFIG_LUCI_LANG_zh_Hans=y
CONFIG_PACKAGE_cgi-io=y
CONFIG_PACKAGE_default-settings=y
CONFIG_PACKAGE_default-settings-chn=y
CONFIG_PACKAGE_liblucihttp=y
CONFIG_PACKAGE_liblucihttp-ucode=y
CONFIG_PACKAGE_luci=y
CONFIG_PACKAGE_luci-app-firewall=y
CONFIG_PACKAGE_luci-app-opkg=y
CONFIG_PACKAGE_luci-base=y
CONFIG_PACKAGE_luci-i18n-base-zh-cn=y
CONFIG_PACKAGE_luci-i18n-firewall-zh-cn=y
CONFIG_PACKAGE_luci-i18n-opkg-zh-cn=y
CONFIG_PACKAGE_luci-light=y
CONFIG_PACKAGE_luci-mod-admin-full=y
CONFIG_PACKAGE_luci-mod-network=y
CONFIG_PACKAGE_luci-mod-status=y
CONFIG_PACKAGE_luci-mod-system=y
CONFIG_PACKAGE_luci-proto-ipv6=y
CONFIG_PACKAGE_luci-proto-ppp=y
CONFIG_PACKAGE_luci-theme-bootstrap=y
CONFIG_PACKAGE_rpcd=y
CONFIG_PACKAGE_rpcd-mod-file=y
CONFIG_PACKAGE_rpcd-mod-iwinfo=y
CONFIG_PACKAGE_rpcd-mod-luci=y
CONFIG_PACKAGE_rpcd-mod-rrdns=y
CONFIG_PACKAGE_rpcd-mod-ucode=y
CONFIG_PACKAGE_ucode-mod-html=y
CONFIG_PACKAGE_ucode-mod-math=y
CONFIG_PACKAGE_uhttpd=y
CONFIG_PACKAGE_uhttpd-mod-ubus=y
# CONFIG_TARGET_ROOTFS_INITRAMFS is not set
CONFIG_TARGET_ROOTFS_PARTSIZE=448

Terms

1715173329 commented 3 months ago

可以试试移除 package/network/config/firewall4/patches/002-fix-adding-offloading-device.patch

yuban10703 commented 3 months ago

移除后工作正常,感谢 image

1715173329 commented 3 months ago

目前主要问题是软件流量分载需要这个补丁。。合着总得烂一个

1715173329 commented 3 months ago

麻烦打印一下在带和不带此补丁下的 nft 规则,命令 nft list ruleset

yuban10703 commented 3 months ago
不带此补丁的规则 ``` root@ImmortalWrt:~# nft list ruleset table inet fw4 { flowtable ft { hook ingress priority filter devices = { eth1, eth2, lan1, lan2, lan3 } flags offload counter } chain input { type filter hook input priority filter; policy drop; iif "lo" accept comment "!fw4: Accept traffic from loopback" ct state vmap { established : accept, related : accept } comment "!fw4: Handle inbound flows" tcp flags syn / fin,syn,rst,ack jump syn_flood comment "!fw4: Rate limit TCP syn packets" iifname "br-lan" jump input_lan comment "!fw4: Handle lan IPv4/IPv6 input traffic" iifname "pppoe-wan" jump input_wan comment "!fw4: Handle wan IPv4/IPv6 input traffic" jump handle_reject } chain forward { type filter hook forward priority filter; policy drop; meta l4proto { tcp, udp } flow add @ft ct state vmap { established : accept, related : accept } comment "!fw4: Handle forwarded flows" iifname "br-lan" jump forward_lan comment "!fw4: Handle lan IPv4/IPv6 forward traffic" iifname "pppoe-wan" jump forward_wan comment "!fw4: Handle wan IPv4/IPv6 forward traffic" jump handle_reject } chain output { type filter hook output priority filter; policy accept; oif "lo" accept comment "!fw4: Accept traffic towards loopback" ct state vmap { established : accept, related : accept } comment "!fw4: Handle outbound flows" oifname "br-lan" jump output_lan comment "!fw4: Handle lan IPv4/IPv6 output traffic" oifname "pppoe-wan" jump output_wan comment "!fw4: Handle wan IPv4/IPv6 output traffic" } chain prerouting { type filter hook prerouting priority filter; policy accept; } chain handle_reject { meta l4proto tcp reject with tcp reset comment "!fw4: Reject TCP traffic" reject comment "!fw4: Reject any other traffic" } chain syn_flood { limit rate 25/second burst 50 packets return comment "!fw4: Accept SYN packets below rate-limit" drop comment "!fw4: Drop excess packets" } chain input_lan { jump accept_from_lan } chain output_lan { jump accept_to_lan } chain forward_lan { jump accept_to_wan comment "!fw4: Accept lan to wan forwarding" jump accept_to_lan } chain accept_from_lan { iifname "br-lan" counter packets 47 bytes 3093 accept comment "!fw4: accept lan IPv4/IPv6 traffic" } chain accept_to_lan { oifname "br-lan" counter packets 7 bytes 472 accept comment "!fw4: accept lan IPv4/IPv6 traffic" } chain input_wan { meta nfproto ipv4 udp dport 68 counter packets 0 bytes 0 accept comment "!fw4: Allow-DHCP-Renew" icmp type echo-request counter packets 0 bytes 0 accept comment "!fw4: Allow-Ping" meta nfproto ipv4 meta l4proto igmp counter packets 0 bytes 0 accept comment "!fw4: Allow-IGMP" meta nfproto ipv6 udp dport 546 counter packets 0 bytes 0 accept comment "!fw4: Allow-DHCPv6" ip6 saddr fe80::/10 icmpv6 type . icmpv6 code { mld-listener-query . no-route, mld-listener-report . no-route, mld-listener-done . no-route, mld2-listener-report . no-route } counter packets 0 bytes 0 accept comment "!fw4: Allow-MLD" icmpv6 type { destination-unreachable, time-exceeded, echo-request, echo-reply, nd-router-solicit, nd-router-advert } limit rate 1000/second burst 5 packets counter packets 0 bytes 0 accept comment "!fw4: Allow-ICMPv6-Input" icmpv6 type . icmpv6 code { packet-too-big . no-route, parameter-problem . no-route, nd-neighbor-solicit . no-route, nd-neighbor-advert . no-route, parameter-problem . admin-prohibited } limit rate 1000/second burst 5 packets counter packets 0 bytes 0 accept comment "!fw4: Allow-ICMPv6-Input" ct status dnat accept comment "!fw4: Accept port redirections" jump reject_from_wan } chain output_wan { jump accept_to_wan } chain forward_wan { icmpv6 type { destination-unreachable, time-exceeded, echo-request, echo-reply } limit rate 1000/second burst 5 packets counter packets 0 bytes 0 accept comment "!fw4: Allow-ICMPv6-Forward" icmpv6 type . icmpv6 code { packet-too-big . no-route, parameter-problem . no-route, parameter-problem . admin-prohibited } limit rate 1000/second burst 5 packets counter packets 0 bytes 0 accept comment "!fw4: Allow-ICMPv6-Forward" meta l4proto esp counter packets 0 bytes 0 jump accept_to_lan comment "!fw4: Allow-IPSec-ESP" udp dport 500 counter packets 0 bytes 0 jump accept_to_lan comment "!fw4: Allow-ISAKMP" ct status dnat accept comment "!fw4: Accept port forwards" jump reject_to_wan } chain accept_to_wan { meta nfproto ipv4 oifname "pppoe-wan" ct state invalid counter packets 0 bytes 0 drop comment "!fw4: Prevent NAT leakage" oifname "pppoe-wan" counter packets 155 bytes 8546 accept comment "!fw4: accept wan IPv4/IPv6 traffic" } chain reject_from_wan { iifname "pppoe-wan" counter packets 9 bytes 782 jump handle_reject comment "!fw4: reject wan IPv4/IPv6 traffic" } chain reject_to_wan { oifname "pppoe-wan" counter packets 0 bytes 0 jump handle_reject comment "!fw4: reject wan IPv4/IPv6 traffic" } chain dstnat { type nat hook prerouting priority dstnat; policy accept; iifname "pppoe-wan" jump dstnat_wan comment "!fw4: Handle wan IPv4/IPv6 dstnat traffic" } chain srcnat { type nat hook postrouting priority srcnat; policy accept; oifname "pppoe-wan" jump srcnat_wan comment "!fw4: Handle wan IPv4/IPv6 srcnat traffic" } chain dstnat_wan { meta nfproto ipv4 fullcone comment "!fw4: Handle wan IPv4 fullcone NAT dstnat traffic" } chain srcnat_wan { meta nfproto ipv4 fullcone comment "!fw4: Handle wan IPv4 fullcone NAT srcnat traffic" } chain raw_prerouting { type filter hook prerouting priority raw; policy accept; } chain raw_output { type filter hook output priority raw; policy accept; } chain mangle_prerouting { type filter hook prerouting priority mangle; policy accept; } chain mangle_postrouting { type filter hook postrouting priority mangle; policy accept; oifname "pppoe-wan" tcp flags syn / fin,syn,rst tcp option maxseg size set rt mtu comment "!fw4: Zone wan IPv4/IPv6 egress MTU fixing" } chain mangle_input { type filter hook input priority mangle; policy accept; } chain mangle_output { type route hook output priority mangle; policy accept; } chain mangle_forward { type filter hook forward priority mangle; policy accept; iifname "pppoe-wan" tcp flags syn / fin,syn,rst tcp option maxseg size set rt mtu comment "!fw4: Zone wan IPv4/IPv6 ingress MTU fixing" } } table inet dnsmasq { chain prerouting { type nat hook prerouting priority dstnat - 5; policy accept; meta nfproto { ipv4, ipv6 } udp dport 53 counter packets 197 bytes 14749 redirect to :53 comment "DNSMASQ HIJACK" } } root@ImmortalWrt:~# ```
带此补丁的规则 ``` root@ImmortalWrt:~# nft list ruleset table inet fw4 { flowtable ft { hook ingress priority filter devices = { eth1, lan1, lan2, lan3, pppoe-wan } flags offload counter } chain input { type filter hook input priority filter; policy drop; iif "lo" accept comment "!fw4: Accept traffic from loopback" ct state vmap { established : accept, related : accept } comment "!fw4: Handle inbound flows" tcp flags syn / fin,syn,rst,ack jump syn_flood comment "!fw4: Rate limit TCP syn packets" iifname "br-lan" jump input_lan comment "!fw4: Handle lan IPv4/IPv6 input traffic" iifname "pppoe-wan" jump input_wan comment "!fw4: Handle wan IPv4/IPv6 input traffic" jump handle_reject } chain forward { type filter hook forward priority filter; policy drop; meta l4proto { tcp, udp } flow add @ft ct state vmap { established : accept, related : accept } comment "!fw4: Handle forwarded flows" iifname "br-lan" jump forward_lan comment "!fw4: Handle lan IPv4/IPv6 forward traffic" iifname "pppoe-wan" jump forward_wan comment "!fw4: Handle wan IPv4/IPv6 forward traffic" jump handle_reject } chain output { type filter hook output priority filter; policy accept; oif "lo" accept comment "!fw4: Accept traffic towards loopback" ct state vmap { established : accept, related : accept } comment "!fw4: Handle outbound flows" oifname "br-lan" jump output_lan comment "!fw4: Handle lan IPv4/IPv6 output traffic" oifname "pppoe-wan" jump output_wan comment "!fw4: Handle wan IPv4/IPv6 output traffic" } chain prerouting { type filter hook prerouting priority filter; policy accept; } chain handle_reject { meta l4proto tcp reject with tcp reset comment "!fw4: Reject TCP traffic" reject comment "!fw4: Reject any other traffic" } chain syn_flood { limit rate 25/second burst 50 packets return comment "!fw4: Accept SYN packets below rate-limit" drop comment "!fw4: Drop excess packets" } chain input_lan { jump accept_from_lan } chain output_lan { jump accept_to_lan } chain forward_lan { jump accept_to_wan comment "!fw4: Accept lan to wan forwarding" jump accept_to_lan } chain accept_from_lan { iifname "br-lan" counter packets 27 bytes 1887 accept comment "!fw4: accept lan IPv4/IPv6 traffic" } chain accept_to_lan { oifname "br-lan" counter packets 3 bytes 296 accept comment "!fw4: accept lan IPv4/IPv6 traffic" } chain input_wan { meta nfproto ipv4 udp dport 68 counter packets 0 bytes 0 accept comment "!fw4: Allow-DHCP-Renew" icmp type echo-request counter packets 0 bytes 0 accept comment "!fw4: Allow-Ping" meta nfproto ipv4 meta l4proto igmp counter packets 0 bytes 0 accept comment "!fw4: Allow-IGMP" meta nfproto ipv6 udp dport 546 counter packets 0 bytes 0 accept comment "!fw4: Allow-DHCPv6" ip6 saddr fe80::/10 icmpv6 type . icmpv6 code { mld-listener-query . no-route, mld-listener-report . no-route, mld-listener-done . no-route, mld2-listener-report . no-route } counter packets 0 bytes 0 accept comment "!fw4: Allow-MLD" icmpv6 type { destination-unreachable, time-exceeded, echo-request, echo-reply, nd-router-solicit, nd-router-advert } limit rate 1000/second burst 5 packets counter packets 0 bytes 0 accept comment "!fw4: Allow-ICMPv6-Input" icmpv6 type . icmpv6 code { packet-too-big . no-route, parameter-problem . no-route, nd-neighbor-solicit . no-route, nd-neighbor-advert . no-route, parameter-problem . admin-prohibited } limit rate 1000/second burst 5 packets counter packets 0 bytes 0 accept comment "!fw4: Allow-ICMPv6-Input" ct status dnat accept comment "!fw4: Accept port redirections" jump reject_from_wan } chain output_wan { jump accept_to_wan } chain forward_wan { icmpv6 type { destination-unreachable, time-exceeded, echo-request, echo-reply } limit rate 1000/second burst 5 packets counter packets 0 bytes 0 accept comment "!fw4: Allow-ICMPv6-Forward" icmpv6 type . icmpv6 code { packet-too-big . no-route, parameter-problem . no-route, parameter-problem . admin-prohibited } limit rate 1000/second burst 5 packets counter packets 0 bytes 0 accept comment "!fw4: Allow-ICMPv6-Forward" meta l4proto esp counter packets 0 bytes 0 jump accept_to_lan comment "!fw4: Allow-IPSec-ESP" udp dport 500 counter packets 0 bytes 0 jump accept_to_lan comment "!fw4: Allow-ISAKMP" ct status dnat accept comment "!fw4: Accept port forwards" jump reject_to_wan } chain accept_to_wan { meta nfproto ipv4 oifname "pppoe-wan" ct state invalid counter packets 0 bytes 0 drop comment "!fw4: Prevent NAT leakage" oifname "pppoe-wan" counter packets 126 bytes 6921 accept comment "!fw4: accept wan IPv4/IPv6 traffic" } chain reject_from_wan { iifname "pppoe-wan" counter packets 4 bytes 545 jump handle_reject comment "!fw4: reject wan IPv4/IPv6 traffic" } chain reject_to_wan { oifname "pppoe-wan" counter packets 0 bytes 0 jump handle_reject comment "!fw4: reject wan IPv4/IPv6 traffic" } chain dstnat { type nat hook prerouting priority dstnat; policy accept; iifname "pppoe-wan" jump dstnat_wan comment "!fw4: Handle wan IPv4/IPv6 dstnat traffic" } chain srcnat { type nat hook postrouting priority srcnat; policy accept; oifname "pppoe-wan" jump srcnat_wan comment "!fw4: Handle wan IPv4/IPv6 srcnat traffic" } chain dstnat_wan { meta nfproto ipv4 fullcone comment "!fw4: Handle wan IPv4 fullcone NAT dstnat traffic" } chain srcnat_wan { meta nfproto ipv4 fullcone comment "!fw4: Handle wan IPv4 fullcone NAT srcnat traffic" } chain raw_prerouting { type filter hook prerouting priority raw; policy accept; } chain raw_output { type filter hook output priority raw; policy accept; } chain mangle_prerouting { type filter hook prerouting priority mangle; policy accept; } chain mangle_postrouting { type filter hook postrouting priority mangle; policy accept; oifname "pppoe-wan" tcp flags syn / fin,syn,rst tcp option maxseg size set rt mtu comment "!fw4: Zone wan IPv4/IPv6 egress MTU fixing" } chain mangle_input { type filter hook input priority mangle; policy accept; } chain mangle_output { type route hook output priority mangle; policy accept; } chain mangle_forward { type filter hook forward priority mangle; policy accept; iifname "pppoe-wan" tcp flags syn / fin,syn,rst tcp option maxseg size set rt mtu comment "!fw4: Zone wan IPv4/IPv6 ingress MTU fixing" } } table inet dnsmasq { chain prerouting { type nat hook prerouting priority dstnat - 5; policy accept; meta nfproto { ipv4, ipv6 } udp dport 53 counter packets 9 bytes 605 redirect to :53 comment "DNSMASQ HIJACK" } } ```
1715173329 commented 3 months ago

好的,非常感谢

1715173329 commented 3 months ago

暂时先 open,等找到修复办法再 close。

pomhg commented 2 months ago

二者的区别在于是否device包含pppoe或者vlan,根据https://www.kernel.org/doc/html/latest/networking/nf_flowtable.html,flowtable只需要包含真实二层接口。 IMG_6281

xlighting2017 commented 2 months ago

there were quite a lot discussion around flow-offloading, and few fixes are push to package firewall4

how about we bump the FW4 to the latest, and drop the 002-patch here?

ref: a long discussion of soft flow-offloading https://github.com/openwrt/openwrt/issues/13410

https://github.com/openwrt/firewall4/commit/e00958884416f59b273595f941d198de63acc1dd https://github.com/openwrt/firewall4/commit/dfbcc1cd127c78fc61bb870d36d2512b571d223b

brada4 commented 1 month ago

@xlighting2017 there are multiple problems with offloading: 1/ oversized packets knock out offloaded flow back to conntrack slowpath (essentially accept established/related). most notable with wg, pppoe ie interfaces with !=1500 mtu. Fixed here: https://github.com/openwrt/firewall4/commit/698a53354fd280aae097efe08803c0c9a10c14c2 2/ no need to add higher level devices BUT then output of the flow-state is fixated on a low level device https://www.kernel.org/doc/html/latest/networking/nf_flowtable.html#limitations 2 patches referred get around them by setting offload endpoints to devices where firewall actually forwards, keeping ARP and free movement of MAC between physical ports. 2a/ https://github.com/openwrt/openwrt/issues/16184 skips buggy drivers by accident 2b/ accidentally docker0 got free soft offload 3/ to be continued.