What's new

Strange Logs errors and router crashing with Merlin or Stock firmware

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

PhilG1300

New Around Here
Hello,
I have a RT-AC86U and have been using it for around 6 months with my fibre modem.
I have been running Merlin firmware for a while without problems, but just recently I have been getting strange log messages and crashes & restarts.
For example:-

May 14 08:38:00 kernel: net_ratelimit: 38 callbacks suppressed

May 14 08:38:17 kernel: ^[[0;33;41mBLOG ERROR blog_request :blog_key corruption when deleting flowfor net_p=ffffffc013b78d08
May 14 08:38:17 kernel: ^[[0m

May 14 08:39:36 kernel: net_ratelimit: 36 callbacks suppressed
May 14 08:39:41 kernel: net_ratelimit: 59 callbacks suppressed
May 5 06:05:08 kernel: klogd started: BusyBox v1.24.1 (2021-04-02 04:28:40 CST)
May 5 06:05:08 crashlog: LOG
May 5 06:05:08 crashlog: <6>protocol 0800 is buggy, dev eth5
May 5 06:05:08 crashlog: <6>protocol 0800 is buggy, dev eth5
May 5 06:05:08 crashlog: <6>protocol 0800 is buggy, dev eth5
May 5 06:05:08 crashlog: <6>protocol 0800 is buggy, dev eth5
May 5 06:05:08 kernel: Linux version 4.1.27 (gitserv_asus@tpbuildsvrvu01) (gcc version 5.3.0 (Buildroot 2016.02) ) #2 SMP PREEMPT Fri Apr 2 05:22:18 CST 2021
May 5 06:05:08 kernel: CPU: AArch64 Processor [420f1000] revision 0

I have gone back to stock firmware and the issue is still present.
I have raised an issue with ASUS support, but I think I have found the reason and corrective action.

On one of my machines I am running the LetsEncrypt client for getting free SSL certificate.
I had port forwarding enabled externally on port 80 to the same port on the internal machine, however the machine's port is not listening as it only does this as the point of certificate renewal. I have checked any open ports on that machine from another machine on my internal network.

Since removing the port forwarding on port 80, the error messages and crashes have ceased.

Since the port wasn't actually forwarding to an active port on the internal machine why would this still cause router errors and crashes?

So I was probably trying to be accessed on port 80 from the internet by spammers etc?
So from now on I will only forward port 80 at the time of certificate renewal.
Is there a way round this, can I enable any router features to stop this, e.g. DDOS protection etc., and have the forwarding active all the time as before?
Any advice would be appreciated.

Regards
Phil
 

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top