Closed squalou closed 3 years ago
squalou
commented
3 years ago Damn again ! I did switch from opensnitch-git to opensnitch package on Arch, doing this I stopped and restarted the daemon ... and now it's fine ! (both 1.3.0 somehting)
SO : I close this. If it ever happens again I'll try to restart daemon first, and maybe reopen an issue here.
gustavo-iniguez-goya
commented
3 years ago great :)
[2017-08-21 15:00:01,580] (WARNING) Could not find process for tcp connection 127.0.0.1:46880 -> 127.0.0.1:49831
looking at the logs, it seems that YCM opens (opened) a lot of connections to localhost. You should have the events tab full of localhost connections.
If opensnitch recognize the app, try creating a priority rule for that app: name: 000-youcompleteme, [x] Priority
if opensnitch does not recognize it, try creating a priority rule for allowing connections to localhost, same as above: 000-ycm, [x] Priority, to this IP: 127.0.0.1, from User ID: 1234
or try adding a system rule /etc/opensnitchd/system-fw.json:
{
"Rule": {
"Description": "Allow YCM",
"Table": "mangle",
"Chain": "OUTPUT",
"Parameters": "-p tcp -d 127.0.0.1",
"Target": "ACCEPT",
"TargetParameters": ""
}
},Thanks for the answer ! It happened again, I restarted the daemon and it calmed down before I saw your suggestion. Itwill probably happen again I'll check then and update here if need be.
I already have a 127.0.01 rule that looks like that in the GUI, it's probably the same but without "priority", I'll add it, cannot hurt in this case
squalou
commented
3 years ago system rule is a blessing !
not only for this issue, but it also silenced a lot of "allowed" events I had rules for.
As a result, opensnitch daemon cpu use dropped from 3 to 1 (in top or htop).
I don"t know if it's a good default setting for anyone but in my case it's a damn good one. (note : as a dev guy have a lot of local things running, so maybe it's not a common usecase, but really, it rocks)
gustavo-iniguez-goya
commented
3 years ago Yeah, this was added mainly for allowing VPN connections while having the daemon default action to Deny.
I didn't want to write yet-another-iptables-gui, but well... I think it's around the corner. The logic is already implemented so we only need to configure it from a GUI.
Hello
Describe the bug
I'm not sure if it is a bug in opensnitch, or YouCompleteMe (YCM) , or anything in between like a side effect of YCM. I've already seen this behaviour years ago, then dropped the use of YCM and opensnitch .. but here I'm again.
See #100 for old details and logs
To Reproduce
I installed YouCompleteMe vim plugin using Vundle, and started vim. https://github.com/ycm-core/YouCompleteMe#linux-64-bit
Steps to reproduce the behavior:
Post error logs:
I didn'd find any in the newest version, you may look at #100. I had a look at journalctl and /var/log/opensnitchd.log but there's nothing there. Maybe I can increase a loglevel somewhere ?
Expected behavior (optional)
YCM starts a local server from what I understood, and somehow it makes opensnitch deal with a lot of tcp activity. Opensnitch maybe could ignore these somehow ?
OS (please complete the following information):
Additional context Add any other context about the problem here.