Open utkonos opened 3 years ago
maybe rename this issue "cannot configure Cuckoo to use VPN following documentation" in order raise visibility... seems like a pretty big issue.
Here is the root cause of this issue:
When Cuckoo starts, this command is sent to the rooter:
rooter("rt_available", entry.rt_table)
The rooter then issues the following command via subprocess
:
ip route show table default
The result of this command is the following error:
The result of this command is an error:
Error: ipv4: FIB table does not exist.
Dump terminated
According to the maintainers of the upstream iproute2, this is a new error and behavior for iproute2. There is a thread on their mailing list about the above: https://www.spinics.net/lists/netdev/msg559739.html
thanks for the mailing list reference for further info. sounds like the easiest place to fix this issue is within cuckoo to have the rooter subprocess issue a different command or be able to handle the error.
i will try to escalate with cuckoo devs, as no VPN = clear communication to potential adversary that analysis is being performed (either via Tor or clearnet).
after discussing with Hatching folks, easiest step would be to use Ubuntu 18.04 LTS instead. will probably be a while before the Cuckoo dev community move to a later Ubuntu LTS and start fixing issues like this unfortunately (18.04 LTS supported until April 2023).
My issue is:
Using iproute2 v.5, the following error is returned when the rooter runs this command via subprocess:
My Cuckoo version and operating system are:
2.0.7 on Ubuntu 20.04
This can be reproduced by:
Configure vpn to be on according to the documentation.
The log, error, files etc can be found at:
Error: ipv4: FIB table does not exist. Dump terminated