search

gravitl / netmaker

Netmaker makes networks with WireGuard. Netmaker automates fast, secure, and distributed virtual networks.
https://netmaker.io
Other
9.52k stars 552 forks source link

[Bug]: VPN setup 0.15.2 not working #1568

Closed Agraphie closed 2 years ago

Agraphie commented 2 years ago

Contact Details

No response

What happened?

When using the out-of-the box quick start setup for the VPN, no connection can actually be established.

Steps to reproduce:

  1. On a public VPS run the quick setup found here https://docs.netmaker.org/egress-gateway.html#vpn-nat-gateway
  2. Follow the output in the console to get a client config and make use of it
  3. The connection isn't working. See the error log.

There seems to be an semicolon ; too much in the iptables config. If I manually fix the generated Wireguard config and remove the semicolon the error goes away. I tried the exact same setup (docker-compose) with version v0.15.1 and everything worked as expected. Let me know if I should provide any more details.

Server details: Distributor ID: Ubuntu Description: Ubuntu 22.04.1 LTS Release: 22.04 Codename: jammy

Docker version 20.10.12, build 20.10.12-0ubuntu4 wireguard-tools v1.0.20210914

Version

v0.15.2

What OS are you using?

Linux

Relevant log output

[netmaker] 2022-09-18 19:57:10 error running command: wg-quick up /etc/netclient/config/nm-vpn.conf 
[netmaker] 2022-09-18 19:57:10 Warning: `/etc/netclient/config/nm-vpn.conf' is world accessible
[#] ip link add nm-vpn type wireguard
[#] wg setconf nm-vpn /dev/fd/63
[#] ip -4 address add 10.201.255.254 dev nm-vpn
[#] ip link set mtu 1280 up dev nm-vpn
[#] `iptables -A FORWARD -i nm-vpn -j ACCEPT ; iptables -A FORWARD -o nm-vpn -j ACCEPT ; iptables -t nat -A POSTROUTING -o nm-vpn -j MASQUERADE ;  ; iptables -A FORWARD -i nm-vpn -j ACCEPT ; iptables -A FORWARD -o nm-vpn -j ACCEPT ; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE ; `
/usr/bin/wg-quick: command substitution: line 295: syntax error near unexpected token `;'
/usr/bin/wg-quick: command substitution: line 295: `iptables -A FORWARD -i nm-vpn -j ACCEPT ; iptables -A FORWARD -o nm-vpn -j ACCEPT ; iptables -t nat -A POSTROUTING -o nm-vpn -j MASQUERADE ;  ; iptables -A FORWARD -i nm-vpn -j ACCEPT ; iptables -A FORWARD -o nm-vpn -j ACCEPT ; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE ; '

Contributing guidelines

afeiszli commented 2 years ago

You are correct, there was an issue with multiple semicolons in 0.15.2. This has been resolved in 0.16.0.