Error while sending packet on enp2s0: [Errno 1] Operation not permitted

[Dalarialus]

Hello! I've installed wsdd on my Ubuntu 20.04.2 server and seem to be having some issues. When the service is running, I'm seeing some errors. Any ideas what these could mean?

Many Thanks!

user@box:~$ sudo systemctl status wsdd
● wsdd.service - Web Services Dynamic Discovery host daemon
     Loaded: loaded (/lib/systemd/system/wsdd.service; enabled; vendor preset: enabled)
     Active: active (running) since Sat 2021-04-03 02:31:09 UTC; 10s ago
   Main PID: 15163 (python3)
      Tasks: 1 (limit: 38271)
     Memory: 11.5M
     CGroup: /system.slice/wsdd.service
             └─15163 python3 /usr/bin/wsdd --workgroup WORKGROUP --verbose --interface enp2s0 --hostname box --discovery

Apr 03 02:31:12 box wsdd[15163]: 2021-04-03 02:31:12,868:wsdd INFO(pid 15163): 192.168.1.168 - - "POST /6c21a13f-9278-524d-bb48-2f976fe4dd67 HTTP/1.1" 200 -
Apr 03 02:31:12 box wsdd[15163]: 2021-04-03 02:31:12,872:wsdd INFO(pid 15163): 192.168.1.181 - - "POST /6c21a13f-9278-524d-bb48-2f976fe4dd67 HTTP/1.1" 200 -
Apr 03 02:31:12 box wsdd[15163]: 2021-04-03 02:31:12,945:wsdd ERROR(pid 15163): error while sending packet on enp2s0: [Errno 1] Operation not permitted
Apr 03 02:31:13 box wsdd[15163]: 2021-04-03 02:31:13,067:wsdd ERROR(pid 15163): error while sending packet on enp2s0: [Errno 1] Operation not permitted
Apr 03 02:31:13 box wsdd[15163]: 2021-04-03 02:31:13,184:wsdd ERROR(pid 15163): error while sending packet on enp2s0: [Errno 1] Operation not permitted
Apr 03 02:31:13 box wsdd[15163]: 2021-04-03 02:31:13,548:wsdd ERROR(pid 15163): error while sending packet on enp2s0: [Errno 1] Operation not permitted
Apr 03 02:31:13 box wsdd[15163]: 2021-04-03 02:31:13,659:wsdd ERROR(pid 15163): error while sending packet on enp2s0: [Errno 1] Operation not permitted
Apr 03 02:31:14 box wsdd[15163]: 2021-04-03 02:31:14,048:wsdd ERROR(pid 15163): error while sending packet on enp2s0: [Errno 1] Operation not permitted
Apr 03 02:31:14 box wsdd[15163]: 2021-04-03 02:31:14,593:wsdd INFO(pid 15163): 192.168.1.181:3702(enp2s0) - - "ProbeMatches urn:uuid:82f1a5b6-bfe6-4120-b88e-eb70ad3b63d6 UDP" - -
Apr 03 02:31:14 box wsdd[15163]: 2021-04-03 02:31:14,600:wsdd INFO(pid 15163): discovered OTHERBOX in Workgroup:WORKGROUP on 192.168.1.181%enp2s0

Here is my wsdd.service:

[Unit]
Description=Web Services Dynamic Discovery host daemon
After=network-online.target
Wants=network-online.target

[Service]
Type=simple
EnvironmentFile=/etc/wsdd.conf
ExecStart=/usr/bin/wsdd $WSDD_PARAMS
User=daemon
Group=daemon

[Install]
WantedBy=multi-user.target

And here is my /etc/wsdd.conf:

# command line parameters for wsdd (consult man page)
WSDD_PARAMS="--workgroup WORKGROUP --verbose --interface enp2s0 --hostname box --discovery"

[christgau]

There are errors when sending UDP packets on enp2s0. Check your firewall for that interface and refer to the README for details on the appropriate settings.

[AdamReece-WebBox]

I get this too even with the firewall software turned off entirely, and running WSDD as root temporarily (interactively in verbose mode). Is there a kernel option somewhere to permit multicast use perhaps?

I noticed with the same firewall (CSF+LFD) this works fine on Debian 11 but not Debian 10.

[christgau]

I get this too even with the firewall software turned off entirely, and running WSDD as root temporarily (interactively in verbose mode).

Does anything related appear in the journal or dmesg output?

[AdamReece-WebBox]

Nothing of special interest really. Here's the syslog when restarting wsdd:

Dec 14 09:28:29 example-hostname systemd[1]: wsdd.service: Succeeded.
Dec 14 09:28:29 example-hostname systemd[1]: Stopped Web Services Dynamic Discovery host daemon.
Dec 14 09:28:29 example-hostname systemd[1]: Started Web Services Dynamic Discovery host daemon.
Dec 14 09:28:29 example-hostname wsdd[6433]: 2021-12-14 09:28:29,735:wsdd WARNING(pid 6433): no interface given, using all interfaces
Dec 14 09:28:29 example-hostname wsdd[6433]: 2021-12-14 09:28:29,736:wsdd WARNING(pid 6433): Discovery enabled but no listen option provided. Falling back to port 5359
Dec 14 09:28:29 example-hostname wsdd[6433]: 2021-12-14 09:28:29,741:wsdd ERROR(pid 6433): error while sending packet on ens192: [Errno 1] Operation not permitted
Dec 14 09:28:29 example-hostname wsdd[6433]: 2021-12-14 09:28:29,741:wsdd ERROR(pid 6433): error while sending packet on ens192: [Errno 1] Operation not permitted
Dec 14 09:28:29 example-hostname wsdd[6433]: 2021-12-14 09:28:29,741:wsdd WARNING(pid 6433): cannot unset all_multicast: [Errno 92] Protocol not available
Dec 14 09:28:32 example-hostname wsdd[6433]: 2021-12-14 09:28:32,746:wsdd ERROR(pid 6433): error while sending packet on ens192: [Errno 1] Operation not permitted
Dec 14 09:28:32 example-hostname wsdd[6433]: 2021-12-14 09:28:32,746:wsdd ERROR(pid 6433): error while sending packet on ens192: [Errno 1] Operation not permitted
Dec 14 09:28:32 example-hostname wsdd[6433]: 2021-12-14 09:28:32,746:wsdd ERROR(pid 6433): error while sending packet on ens192: [Errno 1] Operation not permitted
Dec 14 09:28:32 example-hostname wsdd[6433]: 2021-12-14 09:28:32,747:wsdd ERROR(pid 6433): error while sending packet on ens192: [Errno 1] Operation not permitted
Dec 14 09:28:32 example-hostname wsdd[6433]: 2021-12-14 09:28:32,747:wsdd ERROR(pid 6433): error while sending packet on ens192: [Errno 1] Operation not permitted
Dec 14 09:28:32 example-hostname wsdd[6433]: 2021-12-14 09:28:32,747:wsdd ERROR(pid 6433): error while sending packet on ens192: [Errno 1] Operation not permitted
Dec 14 09:28:32 example-hostname wsdd[6433]: 2021-12-14 09:28:32,747:wsdd ERROR(pid 6433): error while sending packet on ens192: [Errno 1] Operation not permitted
Dec 14 09:28:32 example-hostname wsdd[6433]: 2021-12-14 09:28:32,747:wsdd ERROR(pid 6433): error while sending packet on ens192: [Errno 1] Operation not permitted
Dec 14 09:28:32 example-hostname wsdd[6433]: 2021-12-14 09:28:32,747:wsdd ERROR(pid 6433): error while sending packet on ens192: [Errno 1] Operation not permitted
Dec 14 09:28:32 example-hostname wsdd[6433]: 2021-12-14 09:28:32,747:wsdd ERROR(pid 6433): error while sending packet on ens192: [Errno 1] Operation not permitted
Dec 14 09:28:32 example-hostname wsdd[6433]: 2021-12-14 09:28:32,747:wsdd ERROR(pid 6433): error while sending packet on ens192: [Errno 1] Operation not permitted
Dec 14 09:28:32 example-hostname wsdd[6433]: 2021-12-14 09:28:32,830:wsdd ERROR(pid 6433): error while sending packet on ens192: [Errno 1] Operation not permitted
Dec 14 09:28:32 example-hostname wsdd[6433]: 2021-12-14 09:28:32,997:wsdd ERROR(pid 6433): error while sending packet on ens192: [Errno 1] Operation not permitted

dmesg is just showing a subset of syslog.

[AdamReece-WebBox]

Oh, cannot unset all_multicast, that could be of interest. You've got this logged already here: https://github.com/christgau/wsdd/issues/60 Looks like a feature introduced to the Linux Kernel in version 4.20, which would explain why Debian 10 (running 4.9) has this problem but Debian 11 (running 5+) does not.

[christgau]

Looks like a feature introduced to the Linux Kernel in version 4.20, which would explain why Debian 10 (running 4.9) has this problem but Debian 11 (running 5+) does not.

Could be. Try to run wsdd with IPv4 only by using wsdd -4 ... as suggested #60. But otherwise make sure that there are no remaining rules left in the system when you turn off CSF+LFD. I am not familiar with that software, but low-level tools like ip[6]tables -L or nft list ruleset might reveal more...

[AdamReece-WebBox]

Thanks for the suggestion. Unfortunately using -4 doesn't resolve the issue. ip[6]tables -L reveals that there are no residual rules remaining after turning CSF+LFD off entirely.

I'm happy to accept that your program depends on a kernel feature from 4.20 though, and aren't going to lose sleep over certain hosts not being discoverable in the network view. Some of our colleagues use this but we also deploy a desktop shortcut for important shares as standard (until colleagues delete them of course), so this is really more of a high-tier nice to have.

This works brilliantly on Debian 11 hosts though, very much fulfils the tool's purpose. Thank you kindly for contributing this, and if its in line with your plans, would wish you well in having this accepted into standard distribution repositories.

Have a splendid day!

[christgau]

I'm happy to accept that your program depends on a kernel feature from 4.20 though, [...]

That's actually not the case. It works on older kernels as well without the error message ("permission denied") that we're discussing. What might also be the case is that the router or the switch that connects the machine does not allow IGMP membership requests. As a consequence messages to the multicast addresses are not allowed. But that's pure speculation, especially since it is not clear from the error message to which address the messages are actually sent.

[...] and aren't going to lose sleep over certain hosts not being discoverable in the network view

Totally understandable. I appreciate your feedback anyways.

Thank you kindly for contributing this

Thanks.

and if its in line with your plans, would wish you well in having this accepted into standard distribution repositories.

It would be great to see this as well. Some distros already included it - even in their official repos. There are efforts by some users in the community to provide a Debian package. An unofficial one already exists. Some users appear to have further interest to get it into the official repo. See #19 for the discussion. For me, it is currently out of scope to provide and especially maintain an official package for Debian, although it would be quite interesting to dig into that topic...

[christgau]

OP did bit come back for about three years. Meanwhile, wsdd has landed in official Debian/Ubuntu repos. So closing that issue.

[AdamReece-WebBox]

Hello :) Sorry I forgot whether I needed to do anything further. As it happens the particular hosts running an older kernel are still running as they are. (Reliability!)

Great to hear wsdd has landed in official repositories though. Particularly with Microsoft deprecating their Computer Browser service this will certainly add value.