[Pkg-utopia-maintainers] Bug#833893: network-manager: wifi hot spot w/ dnsmasq conflicts unbound/dns requests

Fulano Diego Perez fulanoperez at cryptolab.net
Wed Aug 10 01:39:16 UTC 2016 


Package: network-manager
Version: 1.2.2-2
Severity: normal


i use unbound as my resolver

when i tried to setup a wifi access point (hot spot) i saw that my other devices couldn't connect to the internet

at the time i had a vpn conn. with its own dns resolver and this was how i wanted the other devices to access the internet (i have a usb mobile broadband modem)

is it possible the have a vpn connected on the machine running the hot spot and have other devices connect to the hot spot and access the vpn?

having a look in journalctl i saw dnsmasq related entries:

local dnsmasq[3502]: ignoring nameserver 10.42.0.1 - local interface

the computer with the hot spot couldn't resolve as well as devices connected to the hot spot

even if imanually changed resolv.conf the dns queries were refused

i then removed dnsmasq - and saw the hot spot requires it, with other iptables rules spawned which also may conflict with my computer (i have default DROP and only whitelist)

please help out...thanks







Aug 10 11:32:18 local avahi-daemon[2358]: Withdrawing address record for 10.42.0.1 on wlxf4f26d11c434.
Aug 10 11:32:18 local avahi-daemon[2358]: Leaving mDNS multicast group on interface wlxf4f26d11c434.IPv4 with address 10.42.0.1.
Aug 10 11:32:18 local avahi-daemon[2358]: Interface wlxf4f26d11c434.IPv4 no longer relevant for mDNS.
Aug 10 11:32:18 local NetworkManager[2384]: <info>  [1470792738.7172] device (wlxf4f26d11c434): supplicant interface state: completed -> disconnected
Aug 10 11:32:37 local sudo[10733]: pam_unix(sudo:session): session closed for user root
Aug 10 11:32:39 local sudo[11308]:   fulano : TTY=pts/0 ; PWD=/home/fulano ; USER=root ; COMMAND=/bin/journalctl
Aug 10 11:32:39 local sudo[11308]: pam_unix(sudo:session): session opened for user root by (uid=0)
Aug 10 11:34:01 local sudo[11308]: pam_unix(sudo:session): session closed for user root
Aug 10 11:34:33 local sudo[11918]:   fulano : TTY=pts/0 ; PWD=/home/fulano ; USER=root ; COMMAND=/bin/journalctl -f
Aug 10 11:34:33 local sudo[11918]: pam_unix(sudo:session): session opened for user root by (uid=0)
Aug 10 11:34:40 local NetworkManager[2384]: <info>  [1470792880.2921] device (wlxf4f26d11c434): Activation: starting connection 'Hotspot' (55e423b2-c80c-41ca-a325-b4f8f4b94298)
Aug 10 11:34:40 local NetworkManager[2384]: <info>  [1470792880.2924] audit: op="connection-activate" uuid="55e423b2-c80c-41ca-a325-b4f8f4b94298" name="Hotspot" pid=10294 uid=1000 result="success"
Aug 10 11:34:40 local NetworkManager[2384]: <info>  [1470792880.2927] device (wlxf4f26d11c434): state change: disconnected -> prepare (reason 'none') [30 40 0]
Aug 10 11:34:40 local NetworkManager[2384]: <info>  [1470792880.2969] device (wlxf4f26d11c434): state change: prepare -> config (reason 'none') [40 50 0]
Aug 10 11:34:40 local NetworkManager[2384]: <info>  [1470792880.2973] device (wlxf4f26d11c434): Activation: (wifi) access point 'Hotspot' has security, but secrets are required.
Aug 10 11:34:40 local NetworkManager[2384]: <info>  [1470792880.2973] device (wlxf4f26d11c434): state change: config -> need-auth (reason 'none') [50 60 0]
Aug 10 11:34:40 local NetworkManager[2384]: <info>  [1470792880.3306] device (wlxf4f26d11c434): state change: need-auth -> prepare (reason 'none') [60 40 0]
Aug 10 11:34:40 local NetworkManager[2384]: <info>  [1470792880.3325] device (wlxf4f26d11c434): state change: prepare -> config (reason 'none') [40 50 0]
Aug 10 11:34:40 local NetworkManager[2384]: <info>  [1470792880.3328] device (wlxf4f26d11c434): Activation: (wifi) connection 'Hotspot' has security, and secrets exist.  No new secrets needed.
Aug 10 11:34:40 local NetworkManager[2384]: <info>  [1470792880.3329] Config: added 'ssid' value 'local'
Aug 10 11:34:40 local NetworkManager[2384]: <info>  [1470792880.3329] Config: added 'mode' value '2'
Aug 10 11:34:40 local NetworkManager[2384]: <info>  [1470792880.3329] Config: added 'frequency' value '2412'
Aug 10 11:34:40 local NetworkManager[2384]: <info>  [1470792880.3329] Config: added 'key_mgmt' value 'WPA-PSK'
Aug 10 11:34:40 local NetworkManager[2384]: <info>  [1470792880.3330] Config: added 'psk' value '<omitted>'
Aug 10 11:34:40 local NetworkManager[2384]: <info>  [1470792880.3330] Config: added 'proto' value 'RSN'
Aug 10 11:34:40 local NetworkManager[2384]: <info>  [1470792880.3330] Config: added 'pairwise' value 'CCMP'
Aug 10 11:34:40 local NetworkManager[2384]: <info>  [1470792880.3330] Config: added 'group' value 'CCMP'
Aug 10 11:34:40 local NetworkManager[2384]: <info>  [1470792880.3449] sup-iface[0xfe1430,wlxf4f26d11c434]: config: set interface ap_scan to 2
Aug 10 11:34:40 local kernel: IPv6: ADDRCONF(NETDEV_UP): wlxf4f26d11c434: link is not ready
Aug 10 11:34:40 local wpa_supplicant[2970]: Using interface wlxf4f26d11c434 with hwaddr f4:f2:6d:11:c4:34 and ssid "local"
Aug 10 11:34:40 local kernel: IPv6: ADDRCONF(NETDEV_CHANGE): wlxf4f26d11c434: link becomes ready
Aug 10 11:34:40 local wpa_supplicant[2970]: wlxf4f26d11c434: interface state UNINITIALIZED->ENABLED
Aug 10 11:34:40 local wpa_supplicant[2970]: wlxf4f26d11c434: AP-ENABLED
Aug 10 11:34:40 local wpa_supplicant[2970]: wlxf4f26d11c434: CTRL-EVENT-CONNECTED - Connection to f4:f2:6d:11:c4:34 completed [id=0 id_str=]
Aug 10 11:34:40 local NetworkManager[2384]: <info>  [1470792880.8220] device (wlxf4f26d11c434): supplicant interface state: disconnected -> completed
Aug 10 11:34:40 local NetworkManager[2384]: <info>  [1470792880.8221] device (wlxf4f26d11c434): Activation: (wifi) Stage 2 of 5 (Device Configure) successful.  Started Wi-Fi Hotspot 'local'.
Aug 10 11:34:40 local NetworkManager[2384]: <info>  [1470792880.8222] device (wlxf4f26d11c434): state change: config -> ip-config (reason 'none') [50 70 0]
Aug 10 11:34:40 local avahi-daemon[2358]: Joining mDNS multicast group on interface wlxf4f26d11c434.IPv4 with address 10.42.0.1.
Aug 10 11:34:40 local avahi-daemon[2358]: New relevant interface wlxf4f26d11c434.IPv4 for mDNS.
Aug 10 11:34:40 local avahi-daemon[2358]: Registering new address record for 10.42.0.1 on wlxf4f26d11c434.IPv4.
Aug 10 11:34:40 local NetworkManager[2384]: <info>  [1470792880.8468] Executing: /sbin/iptables --table filter --insert INPUT --in-interface wlxf4f26d11c434 --protocol tcp --destination-port 53 --jump ACCEPT
Aug 10 11:34:40 local NetworkManager[2384]: <info>  [1470792880.8500] Executing: /sbin/iptables --table filter --insert INPUT --in-interface wlxf4f26d11c434 --protocol udp --destination-port 53 --jump ACCEPT
Aug 10 11:34:40 local NetworkManager[2384]: <info>  [1470792880.8533] Executing: /sbin/iptables --table filter --insert INPUT --in-interface wlxf4f26d11c434 --protocol tcp --destination-port 67 --jump ACCEPT
Aug 10 11:34:40 local NetworkManager[2384]: <info>  [1470792880.8564] Executing: /sbin/iptables --table filter --insert INPUT --in-interface wlxf4f26d11c434 --protocol udp --destination-port 67 --jump ACCEPT
Aug 10 11:34:40 local NetworkManager[2384]: <info>  [1470792880.8594] Executing: /sbin/iptables --table filter --insert FORWARD --in-interface wlxf4f26d11c434 --jump REJECT
Aug 10 11:34:40 local NetworkManager[2384]: <info>  [1470792880.8621] Executing: /sbin/iptables --table filter --insert FORWARD --out-interface wlxf4f26d11c434 --jump REJECT
Aug 10 11:34:40 local NetworkManager[2384]: <info>  [1470792880.8647] Executing: /sbin/iptables --table filter --insert FORWARD --in-interface wlxf4f26d11c434 --out-interface wlxf4f26d11c434 --jump ACCEPT
Aug 10 11:34:40 local NetworkManager[2384]: <info>  [1470792880.8675] Executing: /sbin/iptables --table filter --insert FORWARD --source 10.42.0.0/255.255.255.0 --in-interface wlxf4f26d11c434 --jump ACCEPT
Aug 10 11:34:40 local NetworkManager[2384]: <info>  [1470792880.8700] Executing: /sbin/iptables --table filter --insert FORWARD --destination 10.42.0.0/255.255.255.0 --out-interface wlxf4f26d11c434 --match state --state ESTABLISHED,RELATED --jump ACCEPT
Aug 10 11:34:40 local NetworkManager[2384]: <info>  [1470792880.8728] Executing: /sbin/iptables --table nat --insert POSTROUTING --source 10.42.0.0/255.255.255.0 ! --destination 10.42.0.0/255.255.255.0 --jump MASQUERADE
Aug 10 11:34:40 local NetworkManager[2384]: <error> [1470792880.8749] device (wlxf4f26d11c434): share: (wlxf4f26d11c434) failed to start dnsmasq: Could not find "dnsmasq" binary
Aug 10 11:34:40 local NetworkManager[2384]: <info>  [1470792880.8750] Executing: /sbin/iptables --table nat --delete POSTROUTING --source 10.42.0.0/255.255.255.0 ! --destination 10.42.0.0/255.255.255.0 --jump MASQUERADE
Aug 10 11:34:40 local NetworkManager[2384]: <info>  [1470792880.8770] Executing: /sbin/iptables --table filter --delete FORWARD --destination 10.42.0.0/255.255.255.0 --out-interface wlxf4f26d11c434 --match state --state ESTABLISHED,RELATED --jump ACCEPT
Aug 10 11:34:40 local NetworkManager[2384]: <info>  [1470792880.8797] Executing: /sbin/iptables --table filter --delete FORWARD --source 10.42.0.0/255.255.255.0 --in-interface wlxf4f26d11c434 --jump ACCEPT
Aug 10 11:34:40 local NetworkManager[2384]: <info>  [1470792880.8823] Executing: /sbin/iptables --table filter --delete FORWARD --in-interface wlxf4f26d11c434 --out-interface wlxf4f26d11c434 --jump ACCEPT
Aug 10 11:34:40 local NetworkManager[2384]: <info>  [1470792880.8847] Executing: /sbin/iptables --table filter --delete FORWARD --out-interface wlxf4f26d11c434 --jump REJECT
Aug 10 11:34:40 local NetworkManager[2384]: <info>  [1470792880.8874] Executing: /sbin/iptables --table filter --delete FORWARD --in-interface wlxf4f26d11c434 --jump REJECT
Aug 10 11:34:40 local NetworkManager[2384]: <info>  [1470792880.8902] Executing: /sbin/iptables --table filter --delete INPUT --in-interface wlxf4f26d11c434 --protocol udp --destination-port 67 --jump ACCEPT
Aug 10 11:34:40 local NetworkManager[2384]: <info>  [1470792880.8933] Executing: /sbin/iptables --table filter --delete INPUT --in-interface wlxf4f26d11c434 --protocol tcp --destination-port 67 --jump ACCEPT
Aug 10 11:34:40 local NetworkManager[2384]: <info>  [1470792880.8958] Executing: /sbin/iptables --table filter --delete INPUT --in-interface wlxf4f26d11c434 --protocol udp --destination-port 53 --jump ACCEPT
Aug 10 11:34:40 local NetworkManager[2384]: <info>  [1470792880.8986] Executing: /sbin/iptables --table filter --delete INPUT --in-interface wlxf4f26d11c434 --protocol tcp --destination-port 53 --jump ACCEPT
Aug 10 11:34:40 local NetworkManager[2384]: <warn>  [1470792880.9011] device (wlxf4f26d11c434): Activation: Stage 5 of 5 (IPv4 Commit) start sharing failed.
Aug 10 11:34:40 local NetworkManager[2384]: <info>  [1470792880.9012] device (wlxf4f26d11c434): state change: ip-config -> failed (reason 'sharing-start-failed') [70 120 18]
Aug 10 11:34:40 local NetworkManager[2384]: <info>  [1470792880.9016] policy: disabling autoconnect for connection 'Hotspot'.
Aug 10 11:34:40 local NetworkManager[2384]: <warn>  [1470792880.9021] device (wlxf4f26d11c434): Activation: failed for connection 'Hotspot'
Aug 10 11:34:40 local NetworkManager[2384]: <info>  [1470792880.9097] device (wlxf4f26d11c434): state change: failed -> disconnected (reason 'none') [120 30 0]
Aug 10 11:34:41 local avahi-daemon[2358]: Interface wlxf4f26d11c434.IPv4 no longer relevant for mDNS.
Aug 10 11:34:41 local avahi-daemon[2358]: Leaving mDNS multicast group on interface wlxf4f26d11c434.IPv4 with address 10.42.0.1.
Aug 10 11:34:41 local avahi-daemon[2358]: Withdrawing address record for 10.42.0.1 on wlxf4f26d11c434.
Aug 10 11:34:41 local avahi-daemon[2358]: Joining mDNS multicast group on interface wlxf4f26d11c434.IPv4 with address 10.42.0.1.
Aug 10 11:34:41 local avahi-daemon[2358]: New relevant interface wlxf4f26d11c434.IPv4 for mDNS.
Aug 10 11:34:41 local avahi-daemon[2358]: Registering new address record for 10.42.0.1 on wlxf4f26d11c434.IPv4.
Aug 10 11:34:41 local kernel: IPv6: ADDRCONF(NETDEV_UP): wlxf4f26d11c434: link is not ready
Aug 10 11:34:41 local avahi-daemon[2358]: Withdrawing address record for 10.42.0.1 on wlxf4f26d11c434.
Aug 10 11:34:41 local avahi-daemon[2358]: Leaving mDNS multicast group on interface wlxf4f26d11c434.IPv4 with address 10.42.0.1.
Aug 10 11:34:41 local avahi-daemon[2358]: Interface wlxf4f26d11c434.IPv4 no longer relevant for mDNS.
Aug 10 11:34:41 local NetworkManager[2384]: <info>  [1470792881.3747] device (wlxf4f26d11c434): supplicant interface state: completed -> disconnected










 -- System Information:
Debian Release: stretch/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.6.0-1-amd64 
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages network-manager depends on:
ii  adduser                3.115
ii  dbus                   1.10.8-1
ii  init-system-helpers    1.42
ii  isc-dhcp-client        4.3.4-1
ii  libaudit1              1:2.6.5-1
ii  libbluetooth3          5.36-1+b1
ii  libc6                  2.23-4
ii  libglib2.0-0           2.48.1-2
ii  libgnutls30            3.5.2-2
pn  libgudev-1.0-0         <none>
ii  libmm-glib0            1.6.0-1
pn  libndp0                <none>
ii  libnewt0.52            0.52.18-3
ii  libnl-3-200            3.2.27-1
ii  libnm0                 1.2.2-2
ii  libpam-systemd         230-7
ii  libpolkit-agent-1-0    0.105-16
ii  libpolkit-gobject-1-0  0.105-16
ii  libreadline6           6.3-8+b4
ii  libselinux1            2.5-3
ii  libsoup2.4-1           2.54.1-1
ii  libsystemd0            230-7
ii  libteamdctl0           1.24-1
ii  libuuid1               2.28-6
ii  lsb-base               9.20160629
ii  policykit-1            0.105-16
ii  udev                   230-7
ii  wpasupplicant          2.3-2.4

Versions of packages network-manager recommends:
ii  crda            3.13-1+b1
pn  dnsmasq-base    <none>
ii  iptables        1.6.0-2
pn  iputils-arping  <none>
ii  modemmanager    1.6.0-1
ii  ppp             2.4.7-1+2

Versions of packages network-manager suggests:
pn  libteam-utils  <none>

-- no debconf information

More information about the Pkg-utopia-maintainers mailing list