Host and container internet connection lost when lxd container is up and back when it is stopped.

[zcatav]

Hello, I have a problem with the use of LXD. I have listed the relevant information below. I can provide additional information if needed. Thank you in advance for your suggestions on how to solve my problem.

Sincerely regards

Required information

• Distribution: antiX linux 23 (Debian Bookworm nonSystemd)
• Distribution version: Debian Bookworm nonSystemd
• The output of "lxc info" : lxc info
  config: {} api_extensions:
  • storage_zfs_remove_snapshots
  • container_host_shutdown_timeout
  • container_stop_priority
  • container_syscall_filtering
  • auth_pki
  • container_last_used_at
  • etag
  • patch
  • usb_devices
  • https_allowed_credentials
  • image_compression_algorithm
  • directory_manipulation
  • container_cpu_time
  • storage_zfs_use_refquota
  • storage_lvm_mount_options
  • network
  • profile_usedby
  • container_push
  • container_exec_recording
  • certificate_update
  • container_exec_signal_handling
  • gpu_devices
  • container_image_properties
  • migration_progress
  • id_map
  • network_firewall_filtering
  • network_routes
  • storage
  • file_delete
  • file_append
  • network_dhcp_expiry
  • storage_lvm_vg_rename
  • storage_lvm_thinpool_rename
  • network_vlan
  • image_create_aliases
  • container_stateless_copy
  • container_only_migration
  • storage_zfs_clone_copy
  • unix_device_rename
  • storage_lvm_use_thinpool
  • storage_rsync_bwlimit
  • network_vxlan_interface
  • storage_btrfs_mount_options
  • entity_description
  • image_force_refresh
  • storage_lvm_lv_resizing
  • id_map_base
  • file_symlinks
  • container_push_target
  • network_vlan_physical4a55ee3e807570eb2dfdd1ea400f87e2401fd7d6d793ed4d1721a25775d98
  • storage_images_delete
  • container_edit_metadata
  • container_snapshot_stateful_migration
  • storage_driver_ceph
  • storage_ceph_user_name
  • resource_limits
  • storage_volatile_initial_source
  • storage_ceph_force_osd_reuse
  • storage_block_filesystem_btrfs
  • resources
  • kernel_limits
  • storage_api_volume_rename
  • macaroon_authentication
  • network_sriov
  • console
  • restrict_devlxd
  • migration_pre_copy
  • infiniband
  • maas_network
  • devlxd_events
  • proxy
  • network_dhcp_gateway
  • file_get_symlink
  • network_leases
  • unix_device_hotplug
  • storage_api_local_volume_handling
  • operation_description
  • clustering
  • event_lifecycle
  • storage_api_remote_volume_handling
  • nvidia_runtime
  • container_mount_propagation
  • container_backup
  • devlxd_images
  • container_local_cross_pool_handling
  • proxy_unix
  • proxy_udp
  • clustering_join
  • proxy_tcp_udp_multi_port_handling
  • network_state
  • proxy_unix_dac_properties
  • container_protection_delete
  • unix_priv_drop
  • pprof_http
  • proxy_haproxy_protocol
  • network_hwaddr
  • proxy_nat
  • network_nat_order
  • container_full
  • candid_authentication
  • backup_compression
  • candid_config
  • nvidia_runtime_config
  • storage_api_volume_snapshots
  • storage_unmapped
  • projects
  • candid_config_key
  • network_vxlan_ttl
  • container_incremental_copy
  • usb_optional_vendorid
  • snapshot_scheduling
  • snapshot_schedule_aliases
  • container_copy_project
  • clustering_server_address
  • clustering_image_replication
  • container_protection_shift
  • snapshot_expiry
  • container_backup_override_pool
  • snapshot_expiry_creation
  • network_leases_location
  • resources_cpu_socket
  • resources_gpu
  • resources_numa
  • kernel_features
  • id_map_current
  • event_location
  • storage_api_remote_volume_snapshots
  • network_nat_address
  • container_nic_routes
  • rbac
  • cluster_internal_copy
  • seccomp_notify
  • lxc_features
  • container_nic_ipvlan
  • network_vlan_sriov
  • storage_cephfs
  • container_nic_ipfilter
  • resources_v2
  • container_exec_user_group_cwd
  • container_syscall_intercept
  • container_disk_shift
  • storage_shifted
  • resources_infiniband
  • daemon_storage
  • instances
  • image_types
  • resources_disk_sata
  • clustering_roles
  • images_expiry
  • resources_network_firmware
  • backup_compression_algorithm
  • ceph_data_pool_name
  • container_syscall_intercept_mount
  • compression_squashfs
  • container_raw_mount
  • container_nic_routed
  • container_syscall_intercept_mount_fuse
  • container_disk_ceph
  • virtual-machines
  • image_profiles
  • clustering_architecture
  • resources_disk_id
  • storage_lvm_stripes
  • vm_boot_priority
  • unix_hotplug_devices
  • api_filtering
  • instance_nic_network
  • clustering_sizing
  • firewall_driver
  • projects_limits
  • container_syscall_intercept_hugetlbfs
  • limits_hugepages
  • container_nic_routed_gateway
  • projects_restrictions
  • custom_volume_snapshot_expiry
  • volume_snapshot_scheduling
  • trust_ca_certificates
  • snapshot_disk_usage
  • clustering_edit_roles
  • container_nic_routed_host_address
  • container_nic_ipvlan_gateway
  • resources_usb_pci
  • resources_cpu_threads_numa
  • resources_cpu_core_die
  • api_os
  • container_nic_routed_host_table
  • container_nic_ipvlan_host_table
  • container_nic_ipvlan_mode
  • resources_system
  • images_push_relay
  • network_dns_search
  • container_nic_routed_limits
  • instance_nic_bridged_vlan
  • network_state_bond_bridge
  • usedby_consistency
  • custom_block_volumes
  • clustering_failure_domains
  • resources_gpu_mdev
  • console_vga_type
  • projects_limits_disk
  • network_type_macvlan
  • network_type_sriov
  • container_syscall_intercept_bpf_devices
  • network_type_ovn
  • projects_networks
  • projects_networks_restricted_uplinks
  • custom_volume_backup
  • backup_override_name
  • storage_rsync_compression
  • network_type_physical
  • network_ovn_external_subnets
  • network_ovn_nat
  • network_ovn_external_routes_remove
  • tpm_device_type
  • storage_zfs_clone_copy_rebase
  • gpu_mdev
  • resources_pci_iommu
  • resources_network_usb
  • resources_disk_address
  • network_physical_ovn_ingress_mode
  • network_ovn_dhcp
  • network_physical_routes_anycast
  • projects_limits_instances
  • network_state_vlan
  • instance_nic_bridged_port_isolation
  • instance_bulk_state_change
  • network_gvrp
  • instance_pool_move
  • gpu_sriov
  • pci_device_type
  • storage_volume_state
  • network_acl
  • migration_stateful
  • disk_state_quota
  • storage_ceph_features
  • projects_compression
  • projects_images_remote_cache_expiry
  • certificate_project
  • network_ovn_acl
  • projects_images_auto_update
  • projects_restricted_cluster_target
  • images_default_architecture
  • network_ovn_acl_defaults
  • gpu_mig
  • project_usage
  • network_bridge_acl
  • warnings
  • projects_restricted_backups_and_snapshots
  • clustering_join_token
  • clustering_description
  • server_trusted_proxy
  • clustering_update_cert
  • storage_api_project
  • server_instance_driver_operational
  • server_supported_storage_drivers
  • event_lifecycle_requestor_address
  • resources_gpu_usb
  • clustering_evacuation
  • network_ovn_nat_address
  • network_bgp
  • network_forward
  • custom_volume_refresh
  • network_counters_errors_dropped
  • metrics
  • image_source_project
  • clustering_config
  • network_peer
  • linux_sysctl
  • network_dns
  • ovn_nic_acceleration
  • certificate_self_renewal
  • instance_project_move
  • storage_volume_project_move
  • cloud_init
  • network_dns_nat
  • database_leader
  • instance_all_projects
  • clustering_groups
  • ceph_rbd_du
  • instance_get_full
  • qemu_metrics
  • gpu_mig_uuid
  • event_project
  • clustering_evacuation_live
  • instance_allow_inconsistent_copy
  • network_state_ovn
  • storage_volume_api_filtering
  • image_restrictions
  • storage_zfs_export
  • network_dns_records
  • storage_zfs_reserve_space
  • network_acl_log
  • storage_zfs_blocksize
  • metrics_cpu_seconds
  • instance_snapshot_never
  • certificate_token
  • instance_nic_routed_neighbor_probe
  • event_hub
  • agent_nic_config
  • projects_restricted_intercept
  • metrics_authentication
  • images_target_project
  • cluster_migration_inconsistent_copy
  • cluster_ovn_chassis
  • container_syscall_intercept_sched_setscheduler
  • storage_lvm_thinpool_metadata_size
  • storage_volume_state_total
  • instance_file_head
  • resources_pci_vpd
  • qemu_raw_conf
  • storage_cephfs_fscache
  • vsock_api
  • storage_volumes_all_projects
  • projects_networks_restricted_access
  • cluster_join_token_expiry
  • remote_token_expiry
  • init_preseed
  • cpu_hotplug api_status: stable api_version: "1.0" auth: trusted public: false auth_methods:
  • tls environment: addresses: [] architectures:
  • x86_64
  • i686 certificate: | -----BEGIN CERTIFICATE----- MI.......ItTw== -----END CERTIFICATE----- certificate_fingerprint: 1...........07 driver: lxc driver_version: 5.0.2 firewall: nftables kernel: Linux kernel_architecture: x86_64 kernel_features: idmapped_mounts: "true" netnsid_getifaddrs: "true" seccomp_listener: "true" seccomp_listener_continue: "true" shiftfs: "false" uevent_injection: "true" unpriv_fscaps: "true" kernel_version: 6.1.42-antix.1-amd64-smp lxc_features: cgroup2: "true" core_scheduling: "true" devpts_fd: "true" idmapped_mounts_v2: "true" mount_injection_file: "true" network_gateway_device_route: "true" network_ipvlan: "true" network_l2proxy: "true" network_phys_macvlan_mtu: "true" network_veth_router: "true" pidfd: "true" seccomp_allow_deny_syntax: "true" seccomp_notify: "true" seccomp_proxy_send_notify_fd: "true" os_name: Debian GNU/Linux os_version: "12" project: default server: lxd server_clustered: false server_event_mode: full-mesh server_name: medantix server_pid: 2164 server_version: 5.0.2 storage: btrfs storage_version: "6.2" storage_supported_drivers:
  • name: dir version: "1" remote: false
  • name: btrfs version: "6.2" remote: false

Issue description

I installed Lxd as described in the Debian wiki. I created a Debian11 container with Lxc launch. Once inside the container I had internet access for the first few minutes, then the host unreachable warning and communication was lost. At the same time internet access was lost on the host. When I exited the container and closed it, internet connection was restored for the host. It was possible to access the host from inside the container.

Steps to reproduce

1. Install antiX linux 23
2. Install Lxd and launch a container
3. Wait a few minutes and try to connect internet

Information to attach

• [ ] Any relevant kernel output (dmesg) [ 23.603884] RPC: Registered named UNIX socket transport module. [ 23.603894] RPC: Registered udp transport module. [ 23.603897] RPC: Registered tcp transport module. [ 23.603899] RPC: Registered tcp NFSv4.1 backchannel transport module. [ 23.627677] FS-Cache: Loaded [ 25.697300] fuse: init (API version 7.37) [ 26.524107] Bluetooth: BNEP (Ethernet Emulation) ver 1.3 [ 26.524120] Bluetooth: BNEP filters: protocol multicast [ 26.524134] Bluetooth: BNEP socket layer initialized [ 26.965480] i915 0000:00:02.0: vgaarb: changed VGA decodes: olddecodes=io+mem,decodes=none:owns=io+mem [ 29.000684] NET: Registered PF_VSOCK protocol family [ 30.032661] loop0: detected capacity change from 0 to 104857600 [ 30.040697] BTRFS: device label default devid 1 transid 16 /dev/loop0 scanned by lxd (2340) [ 30.042366] BTRFS info (device loop0): using crc32c (crc32c-generic) checksum algorithm [ 30.042422] BTRFS info (device loop0): using free space tree [ 30.069228] BTRFS info (device loop0): enabling ssd optimizations [ 30.185428] bridge: filtering via arp/ip/ip6tables is no longer available by default. Update your scripts to load br_netfilter if you need this. [ 31.771434] IPv6: ADDRCONF(NETDEV_CHANGE): vethd422414a: link becomes ready [ 31.771626] IPv6: ADDRCONF(NETDEV_CHANGE): veth6dd43380: link becomes ready [ 31.877267] 8021q: 802.1Q VLAN Support v1.8 [ 31.923341] lxdbr0: port 1(vethd422414a) entered blocking state [ 31.923358] lxdbr0: port 1(vethd422414a) entered disabled state [ 31.924313] device vethd422414a entered promiscuous mode [ 31.926010] lxdbr0: port 1(vethd422414a) entered blocking state [ 31.926059] lxdbr0: port 1(vethd422414a) entered forwarding state [ 31.926221] IPv6: ADDRCONF(NETDEV_CHANGE): lxdbr0: link becomes ready [ 32.659408] physTo9cSO: renamed from veth6dd43380 [ 32.672355] lxdbr0: port 1(vethd422414a) entered disabled state [ 32.680742] eth0: renamed from physTo9cSO [ 32.689738] IPv6: ADDRCONF(NETDEV_CHANGE): vethd422414a: link becomes ready [ 32.689892] lxdbr0: port 1(vethd422414a) entered blocking state [ 32.689905] lxdbr0: port 1(vethd422414a) entered forwarding state [ 35.398584] intel_powerclamp: No package C-state available [ 288.371889] veth6dd43380: renamed from physTo9cSO [ 288.384795] lxdbr0: port 1(vethd422414a) entered disabled state [ 288.405178] IPv6: ADDRCONF(NETDEV_CHANGE): veth6dd43380: link becomes ready [ 288.405508] lxdbr0: port 1(vethd422414a) entered blocking state [ 288.405526] lxdbr0: port 1(vethd422414a) entered forwarding state [ 288.598299] device vethd422414a left promiscuous mode [ 288.598405] lxdbr0: port 1(vethd422414a) entered disabled state [ 395.649086] IPv6: ADDRCONF(NETDEV_CHANGE): veth9cd08dca: link becomes ready [ 395.649392] IPv6: ADDRCONF(NETDEV_CHANGE): veth6e33a184: link becomes ready [ 395.759945] lxdbr0: port 1(veth9cd08dca) entered blocking state [ 395.759961] lxdbr0: port 1(veth9cd08dca) entered disabled state [ 395.761201] device veth9cd08dca entered promiscuous mode [ 395.763495] lxdbr0: port 1(veth9cd08dca) entered blocking state [ 395.763517] lxdbr0: port 1(veth9cd08dca) entered forwarding state [ 396.370789] physa1wFOa: renamed from veth6e33a184 [ 396.385645] eth0: renamed from physa1wFOa [ 396.394482] lxdbr0: port 1(veth9cd08dca) entered disabled state [ 396.400236] IPv6: ADDRCONF(NETDEV_CHANGE): veth9cd08dca: link becomes ready [ 396.400453] lxdbr0: port 1(veth9cd08dca) entered blocking state [ 396.400472] lxdbr0: port 1(veth9cd08dca) entered forwarding state [ 398.162802] intel_powerclamp: No package C-state available [ 607.440507] veth6e33a184: renamed from physa1wFOa [ 607.451877] lxdbr0: port 1(veth9cd08dca) entered disabled state [ 607.475801] IPv6: ADDRCONF(NETDEV_CHANGE): veth6e33a184: link becomes ready [ 607.476260] lxdbr0: port 1(veth9cd08dca) entered blocking state [ 607.476280] lxdbr0: port 1(veth9cd08dca) entered forwarding state [ 607.682629] device veth9cd08dca left promiscuous mode [ 607.682766] lxdbr0: port 1(veth9cd08dca) entered disabled state [ 964.306397] IPv6: ADDRCONF(NETDEV_CHANGE): veth03d2eeea: link becomes ready [ 964.306727] IPv6: ADDRCONF(NETDEV_CHANGE): veth87dc91c8: link becomes ready [ 964.390298] lxdbr0: port 1(veth03d2eeea) entered blocking state [ 964.390313] lxdbr0: port 1(veth03d2eeea) entered disabled state [ 964.391124] device veth03d2eeea entered promiscuous mode [ 964.391385] lxdbr0: port 1(veth03d2eeea) entered blocking state [ 964.391402] lxdbr0: port 1(veth03d2eeea) entered forwarding state [ 964.799863] physPZKDC6: renamed from veth87dc91c8 [ 964.807175] eth0: renamed from physPZKDC6 [ 964.813642] lxdbr0: port 1(veth03d2eeea) entered disabled state [ 964.826019] IPv6: ADDRCONF(NETDEV_CHANGE): veth03d2eeea: link becomes ready [ 964.826229] lxdbr0: port 1(veth03d2eeea) entered blocking state [ 964.826245] lxdbr0: port 1(veth03d2eeea) entered forwarding state [ 966.621782] intel_powerclamp: No package C-state available [ 1405.049375] lxdbr0: port 1(veth03d2eeea) entered disabled state [ 1405.049700] veth87dc91c8: renamed from physPZKDC6 [ 1405.080645] IPv6: ADDRCONF(NETDEV_CHANGE): veth87dc91c8: link becomes ready [ 1405.081036] lxdbr0: port 1(veth03d2eeea) entered blocking state [ 1405.081056] lxdbr0: port 1(veth03d2eeea) entered forwarding state [ 1405.274540] device veth03d2eeea left promiscuous mode [ 1405.274670] lxdbr0: port 1(veth03d2eeea) entered disabled state

• [ ] Container log (lxc info NAME --show-log) Name: tedis Status: RUNNING Type: container Architecture: x86_64 PID: 6762 Created: 2023/12/01 11:30 +03 Last Used: 2023/12/01 12:39 +03

Resources: Processes: 9 CPU usage: CPU usage (in seconds): 4 Memory usage: Memory (current): 19.39MiB Network usage: eth0: Type: broadcast State: UP Host interface: veth03d2eeea MAC address: 00:16:3e:88:2b:a4 MTU: 1500 Bytes received: 10.17kB Bytes sent: 3.79kB Packets received: 47 Packets sent: 33 IP addresses: inet: 10.17.247.16/24 (global) inet6: fd42:6e83:9e3d:1e00:216:3eff:fe88:2ba4/64 (global) inet6: fe80::216:3eff:fe88:2ba4/64 (link) lo: Type: loopback State: UP MTU: 65536 Bytes received: 0B Bytes sent: 0B Packets received: 0 Packets sent: 0 IP addresses: inet: 127.0.0.1/8 (local) inet6: ::1/128 (local)

Log:

• [ ] Container configuration (lxc config show NAME --expanded) architecture: x86_64 config: image.architecture: amd64 image.description: Debian bullseye amd64 (20231201_05:24) image.os: Debian image.release: bullseye image.serial: "20231201_05:24" image.type: squashfs image.variant: default volatile.base_image: 18451affa3476fe43dca17c016029dc6c426643e62a51d79fffe0f5cec4a5183 volatile.cloud-init.instance-id: 9da88759-0a5e-4c07-9827-52149a4809ca volatile.eth0.hwaddr: 00:16:3e:88:2b:a4 volatile.idmap.base: "0" volatile.idmap.current: '[{"Isuid":true,"Isgid":false,"Hostid":165536,"Nsid":0,"Maprange":10000001},{"Isuid":false,"Isgid":true,"Hostid":165536,"Nsid":0,"Maprange":10000001}]' volatile.idmap.next: '[{"Isuid":true,"Isgid":false,"Hostid":165536,"Nsid":0,"Maprange":10000001},{"Isuid":false,"Isgid":true,"Hostid":165536,"Nsid":0,"Maprange":10000001}]' volatile.last_state.idmap: '[]' volatile.last_state.power: STOPPED volatile.uuid: 3c8bb1f0-f064-4a21-86fa-4f558406cfe0 devices: eth0: name: eth0 network: lxdbr0 type: nic root: path: / pool: default type: disk ephemeral: false profiles:

  • default stateful: false description: ""

• [ ] Main daemon log (at /var/log/lxd/lxd.log or /var/snap/lxd/common/lxd/logs/lxd.log) time="2023-12-01T11:27:23+03:00" level=warning msg="AppArmor support has been disabled because of lack of kernel support" time="2023-12-01T11:27:23+03:00" level=warning msg=" - AppArmor support has been disabled, Disabled because of lack of kernel support" time="2023-12-01T11:27:23+03:00" level=warning msg=" - Couldn't find the CGroup network priority controller, network priority will be ignored" time="2023-12-01T11:27:23+03:00" level=warning msg=" - Couldn't find the CGroup memory swap accounting, swap limits will be ignored" time="2023-12-01T11:27:23+03:00" level=warning msg="Instance type not operational" driver=qemu err="KVM support is missing (no /dev/kvm)" type=virtual-machine time="2023-12-01T12:23:47+03:00" level=warning msg="AppArmor support has been disabled because of lack of kernel support" time="2023-12-01T12:23:47+03:00" level=warning msg=" - AppArmor support has been disabled, Disabled because of lack of kernel support" time="2023-12-01T12:23:47+03:00" level=warning msg=" - Couldn't find the CGroup network priority controller, network priority will be ignored" time="2023-12-01T12:23:47+03:00" level=warning msg=" - Couldn't find the CGroup memory swap accounting, swap limits will be ignored" time="2023-12-01T12:23:47+03:00" level=warning msg="Instance type not operational" driver=qemu err="KVM support is missing (no /dev/kvm)" type=virtual-machine time="2023-12-01T12:23:53+03:00" level=warning msg="Failed to update instance types: Get \"https://images.linuxcontainers.org/meta/instance-types/.yaml\": lookup images.linuxcontainers.org on [::1]:53: read udp [::1]:47294->[::1]:53: read: connection refused"

• [ ] Output of the client with --debug

• [ ] Output of the daemon with --debug (alternatively output of lxc monitor while reproducing the issue) root@tedis:~# ping 8.8.8.8 PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data. From 169.254.216.23 icmp_seq=1 Destination Host Unreachable From 169.254.216.23 icmp_seq=2 Destination Host Unreachable From 169.254.216.23 icmp_seq=3 Destination Host Unreachable From 169.254.216.23 icmp_seq=4 Destination Host Unreachable From 169.254.216.23 icmp_seq=5 Destination Host Unreachable From 169.254.216.23 icmp_seq=8 Destination Host Unreachable From 169.254.216.23 icmp_seq=9 Destination Host Unreachable ^C --- 8.8.8.8 ping statistics --- 11 packets transmitted, 0 received, +7 errors, 100% packet loss, time 10232ms pipe 4

host ~ $ ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8): 56 data bytes 92 bytes from medantix.local (169.254.216.23): Destination Host Unreachable 92 bytes from medantix.local (169.254.216.23): Destination Host Unreachable 92 bytes from medantix.local (169.254.216.23): Destination Host Unreachable 92 bytes from medantix.local (169.254.216.23): Destination Host Unreachable 92 bytes from medantix.local (169.254.216.23): Destination Host Unreachable 92 bytes from medantix.local (169.254.216.23): Destination Host Unreachable 92 bytes from medantix.local (169.254.216.23): Destination Host Unreachable 92 bytes from medantix.local (169.254.216.23): Destination Host Unreachable ^C--- 8.8.8.8 ping statistics --- 9 packets transmitted, 0 packets received, 100% packet loss

lxc monitor lxc monitor
location: none metadata: context: id: 7e5f6737-ec98-476a-bfc6-acac184d089d local: /var/lib/lxd/unix.socket remote: '@' level: debug message: Event listener server handler started timestamp: "2023-12-01T12:40:15.653770058+03:00" type: logging

location: none metadata: context: ip: '@' method: GET protocol: unix url: /1.0 username: catav level: debug message: Handling API request timestamp: "2023-12-01T12:40:35.517322824+03:00" type: logging

location: none metadata: context: ip: '@' method: GET protocol: unix url: /1.0/events username: catav level: debug message: Handling API request timestamp: "2023-12-01T12:40:35.52567153+03:00" type: logging

location: none metadata: context: ip: '@' method: POST protocol: unix url: /1.0/instances/tedis/exec username: catav level: debug message: Handling API request timestamp: "2023-12-01T12:40:35.53024608+03:00" type: logging

location: none metadata: context: id: 5f2cb093-738f-431b-9ee9-2fd7595f1421 local: /var/lib/lxd/unix.socket remote: '@' level: debug message: Event listener server handler started timestamp: "2023-12-01T12:40:35.531805176+03:00" type: logging

location: none metadata: context: {} level: debug message: Waiting for exec websockets to connect timestamp: "2023-12-01T12:40:35.563200071+03:00" type: logging

location: none metadata: class: websocket created_at: "2023-12-01T12:40:35.544243459+03:00" description: Executing command err: "" id: ce8bc6a3-457b-445e-b261-f55c62e6dc67 location: none may_cancel: false metadata: command:

• bash environment: HOME: /root LANG: C.UTF-8 PATH: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin TERM: xterm USER: root fds: "0": 4855ae2305bef3ff0e00454bf5c602dd94ee239b88b5e1423d945a6087dd7083 control: b816aa7a907b76ad03f1d76140e181461157884b8830d428decf748ceab880ec interactive: true resources: containers:
• /1.0/containers/tedis instances:
• /1.0/instances/tedis status: Pending status_code: 105 updated_at: "2023-12-01T12:40:35.544243459+03:00" project: default timestamp: "2023-12-01T12:40:35.561854697+03:00" type: operation

location: none metadata: context: class: websocket description: Executing command operation: ce8bc6a3-457b-445e-b261-f55c62e6dc67 project: default level: debug message: New operation timestamp: "2023-12-01T12:40:35.561515005+03:00" type: logging

location: none metadata: context: class: websocket description: Executing command operation: ce8bc6a3-457b-445e-b261-f55c62e6dc67 project: default level: debug message: Started operation timestamp: "2023-12-01T12:40:35.562088419+03:00" type: logging

location: none metadata: class: websocket created_at: "2023-12-01T12:40:35.544243459+03:00" description: Executing command err: "" id: ce8bc6a3-457b-445e-b261-f55c62e6dc67 location: none may_cancel: false metadata: command:

• bash environment: HOME: /root LANG: C.UTF-8 PATH: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin TERM: xterm USER: root fds: "0": 4855ae2305bef3ff0e00454bf5c602dd94ee239b88b5e1423d945a6087dd7083 control: b816aa7a907b76ad03f1d76140e181461157884b8830d428decf748ceab880ec interactive: true resources: containers:
• /1.0/containers/tedis instances:
• /1.0/instances/tedis status: Running status_code: 103 updated_at: "2023-12-01T12:40:35.544243459+03:00" project: default timestamp: "2023-12-01T12:40:35.562484461+03:00" type: operation

location: none metadata: context: class: websocket description: Executing command operation: ce8bc6a3-457b-445e-b261-f55c62e6dc67 project: default level: debug message: Connecting to operation timestamp: "2023-12-01T12:40:35.568443296+03:00" type: logging

location: none metadata: context: ip: '@' method: GET protocol: unix url: /1.0/operations/ce8bc6a3-457b-445e-b261-f55c62e6dc67/websocket?secret=b816aa7a907b76ad03f1d76140e181461157884b8830d428decf748ceab880ec username: catav level: debug message: Handling API request timestamp: "2023-12-01T12:40:35.568252005+03:00" type: logging

location: none metadata: context: class: websocket description: Executing command operation: ce8bc6a3-457b-445e-b261-f55c62e6dc67 project: default level: debug message: Connecting to operation timestamp: "2023-12-01T12:40:35.57266131+03:00" type: logging

location: none metadata: context: ip: '@' method: GET protocol: unix url: /1.0/operations/ce8bc6a3-457b-445e-b261-f55c62e6dc67/websocket?secret=4855ae2305bef3ff0e00454bf5c602dd94ee239b88b5e1423d945a6087dd7083 username: catav level: debug message: Handling API request timestamp: "2023-12-01T12:40:35.571583712+03:00" type: logging

location: none metadata: context: class: websocket description: Executing command operation: ce8bc6a3-457b-445e-b261-f55c62e6dc67 project: default level: debug message: Connected to operation timestamp: "2023-12-01T12:40:35.56901874+03:00" type: logging

location: none metadata: context: class: websocket description: Executing command operation: ce8bc6a3-457b-445e-b261-f55c62e6dc67 project: default level: debug message: Connected to operation timestamp: "2023-12-01T12:40:35.573227598+03:00" type: logging

location: none metadata: context: ip: '@' method: GET protocol: unix url: /1.0/operations/ce8bc6a3-457b-445e-b261-f55c62e6dc67 username: catav level: debug message: Handling API request timestamp: "2023-12-01T12:40:35.576669956+03:00" type: logging

location: none metadata: action: instance-exec context: command:

• bash source: /1.0/instances/tedis project: default timestamp: "2023-12-01T12:40:35.61454951+03:00" type: lifecycle

location: none metadata: context: attachedPid: "7201" instance: tedis instanceType: container project: default level: debug message: Retrieved PID of executing child process timestamp: "2023-12-01T12:40:35.614388069+03:00" type: logging

location: none metadata: context: PID: "7201" instance: tedis interactive: "true" project: default level: debug message: Instance process started timestamp: "2023-12-01T12:40:35.615616722+03:00" type: logging

location: none metadata: context: PID: "7201" instance: tedis interactive: "true" project: default level: debug message: Exec control handler started timestamp: "2023-12-01T12:40:35.616960096+03:00" type: logging

location: none metadata: context: PID: "7201" instance: tedis interactive: "true" number: "0" project: default level: debug message: Exec mirror websocket started timestamp: "2023-12-01T12:40:35.616370102+03:00" type: logging

[zcatav]

ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <NO-CARRIER,BROADCAST,MULTICAST,DYNAMIC,UP> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000 link/ether f4:6d:04:bb:ea:8d brd ff:ff:ff:ff:ff:ff 3: wlan0: <BROADCAST,MULTICAST,DYNAMIC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether e0:b9:a5:30:43:c4 brd ff:ff:ff:ff:ff:ff inet 192.168.214.117/24 brd 192.168.214.255 scope global wlan0 valid_lft forever preferred_lft forever inet6 fe80::e2b9:a5ff:fe30:43c4/64 scope link valid_lft forever preferred_lft forever 4: lxdbr0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000 link/ether 00:16:3e:2b:d3:20 brd ff:ff:ff:ff:ff:ff inet 10.17.247.1/24 scope global lxdbr0 valid_lft forever preferred_lft forever inet6 fd42:6e83:9e3d:1e00::1/64 scope global valid_lft forever preferred_lft forever inet6 fe80::216:3eff:fe2b:d320/64 scope link valid_lft forever preferred_lft forever 6: vethd422414a@if5: <BROADCAST,MULTICAST,DYNAMIC,UP,LOWER_UP> mtu 1500 qdisc noqueue master lxdbr0 state UP group default qlen 1000 link/ether 52:33:2c:e3:3c:cc brd ff:ff:ff:ff:ff:ff link-netnsid 0 inet 169.254.228.155/16 brd 169.254.255.255 scope global vethd422414a valid_lft forever preferred_lft forever inet6 fe80::5033:2cff:fee3:3ccc/64 scope link valid_lft forever preferred_lft forever

ip r 0.0.0.0 dev vethd422414a scope link default dev vethd422414a scope link 10.17.247.0/24 dev lxdbr0 proto kernel scope link src 10.17.247.1 169.254.0.0/16 dev vethd422414a proto kernel scope link src 169.254.228.155 192.168.214.0/24 dev wlan0 proto kernel scope link src 192.168.214.117 192.168.214.114 dev wlan0 scope link

iptables Chain INPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination

ufw Status: inactive

pss fauxww USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND root 2 0.0 0.0 0 0 ? S 12:23 0:00 [kthreadd] root 3 0.0 0.0 0 0 ? I< 12:23 0:00 _ [rcugp] root 4 0.0 0.0 0 0 ? I< 12:23 0:00 \ [rcu_pargp] root 5 0.0 0.0 0 0 ? I< 12:23 0:00 \ [slubflushwq] root 6 0.0 0.0 0 0 ? I< 12:23 0:00 _ [netns] root 7 0.0 0.0 0 0 ? I 12:23 0:00 _ [kworker/0:0-events] root 8 0.0 0.0 0 0 ? I< 12:23 0:00 \ [kworker/0:0H-eventshighpri] root 9 0.0 0.0 0 0 ? I 12:23 0:00 _ [kworker/u8:0-btrfs-endio-write] root 10 0.0 0.0 0 0 ? I< 12:23 0:00 \ [mm_percpuwq] root 11 0.0 0.0 0 0 ? I 12:23 0:00 \ [rcu_taskskthread] root 12 0.0 0.0 0 0 ? I 12:23 0:00 \ [rcu_tasks_tracekthread] root 13 0.0 0.0 0 0 ? S 12:23 0:00 _ [ksoftirqd/0] root 14 0.1 0.0 0 0 ? I 12:23 0:00 \ [rcupreempt] root 15 0.0 0.0 0 0 ? S 12:23 0:00 _ [migration/0] root 16 0.0 0.0 0 0 ? S 12:23 0:00 _ [cpuhp/0] root 17 0.0 0.0 0 0 ? S 12:23 0:00 _ [cpuhp/1] root 18 0.0 0.0 0 0 ? S 12:23 0:00 _ [migration/1] root 19 0.4 0.0 0 0 ? S 12:23 0:00 _ [ksoftirqd/1] root 20 0.0 0.0 0 0 ? I 12:23 0:00 _ [kworker/1:0-events] root 21 0.0 0.0 0 0 ? I< 12:23 0:00 \ [kworker/1:0H-eventshighpri] root 22 0.0 0.0 0 0 ? S 12:23 0:00 _ [cpuhp/2] root 23 0.0 0.0 0 0 ? S 12:23 0:00 _ [migration/2] root 24 2.2 0.0 0 0 ? S 12:23 0:04 _ [ksoftirqd/2] root 25 0.0 0.0 0 0 ? I 12:23 0:00 \ [kworker/2:0-rcugp] root 26 0.0 0.0 0 0 ? I< 12:23 0:00 _ [kworker/2:0H-kblockd] root 27 0.0 0.0 0 0 ? S 12:23 0:00 _ [cpuhp/3] root 28 0.0 0.0 0 0 ? S 12:23 0:00 _ [migration/3] root 29 0.3 0.0 0 0 ? S 12:23 0:00 _ [ksoftirqd/3] root 30 0.0 0.0 0 0 ? I 12:23 0:00 \ [kworker/3:0-mm_percpuwq] root 31 0.0 0.0 0 0 ? I< 12:23 0:00 \ [kworker/3:0H-eventshighpri] root 33 0.0 0.0 0 0 ? I 12:23 0:00 _ [kworker/u8:1-btrfs-endio-write] root 34 0.7 0.0 0 0 ? I 12:23 0:01 \ [kworker/u8:2-eventsunbound] root 35 0.0 0.0 0 0 ? I 12:23 0:00 _ [kworker/u8:3-btrfs-endio-write] root 36 0.0 0.0 0 0 ? S 12:23 0:00 _ [kdevtmpfs] root 37 0.0 0.0 0 0 ? I< 12:23 0:00 \ [inet_fragwq] root 38 0.0 0.0 0 0 ? S 12:23 0:00 _ [kauditd] root 39 0.0 0.0 0 0 ? I 12:23 0:00 _ [kworker/2:1-events] root 40 0.0 0.0 0 0 ? I 12:23 0:00 _ [kworker/0:1-events] root 41 0.0 0.0 0 0 ? S 12:23 0:00 \ [oomreaper] root 42 0.0 0.0 0 0 ? I< 12:23 0:00 _ [writeback] root 43 0.0 0.0 0 0 ? S 12:23 0:00 _ [kcompactd0] root 44 0.0 0.0 0 0 ? SN 12:23 0:00 _ [ksmd] root 45 0.0 0.0 0 0 ? SN 12:23 0:00 _ [khugepaged] root 46 0.0 0.0 0 0 ? I< 12:23 0:00 _ [kintegrityd] root 47 0.0 0.0 0 0 ? I< 12:23 0:00 _ [kblockd] root 48 0.0 0.0 0 0 ? I< 12:23 0:00 \ [blkcg_puntbio] root 49 0.0 0.0 0 0 ? I< 12:23 0:00 \ [atasff] root 50 0.0 0.0 0 0 ? I< 12:23 0:00 _ [md] root 51 0.0 0.0 0 0 ? I< 12:23 0:00 _ [edac-poller] root 52 0.0 0.0 0 0 ? I< 12:23 0:00 \ [devfreqwq] root 53 0.0 0.0 0 0 ? S 12:23 0:00 _ [watchdogd] root 54 0.0 0.0 0 0 ? I< 12:23 0:00 _ [kworker/0:1H-kblockd] root 55 0.0 0.0 0 0 ? S 12:23 0:00 _ [kswapd0] root 56 0.0 0.0 0 0 ? I 12:23 0:00 _ [kworker/1:1-pm] root 58 0.1 0.0 0 0 ? I 12:23 0:00 _ [kworker/3:1-events] root 63 0.0 0.0 0 0 ? I< 12:23 0:00 _ [kthrotld] root 66 0.0 0.0 0 0 ? I 12:23 0:00 _ [kworker/0:2] root 68 0.0 0.0 0 0 ? I 12:23 0:00 _ [kworker/2:2-events] root 69 0.0 0.0 0 0 ? I< 12:23 0:00 _ [nvme-wq] root 70 0.0 0.0 0 0 ? I< 12:23 0:00 _ [nvme-reset-wq] root 71 0.0 0.0 0 0 ? I< 12:23 0:00 _ [nvme-delete-wq] root 72 0.0 0.0 0 0 ? S 12:23 0:00 \ [scsi_eh0] root 73 0.0 0.0 0 0 ? I< 12:23 0:00 \ [scsi_tmf0] root 74 0.0 0.0 0 0 ? S 12:23 0:00 \ [scsi_eh1] root 75 0.0 0.0 0 0 ? I< 12:23 0:00 \ [scsi_tmf1] root 76 0.0 0.0 0 0 ? S 12:23 0:00 \ [scsi_eh2] root 77 0.0 0.0 0 0 ? I< 12:23 0:00 \ [scsi_tmf2] root 78 0.0 0.0 0 0 ? S 12:23 0:00 \ [scsi_eh3] root 79 0.0 0.0 0 0 ? I< 12:23 0:00 \ [scsi_tmf3] root 80 0.0 0.0 0 0 ? I 12:23 0:00 _ [kworker/u8:4-btrfs-endio-write] root 83 0.0 0.0 0 0 ? I 12:23 0:00 _ [kworker/u8:5-btrfs-endio-write] root 84 0.0 0.0 0 0 ? I 12:23 0:00 _ [kworker/u8:6-btrfs-endio-write] root 87 0.0 0.0 0 0 ? I< 12:23 0:00 \ [dm_bufiocache] root 88 0.0 0.0 0 0 ? I< 12:23 0:00 _ [tls-strp] root 89 0.0 0.0 0 0 ? I< 12:23 0:00 _ [mld] root 90 0.0 0.0 0 0 ? I< 12:23 0:00 _ [kworker/2:1H-kblockd] root 91 0.0 0.0 0 0 ? I< 12:23 0:00 \ [ipv6addrconf] root 97 0.0 0.0 0 0 ? I< 12:23 0:00 _ [kstrp] root 99 0.0 0.0 0 0 ? I< 12:23 0:00 _ [zswap-shrink] root 100 0.0 0.0 0 0 ? I< 12:23 0:00 _ [kworker/u9:0-hci0] root 145 0.0 0.0 0 0 ? I< 12:23 0:00 \ [chargermanager] root 175 0.0 0.0 0 0 ? I< 12:23 0:00 _ [kworker/1:1H-kblockd] root 180 0.0 0.0 0 0 ? I< 12:23 0:00 _ [kworker/3:1H-kblockd] root 194 0.0 0.0 0 0 ? I< 12:23 0:00 \ [acpi_thermalpm] root 195 0.0 0.0 0 0 ? S 12:23 0:00 _ [napi/eth%d-8193] root 196 0.0 0.0 0 0 ? S 12:23 0:00 _ [napi/eth%d-0] root 200 0.0 0.0 0 0 ? I 12:23 0:00 _ [kworker/3:2-pm] root 201 0.0 0.0 0 0 ? I 12:23 0:00 \ [kworker/3:3-mm_percpuwq] root 202 0.0 0.0 0 0 ? I 12:23 0:00 \ [kworker/1:2-mm_percpuwq] root 203 0.0 0.0 0 0 ? I 12:23 0:00 \ [kworker/1:3-inet_fragwq] root 204 0.0 0.0 0 0 ? I 12:23 0:00 \ [kworker/2:3-mm_percpuwq] root 216 0.0 0.0 0 0 ? I< 12:23 0:00 \ [tpm_devwq] root 296 0.0 0.0 0 0 ? I< 12:23 0:00 _ [kdmflush/253:0] root 301 0.0 0.0 0 0 ? I< 12:23 0:00 _ [cryptd] root 311 0.0 0.0 0 0 ? I< 12:23 0:00 \ [kcryptdio/253:] root 312 0.0 0.0 0 0 ? I< 12:23 0:00 _ [kcryptd/253:0] root 313 0.0 0.0 0 0 ? S 12:23 0:00 \ [dmcryptwrite/253:0] root 350 0.0 0.0 0 0 ? S 12:23 0:00 _ [jbd2/dm-0-8] root 351 0.0 0.0 0 0 ? I< 12:23 0:00 _ [ext4-rsv-conver] root 613 0.0 0.0 0 0 ? I< 12:23 0:00 _ [cfg80211] root 638 0.0 0.0 0 0 ? S 12:23 0:00 \ [wl_eventhandler] root 651 0.0 0.0 0 0 ? S 12:23 0:00 _ [card0-crtc0] root 652 0.0 0.0 0 0 ? S 12:23 0:00 _ [card0-crtc1] root 1051 0.0 0.0 0 0 ? I< 12:23 0:00 _ [kworker/u9:1-hci0] root 1052 0.0 0.0 0 0 ? I< 12:23 0:00 _ [kworker/u9:2-hci0] root 1248 0.0 0.0 0 0 ? I 12:23 0:00 _ [kworker/3:4-pm] root 1250 0.0 0.0 0 0 ? I 12:23 0:00 _ [kworker/3:5-events] root 1253 0.0 0.0 0 0 ? I 12:23 0:00 _ [kworker/3:6] root 1463 0.0 0.0 0 0 ? S 12:23 0:00 _ [jbd2/sda2-8] root 1464 0.0 0.0 0 0 ? I< 12:23 0:00 _ [ext4-rsv-conver] root 1687 0.0 0.0 0 0 ? I< 12:23 0:00 _ [rpciod] root 1688 0.0 0.0 0 0 ? I< 12:23 0:00 _ [xprtiod] root 1690 0.0 0.0 0 0 ? I< 12:23 0:00 _ [nfsiod] root 2279 0.0 0.0 0 0 ? I< 12:23 0:00 _ [kworker/2:2H] root 2345 0.0 0.0 0 0 ? I< 12:23 0:00 _ [dio/dm-0] root 2360 0.0 0.0 0 0 ? I< 12:23 0:00 _ [btrfs-worker] root 2361 0.0 0.0 0 0 ? I< 12:23 0:00 _ [btrfs-worker-hi] root 2363 0.0 0.0 0 0 ? I< 12:23 0:00 _ [btrfs-delalloc] root 2364 0.0 0.0 0 0 ? I< 12:23 0:00 \ [btrfs-flushdel] root 2365 0.0 0.0 0 0 ? I< 12:23 0:00 _ [btrfs-cache] root 2366 0.0 0.0 0 0 ? I< 12:23 0:00 _ [btrfs-fixup] root 2367 0.0 0.0 0 0 ? I< 12:23 0:00 _ [btrfs-endio] root 2368 0.0 0.0 0 0 ? I< 12:23 0:00 _ [btrfs-endio-met] root 2369 0.0 0.0 0 0 ? I< 12:23 0:00 _ [btrfs-endio-rai] root 2370 0.0 0.0 0 0 ? I< 12:23 0:00 _ [btrfs-rmw] root 2371 0.0 0.0 0 0 ? I< 12:23 0:00 _ [btrfs-endio-wri] root 2372 0.0 0.0 0 0 ? I< 12:23 0:00 _ [btrfs-compresse] root 2373 0.0 0.0 0 0 ? I< 12:23 0:00 _ [btrfs-freespace] root 2374 0.0 0.0 0 0 ? I< 12:23 0:00 _ [btrfs-delayed-m] root 2375 0.0 0.0 0 0 ? I< 12:23 0:00 _ [btrfs-qgroup-re] root 2376 0.0 0.0 0 0 ? S 12:23 0:00 _ [btrfs-cleaner] root 2377 0.0 0.0 0 0 ? S 12:23 0:00 _ [btrfs-transaction] root 2661 0.0 0.0 0 0 ? I 12:23 0:00 \ [kworker/u8:7-eventsunbound] root 2813 0.0 0.0 0 0 ? I 12:24 0:00 _ [kworker/u8:8] root 2919 0.0 0.0 0 0 ? I 12:24 0:00 \ [kworker/1:4] root 1 0.2 0.0 3296 1892 ? Ss 12:23 0:00 init [5] root 549 0.8 0.1 23480 6064 ? S 12:23 0:01 /sbin/udevd rpc 1673 0.0 0.0 4420 2076 ? Ss 12:23 0:00 /sbin/rpcbind -w statd 1682 0.0 0.0 4532 1760 ? Ss 12:23 0:00 /sbin/rpc.statd root 1697 0.0 0.0 2832 1964 ? Ss 12:23 0:00 /usr/sbin/rpc.idmapd root 1988 0.0 0.0 2632 1724 ? Ss 12:23 0:00 /usr/sbin/acpid root 2055 0.0 0.0 2492 916 ? S 12:23 0:00 /usr/sbin/seatd -g video root 2074 0.0 0.0 152752 1800 ? Sl 12:23 0:00 /usr/bin/lxcfs /var/lib/lxcfs root 2089 0.5 0.1 8264 4184 ? Ss 12:23 0:00 @usr/sbin/haveged root 2096 0.0 0.0 2576 104 ? Ss 12:23 0:00 /usr/sbin/gpm -m /dev/input/mice -t exps2 message+ 2113 0.1 0.0 4560 1976 ? Ss 12:23 0:00 /usr/bin/dbus-daemon --system root 2120 0.0 0.0 11952 2980 ? Ss 12:23 0:00 sshd: /usr/sbin/sshd [listener] 0 of 10-100 startups root 2135 1.4 0.3 23876 15380 ? Ss 12:23 0:02 /usr/bin/slimski -d root 2143 3.0 1.8 351548 75332 tty7 Rsl+ 12:23 0:04 _ /usr/lib/xorg/Xorg -nolisten tcp -auth /var/run/slimski.auth vt07 catav 2677 0.4 0.0 77476 3832 ? Ss 12:24 0:00 _ /bin/bash /usr/local/bin/desktop-session zzz-icewm catav 2739 0.0 0.0 9420 2380 ? S 12:24 0:00 _ /usr/bin/icewm-session catav 2745 1.8 0.4 147840 18616 ? Ss 12:24 0:02 _ /usr/bin/icewm --notify avahi 2146 0.0 0.0 3660 2340 ? S 12:23 0:00 avahi-daemon: running [medantix.local] avahi 2147 0.0 0.0 3480 192 ? S 12:23 0:00 _ avahi-daemon: chroot helper root 2149 0.0 0.0 76624 2128 ? Ss 12:23 0:00 /usr/sbin/cron root 2150 0.0 0.0 8240 1356 ? S 12:23 0:00 /usr/sbin/smartd --pidfile /var/run/smartd.pid root 2153 0.0 0.1 9708 5488 ? S 12:23 0:00 /usr/sbin/bluetoothd root 2164 3.5 2.3 1841604 96000 ? Sl 12:23 0:05 /usr/bin/lxd --group lxd --logfile=/var/log/lxd/lxd.log nobody 2409 1.3 0.4 20644 17160 ? Ss 12:23 0:02 \ dnsmasq --keep-in-foreground --strict-order --bind-interfaces --except-interface=lo --pid-file= --no-ping --interface=lxdbr0 --dhcp-rapid-commit --quiet-dhcp --quiet-dhcp6 --quiet-ra --listen-address=10.17.247.1 --dhcp-no-override --dhcp-authoritative --dhcp-leasefile=/var/lib/lxd/networks/lxdbr0/dnsmasq.leases --dhcp-hostsfile=/var/lib/lxd/networks/lxdbr0/dnsmasq.hosts --dhcp-range 10.17.247.2,10.17.247.254,1h --listen-address=fd42:6e83:9e3d:1e00::1 --enable-ra --dhcp-range ::,constructor:lxdbr0,ra-stateless,ra-names -s lxd --interface-name _gateway.lxd,lxdbr0 -S /lxd/ --conf-file=/var/lib/lxd/networks/lxdbr0/dnsmasq.raw -u nobody -g lxd root 2173 0.1 0.1 13684 4652 ? Ss 12:23 0:00 /usr/sbin/connmand --nodnsproxy root 2213 0.2 0.2 13840 10256 ? S 12:23 0:00 /sbin/wpa_supplicant -u -s -O /run/wpasupplicant root 2216 0.0 0.1 12524 6244 ? Ss 12:23 0:00 /usr/sbin/cupsd -C /etc/cups/cupsd.conf -s /etc/cups/cups-files.conf root 2261 0.0 0.0 42016 480 ? Ss 12:23 0:00 /usr/sbin/saned -a saned root 2269 0.0 0.0 42016 480 ? S 12:23 0:00 \ /usr/sbin/saned -a saned postgres 2329 0.1 0.7 288276 29584 ? Ss 12:23 0:00 /usr/lib/postgresql/15/bin/postgres -D /var/lib/postgresql/15/main -c configfile=/etc/postgresql/15/main/postgresql.conf postgres 2330 0.0 0.1 288408 5860 ? Ss 12:23 0:00 _ postgres: 15/main: checkpointer postgres 2331 0.0 0.1 288428 5812 ? Ss 12:23 0:00 _ postgres: 15/main: background writer postgres 2333 0.0 0.2 288276 10276 ? Ss 12:23 0:00 _ postgres: 15/main: walwriter postgres 2334 0.0 0.2 289876 8532 ? Ss 12:23 0:00 _ postgres: 15/main: autovacuum launcher postgres 2335 0.0 0.1 289856 6812 ? Ss 12:23 0:00 _ postgres: 15/main: logical replication launcher root 2478 0.0 0.4 1281536 19848 ? Ss 12:23 0:00 [lxc monitor] /var/lib/lxd/containers tedis 165536 2486 0.4 0.2 165312 9976 ? Ss 12:23 0:00 _ /sbin/init 165536 2645 0.3 0.2 31996 11928 ? Ss 12:23 0:00 _ /lib/systemd/systemd-journald 165536 2654 0.0 0.1 20612 4744 ? Ss 12:23 0:00 _ /lib/systemd/systemd-udevd 165637 2658 0.2 0.1 16048 6008 ? Ss 12:23 0:00 _ /lib/systemd/systemd-networkd 165639 2664 0.0 0.1 8228 4232 ? Ss 12:23 0:00 _ /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only 165536 2666 0.2 0.1 13400 5616 ? Ss 12:23 0:00 _ /lib/systemd/systemd-logind 165638 2667 0.2 0.2 21204 8304 ? Ss 12:23 0:00 _ /lib/systemd/systemd-resolved 165536 2673 0.0 0.0 5476 2280 pts/0 Ss+ 12:23 0:00 _ /sbin/agetty -o -p -- \u --noclear --keep-baud console 115200,38400,9600 linux root 2536 0.0 0.0 75888 1048 tty1 Ss+ 12:23 0:00 /sbin/getty --noclear 38400 tty1 root 2537 0.0 0.0 75888 1036 tty2 Ss+ 12:23 0:00 /sbin/getty 38400 tty2 root 2538 0.0 0.0 75888 1020 tty3 Ss+ 12:23 0:00 /sbin/getty 38400 tty3 root 2539 0.0 0.0 75888 1076 tty4 Ss+ 12:23 0:00 /sbin/getty 38400 tty4 root 2540 0.0 0.0 75888 1060 tty5 Ss+ 12:23 0:00 /sbin/getty 38400 tty5 root 2541 0.0 0.0 75888 1028 tty6 Ss+ 12:23 0:00 /sbin/getty 38400 tty6 catav 2755 1.3 0.9 299088 36316 ? S 12:24 0:01 zzzfm --desktop catav 2795 0.0 0.0 76948 1736 ? S 12:24 0:00 /bin/bash /home/catav/.desktop-session/startup catav 2991 0.1 0.6 417656 24312 ? Sl 12:24 0:00 _ volumeicon catav 2802 0.0 0.0 76948 1648 ? S 12:24 0:00 /bin/bash /usr/local/bin/pipewire-start catav 2827 0.1 0.2 177748 11732 ? Sl 12:24 0:00 _ pipewire catav 2806 1.5 0.2 465044 9692 ? Sl 12:24 0:02 conky catav 2828 0.1 0.3 99796 14520 ? S 12:24 0:00 fbxkb catav 2841 0.0 0.0 6512 1992 ? S 12:24 0:00 dbus-launch --autolaunch 8fbc0c8a96ae65ad515322c06564890d --binary-syntax --close-stderr catav 2847 0.0 0.0 4440 2096 ? Ss 12:24 0:00 /usr/bin/dbus-daemon --syslog-only --fork --print-pid 5 --print-address 7 --session catav 2874 0.0 0.0 77472 3772 ? S 12:24 0:00 /bin/bash /usr/bin/devmon --exec-on-drive desktop-defaults-run -fm "%d" --exec-on-disc desktop-defaults-run -fm "%d" catav 2979 0.0 0.0 78924 3832 ? S 12:24 0:00 _ /usr/bin/udevil --monitor catav 2885 0.5 0.5 398056 21928 ? Sl 12:24 0:00 wireplumber catav 2888 0.0 0.1 166956 7688 ? Sl 12:24 0:00 pipewire-pulse catav 3278 4.8 2.7 659188 110384 ? Sl 12:24 0:05 cmst catav 3379 0.9 0.8 302632 33220 ? S 12:25 0:00 roxterm catav 3401 2.6 0.1 80732 7016 pts/0 Ss 12:25 0:01 _ /usr/bin/zsh catav 3623 600 0.0 77776 3968 pts/0 R+ 12:26 0:00 \ ps fauxww

[zcatav]

And finally nft -a list ruleset table inet lxd { # handle 5 chain pstrt.lxdbr0 { # handle 1 type nat hook postrouting priority srcnat; policy accept; ip saddr 10.17.247.0/24 ip daddr != 10.17.247.0/24 masquerade # handle 2 ip6 saddr fd42:6e83:9e3d:1e00::/64 ip6 daddr != fd42:6e83:9e3d:1e00::/64 masquerade # handle 3 }

chain fwd.lxdbr0 { # handle 4
    type filter hook forward priority filter; policy accept;
    ip version 4 oifname "lxdbr0" accept # handle 5
    ip version 4 iifname "lxdbr0" accept # handle 6
    ip6 version 6 oifname "lxdbr0" accept # handle 7
    ip6 version 6 iifname "lxdbr0" accept # handle 8
}

chain in.lxdbr0 { # handle 9
    type filter hook input priority filter; policy accept;
    iifname "lxdbr0" tcp dport 53 accept # handle 11
    iifname "lxdbr0" udp dport 53 accept # handle 12
    iifname "lxdbr0" icmp type { destination-unreachable, time-exceeded, parameter-problem } accept # handle 14
    iifname "lxdbr0" udp dport 67 accept # handle 15
    iifname "lxdbr0" icmpv6 type { destination-unreachable, packet-too-big, time-exceeded, parameter-problem, nd-router-solicit, nd-neighbor-solicit, nd-neighbor-advert, mld2-listener-report } accept # handle 17
    iifname "lxdbr0" udp dport 547 accept # handle 18
}

chain out.lxdbr0 { # handle 10
    type filter hook output priority filter; policy accept;
    oifname "lxdbr0" tcp sport 53 accept # handle 19
    oifname "lxdbr0" udp sport 53 accept # handle 20
    oifname "lxdbr0" icmp type { destination-unreachable, time-exceeded, parameter-problem } accept # handle 22
    oifname "lxdbr0" udp sport 67 accept # handle 23
    oifname "lxdbr0" icmpv6 type { destination-unreachable, packet-too-big, time-exceeded, parameter-problem, echo-request, nd-router-advert, nd-neighbor-solicit, nd-neighbor-advert, mld2-listener-report } accept # handle 25
    oifname "lxdbr0" udp sport 547 accept # handle 26
}

}

[zcatav]

Hello, When I saw both iptables and nftables in the system, I wondered why there were both. I uninstalled the old iptables. Connman and ufw were also deleted from the system. I set cni instead of connman, ufw was already closed. The system now appears to be working as it should.