Date: Mon, 5 Oct 2015 16:42:30 -0500 From: Adam Vande More <amvandemore@gmail.com> To: Niklaas Baudet von Gersdorff <niklaas@kulturflatrate.net> Cc: FreeBSD Questions <freebsd-questions@freebsd.org> Subject: Re: PF stops tmux from working?! Message-ID: <CA%2BtpaK3acPf2QvWDtC78EqEdawunK__nMwi8UmfjDx5gmZXj5w@mail.gmail.com> In-Reply-To: <5612E791.4040708@kulturflatrate.net> References: <5612E791.4040708@kulturflatrate.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Oct 5, 2015 at 4:11 PM, Niklaas Baudet von Gersdorff < niklaas@kulturflatrate.net> wrote: > I have a host with several jails on it. The jails have a public IPv6 > assigned to the external interface. Using PF as firewall, I was used to > block all incoming traffic and I initially set > > > pass out on $ext_if proto { tcp udp } all > > Recently, I changed the settings to also restrict outgoing traffic. E.g. > there are some jails that are only allowed to send traffic within my > IPv6 network. > > Since I restricted the access, in some jails, I cannot use tmux anymore > which I don't understand because I wouldn't have thought of a relation > between a terminal multiplexer and a firewall. > > > tmux -vvvvvvvv > > created some logfiles that I attached but they don't look promising. > (The respective tmux-client-19034.log is empty.) > > I have read that it's possible to do some debugging with > > > truss tmux > > which, in fact, turned out some results that might relate the > dysfunction of tmux to the changes of the firewall. The full file is > attached, the lines that I assume relevant follow: > > > connect(5,{ AF_UNIX "/tmp/tmux-1001/default" },24) ERR#61 'Connection > refused' > > stat("/usr/share/nls/C/libc.cat",0x7fffffffdcd8) ERR#2 'No such file or > directory' > > stat("/usr/share/nls/libc/C",0x7fffffffdcd8) ERR#2 'No such file or > directory' > > stat("/usr/local/share/nls/C/libc.cat",0x7fffffffdcd8) ERR#2 'No such > file or directory' > > stat("/usr/local/share/nls/libc/C",0x7fffffffdcd8) ERR#2 'No such file > or directory' > [...] > > socket(PF_INET,SOCK_DGRAM,0) ERR#43 'Protocol not > supported' > > poll({4/POLLIN},1,0) = 0 (0x0) > > fcntl(0,F_GETFL,) = 6 (0x6) > > fcntl(0,F_SETFL,0x2) = 0 (0x0) > > process exit, rval = 1 > > I have no clue what the above line mean but what made me suspicious is line > > > socket(PF_INET,SOCK_DGRAM,0) ERR#43 'Protocol not > supported' > > because I relate "/PF/_INET" to the /pf/ firewall. Searching for > PF_INET != PF. Your issue isn't related to a firewall at all but rather your previous question. tmux is attempting to open an IPv4 socket and in your environment it isn't supported. -- Adam
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CA%2BtpaK3acPf2QvWDtC78EqEdawunK__nMwi8UmfjDx5gmZXj5w>