20170614_jeffrey - silenceuncrio/diary GitHub Wiki
釐清一下 M300 目前給 DQA 的 firmware 說什麼 iweb HTTPS 沒起來
相關的 issue 在 0000431: [https] PC in WAN side, PC using https link to M300 fail
正常狀況下 iweb HTTPS 需要的 cert 和 key 會放在 /etc/icos/web 下面
bash-4.3# pwd
/etc/icos/web
bash-4.3# ls -al
drwxr-xr-x 2 root root 304 Jun 14 00:38 .
drwxr-xr-x 33 root root 2192 Jun 14 00:37 ..
-rw-r--r-- 1 root root 1094 Jun 14 00:38 iweb_cert.pem
-rw-r--r-- 1 root root 1704 Jun 14 00:38 iweb_key.pem
bash-4.3#
把 iweb_cert.pem 和 iweb_key.pem 刪掉
把 /home/log/web.log 清空
使用 reboot
log 如下
bash-4.3# cat /home/log/web.log
normal reboot 01
1497401332[20170614 0:48:52] [notify_web:848]IN(E82|S44|D44)
1497401332[20170614 0:48:52] [notify_web:857]module init
1497401339[20170614 0:48:59] [notify_web:848]IN(E63|S60|D00)
1497401343[20170614 0:49:3] [notify_web:848]IN(E62|S00|D00)
1497401343[20170614 0:49:3] [notify_web:882]boot init done
1497401343[20170614 0:49:3] [web_dump:513]===init config===
1497401343[20170614 0:49:3] [web_dump:523][COM]conn_mgr=1,mod_init_done:1.
1497401343[20170614 0:49:3] [web_dump:551][CFG]mode=both,httpd_port=80,https_port=443,refreshperiod=2,sport=80,intf=lan,secure=all,clienip=0.0.0.0,httpd_access=lan,https_access=lan
1497401343[20170614 0:49:3] [web_dump:559][DMN0]active=1,pid=-1,status=0,flag=0x0,DID0
1497401343[20170614 0:49:3] [web_dump:559][DMN1]active=1,pid=-1,status=0,flag=0x0,DID1
1497401343[20170614 0:49:3] [web_dump:564][RTI]wan4_ifname=,wan6_ifname=.
1497401343[20170614 0:49:3] [notify_web:1015]ipt_mgmt_rule_set[4]: iface_sel=3, wan4_ifname=
1497401343[20170614 0:49:3] [daemon_restart:703][DID0] remain IP server retry for 6 times.
1497401343[20170614 0:49:3] [create_daemon_conf:602]IN
1497401343[20170614 0:49:3] [create_daemon_conf:613]cmd_buf=>dir=/
1497401343[20170614 0:49:3] [create_daemon_conf:618]cmd_buf=>cgipat=cgi-bin/**
1497401343[20170614 0:49:3] [create_daemon_conf:623]cmd_buf=>chroot
1497401343[20170614 0:49:3] [create_daemon_conf:628]cmd_buf=>user=root
1497401343[20170614 0:49:3] [create_daemon_conf:633]cmd_buf=>max_age=0
1497401343[20170614 0:49:3] [create_daemon_conf:638]cmd_buf=>debug
1497401343[20170614 0:49:3] [daemon_restart:745][DMN]Lanch=>/usr/sbin/iweb -p 80 -d /www
1497401343[20170614 0:49:3] [notify_web:1015]ipt_mgmt_rule_set[4]: iface_sel=1, wan4_ifname=
1497401343[20170614 0:49:3] [daemon_restart:703][DID1] remain IP server retry for 6 times.
1497401343[20170614 0:49:3] [gen_key_files:575]IN
1497401343[20170614 0:49:3] [gen_key_files:587]iweb genkey pid = 1218
1497401343[20170614 0:49:3] [gen_key_files:590]OUT
1497401343[20170614 0:49:3] [is_request_start:685][DMN]disabled cause key not ready.
1497401343[20170614 0:49:3] [web_dump:559][DMN0]active=1,pid=1214,status=1,flag=0x0,DID0
1497401343[20170614 0:49:3] [web_dump:559][DMN1]active=1,pid=-1,status=0,flag=0x1,DID1
1497401343[20170614 0:49:3] [web_dump:513]===After daemon restart===
1497401343[20170614 0:49:3] [web_dump:523][COM]conn_mgr=1,mod_init_done:1.
1497401343[20170614 0:49:3] [web_dump:551][CFG]mode=both,httpd_port=80,https_port=443,refreshperiod=2,sport=80,intf=lan,secure=all,clienip=0.0.0.0,httpd_access=lan,https_access=lan
1497401343[20170614 0:49:3] [web_dump:559][DMN0]active=1,pid=1214,status=1,flag=0x0,DID0
1497401343[20170614 0:49:3] [web_dump:559][DMN1]active=1,pid=-1,status=0,flag=0x0,DID1
1497401343[20170614 0:49:3] [web_dump:564][RTI]wan4_ifname=,wan6_ifname=.
1497401344[20170614 0:49:4] [notify_web:848]IN(E50|S59|D00)
1497401347[20170614 0:49:7] [msgcb_web:1177]IN(DID0,pid 1214)
<--
Icos_user_root.session_ttl: 300 sec
Icos_user_root.user: root
Icos_user_root.pass: $1$$2Dg0uARUa9gcTJ9I5/iKb/
Starting iweb on port 80, serving /www
-->
1497401347[20170614 0:49:7] [notify_web:848]IN(E53|S50|D00)
1497401347[20170614 0:49:7] [notify_web:848]IN(E02|S56|D00)
1497401347[20170614 0:49:7] [notify_web:848]IN(E01|S56|D00)
1497401347[20170614 0:49:7] [notify_web:848]IN(E40|S35|D00)
1497401351[20170614 0:49:11] [notify_web:848]IN(E43|S35|D00)
1497401351[20170614 0:49:11] [notify_web:848]IN(E52|S58|D00)
1497401351[20170614 0:49:11] [notify_web:945]WAN4 Lost<eth1>
1497401351[20170614 0:49:11] [notify_web:1015]ipt_mgmt_rule_set[4]: iface_sel=3, wan4_ifname=
1497401351[20170614 0:49:11] [notify_web:1015]ipt_mgmt_rule_set[4]: iface_sel=1, wan4_ifname=
1497401355[20170614 0:49:15] [termcb_web:1058]IN(1218)
1497401355[20170614 0:49:15] [termcb_web:1089]HTTPS key and cert generated done.
1497401355[20170614 0:49:15] [web_dump:513]===Key file generated done, daemon restart===
1497401355[20170614 0:49:15] [web_dump:559][DMN0]active=1,pid=1214,status=1,flag=0x0,DID0
1497401355[20170614 0:49:15] [web_dump:559][DMN1]active=1,pid=-1,status=0,flag=0x0,DID1
1497401355[20170614 0:49:15] [daemon_restart:703][DID1] remain IP server retry for 6 times.
1497401355[20170614 0:49:15] [gen_key_files:575]IN
1497401355[20170614 0:49:15] [gen_key_files:590]OUT
1497401355[20170614 0:49:15] [create_daemon_conf:602]IN
1497401355[20170614 0:49:15] [create_daemon_conf:613]cmd_buf=>dir=/
1497401355[20170614 0:49:15] [create_daemon_conf:618]cmd_buf=>cgipat=cgi-bin/**
1497401355[20170614 0:49:15] [create_daemon_conf:623]cmd_buf=>chroot
1497401355[20170614 0:49:15] [create_daemon_conf:628]cmd_buf=>user=root
1497401355[20170614 0:49:15] [create_daemon_conf:633]cmd_buf=>max_age=0
1497401355[20170614 0:49:15] [create_daemon_conf:638]cmd_buf=>debug
1497401355[20170614 0:49:15] [create_daemon_conf:645]cmd_buf=>ssl
1497401355[20170614 0:49:15] [create_daemon_conf:650]cmd_buf=>certfile=/etc/icos/ca/cert.pem
1497401355[20170614 0:49:15] [daemon_restart:745][DMN]Lanch=>/usr/sbin/iweb -p 443 -d /www -s
1497401356[20170614 0:49:16] [msgcb_web:1177]IN(DID1,pid 2048)
<--
Icos_user_root.session_ttl: 300 sec
-->
1497401356[20170614 0:49:16] [msgcb_web:1177]IN(DID1,pid 2048)
<--
Icos_user_root.user: root
Icos_user_root.pass: $1$$2Dg0uARUa9gcTJ9I5/iKb/
Starting SSL iweb on port 443, cert from /etc/icos/web/iweb_cert.pem, key from /etc/icos/web/iweb_key.pem, serving /www
-->
bash-4.3#
把 /home/log/web.log 清空
長按壓 reset 鈕觸發 reset default
web.log 如下
bash-4.3# cat /home/log/web.log
hw reset default
1497402107[20170614 1:1:47] [notify_web:848]IN(E82|S44|D44)
1497402107[20170614 1:1:47] [notify_web:857]module init
1497402114[20170614 1:1:54] [notify_web:848]IN(E63|S60|D00)
1497402120[20170614 1:2:0] [notify_web:848]IN(E62|S00|D00)
1497402120[20170614 1:2:0] [notify_web:882]boot init done
1497402120[20170614 1:2:0] [web_dump:513]===init config===
1497402120[20170614 1:2:0] [web_dump:523][COM]conn_mgr=1,mod_init_done:1.
1497402120[20170614 1:2:0] [web_dump:551][CFG]mode=both,httpd_port=80,https_port=443,refreshperiod=2,sport=80,intf=lan,secure=all,clienip=0.0.0.0,httpd_access=lan,https_access=lan
1497402120[20170614 1:2:0] [web_dump:559][DMN0]active=1,pid=-1,status=0,flag=0x0,DID0
1497402120[20170614 1:2:0] [web_dump:559][DMN1]active=1,pid=-1,status=0,flag=0x0,DID1
1497402120[20170614 1:2:0] [web_dump:564][RTI]wan4_ifname=,wan6_ifname=.
1497402120[20170614 1:2:0] [notify_web:1015]ipt_mgmt_rule_set[4]: iface_sel=3, wan4_ifname=
1497402120[20170614 1:2:0] [daemon_restart:703][DID0] remain IP server retry for 6 times.
1497402120[20170614 1:2:0] [create_daemon_conf:602]IN
1497402120[20170614 1:2:0] [create_daemon_conf:613]cmd_buf=>dir=/
1497402120[20170614 1:2:0] [create_daemon_conf:618]cmd_buf=>cgipat=cgi-bin/**
1497402120[20170614 1:2:0] [create_daemon_conf:623]cmd_buf=>chroot
1497402120[20170614 1:2:0] [create_daemon_conf:628]cmd_buf=>user=root
1497402120[20170614 1:2:0] [create_daemon_conf:633]cmd_buf=>max_age=0
1497402120[20170614 1:2:0] [create_daemon_conf:638]cmd_buf=>debug
1497402120[20170614 1:2:0] [daemon_restart:745][DMN]Lanch=>/usr/sbin/iweb -p 80 -d /www
1497402120[20170614 1:2:0] [notify_web:1015]ipt_mgmt_rule_set[4]: iface_sel=1, wan4_ifname=
1497402120[20170614 1:2:0] [daemon_restart:703][DID1] remain IP server retry for 6 times.
1497402120[20170614 1:2:0] [gen_key_files:575]IN
1497402120[20170614 1:2:0] [gen_key_files:587]iweb genkey pid = 1285
1497402120[20170614 1:2:0] [gen_key_files:590]OUT
1497402120[20170614 1:2:0] [is_request_start:685][DMN]disabled cause key not ready.
1497402120[20170614 1:2:0] [web_dump:559][DMN0]active=1,pid=1284,status=1,flag=0x0,DID0
1497402120[20170614 1:2:0] [web_dump:559][DMN1]active=1,pid=-1,status=0,flag=0x1,DID1
1497402120[20170614 1:2:0] [web_dump:513]===After daemon restart===
1497402120[20170614 1:2:0] [web_dump:523][COM]conn_mgr=1,mod_init_done:1.
1497402120[20170614 1:2:0] [web_dump:551][CFG]mode=both,httpd_port=80,https_port=443,refreshperiod=2,sport=80,intf=lan,secure=all,clienip=0.0.0.0,httpd_access=lan,https_access=lan
1497402120[20170614 1:2:0] [web_dump:559][DMN0]active=1,pid=1284,status=1,flag=0x0,DID0
1497402120[20170614 1:2:0] [web_dump:559][DMN1]active=1,pid=-1,status=0,flag=0x0,DID1
1497402120[20170614 1:2:0] [web_dump:564][RTI]wan4_ifname=,wan6_ifname=.
1497402121[20170614 1:2:1] [notify_web:848]IN(E50|S59|D00)
1497402126[20170614 1:2:6] [msgcb_web:1177]IN(DID0,pid 1284)
<--
Icos_user_root.session_ttl: 300 sec
Icos_user_root.user: root
Icos_user_root.pass: $1$$2Dg0uARUa9gcTJ9I5/iKb/
Starting iweb on port 80, serving /www
-->
1497402129[20170614 1:2:9] [notify_web:848]IN(E53|S50|D00)
1497402130[20170614 1:2:10] [notify_web:848]IN(E02|S56|D00)
1497402130[20170614 1:2:10] [notify_web:848]IN(E01|S56|D00)
1497402130[20170614 1:2:10] [notify_web:848]IN(E40|S35|D00)
1497402131[20170614 1:2:11] [notify_web:848]IN(E43|S35|D00)
1497402132[20170614 1:2:12] [notify_web:848]IN(E52|S58|D00)
1497402132[20170614 1:2:12] [notify_web:945]WAN4 Lost<eth1>
1497402132[20170614 1:2:12] [notify_web:1015]ipt_mgmt_rule_set[4]: iface_sel=3, wan4_ifname=
1497402132[20170614 1:2:12] [notify_web:1015]ipt_mgmt_rule_set[4]: iface_sel=1, wan4_ifname=
1497402142[20170614 1:2:22] [termcb_web:1058]IN(1285)
1497402142[20170614 1:2:22] [termcb_web:1089]HTTPS key and cert generated done.
1497402142[20170614 1:2:22] [web_dump:513]===Key file generated done, daemon restart===
1497402142[20170614 1:2:22] [web_dump:559][DMN0]active=1,pid=1284,status=1,flag=0x0,DID0
1497402142[20170614 1:2:22] [web_dump:559][DMN1]active=1,pid=-1,status=0,flag=0x0,DID1
1497402142[20170614 1:2:22] [daemon_restart:703][DID1] remain IP server retry for 6 times.
1497402142[20170614 1:2:22] [gen_key_files:575]IN
1497402142[20170614 1:2:22] [gen_key_files:590]OUT
1497402142[20170614 1:2:22] [create_daemon_conf:602]IN
1497402142[20170614 1:2:22] [create_daemon_conf:613]cmd_buf=>dir=/
1497402142[20170614 1:2:22] [create_daemon_conf:618]cmd_buf=>cgipat=cgi-bin/**
1497402142[20170614 1:2:22] [create_daemon_conf:623]cmd_buf=>chroot
1497402142[20170614 1:2:22] [create_daemon_conf:628]cmd_buf=>user=root
1497402142[20170614 1:2:22] [create_daemon_conf:633]cmd_buf=>max_age=0
1497402142[20170614 1:2:22] [create_daemon_conf:638]cmd_buf=>debug
1497402142[20170614 1:2:22] [create_daemon_conf:645]cmd_buf=>ssl
1497402142[20170614 1:2:22] [create_daemon_conf:650]cmd_buf=>certfile=/etc/icos/ca/cert.pem
1497402142[20170614 1:2:22] [daemon_restart:745][DMN]Lanch=>/usr/sbin/iweb -p 443 -d /www -s
1497402143[20170614 1:2:23] [msgcb_web:1177]IN(DID1,pid 2439)
<--
Icos_user_root.session_ttl: 300 sec
-->
1497402143[20170614 1:2:23] [msgcb_web:1177]IN(DID1,pid 2439)
<--
Icos_user_root.user: root
Icos_user_root.pass: $1$$2Dg0uARUa9gcTJ9I5/iKb/
Starting SSL iweb on port 443, cert from /etc/icos/web/iweb_cert.pem, key from /etc/icos/web/iweb_key.pem, serving /www
-->
bash-4.3#
這是正常的狀況
多試個幾次 長按壓 reset 鈕觸發 reset default 就會出現異常
下面是異常發生時的 log
bash-4.3# cat /home/log/web.log
hw reset default
1497402645[20170614 1:10:45] [notify_web:848]IN(E82|S44|D44)
1497402645[20170614 1:10:45] [notify_web:857]module init
1497402653[20170614 1:10:53] [notify_web:848]IN(E63|S60|D00)
1497402658[20170614 1:10:58] [notify_web:848]IN(E62|S00|D00)
1497402658[20170614 1:10:58] [notify_web:882]boot init done
1497402658[20170614 1:10:58] [web_dump:513]===init config===
1497402658[20170614 1:10:58] [web_dump:523][COM]conn_mgr=1,mod_init_done:1.
1497402658[20170614 1:10:58] [web_dump:551][CFG]mode=both,httpd_port=80,https_port=443,refreshperiod=2,sport=80,intf=lan,secure=all,clienip=0.0.0.0,httpd_access=lan,https_access=lan
1497402658[20170614 1:10:58] [web_dump:559][DMN0]active=1,pid=-1,status=0,flag=0x0,DID0
1497402658[20170614 1:10:58] [web_dump:559][DMN1]active=1,pid=-1,status=0,flag=0x0,DID1
1497402658[20170614 1:10:58] [web_dump:564][RTI]wan4_ifname=,wan6_ifname=.
1497402658[20170614 1:10:58] [notify_web:1015]ipt_mgmt_rule_set[4]: iface_sel=3, wan4_ifname=
1497402658[20170614 1:10:58] [daemon_restart:703][DID0] remain IP server retry for 6 times.
1497402658[20170614 1:10:58] [create_daemon_conf:602]IN
1497402658[20170614 1:10:58] [create_daemon_conf:613]cmd_buf=>dir=/
1497402658[20170614 1:10:58] [create_daemon_conf:618]cmd_buf=>cgipat=cgi-bin/**
1497402658[20170614 1:10:58] [create_daemon_conf:623]cmd_buf=>chroot
1497402658[20170614 1:10:58] [create_daemon_conf:628]cmd_buf=>user=root
1497402658[20170614 1:10:58] [create_daemon_conf:633]cmd_buf=>max_age=0
1497402658[20170614 1:10:58] [create_daemon_conf:638]cmd_buf=>debug
1497402658[20170614 1:10:58] [daemon_restart:745][DMN]Lanch=>/usr/sbin/iweb -p 80 -d /www
1497402658[20170614 1:10:58] [notify_web:1015]ipt_mgmt_rule_set[4]: iface_sel=1, wan4_ifname=
1497402658[20170614 1:10:58] [daemon_restart:703][DID1] remain IP server retry for 6 times.
1497402658[20170614 1:10:58] [gen_key_files:575]IN
1497402658[20170614 1:10:58] [gen_key_files:587]iweb genkey pid = 1298
1497402658[20170614 1:10:58] [gen_key_files:590]OUT
1497402658[20170614 1:10:58] [is_request_start:685][DMN]disabled cause key not ready.
1497402658[20170614 1:10:58] [web_dump:559][DMN0]active=1,pid=1296,status=1,flag=0x0,DID0
1497402658[20170614 1:10:58] [web_dump:559][DMN1]active=1,pid=-1,status=0,flag=0x1,DID1
1497402658[20170614 1:10:58] [web_dump:513]===After daemon restart===
1497402658[20170614 1:10:58] [web_dump:523][COM]conn_mgr=1,mod_init_done:1.
1497402658[20170614 1:10:58] [web_dump:551][CFG]mode=both,httpd_port=80,https_port=443,refreshperiod=2,sport=80,intf=lan,secure=all,clienip=0.0.0.0,httpd_access=lan,https_access=lan
1497402658[20170614 1:10:58] [web_dump:559][DMN0]active=1,pid=1296,status=1,flag=0x0,DID0
1497402658[20170614 1:10:58] [web_dump:559][DMN1]active=1,pid=-1,status=0,flag=0x0,DID1
1497402658[20170614 1:10:58] [web_dump:564][RTI]wan4_ifname=,wan6_ifname=.
1497402659[20170614 1:10:59] [notify_web:848]IN(E50|S59|D00)
1497402664[20170614 1:11:4] [msgcb_web:1177]IN(DID0,pid 1296)
<--
Icos_user_root.session_ttl: 300 sec
Icos_user_root.user: root
Icos_user_root.pass: $1$$2Dg0uARUa9gcTJ9I5/iKb/
Starting iweb on port 80, serving /www
-->
1497402668[20170614 1:11:8] [notify_web:848]IN(E53|S50|D00)
1497402668[20170614 1:11:8] [notify_web:848]IN(E02|S56|D00)
1497402668[20170614 1:11:8] [notify_web:848]IN(E01|S56|D00)
1497402669[20170614 1:11:9] [notify_web:848]IN(E40|S35|D00)
1497402670[20170614 1:11:10] [notify_web:848]IN(E43|S35|D00)
1497402670[20170614 1:11:10] [notify_web:848]IN(E52|S58|D00)
1497402670[20170614 1:11:10] [notify_web:945]WAN4 Lost<eth1>
1497402670[20170614 1:11:10] [notify_web:1015]ipt_mgmt_rule_set[4]: iface_sel=3, wan4_ifname=
1497402670[20170614 1:11:10] [notify_web:1015]ipt_mgmt_rule_set[4]: iface_sel=1, wan4_ifname=
bash-4.3#
跟正常的情況相比
會發現少了以下的訊息
1497402142[20170614 1:2:22] [termcb_web:1058]IN(1285)
1497402142[20170614 1:2:22] [termcb_web:1089]HTTPS key and cert generated done.
1497402142[20170614 1:2:22] [web_dump:513]===Key file generated done, daemon restart===
1497402142[20170614 1:2:22] [web_dump:559][DMN0]active=1,pid=1284,status=1,flag=0x0,DID0
1497402142[20170614 1:2:22] [web_dump:559][DMN1]active=1,pid=-1,status=0,flag=0x0,DID1
1497402142[20170614 1:2:22] [daemon_restart:703][DID1] remain IP server retry for 6 times.
1497402142[20170614 1:2:22] [gen_key_files:575]IN
1497402142[20170614 1:2:22] [gen_key_files:590]OUT
1497402142[20170614 1:2:22] [create_daemon_conf:602]IN
1497402142[20170614 1:2:22] [create_daemon_conf:613]cmd_buf=>dir=/
1497402142[20170614 1:2:22] [create_daemon_conf:618]cmd_buf=>cgipat=cgi-bin/**
1497402142[20170614 1:2:22] [create_daemon_conf:623]cmd_buf=>chroot
1497402142[20170614 1:2:22] [create_daemon_conf:628]cmd_buf=>user=root
1497402142[20170614 1:2:22] [create_daemon_conf:633]cmd_buf=>max_age=0
1497402142[20170614 1:2:22] [create_daemon_conf:638]cmd_buf=>debug
1497402142[20170614 1:2:22] [create_daemon_conf:645]cmd_buf=>ssl
1497402142[20170614 1:2:22] [create_daemon_conf:650]cmd_buf=>certfile=/etc/icos/ca/cert.pem
1497402142[20170614 1:2:22] [daemon_restart:745][DMN]Lanch=>/usr/sbin/iweb -p 443 -d /www -s
不過只要再多等一下
bash-4.3# cat /home/log/web.log
hw reset default
1497402645[20170614 1:10:45] [notify_web:848]IN(E82|S44|D44)
1497402645[20170614 1:10:45] [notify_web:857]module init
1497402653[20170614 1:10:53] [notify_web:848]IN(E63|S60|D00)
1497402658[20170614 1:10:58] [notify_web:848]IN(E62|S00|D00)
1497402658[20170614 1:10:58] [notify_web:882]boot init done
1497402658[20170614 1:10:58] [web_dump:513]===init config===
1497402658[20170614 1:10:58] [web_dump:523][COM]conn_mgr=1,mod_init_done:1.
1497402658[20170614 1:10:58] [web_dump:551][CFG]mode=both,httpd_port=80,https_port=443,refreshperiod=2,sport=80,intf=lan,secure=all,clienip=0.0.0.0,httpd_access=lan,https_access=lan
1497402658[20170614 1:10:58] [web_dump:559][DMN0]active=1,pid=-1,status=0,flag=0x0,DID0
1497402658[20170614 1:10:58] [web_dump:559][DMN1]active=1,pid=-1,status=0,flag=0x0,DID1
1497402658[20170614 1:10:58] [web_dump:564][RTI]wan4_ifname=,wan6_ifname=.
1497402658[20170614 1:10:58] [notify_web:1015]ipt_mgmt_rule_set[4]: iface_sel=3, wan4_ifname=
1497402658[20170614 1:10:58] [daemon_restart:703][DID0] remain IP server retry for 6 times.
1497402658[20170614 1:10:58] [create_daemon_conf:602]IN
1497402658[20170614 1:10:58] [create_daemon_conf:613]cmd_buf=>dir=/
1497402658[20170614 1:10:58] [create_daemon_conf:618]cmd_buf=>cgipat=cgi-bin/**
1497402658[20170614 1:10:58] [create_daemon_conf:623]cmd_buf=>chroot
1497402658[20170614 1:10:58] [create_daemon_conf:628]cmd_buf=>user=root
1497402658[20170614 1:10:58] [create_daemon_conf:633]cmd_buf=>max_age=0
1497402658[20170614 1:10:58] [create_daemon_conf:638]cmd_buf=>debug
1497402658[20170614 1:10:58] [daemon_restart:745][DMN]Lanch=>/usr/sbin/iweb -p 80 -d /www
1497402658[20170614 1:10:58] [notify_web:1015]ipt_mgmt_rule_set[4]: iface_sel=1, wan4_ifname=
1497402658[20170614 1:10:58] [daemon_restart:703][DID1] remain IP server retry for 6 times.
1497402658[20170614 1:10:58] [gen_key_files:575]IN
1497402658[20170614 1:10:58] [gen_key_files:587]iweb genkey pid = 1298
1497402658[20170614 1:10:58] [gen_key_files:590]OUT
1497402658[20170614 1:10:58] [is_request_start:685][DMN]disabled cause key not ready.
1497402658[20170614 1:10:58] [web_dump:559][DMN0]active=1,pid=1296,status=1,flag=0x0,DID0
1497402658[20170614 1:10:58] [web_dump:559][DMN1]active=1,pid=-1,status=0,flag=0x1,DID1
1497402658[20170614 1:10:58] [web_dump:513]===After daemon restart===
1497402658[20170614 1:10:58] [web_dump:523][COM]conn_mgr=1,mod_init_done:1.
1497402658[20170614 1:10:58] [web_dump:551][CFG]mode=both,httpd_port=80,https_port=443,refreshperiod=2,sport=80,intf=lan,secure=all,clienip=0.0.0.0,httpd_access=lan,https_access=lan
1497402658[20170614 1:10:58] [web_dump:559][DMN0]active=1,pid=1296,status=1,flag=0x0,DID0
1497402658[20170614 1:10:58] [web_dump:559][DMN1]active=1,pid=-1,status=0,flag=0x0,DID1
1497402658[20170614 1:10:58] [web_dump:564][RTI]wan4_ifname=,wan6_ifname=.
1497402659[20170614 1:10:59] [notify_web:848]IN(E50|S59|D00)
1497402664[20170614 1:11:4] [msgcb_web:1177]IN(DID0,pid 1296)
<--
Icos_user_root.session_ttl: 300 sec
Icos_user_root.user: root
Icos_user_root.pass: $1$$2Dg0uARUa9gcTJ9I5/iKb/
Starting iweb on port 80, serving /www
-->
1497402668[20170614 1:11:8] [notify_web:848]IN(E53|S50|D00)
1497402668[20170614 1:11:8] [notify_web:848]IN(E02|S56|D00)
1497402668[20170614 1:11:8] [notify_web:848]IN(E01|S56|D00)
1497402669[20170614 1:11:9] [notify_web:848]IN(E40|S35|D00)
1497402670[20170614 1:11:10] [notify_web:848]IN(E43|S35|D00)
1497402670[20170614 1:11:10] [notify_web:848]IN(E52|S58|D00)
1497402670[20170614 1:11:10] [notify_web:945]WAN4 Lost<eth1>
1497402670[20170614 1:11:10] [notify_web:1015]ipt_mgmt_rule_set[4]: iface_sel=3, wan4_ifname=
1497402670[20170614 1:11:10] [notify_web:1015]ipt_mgmt_rule_set[4]: iface_sel=1, wan4_ifname=
1497402717[20170614 1:11:57] [termcb_web:1058]IN(1298)
1497402717[20170614 1:11:57] [termcb_web:1089]HTTPS key and cert generated done.
1497402717[20170614 1:11:57] [web_dump:513]===Key file generated done, daemon restart===
1497402717[20170614 1:11:57] [web_dump:559][DMN0]active=1,pid=1296,status=1,flag=0x0,DID0
1497402717[20170614 1:11:57] [web_dump:559][DMN1]active=1,pid=-1,status=0,flag=0x0,DID1
1497402717[20170614 1:11:57] [daemon_restart:703][DID1] remain IP server retry for 6 times.
1497402717[20170614 1:11:57] [gen_key_files:575]IN
1497402717[20170614 1:11:57] [gen_key_files:590]OUT
1497402717[20170614 1:11:57] [create_daemon_conf:602]IN
1497402717[20170614 1:11:57] [create_daemon_conf:613]cmd_buf=>dir=/
1497402717[20170614 1:11:57] [create_daemon_conf:618]cmd_buf=>cgipat=cgi-bin/**
1497402717[20170614 1:11:57] [create_daemon_conf:623]cmd_buf=>chroot
1497402717[20170614 1:11:57] [create_daemon_conf:628]cmd_buf=>user=root
1497402717[20170614 1:11:57] [create_daemon_conf:633]cmd_buf=>max_age=0
1497402717[20170614 1:11:57] [create_daemon_conf:638]cmd_buf=>debug
1497402717[20170614 1:11:57] [create_daemon_conf:645]cmd_buf=>ssl
1497402717[20170614 1:11:57] [create_daemon_conf:650]cmd_buf=>certfile=/etc/icos/ca/cert.pem
1497402717[20170614 1:11:57] [daemon_restart:745][DMN]Lanch=>/usr/sbin/iweb -p 443 -d /www -s
1497402718[20170614 1:11:58] [msgcb_web:1177]IN(DID1,pid 3944)
<--
Icos_user_root.session_ttl: 300 sec
-->
1497402718[20170614 1:11:58] [msgcb_web:1177]IN(DID1,pid 3944)
<--
Icos_user_root.user: root
Icos_user_root.pass: $1$$2Dg0uARUa9gcTJ9I5/iKb/
Starting SSL iweb on port 443, cert from /etc/icos/web/iweb_cert.pem, key from /etc/icos/web/iweb_key.pem, serving /www
-->
bash-4.3#
就會發現 1497402717[20170614 1:11:57] [termcb_web:1058]IN(1298)
解析一下 web.log 順便簡化一下要留下來分析的訊息
bash-4.3# cat /home/log/web.log
hw reset default
...
1497402658[20170614 1:10:58] [gen_key_files:575]IN
1497402658[20170614 1:10:58] [gen_key_files:587]iweb genkey pid = 1298
1497402658[20170614 1:10:58] [gen_key_files:590]OUT
...
1497402717[20170614 1:11:57] [termcb_web:1058]IN(1298)
1497402717[20170614 1:11:57] [termcb_web:1089]HTTPS key and cert generated done.
...
1497402717[20170614 1:11:57] [daemon_restart:745][DMN]Lanch=>/usr/sbin/iweb -p 443 -d /www -s
...
聽 morris 說 降頻 旺宏 2 號
零下 30 度 開機 也要開個幾次才成功
為了拉大樣本數
morris 拿了兩片 M300 CPU Board 給我
- 降頻 旺宏 3 號
- 降頻 華邦 1 號
燒錄 feature branch low-temperature-boot-up 的 firmware 進去
拿還給 morris
繼續分析 iweb HTTPS 沒起來的問題
目前都採取 長按壓 reset 鈕觸發 reset default 的方式觀察 iweb 的初始化行為
測試 01 - genkey 耗時 29 秒
...
1497403247[20170614 1:20:47] [gen_key_files:575]IN
1497403247[20170614 1:20:47] [gen_key_files:587]iweb genkey pid = 1337
1497403247[20170614 1:20:47] [gen_key_files:590]OUT
...
1497403276[20170614 1:21:16] [termcb_web:1058]IN(1337)
1497403276[20170614 1:21:16] [termcb_web:1089]HTTPS key and cert generated done.
...
測試 02 - genkey 耗時 50 秒
...
1497403567[20170614 1:26:7] [gen_key_files:575]IN
1497403567[20170614 1:26:7] [gen_key_files:587]iweb genkey pid = 1290
1497403567[20170614 1:26:7] [gen_key_files:590]OUT
...
1497403617[20170614 1:26:57] [termcb_web:1058]IN(1290)
1497403617[20170614 1:26:57] [termcb_web:1089]HTTPS key and cert generated done.
...
測試 03 - genkey 耗時 53 秒
...
1497403859[20170614 1:30:59] [gen_key_files:575]IN
1497403859[20170614 1:30:59] [gen_key_files:587]iweb genkey pid = 1298
1497403859[20170614 1:30:59] [gen_key_files:590]OUT
...
1497403912[20170614 1:31:52] [termcb_web:1058]IN(1298)
1497403912[20170614 1:31:52] [termcb_web:1089]HTTPS key and cert generated done.
...
測試 04 - genkey 耗時 18 秒
...
1497404106[20170614 1:35:6] [gen_key_files:575]IN
1497404106[20170614 1:35:6] [gen_key_files:587]iweb genkey pid = 1306
1497404106[20170614 1:35:6] [gen_key_files:590]OUT
...
1497404124[20170614 1:35:24] [termcb_web:1058]IN(1306)
1497404124[20170614 1:35:24] [termcb_web:1089]HTTPS key and cert generated done.
...
測試 05 - genkey 耗時 23 秒
...
1497404472[20170614 1:41:12] [gen_key_files:575]IN
1497404472[20170614 1:41:12] [gen_key_files:587]iweb genkey pid = 1429
1497404472[20170614 1:41:12] [gen_key_files:590]OUT
...
1497404495[20170614 1:41:35] [termcb_web:1058]IN(1429)
1497404495[20170614 1:41:35] [termcb_web:1089]HTTPS key and cert generated done.
...
monkeyjj time
DQA 寄來了 log 讓我分析為何 iweb HTTPS 沒起來
目前發現 DQA 的 log 只要出現下面的 CFG
1497347604[20170613 9:53:24] [web_dump:551][CFG]mode=httpd,httpd_port=80,https_port=443,refreshperiod=2,sport=80,intf=all,secure=all,clienip=0.0.0.0,httpd_access=lan,https_access=lan
iweb HTTPS 便不會啟動
其實就是因為 mode=httpd 的關係
正常的話 mode 會等於 both 才對
1497401343[20170614 0:49:3] [web_dump:551][CFG]mode=both,httpd_port=80,https_port=443,refreshperiod=2,sport=80,intf=lan,secure=all,clienip=0.0.0.0,httpd_access=lan,https_access=lan
實際到 DQA 走一趟
發現該 M300 竟然在 /etc/icos/web/ 目錄下發現了 webcfg.ini
而且 mode 竟然是 httpd
bash-4.3# cat webcfg.ini
mode=httpd
httpd_port=80
intf=all
secure=all
bash-4.3#
這跟 /home/factory/icos/web/webcfg.ini 的內容是一樣的
bash-4.3# cat /home/factory/icos/web/webcfg.ini
mode=httpd
httpd_port=80
intf=all
secure=all
bash-4.3#
不過我們目前根本不會使用到 /home/factory/icos/web/webcfg.ini 這個 file
那為什麼 DQA 手上的 M300 會有 /etc/icos/web/webcfg.ini 呢
如果不去管問題的來源的話
其實只要修改 webcfg.c/InitWeb() 即可
6..7c068d5 100644
--- a/proscend/prosrc/icos/icoslib/web/webcfg.c
+++ b/proscend/prosrc/icos/icoslib/web/webcfg.c
@@ -373,7 +373,7 @@ static int InitWeb(char *pCfgStr)
}
LoadDefault(pCfg);
- SysParsorTextFile(WEB_ETC_CFG_FILE, WebCallBack, pCfg,sizeof(*pCfg));
+ //SysParsorTextFile(WEB_ETC_CFG_FILE, WebCallBack, pCfg,sizeof(*pCfg));
InitWebIptables(pCfg); //Keep web only,John20161107
if (ApplyWebSetting(OPFLAG_APPLY_WEB_WWW, 0, pCfg,sizeof(*pCfg) ) == ICOS_FAILURE)
{剛剛和 john 聊的時候他說他實作的 configuration backup 在 icos_backup_restore.c / ICOS_cfg_backup()
/*
Function :ICOS_cfg_backup
Description :Backup icos file by copying factory icos first then etc icos.
After copied done, remove files with extension not belong to ini and json.
Then pack it by xor.
backup_file_path: The return backup file path.
xor_enable : Perform exclusive or on backup file with MCSVTAG(MODEL_ID M300,plus BRAND_ID 44)
When applied with xor, restore must apply xor too.
Return :0 for success,-1 for fail
*/
int ICOS_cfg_backup(const char *backup_file_path,int xor_enable)
{
char **file_ext=&gBackupFileExt;
char *backup_file_ptr;
char path_buf[256]= {0};
char backup_base_dir[256]= {0};
char backup_icos_dir[256]= {0};
char cmd_buf[256]= {0};
int len,i;
#ifndef DEBUG
xor_enable=1;
#endif
BAC_INFO("IN(%d)\n",xor_enable);
if(NULL==backup_file_path || 0==strlen(backup_file_path))
{
BAC_ERR("Null backup file path\n");
return -1;
}
backup_file_ptr=backup_file_path;
//Got absolute path if not
if(strncmp(backup_file_path,"/",1))
{
char cur_path_buf[256]= {0};
if(NULL==getcwd(cur_path_buf,sizeof(cur_path_buf)))
{
BAC_ERR("Fail to get current path.\n");
return -1;
}
snprintf(path_buf,sizeof(path_buf),"%s/%s",cur_path_buf,backup_file_path);
backup_file_ptr=path_buf;
}
BAC_INFO("Backup file=%s\n",backup_file_ptr);
snprintf(backup_base_dir,sizeof(backup_base_dir),"%s%ld",ICOS_BACKUP_BASE_DIR,time(0));
BAC_INFO("Backup base dir=%s\n",backup_base_dir);
snprintf(backup_icos_dir,sizeof(backup_icos_dir),"%s/%s/icos",backup_base_dir,BACKUP_DIR_NAME);
BAC_INFO("Backup icos dir=%s\n",backup_icos_dir);
//Created /tmp/.backupcfgxxxxxx/backup/icos directory
snprintf(cmd_buf,sizeof(cmd_buf),"mkdir -p %s",backup_icos_dir);
BAC_INFO("Cmd=>%s\n",cmd_buf);
system(cmd_buf);
//Copied from /home/factory/icos to /tmp/.backupcfgxxxxxx/backup/icos directory
snprintf(cmd_buf,sizeof(cmd_buf),"cp -af %s/* %s",ICOS_BACKUP_FAC_ICOS_DIR,backup_icos_dir);
BAC_INFO("Cmd=>%s\n",cmd_buf);
system(cmd_buf);
//Copied from /etc/icos to /tmp/.backupcfgxxxxxx/backup/icos directory
snprintf(cmd_buf,sizeof(cmd_buf),"cp -af %s/* %s",ICOS_BACKUP_ETC_ICOS_DIR,backup_icos_dir);
BAC_INFO("Cmd=>%s\n",cmd_buf);
system(cmd_buf);
//Excluded non specific extension file.
//find /tmp/.backupcfgxxxxxx/backup/icos ! -type d ! -name *.ini ! -name *.json | xargs rm -rf
snprintf(cmd_buf,sizeof(cmd_buf),"find %s ! -type d ",backup_icos_dir);
for(i=0; *file_ext; i++,file_ext++)
{
len=strlen(cmd_buf);
snprintf(&cmd_buf[len],sizeof(cmd_buf)-len,"! -name *.%s ",*file_ext);
}
len=strlen(cmd_buf);
snprintf(&cmd_buf[len],sizeof(cmd_buf)-len,"| xargs rm -rf");
BAC_INFO("Cmd=>%s\n",cmd_buf);
system(cmd_buf);
//cd /tmp/.backupcfgxxxxxx; tar zcf /xxx/xxx/mybackupfile.tgz backup
snprintf(cmd_buf,sizeof(cmd_buf),"cd %s;tar zcf %s %s",backup_base_dir,backup_file_ptr,BACKUP_DIR_NAME);
BAC_INFO("Cmd=>%s\n",cmd_buf);
system(cmd_buf);
snprintf(cmd_buf,sizeof(cmd_buf),"rm -rf %s",backup_base_dir);
BAC_INFO("Cmd=>%s\n",cmd_buf);
system(cmd_buf);
if(xor_enable)
{
BAC_INFO("MCSVTAG=>%s\n",ICOS_MCSVTAG());
CliXorFile(backup_file_ptr);
}
BAC_INFO("OUT\n");
return 0;
}發現熱心的 john 在 configuration backup 的時候
把 /home/factory/icos/web/webcfg.ini 放到 /tmp/.backupcfgxxxxxx/backup/icos/web/webcfg.ini 去了
那只要一做 restore 的話便會把 backup/icos/web/webcfg.ini 放回 M300 的 /etc/icos/web/webcfg.ini 去
這就是原因阿...
那解法就簡單了...
刪掉 /home/factory/icos/web/webcfg.ini 即可
切回 branch develop
commit eaf26debf61363a89e86bea2af64334e9a1dcbb4
Author: jeffrey <[email protected]>
Date: Wed Jun 14 14:47:05 2017 +0800
Remove the factory configuraion file for 'web' module
- Solve issue - 0000431: [https] PC in WAN side, PC using https link to M300 fail
diff --git a/proscend/base_fs/default/rootfs/home/factory/icos/web/webcfg.ini b/proscend/base_fs/default/rootfs/home/factory/icos/web/webcfg.ini
deleted file mode 100644
index f67af99..0000000
--- a/proscend/base_fs/default/rootfs/home/factory/icos/web/webcfg.ini
+++ /dev/null
@@ -1,4 +0,0 @@
-mode=httpd
-httpd_port=80
-intf=all
-secure=all不過錯誤既然已經產生了...
該拿之前包含 backup/icos/web/webcfg.ini 的 configuration file 怎麼辦呢
commit bc07eff0b41fdd9aee3bb147fab9b8dae936bc4f
Author: jeffrey <[email protected]>
Date: Wed Jun 14 14:54:18 2017 +0800
Remove 'SysParsorTextFile()' from 'InitWeb()'
- Solve issue - 0000431: [https] PC in WAN side, PC using https link to M300 fail
- prevent the older configuration file which consis of `backup/icos/web/webcfg.ini`
diff --git a/proscend/prosrc/icos/icoslib/web/webcfg.c b/proscend/prosrc/icos/icoslib/web/webcfg.c
index 7aafec6..27b4b1f 100644
--- a/proscend/prosrc/icos/icoslib/web/webcfg.c
+++ b/proscend/prosrc/icos/icoslib/web/webcfg.c
@@ -373,7 +373,6 @@ static int InitWeb(char *pCfgStr)
}
LoadDefault(pCfg);
- SysParsorTextFile(WEB_ETC_CFG_FILE, WebCallBack, pCfg,sizeof(*pCfg));
InitWebIptables(pCfg); //Keep web only,John20161107
if (ApplyWebSetting(OPFLAG_APPLY_WEB_WWW, 0, pCfg,sizeof(*pCfg) ) == ICOS_FAILURE)
{打完收工
monkeyjj time