search

gravitl / netmaker

Netmaker makes networks with WireGuard. Netmaker automates fast, secure, and distributed virtual networks.
https://netmaker.io
Other
9.4k stars 547 forks source link

iptables forward policy - runtime error: index out of range [1] with length 1 #817

Closed gjpin closed 2 years ago

gjpin commented 2 years ago

Hello!

Netmaker version: 0.10.0 Host: Fedora CoreOS 35

When launching Netmaker it fails at setting iptables forwards policy, leading to a crash.

[netmaker] 2022-02-21 18:56:53 database successfully connected
[netmaker] 2022-02-21 18:56:54 no OAuth provider found or not configured, continuing without OAuth
[netmaker] 2022-02-21 18:56:54 setting iptables forward policy
panic: runtime error: index out of range [1] with length 1
goroutine 1 [running]:
github.com/gravitl/netmaker/serverctl.portForwardServices()
        /app/serverctl/iptables.go:56 +0x1d2
github.com/gravitl/netmaker/serverctl.InitIPTables()
        /app/serverctl/iptables.go:29 +0x8a
main.initialize()
        /app/main.go:82 +0x3bd
main.main()
        /app/main.go:35 +0xaa

netmaker.service: Main process exited, code=exited, status=2/INVALIDARGUMENT
netmaker.service: Failed with result 'exit-code'.

I'm launching Netmaker via a systemd unit, replicating what can be found at the 'contained' docker-compose:

[Unit]
Description="Netmaker makes networks with WireGuard"
Documentation=https://netmaker.org/

After=network-online.target netmaker-network.service mosquitto.service
Requires=network-online.target netmaker-network.service mosquitto.service

[Service]
ExecStartPre=mkdir -p /var/mnt/netmaker/coredns
ExecStartPre=mkdir -p /var/mnt/netmaker/sqldata
ExecStartPre=-/bin/docker kill netmaker
ExecStartPre=-/bin/docker rm netmaker
ExecStartPre=-/bin/docker pull docker.io/gravitl/netmaker:v0.10.0
ExecStart=/bin/docker run --name netmaker \
        --restart always \
        --network=netmaker \
        --env-file /etc/netmaker.d/netmaker.env \
        --cap-add=NET_ADMIN \
        --cap-add=NET_RAW \
        --cap-add=SYS_MODULE \
        --sysctl net.ipv4.ip_forward=1 \
        --sysctl net.ipv4.conf.all.src_valid_mark=1 \
        --volume /usr/bin/wg:/usr/bin/wg \
        --volume /var/mnt/netmaker/coredns:/root/config/dnsconfig:z \
        --volume /var/mnt/netmaker/sqldata:/root/data:z \
        -p 51821-51830:51821-51830/udp \
        -p 8081:8081 \
        -p 50051:50051 \
        docker.io/gravitl/netmaker:v0.10.0
ExecStop=/bin/docker stop netmaker

[Install]
WantedBy=multi-user.target

My env file is also the same as the one found in the quick start example:

SERVER_HOST="${netmaker_public_ip}"
SERVER_API_CONN_STRING="api.${netmaker_base_domain}:443"
SERVER_GRPC_CONN_STRING="grpc.${netmaker_base_domain}:443"
COREDNS_ADDR="${netmaker_public_ip}"
GRPC_SSL="on"
DNS_MODE="on"
SERVER_HTTP_HOST="api.${netmaker_base_domain}"
SERVER_GRPC_HOST="grpc.${netmaker_base_domain}"
API_PORT=8081
GRPC_PORT=50051
CLIENT_MODE="on"
MASTER_KEY="${netmaker_master_key}"
CORS_ALLOWED_ORIGIN="*"
DISPLAY_KEYS="on"
DATABASE="sqlite"
NODE_ID="netmaker-server-1"
MQ_HOST="mosquitto"
HOST_NETWORK="off"
MANAGE_IPTABLES="on"
PORT_FORWARD_SERVICES="mq,dns"
VERBOSITY=1

I'm able to successfully launch 0.9.4, but not 0.10.0 . I'm not sure what I'm missing. Any help would be appreciated!

Thanks

afeiszli commented 2 years ago

fixed in v0.11.0