No rules in opensnitch-ui

[andrewfader]

Describe the bug Even though I have plenty of rules, which were added using the UI, and it used to work, somehow, the opensnitch-ui now shows nothing.

sudo ls -al /etc/opensnitchd/rules
total 632
drwxr-xr-x 2 root root 20480 Jul 13 20:40 .
drwxr-xr-x 3 root root  4096 Sep 13 13:38 ..
-rw-r--r-- 1 root root  1042 Apr  1 19:09 allow-always-list-1003-bitbucket-org-443.json
-rw-r--r-- 1 root root  1039 Apr  1 19:08 allow-always-list-1003-bitbucket-org-53.json
-rw-r--r-- 1 root root  1044 Apr  1 19:08 allow-always-list-1003-deb-debian-org-443.json
...

❯ opensnitch-ui
Loading translations: /usr/lib/python3.10/site-packages/opensnitch/i18n locale: en_US
Warning: Ignoring XDG_SESSION_TYPE=wayland on Gnome. Use QT_QPA_PLATFORM=wayland to run on Wayland anyway.
is new file, or IN MEMORY, setting initial schema version
setting schema version to: 2
setting schema version to: 2
schema version: 2
db schema is up to date
using IPASN DB: /usr/lib/python3.10/site-packages/pyasn/data/ipasn_20140513_v12.dat.gz

• opensnitchd --version 1.6.0rc2
• opensnitch-git 1.6.0rc2.r8.9326017-1
• Arch Linux 5.19.8-hardened2-1-hardened-git-r1109148 SMP PREEMPT_DYNAMIC Mon, 12 Sep 2022 03:02:25 x86_64 GNU/Linux
• Gnome-shell 42.4 wayland
• qt5-base 5.15.6+kde+r167-1
  • qt6-base 6.3.2-1

[gustavo-iniguez-goya]

Hi @andrewfader ,

It seems that the daemon is not running, check out the logs: journalctl -ar -u opensnitch

Also launch it manually as root: # opensnitchd -rules-path /etc/opensnitchd/rules/ if it exits right away, it should output error logs, and check out the log /var/log/opensnitchd.log, it should also contain some errors.

[andrewfader]

[2022-09-13 23:17:20]  IMP  Got signal: terminated
[2022-09-13 23:17:30]  ERR  [REVIEW] closing due to timeout
[2022-09-13 23:18:06]  IMP  Start writing logs to /var/log/opensnitchd.log
[2022-09-13 23:18:06]  WAR  eBPF debugfs error: exit status 32
[2022-09-13 23:18:06]  ERR  ebpf.Start -> mount debugfs error. Report on github
> opensnitchd -rules-path /etc/opensnitchd/rules/
[2022-09-14 00:13:03]  IMP  Starting opensnitch-daemon v1.6.0rc2
[2022-09-14 00:13:03]  INF  Loading rules from /etc/opensnitchd/rules ...
[2022-09-14 00:13:03]  IMP  Start writing logs to /var/log/opensnitchd.log
[2022-09-14 00:13:03]  WAR  eBPF debugfs error: exit status 32
[2022-09-14 00:13:03]  ERR  ebpf.Start -> mount debugfs error. Report on github please: exit status 32
> sudo opensnitchd -rules-path /etc/opensnitchd/rules/
[2022-09-14 00:17:20]  IMP  Starting opensnitch-daemon v1.6.0rc2
[2022-09-14 00:17:20]  INF  Loading rules from /etc/opensnitchd/rules ...

Just hangs after this

[gustavo-iniguez-goya]

thank you!

is the dir /sys/kernel/debug/tracing/ mounted? -> $ ls -l /sys/kernel/debug/tracing/ or $ grep debugfs /proc/mounts

Check also if your kernel has support for debugfs: $ zgrep CONFIG_DEBUG_FS /proc/config.gz or $ grep CONFIG_DEBUG_FS /boot/config-$(uname -r)

~I'll try to reproduce that behaviour~ reproduced. I'll try to fix it.

[gustavo-iniguez-goya]

This error should be fixed with latest commit, update the opensnitch-git package please and try again (Making package: opensnitch-git 1.6.0rc2.r10.25bd825-1 (Wed Sep 14 14:45:18 2022))

Anyways, I think your kernel doesn't have support for debugfs (verify it wth the above commands), so the monitor method will be proc instead of ebpf.

[andrewfader]

Thank you!