keeps dropping Ethernet connection

wp-coin commented 6 months ago

Daemon related issues: requirements are all good, all green check mark

Describe the bug whenever I start the open snitch ui my Ethernet connection goes down periodically,

Include the following information:

OpenSnitch version. 1.6.5
OS: [Ubuntu 22 ]
Version [22.04]
Window Manager: [e.g. GNOME.]
Kernel version: 6.5.0-25-generic

If the daemon doesn't start or doesn't intercept connections:

Run opensnitchd -check-requirements to see if your kernel is compatible.

Post last 15 lines of the log file /var/log/opensnitchd.log


^[[2m[2024-03-07 02:42:54]^[[0m ^[[97m^[[104m IMP ^[[0m Ruleset changed due to deny-until-restart-simple-https.json, reloading ...
^[[2m[2024-03-07 02:42:58]^[[0m ^[[97m^[[104m IMP ^[[0m Ruleset changed due to deny-until-restart-simple-https.json, reloading ...
^[[2m[2024-03-07 02:43:17]^[[0m ^[[97m^[[104m IMP ^[[0m Ruleset changed due to deny-until-restart-simple-https.json, reloading ...
^[[2m[2024-03-07 04:44:01]^[[0m ^[[97m^[[104m IMP ^[[0m Added new rule: ^[[32mallow^[[0m if ^[[1mprocess.path^[[0m is '^[[33m/snap/code/153/usr/share/code/code^[[0m'
^[[2m[2024-03-07 04:44:12]^[[0m ^[[97m^[[104m IMP ^[[0m Added new rule: ^[[32mallow^[[0m if ^[[1mprocess.path^[[0m is '^[[33m/snap/code/153/usr/share/code/resources/app/node_modules.asar.unp>
^[[2m[2024-03-07 07:42:51]^[[0m ^[[97m^[[104m IMP ^[[0m Added new rule: ^[[32mallow^[[0m if ^[[1mprocess.path^[[0m is '^[[33m/home/mason/.config/BraveSoftware/Brave-Browser/biahpgbdmdkfgndcm>
^[[2m[2024-03-07 07:53:45]^[[0m ^[[97m^[[41m ERR ^[[0m GetInfo() path can't be read
^[[2m[2024-03-07 07:53:45]^[[0m ^[[97m^[[41m ERR ^[[0m GetInfo() path can't be read
^[[2m[2024-03-07 18:20:22]^[[0m ^[[97m^[[41m ERR ^[[0m GetInfo() path can't be read
^[[2m[2024-03-07 18:23:41]^[[0m ^[[97m^[[41m ERR ^[[0m GetInfo() path can't be read

^[[2m[2024-03-07 18:56:47]^[[0m ^[[97m^[[104m IMP ^[[0m Got signal: terminated ^[[2m[2024-03-07 18:56:47]^[[0m ^[[97m^[[41m ERR ^[[0m getting notifications: rpc error: code = Unavailable desc = transport is closing ^[[2m[2024-03-07 18:56:47]^[[0m ^[[97m^[[41m ERR ^[[0m Connection to the UI service lost. ^[[2m[2024-03-07 18:56:49]^[[0m ^[[97m^[[43m WAR ^[[0m Queue.destroy(), nfq_destroy_queue() not closed: -1 ^[[2m[2024-03-07 19:03:10]^[[0m ^[[97m^[[104m IMP ^[[0m Start writing logs to /var/log/opensnitchd.log ^[[2m[2024-03-07 19:03:36]^[[0m ^[[97m^[[104m IMP ^[[0m UI connected, dispathing queued alerts: 0 ^[[2m[2024-03-08 21:36:12]^[[0m ^[[97m^[[43m WAR ^[[0m Error while pinging UI service: rpc error: code = DeadlineExceeded desc = context deadline exceeded, state: READY ^[[2m[2024-03-08 23:27:53]^[[0m ^[[97m^[[41m ERR ^[[0m GetInfo() path can't be read ^[[2m[2024-03-08 23:27:54]^[[0m ^[[97m^[[41m ERR ^[[0m GetInfo() path can't be read ^[[2m[2024-03-08 23:27:54]^[[0m ^[[97m^[[41m ERR ^[[0m GetInfo() path can't be read ^[[2m[2024-03-08 23:41:08]^[[0m ^[[97m^[[43m WAR ^[[0m Error while pinging UI service: rpc error: code = DeadlineExceeded desc = context deadline exceeded, state: READY ^[[2m[2024-03-09 00:35:17]^[[0m ^[[97m^[[41m ERR ^[[0m GetInfo() path can't be read ^[[2m[2024-03-09 01:19:09]^[[0m ^[[97m^[[41m ERR ^[[0m GetInfo() path can't be read ^[[2m[2024-03-09 01:19:10]^[[0m ^[[97m^[[41m ERR ^[[0m GetInfo() path can't be read ^[[2m[2024-03-09 01:21:22]^[[0m ^[[97m^[[41m ERR ^[[0m GetInfo() path can't be read ^[[2m[2024-03-09 01:21:36]^[[0m ^[[97m^[[104m IMP ^[[0m Added new rule: ^[[31mdeny^[[0m if ^[[1mprocess.path^[[0m is '^[[33mThreadPoolForeg^[[0m' ^[[2m[2024-03-09 02:26:11]^[[0m ^[[97m^[[41m ERR ^[[0m GetInfo() path can't be read ^[[2m[2024-03-09 02:26:11]^[[0m ^[[97m^[[41m ERR ^[[0m GetInfo() path can't be read ^[[2m[2024-03-09 02:35:32]^[[0m ^[[97m^[[41m ERR ^[[0m GetInfo() path can't be read ^[[2m[2024-03-09 02:40:10]^[[0m ^[[97m^[[104m IMP ^[[0m Added new rule: ^[[32mallow^[[0m if ^[[1mprocess.path^[[0m is '^[[33m/snap/firefox/3941/usr/lib/firefox/firefox^[[0m' ^[[2m[2024-03-09 03:08:04]^[[0m ^[[97m^[[41m ERR ^[[0m GetInfo() path can't be read ^[[2m[2024-03-09 03:08:07]^[[0m ^[[97m^[[104m IMP ^[[0m Added new rule: ^[[32mallow^[[0m if ^[[1mprocess.path^[[0m is '^[[33mhttp^[[0m' ^[[2m[2024-03-09 03:08:26]^[[0m ^[[97m^[[104m IMP ^[[0m Ruleset changed due to allow-until-restart-simple-http.json, reloading ... ^[[2m[2024-03-09 03:11:24]^[[0m ^[[97m^[[104m IMP ^[[0m Ruleset changed due to deny-until-restart-simple-threadpoolforeg.json, reloading ...

^[[2m[2024-03-09 03:14:28]^[[0m ^[[97m^[[104m IMP ^[[0m Got signal: terminated ^[[2m[2024-03-09 03:14:28]^[[0m ^[[97m^[[41m ERR ^[[0m getting notifications: rpc error: code = Unavailable desc = transport is closing ^[[2m[2024-03-09 03:14:28]^[[0m ^[[97m^[[41m ERR ^[[0m Connection to the UI service lost. ^[[2m[2024-03-09 03:14:30]^[[0m ^[[97m^[[43m WAR ^[[0m Queue.destroy(), nfq_destroy_queue() not closed: -1 ^[[2m[2024-03-09 03:16:00]^[[0m ^[[97m^[[104m IMP ^[[0m Start writing logs to /var/log/opensnitchd.log ^[[2m[2024-03-09 03:16:19]^[[0m ^[[97m^[[104m IMP ^[[0m UI connected, dispathing queued alerts: 0 ^[[2m[2024-03-09 03:22:16]^[[0m ^[[97m^[[104m IMP ^[[0m Added new rule: ^[[32mallow^[[0m if ^[[1mprocess.path^[[0m is '^[[33m/snap/firefox/3941/usr/lib/firefox/firefox^[[0m' ^[[2m[2024-03-09 03:22:30]^[[0m ^[[97m^[[41m ERR ^[[0m GetInfo() path can't be read ^[[2m[2024-03-09 03:22:39]^[[0m ^[[97m^[[41m ERR ^[[0m GetInfo() path can't be read ^[[2m[2024-03-09 03:23:05]^[[0m ^[[97m^[[41m ERR ^[[0m GetInfo() path can't be read ^[[2m[2024-03-09 03:23:22]^[[0m ^[[97m^[[41m ERR ^[[0m GetInfo() path can't be read ^[[2m[2024-03-09 03:23:22]^[[0m ^[[97m^[[41m ERR ^[[0m GetInfo() path can't be read ^[[2m[2024-03-09 03:24:04]^[[0m ^[[97m^[[41m ERR ^[[0m GetInfo() path can't be read ^[[2m[2024-03-09 03:25:46]^[[0m ^[[97m^[[104m IMP ^[[0m Ruleset changed due to allow-until-restart-simple-snap-firefox-3941-usr-lib-firefox-firefox.json, reloading ... ^[[2m[2024-03-09 03:34:04]^[[0m ^[[97m^[[41m ERR ^[[0m getting notifications: rpc error: code = Unavailable desc = transport is closing ^[[2m[2024-03-09 03:34:04]^[[0m ^[[97m^[[104m IMP ^[[0m Start writing logs to /var/log/opensnitchd.log ^[[2m[2024-03-09 03:34:05]^[[0m ^[[97m^[[41m ERR ^[[0m Connection to the UI service lost.

^[[2m[2024-03-09 03:34:25]^[[0m ^[[97m^[[104m IMP ^[[0m Got signal: terminated ^[[2m[2024-03-09 03:34:31]^[[0m ^[[97m^[[43m WAR ^[[0m queue stuck, closing by timeout ^[[2m[2024-03-09 03:34:31]^[[0m ^[[97m^[[43m WAR ^[[0m Queue.destroy(), nfq_close() not closed: -1 ^[[2m[2024-03-09 03:34:31]^[[0m ^[[97m^[[104m IMP ^[[0m Start writing logs to /var/log/opensnitchd.log ^[[2m[2024-03-09 03:36:21]^[[0m ^[[97m^[[104m IMP ^[[0m UI connected, dispathing queued alerts: 0 ^[[2m[2024-03-09 03:36:43]^[[0m ^[[97m^[[104m IMP ^[[0m Ruleset changed due to deny-until-restart-simple-threadpoolforeg.json, reloading ... ^[[2m[2024-03-09 03:36:47]^[[0m ^[[97m^[[104m IMP ^[[0m Ruleset changed due to deny-until-restart-simple-threadpoolforeg.json, reloading ... ^[[2m[2024-03-09 03:39:38]^[[0m ^[[97m^[[104m IMP ^[[0m Added new rule: ^[[32mallow^[[0m if ^[[1mprocess.path^[[0m is '^[[33m/snap/firefox/3941/usr/lib/firefox/pingsender^[[0m'

gustavo-iniguez-goya commented 6 months ago

Hi @wp-coin ,

Those logs don't look very good ...

Some questions:

Could you tell us how did you install the GUI and the daemon? What commands did you execute?
Is this the first time you install opensnitch, of is it an upgrade?
Did you execute the GUI as root AND as your regular user?

You should only have these directories:

/usr/lib/python3/dist-packages/opensnitch/
- /usr/lib/opensnitch/ebpf/
- /etc/opensnitchd

And be sure that the daemon and the GUI are the same version (dpkg -l|grep opensnitch).

Also you can delete the log file, restart the service and take a look at the first lines of the log, there could be errors.

wp-coin commented 6 months ago

I used the commands in the documentation

$ sudo apt install ./opensnitch*.deb ./python3-opensnitch-ui*.deb

I upgraded from the beta version 1.6.0 ( the beta version was having the same problem )

the GUI is installed as the root user the only user that I have,


ii  opensnitch                                 1.6.5-1                                 amd64        GNU/Linux interactive application firewall
ii  python3-opensnitch-ui                      1.6.5.1-1                               all          GNU/Linux interactive application firewall

is there a way to reset opensnitch?

gustavo-iniguez-goya commented 6 months ago

The only way to "reset" opensnitch is by uninstalling the GUI and the daemon, and I think it's the best you can do in this situation.

The directory /etc/opensnitchd is not removed by default (unless you use apt remove --purge), but just in case... make a temporary backup.

After uninstalling it, be sure that there're no files under /usr/lib/python3/dist-packages/opensnitch. If so, delete the directory.

gustavo-iniguez-goya commented 4 months ago

Closing for now. If the issue remains after reinstalling both the daemon and the GUI, post the new logs to take a look at them.

evilsocket / opensnitch

keeps dropping Ethernet connection #1105