search

deadash / droidwall

Automatically exported from code.google.com/p/droidwall
0 stars 0 forks source link

"fix me" error message #135

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago 
What steps will reproduce the problem?
1. Authorize 32 apps to send on output chain.

What is the expected output? What do you see instead?

Expect adding more rules will function. Adding more rules is impossible and 
there is an error message saying

Fix me implement getprotobynumber bionic/libs/bionic/stubs.c:384

What version of the product are you using? On what operating system?

Latest release as of today. 1.5.0. Android 2.3.3 cyanogen mod 7 rc4.

Please provide any additional information below

Original issue reported on code.google.com by kristian...@gmail.com on 14 Apr 2011 at 9:18

GoogleCodeExporter commented 8 years ago 
This "fixme" message is just a warning issued by iptables on ALL situations. 
That is surely not the cause of your problem....

You say that selecting up to 32 apps on the list works fine (you can apply the 
rules), but selecting more than 32 apps causes an error? Is my understanding 
correct?

If that is the case, what "exit code" do you get? And is there any other 
message rather than this "fixme" one?

Original comment by rodrigo...@gmail.com on 14 Apr 2011 at 12:26

GoogleCodeExporter commented 8 years ago 
Yes, it appears so. There is no error code other than the message. All apps
are allowed to communicate after 32, so output chain is now not protecting
outbound traffic. It appears to set the uid checks from 0 to 999999 for some
reason.

Original comment by kristian...@gmail.com on 14 Apr 2011 at 4:40

GoogleCodeExporter commented 8 years ago 
What is the output of "Show Rules"? You can also get that with the following 
command on a terminal emulator:

iptables -L -v

Original comment by rodrigo...@gmail.com on 14 Apr 2011 at 4:53

GoogleCodeExporter commented 8 years ago 
FWIW I also suddenly started getting this error on my Viewsonic G-Tablet 
running Cyanogenmod 7, immediately after adding two new rules.

To fix it, I went into "Manage Applications" and selected to clear the 
applications data and went through configuring everything up again and now it 
works.

I currently have 38 rules and it's working ok. But I've only been selecting the 
wifi option as this device doesn't have a mobile phone connection...

Original comment by grepular@googlemail.com on 18 Apr 2011 at 10:07

GoogleCodeExporter commented 8 years ago 
I am not able to reproduce the bug reliably either. It seems to occur on and 
off, without any predictability I can discern. Based on grepular's comments 
though, it seems to affect more people so we should keep the bug open until a 
proper bug reproduction recipe is crafted.

Original comment by kristian...@gmail.com on 18 Apr 2011 at 10:21

GoogleCodeExporter commented 8 years ago 
Providing the "Show Rules" output would be really helpful. Thanks

Original comment by rodrigo...@gmail.com on 18 Apr 2011 at 12:11

GoogleCodeExporter commented 8 years ago 
Hrmm, I sent an email reply via my phone a few days ago with the .ipt output 
file. For some reason it did not make it into this report. Strange. You may 
want to see why that happened. I thought that reply by email was allowed, since 
the footer says so. Here it is again though...

"""
from    Kristian Erik Hermansen <kristian.hermansen@gmail.com>
sender-time Sent at 12:20 PM (GMT-04:00). Current time there: 8:15 AM. ✆
to  droidwall@googlecode.com
date    Thu, Apr 14, 2011 at 12:20 PM
subject Re: Issue 135 in droidwall: "fix me" error message
mailed-by   gmail.com
hide details Apr 14 (3 days ago) 
The error in question goes to stderr on iptables list and I didn't capture it. 
The show rules looks slightly different and has the problem showing uid 0 to 
999999. Output attached.
--
Kristian Erik Hermansen

On Apr 14, 2011 12:53 PM, <droidwall@googlecode.com> wrote:
    droidwall.ipt
8K   Download  

"""

Original comment by kristian...@gmail.com on 18 Apr 2011 at 12:18

Attachments:

GoogleCodeExporter commented 8 years ago 
Perhaps e-mail replies don't work with attachments... but I really don't know.

From the rules you attached, I can see that:
  - DroidWall correctly configured all iptables rules and was working for some time. I can be sure of that because many rules were hit several times.
  - Some other application purged iptables OUTPUT chain for some reason. After that, DroidWall rules are simply bypassed.

Maybe you have the same problem described on issue 123 ? Just a blind guess 
tough...

Original comment by rodrigo...@gmail.com on 18 Apr 2011 at 1:12

GoogleCodeExporter commented 8 years ago 
Can you please check if this still happens on DroidWall 1.5.1 released today? 
Thanks!

Original comment by rodrigo...@gmail.com on 28 Apr 2011 at 6:36

GoogleCodeExporter commented 8 years ago 
I installed the latest update and rebooted. I still see the "FIXME" message at 
the bottom of "Show Rules", but the rules are working properly and have been 
for a little while now. Thanks!

Original comment by kristian...@gmail.com on 28 Apr 2011 at 6:46

GoogleCodeExporter commented 8 years ago 
Great!
The "FIXME" message is on Android source-code (on its libc implementation), so 
it is impossible to get rid of it right now, we need to wait for someone to 
change that on Android. But that is purely cosmetic.

Original comment by rodrigo...@gmail.com on 28 Apr 2011 at 7:00