Control-D-Inc / ctrld

A highly configurable, multi-protocol DNS forwarding proxy
MIT License
438 stars 21 forks source link

OpenWRT: odd service mode behaviour #173

Closed NoSync closed 1 week ago

NoSync commented 2 months ago

Versions: this happens on both 1.3.7 and dev, running on OpenWRT.

I'm having a weird issue with service mode.

When I start ctrld without service mode, resolv.conf has the expected content:

# resolv.conf(5) file generated by ctrld
# DO NOT EDIT THIS FILE BY HAND -- CHANGES WILL BE OVERWRITTEN

nameserver 127.0.0.1

If I start it with service mode, it still edits resolv.conf (which shouldn't happen in the first place, if I get it right) and sets the nameserver to the upstream provider gateway, where indeed a NS is running. I assume the address is fetched from the DHCP lease, as I never used that NS:

# resolv.conf(5) file generated by ctrld
# DO NOT EDIT THIS FILE BY HAND -- CHANGES WILL BE OVERWRITTEN

nameserver 192.168.78.1

No difference whatsoever if I append --iface="".

On top of that, it doesn't restore the previous resolv.conf on stop.

cuonglm commented 2 months ago

What commands did you use to start/stop ctrld?

Once stop/uninstall, ctrld will restore DHCP config, and write that content to /etc/resolv.conf file.

NoSync commented 2 months ago

I used ctrld service start as well as ctrld service start --config /etc/controld/ctrld.toml --iface=""

ctrld service stop times out, despite ctrld actually stopping correctly, so that might be why the running config is left in place and the previous one isn't restored.

root@flint2:~# ctrld service start -vv
Aug 25 12:38:44.000 NTC Reading config: /etc/controld/ctrld.toml
Aug 25 12:38:44.000 INF loading config file from: /etc/controld/ctrld.toml
Aug 25 12:38:44.955 NTC Starting service
Aug 25 12:38:45.247 DBG waiting for ctrld listener to be ready
Aug 25 12:38:45.592 DBG ctrld listener is ready
Aug 25 12:38:45.592 DBG performing self-check
Aug 25 12:38:45.597 DBG internal self-check against "ctrld.test" succeeded
Aug 25 12:38:45.711 DBG external self-check against "verify.controld.com" succeeded
Aug 25 12:38:45.711 NTC Service started

root@flint2:~# cat /etc/resolv.conf
# resolv.conf(5) file generated by ctrld
# DO NOT EDIT THIS FILE BY HAND -- CHANGES WILL BE OVERWRITTEN

nameserver 192.168.78.1
root@flint2:~# ctrld service stop -vv
Aug 25 12:39:30.000 INF loading config file from: /etc/controld/ctrld.toml
Aug 25 12:39:41.381 ERR timeout while waiting for service to stop

root@flint2:~# ps w | grep ctrld
 4654 root      1400 S    grep ctrld

root@flint2:~# cat /etc/resolv.conf
# resolv.conf(5) file generated by ctrld
# DO NOT EDIT THIS FILE BY HAND -- CHANGES WILL BE OVERWRITTEN

nameserver 192.168.78.1

My two questions are

  1. Isn't ctrld service start supposed to leave resolv.conf completely alone?
  2. How does ctrld gather that specific NS address?
cuonglm commented 2 months ago

I used ctrld service start as well as ctrld service start --config /etc/controld/ctrld.toml --iface=""

ctrld service stop times out, despite ctrld actually stopping correctly, so that might be why the running config is left in place and the previous one isn't restored.


root@flint2:~# ctrld service start -vv

Aug 25 12:38:44.000 NTC Reading config: /etc/controld/ctrld.toml

Aug 25 12:38:44.000 INF loading config file from: /etc/controld/ctrld.toml

Aug 25 12:38:44.955 NTC Starting service

Aug 25 12:38:45.247 DBG waiting for ctrld listener to be ready

Aug 25 12:38:45.592 DBG ctrld listener is ready

Aug 25 12:38:45.592 DBG performing self-check

Aug 25 12:38:45.597 DBG internal self-check against "ctrld.test" succeeded

Aug 25 12:38:45.711 DBG external self-check against "verify.controld.com" succeeded

Aug 25 12:38:45.711 NTC Service started

root@flint2:~# cat /etc/resolv.conf

# resolv.conf(5) file generated by ctrld

# DO NOT EDIT THIS FILE BY HAND -- CHANGES WILL BE OVERWRITTEN

nameserver 192.168.78.1

root@flint2:~# ctrld service stop -vv

Aug 25 12:39:30.000 INF loading config file from: /etc/controld/ctrld.toml

Aug 25 12:39:41.381 ERR timeout while waiting for service to stop

root@flint2:~# ps w | grep ctrld

 4654 root      1400 S    grep ctrld

root@flint2:~# cat /etc/resolv.conf

# resolv.conf(5) file generated by ctrld

# DO NOT EDIT THIS FILE BY HAND -- CHANGES WILL BE OVERWRITTEN

nameserver 192.168.78.1

My two questions are

  1. Isn't ctrld service start supposed to leave resolv.conf completely alone?

  2. How does ctrld gather that specific NS address?

  1. I bet it did leave resolv.conf alone. The content you are seeing is the result of last stop/uninstall, which gathers DNS settings from DHCP, then writing it to resolv.conf file. You could try editing resolv.conf, then use ctrld servicr start, then checking that resolv.conf is untouch.

  2. From DHCP.

NoSync commented 2 months ago

1) ctrld service start modifies resolv.conf on start. Please observe the line I manually added containing the keyword TEST:

root@flint2:~# cat /etc/resolv.conf; ctrld service start; cat /etc/resolv.conf
# resolv.conf(5) file generated by ctrld
# DO NOT EDIT THIS FILE BY HAND -- CHANGES WILL BE OVERWRITTEN
#TEST

nameserver 127.0.0.1
Aug 26 08:38:38.689 NTC Starting existing ctrld service
Aug 26 08:38:39.033 NTC Service started
# resolv.conf(5) file generated by ctrld
# DO NOT EDIT THIS FILE BY HAND -- CHANGES WILL BE OVERWRITTEN

nameserver 127.0.0.1
cuonglm commented 2 months ago

1) ctrld service start modifies resolv.conf on start. Please observe the line I manually added containing the keyword TEST:


root@flint2:~# cat /etc/resolv.conf; ctrld service start; cat /etc/resolv.conf

# resolv.conf(5) file generated by ctrld

# DO NOT EDIT THIS FILE BY HAND -- CHANGES WILL BE OVERWRITTEN

#TEST

nameserver 127.0.0.1

Aug 26 08:38:38.689 NTC Starting existing ctrld service

Aug 26 08:38:39.033 NTC Service started

# resolv.conf(5) file generated by ctrld

# DO NOT EDIT THIS FILE BY HAND -- CHANGES WILL BE OVERWRITTEN

nameserver 127.0.0.1

With current dev version, ctrld start without any argument with start existing service, not re-installing new one.

Please uninstall then re-run the command.

NoSync commented 2 months ago

I don't quite get what's happening here: what's the recommended way for resolv.conf to be left completely alone by both service start and stop, saved for locking it with chattr?

root@flint2:~# ctrld service uninstall; echo "TEST" > /etc/resolv.conf; ctrld service start; echo "resolv.conf after first service start:"; cat /etc/resolv.conf;
ctrld service stop; echo "resolv.conf after service stop:"; cat /etc/resolv.conf; ctrld service start; echo "resolv.conf after second service start:"; cat /etc/r
esolv.conf
Aug 26 12:20:30.252 NTC Service uninstalled
Aug 26 12:20:30.000 NTC Reading config: /etc/controld/ctrld.toml
Aug 26 12:20:30.556 NTC Starting service
Aug 26 12:20:31.167 NTC Service started
resolv.conf after first service start:
TEST
Aug 26 12:20:41.945 ERR timeout while waiting for service to stop
resolv.conf after service stop:
TEST
Aug 26 12:20:42.315 NTC Starting existing ctrld service
Aug 26 12:20:42.554 NTC Service started
resolv.conf after second service start:
# resolv.conf(5) file generated by ctrld
# DO NOT EDIT THIS FILE BY HAND -- CHANGES WILL BE OVERWRITTEN

nameserver 192.168.78.1
cuonglm commented 2 months ago

I don't quite get what's happening here: what's the recommended way for resolv.conf to be left completely alone by both service start and stop, saved for locking it with chattr?


root@flint2:~# ctrld service uninstall; echo "TEST" > /etc/resolv.conf; ctrld service start; echo "resolv.conf after first service start:"; cat /etc/resolv.conf;

ctrld service stop; echo "resolv.conf after service stop:"; cat /etc/resolv.conf; ctrld service start; echo "resolv.conf after second service start:"; cat /etc/r

esolv.conf

Aug 26 12:20:30.252 NTC Service uninstalled

Aug 26 12:20:30.000 NTC Reading config: /etc/controld/ctrld.toml

Aug 26 12:20:30.556 NTC Starting service

Aug 26 12:20:31.167 NTC Service started

resolv.conf after first service start:

TEST

Aug 26 12:20:41.945 ERR timeout while waiting for service to stop

resolv.conf after service stop:

TEST

Aug 26 12:20:42.315 NTC Starting existing ctrld service

Aug 26 12:20:42.554 NTC Service started

resolv.conf after second service start:

# resolv.conf(5) file generated by ctrld

# DO NOT EDIT THIS FILE BY HAND -- CHANGES WILL BE OVERWRITTEN

nameserver 192.168.78.1

I think it's the bug in new start existing service. As you can see, the content after ctrld stop is unchanged.

ctrld does the reset DNS to ensure the correct state, but it is not honoring the iface flag.

cuonglm commented 2 months ago

@NoSync Thanks for reporting.

We will fix this issue in v1.3.8 (There is a fix pending in dev, I will notify you once dev is updated).

NoSync commented 2 months ago

@cuonglm, I tested again and I can indeed confirm the culprit is service start when there's an existing service.

Thanks for now!

cuonglm commented 2 months ago

@cuonglm, I tested again and I can indeed confirm the culprit is service start when there's an existing service.

Thanks for now!

The dev binary is updated with the fix.

NoSync commented 2 months ago

@cuonglm, I tested again and I can indeed confirm the culprit is service start when there's an existing service. Thanks for now!

The dev binary is updated with the fix.

Confirmed, works perfectly.

yegors commented 1 week ago

Fixed in v1.3.10