Rules dont get applied properly at boot-time

Bug #368496 reported by valveillon on 2009-04-28
12
This bug affects 2 people
Affects Status Importance Assigned to Milestone
guarddog (Ubuntu)
Undecided
Unassigned
Nominated for Karmic by Paulo da Silva

Bug Description

Binary package hint: guarddog

Hi,
using guarddog Version : 2.6.0-2.1ubuntu3 on Jaunty, I get a behavior I have been bashing my head on for a while:

at boot- time /etc/init.d/guarddog seems to run properly (see it in dmesg, no error or warning), but when I try to use my network I notice it's closed, no samba, no ssh, only web browsing is available.
If I re-run manually /etc/init.d/guarddog, every thing's fine.

Using iptables-save and comparing the rulesets I found this differences, rules added by the second manual run of /etc/init.d/guarddog:

-A INPUT -s 192.168.0.3/32 -d 192.168.0.255/32 -i wlan0 -j ACCEPT (line 21)

-A nicfilt -i wlan0 -j RETURN (line 143)
-A nicfilt -i wlan0 -j RETURN (line 144)

-A s0 -d 192.168.0.3/32 -j f0to1 (line 147)
-A s0 -d 192.168.0.255/32 -j f0to1 (line 148)

The rest of the rules are strictly identical.

As you can see the connexion is made through wifi (ath5k driver), and connexion is managed by wicd Version : 1.5.9-2.

I tried many workarounds, checked the runlevels scripts against the ones on my working Debian box (with wicd too), and couldn't find any difference. So the only solution is to add a script somewhere to re-run guarddog init script, and since it as to be done as root it's really not pretty.

I checked on the Intrepid boxes I had left, they were running guarddog and NetworkManager without problem. Switching to wicd triggers the same behavior.
Of course I poked the wicd people earlier, they were helpful be we found no practical solution.

Any tip ?

Attached is the working ruleset, I indented the lines that are added by the second manual run of guarddog init script.

Cheers.

valveillon (valveillon) wrote :
amichair (amichai2) wrote :

I also see this happening sometimes, also in Lucid/Maverick. Occasionally (not always), right after a reboot, I can't access anything on the network, and "/etc/init.d/guarddog restart" solves the problem, as does opening guarddog and simply clicking Apply and closing it. Since it's inconsistent, maybe it's some race condition with other startup scripts? Just a guess...

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Bug attachments