Collecting Diagnostic Information

richb-hanover-priv · January 21, 2025, 1:30pm

A recent post talks about the best way to request diagnostic information from people who are having trouble. Here's the "standard template" that people have been using:

Please connect to your OpenWrt device using ssh and copy the output of the following commands and post it here using the "Preformatted text </> " button:

Remember to redact passwords, MAC addresses and any public IP addresses you may have:
ubus call system board
cat /etc/config/network
cat /etc/config/wireless
cat /etc/config/dhcp
cat /etc/config/firewall

These instructions require a SSH connection (already unfamiliar ground for newcomers) and then copy/pasting the info into the forum, making sure to use code formatting, etc.

I added a comment about a getstats.sh script that issues a "standard set of commands" (easily adjusted) that covers most circumstances. It still requires a SSH connection, but the (one-time) copy/paste is easier...

If the script displayed the "right stuff", my hope was that it could be part of the default OpenWrt build. That way, the newcomer could just SSH in, run the script, and copy/paste the output.

But that now seems silly: why couldn't that facility become part of LuCI?

Good idea? Potential problems? Let's talk about options here... Thanks

flygarn12 · January 21, 2025, 1:48pm

If they even have access to luci to begin with.

Usually serial connection could be used also.

krazeh · January 21, 2025, 1:57pm

I think the idea of a simpler way to get diagnostic information is a good idea. Especially if something can be worked into LuCi to allow similar output to be obtained.

My main concern is that, as it stands, the script provides a lot of information that is generally not needed (or that useful) for the vast majority of troubleshooting queries. While that can obviously be worked around by changing the commands it runs, you do end up with a 'one size fits all' approach to the data request. The alternative is to have parameters passed to the script to determine the output, but that feels the opposite of making the process simpler...

Having said that, if it were in LuCi and there were simple checkboxes to select the required data it might not be too much of an issue.

What would be really useful would be some 'automation' to redact the usual suspects (password, MAC addresses, public IPs etc). While it wouldn't be fool-proof, we know where to (generally) expect that data to be in the config files so can target those.

efahl · January 21, 2025, 5:34pm

@greem has something along these lines in the works...

richb-hanover-priv · January 21, 2025, 7:10pm

Good discussion... Some follow-on thoughts:

Balancing the information requested - I prefer a script that "gets too much" as opposed to going back and forth requesting more... It's painful to say, "Oh, that's not what I expected... Would you also send the output of X?" (The latter also means more work for both parties.)
Also, using a script means that the newcomer doesn't have to get a bunch of arcane commands right - they type a single command and copy/paste the results....
Yes - checkboxes in a LuCI page might work.
Yes - a LuCI page could "know" which credentials to mask
I attach sample output from getstats.sh taken from my OpenWrt One in the Details below. I don't claim that this is the be-all, end-all, but it does separate the various bits of data fairly cleanly, and you can skip over the parts that don't matter in this situation

root@HBTL-OpenOne-Router:/tmp# cat /tmp/openwrtstats.txt
===== getstats.sh at Tue Jan 21 13:51:33 EST 2025 =====
[ cat /etc/banner ]
  _______                     ________        __
 |       |.-----.-----.-----.|  |  |  |.----.|  |_
 |   -   ||  _  |  -__|     ||  |  |  ||   _||   _|
 |_______||   __|_____|__|__||________||__|  |____|
          |__| W I R E L E S S   F R E E D O M
 -----------------------------------------------------
 OpenWrt 24.10.0-rc5, r28304-6dacba30a7
 -----------------------------------------------------


[ date ]
Tue Jan 21 13:51:33 EST 2025


[ cat /etc/openwrt_release ]
DISTRIB_ID='OpenWrt'
DISTRIB_RELEASE='24.10.0-rc5'
DISTRIB_REVISION='r28304-6dacba30a7'
DISTRIB_TARGET='mediatek/filogic'
DISTRIB_ARCH='aarch64_cortex-a53'
DISTRIB_DESCRIPTION='OpenWrt 24.10.0-rc5 r28304-6dacba30a7'
DISTRIB_TAINTS=''


[ uname -a ]
Linux HBTL-OpenOne-Router 6.6.69 #0 SMP Sat Jan  4 21:35:37 2025 aarch64 GNU/Linux


[ uptime ]
 13:51:33 up 8 days, 12:46,  load average: 0.00, 0.00, 0.00


[ top -b | head -n 20 ]
Mem: 126024K used, 885224K free, 500K shrd, 4K buff, 29620K cached
CPU:   0% usr   0% sys   0% nic 100% idle   0% io   0% irq   0% sirq
Load average: 0.00 0.00 0.00 2/106 5263
  PID  PPID USER     STAT   VSZ %VSZ %CPU COMMAND
 1832  1787 network  S     5304   1%   0% /usr/sbin/hostapd -s -g /var/run/hostapd/global
 1831  1788 network  S     5216   1%   0% /usr/sbin/wpa_supplicant -n -s -g /var/run/wpa_supplicant/global
 1409     1 root     S     3960   0%   0% /sbin/rpcd -s /var/run/ubus/ubus.sock -t 30
 2874     1 root     S     3104   0%   0% /usr/sbin/uhttpd -f -h /www -r HBTL-OpenOne-Router -x /cgi-bin -u /ubus -t 60 -T 30 -k 20 -A 1 -n 3 -N 100 -R -p 0.0.0.0:80 -p [::]:80 -C /etc/uhttpd.crt -K /etc/uhttpd.key -s 0.0.0.0:443 -s [::]:443
 3348     1 root     S     2852   0%   0% {umdns} /sbin/ujail -t 5 -n umdns -S /etc/seccomp/umdns.json -u -l -- /usr/sbin/umdns
 3630     1 root     S     2852   0%   0% {ntpd} /sbin/ujail -t 5 -n ntpd -U ntp -G ntp -C /etc/capabilities/ntpd.json -c -u -r /bin/ubus -r /usr/bin/env -r /usr/bin/jshn -r /usr/sbin/ntpd-hotplug -r /usr/share/libubox/jshn.sh -- /usr/sbin/ntpd -n -N -S /usr/sbin/ntpd-hotplug -p 0.openwrt.pool.ntp.org -p 1.openwrt.pool.ntp.org -p 2.openwrt.pool.ntp.org -p 3.openwrt.pool.ntp.org
18421     1 root     S     2852   0%   0% {dnsmasq} /sbin/ujail -t 5 -n dnsmasq -u -l -r /bin/ubus -r /etc/TZ -r /etc/dnsmasq.conf -r /etc/ethers -r /etc/group -r /etc/hosts -r /etc/passwd -w /tmp/dhcp.leases -r /tmp/dnsmasq.cfg01411c.d -r /tmp/hosts -r /tmp/resolv.conf.d -r /usr/bin/jshn -r /usr/lib/dnsmasq/dhcp-script.sh -r /usr/share/dnsmasq/dhcpbogushostname.conf -r /usr/share/dnsmasq/rfc6761.conf -r /usr/share/dnsmasq/trust-anchors.conf
 1788     1 root     S     2852   0%   0% {wpa_supplicant} /sbin/ujail -t 5 -n wpa_supplicant -U network -G network -C /etc/capabilities/wpad.json -c -- /usr/sbin/wpa_supplicant -n -s -g /var/run/wpa_supplicant/global
 1787     1 root     S     2852   0%   0% {hostapd} /sbin/ujail -t 5 -n hostapd -U network -G network -C /etc/capabilities/wpad.json -c -- /usr/sbin/hostapd -s -g /var/run/hostapd/global
 1852     1 root     S     2720   0%   0% /sbin/netifd
    1     0 root     S     2356   0%   0% /sbin/procd
 3366  3348 root     S     2080   0%   0% /usr/sbin/umdns
 1355     1 logd     S     2064   0%   0% /sbin/logd -S 128
 3909     1 root     S     1808   0%   0% {travelmate.sh} /bin/sh /usr/bin/travelmate.sh
18435 18421 dnsmasq  S     1764   0%   0% /usr/sbin/dnsmasq -C /var/etc/dnsmasq.conf.cfg01411c -k -x /var/run/dnsmasq/dnsmasq.cfg01411c.pid
 2047     1 root     S     1680   0%   0% /usr/sbin/odhcpd


[ du -sh / ; du -sh /* ]
53.4M	/
788.5K	/bin
0	/dev
643.0K	/etc
10.7M	/lib
0	/lib64
0	/mnt
4.3M	/overlay
0	/proc
22.3M	/rom
0	/root
0	/run
1.5M	/sbin
0	/sys
132.0K	/tmp
12.1M	/usr
0	/var
997.0K	/www


[ User-installed packages ]
luci
luci-app-sqm
luci-app-travelmate
travelmate
umdns


[ ifconfig ]
br-lan    Link encap:Ethernet  HWaddr 20:05:B6:FF:1F:21
          inet addr:192.168.253.1  Bcast:192.168.253.255  Mask:255.255.255.0
          inet6 addr: fe80::2205:b6ff:feff:1f21/64 Scope:Link
          inet6 addr: fda0:b5a3:103::1/60 Scope:Global
          inet6 addr: fda0:b5a3:103:4::1/62 Scope:Global
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:38512275 errors:0 dropped:736570 overruns:0 frame:0
          TX packets:56603080 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:14912302155 (13.8 GiB)  TX bytes:54858315777 (51.0 GiB)

eth0      Link encap:Ethernet  HWaddr 20:05:B6:FF:1F:20
          inet addr:192.168.1.16  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::2205:b6ff:feff:1f20/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:54987873 errors:0 dropped:24567 overruns:0 frame:0
          TX packets:37282503 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:54782794910 (51.0 GiB)  TX bytes:15176602137 (14.1 GiB)
          Interrupt:78

eth1      Link encap:Ethernet  HWaddr 20:05:B6:FF:1F:21
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:389933758 errors:7 dropped:0 overruns:0 frame:0
          TX packets:900732180 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:371298122181 (345.7 GiB)  TX bytes:820111139887 (763.7 GiB)
          Interrupt:78

ifb4eth0  Link encap:Ethernet  HWaddr EE:DD:B1:B9:BE:BF
          inet6 addr: fe80::ecdd:b1ff:feb9:bebf/64 Scope:Link
          UP BROADCAST RUNNING NOARP  MTU:1500  Metric:1
          RX packets:54935839 errors:0 dropped:0 overruns:0 frame:0
          TX packets:54935839 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:32
          RX bytes:54705029466 (50.9 GiB)  TX bytes:54705029466 (50.9 GiB)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:152994 errors:0 dropped:0 overruns:0 frame:0
          TX packets:152994 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:20347396 (19.4 MiB)  TX bytes:20347396 (19.4 MiB)

phy0-sta0 Link encap:Ethernet  HWaddr 20:05:B6:FF:1F:22
          inet addr:192.168.253.181  Bcast:192.168.253.255  Mask:255.255.255.0
          inet6 addr: fda0:b5a3:103:0:2205:b6ff:feff:1f22/64 Scope:Global
          inet6 addr: fda0:b5a3:103::587/128 Scope:Global
          inet6 addr: fe80::2205:b6ff:feff:1f22/64 Scope:Link
          inet6 addr: fda0:b5a3:103:4:2205:b6ff:feff:1f22/64 Scope:Global
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:2987822 errors:0 dropped:730932 overruns:0 frame:0
          TX packets:89422 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:484408544 (461.9 MiB)  TX bytes:12774434 (12.1 MiB)

phy1-ap0  Link encap:Ethernet  HWaddr 20:05:B6:FF:1F:29
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:867505552 errors:0 dropped:0 overruns:0 frame:0
          TX packets:374514512 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:781836295349 (728.1 GiB)  TX bytes:376409325894 (350.5 GiB)

===== end of getstats.sh =====

totkeks · January 21, 2025, 9:43pm

I think that is a good idea. It doesn't help the people that can't connect to Luci, but at least the ones that can. They open that specific page and it will give them all the information to copy and paste to the forums.

flygarn12 · January 21, 2025, 9:44pm

What is the actual problem?

First of all the users that we must use this on often explain the problem in so diffuse ways and make worthless screenshots from luci to begin with.

Or they don’t get how to include formatted text here in the first place and insert it as normal text in gigantic posts, the formatted text button doesn’t even work anymore since the last forum upgrade.

And luci is useless for faultfinding or even help anyone configuring even the smallest complex setup they want to do.
So they need to learn ssh anyway.

ubus call system board, this is pretty much only used to check if they are obligated for support to begin with or they are trying to sneak in support for non official firmwares or not supported hardware.

richb-hanover-priv · January 21, 2025, 11:00pm

My goal for this exercise is to answer questions efficiently on the forum, by:

Minimizing the pain of writing instructions about how to collect data
Minimizing the multiplicity of steps people must follow to provide that data

There's nothing we can do about vague questions that arrive over the transom. But if we think we understand what might be happening, and want to get corroborating information, it's valuable to have an easy way to request it (and to receive it).

The "standard template" is a compact description of the steps, but it's surprisingly difficult for a newcomer to follow. Not only must they contend with SSH (see below), but they have a bunch of "Don'ts" (passwords, fixed-width fields, etc) that just scare people away.

As for SSH, it is and will always be a crappy way to interact with a computer. Its only saving grace is that it runs on every device. But having SSH is not a reason to avoid providing a better facility. I wrote a lot of background material on the SSH For Newcomers page: I'm painfully aware of all the hurdles and stumbling blocks that aren't even mentioned.

Finally, I give everyone here permission to ignore posts regarding un-official firmware or unsupported hardware. Having an easy reporting facility that gives accurate information about the device/firmware makes it easier to recognize "counterfeits"...

slh · January 21, 2025, 11:50pm

Careful with ps/ top here, passwords (PPPoE and WLAN, probably more (e.g. ddns, if you happen to call ps just while it's trying to update) in advanced setups) easily sneak into the parameters processes are called with and those aren't that easy to filter out reliably.

richb-hanover-priv · January 22, 2025, 12:07am

Excellent advice. I just created that script because it contained much of the info that I had seen requested from time to time.

I would be open to suggestions about a better list of commands. Thanks