search

Kkevsterrr / geneva

automated censorship evasion for the client-side and server-side
https://censorship.ai
BSD 3-Clause "New" or "Revised" License
1.94k stars 183 forks source link

run as systemd issue #31

Closed sophauer closed 3 years ago

sophauer commented 3 years ago

OS: centos 7 systemd service `[Unit] Description=Geneva Server [Service] Type=simple User=root WorkingDirectory=/home/centos/geneva ExecStart=/usr/bin/python3 /home/centos/geneva/engine.py --server-port mult-ports --strategy "XXXXX"

ExecReload=/bin/kill -HUP $MAINPID Restart=always

[Install] WantedBy=multi-user.target`

1st run,type iptables -L, NFQUEUE tcp -- anywhere anywhere multiport dports XXXX NFQUEUE num 2 NFQUEUE udp -- anywhere anywhere multiport dports XXXX NFQUEUE num 2

then,systemctl restart Geneva.service, iptbables -L NFQUEUE tcp -- anywhere anywhere multiport dports XXXX NFQUEUE num 2 NFQUEUE udp -- anywhere anywhere multiport dports XXXX NFQUEUE num 2 NFQUEUE tcp -- anywhere anywhere multiport dports XXXX NFQUEUE num 2 NFQUEUE udp -- anywhere anywhere multiport dports XXXX NFQUEUE num 2

if i do it again,systemctl restart Geneva.service, iptbables -L showed NFQUEUE tcp -- anywhere anywhere multiport dports XXXX NFQUEUE num 2 NFQUEUE udp -- anywhere anywhere multiport dports XXXX NFQUEUE num 2 NFQUEUE tcp -- anywhere anywhere multiport dports XXXX NFQUEUE num 2 NFQUEUE udp -- anywhere anywhere multiport dports XXXX NFQUEUE num 2 NFQUEUE tcp -- anywhere anywhere multiport dports XXXX NFQUEUE num 2 NFQUEUE udp -- anywhere anywhere multiport dports XXXX NFQUEUE num 2

Kkevsterrr commented 3 years ago

The issue is likely how you are killing Geneva - if you kill the process without giving it time to shutdown, it will not have time to clean up those NFQUEUE rules. I would recommend changing the HUP to a SIGINT - hopefully that should resolve the issue!

sophauer commented 3 years ago

TKS,rsolved!