UPDATE
Dear all
we moved to the 1.29 and with the right compilation flags to enabling
session-policy-local (—enable-session-policy-local ) we were able to have
iptable updated even if the two application are using the same IP address to go
to internet like the marker is not working properly or the default
configuration is taken for both UID.
Have you got any hints?
Thanks in advance
Gianfranco
—————————————————————————————
$> ifconfig
eth0 Link encap:Ethernet HWaddr 68:b5:99:ed:a2:16
inet addr:192.168.1.100 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::6ab5:99ff:feed:a216/64 Scope:Link
UP BROADCAST RUNNING MULTICAST DYNAMIC MTU:1500 Metric:1
RX packets:7014 errors:0 dropped:0 overruns:0 frame:0
TX packets:2717 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:3200530 (3.2 MB) TX bytes:360096 (360.0 KB)
Interrupt:20 Memory:d7500000-d7520000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:6254 errors:0 dropped:0 overruns:0 frame:0
TX packets:6254 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:556587 (556.5 KB) TX bytes:556587 (556.5 KB)
wlan0 Link encap:Ethernet HWaddr 00:24:d7:6e:6c:38
inet addr:192.168.1.80 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::224:d7ff:fe6e:6c38/64 Scope:Link
UP BROADCAST RUNNING MULTICAST DYNAMIC MTU:1500 Metric:1
RX packets:7476 errors:0 dropped:0 overruns:0 frame:0
TX packets:4223 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:4556480 (4.5 MB) TX bytes:600651 (600.6 KB)
—————————————————————————————
ethsession:
connmanctl> session on
Session /sessions/_1_116/net/connman/connmanctl4383 created
Session Update = {
State = disconnected
Name =
IPv4 = [ ]
IPv6 = [ ]
Interface =
Bearer =
ConnectionType = internet
AllowedBearers = [ ethernet ]
}
----------------------------------------------------------
wifisession:
connmanctl> session on
Session /sessions/_1_117/net/connman/connmanctl4384 created
Session Update = {
State = online
Name = abwifi-low
IPv4 = [ Method=dhcp, Address=192.168.1.80, Netmask=255.255.255.0,
Gateway=192.168.1.1 ]
IPv6 = [ ]
Interface = wlan0
Bearer = wifi
ConnectionType = internet
AllowedBearers = [ wifi ]
}
Session /sessions/_1_117/net/connman/connmanctl4384 connected
connmanctl> services
*AO abwifi-low wifi_0024d76e6c38_6162776966692d6c6f77_managed_psk
*AR Wired ethernet_68b599eda216_cable
connmanctl> session connect
—————————————————————————————
$> ip rule show
0: from all lookup local
0: from all lookup main
0: from all fwmark 0x1 lookup 1
0: from all fwmark 0x100 lookup ISP1
0: from all fwmark 0x101 lookup ISP2
—————————————————————————————
$> route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 wlan0
8.8.4.4 192.168.1.1 255.255.255.255 UGH 0 0 0 wlan0
8.8.4.4 192.168.1.1 255.255.255.255 UGH 0 0 0 eth0
8.8.8.8 192.168.1.1 255.255.255.255 UGH 0 0 0 wlan0
8.8.8.8 192.168.1.1 255.255.255.255 UGH 0 0 0 eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 wlan0
192.168.1.1 0.0.0.0 255.255.255.255 UH 0 0 0 wlan0
192.168.1.1 0.0.0.0 255.255.255.255 UH 0 0 0 eth0
—————————————————————————————
$> iptables -t filter -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
—————————————————————————————
$> iptables -t mangle -L
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
MARK tcp -- anywhere anywhere tcp dpt:http MARK
set 0x64
MARK tcp -- anywhere anywhere tcp dpt:http MARK
set 0x1
Chain INPUT (policy ACCEPT)
target prot opt source destination
connman-INPUT all -- anywhere anywhere
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
connman-OUTPUT all -- anywhere anywhere
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
connman-POSTROUTING all -- anywhere anywhere
Chain connman-INPUT (1 references)
target prot opt source destination
CONNMARK all -- anywhere anywhere CONNMARK restore
Chain connman-OUTPUT (1 references)
target prot opt source destination
MARK all -- anywhere anywhere owner UID match
ethsession MARK set 0x100
MARK all -- anywhere anywhere owner UID match
wifisession MARK set 0x101
Chain connman-POSTROUTING (1 references)
target prot opt source destination
CONNMARK all -- anywhere anywhere CONNMARK save
—————————————————————————————
> On 02 Jul 2015, at 09:20, Patrik Flykt <[email protected]> wrote:
>
>
> Hi,
>
> On Thu, 2015-07-02 at 08:37 +0200, Daniel Wagner wrote:
>> There is a way to still solve your problem. You need to write
>> your own session plugin. Within this plugin you can decided
>> which Services needs to be online and which Session is assigned
>> to that Service.
>
> Yes. Session API is the way to go, and the assumption is that it
> actually should work to some extent. The example policy
> plugins/session_policy_local.c is file-based, if more flexibility is
> needed see the link Daniel sent on how to do it via D-Bus IPC.
>
>>> connmand –version 1.21
>
> It seems that a bunch of Daniel's Session related patches are in 1.23.
> Might be that later problems were solved in 1.23? And a really big bunch
> of changes went into 1.22, so please upgrade and try again.
>
> As the API has been stable throughout all of 1.x you should upgrade to
> latest. There has been a lot of issues fixed that affect stability and
> proper working of the APIs as well.
>
>>> [General]
>>> PreferredTechnologies=wifi,ethernet
>
> This affects only ConnMan service autoconnect order, the intention is
> that Session mode enables needed technologies as new Session users come
> along. So this is strictly only needed should some non-session
> applications need this particular ordering.
>
>>> SingleConnectedTechnology=false
>
> This is by default false so it need not be specified.
>
>>> SessionMode=true
>
> This setting does nothing since version 1.19 and should be omitted.
>
>>> /etc/passwd
>>> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>>> wifisession:x:120:132:wifisession:/home:/bin/bash
>>> ethsession:x:121:133:ethsession:/home:/bin/bash
>>> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
>>> Policy files (in /var/lib/connman/session_policy_local)
>>>
>>> wifisession.policy
>>> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>>> [policy_wifisession]
>>> uid = wifisession
>>> AllowedBearers = wifi
>>> RoamingPolicy = forbidden
>>> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>>>
>>> ethsession.policy
>>> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>>> [policy_ethsession]
>>> uid = ethsession
>>> AllowedBearers = ethernet
>>> RoamingPolicy = forbidden
>>> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>>>
>>> Opened two terminals, connected with the newly created users on each one.
>>
>> This looks all good.
>
> Yes.
>
> I'm not sure RoamingPolicy is implemented, that might confuse things
> (proaby not).
>
>>> Terminal 1: wifisession user output
>>> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>>> wifisession@ $ connmanctl
>>> connmanctl> services
>>> *AO Wired ethernet_68b599eda216_cable
>>> *A HTC Portable Hotspot 61B3
>>> wifi_0024d76e6c38_48544320506f727461626c6520486f7473706f742036314233_managed_psk
>>> connmanctl> agent on
>>> Agent registered
>>> connmanctl> session connect
>>
>> This will trigger the autoconnect algorithm to do the magic. Note
>> it is likely to ignore the session configuration completely. I can't
>> remember the details without looking at the code.
>
> If it'd work correctly, at this point wifi should be enabled due to
> wifisession policy stating AllowedBearers = wifi. Upgrade to latest and
> try again?
>
> HTH,
>
> Patrik
>
>
_______________________________________________
connman mailing list
[email protected]
https://lists.connman.net/mailman/listinfo/connman
