search

amnezia-vpn / amnezia-client

Amnezia VPN Client (Desktop+Mobile)
https://amnezia.org
GNU General Public License v3.0
2k stars 200 forks source link

No internet connection on Arch Linux #792

Closed SputerSnot closed 2 months ago

SputerSnot commented 2 months ago

After connecting to server there is no internet connection, the service throws errors.

Steps to reproduce the behavior:

  1. Install AmneziaVPN_Linux_4.4.0.0.tar.zip
  2. Import connection config
  3. Press "Connect"
  4. Run "journalctl -u AmneziaVPN.service"
  5. See error

Expected behavior: having access to internet

Log of a service:

May 01 00:20:52 boob systemd[1]: Started AmneziaVPN Service.
May 01 00:20:52 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:20:52 info Started as system service
May 01 00:20:52 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:20:52 debug Amnezia "Daemon" "Daemon created"
May 01 00:20:52 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:20:52 debug Amnezia "LinuxDaemon" "Daemon created"
May 01 00:20:52 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:20:52 debug Amnezia "WireguardUtilsLinux" "WireguardUtilsLinux created."
May 01 00:20:52 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:20:52 debug Amnezia "DnsUtilsLinux" "DnsUtilsLinux created."
May 01 00:20:52 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:20:52 debug Amnezia "IPUtilsLinux" "IPUtilsLinux created."
May 01 00:20:52 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:20:52 debug Amnezia "DaemonLocalServer" "/var/run/amneziavpn seems to be usable"
May 01 00:20:52 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:20:52 debug Amnezia "DaemonLocalServer" "Server path: /var/run/amneziavpn/daemon.socket"
May 01 00:21:45 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:45 debug LocalServer new connection
May 01 00:21:45 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:45 debug Amnezia "DaemonLocalServer" "New connection received"
May 01 00:21:45 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:45 debug Amnezia "DaemonLocalServerConnection" "Connection created"
May 01 00:21:45 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:45 debug Amnezia "DaemonLocalServerConnection" "Read Data"
May 01 00:21:45 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:45 debug Amnezia "DaemonLocalServerConnection" "Command received: status"
May 01 00:21:45 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:45 debug Amnezia "Daemon" "Status request"
May 01 00:21:45 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:45 debug Amnezia "DaemonLocalServerConnection" "Read Data"
May 01 00:21:45 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:45 debug Amnezia "DaemonLocalServerConnection" "Command received: activate"
May 01 00:21:45 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:45 debug Amnezia "Daemon" "Activating interface"
May 01 00:21:45 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:45 debug Amnezia "WireguardUtilsLinux" "Created wireguard interface amn0"
May 01 00:21:45 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:45 debug Amnezia "LinuxRouteMonitor" "LinuxRouteMonitor created."
May 01 00:21:45 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:45 debug Amnezia "LinuxFirewall" "( 2 ) $  iptables -C OUTPUT -j amnvpn.anchors 2> /dev/null"
May 01 00:21:45 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:45 debug Amnezia "LinuxFirewall" "Tearing down cgroup and routing rules"
May 01 00:21:45 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:45 debug Amnezia "LinuxFirewall" "( 255 ) $  ip route flush table amnvpnrt"
May 01 00:21:45 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:45 debug Amnezia "LinuxFirewall" "Error: argument \"amnvpnrt\" is wrong: table id value is invalid"
May 01 00:21:45 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:45 debug Amnezia "LinuxFirewall" "LinuxFirewall::uninstall() complete"
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "LinuxFirewall" "( 123 ) $  if ! iptables -L OUTPUT -n --line-numbers -t filter 2> /dev/null | awk 'int($1) == 1 && $2 == \"amnvpn.anchors\" { found=1 } END { if(found==1) { exit 0 } else { exit 1 } }' ; then iptables -I OUTPUT -j amnvpn.anchors -t filter && iptables -L OUTPUT -n --line-numbers -t filter 2> /dev/null | awk 'int($1) > 1 && $2 == \"amnvpn.anchors\" { print $1; exit }' | xargs iptables -t filter -D OUTPUT ; fi"
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "LinuxFirewall" "iptables: Bad rule (does a matching rule exist in that chain?)."
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "LinuxFirewall" "( 123 ) $  if ! ip6tables -L OUTPUT -n --line-numbers -t filter 2> /dev/null | awk 'int($1) == 1 && $2 == \"amnvpn.anchors\" { found=1 } END { if(found==1) { exit 0 } else { exit 1 } }' ; then ip6tables -I OUTPUT -j amnvpn.anchors -t filter && ip6tables -L OUTPUT -n --line-numbers -t filter 2> /dev/null | awk 'int($1) > 1 && $2 == \"amnvpn.anchors\" { print $1; exit }' | xargs ip6tables -t filter -D OUTPUT ; fi"
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "LinuxFirewall" "ip6tables: Bad rule (does a matching rule exist in that chain?)."
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "LinuxFirewall" "( 123 ) $  if ! iptables -L POSTROUTING -n --line-numbers -t nat 2> /dev/null | awk 'int($1) == 1 && $2 == \"amnvpn.anchors\" { found=1 } END { if(found==1) { exit 0 } else { exit 1 } }' ; then iptables -I POSTROUTING -j amnvpn.anchors -t nat && iptables -L POSTROUTING -n --line-numbers -t nat 2> /dev/null | awk 'int($1) > 1 && $2 == \"amnvpn.anchors\" { print $1; exit }' | xargs iptables -t nat -D POSTROUTING ; fi"
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "LinuxFirewall" "iptables: Bad rule (does a matching rule exist in that chain?)."
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "LinuxFirewall" "( 123 ) $  if ! ip6tables -L POSTROUTING -n --line-numbers -t nat 2> /dev/null | awk 'int($1) == 1 && $2 == \"amnvpn.anchors\" { found=1 } END { if(found==1) { exit 0 } else { exit 1 } }' ; then ip6tables -I POSTROUTING -j amnvpn.anchors -t nat && ip6tables -L POSTROUTING -n --line-numbers -t nat 2> /dev/null | awk 'int($1) > 1 && $2 == \"amnvpn.anchors\" { print $1; exit }' | xargs ip6tables -t nat -D POSTROUTING ; fi"
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "LinuxFirewall" "ip6tables: Bad rule (does a matching rule exist in that chain?)."
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "LinuxFirewall" "( 123 ) $  if ! iptables -L OUTPUT -n --line-numbers -t mangle 2> /dev/null | awk 'int($1) == 1 && $2 == \"amnvpn.anchors\" { found=1 } END { if(found==1) { exit 0 } else { exit 1 } }' ; then iptables -I OUTPUT -j amnvpn.anchors -t mangle && iptables -L OUTPUT -n --line-numbers -t mangle 2> /dev/null | awk 'int($1) > 1 && $2 == \"amnvpn.anchors\" { print $1; exit }' | xargs iptables -t mangle -D OUTPUT ; fi"
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "LinuxFirewall" "iptables: Bad rule (does a matching rule exist in that chain?)."
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "LinuxFirewall" "( 123 ) $  if ! ip6tables -L OUTPUT -n --line-numbers -t mangle 2> /dev/null | awk 'int($1) == 1 && $2 == \"amnvpn.anchors\" { found=1 } END { if(found==1) { exit 0 } else { exit 1 } }' ; then ip6tables -I OUTPUT -j amnvpn.anchors -t mangle && ip6tables -L OUTPUT -n --line-numbers -t mangle 2> /dev/null | awk 'int($1) > 1 && $2 == \"amnvpn.anchors\" { print $1; exit }' | xargs ip6tables -t mangle -D OUTPUT ; fi"
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "LinuxFirewall" "ip6tables: Bad rule (does a matching rule exist in that chain?)."
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "LinuxFirewall" "( 123 ) $  if ! iptables -L PREROUTING -n --line-numbers -t raw 2> /dev/null | awk 'int($1) == 1 && $2 == \"amnvpn.anchors\" { found=1 } END { if(found==1) { exit 0 } else { exit 1 } }' ; then iptables -I PREROUTING -j amnvpn.anchors -t raw && iptables -L PREROUTING -n --line-numbers -t raw 2> /dev/null | awk 'int($1) > 1 && $2 == \"amnvpn.anchors\" { print $1; exit }' | xargs iptables -t raw -D PREROUTING ; fi"
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "LinuxFirewall" "iptables: Bad rule (does a matching rule exist in that chain?)."
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "LinuxFirewall" "( 123 ) $  if ! ip6tables -L PREROUTING -n --line-numbers -t raw 2> /dev/null | awk 'int($1) == 1 && $2 == \"amnvpn.anchors\" { found=1 } END { if(found==1) { exit 0 } else { exit 1 } }' ; then ip6tables -I PREROUTING -j amnvpn.anchors -t raw && ip6tables -L PREROUTING -n --line-numbers -t raw 2> /dev/null | awk 'int($1) > 1 && $2 == \"amnvpn.anchors\" { print $1; exit }' | xargs ip6tables -t raw -D PREROUTING ; fi"
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "LinuxFirewall" "ip6tables: Bad rule (does a matching rule exist in that chain?)."
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "LinuxFirewall" "Should be setting up cgroup in /sys/fs/cgroup/net_cls/amnvpnexclusions/ for traffic splitting"
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "LinuxFirewall" "( 1 ) $  if [ ! -d /sys/fs/cgroup/net_cls/amnvpnexclusions/ ] ; then mkdir /sys/fs/cgroup/net_cls/amnvpnexclusions/ ; sleep 0.1 ; echo 0x567 > /sys/fs/cgroup/net_cls/amnvpnexclusions//net_cls.classid ; fi"
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "LinuxFirewall" "mkdir: cannot create directory ‘/sys/fs/cgroup/net_cls/amnvpnexclusions/’: No such file or directory\n/bin/bash: line 1: /sys/fs/cgroup/net_cls/amnvpnexclusions//net_cls.classid: No such file or directory"
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "LinuxFirewall" "( 255 ) $  if ! ip rule list | grep -q 0x3211 ; then ip rule add from all fwmark 0x3211 lookup amnvpnrt pri 100 ; fi"
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "LinuxFirewall" "Error: argument \"amnvpnrt\" is wrong: invalid table ID"
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "LinuxFirewall" "000.allowLoopback(IPv4): OFF -> ON"
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "LinuxFirewall" "000.allowLoopback(IPv6): OFF -> ON"
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "LinuxFirewall" "100.blockAll(IPv4): OFF -> ON"
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "LinuxFirewall" "100.blockAll(IPv6): OFF -> ON"
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "LinuxFirewall" "110.allowNets(IPv4): OFF -> ON"
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "LinuxFirewall" "120.blockNets(IPv4): OFF"
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "LinuxFirewall" "200.allowVPN(IPv4): OFF -> ON"
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "LinuxFirewall" "250.blockIPv6(IPv6): OFF -> ON"
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "LinuxFirewall" "290.allowDHCP(IPv4): OFF -> ON"
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "LinuxFirewall" "290.allowDHCP(IPv6): OFF -> ON"
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "LinuxFirewall" "300.allowLAN(IPv4): OFF -> ON"
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "LinuxFirewall" "300.allowLAN(IPv6): OFF -> ON"
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "LinuxFirewall" "310.blockDNS(IPv4): OFF -> ON"
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "LinuxFirewall" "320.allowDNS(IPv4): OFF -> ON"
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "LinuxFirewall" "( 2 ) $  if iptables -C amnvpn.a.400.allowPIA -j amnvpn.400.allowPIA -t filter 2> /dev/null ; then echo '400.allowPIA(IPv4): ON' ; else echo '400.allowPIA(IPv4): OFF -> ON' ; iptables -A amnvpn.a.400.allowPIA -j amnvpn.400.allowPIA -t filter; fi"
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "LinuxFirewall" "400.allowPIA(IPv4): OFF -> ON"
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "LinuxFirewall" "iptables v1.8.10 (legacy): Couldn't load target `amnvpn.400.allowPIA':No such file or directory\n\nTry `iptables -h' or 'iptables --help' for more information."
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "LinuxFirewall" "( 2 ) $  if ip6tables -C amnvpn.a.400.allowPIA -j amnvpn.400.allowPIA -t filter 2> /dev/null ; then echo '400.allowPIA(IPv6): ON' ; else echo '400.allowPIA(IPv6): OFF -> ON' ; ip6tables -A amnvpn.a.400.allowPIA -j amnvpn.400.allowPIA -t filter; fi"
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "LinuxFirewall" "400.allowPIA(IPv6): OFF -> ON"
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "LinuxFirewall" "ip6tables v1.8.10 (legacy): Couldn't load target `amnvpn.400.allowPIA':No such file or directory\n\nTry `ip6tables -h' or 'ip6tables --help' for more information."
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "LinuxRouteMonitor" "Adding exclusion route for server_ipv4_address/32"
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "LinuxRouteMonitor" "Gateway  192.168.1.1  for interface  enp6s0"
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "WireguardUtilsLinux" "Configuring peer XnnJWRX/c0QmR/+QQgXWQ3uj+La8HUNhPjEngk93nXo= via server_ipv4_address"
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "LinuxRouteMonitor" "Adding exclusion route for server_ipv4_address/32"
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "LinuxRouteMonitor" "Gateway  192.168.1.1  for interface  enp6s0"
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "LinuxRouteMonitor" "Adding exclusion route for /999999"
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "LinuxRouteMonitor" "Invalid destination prefix"
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "DnsUtilsLinux" "Adding DNS resolver 1.1.1.1 via amn0"
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "LinuxRouteMonitor" "Adding route to 0.0.0.0/1"
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "LinuxRouteMonitor" "Adding route to 128.0.0.0/1"
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "LinuxRouteMonitor" "Adding route to ::/1"
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "LinuxRouteMonitor" "Adding route to 8000::/1"
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "Daemon" "Connection status: 1"
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "DnsUtilsLinux" "Error received from the DBus service"
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "DnsUtilsLinux" "Error received from the DBus service"
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "DnsUtilsLinux" "Error retrieving the DNS  domains from the DBus service"
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "Daemon" "Checking for handshake..."
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Amnezia "Daemon" "awaiting XnnJWRX/c0QmR/+QQgXWQ3uj+La8HUNhPjEngk93nXo="
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 debug Flush dns completed
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 critical Critical, trying to add invalid route:  1.1.1.1
May 01 00:21:46 boob AmneziaVPN-service.sh[34784]: 2024-05-01 00:21:46 critical Critical, trying to add invalid route:  1.0.0.1

Screenshots after connecting to the server 2024-05-01_00:31:57_495x776_scrot 2024-05-01_00:32:26_553x178_scrot 2024-05-01_00:33:39_958x663_scrot

Desktop:

Server:

Additional context: Connection works on other machines (Windows, Android)

outspace commented 2 months ago

Some problem with name resolution (DNS issue). Looks same to #528

SputerSnot commented 2 months ago

Issue Resolved!

I managed to solve the problem. As my system uses NetworkManager to automatically manage DNS connections, I had to make some adjustments:

After making these changes I can access internet. Later i would try another network manager like systemd-networkd

outspace commented 2 months ago

@SputerSnot Thanks for your reporting and collaboration. This is greatly appreciated!