evilsocket / opensnitch

OpenSnitch is a GNU/Linux interactive application firewall inspired by Little Snitch.
GNU General Public License v3.0
10.92k stars 510 forks source link

Manajro kernel 6.1.69-1 wont work #1077

Closed horvjoe9 closed 10 months ago

horvjoe9 commented 10 months ago

Manajro kernel 6.1.69-1 opensnitch wont work.

I have installed Opensnitch 1.6.4 from the repo. The non-git version. I have changed done:

Edit build file to point to your headers:

Change:

KDIR="/usr/src/linux"

To:

KDIR="/usr/lib/modules/$(uname -r)/build"

After the app installed, but the cloud is white and I am not able to turn on the firewall. Thank you :)

horvjoe9 commented 10 months ago

The icon on the tint2 is white and the firewall wont start. I am unable to start it. The status icon is a green triangle. And there is no version number. Any idea? Or suggestion to solve this?

gustavo-iniguez-goya commented 10 months ago

Hey @horvjoe9 ,

Could you launch the daemon manually? : opensnitchd -rules /etc/opensnitchd/rules/ it'll give us an idea on why it's not working.

Be sure that it's not already running before launching it: pgrep opensnitchd

Also execute and post the output of: opensnitchd -check-requirements

horvjoe9 commented 10 months ago

Thank you :) joe@Lenovo ~ $ pgrep opensnitchd joe@Lenovo ~ $ opensnitchd -check-requirements

Checking system requirements for kernel version 6.1.69-1-MANJARO

Checking => CONFIG_KPROBES=y
Checking => CONFIG_KPROBES_ON_FTRACE=y
Checking => CONFIG_KPROBES_ON_FTRACE=y
Checking => CONFIG_HAVE_KPROBES=y
Checking => CONFIG_HAVE_KPROBES_ON_FTRACE=y
Checking => CONFIG_KPROBE_EVENTS=y

* kprobes    ✔

Checking => CONFIG_UPROBES=y
Checking => CONFIG_UPROBE_EVENTS=y

* uprobes    ✔

Checking => CONFIG_FTRACE=y

* ftrace     ✔

Checking => CONFIG_HAVE_SYSCALL_TRACEPOINTS=y
Checking => CONFIG_FTRACE_SYSCALLS=y

* syscalls   ✔

Checking => CONFIG_NETFILTER_NETLINK_QUEUE=[my]
Checking => CONFIG_NFT_QUEUE=[my]
Checking => CONFIG_NETFILTER_XT_TARGET_NFQUEUE=[my]

* nfqueue    ✔

Checking => CONFIG_NETFILTER_NETLINK=[my]
Checking => CONFIG_NETFILTER_NETLINK_QUEUE=[my]
Checking => CONFIG_NETFILTER_NETLINK_ACCT=[my]

* netlink    ✔

Checking => CONFIG_INET_DIAG=[my]
Checking => CONFIG_INET_TCP_DIAG=[my]
Checking => CONFIG_INET_UDP_DIAG=[my]
Checking => CONFIG_INET_DIAG_DESTROY=[my]

* net diagnostics    ✔

joe@Lenovo ~ $ opensnitchd -rules /etc/opensnitchd/rules/ flag provided but not defined: -rules Usage of opensnitchd: -check-requirements Check system requirements for incompatibilities. -cpu-profile string Write CPU profile to this file. -debug Enable debug level logs. -error Enable error level logs. -important Enable important level logs. -log-file string Write logs to this file instead of the standard output. -log-micro Write logs output with microsecond timestamp (disabled by default). -log-utc Write logs output with UTC timezone (enabled by default). (default true) -mem-profile string Write memory profile to this file. -no-live-reload Disable rules live reloading. -process-monitor-method string How to search for processes path. Options: ftrace, audit (experimental), ebpf (experimental), proc (default) -queue-num int Netfilter queue number. -rules-path string Path to load JSON rules from. (default "rules") -ui-socket string Path the UI gRPC service listener (https://github.com/grpc/grpc/blob/master/doc/naming.md). -version Show daemon version of this executable and exit. -warning Enable warning level logs. -workers int Number of concurrent workers. (default 16)

After this I can start the App itself, but not running. See pic below. Thank you for your help. :)

image

gustavo-iniguez-goya commented 10 months ago

oops, sorry, I meant: # opensnitchd -rules-path /etc/opensnitchd/rules/ (as root)

horvjoe9 commented 10 months ago

oops, sorry, I meant: # opensnitchd -rules-path /etc/opensnitchd/rules/ (as root)

joe@Lenovo ~ $ pgrep opensnitchd joe@Lenovo ~ $ sudo opensnitchd -rules-path /etc/opensnitchd/rules/

We trust you have received the usual lecture from the local System Administrator. It usually boils down to these three things:

#1) Respect the privacy of others.
#2) Think before you type.
#3) With great power comes great responsibility.

For security reasons, the password you type will not be visible.

[sudo] password for joe: [2024-01-08 09:47:12] IMP Starting opensnitch-daemon v1.6.2 [2024-01-08 09:47:12] INF Loading rules from /etc/opensnitchd/rules ... OK: libnetfiler_queue supports nfq_get_uid OK: libnetfiler_queue supports nfq_get_uid found /usr/lib/libc.so.6

Now its running fine :) After restart still not running. :(

gustavo-iniguez-goya commented 10 months ago

ok!! try enabling the service: $ sudo systemctl enable opensnitchd then restart and see if it works

horvjoe9 commented 10 months ago

ok!! try enabling the service: $ sudo systemctl enable opensnitchd then restart and see if it works

joe@Lenovo ~ $ sudo systemctl enable opensnitchd [sudo] password for joe: Created symlink /etc/systemd/system/multi-user.target.wants/opensnitchd.service → /usr/lib/systemd/system/opensnitchd.service.

After restart its working. :) Autostart is working too. Thank you very much your help. I like this firewall very much. :)

gustavo-iniguez-goya commented 10 months ago

you're welcome @horvjoe9 !