search

jamesmcm / vopono

Run applications through VPN tunnels with temporary network namespaces
GNU General Public License v3.0
828 stars 44 forks source link

Unable to resolve any hostnames after successful wireguard connect #221

Closed Gin-no-kami closed 1 year ago

Gin-no-kami commented 1 year ago

I am trying to get the following command to run properly, however I am unable to resolve any hostnames once connected. This happens on basic curl commands or when I launch a browser like firefox. I have tried this with both ip & hostnames during vopono sync' and the same results happen. The command I am running with is: vopono -v exec --provider mullvad --server usa-uschi008 --firewall iptables "curl ifconfig.co/country"`

Logs:


 2023-05-03T11:17:41.448Z DEBUG vopono_core::util::pulseaudio > Setting PULSE_SERVER to /run/user/1000/pulse/native
 2023-05-03T11:17:41.448Z INFO  vopono_core::util             > Calling sudo for elevated privileges, current user will be used as default user
 2023-05-03T11:17:41.448Z DEBUG vopono_core::util             > Args: ["vopono", "-v", "exec", "--provider", "mullvad", "--server", "usa-uschi008", "--firewall", "iptables", "curl ifconfig.co/country"]
[sudo] password for gin: 
 2023-05-03T11:17:49.185Z DEBUG vopono_core::util > Using config dir from $HOME config: /home/gin/.config
 2023-05-03T11:17:49.190Z DEBUG vopono_core::util::pulseaudio > Setting PULSE_SERVER to /run/user/1000/pulse/native
 2023-05-03T11:17:49.190Z DEBUG vopono_core::util             > Using config dir from $HOME config: /home/gin/.config
 2023-05-03T11:17:49.190Z DEBUG vopono_core::util             > Existing namespaces: []
 2023-05-03T11:17:49.190Z DEBUG vopono_core::util             > Using config dir from $HOME config: /home/gin/.config
 2023-05-03T11:17:49.190Z DEBUG vopono_core::util             > Using config dir from $HOME config: /home/gin/.config
 2023-05-03T11:17:49.192Z DEBUG vopono::exec                  > vopono config.toml: configuration property "custom_config" not found
 2023-05-03T11:17:49.192Z DEBUG vopono::exec                  > vopono config.toml: configuration property "custom_netns_name" not found
 2023-05-03T11:17:49.192Z DEBUG vopono::exec                  > vopono config.toml: configuration property "open_hosts" not found
 2023-05-03T11:17:49.192Z DEBUG vopono::exec                  > vopono config.toml: configuration property "allow_host_access" not found
 2023-05-03T11:17:49.192Z DEBUG vopono::exec                  > vopono config.toml: configuration property "postup" not found
 2023-05-03T11:17:49.192Z DEBUG vopono::exec                  > vopono config.toml: configuration property "predown" not found
 2023-05-03T11:17:49.192Z DEBUG vopono::exec                  > vopono config.toml: configuration property "user" not found
 2023-05-03T11:17:49.192Z DEBUG vopono::exec                  > vopono config.toml: configuration property "group" not found
 2023-05-03T11:17:49.192Z DEBUG vopono::exec                  > vopono config.toml: configuration property "working-directory" not found
 2023-05-03T11:17:49.192Z DEBUG vopono::exec                  > vopono config.toml: configuration property "dns" not found
 2023-05-03T11:17:49.192Z DEBUG vopono::exec                  > vopono config.toml: configuration property "protocol" not found
 2023-05-03T11:17:49.192Z DEBUG vopono_core::util             > Using config dir from $HOME config: /home/gin/.config
 2023-05-03T11:17:49.193Z DEBUG vopono::exec                  > vopono config.toml: configuration property "interface" not found
 2023-05-03T11:17:49.193Z DEBUG vopono_core::network::network_interface > ip addr
 2023-05-03T11:17:49.194Z DEBUG vopono::exec                            > Interface: enp6s0
 2023-05-03T11:17:49.194Z DEBUG vopono_core::util                       > Using config dir from $HOME config: /home/gin/.config
 2023-05-03T11:17:49.196Z INFO  vopono_core::util                       > Chosen config: /home/gin/.config/vopono/mv/wireguard/usa-uschi008.conf
 2023-05-03T11:17:49.197Z DEBUG vopono_core::util                       > Existing namespaces: []
 2023-05-03T11:17:49.197Z DEBUG vopono_core::util                       > ip netns add vopono_mv_usa-uschi008
 2023-05-03T11:17:49.198Z INFO  vopono_core::network::netns             > Created new network namespace: vopono_mv_usa-uschi008
 2023-05-03T11:17:49.199Z DEBUG vopono_core::util                       > Existing interfaces: 
 2023-05-03T11:17:49.199Z DEBUG vopono_core::util                       > Assigned IPs: []
 2023-05-03T11:17:49.199Z DEBUG vopono_core::network::netns             > ip netns exec vopono_mv_usa-uschi008 ip addr add 127.0.0.1/8 dev lo
 2023-05-03T11:17:49.201Z DEBUG vopono_core::network::netns             > ip netns exec vopono_mv_usa-uschi008 ip link set lo up
STATE      CONNECTIVITY  WIFI-HW  WIFI     WWAN-HW  WWAN    
connected  full          enabled  enabled  missing  enabled 
 2023-05-03T11:17:49.212Z DEBUG vopono_core::network::veth_pair         > Detected NetworkManager running
 2023-05-03T11:17:49.212Z DEBUG vopono_core::network::veth_pair         > NetworkManager detected, adding _usa-uschi008_d to unmanaged devices
 2023-05-03T11:17:49.212Z DEBUG vopono_core::network::veth_pair         > Creating new NetworkManager config file: /etc/NetworkManager/conf.d/unmanaged.conf
 2023-05-03T11:17:49.212Z DEBUG vopono_core::util                       > nmcli connection reload
 2023-05-03T11:17:49.216Z DEBUG vopono_core::network::veth_pair         > firewalld not detected running
 2023-05-03T11:17:49.216Z DEBUG vopono_core::util                       > ip link add _usa-uschi008_d type veth peer name _usa-uschi008_s
 2023-05-03T11:17:49.221Z DEBUG vopono_core::util                       > ip link set _usa-uschi008_d up
 2023-05-03T11:17:49.222Z DEBUG vopono_core::util                       > ip link set _usa-uschi008_s netns vopono_mv_usa-uschi008 up
 2023-05-03T11:17:49.274Z DEBUG vopono_core::util                       > ip addr add 10.200.1.1/24 dev _usa-uschi008_d
 2023-05-03T11:17:49.275Z DEBUG vopono_core::network::netns             > ip netns exec vopono_mv_usa-uschi008 ip addr add 10.200.1.2/24 dev _usa-uschi008_s
 2023-05-03T11:17:49.277Z DEBUG vopono_core::network::netns             > ip netns exec vopono_mv_usa-uschi008 ip route add default via 10.200.1.1 dev _usa-uschi008_s
 2023-05-03T11:17:49.278Z INFO  vopono_core::network::netns             > IP address of namespace as seen from host: 10.200.1.2
 2023-05-03T11:17:49.278Z INFO  vopono_core::network::netns             > IP address of host as seen from namespace: 10.200.1.1
 2023-05-03T11:17:49.278Z DEBUG vopono_core::util                       > iptables -t nat -A POSTROUTING -s 10.200.1.0/24 -o enp6s0 -j MASQUERADE
 2023-05-03T11:17:49.278Z DEBUG vopono_core::util                       > iptables -I FORWARD -i _usa-uschi008_d -o enp6s0 -j ACCEPT
 2023-05-03T11:17:49.279Z DEBUG vopono_core::util                       > iptables -I FORWARD -o _usa-uschi008_d -i enp6s0 -j ACCEPT
 2023-05-03T11:17:49.279Z DEBUG vopono_core::util                       > sysctl -q net.ipv4.ip_forward=1
 2023-05-03T11:17:49.281Z DEBUG vopono_core::network::wireguard         > Deserializing: 193.138.218.74 to Vec<IpAddr>
 2023-05-03T11:17:49.281Z DEBUG vopono_core::network::wireguard         > TOML config: WireguardConfig { interface: WireguardInterface { private_key: "REMOVEDFORPRIVACY", address: [10.67.64.81/32, fc00:bbbb:bbbb:bb01::4:4050/128], dns: Some([193.138.218.74]) }, peer: WireguardPeer { public_key: "REMOVEDFORPRIVACY", allowed_ips: [0.0.0.0/0, ::/0], endpoint: 68.235.43.90:51820, keepalive: None } }
 2023-05-03T11:17:49.281Z DEBUG vopono_core::network::netns             > ip netns exec vopono_mv_usa-uschi008 ip link add _usa-uschi008 type wireguard
 2023-05-03T11:17:49.303Z DEBUG vopono_core::network::netns             > ip netns exec vopono_mv_usa-uschi008 wg setconf _usa-uschi008 /tmp/vopono_nft.conf
 2023-05-03T11:17:49.305Z DEBUG vopono_core::network::netns             > ip netns exec vopono_mv_usa-uschi008 ip -4 address add 10.67.64.81/32 dev _usa-uschi008
 2023-05-03T11:17:49.306Z DEBUG vopono_core::network::netns             > ip netns exec vopono_mv_usa-uschi008 ip -6 address add fc00:bbbb:bbbb:bb01::4:4050/128 dev _usa-uschi008
 2023-05-03T11:17:49.307Z DEBUG vopono_core::network::netns             > ip netns exec vopono_mv_usa-uschi008 ip link set mtu 1420 up dev _usa-uschi008
 2023-05-03T11:17:49.308Z DEBUG vopono_core::network::dns_config        > Setting namespace vopono_mv_usa-uschi008 DNS server to 193.138.218.74
 2023-05-03T11:17:49.309Z DEBUG vopono_core::network::netns             > ip netns exec vopono_mv_usa-uschi008 wg set _usa-uschi008 fwmark 51820
 2023-05-03T11:17:49.310Z DEBUG vopono_core::network::netns             > ip netns exec vopono_mv_usa-uschi008 ip -4 route add 0.0.0.0/0 dev _usa-uschi008 table 51820
 2023-05-03T11:17:49.311Z DEBUG vopono_core::network::netns             > ip netns exec vopono_mv_usa-uschi008 ip -4 rule add not fwmark 51820 table 51820
 2023-05-03T11:17:49.312Z DEBUG vopono_core::network::netns             > ip netns exec vopono_mv_usa-uschi008 ip -4 rule add table main suppress_prefixlength 0
 2023-05-03T11:17:49.314Z DEBUG vopono_core::util                       > sysctl -q net.ipv4.conf.all.src_valid_mark=1
 2023-05-03T11:17:49.314Z DEBUG vopono_core::network::netns             > ip netns exec vopono_mv_usa-uschi008 ip -6 route add ::/0 dev _usa-uschi008 table 51820
 2023-05-03T11:17:49.315Z DEBUG vopono_core::network::netns             > ip netns exec vopono_mv_usa-uschi008 ip -6 rule add not fwmark 51820 table 51820
 2023-05-03T11:17:49.316Z DEBUG vopono_core::network::netns             > ip netns exec vopono_mv_usa-uschi008 ip -6 rule add table main suppress_prefixlength 0
 2023-05-03T11:17:49.317Z DEBUG vopono_core::network::netns             > ip netns exec vopono_mv_usa-uschi008 iptables -t raw -A PREROUTING ! -i _usa-uschi008 -d 10.67.64.81/32 -m addrtype ! --src-type LOCAL -j DROP
 2023-05-03T11:17:49.324Z DEBUG vopono_core::network::netns             > ip netns exec vopono_mv_usa-uschi008 ip6tables -t raw -A PREROUTING ! -i _usa-uschi008 -d fc00:bbbb:bbbb:bb01::4:4050/128 -m addrtype ! --src-type LOCAL -j DROP
 2023-05-03T11:17:49.328Z DEBUG vopono_core::network::netns             > ip netns exec vopono_mv_usa-uschi008 iptables -t mangle -A POSTROUTING -p udp -j MARK --set-mark 51820
 2023-05-03T11:17:49.332Z DEBUG vopono_core::network::netns             > ip netns exec vopono_mv_usa-uschi008 iptables -t mangle -A PREROUTING -p udp -j CONNMARK --save-mark
 2023-05-03T11:17:49.337Z DEBUG vopono_core::network::netns             > ip netns exec vopono_mv_usa-uschi008 ip6tables -t mangle -A POSTROUTING -p udp -j MARK --set-mark 51820
 2023-05-03T11:17:49.338Z DEBUG vopono_core::network::netns             > ip netns exec vopono_mv_usa-uschi008 ip6tables -t mangle -A PREROUTING -p udp -j CONNMARK --save-mark
 2023-05-03T11:17:49.339Z DEBUG vopono_core::network::wireguard         > Setting Wireguard killswitch....
 2023-05-03T11:17:49.339Z DEBUG vopono_core::network::netns             > ip netns exec vopono_mv_usa-uschi008 iptables -A OUTPUT ! -o _usa-uschi008 -m mark ! --mark 51820 -m addrtype ! --dst-type LOCAL -j REJECT
 2023-05-03T11:17:49.340Z DEBUG vopono_core::network::netns             > ip netns exec vopono_mv_usa-uschi008 ip6tables -A OUTPUT ! -o _usa-uschi008 -m mark ! --mark 51820 -m addrtype ! --dst-type LOCAL -j REJECT
 2023-05-03T11:17:49.344Z DEBUG vopono_core::util                       > Using config dir from $HOME config: /home/gin/.config
 2023-05-03T11:17:49.344Z DEBUG vopono_core::network::netns             > Writing lockfile: /home/gin/.config/vopono/locks/vopono_mv_usa-uschi008
 2023-05-03T11:17:49.344Z DEBUG vopono_core::network::netns             > Lockfile written: /home/gin/.config/vopono/locks/vopono_mv_usa-uschi008/1667
 2023-05-03T11:17:49.344Z DEBUG vopono_core::util                       > Using config dir from $HOME config: /home/gin/.config
 2023-05-03T11:17:49.353Z DEBUG vopono_core::network::netns             > ip netns exec vopono_mv_usa-uschi008 sudo --preserve-env --user gin curl ifconfig.co/country
 2023-05-03T11:17:49.353Z INFO  vopono::exec                            > Application curl ifconfig.co/country launched in network namespace vopono_mv_usa-uschi008 with pid 1828
curl: (6) Could not resolve host: ifconfig.co
 2023-05-03T11:17:59.394Z DEBUG vopono_core::util                       > Using config dir from $HOME config: /home/gin/.config
 2023-05-03T11:17:59.394Z DEBUG vopono_core::util                       > Using config dir from $HOME config: /home/gin/.config
 2023-05-03T11:17:59.394Z INFO  vopono_core::network::netns             > Shutting down vopono namespace - as there are no processes left running inside
 2023-05-03T11:17:59.394Z DEBUG vopono_core::util                       > ip link delete _usa-uschi008_d
 2023-05-03T11:17:59.427Z DEBUG vopono_core::util                       > Using config dir from $HOME config: /home/gin/.config
 2023-05-03T11:17:59.427Z DEBUG vopono_core::util                       > nmcli connection reload
 2023-05-03T11:17:59.432Z DEBUG vopono_core::util                       > ip netns exec vopono_mv_usa-uschi008 ip link del _usa-uschi008
 2023-05-03T11:17:59.614Z DEBUG vopono_core::util                       > Using config dir from $HOME config: /home/gin/.config
 2023-05-03T11:17:59.614Z DEBUG vopono_core::network::host_masquerade   > Remaining namespaces: Ok({})
 2023-05-03T11:17:59.614Z DEBUG vopono_core::util                       > iptables -t nat -D POSTROUTING -s 10.200.1.0/24 -o enp6s0 -j MASQUERADE
 2023-05-03T11:17:59.615Z DEBUG vopono_core::util                       > Using config dir from $HOME config: /home/gin/.config
 2023-05-03T11:17:59.615Z DEBUG vopono_core::network::host_masquerade   > Remaining namespaces: Ok({})
 2023-05-03T11:17:59.615Z DEBUG vopono_core::util                       > iptables -D FORWARD -o _usa-uschi008_d -i enp6s0 -j ACCEPT
 2023-05-03T11:17:59.616Z DEBUG vopono_core::util                       > iptables -D FORWARD -i _usa-uschi008_d -o enp6s0 -j ACCEPT
 2023-05-03T11:17:59.616Z DEBUG vopono_core::util                       > ip netns delete vopono_mv_usa-uschi008```

Towards the bottom of the log you see that the curl command could not resolve the host name ifconfig.co. To test further, I tried connecting plainly with 'wg-quick up usa-uschi008.conf' and I was able to successfully curl and the returned ip was correct (mullvad's server).

Let me know if there is anything else that you need from me. This is a recent issue, I have been using vopono for a while without issue.
jamesmcm commented 1 year ago

Does it work without the killswitch? i.e. --disable-killswitch and if you use nftables instead of iptables?

Also make sure that Mullvad hasn't reset your keys - this happens occasionally. I'll try to test it with my own Mullvad user though.

Gin-no-kami commented 1 year ago

I tried adding --no-killswitch, using nftables, and using --disable-ipv6 but I kept getting the same could not resolve hostname error. Logs:

vopono -v exec --provider mullvad --server usa-uschi008 --firewall nftables --no-killswitch --disable-ipv6 "curl ifconfig.co/country"
 2023-05-04T10:23:02.668Z DEBUG vopono_core::util > Using config dir from $HOME config: /home/gin/.config
 2023-05-04T10:23:02.673Z DEBUG vopono_core::util::pulseaudio > Setting PULSE_SERVER to /run/user/1000/pulse/native
 2023-05-04T10:23:02.673Z INFO  vopono_core::util             > Calling sudo for elevated privileges, current user will be used as default user
 2023-05-04T10:23:02.673Z DEBUG vopono_core::util             > Args: ["vopono", "-v", "exec", "--provider", "mullvad", "--server", "usa-uschi008", "--firewall", "nftables", "--no-killswitch", "--disable-ipv6", "curl ifconfig.co/country"]
 2023-05-04T10:23:02.798Z DEBUG vopono_core::util > Using config dir from $HOME config: /home/gin/.config
 2023-05-04T10:23:02.803Z DEBUG vopono_core::util::pulseaudio > Setting PULSE_SERVER to /run/user/1000/pulse/native
 2023-05-04T10:23:02.803Z DEBUG vopono_core::util             > Using config dir from $HOME config: /home/gin/.config
 2023-05-04T10:23:02.804Z DEBUG vopono_core::util             > Existing namespaces: []
 2023-05-04T10:23:02.804Z DEBUG vopono_core::util             > Using config dir from $HOME config: /home/gin/.config
 2023-05-04T10:23:02.804Z DEBUG vopono_core::util             > Using config dir from $HOME config: /home/gin/.config
 2023-05-04T10:23:02.804Z DEBUG vopono::exec                  > vopono config.toml: configuration property "custom_config" not found
 2023-05-04T10:23:02.804Z DEBUG vopono::exec                  > vopono config.toml: configuration property "custom_netns_name" not found
 2023-05-04T10:23:02.804Z DEBUG vopono::exec                  > vopono config.toml: configuration property "open_hosts" not found
 2023-05-04T10:23:02.804Z DEBUG vopono::exec                  > vopono config.toml: configuration property "allow_host_access" not found
 2023-05-04T10:23:02.804Z DEBUG vopono::exec                  > vopono config.toml: configuration property "postup" not found
 2023-05-04T10:23:02.804Z DEBUG vopono::exec                  > vopono config.toml: configuration property "predown" not found
 2023-05-04T10:23:02.804Z DEBUG vopono::exec                  > vopono config.toml: configuration property "user" not found
 2023-05-04T10:23:02.804Z DEBUG vopono::exec                  > vopono config.toml: configuration property "group" not found
 2023-05-04T10:23:02.804Z DEBUG vopono::exec                  > vopono config.toml: configuration property "working-directory" not found
 2023-05-04T10:23:02.804Z DEBUG vopono::exec                  > vopono config.toml: configuration property "dns" not found
 2023-05-04T10:23:02.804Z DEBUG vopono::exec                  > vopono config.toml: configuration property "protocol" not found
 2023-05-04T10:23:02.804Z DEBUG vopono_core::util             > Using config dir from $HOME config: /home/gin/.config
 2023-05-04T10:23:02.804Z DEBUG vopono::exec                  > vopono config.toml: configuration property "interface" not found
 2023-05-04T10:23:02.804Z DEBUG vopono_core::network::network_interface > ip addr
 2023-05-04T10:23:02.805Z DEBUG vopono::exec                            > Interface: enp6s0
 2023-05-04T10:23:02.805Z DEBUG vopono_core::util                       > Using config dir from $HOME config: /home/gin/.config
 2023-05-04T10:23:02.806Z INFO  vopono_core::util                       > Chosen config: /home/gin/.config/vopono/mv/wireguard/usa-uschi008.conf
 2023-05-04T10:23:02.807Z DEBUG vopono_core::util                       > Existing namespaces: []
 2023-05-04T10:23:02.807Z DEBUG vopono_core::util                       > ip netns add vopono_mv_usa-uschi008
 2023-05-04T10:23:02.808Z INFO  vopono_core::network::netns             > Created new network namespace: vopono_mv_usa-uschi008
 2023-05-04T10:23:02.808Z DEBUG vopono_core::util                       > Existing interfaces: 
 2023-05-04T10:23:02.809Z DEBUG vopono_core::util                       > Assigned IPs: []
 2023-05-04T10:23:02.809Z DEBUG vopono_core::network::netns             > ip netns exec vopono_mv_usa-uschi008 ip addr add 127.0.0.1/8 dev lo
 2023-05-04T10:23:02.810Z DEBUG vopono_core::network::netns             > ip netns exec vopono_mv_usa-uschi008 ip link set lo up
STATE      CONNECTIVITY  WIFI-HW  WIFI     WWAN-HW  WWAN    
connected  full          enabled  enabled  missing  enabled 
 2023-05-04T10:23:02.818Z DEBUG vopono_core::network::veth_pair         > Detected NetworkManager running
 2023-05-04T10:23:02.818Z DEBUG vopono_core::network::veth_pair         > NetworkManager detected, adding _usa-uschi008_d to unmanaged devices
 2023-05-04T10:23:02.818Z DEBUG vopono_core::network::veth_pair         > Creating new NetworkManager config file: /etc/NetworkManager/conf.d/unmanaged.conf
 2023-05-04T10:23:02.818Z DEBUG vopono_core::util                       > nmcli connection reload
 2023-05-04T10:23:02.822Z DEBUG vopono_core::network::veth_pair         > firewalld not detected running
 2023-05-04T10:23:02.822Z DEBUG vopono_core::util                       > ip link add _usa-uschi008_d type veth peer name _usa-uschi008_s
 2023-05-04T10:23:02.823Z DEBUG vopono_core::util                       > ip link set _usa-uschi008_d up
 2023-05-04T10:23:02.824Z DEBUG vopono_core::util                       > ip link set _usa-uschi008_s netns vopono_mv_usa-uschi008 up
 2023-05-04T10:23:02.881Z DEBUG vopono_core::util                       > ip addr add 10.200.1.1/24 dev _usa-uschi008_d
 2023-05-04T10:23:02.881Z DEBUG vopono_core::network::netns             > ip netns exec vopono_mv_usa-uschi008 ip addr add 10.200.1.2/24 dev _usa-uschi008_s
 2023-05-04T10:23:02.883Z DEBUG vopono_core::network::netns             > ip netns exec vopono_mv_usa-uschi008 ip route add default via 10.200.1.1 dev _usa-uschi008_s
 2023-05-04T10:23:02.885Z INFO  vopono_core::network::netns             > IP address of namespace as seen from host: 10.200.1.2
 2023-05-04T10:23:02.885Z INFO  vopono_core::network::netns             > IP address of host as seen from namespace: 10.200.1.1
 2023-05-04T10:23:02.885Z DEBUG vopono_core::util                       > nft add table inet vopono_nat
 2023-05-04T10:23:02.886Z DEBUG vopono_core::util                       > nft add chain inet vopono_nat postrouting { type nat hook postrouting priority 100 ; }
 2023-05-04T10:23:02.887Z DEBUG vopono_core::util                       > nft add rule inet vopono_nat postrouting oifname enp6s0 ip saddr 10.200.1.0/24 counter masquerade
 2023-05-04T10:23:02.889Z DEBUG vopono_core::util                       > nft add table inet vopono_bridge
 2023-05-04T10:23:02.890Z DEBUG vopono_core::util                       > nft add chain inet vopono_bridge forward { type filter hook forward priority -10 ; }
 2023-05-04T10:23:02.891Z DEBUG vopono_core::util                       > nft add rule inet vopono_bridge forward iifname _usa-uschi008_d oifname enp6s0 counter accept
 2023-05-04T10:23:02.892Z DEBUG vopono_core::util                       > nft add rule inet vopono_bridge forward oifname _usa-uschi008_d iifname enp6s0 counter accept
 2023-05-04T10:23:02.893Z DEBUG vopono_core::util                       > sysctl -q net.ipv4.ip_forward=1
 2023-05-04T10:23:02.894Z DEBUG vopono_core::network::wireguard         > Deserializing: 193.138.218.74 to Vec<IpAddr>
 2023-05-04T10:23:02.894Z DEBUG vopono_core::network::wireguard         > TOML config: WireguardConfig { interface: WireguardInterface { private_key: "REMOVEDFORPRIVACY", address: [10.67.64.81/32, fc00:bbbb:bbbb:bb01::4:4050/128], dns: Some([193.138.218.74]) }, peer: WireguardPeer { public_key: "REMOVEDFORPRIVACY", allowed_ips: [0.0.0.0/0, ::/0], endpoint: 68.235.43.90:51820, keepalive: None } }
 2023-05-04T10:23:02.894Z DEBUG vopono_core::network::netns             > ip netns exec vopono_mv_usa-uschi008 ip link add _usa-uschi008 type wireguard
 2023-05-04T10:23:02.895Z DEBUG vopono_core::network::netns             > ip netns exec vopono_mv_usa-uschi008 wg setconf _usa-uschi008 /tmp/vopono_nft.conf
 2023-05-04T10:23:02.896Z DEBUG vopono_core::network::netns             > ip netns exec vopono_mv_usa-uschi008 ip -4 address add 10.67.64.81/32 dev _usa-uschi008
 2023-05-04T10:23:02.897Z DEBUG vopono_core::network::netns             > ip netns exec vopono_mv_usa-uschi008 ip -6 address add fc00:bbbb:bbbb:bb01::4:4050/128 dev _usa-uschi008
 2023-05-04T10:23:02.899Z DEBUG vopono_core::network::netns             > ip netns exec vopono_mv_usa-uschi008 ip link set mtu 1420 up dev _usa-uschi008
 2023-05-04T10:23:02.900Z DEBUG vopono_core::network::dns_config        > Setting namespace vopono_mv_usa-uschi008 DNS server to 193.138.218.74
 2023-05-04T10:23:02.901Z DEBUG vopono_core::network::netns             > ip netns exec vopono_mv_usa-uschi008 wg set _usa-uschi008 fwmark 51820
 2023-05-04T10:23:02.902Z DEBUG vopono_core::network::netns             > ip netns exec vopono_mv_usa-uschi008 ip -4 route add 0.0.0.0/0 dev _usa-uschi008 table 51820
 2023-05-04T10:23:02.903Z DEBUG vopono_core::network::netns             > ip netns exec vopono_mv_usa-uschi008 ip -4 rule add not fwmark 51820 table 51820
 2023-05-04T10:23:02.904Z DEBUG vopono_core::network::netns             > ip netns exec vopono_mv_usa-uschi008 ip -4 rule add table main suppress_prefixlength 0
 2023-05-04T10:23:02.905Z DEBUG vopono_core::util                       > sysctl -q net.ipv4.conf.all.src_valid_mark=1
 2023-05-04T10:23:02.905Z DEBUG vopono_core::network::netns             > ip netns exec vopono_mv_usa-uschi008 nft add table ip6 vopono_mv_usa-uschi008
 2023-05-04T10:23:02.906Z DEBUG vopono_core::network::netns             > ip netns exec vopono_mv_usa-uschi008 nft add chain ip6 vopono_mv_usa-uschi008 drop_ipv6_input { type filter hook input priority -1 ; policy drop; }
 2023-05-04T10:23:02.908Z DEBUG vopono_core::network::netns             > ip netns exec vopono_mv_usa-uschi008 nft add chain ip6 vopono_mv_usa-uschi008 drop_ipv6_output { type filter hook output priority -1 ; policy drop; }
 2023-05-04T10:23:02.909Z DEBUG vopono_core::network::netns             > ip netns exec vopono_mv_usa-uschi008 nft add chain ip6 vopono_mv_usa-uschi008 drop_ipv6_forward { type filter hook forward priority -1 ; policy drop; }
 2023-05-04T10:23:02.911Z DEBUG vopono_core::network::netns             > ip netns exec vopono_mv_usa-uschi008 nft -f /tmp/vopono_nft.sh
 2023-05-04T10:23:02.912Z DEBUG vopono_core::util                       > Using config dir from $HOME config: /home/gin/.config
 2023-05-04T10:23:02.912Z DEBUG vopono_core::network::netns             > Writing lockfile: /home/gin/.config/vopono/locks/vopono_mv_usa-uschi008
 2023-05-04T10:23:02.912Z DEBUG vopono_core::network::netns             > Lockfile written: /home/gin/.config/vopono/locks/vopono_mv_usa-uschi008/26440
 2023-05-04T10:23:02.912Z DEBUG vopono_core::util                       > Using config dir from $HOME config: /home/gin/.config
 2023-05-04T10:23:02.922Z DEBUG vopono_core::network::netns             > ip netns exec vopono_mv_usa-uschi008 sudo --preserve-env --user gin curl ifconfig.co/country
 2023-05-04T10:23:02.922Z INFO  vopono::exec                            > Application curl ifconfig.co/country launched in network namespace vopono_mv_usa-uschi008 with pid 26594

My keys were freshly generated and I had just run a sync.

Sorry for not including this information earlier, I am running arch and vopono 0.10.5 from the aur. I tried re-compiling vopono but that didn't fix it either.

Let me know if there is anything else I can try to test for you or other logs that you need.

Gin-no-kami commented 1 year ago

So I am going to leave this note here just in case someone runs into a problem similar to mine. My networking is configured with NetworkManager. I fixed this issue by disabling the nftables service (iptables service was never running). I don't know if this is because the default rules that nftables includes was causing conflicts, but disabling it fixed my issue.

I went down this debugging path for an unrelated issue with getting dns issues in docker, but was happy to see that it fixed it in both applications.