search

gravitl / netmaker

Netmaker makes networks with WireGuard. Netmaker automates fast, secure, and distributed virtual networks.
https://netmaker.io
Other
9.4k stars 547 forks source link

Netclient seems to automatically connect to an unknown site #1413

Closed C4a15Wh closed 2 years ago

C4a15Wh commented 2 years ago

Contact Details

contact@stariver.org

What happened?

When I use the lsof -i: 443 command to check the port status, I see that netclient is connecting to a strange web address:

[root@???? config]# lsof -i :443
COMMAND     PID  USER   FD   TYPE   DEVICE SIZE/OFF NODE NAME
netclient 31479  root    7u  IPv4 15807538      0t0  TCP ????:4***2->210.246.120.34.bc.googleusercontent.com:https (ESTABLISHED)
[root@???? config]#

The most puzzling thing is that this does not seem to be an example. This situation occurs on all the servers where I have deployed netclient. What's the matter?

Version

v0.14.4

What OS are you using?

Linux

Relevant log output

Jul 24 22:40:21 h2 netclient[31479]: [netclient] 2022-07-24 22:40:21 checkin for sr complete
Jul 24 22:41:21 h2 netclient[31479]: [netclient] 2022-07-24 22:41:21 checkin for sr complete
Jul 24 22:42:22 h2 netclient[31479]: [netclient] 2022-07-24 22:42:22 checkin for sr complete
Jul 24 22:43:22 h2 netclient[31479]: [netclient] 2022-07-24 22:43:22 checkin for sr complete
Jul 24 22:44:23 h2 netclient[31479]: [netclient] 2022-07-24 22:44:23 checkin for sr complete
Jul 24 22:45:23 h2 netclient[31479]: [netclient] 2022-07-24 22:45:23 checkin for sr complete
Jul 24 22:46:24 h2 netclient[31479]: [netclient] 2022-07-24 22:46:24 checkin for sr complete
Jul 24 22:47:24 h2 netclient[31479]: [netclient] 2022-07-24 22:47:24 checkin for sr complete
Jul 24 22:48:25 h2 netclient[31479]: [netclient] 2022-07-24 22:48:25 checkin for sr complete
Jul 24 22:49:25 h2 netclient[31479]: [netclient] 2022-07-24 22:49:25 checkin for sr complete

Contributing guidelines

C4a15Wh commented 2 years ago

I I know that netclient may communicate with netmaker server through grpc, but obviously this is not the address of my netmaker server...

si458 commented 2 years ago

the SSL for https://210.246.120.34.bc.googleusercontent.com/ returns to ip.test.gravitl.com if you visit https://ip.test.gravitl.com, it just returns your ip address i think this is safe

afeiszli commented 2 years ago

Yes, we use a few public services to determine the public IP of the machine to use as the endpoint:

https://github.com/gravitl/netmaker/blob/ec90dab43736a7fff780442557e5a1880e62845e/netclient/ncutils/netclientutils.go#L129

C4a15Wh commented 2 years ago

OK, thank you for answering. I can understand it now, have a good time.