unison trafic not catch !

evilsocket / opensnitch

OpenSnitch is a GNU/Linux interactive application firewall inspired by Little Snitch.

GNU General Public License v3.0

10.74k stars 498 forks source link

unison trafic not catch ! #451

Closed Maziar123 closed 3 years ago

Maziar123 commented 3 years ago

i use ver 1.4.0.rc.2.r26

seems traffic of unison direct server not catch ! (unison https://www.cis.upenn.edu/~bcpierce/unison/)

my use for example unison -socket xxxx

xxxx= any number

gustavo-iniguez-goya commented 3 years ago

Hi @Maziar123 ,

I've just tested this:

computer1: unison -socket 12345 compuert2: unison -testServer /tmp/unison/ socket://192.168.1.103:12345/tmp/

Can you provide more details on how do you launch client and server?

Maziar123 commented 3 years ago

server linux " computer1: unison -socket 2022 client linux gui direct tcp coonection

my linux manjaro last update

gustavo-iniguez-goya commented 3 years ago

tested with the unison gui:

Please, provide more details:

output of iptables -V
output of iptables -t mangle -L
IP of both computers.
Settings of unison-gtk (screenshot of the profile used for example, showing the ).
/var/log/opensnitchd.log in DEBUG mode (Preferences -> Nodes -> log level: DEBUG

Maziar123 commented 3 years ago

iptables -V -> iptables v1.8.7 (nf_tables)

2.iptables -t mangle -L Chain PREROUTING (policy ACCEPT) target prot opt source destination

Chain INPUT (policy ACCEPT) target prot opt source destination

Chain FORWARD (policy ACCEPT) target prot opt source destination

Chain OUTPUT (policy ACCEPT) target prot opt source destination

Chain POSTROUTING (policy ACCEPT) target prot opt source destination
LIBVIRT_PRT all -- anywhere anywhere

Chain LIBVIRT_PRT (1 references) target prot opt source destination
CHECKSUM udp -- anywhere anywhere udp dpt:bootpc CHECKSUM fill CHECKSUM udp -- anywhere anywhere udp dpt:bootpc CHECKSUM fill CHECKSUM udp -- anywhere anywhere udp dpt:bootpc CHECKSUM fill

both internal LAN 172.16.xx.xx

4.setting of unison is default TCP direct from Linux to unison server tested in both : in wirndows10 or other Linux managro

gustavo-iniguez-goya commented 3 years ago

ok, still no clues. Could you post the nft ruleset? -> nft list ruleset

Silly question: if you try to connect to the unison server using telnet (or nc) does opensnitch intercepts the connection? server: unison -socket 12345 client: telnet a.b.c.d 12345

Could you also verify that no other rule is allowing the unison traffic? I know that it sounds obvious... but I have no idea why it's not working for you.

gustavo-iniguez-goya commented 3 years ago

closing due to lack of information.

In order to continue investigating this issue:

Set daemon's log level to DEBUG (Preferences->Nodes->Default log level)
write the exact commands typed in the terminal
dump unison logs to a file using the flag -log
post the file /var/log/opensnitchd.log
Write the date when you started the test, to be able to match it against the opensnitchd.log.