OpenWrt Forum Archive

Topic: Quality of WRT54GX2 (SRX200) - Lock-up Prone or Security Vulnerable?

The content of this topic has been archived on 18 Apr 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.

Post #1
binarypc
18 Apr 2006, 13:43

How good is the default linksys firewall on this router WRT54GX2 "Powered by Realtek RTL8651B SoC, rev 1"

It appears that I've gotten some hits from China against at least one of my internal PC firewall(s) and am wondering what I can do to further prevent access.

Example hit picked up by McAfee

1.) ICMP Ping Souce Port 0 Dest Port 0

  [whois.apnic.net node-2]
  Whois data copyright terms    http://www.apnic.net/db/dbcopyright.html

inetnum:      219.148.160.0 - 219.148.191.255
netname:      CHINATELECOM-NM
descr:        CHINANET neimeng province network
descr:        China Telecom
descr:        No.31,jingrong street
descr:        Beijing 100032
country:      CN
admin-c:      CH93-AP
tech-c:       YHY1-AP
mnt-by:       MAINT-CHINANET
mnt-lower:    MAINT-CHINATELECOM-NM
changed:      hostmaster@ns.chinanet.cn.net 20030820
status:       ALLOCATED NON-PORTABLE
source:       APNIC

person:       Chinanet Hostmaster
nic-hdl:      CH93-AP
e-mail:       anti-spam@ns.chinanet.cn.net
address:      No.31 ,jingrong street,beijing
address:      100032
phone:        +86-10-58501724
fax-no:       +86-10-58501724
country:      CN
changed:      lqing@chinatelecom.com.cn 20051212
mnt-by:       MAINT-CHINANET
source:       APNIC

person:       Yin Hong Yu
nic-hdl:      YHY1-AP
e-mail:       yhy@nmgtele.com
address:      No.118,Hulun South Road,
address:      Huhhot,010020
phone:        +86-471-3386684
fax-no:       +86-471-3386693
country:      CN
changed:      yhy@nmgtele.com 20031106
mnt-by:       MAINT-CHINATELECOM-NM
source:       APNIC
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Any insight you can provide as to where this may go is helpful. I will make my next post a shot of my system log right after a reboot. (There is a problem with the system.log in that when this occurred on April 15th, it was overwritten by April 16th entries and then those were overwritten by April 17th entries, so the logging is kind of weird on it.)
Thank you

Post #2
binarypc
18 Apr 2006, 13:44

Here's the System Log from 04/17/06

- - -

Event Log:

Dec 31 19:00:03 (none) syslog.notice klogd: klogd started: BusyBox v1.00-pre2 (2006.01.18-02:33+0000)
Dec 31 19:00:03 (none) user.warn klogd: ************************************
Dec 31 19:00:03 (none) user.warn klogd: Powered by Realtek RTL8651B SoC, rev 1
Dec 31 19:00:03 (none) user.warn klogd: ************************************
Dec 31 19:00:03 (none) user.warn klogd: SDRAM size: 16MB
Dec 31 19:00:03 (none) user.warn klogd: CPU revision is: 0000ff00
Dec 31 19:00:03 (none) user.warn klogd: Init MMU (16 entries)
Dec 31 19:00:03 (none) user.warn klogd: Primary instruction cache 0kB, linesize 0 bytes.
Dec 31 19:00:03 (none) user.warn klogd: Primary data cache 0kB, linesize 0 bytes.
Dec 31 19:00:03 (none) user.warn klogd: Linux version 2.4.26-uc0 (shixiang@compile-server) (gcc version 3.3.3) #332 Fri Jan 20 21:23:52 CST 2006
Dec 31 19:00:03 (none) user.warn klogd: Determined physical RAM map:
Dec 31 19:00:03 (none) user.warn klogd:  memory: 01000000 @ 00000000 (usable)
Dec 31 19:00:03 (none) user.warn klogd: NOFS reserved @ 0x802e11d0
Dec 31 19:00:03 (none) user.warn klogd: On node 0 totalpages: 4096
Dec 31 19:00:03 (none) user.warn klogd: zone(0): 4096 pages.
Dec 31 19:00:03 (none) user.warn klogd: zone(1): 0 pages.
Dec 31 19:00:03 (none) user.warn klogd: zone(2): 0 pages.
Dec 31 19:00:03 (none) user.warn klogd: Kernel command line: root=/dev/mtdblock4
Dec 31 19:00:03 (none) user.warn klogd: IRR(0)=c0000000
Dec 31 19:00:03 (none) user.warn klogd: Calibrating delay loop... 199.06 BogoMIPS
Dec 31 19:00:03 (none) user.info klogd: Memory: 13248k/16384k available (2391k kernel code, 3136k reserved, 108k data, 104k init, 0k highmem)
Dec 31 19:00:03 (none) user.info klogd: Dentry cache hash table entries: 2048 (order: 2, 16384 bytes)
Dec 31 19:00:03 (none) user.info klogd: Inode cache hash table entries: 1024 (order: 1, 8192 bytes)
Dec 31 19:00:03 (none) user.info klogd: Mount cache hash table entries: 512 (order: 0, 4096 bytes)
Dec 31 19:00:03 (none) user.info klogd: Buffer cache hash table entries: 1024 (order: 0, 4096 bytes)
Dec 31 19:00:03 (none) user.warn klogd: Page-cache hash table entries: 4096 (order: 2, 16384 bytes)
Dec 31 19:00:03 (none) user.warn klogd: Checking for 'wait' instruction...  unavailable.
Dec 31 19:00:03 (none) user.warn klogd: POSIX conformance testing by UNIFIX
Dec 31 19:00:03 (none) user.warn klogd: NEW PCI Driver...isLinuxCompliantEndianMode=False(Big Endian)
Dec 31 19:00:03 (none) user.warn klogd: Found Airgo PCI, function=0!
Dec 31 19:00:03 (none) user.warn klogd: Memory Space 0 data=0xfffe0000 size=0x20000
Dec 31 19:00:03 (none) user.warn klogd: Memory Space 1 data=0xfff80000 size=0x80000
Dec 31 19:00:03 (none) user.warn klogd: PCI device exists: slot 0 function 0 VendorID 17cb DeviceID 1 bbd40000
Dec 31 19:00:03 (none) user.warn klogd: Found Airgo PCI, function=1!
Dec 31 19:00:03 (none) user.warn klogd: Found Airgo PCI, function=2!
Dec 31 19:00:03 (none) user.warn klogd: Found Airgo PCI, function=3!
Dec 31 19:00:03 (none) user.warn klogd: Found Airgo PCI, function=4!
Dec 31 19:00:03 (none) user.warn klogd: Found Airgo PCI, function=5!
Dec 31 19:00:03 (none) user.warn klogd: Found Airgo PCI, function=6!
Dec 31 19:00:03 (none) user.warn klogd: Found Airgo PCI, function=7!
Dec 31 19:00:03 (none) user.warn klogd: memory mapping BAnum=0 slot=0 func=0
Dec 31 19:00:03 (none) user.warn klogd: memory mapping BAnum=1 slot=0 func=0
Dec 31 19:00:03 (none) user.warn klogd: assign mem base 1bf00000~1bf7ffff at bbd40014 size=524288
Dec 31 19:00:03 (none) user.warn klogd: assign mem base 1bf80000~1bf9ffff at bbd40010 size=131072
Dec 31 19:00:03 (none) user.warn klogd: Find Total 1 PCI functions
Dec 31 19:00:03 (none) user.warn klogd: Found 00:00 [17cb/0001] 000200 00
Dec 31 19:00:03 (none) user.info klogd: Linux NET4.0 for Linux 2.4
Dec 31 19:00:03 (none) user.info klogd: Based upon Swansea University Computer Society NET3.039
Dec 31 19:00:03 (none) user.warn klogd: Initializing RT netlink socket
Dec 31 19:00:03 (none) user.warn klogd: Starting kswapd
Dec 31 19:00:03 (none) user.info klogd: devfs: v1.12c (20020818) Richard Gooch (rgooch@atnf.csiro.au)
Dec 31 19:00:03 (none) user.info klogd: devfs: boot_options: 0x0
Dec 31 19:00:03 (none) user.warn klogd: pty: 256 Unix98 ptys configured
Dec 31 19:00:03 (none) user.info klogd: Serial driver version 5.05c (2001-07-08) with MANY_PORTS SERIAL_PCI enabled
Dec 31 19:00:03 (none) user.info klogd: Probing RTL8651 home gateway controller...
Dec 31 19:00:03 (none) user.debug klogd: Initialize RTL865x ASIC and driver
Dec 31 19:00:03 (none) user.warn klogd: chip name: 8651B, chip revid: 1
Dec 31 19:00:03 (none) user.debug klogd:    Initialize mbuf...
Dec 31 19:00:03 (none) user.debug klogd:    creating default 2 interfaces...<7>eth0 IRR(6)=c0040000
Dec 31 19:00:03 (none) user.warn klogd: ===> Request IRQ 6 for eth0, ret=0
Dec 31 19:00:03 (none) user.debug klogd: eth1 <7>...OK
Dec 31 19:00:03 (none) user.info klogd: PPP generic driver version 2.4.2
Dec 31 19:00:03 (none) user.info klogd: PPP BSD Compression module registered
Dec 31 19:00:03 (none) user.notice klogd: flash device: 3e0000 at be000000
Dec 31 19:00:03 (none) user.warn klogd: AMD/Fujitsu Standard CFI Query Table v1.1 at 0x0040
Dec 31 19:00:03 (none) user.notice klogd:  Amd/Fujitsu Extended Query Table v1.1 at 0x0040
Dec 31 19:00:03 (none) user.notice klogd: number of CFI chips: 1
Dec 31 19:00:03 (none) user.notice klogd: cfi_cmdset_0002: Disabling fast programming due to code brokenness.
Dec 31 19:00:03 (none) user.notice klogd: Creating 5 MTD partitions on "Physically mapped flash":
Dec 31 19:00:03 (none) user.notice klogd: 0x00000000-0x00006000 : "boot1"
Dec 31 19:00:03 (none) user.notice klogd: 0x00010000-0x00020000 : "boot2"
Dec 31 19:00:03 (none) user.notice klogd: 0x00000000-0x00400000 : "boot3"
Dec 31 19:00:03 (none) user.notice klogd: 0x00020000-0x00120000 : "kernel"
Dec 31 19:00:03 (none) user.notice klogd: 0x00120000-0x00400000 : "rootfs"
Dec 31 19:00:03 (none) user.info klogd: NET4: Linux TCP/IP 1.0 for NET4.0
Dec 31 19:00:03 (none) user.info klogd: IP Protocols: ICMP, UDP, TCP, IGMP
Dec 31 19:00:03 (none) user.info klogd: IP: routing cache hash table of 512 buckets, 4Kbytes
Dec 31 19:00:03 (none) user.info klogd: TCP: Hash tables configured (established 1024 bind 2048)
Dec 31 19:00:03 (none) user.info klogd: GRE over IPv4 tunneling driver
Dec 31 19:00:03 (none) user.warn klogd: ip_conntrack version 2.1 (128 buckets, 1024 max) - 344 bytes per conntrack
Dec 31 19:00:03 (none) user.warn klogd: ip_conntrack_pptp version $Revision: 1.1.1.1 $ loaded
Dec 31 19:00:03 (none) user.warn klogd: ip_nat_pptp version $Revision: 1.1.1.1 $ loaded
Dec 31 19:00:03 (none) user.warn klogd: ip_tables: (C) 2000-2002 Netfilter core team
Dec 31 19:00:03 (none) user.info klogd: NET4: Unix domain sockets 1.0/SMP for Linux NET4.0.
Dec 31 19:00:03 (none) user.warn klogd: VFS: Mounted root (cramfs filesystem) readonly.
Dec 31 19:00:04 (none) user.info klogd: Freeing unused kernel memory: 104k freed
Dec 31 19:00:04 (none) user.warn klogd: Bad boy: serial (at 0x8009d9fc) called us without a dev_id!
Dec 31 19:00:04 (none) user.warn klogd: IRR(4)=c0c40000
Dec 31 19:00:04 (none) user.warn klogd: ===> Request IRQ 4 for serial, ret=0
Dec 31 19:00:04 (none) user.warn klogd: rtl8651_user_pid set to 18
Dec 31 19:00:04 (none) user.debug klogd: Bring up ext  port 6..
Dec 31 19:00:04 (none) user.debug klogd: Rx shift=10002
Dec 31 19:00:04 (none) user.warn klogd: AMD/Fujitsu Standard CFI Query Table v1.1 at 0x0040
Dec 31 19:00:04 (none) user.warn klogd: AMD/Fujitsu Standard CFI Query Table v1.1 at 0x0040
Dec 31 19:00:04 (none) user.warn klogd:
Dec 31 19:00:04 (none) user.warn klogd: ace (eth0) ... SUCCESS!!
Dec 31 19:00:04 (none) user.warn klogd: PPPoE Passthru disabled.
Dec 31 19:00:04 (none) user.warn klogd: Drop Unknown PPPoE PADT disabled.
Dec 31 19:00:04 (none) user.warn klogd: IPv6 Passthru disabled.
Dec 31 19:00:07 (none) user.warn klogd: # MAC Monitoring Register = 0x00000000
Dec 31 19:00:07 (none) user.warn klogd: # Setup System Clock Rate for Watch Dog
Dec 31 19:00:07 (none) user.warn klogd: plm probe (plm_dump_buf @ C0029100)
Dec 31 19:00:07 (none) user.warn klogd: &bdh 805A8170 bdh A0590000
Dec 31 19:00:07 (none) user.info klogd: np->hif_regs->bus_slave.hif_ctrl.val 00000000
Dec 31 19:00:07 (none) user.info klogd: np->hif_regs->bus_slave.hif_ctrl.val 000000C0
Dec 31 19:00:07 (none) user.info klogd: wlan0: PCI Revision = 3, Slot Name[00:00.0], Slot#[0]
Dec 31 19:00:07 (none) user.info klogd: wlan0: at BAR0 = 0xbbf80000, BAR1 = 0xbbf00000, IRQ 5.
Dec 31 19:00:07 (none) user.warn klogd: IRR(5)=c0c40000
Dec 31 19:00:07 (none) user.warn klogd: ===> Request IRQ 5 for wlan0, ret=0
Dec 31 19:00:07 (none) user.info klogd: wlan0: request_irq, err = 0
Dec 31 19:00:07 (none) user.info klogd: wlan0: plm_reg_init Succeeded
Dec 31 19:00:07 (none) user.info klogd: wlan0: MAC:00:13:10:c3:9a:5b
Dec 31 19:00:07 (none) user.info klogd: wlan0: plm_get_radio_eeprominfo(), err = 0
Dec 31 19:00:07 (none) user.info klogd: wlan0: OFFSET of dev->priv[0x6C]
Dec 31 19:00:07 (none) user.info klogd: wlan0: OFFSET of np->hif_regs[0x1060]
Dec 31 19:00:07 (none) user.info klogd: wlan0: OFFSET of np->stats_mac_td_ring_flush_cnt[0xD40]
Dec 31 19:00:07 (none) user.info klogd: wlan0: OFFSET of np->stats_mac_td_cnt[0xD2C]
Dec 31 19:00:07 (none) user.warn klogd: Register shadow 18
Dec 31 19:00:07 (none) user.warn klogd: ccd_msg_handler_shadow 18 2 C002A534
Dec 31 19:00:10 (none) user.notice ANISDKTOOL:          aniAsfLog.c: 84 Started ANISDKTOOL with Pid 64
Dec 31 19:00:10 (none) user.err WSM:     aniWsmDefaults.c:602 Ignoring BandType for Radio 0
Dec 31 19:00:11 (none) user.warn klogd: Starting MAC FW module...radioID = 0 NUM_RADIO 1 - param_addr = 0x805a90a8 start at C003B400
Dec 31 19:00:11 (none) user.warn klogd: [0][1a][3][1106] bg = 1, nTx = 1, nRx = 1, cb=0, ap=1, mpci=0
Dec 31 19:00:11 (none) user.warn klogd: [0][11][3][1] Sending CFG_DNLD_REQ
Dec 31 19:00:11 (none) user.warn klogd: Register External Device (wlan0) vid (9) extPortNum (6)
Dec 31 19:00:11 (none) user.warn klogd: Reserve port 6 for peripheral device use. (0x40)
Dec 31 19:00:11 (none) user.warn klogd: Total WLAN/WDS links: 1
Dec 31 19:00:11 (none) user.debug klogd: Airgo Fast Tx func  registered.
Dec 31 19:00:11 (none) user.debug klogd: Airgo Fast free func  registered.
Dec 31 19:00:11 (none) user.warn klogd: [0][11][3][1] CFG size 3252 bytes MAGIC dword is 0xdeaddead
Dec 31 19:00:11 (none) user.warn klogd: [0][11][3][1] CFG hdr totParams 187 intParams 144 strBufSize 756/1596
Dec 31 19:00:11 (none) user.warn klogd: [0][10][3][1] CFG RDET MIN PULSE WIDTH = 100
Dec 31 19:00:11 (none) user.warn klogd: [0][10][3][1] CFG RDET MAX PULSE WIDTH = 100
Dec 31 19:00:11 (none) user.warn klogd: [0][10][3][1] CFG RDET PULSE WIDTH MARGIN = 4
Dec 31 19:00:11 (none) user.warn klogd: [0][10][3][1] CFG RDET PULSE TR CNT1 = 3
Dec 31 19:00:11 (none) user.warn klogd: [0][10][3][1] CFG RDET PULSE TR CNT2 = 3
Dec 31 19:00:11 (none) user.warn klogd: [0][10][3][1] CFG RDET PULSE TR CNT3 = 5
Dec 31 19:00:11 (none) user.warn klogd: [0][10][3][1] CFG RDET RSSI TH = 60
Dec 31 19:00:11 (none) user.warn klogd: [0][10][3][1] CFG RDET MIN IAT = 5000
Dec 31 19:00:11 (none) user.warn klogd: [0][10][3][1] CFG RDET MAX IAT = 65535
Dec 31 19:00:11 (none) user.warn klogd: [0][10][3][1] CFG RDET MEAS DEL  = 77
Dec 31 19:00:11 (none) user.notice ANISDKTOOL:          aniAsfLog.c: 84 Started ANISDKTOOL with Pid 80
Dec 31 19:00:11 (none) user.err WSM:     aniWsmDefaults.c:602 Ignoring BandType for Radio 0
Dec 31 19:00:11 (none) user.err WSM:      aniWsmRadMisc.c:434 Radio (0) RadTimers - Freeing Timer RADAP_STT_TMR
Dec 31 19:00:11 (none) user.err WSM:      aniWsmRadMisc.c:357 Radio (0) Resetting Enb from RADENB_WF_CFG_DNLD_CNF
Dec 31 19:00:11 (none) user.err WSM:      aniWsmRadMisc.c:364 Radio (0) Resetting EnbAp from RADENBAP_WF_RAD_ENB
Dec 31 19:00:11 (none) user.err WSM: aniWsmRadEnbCommon.c:174 Radio 0, defRadEnbCfgDnldScss - State RADENB_INIT
Dec 31 19:00:11 (none) user.err WSM: aniWsmRadEnbCommon.c:297 Radio 0, defRadEnbDrvEnbScss - State RADENB_INIT
Dec 31 19:00:11 (none) user.warn klogd: [0][12][2][1] received unexpected SME_STOP_BSS_REQ in state 0, for role 0
Dec 31 19:00:11 (none) user.warn klogd: [0][12][2][1] eLIM_SME_OFFLINE_STATE
Dec 31 19:00:11 (none) user.debug klogd: wns msg rcvd: type = 0x1300^Ilength = 32
Dec 31 19:00:11 (none) user.warn klogd: wlan0: Rcvd a eWSM_DRV_RADIO_DISABLE_REQ for radio[0]
Dec 31 19:00:11 (none) user.warn klogd: mac_mod_exit: Cleaning MAC FW module: radio Id 0
Apr 17 20:07:53 (none) user.warn klogd: Starting MAC FW module...radioID = 0 NUM_RADIO 1 - param_addr = 0x805a90a8 start at C003B400
Apr 17 20:07:53 (none) user.warn klogd: [0][1a][3][1233] bg = 1, nTx = 1, nRx = 1, cb=0, ap=1, mpci=0
Apr 17 20:07:53 (none) user.warn klogd: [0][11][3][1] Sending CFG_DNLD_REQ
Apr 17 20:07:53 (none) user.warn klogd: Register External Device (wlan0) vid (9) extPortNum (6)
Apr 17 20:07:53 (none) user.warn klogd: _devglue_regExtDevice: Redundant entry found, remove exist and register new one
Apr 17 20:07:53 (none) user.warn klogd: Delete port 0 from peripheral port set. (0x40)
Apr 17 20:07:53 (none) user.warn klogd: Unregister Extension device with LinkID 1 -- (wlan0)
Apr 17 20:07:53 (none) user.warn klogd: Total WLAN/WDS links: 0
Apr 17 20:07:53 (none) user.warn klogd: Reserve port 6 for peripheral device use. (0x40)
Apr 17 20:07:53 (none) user.warn klogd: Total WLAN/WDS links: 1
Apr 17 20:07:53 (none) user.debug klogd: Airgo Fast Tx func  registered.
Apr 17 20:07:53 (none) user.debug klogd: Airgo Fast free func  registered.
Apr 17 21:07:53 (none) user.warn klogd: [0][11][3][1] CFG size 3252 bytes MAGIC dword is 0xdeaddead
Apr 17 21:07:53 (none) user.warn klogd: [0][11][3][1] CFG hdr totParams 187 intParams 144 strBufSize 756/1596
Apr 17 21:07:53 (none) user.warn klogd: [0][10][3][1] CFG RDET MIN PULSE WIDTH = 100
Apr 17 21:07:53 (none) user.warn klogd: [0][10][3][1] CFG RDET MAX PULSE WIDTH = 100
Apr 17 21:07:53 (none) user.warn klogd: [0][10][3][1] CFG RDET PULSE WIDTH MARGIN = 4
Apr 17 21:07:53 (none) user.warn klogd: [0][10][3][1] CFG RDET PULSE TR CNT1 = 3
Apr 17 21:07:53 (none) user.warn klogd: [0][10][3][1] CFG RDET PULSE TR CNT2 = 3
Apr 17 21:07:53 (none) user.warn klogd: [0][10][3][1] CFG RDET PULSE TR CNT3 = 5
Apr 17 21:07:53 (none) user.warn klogd: [0][10][3][1] CFG RDET RSSI TH = 60
Apr 17 21:07:53 (none) user.warn klogd: [0][10][3][1] CFG RDET MIN IAT = 5000
Apr 17 21:07:53 (none) user.warn klogd: [0][10][3][1] CFG RDET MAX IAT = 65535
Apr 17 21:07:53 (none) user.warn klogd: [0][10][3][1] CFG RDET MEAS DEL  = 77
Apr 17 21:08:03 (none) user.err AA: aagRadioDisable: radioId 0 to disable is not yet configured!
Apr 17 21:08:04 (none) user.warn klogd: [0][14][2][1032] Cfg param 177 indication not handled
Apr 17 21:08:04 (none) user.warn klogd: [0][14][2][1032] Cfg param 178 indication not handled
Apr 17 21:08:04 (none) user.warn klogd: [0][10][3][1032] CFG RDET FLAG  = 0
Apr 17 21:08:04 (none) user.warn klogd: [0][12][3][1038] Going to parse numSSID  in the START_BSS_REQ, len=10
Apr 17 21:08:04 (none) user.debug klogd: wns msg rcvd: type = 0x1300^Ilength = 32
Apr 17 21:08:04 (none) user.debug klogd: wns msg rcvd: type = 0x1304^Ilength = 48
Apr 17 21:08:39 (none) user.warn klogd: register link id 1 mac on radio 0 00:12:17:F6:B9:F8
Apr 17 21:08:39 (none) user.warn klogd: Algorithmics/MIPS FPU Emulator v1.5
Apr 17 21:08:39 (none) user.err AA:        aniAsfTimer.c:445 Null Duration
Apr 17 21:08:39 (none) user.debug klogd: wns msg rcvd: type = 0x1308^Ilength = 46
Apr 17 21:27:45 (none) syslog.info -- MARK --

The discussion might have continued from here.