[Touch-packages] [Bug 1777125] Re: On boot up NetworkManager runs nm_dispatcher for only 1 of 2 tun interfaces
I can confirm that this issue hasn't happened in over 1 year. Please close? -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ifupdown in Ubuntu. https://bugs.launchpad.net/bugs/1777125 Title: On boot up NetworkManager runs nm_dispatcher for only 1 of 2 tun interfaces Status in ifupdown package in Ubuntu: New Bug description: I have two tun interfaces used with OpenVPN, called tun0 (UDP peer-to- peer VPN) and tun1 (TCP server VPN), and I have a script in /etc/network/if-up.d which I use to add routing table entries when the interface comes up. (FYI The reason for adding routes in an if-up.d script is so I can administer all the policy-based routes in one place.) When I start up OpenVPN for the tun0 interface, the if-up.d scripts run successfully for that interface. And when I start up OpenVPN for the tun1 interface, the if-up.d scripts run successfully for that interface. So I know that everything is configured correctly. BTW The two OpenVPN instances are configured as systemd services called openvpn-server@p2p.service and openvpn-server@server.service, and neither tun0 and tun1 are configured in /etc/network/interfaces. However around 50% of the time when I reboot, the if-up.d scripts are run for only one of the two interfaces (even though both interfaces had started successfully), and it seems random which one. (The other 50% of the time it works properly and runs the if-up.d scripts for both interfaces.) As far as I can tell, it is NetworkManager which is supposed to start nm-dispatcher to run the if-up.d scripts when each tun interface comes up, and it seems that if both interfaces come up at the same time, then it only runs nm-dispatcher for one of them? I've pasted below an extract from my syslog after a reboot, where nm- dispatcher was only run for tun1, not tun0: $ egrep 'NetworkManager|nm-dispatcher' /var/log/syslog Jun 15 20:49:55 maimbo NetworkManager[1015]: [1529052595.6455] NetworkManager (version 1.10.6) is starting... (for the first time) Jun 15 20:49:55 maimbo NetworkManager[1015]: [1529052595.6456] Read config: /etc/NetworkManager/NetworkManager.conf (lib: 10-dns-resolved.conf, no-mac-addr-change.conf) (etc: 10-globally-managed-devices.conf, default-wifi-powersave-on.conf) Jun 15 20:49:55 maimbo NetworkManager[1015]: [1529052595.8380] manager[0x55bf3e4fe050]: monitoring kernel firmware directory '/lib/firmware'. Jun 15 20:49:55 maimbo NetworkManager[1015]: [1529052595.8387] monitoring ifupdown state file '/run/network/ifstate'. Jun 15 20:49:55 maimbo dbus-daemon[860]: [system] Activating via systemd: service name='org.freedesktop.hostname1' unit='dbus-org.freedesktop.hostname1.service' requested by ':1.26' (uid=0 pid=1015 comm="/usr/sbin/NetworkManager --no-daemon " label="unconfined") Jun 15 20:49:58 maimbo NetworkManager[1015]: [1529052598.3561] hostname: hostname: using hostnamed Jun 15 20:49:58 maimbo dbus-daemon[860]: [system] Activating via systemd: service name='org.freedesktop.nm_dispatcher' unit='dbus-org.freedesktop.nm-dispatcher.service' requested by ':1.26' (uid=0 pid=1015 comm="/usr/sbin/NetworkManager --no-daemon " label="unconfined") Jun 15 20:49:58 maimbo NetworkManager[1015]: [1529052598.3562] hostname: hostname changed from (none) to "maimbo" Jun 15 20:49:58 maimbo NetworkManager[1015]: [1529052598.3572] dns-mgr[0x55bf3e51b970]: init: dns=systemd-resolved, rc-manager=symlink, plugin=systemd-resolved Jun 15 20:49:58 maimbo NetworkManager[1015]: [1529052598.3585] manager[0x55bf3e4fe050]: rfkill: WiFi hardware radio set enabled Jun 15 20:49:58 maimbo NetworkManager[1015]: [1529052598.3585] manager[0x55bf3e4fe050]: rfkill: WWAN hardware radio set enabled Jun 15 20:49:59 maimbo NetworkManager[1015]: [1529052599.7231] init! Jun 15 20:49:59 maimbo NetworkManager[1015]: [1529052599.7234] interface-parser: parsing file /etc/network/interfaces Jun 15 20:49:59 maimbo nm-dispatcher: req:1 'hostname': new request (2 scripts) Jun 15 20:49:59 maimbo NetworkManager[1015]: [1529052599.7234] interface-parser: source line includes interfaces file(s) /etc/network/interfaces.d/* Jun 15 20:49:59 maimbo nm-dispatcher: req:1 'hostname': start running ordered scripts... Jun 15 20:49:59 maimbo NetworkManager[1015]: [1529052599.7235] interfaces file /etc/network/interfaces.d/* doesn't exist Jun 15 20:49:59 maimbo NetworkManager[1015]: [1529052599.7236] interface-parser: finished parsing file /etc/network/interfaces Jun 15 20:49:59 maimbo NetworkManager[1015]: [1529052599.7243] guessed connection type (enp3s3) = 802-3-ethernet Jun 15 20:49:59 maimbo NetworkManager[1015]: [1529052599.7244] update_connection_setting_from_if_block: name:enp3s3, type:802-3-ethernet, id:Ifupdown (enp3s3), uuid: 40b6c586-e29c-6c7e-50ee-b622c62bcef9 Jun 15 20:49:59
[Touch-packages] [Bug 1777125] Re: On boot up NetworkManager runs nm_dispatcher for only 1 of 2 tun interfaces
This bug may have been fixed. In the last couple of months I've rebooted at least half a dozen times and it hasn't occurred. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ifupdown in Ubuntu. https://bugs.launchpad.net/bugs/1777125 Title: On boot up NetworkManager runs nm_dispatcher for only 1 of 2 tun interfaces Status in ifupdown package in Ubuntu: New Bug description: I have two tun interfaces used with OpenVPN, called tun0 (UDP peer-to- peer VPN) and tun1 (TCP server VPN), and I have a script in /etc/network/if-up.d which I use to add routing table entries when the interface comes up. (FYI The reason for adding routes in an if-up.d script is so I can administer all the policy-based routes in one place.) When I start up OpenVPN for the tun0 interface, the if-up.d scripts run successfully for that interface. And when I start up OpenVPN for the tun1 interface, the if-up.d scripts run successfully for that interface. So I know that everything is configured correctly. BTW The two OpenVPN instances are configured as systemd services called openvpn-server@p2p.service and openvpn-server@server.service, and neither tun0 and tun1 are configured in /etc/network/interfaces. However around 50% of the time when I reboot, the if-up.d scripts are run for only one of the two interfaces (even though both interfaces had started successfully), and it seems random which one. (The other 50% of the time it works properly and runs the if-up.d scripts for both interfaces.) As far as I can tell, it is NetworkManager which is supposed to start nm-dispatcher to run the if-up.d scripts when each tun interface comes up, and it seems that if both interfaces come up at the same time, then it only runs nm-dispatcher for one of them? I've pasted below an extract from my syslog after a reboot, where nm- dispatcher was only run for tun1, not tun0: $ egrep 'NetworkManager|nm-dispatcher' /var/log/syslog Jun 15 20:49:55 maimbo NetworkManager[1015]: [1529052595.6455] NetworkManager (version 1.10.6) is starting... (for the first time) Jun 15 20:49:55 maimbo NetworkManager[1015]: [1529052595.6456] Read config: /etc/NetworkManager/NetworkManager.conf (lib: 10-dns-resolved.conf, no-mac-addr-change.conf) (etc: 10-globally-managed-devices.conf, default-wifi-powersave-on.conf) Jun 15 20:49:55 maimbo NetworkManager[1015]: [1529052595.8380] manager[0x55bf3e4fe050]: monitoring kernel firmware directory '/lib/firmware'. Jun 15 20:49:55 maimbo NetworkManager[1015]: [1529052595.8387] monitoring ifupdown state file '/run/network/ifstate'. Jun 15 20:49:55 maimbo dbus-daemon[860]: [system] Activating via systemd: service name='org.freedesktop.hostname1' unit='dbus-org.freedesktop.hostname1.service' requested by ':1.26' (uid=0 pid=1015 comm="/usr/sbin/NetworkManager --no-daemon " label="unconfined") Jun 15 20:49:58 maimbo NetworkManager[1015]: [1529052598.3561] hostname: hostname: using hostnamed Jun 15 20:49:58 maimbo dbus-daemon[860]: [system] Activating via systemd: service name='org.freedesktop.nm_dispatcher' unit='dbus-org.freedesktop.nm-dispatcher.service' requested by ':1.26' (uid=0 pid=1015 comm="/usr/sbin/NetworkManager --no-daemon " label="unconfined") Jun 15 20:49:58 maimbo NetworkManager[1015]: [1529052598.3562] hostname: hostname changed from (none) to "maimbo" Jun 15 20:49:58 maimbo NetworkManager[1015]: [1529052598.3572] dns-mgr[0x55bf3e51b970]: init: dns=systemd-resolved, rc-manager=symlink, plugin=systemd-resolved Jun 15 20:49:58 maimbo NetworkManager[1015]: [1529052598.3585] manager[0x55bf3e4fe050]: rfkill: WiFi hardware radio set enabled Jun 15 20:49:58 maimbo NetworkManager[1015]: [1529052598.3585] manager[0x55bf3e4fe050]: rfkill: WWAN hardware radio set enabled Jun 15 20:49:59 maimbo NetworkManager[1015]: [1529052599.7231] init! Jun 15 20:49:59 maimbo NetworkManager[1015]: [1529052599.7234] interface-parser: parsing file /etc/network/interfaces Jun 15 20:49:59 maimbo nm-dispatcher: req:1 'hostname': new request (2 scripts) Jun 15 20:49:59 maimbo NetworkManager[1015]: [1529052599.7234] interface-parser: source line includes interfaces file(s) /etc/network/interfaces.d/* Jun 15 20:49:59 maimbo nm-dispatcher: req:1 'hostname': start running ordered scripts... Jun 15 20:49:59 maimbo NetworkManager[1015]: [1529052599.7235] interfaces file /etc/network/interfaces.d/* doesn't exist Jun 15 20:49:59 maimbo NetworkManager[1015]: [1529052599.7236] interface-parser: finished parsing file /etc/network/interfaces Jun 15 20:49:59 maimbo NetworkManager[1015]: [1529052599.7243] guessed connection type (enp3s3) = 802-3-ethernet Jun 15 20:49:59 maimbo NetworkManager[1015]: [1529052599.7244] update_connection_setting_from_if_block: name:enp3s3, type:802-3-ethernet, id:Ifupdown (enp3s3), uuid:
[Touch-packages] [Bug 1777125] [NEW] On boot up NetworkManager runs nm_dispatcher for only 1 of 2 tun interfaces
Public bug reported: I have two tun interfaces used with OpenVPN, called tun0 (UDP peer-to- peer VPN) and tun1 (TCP server VPN), and I have a script in /etc/network /if-up.d which I use to add routing table entries when the interface comes up. (FYI The reason for adding routes in an if-up.d script is so I can administer all the policy-based routes in one place.) When I start up OpenVPN for the tun0 interface, the if-up.d scripts run successfully for that interface. And when I start up OpenVPN for the tun1 interface, the if-up.d scripts run successfully for that interface. So I know that everything is configured correctly. BTW The two OpenVPN instances are configured as systemd services called openvpn-server@p2p.service and openvpn-server@server.service, and neither tun0 and tun1 are configured in /etc/network/interfaces. However around 50% of the time when I reboot, the if-up.d scripts are run for only one of the two interfaces (even though both interfaces had started successfully), and it seems random which one. (The other 50% of the time it works properly and runs the if-up.d scripts for both interfaces.) As far as I can tell, it is NetworkManager which is supposed to start nm-dispatcher to run the if-up.d scripts when each tun interface comes up, and it seems that if both interfaces come up at the same time, then it only runs nm-dispatcher for one of them? I've pasted below an extract from my syslog after a reboot, where nm- dispatcher was only run for tun1, not tun0: $ egrep 'NetworkManager|nm-dispatcher' /var/log/syslog Jun 15 20:49:55 maimbo NetworkManager[1015]: [1529052595.6455] NetworkManager (version 1.10.6) is starting... (for the first time) Jun 15 20:49:55 maimbo NetworkManager[1015]: [1529052595.6456] Read config: /etc/NetworkManager/NetworkManager.conf (lib: 10-dns-resolved.conf, no-mac-addr-change.conf) (etc: 10-globally-managed-devices.conf, default-wifi-powersave-on.conf) Jun 15 20:49:55 maimbo NetworkManager[1015]: [1529052595.8380] manager[0x55bf3e4fe050]: monitoring kernel firmware directory '/lib/firmware'. Jun 15 20:49:55 maimbo NetworkManager[1015]: [1529052595.8387] monitoring ifupdown state file '/run/network/ifstate'. Jun 15 20:49:55 maimbo dbus-daemon[860]: [system] Activating via systemd: service name='org.freedesktop.hostname1' unit='dbus-org.freedesktop.hostname1.service' requested by ':1.26' (uid=0 pid=1015 comm="/usr/sbin/NetworkManager --no-daemon " label="unconfined") Jun 15 20:49:58 maimbo NetworkManager[1015]: [1529052598.3561] hostname: hostname: using hostnamed Jun 15 20:49:58 maimbo dbus-daemon[860]: [system] Activating via systemd: service name='org.freedesktop.nm_dispatcher' unit='dbus-org.freedesktop.nm-dispatcher.service' requested by ':1.26' (uid=0 pid=1015 comm="/usr/sbin/NetworkManager --no-daemon " label="unconfined") Jun 15 20:49:58 maimbo NetworkManager[1015]: [1529052598.3562] hostname: hostname changed from (none) to "maimbo" Jun 15 20:49:58 maimbo NetworkManager[1015]: [1529052598.3572] dns-mgr[0x55bf3e51b970]: init: dns=systemd-resolved, rc-manager=symlink, plugin=systemd-resolved Jun 15 20:49:58 maimbo NetworkManager[1015]: [1529052598.3585] manager[0x55bf3e4fe050]: rfkill: WiFi hardware radio set enabled Jun 15 20:49:58 maimbo NetworkManager[1015]: [1529052598.3585] manager[0x55bf3e4fe050]: rfkill: WWAN hardware radio set enabled Jun 15 20:49:59 maimbo NetworkManager[1015]: [1529052599.7231] init! Jun 15 20:49:59 maimbo NetworkManager[1015]: [1529052599.7234] interface-parser: parsing file /etc/network/interfaces Jun 15 20:49:59 maimbo nm-dispatcher: req:1 'hostname': new request (2 scripts) Jun 15 20:49:59 maimbo NetworkManager[1015]: [1529052599.7234] interface-parser: source line includes interfaces file(s) /etc/network/interfaces.d/* Jun 15 20:49:59 maimbo nm-dispatcher: req:1 'hostname': start running ordered scripts... Jun 15 20:49:59 maimbo NetworkManager[1015]: [1529052599.7235] interfaces file /etc/network/interfaces.d/* doesn't exist Jun 15 20:49:59 maimbo NetworkManager[1015]: [1529052599.7236] interface-parser: finished parsing file /etc/network/interfaces Jun 15 20:49:59 maimbo NetworkManager[1015]: [1529052599.7243] guessed connection type (enp3s3) = 802-3-ethernet Jun 15 20:49:59 maimbo NetworkManager[1015]: [1529052599.7244] update_connection_setting_from_if_block: name:enp3s3, type:802-3-ethernet, id:Ifupdown (enp3s3), uuid: 40b6c586-e29c-6c7e-50ee-b622c62bcef9 Jun 15 20:49:59 maimbo NetworkManager[1015]: [1529052599.7248] adding enp3s3 to connections Jun 15 20:49:59 maimbo NetworkManager[1015]: [1529052599.7248] adding iface enp3s3 to eni_ifaces Jun 15 20:49:59 maimbo NetworkManager[1015]: [1529052599.7249] deleting enp3s3 from connections Jun 15 20:49:59 maimbo NetworkManager[1015]: [1529052599.7250] guessed connection type (enp3s3) = 802-3-ethernet Jun 15 20:49:59 maimbo NetworkManager[1015]: [1529052599.7250]
[Touch-packages] [Bug 1633698] [NEW] ufw before6.rules adds echo-request and echo-response rules to wrong chain
Public bug reported: The default before6.rules file that is installed with the ufw package contains a copy/paste error. It is apparent that the intention is to add rules for echo-request and echo-response to the following chains: ufw6-before-input ufw6-before-output ufw6-before-forward However there is a copy/paste error and instead of adding the rules to ufw6-before-output, it adds it to ufw6-before-input a second time. The result is that the rules are absent from ufw6-before-output. The file that needs to be fixed in the package is: /usr/share/ufw/iptables/before6.rules Here is what diff -u shows if I compare the original file to the corrected version: --- /usr/share/ufw/iptables/before6.rules 2016-04-15 17:16:29.0 +1200 +++ ufw_fixed_before6.rules 2016-10-15 23:00:57.763041239 +1300 @@ -77,8 +77,8 @@ -A ufw6-before-output -p icmpv6 --icmpv6-type time-exceeded -j ACCEPT # codes 0-2 -A ufw6-before-output -p icmpv6 --icmpv6-type parameter-problem -j ACCEPT --A ufw6-before-input -p icmpv6 --icmpv6-type echo-request -j ACCEPT --A ufw6-before-input -p icmpv6 --icmpv6-type echo-reply -j ACCEPT +-A ufw6-before-output -p icmpv6 --icmpv6-type echo-request -j ACCEPT +-A ufw6-before-output -p icmpv6 --icmpv6-type echo-reply -j ACCEPT -A ufw6-before-output -p icmpv6 --icmpv6-type router-solicitation -m hl --hl-eq 255 -j ACCEPT -A ufw6-before-output -p icmpv6 --icmpv6-type neighbor-advertisement -m hl --hl-eq 255 -j ACCEPT -A ufw6-before-output -p icmpv6 --icmpv6-type neighbor-solicitation -m hl --hl-eq 255 -j ACCEPT The impact of this error is minor because the ufw.conf file sets the default outbound policy to accept: DEFAULT_OUTPUT_POLICY="ACCEPT" Of course if anyone changed the default outbound policy then the error would mean that pings made from the server to other machines would be blocked. I will attach the original and my fixed version of before6.rules to this bug report. Thanks for taking the time to look at this issue. Nick. ProblemType: Bug DistroRelease: Ubuntu 16.10 Package: ufw 0.35-2 ProcVersionSignature: Ubuntu 4.8.0-22.24-generic 4.8.0 Uname: Linux 4.8.0-22-generic i686 ApportVersion: 2.20.3-0ubuntu8 Architecture: i386 Date: Sat Oct 15 23:09:04 2016 InstallationDate: Installed on 2016-10-14 (1 days ago) InstallationMedia: Ubuntu-Server 16.10 "Yakkety Yak" - Release i386 (20161012.1) PackageArchitecture: all SourcePackage: ufw UpgradeStatus: No upgrade log present (probably fresh install) ** Affects: ufw (Ubuntu) Importance: Undecided Status: New ** Tags: apport-bug i386 yakkety ** Attachment added: "Original and fixed versions of before6.rules" https://bugs.launchpad.net/bugs/1633698/+attachment/4761441/+files/ufw_original_and_fixed_before6.rules.tar.gz -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ufw in Ubuntu. https://bugs.launchpad.net/bugs/1633698 Title: ufw before6.rules adds echo-request and echo-response rules to wrong chain Status in ufw package in Ubuntu: New Bug description: The default before6.rules file that is installed with the ufw package contains a copy/paste error. It is apparent that the intention is to add rules for echo-request and echo-response to the following chains: ufw6-before-input ufw6-before-output ufw6-before-forward However there is a copy/paste error and instead of adding the rules to ufw6-before-output, it adds it to ufw6-before-input a second time. The result is that the rules are absent from ufw6-before-output. The file that needs to be fixed in the package is: /usr/share/ufw/iptables/before6.rules Here is what diff -u shows if I compare the original file to the corrected version: --- /usr/share/ufw/iptables/before6.rules 2016-04-15 17:16:29.0 +1200 +++ ufw_fixed_before6.rules 2016-10-15 23:00:57.763041239 +1300 @@ -77,8 +77,8 @@ -A ufw6-before-output -p icmpv6 --icmpv6-type time-exceeded -j ACCEPT # codes 0-2 -A ufw6-before-output -p icmpv6 --icmpv6-type parameter-problem -j ACCEPT --A ufw6-before-input -p icmpv6 --icmpv6-type echo-request -j ACCEPT --A ufw6-before-input -p icmpv6 --icmpv6-type echo-reply -j ACCEPT +-A ufw6-before-output -p icmpv6 --icmpv6-type echo-request -j ACCEPT +-A ufw6-before-output -p icmpv6 --icmpv6-type echo-reply -j ACCEPT -A ufw6-before-output -p icmpv6 --icmpv6-type router-solicitation -m hl --hl-eq 255 -j ACCEPT -A ufw6-before-output -p icmpv6 --icmpv6-type neighbor-advertisement -m hl --hl-eq 255 -j ACCEPT -A ufw6-before-output -p icmpv6 --icmpv6-type neighbor-solicitation -m hl --hl-eq 255 -j ACCEPT The impact of this error is minor because the ufw.conf file sets the default outbound policy to accept: DEFAULT_OUTPUT_POLICY="ACCEPT" Of course if anyone changed the default outbound policy then the error would mean that pings made from the server to other machines would be blocked. I will attach
