Ubuntu
knockd package

knockd service fails to start when connecting with NetworkManager

Bug #837954 reported by mikey
24
This bug affects 4 people
Affects Status Importance Assigned to Milestone
knockd (Ubuntu)
Confirmed
Undecided
Unassigned

Bug Description

About my Ubuntu:

Description: Ubuntu 11.04
Release: 11.04

About Knockd:

knockd:
  Installed: 0.5-3ubuntu1
  Candidate: 0.5-3ubuntu1
  Version table:
 *** 0.5-3ubuntu1 0
        500 http://gb.archive.ubuntu.com/ubuntu/ natty/universe amd64 Packages
        100 /var/lib/dpkg/status

What I expected to happen:

I expected a default install of knockd from the repositories to start as a service when run on Ubuntu Desktop install with a default eth0 dhcp connection, after it was enabled as per instructions by setting START_KNOCKD=1 in /etc/default/knockd.

What happened:

Instead the knockd service fails to start, without warning and produces the following log in /var/log/knockd.log

[2011-08-28 13:06] waiting for child processes...
[2011-08-28 13:06] shutting down

Steps taken to fix the problem:

Based on a fix for a similar problem I had encountered for mediatomb (https://bugs.launchpad.net/ubuntu/+source/mediatomb/+bug/212441/comments/17) I have had a go at creating a Upstart init script to be placed into /etc/init/knockd.conf to replace the one in /etc/init.d/knockd. This fixes the problem for me however I don't fully understand creating a finished Upstart script so I am sure that this one needs some further work.

Revision history for this message
mikey (abc-mikey) wrote :
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in knockd (Ubuntu):
status: New → Confirmed
Revision history for this message
CvB (cvb-kruemel) wrote :

I have the very same issue unter Lucid (10.04.3), i.e. starting knockd just leads to the two entries in the log, and that's it. However, changing the start script to upstart does not help...

Revision history for this message
philippe (philippe-leray) wrote :

knockd doesn't start in 13.10, 13.04.
Don't try yet the fix.

Revision history for this message
M.Gusmao (mendelsongusmao) wrote :

Doesn't work on 14.04, either.
My system has a bridge br0 between eth0 and wlan0.
knockd worked after passing -i br0 to it.

Revision history for this message
Zsolt Lauter (lauterzsolti) wrote :

It doesn't start automatically on 15.04 with the following options:

/etc/default/knockd:
START_KNOCKD=1
KNOCKD_OPTS="-i wlan0"

/etc/knockd.conf:
[options]
 logfile = /var/log/knockd.log

[SSH]
sequence = 6666:tcp,7777:udp,8888:tcp
seq_timeout = 5
start_command = /usr/sbin/ufw allow from %IP% to any port 22
tcpflags = syn
cmd_timeout = 10
stop_command = /usr/sbin/ufw delete allow from %IP% to any port 22

systemctl status knockd.service tells it's "active (exited)".

Revision history for this message
Zsolt Lauter (lauterzsolti) wrote :

I can't start it manually anyway until I run `systemctl stop knockd.service`. `systemctl start knockd.service` will start it after it's stopped and finally `ps` will show it:
root 2885 2.5 0.0 8748 3584 ? Ss 22:04 0:00 /usr/sbin/knockd -d -i wlan0

Revision history for this message
Zsolt Lauter (lauterzsolti) wrote :

Um... I observed that it happens because my wireless interface is down when knockd is about to start. It usually happens during boot and after the machine resumed from suspend.

I thought I'll give a try to "After=network-online.target" option for the systemd config of knockd but I didn't find any configuration. It looks like there's an old-style init script under the hood.

Finally I wrote a bash script that starts or stops knockd when the interface is up/down, made it executable and placed to /etc/NetworkManager/dispatcher.d/ - it's working now.

Revision history for this message
Luchostein (luchostein) wrote :

I solved it creating this script in /etc/NetworkManager/dispatcher.d/02knockd.sh (owned by root:root and with u=rwx,og=rx permissions):

#!/bin/bash

set -o nounset

declare iface="${1:-}"
declare event="${2:-}"

case "$event" in
  up|vpn-up)
    if ! pidof knockd >/dev/null; then
     service knockd start 2>&1
    fi
    ;;
  down|vpn-down|hostname|dhcp4-change|dhcp6-change) ;;
  *)
          echo "$0: called with unknown action \`$2'" 1>&2
    exit 1
    ;;
esac

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.