cntlm does not work at reboot
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
cntlm (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Precise |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
[SRU] The debdiff attached to LP: #1009436 backports cntlm-0.
[IMPACT]
Cntlm does not start if the parent proxy is unavailable.
[Test Case]
Cntlm should be correctly configured and network proxy applied system wide as 127.0.0.1 port 3128 for HTTP, HTTPS and FTP, but not Socks.
Restart the computer with no network cable attached, open Firefox and enter a URL.
0.91 behaviour: the message 'The proxy server is refusing connections' appears.
0.92 behaviour: the message '502 connection timed out. cntlm proxy failed to complete the request' appears.
[Regression Potential]
Minimal: cntlm has no dependants and no dependencies besides libc6.
Please see LP: #1009436 for additional information.
-------
I have just installed cntlm 0.91rc6 on ubuntu server 10.10.
On every reboot, cntlm does not work properly.
Config 1: I put 3 Listen lines in cntlm.conf to only bind 3 interfaces.
On the boot log, cntlm complaints that 'Cannot bind port ', with the first 2 reason are set to the port is used and the last reason is set to interface not available. Then I got 'No proxy service ports were successfully opened' message, but a few lines later it stated that the cntlm daemon has been started sucessfully.
Later on if I did 'netstat -an | grep LISTEN', I only see the first 2 interface bound to cntlm.
Manually restart the service works every time.
Config 2: Instead I set the 'Gatewayl' parameter to 'yes'.
On the boot log, cntlm is no longer complaint that it can't bind the port, however I still see 'No proxy service ports were successfully opened' message followed by successful daemon start.
On 'netstat -an | grep LISTEN', I got cntlm listening to '0.0.0.0:8081', however if I use the proxy, cntlm *always* return that cntlm can't forward the request. From the IP trace of the interface, I can see cntlm does not even try to open *any* request connection, just immediately return the browser client request with the above error message.
Manually restart the service works every time.
Does the cntlm service started too early on reboot???
> Does the cntlm service started too early on reboot?
Yes, this sounds like LP: #358298, which I worked around by adding an ifup.d script for.
Unfortunately, cntlm requires connectivity to its parent proxy at startup. It would be preferable if it didn't and just returned 500s until it could contact its parent.