Linux keeps freezing on UFW BLOCK

Linux and Unix-Like Linux
1

Hi everyone,

I have had trouble getting several versions of Linux stable on my machine over the last few months.
I do not think the issue is with the machine. Windows ran fine on it for a long time.
The current issue is that whenever I lock the screen then come back after a long time I find it frozen.
Using ctrl-alt function keys does not work.
watchdog was running on my latest Linux install. It did catch a softlockup. It did catch something with the networking. Most likely watchdog was configured to halt the system. I then disabled watchdog by putting the following entry in sysctl.conf:

kernel.nmi_watchdog=0

After reboot, I did notice that there were watchdog processes still running:

root        13     2  0 19:56 ?        00:00:00 [watchdog/0]
root        16     2  0 19:56 ?        00:00:00 [watchdog/1]
root        22     2  0 19:56 ?        00:00:00 [watchdog/2]
root        28     2  0 19:56 ?        00:00:00 [watchdog/3]
root        34     2  0 19:56 ?        00:00:00 [watchdog/4]
root        40     2  0 19:56 ?        00:00:00 [watchdog/5]
root        46     2  0 19:56 ?        00:00:00 [watchdog/6]
root        52     2  0 19:56 ?        00:00:00 [watchdog/7]
root        58     2  0 19:56 ?        00:00:00 [watchdog/8]
root        64     2  0 19:56 ?        00:00:00 [watchdog/9]
root        70     2  0 19:56 ?        00:00:00 [watchdog/10]
root        76     2  0 19:56 ?        00:00:00 [watchdog/11]
root        82     2  0 19:56 ?        00:00:00 [watchdog/12]
root        88     2  0 19:56 ?        00:00:00 [watchdog/13]
root        94     2  0 19:56 ?        00:00:00 [watchdog/14]
root       100     2  0 19:56 ?        00:00:00 [watchdog/15]
root       127     2  0 19:56 ?        00:00:00 [watchdogd]
root     11202  3313  0 22:07 pts/0    00:00:00 grep --color=auto watchdog

Everything was running fine for a few days. Today the system froze. There are tons of lines in journalctl and the kern.log like this just before I forcibly rebooted.

Gaming-3 kernel: [10847.185615] [UFW BLOCK] IN=wlx74dada970518 OUT= MAC=01:00:5e:00:00:01:44:e9:dd:4d:5f:2c:08:00 SRC=192.168.2.1 DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=0 DF PROTO=2

I am on a home network but there are several WIFI networks running. My parents have a home office. The network guy setup a reasonably sophisticated setup. The 192.x IP is my machines gateway. I have no idea what 224.0..0.1 is. I assume something on the network is trying to reach a device through my wireless adapter. Maybe a ping?
I just have the default rules in ufw enabled: Deny ALL incoming Allow ALL outgoing.
If I turn UFW off, disable it, my system has not frozen yet.

Turning off logging does not work. I am not surprised. Logging would just eat up disk space not freeze the kernel.

I think the problem is that either watchdog was not disabled or UFW needs to be configured properly. I disabled UFW last night yet it still seems to be running this morning. The system locked up. The last lines in kern.log are a little different though. The source and destination IP's are different. How can I stop UFW from running?

Mar 25 21:19:58 -AB350-Gaming-3 kernel: [ 5011.827670] [UFW BLOCK] IN=wlx74dada970518 OUT= MAC=01:00:5e:00:00:fb:44:e9:dd:4d:5f:32:08:00 SRC=192.168.2.1 DST=224.0.0.251 LEN=28 TOS=0x00 PREC=0x00 TTL=1 ID=17
641 DF PROTO=2 
Mar 25 21:19:58 -AB350-Gaming-3 kernel: [ 5012.749595] [UFW BLOCK] IN=wlx74dada970518 OUT= MAC=01:00:5e:00:00:fb:54:99:63:c9:a5:01:08:00 SRC=192.168.2.166 DST=224.0.0.251 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=
54661 PROTO=2 
Mar 25 21:20:11 -AB350-Gaming-3 kernel: [ 5025.241280] [UFW BLOCK] IN=wlx74dada970518 OUT= MAC=01:00:5e:00:00:01:44:e9:dd:4d:5f:2c:08:00 SRC=192.168.2.1 DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=0 DF
 PROTO=2 
Mar 25 21:20:50 -AB350-Gaming-3 kernel: [ 5064.255654] [UFW BLOCK] IN=wlx74dada970518 OUT= MAC=01:00:5e:00:00:01:44:e9:dd:4d:5f:2c:08:00 SRC=192.168.2.1 DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=0 DF
 PROTO=2 
Mar 25 21:21:30 -AB350-Gaming-3 kernel: [ 5104.294042] [UFW BLOCK] IN=wlx74dada970518 OUT= MAC=01:00:5e:00:00:01:44:e9:dd:4d:5f:2c:08:00 SRC=192.168.2.1 DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=0 DF
 PROTO=2 
Mar 25 21:21:59 -AB350-Gaming-3 kernel: [ 5133.733538] [UFW BLOCK] IN=wlx74dada970518 OUT= MAC=74:da:da:97:05:18:44:e9:dd:4d:5f:32:08:00 SRC=198.252.206.25 DST=192.168.2.196 LEN=113 TOS=0x08 PREC=0x00 TTL=5
2 ID=1095 DF PROTO=TCP SPT=443 DPT=37790 WINDOW=62 RES=0x00 ACK PSH URGP=0 
Mar 25 21:22:00 -AB350-Gaming-3 kernel: [ 5133.884016] [UFW BLOCK] IN=wlx74dada970518 OUT= MAC=74:da:da:97:05:18:44:e9:dd:4d:5f:32:08:00 SRC=198.252.206.25 DST=192.168.2.196 LEN=113 TOS=0x08 PREC=0x00 TTL=5
2 ID=1096 DF PROTO=TCP SPT=443 DPT=37790 WINDOW=62 RES=0x00 ACK PSH URGP=0 
Mar 25 21:22:00 -AB350-Gaming-3 kernel: [ 5134.126893] [UFW BLOCK] IN=wlx74dada970518 OUT= MAC=74:da:da:97:05:18:44:e9:dd:4d:5f:32:08:00 SRC=198.252.206.25 DST=192.168.2.196 LEN=113 TOS=0x08 PREC=0x00 TTL=5
2 ID=1097 DF PROTO=TCP SPT=443 DPT=37790 WINDOW=62 RES=0x00 ACK PSH URGP=0 
Mar 25 21:22:00 -AB350-Gaming-3 kernel: [ 5134.729285] [UFW BLOCK] IN=wlx74dada970518 OUT= MAC=74:da:da:97:05:18:44:e9:dd:4d:5f:32:08:00 SRC=198.252.206.25 DST=192.168.2.196 LEN=113 TOS=0x08 PREC=0x00 TTL=5
2 ID=1098 DF PROTO=TCP SPT=443 DPT=37790 WINDOW=62 RES=0x00 ACK PSH URGP=0 
Mar 25 21:22:01 -AB350-Gaming-3 kernel: [ 5135.321988] [UFW BLOCK] IN=wlx74dada970518 OUT= MAC=74:da:da:97:05:18:44:e9:dd:4d:5f:32:08:00 SRC=35.160.99.21 DST=192.168.2.196 LEN=83 TOS=0x00 PREC=0x00 TTL=227 
ID=5087 DF PROTO=TCP SPT=443 DPT=52118 WINDOW=118 RES=0x00 ACK PSH URGP=0 
Mar 25 21:22:01 -AB350-Gaming-3 kernel: [ 5135.630049] [UFW BLOCK] IN=wlx74dada970518 OUT= MAC=74:da:da:97:05:18:44:e9:dd:4d:5f:32:08:00 SRC=198.252.206.25 DST=192.168.2.196 LEN=113 TOS=0x08 PREC=0x00 TTL=5
2 ID=1099 DF PROTO=TCP SPT=443 DPT=37790 WINDOW=62 RES=0x00 ACK PSH URGP=0 
Mar 25 21:22:01 -AB350-Gaming-3 kernel: [ 5135.630677] [UFW BLOCK] IN=wlx74dada970518 OUT= MAC=74:da:da:97:05:18:44:e9:dd:4d:5f:32:08:00 SRC=35.160.99.21 DST=192.168.2.196 LEN=83 TOS=0x00 PREC=0x00 TTL=227 
ID=5088 DF PROTO=TCP SPT=443 DPT=52118 WINDOW=118 RES=0x00 ACK PSH URGP=0 
Mar 25 21:22:02 -AB350-Gaming-3 kernel: [ 5136.009273] [UFW BLOCK] IN=wlx74dada970518 OUT= MAC=74:da:da:97:05:18:44:e9:dd:4d:5f:32:08:00 SRC=35.160.99.21 DST=192.168.2.196 LEN=83 TOS=0x00 PREC=0x00 TTL=227 
ID=5089 DF PROTO=TCP SPT=443 DPT=52118 WINDOW=118 RES=0x00 ACK PSH URGP=0 
Mar 25 21:22:03 -AB350-Gaming-3 kernel: [ 5136.769047] [UFW BLOCK] IN=wlx74dada970518 OUT= MAC=74:da:da:97:05:18:44:e9:dd:4d:5f:32:08:00 SRC=35.160.99.21 DST=192.168.2.196 LEN=83 TOS=0x00 PREC=0x00 TTL=227 
ID=5090 DF PROTO=TCP SPT=443 DPT=52118 WINDOW=118 RES=0x00 ACK PSH URGP=0 
Mar 25 21:22:03 -AB350-Gaming-3 kernel: [ 5137.575243] [UFW BLOCK] IN=wlx74dada970518 OUT= MAC=74:da:da:97:05:18:44:e9:dd:4d:5f:32:08:00 SRC=198.252.206.25 DST=192.168.2.196 LEN=113 TOS=0x08 PREC=0x00 TTL=5
2 ID=1100 DF PROTO=TCP SPT=443 DPT=37790 WINDOW=62 RES=0x00 ACK PSH URGP=0 
Mar 25 21:22:31 -AB350-Gaming-3 kernel: [ 5164.817546] [UFW BLOCK] IN=wlx74dada970518 OUT= MAC=74:da:da:97:05:18:44:e9:dd:4d:5f:32:08:00 SRC=198.252.206.25 DST=192.168.2.196 LEN=113 TOS=0x08 PREC=0x00 TTL=5
2 ID=1103 DF PROTO=TCP SPT=443 DPT=37790 WINDOW=62 RES=0x00 ACK PSH URGP=0 
Mar 25 21:22:49 -AB350-Gaming-3 kernel: [ 5183.346821] [UFW BLOCK] IN=wlx74dada970518 OUT= MAC=01:00:5e:00:00:01:44:e9:dd:4d:5f:2c:08:00 SRC=192.168.2.1 DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=0 DF
 PROTO=2 
Mar 25 21:23:02 -AB350-Gaming-3 kernel: [ 5196.046355] [UFW BLOCK] IN=wlx74dada970518 OUT= MAC=74:da:da:97:05:18:44:e9:dd:4d:5f:32:08:00 SRC=198.252.206.25 DST=192.168.2.196 LEN=113 TOS=0x08 PREC=0x00 TTL=5
2 ID=1104 DF PROTO=TCP SPT=443 DPT=37790 WINDOW=62 RES=0x00 ACK PSH URGP=0

Any advice on this issue would be appreciated.

2

... the details of your Linux system are... exactly what?

3

There are a ton (and then some) different screen locks. Which one exactly do you use? If it is simple xlock it is probably something entirely different then what it might be with one of the "modern" contraptions that use seventeen different pseudo-connections through loopback and whatnot to achieve the same. So, which one do you use and how is it configured?

If you are on a home network i'd like to know what you exactly need a (host-based!) firewall for. Set aside the fact that host-based firewalls are nonsense anyway (and i suggest to set up your WLAN-router to do that instead if you need any at all) the firewall is useless probably as your WLAN-router is (i suppose) operating in NAT mode anyway. 224.0.0.x/8 was Microsofts idea for certain network-based services. I cannot say for sure from two packets but most probably this is some M$$ system discovering uPNP services or something such.

I am not a Linux specialist but to turn off services (like the watchdog and the firewall) you probably need some systemctl command to stop the respective services. You may first stop the service and then mask it so that it won't be started again. My suggestion is to restart the server after editing the services since this will immediately make sure that the server comes up in the way you have planned.

Perhaps so.

After some digging into the systemd introduction found here I'd suggest something like:

systemctl stop ufw.service
systemctl mask ufw.service

but you probably want to check if there are any other services depending on it (i doubt it, but again, i am not a Linux crack), etc..

I hope this helps.

bakunin