Description of problem: mandi is dead after a boot, but it can be started manually. Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. 2. 3. Reproducible: Steps to Reproduce:
I am running mandi in my mga4 gw-box. It is connected as a sub-net to my Tilgin fiber router (192.168.1.1). I have forwarded web and ssh to my mga4 box. Now, mandi tells me that 192.168.0.167 repeatedly tries to connect to my ssh server. Has my Tilgin router been hacked? Is this a known attack method? I know, this is not a bug, but maybe somebody knows.
I have been running chkrootkit on my Linux machines. It turns out that the 2 boxes that I have been using to test "Sharing the Internet.." in mga5 (cauldron) both are infected by the Suckit rootkit: Searching for Suckit rootkit.... Warning: /sbin/init INFECTED http://la-samhna.de/library/rootkits/list.html A natural question: Is cauldron infected?
An update to the situation after a boot with shorewall and mandi enabled: mandi is apparently running and shorewall is dead. I wrote "apparently": it reports [OK] but it actually failed! systemctl status mandi.service: Starting mandi daemon: nl_create_socket: Protocol not supported. unable to init netlink unable to init "Interactive Firewall" plugin. .... mandi: [OK] Evidently it is not OK! shorewall is dead. Then I do the following: systemctl stop mandi.service systemctl start shorewall.service shorewall is now running. systemctl start mandi.service mandi is now running without the above error. There seems to be 2 problems: 1) mandi is started before shorewall is running. 2) mandi keeps running, even if it fails.
Summary: The firewall monitor mandi is dead after a boot => Starting mandi daemon: nl_create_socket: Protocol not supportedSource RPM: mandi-1.3-5.mga5 or systemd-217-7.mga5? => mandi-1.3-5.mga5 or shorewall-4.6.3.4-2.mga5
The real reason to this problem is that mandi cannot start shorewall due to a change in an obscure (to me) protocol. systemctl status mandi.service: â mandi.service - LSB: Network monitoring daemon Loaded: loaded (/etc/rc.d/init.d/mandi) Active: active (running) since Mon 2015-01-26 09:58:39 CET; 17min ago Process: 2785 ExecStart=/etc/rc.d/init.d/mandi start (code=exited, status=0/SUCCESS) CGroup: /system.slice/mandi.service ââ2796 /usr/sbin/mandi -d Jan 26 09:58:39 sirius.astronomy mandi[2785]: Starting mandi daemon: nl_create_socket: Protocol not supported Jan 26 09:58:39 sirius.astronomy mandi[2785]: unable to init netlink Jan 26 09:58:39 sirius.astronomy mandi[2785]: unable to init "Interactive Firewall" plugin Jan 26 09:58:39 sirius.astronomy mandi[2785]: [ OK ] mandi should be fixed or removed from mga5. By default mandi is enabled, so shorewall is never started.
What is going on? I have now booted mga5b2-live-kde4-i586. Both mandi and shorewall are running without errors after the boot. The above report applies to an install from the traditional i586 DVD followed by an update. Both are running on real hardware. I have also installed the traditional DVD in Virtualbox with the same result. This seems to indicate that the live and and traditional DVDs are different in som way.
I have made a net-install of mga5/cauldron on an old netbook. mandi and shorewall are both running after a re-boot. I tried the same net-install in virtualbox, but this time mandi had stopped with the above error after a re-boot, and shorewall was not running. I give up. It all looks very strange. I am probably going to install from the live DVD, but .....
When I run mga5b2-live-kde4-i586 on the DVD in virtualbox both mandi and shorewall are running without errors after a boot. However, after an installation of the live system to the virtual disk in virtualbox a re-boot from disk produces the errors nl_create_socket: Protocol not supported unable to init netlink unable to init "Interactive Firewall" plugin and shorewall is not running.
Now, after some updates from cauldron, both mandi and shorewall run in virtualbox. I have no idea, why mandy suddenly works. I have found many cases with this error "nl_create_socket: Protocol not supported" with google, but I have NEVER seen any explanation of why it did not work!
FINALLY: now it works! I installed from scratch on real hardware using boot.iso from January 29th. Both mandi and shorewall is running after a boot. I proceeded by configuring a local network on the ethernet interface using the WiFi as the "internet" interface. All relevant services are running after a re-boot except dhcpd. This problem is taken care of by inserting MII_NOT_SUPPORTED = yes (instead of no). So, network configuration seems to be ready for beta3.
Suddenly, the same problem reappeared in virtual box after an update of dbus. The problem is that the network interface is not up when mandi is started. Even in virtualbox I have to insert MII_NOT_SUPPORTED = yes into the network interface. Apparently, interfaces in virtualbox are also hot-plugged. Is this really how it should be?
This is probably not a bug, but a feature due to the differences between how old-style services (like mandi) and systemd services are started during the boot process. mandi is simply started before shorewall is ready. So should I close this "bug"?
This bug has now been solved.
Status: NEW => RESOLVEDResolution: (none) => FIXED