Date
1 - 17 of 17
Chromium issue...
Mike B
So I run Pat for winlink capability...
...I started having a lot of timeout problems so I was monitoring axlisten... There I noticed a problem with Chromium. ...Chromium is apparently broadcasting Upnp info over the udr0: port...triggering the radio to transmit...and or interrupting other packet comm and completely screwing up the data transmission. Is there something in the Draws config that can stop that...or are the IP address ports for udr0 and udr1 enabling it I know that Pat is not part of Draws...but Chromium comes installed...and whenever Chromium is running it attempts to send packets over udr0: Anywhere I can look for info? udr0: fm KF5xxx-10 to QST ctl UI pid=CC(IP) len 195 13:13:34IP: len 195 192.168.255.2->239.255.255.250 ihl 20 ttl 1 DF prot UDPUDP: len 175 58661->1900 Data 167M-SEARCH * HTTP/1.1HOST: 239.255.255.250:1900MAN: "ssdp:discover"MX: 1ST: urn:dial-multiscreen-org:service:dial:1USER-AGENT: Chromium/78.0.3904.108 Linux Mike
|
|
Basil may have some input, but this is a Raspbian/Chromium issue. The images are a courtesy, and not a NW Digital Radio product. However, you could probably use iptables to build a DROP for the interfaces.
On Thu, May 28, 2020 at 2:56 PM Mike B <kf5dey@...> wrote: So I run Pat for winlink capability... --
John D. Hays Kingston, WA K7VE
|
|
So I run Pat for winlink capability...I don't support PAT. I do support paclink-unix and mutt, claws-mail, rainloop mail apps ...I started having a lot of timeout problems so I was monitoring axlisten...Where did you get axlisten? The NWDR image comes with listen. There I noticed a problem with Chromium. ...Chromium is apparentlyThe NWDR image comes configured with iptables to prevent that. I take it you are not using the NWDR image? iptables gets setup when you run ./app_config.sh core if you follow the "Getting Started Guide". https://nw-digital-radio.groups.io/g/udrc/wiki/8921 Is there something in the Draws config that can stop that...or are theYes I am well aware of the Chromecast problem, as well as Bonjour/Multicast DNS, Dropbox, Samba broadcasts. All of those apps bind to all Network interfaces. iptables fixes that. I know that Pat is not part of Draws...but Chromium comes
|
|
Thanks John.
toggle quoted messageShow quoted text
If you use the NWDR image & follow the "Getting Started" Guide you will not have this problem. iptables is already installed on the image & gets configured when you run ./app_config.sh core. John D Hays - K7VE <john@hays.org> writes:
Basil may have some input, but this is a Raspbian/Chromium issue. The
|
|
Mike B
Thanks for pointing that out...yes I am running the NW image...but the iptables may have been overwritten...I will have to see.
|
|
Mike B
I found the directory in /n7nix/iptables/ and ran the flush and install...
It seems to have solved the problem. So another lesson learned. Mike
|
|
Mike B <kf5dey@gmail.com> writes:
I found the directory in /n7nix/iptables/ and ran the flush and install...Happy that's working for you. iptable-check.sh - Lists current iptables rules iptable-flush.sh - Clear all iptables rules iptable-up.sh - Add all iptables rules So another lesson learned.
|
|
Mike B
Ok, the iptable-up.sh does reinstall the iptables...
...but when I reboot, they get overwritten again... Now I have to figure out what is in the startup sequence that can over write the iptables... ...I do know that every time chromium opens it want to do an upgrade..
|
|
If you use an NWDR SD card image and follow the "Getting Started"
toggle quoted messageShow quoted text
instructions then iptables will get installed properly. Along with iptables, the iptables-persistent package also gets installed. Running iptable_install.sh script by itself MIGHT work to fix your problem. Running ./app_config.sh core as is described in the "Getting Started" WILL definitely work because that is what I test. One of the things the iptable_install.sh script does is it creates a /lib/dhcpcd/dhcpcd-hooks/70-ipv4.ax25 file that restores iptables rules from a boot. That is most likely missing in your current setup but might not be the only thing missing. I would recommend starting with a fresh NWDR image & following the "Getting Started" Guide. /Basil n7nix Mike B <kf5dey@gmail.com> writes:
Ok, the iptable-up.sh does reinstall the iptables...
|
|
Mike B
I would like to point out that I was running an image, did the appropriate updates etc...for a few months... then probably something I did broke the iptables...
...so I can start over (the equivalent of reinstalling windows) but chances are good I will successfully break iptables again. I am not saying it is your fault...Chromium is the issue...but iptables is the weakness that Chromium is exploiting. I will work on what you wrote, and see if I can work around this... Mike
|
|
I would like to point out that I was running an image, did theI know passing emails back & forth is not very satisfying when trying to fix problems. If I was in front of your RPi I could fix your problem in short order so it is a little frustrating for both of us. ...so I can start over (the equivalent of reinstalling windows) butI would like to know how you do that so I could make the configure scripts more robust. I am not saying it is your fault...Chromium is the issue...butiptables is the solution to fixing a Chromium problem that binds to all network interfaces. I will work on what you wrote, and see if I can work around this...Try running the iptable_install.sh script by itself. Then look for this file: /lib/dhcpcd/dhcpcd-hooks/70-ipv4.ax25 It needs to have the following line in it that will allow iptables rules to be loaded at boot time. iptables-restore < /etc/iptables/rules.ipv4.ax25
|
|
Mike B
Ok gave up on other fixes..downloaded the fresh Draws version 16, wrote it to a new unused sd card...
...started from new on the 'Getting Started' https://nw-digital-radio.groups.io/g/udrc/wiki/8921 cd cd n7nix git pull sudo su apt-get update apt-get dist-upgrade (BTW at this point you need to 'exit' root in order to do the next two steps) cd cd n7nix/config # Become root (again) sudo su ./app_config.sh core During that ./app_config.sh core I get the following messages... == setup iptables iptables v1.8.2 (nf_tables): RULE_APPEND failed (No such file or directory): rule in chain OUTPUT iptables v1.8.2 (nf_tables): Couldn't load match `udp':No such file or directory Try `iptables -h' or 'iptables --help' for more information. iptables v1.8.2 (nf_tables): Couldn't load match `udp':No such file or directory Try `iptables -h' or 'iptables --help' for more information. iptables v1.8.2 (nf_tables): RULE_APPEND failed (No such file or directory): rule in chain OUTPUT iptables v1.8.2 (nf_tables): Couldn't load match `udp':No such file or directory Try `iptables -h' or 'iptables --help' for more information. iptables v1.8.2 (nf_tables): Couldn't load match `udp':No such file or directory Try `iptables -h' or 'iptables --help' for more information. 2020 05 30 09:52:45 PDT: iptable_install.sh: iptables install/config script FINISHED I rebooted as directed and guess what... Chromium still attempts to ride on UDR0: udr0: fm KF5DEY-10 to QST ctl UI pid=CC(IP) len 195 IP: len 195 192.168.255.2->239.255.255.250 ihl 20 ttl 1 DF prot UDP UDP: len 175 57908->1900 Data 167 Again, this was a brand new sd card, fresh download of draws version16, ran ./app_config.sh core as described... Something is wrong somewhere... Mike
|
|
Thanks for the console output.
toggle quoted messageShow quoted text
The raspbian distro version of iptables has recently changed and no longer allows setting iptables rules without the ax.25 interface(s) being up. That means the place where iptables was previously config'ed in './app_config.sh core' no longer works. I have made some changes to a number of scripts and need to do more verification but running the new iptable-check.sh script should fix your problem. # First start the ax25 interfaces if you haven't already done that ax25-start # Then refresh the n7nix repo on your RPi cd cd n7nix git pull cd config ./bin_refresh.sh # Now run the new iptable-check.sh script and verify iptable-check.sh I would appreciate seeing all the console output from this script. If the above doesn't work then delete the following two files: /etc/iptables/rules.ipv4.ax25 /lib/dhcpcd/dhcpcd-hooks/70-ipv4.ax25 and run iptable-check.sh again. /Basil Mike B <kf5dey@gmail.com> writes:
Ok gave up on other fixes..downloaded the fresh Draws version 16, wrote it to a new unused sd card...
|
|
Mike B
This is on the new image that I listed above...I didn't burn a new one...(in my case ax25 was already running by now)
I did not need delete the lines. This a completely different output than what I had seen before...even while trying to fix my other install I did a reboot, and launched Chromium, and no drama...so as far as I can tell...it is completely fixed...now I need to fix my old install.... pi@draws:~/n7nix/config $ iptable-check.sh set sudo == List current iptables rules Chain INPUT (policy ACCEPT 3490 packets, 513926 bytes) pkts bytes target prot opt in out source destination Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 2686 packets, 663992 bytes) pkts bytes target prot opt in out source destination Number of ax25 iptables rules found: 0 iptables file: /etc/iptables/rules.ipv4.ax25 exists iptables file: /lib/dhcpcd/dhcpcd-hooks/70-ipv4.ax25 exists Stopping firewall and allowing everyone... == setup iptables Number of ax25 rules now: 6 pi@draws:~/n7nix/config $
|
|
I did a reboot, and launched Chromium, and no drama...so as far as IOn your old install should be able to refresh your files cd cd n7nix git pull cd config ./bin_refresh.sh and run the iptable-check.sh script iptable-check.sh
|
|
Mike B
Yup did the same procedure and it worked on my old install.
Mike
|
|
Yup did the same procedure and it worked on my old install.Great to hear Mike.
|
|