DNS Leak/ Firewall issues v. 0.8.3

[poisonowl]

DNS leak with firewall selected and also when not selected- and with the different firewall configurations selected or not selected or combinations selected or not selected (block lan/ private networks, activate firewall only when gui is running, preserve preexisting firewall rules).

I had v.8.0.3 installed on two different computers. Reinstalled v.8.02 on one- v.8.0.3 is unusable. It is unclear which boxes need to be checked/ unchecked to access the internet. Sometimes it will connect, and other times it won't. When it does connect, there is a DNS leak. (checked using ipleak.net and dnsleaktest.com)

I have disabled the preexisting firewall manually, but have the same results.

Additionally, whenever the "Activate Firewall" box is checked or unchecked (and applied), all of the boxes in the configure firewall settings are also then unchecked.

Also, when a connection is dropped (when using wi-fi), most frequently it shows it is still connected.

The 2nd computer (where the below info is taken from) is connected via ethernet, and the connection does not drop. When using wi-fi, it is almost impossible to determine if there is a connection or not and further troubleshoot.

2019-09-23 09:09:47,720 - DEBUG - Successfully connected to qomui-service via DBus 2019-09-23 09:09:47,753 - DEBUG - Current configuration: {'auto_update': 1, 'ping': 1, 'dns_off': 0, 'ipv6_disable': 1, 'fw_gui_only': 1, 'log_level': 'Info', 'minimize': 1, 'firewall': 1, 'no_dnsmasq': 0, 'bypass': 0, 'block_lan': 1, 'alt_dns1': '208.67.222.222', 'autoconnect': 1, 'preserve_rules': 1, 'alt_dns2': '208.67.220.220', 'alt_dns': 0} 2019-09-23 09:09:47,755 - INFO - Qomui version 0.8.3 2019-09-23 09:09:47,760 - WARNING - [Errno 2] No such file or directory: '/home/user1/.qomui/bypass_apps.json': Could not open /home/user1/.qomui/bypass_apps.json 2019-09-23 09:09:47,761 - WARNING - [Errno 2] No such file or directory: '/home/user1/.qomui/profile.json': Could not open /home/user1/.qomui/profile.json 2019-09-23 09:09:47,766 - INFO - Disabled ipv6 2019-09-23 09:09:47,772 - INFO - ipv6 stack not available 2019-09-23 09:09:47,797 - INFO - ipv6 stack not available 2019-09-23 09:09:47,798 - INFO - iptables: flushed existing rules 2019-09-23 09:09:47,805 - INFO - ipv6 stack not available 2019-09-23 09:09:47,820 - INFO - ipv6 stack not available 2019-09-23 09:09:47,833 - INFO - ipv6 stack not available 2019-09-23 09:09:47,950 - INFO - ipv6 stack not available 2019-09-23 09:09:47,951 - INFO - iptables: activated firewall 2019-09-23 09:09:47,952 - INFO - Total number of server: 474 2019-09-23 09:09:49,416 - ERROR - Could not identify default gateway for ipv6 - no network connectivity 2019-09-23 09:09:49,419 - INFO - Detected new network connection 2019-09-23 09:09:49,449 - INFO - Connecting to us-free-02-ProtonVPN-Free.... 2019-09-23 09:09:49,470 - INFO - iptables: created rule for 108.59.0.40 2019-09-23 09:09:49,474 - INFO - Establishing new OpenVPN tunnel 2019-09-23 09:09:49,475 - INFO - Establishing connection to us-free-02-ProtonVPN-Free 2019-09-23 09:09:49,491 - WARNING - iptables: failed to apply ['-t', 'mangle', '-D', 'OUTPUT', '-m', 'cgroup', '--cgroup', '0x00110011', '-j', 'MARK', '--set-mark', '11'] 2019-09-23 09:09:49,503 - WARNING - iptables: failed to apply ['-t', 'nat', '-D', 'POSTROUTING', '-m', 'cgroup', '--cgroup', '0x00110011', '-o', 'enp0s25', '-j', 'MASQUERADE'] 2019-09-23 09:09:49,515 - WARNING - iptables: failed to apply ['-D', 'OUTPUT', '-m', 'cgroup', '--cgroup', '0x00110011', '-j', 'ACCEPT'] 2019-09-23 09:09:49,525 - WARNING - iptables: failed to apply ['-D', 'INPUT', '-m', 'cgroup', '--cgroup', '0x00110011', '-j', 'ACCEPT'] 2019-09-23 09:09:49,536 - WARNING - iptables: failed to apply ['-t', 'nat', '-D', 'OUTPUT', '-m', 'cgroup', '--cgroup', '0x00110011', '-p', 'tcp', '--dport', '53', '-j', 'REDIRECT', '--to-ports', '5354'] 2019-09-23 09:09:49,546 - WARNING - iptables: failed to apply ['-t', 'nat', '-D', 'OUTPUT', '-m', 'cgroup', '--cgroup', '0x00110011', '-p', 'udp', '--dport', '53', '-j', 'REDIRECT', '--to-ports', '5354'] 2019-09-23 09:09:49,547 - INFO - ipv6 stack not available 2019-09-23 09:09:49,548 - INFO - Deleted cgroup 2019-09-23 09:09:49,552 - INFO - OpenVPN: OpenVPN 2.3.10 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Jan 9 2019 2019-09-23 09:09:49,552 - INFO - OpenVPN: library versions: OpenSSL 1.0.2g 1 Mar 2016, LZO 2.08 2019-09-23 09:09:49,552 - INFO - OpenVPN: Control Channel Authentication: using '/usr/share/qomui/ProtonVPN/proton_ta.key' as a OpenVPN static key file 2019-09-23 09:09:49,553 - INFO - OpenVPN: Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication 2019-09-23 09:09:49,553 - INFO - OpenVPN: Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication 2019-09-23 09:09:49,553 - INFO - OpenVPN: Socket Buffers: R=[212992->212992] S=[212992->212992] 2019-09-23 09:09:49,554 - INFO - OpenVPN: UDPv4 link local: [undef] 2019-09-23 09:09:49,554 - INFO - OpenVPN: UDPv4 link remote: [AF_INET]108.59.0.40:1194 2019-09-23 09:09:49,589 - INFO - OpenVPN: TLS: Initial packet from [AF_INET]108.59.0.40:1194, sid=cf681f86 c2ba5f49 2019-09-23 09:09:49,589 - INFO - OpenVPN: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this 2019-09-23 09:09:49,820 - INFO - OpenVPN: VERIFY OK: depth=2, C=CH, O=ProtonVPN AG, CN=ProtonVPN Root CA 2019-09-23 09:09:49,820 - INFO - OpenVPN: VERIFY OK: depth=1, C=CH, O=ProtonVPN AG, CN=ProtonVPN Intermediate CA 1 2019-09-23 09:09:49,821 - INFO - OpenVPN: Validating certificate key usage 2019-09-23 09:09:49,822 - INFO - OpenVPN: ++ Certificate has key usage 00a0, expects 00a0 2019-09-23 09:09:49,822 - INFO - OpenVPN: VERIFY KU OK 2019-09-23 09:09:49,822 - INFO - OpenVPN: Validating certificate extended key usage 2019-09-23 09:09:49,823 - INFO - OpenVPN: ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication 2019-09-23 09:09:49,823 - INFO - OpenVPN: VERIFY EKU OK 2019-09-23 09:09:49,823 - INFO - OpenVPN: VERIFY OK: depth=0, CN=us-va-104.protonvpn.com 2019-09-23 09:09:50,052 - INFO - OpenVPN: Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key 2019-09-23 09:09:50,052 - INFO - OpenVPN: Data Channel Encrypt: Using 512 bit message hash 'SHA512' for HMAC authentication 2019-09-23 09:09:50,053 - INFO - OpenVPN: Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key 2019-09-23 09:09:50,053 - INFO - OpenVPN: Data Channel Decrypt: Using 512 bit message hash 'SHA512' for HMAC authentication 2019-09-23 09:09:50,053 - INFO - OpenVPN: Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 4096 bit RSA 2019-09-23 09:09:50,053 - INFO - OpenVPN: [us-va-104.protonvpn.com] Peer Connection Initiated with [AF_INET]108.59.0.40:1194 2019-09-23 09:09:52,162 - INFO - OpenVPN: SENT CONTROL [us-va-104.protonvpn.com]: 'PUSH_REQUEST' (status=1) 2019-09-23 09:09:52,271 - INFO - OpenVPN: PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.8.8.1,sndbuf 524288,rcvbuf 524288,explicit-exit-notify,comp-lzo no,route-gateway 10.8.8.1,topology subnet,ping 10,ping-restart 60,ifconfig 10.8.8.3 255.255.255.0,peer-id 7' 2019-09-23 09:09:52,272 - INFO - OpenVPN: OPTIONS IMPORT: timers and/or timeouts modified 2019-09-23 09:09:52,272 - INFO - OpenVPN: OPTIONS IMPORT: explicit notify parm(s) modified 2019-09-23 09:09:52,273 - INFO - OpenVPN: OPTIONS IMPORT: LZO parms modified 2019-09-23 09:09:52,273 - INFO - OpenVPN: OPTIONS IMPORT: --sndbuf/--rcvbuf options modified 2019-09-23 09:09:52,273 - INFO - OpenVPN: Socket Buffers: R=[212992->425984] S=[212992->425984] 2019-09-23 09:09:52,273 - INFO - OpenVPN: OPTIONS IMPORT: --ifconfig/up options modified 2019-09-23 09:09:52,274 - INFO - OpenVPN: OPTIONS IMPORT: route options modified 2019-09-23 09:09:52,274 - INFO - OpenVPN: OPTIONS IMPORT: route-related options modified 2019-09-23 09:09:52,274 - INFO - OpenVPN: OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified 2019-09-23 09:09:52,274 - INFO - OpenVPN: OPTIONS IMPORT: peer-id set 2019-09-23 09:09:52,275 - INFO - OpenVPN: OPTIONS IMPORT: adjusting link_mtu to 1637 2019-09-23 09:09:52,275 - INFO - OpenVPN: ROUTE_GATEWAY 192.168.0.1/255.255.255.0 IFACE=enp0s25 HWADDR=00:24:e8:08:c6:44 2019-09-23 09:09:52,275 - INFO - OpenVPN: TUN/TAP device tun0 opened 2019-09-23 09:09:52,276 - INFO - OpenVPN: TUN/TAP TX queue length set to 100 2019-09-23 09:09:52,276 - INFO - OpenVPN: do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0 2019-09-23 09:09:52,276 - INFO - OpenVPN: /sbin/ip link set dev tun0 up mtu 1500 2019-09-23 09:09:52,282 - INFO - OpenVPN: /sbin/ip addr add dev tun0 10.8.8.3/24 broadcast 10.8.8.255 2019-09-23 09:09:52,283 - INFO - OpenVPN: /sbin/ip route add 108.59.0.40/32 via 192.168.0.1 2019-09-23 09:09:52,283 - INFO - OpenVPN: /sbin/ip route add 0.0.0.0/1 via 10.8.8.1 2019-09-23 09:09:52,283 - INFO - OpenVPN: /sbin/ip route add 128.0.0.0/1 via 10.8.8.1 2019-09-23 09:09:52,284 - INFO - OpenVPN: Initialization Sequence Completed 2019-09-23 09:09:52,285 - INFO - Successfully connected to us-free-02-ProtonVPN-Free 2019-09-23 09:09:52,315 - INFO - DNS: Set 10.8.8.1 and None as dns servers via systemd-resolve 2019-09-23 09:09:52,323 - WARNING - Desktop notifications not available 2019-09-23 09:09:52,430 - ERROR - Import Error: QtWebEngine is not available 2019-09-23 09:10:04,537 - INFO - Configuration changes applied successfully 2019-09-23 09:10:04,544 - INFO - Disabled ipv6 2019-09-23 09:10:04,549 - INFO - ipv6 stack not available 2019-09-23 09:10:04,575 - INFO - ipv6 stack not available 2019-09-23 09:10:04,576 - INFO - iptables: flushed existing rules 2019-09-23 09:10:04,589 - INFO - ipv6 stack not available 2019-09-23 09:10:04,590 - INFO - iptables: deactivated firewall 2019-09-23 09:10:04,603 - WARNING - iptables: failed to apply ['-t', 'mangle', '-D', 'OUTPUT', '-m', 'cgroup', '--cgroup', '0x00110011', '-j', 'MARK', '--set-mark', '11'] 2019-09-23 09:10:04,613 - WARNING - iptables: failed to apply ['-t', 'nat', '-D', 'POSTROUTING', '-m', 'cgroup', '--cgroup', '0x00110011', '-o', 'enp0s25', '-j', 'MASQUERADE'] 2019-09-23 09:10:04,624 - WARNING - iptables: failed to apply ['-D', 'OUTPUT', '-m', 'cgroup', '--cgroup', '0x00110011', '-j', 'ACCEPT'] 2019-09-23 09:10:04,635 - WARNING - iptables: failed to apply ['-D', 'INPUT', '-m', 'cgroup', '--cgroup', '0x00110011', '-j', 'ACCEPT'] 2019-09-23 09:10:04,645 - WARNING - iptables: failed to apply ['-t', 'nat', '-D', 'OUTPUT', '-m', 'cgroup', '--cgroup', '0x00110011', '-p', 'tcp', '--dport', '53', '-j', 'REDIRECT', '--to-ports', '5354'] 2019-09-23 09:10:04,655 - WARNING - iptables: failed to apply ['-t', 'nat', '-D', 'OUTPUT', '-m', 'cgroup', '--cgroup', '0x00110011', '-p', 'udp', '--dport', '53', '-j', 'REDIRECT', '--to-ports', '5354'] 2019-09-23 09:10:04,656 - INFO - ipv6 stack not available 2019-09-23 09:10:04,657 - INFO - Deleted cgroup 2019-09-23 09:10:04,666 - WARNING - Desktop notifications not available 2019-09-23 09:10:11,169 - WARNING - Detected enable firewall service: ufw 2019-09-23 09:10:11,197 - WARNING - Desktop notifications not available 2019-09-23 09:10:24,513 - INFO - Configuration changes applied successfully 2019-09-23 09:10:24,519 - INFO - Disabled ipv6 2019-09-23 09:10:24,525 - INFO - ipv6 stack not available 2019-09-23 09:10:24,554 - INFO - ipv6 stack not available 2019-09-23 09:10:24,554 - INFO - iptables: flushed existing rules 2019-09-23 09:10:24,562 - INFO - ipv6 stack not available 2019-09-23 09:10:24,590 - INFO - ipv6 stack not available 2019-09-23 09:10:24,607 - INFO - ipv6 stack not available 2019-09-23 09:10:24,607 - INFO - iptables: deactivated firewall 2019-09-23 09:10:24,623 - WARNING - iptables: failed to apply ['-t', 'mangle', '-D', 'OUTPUT', '-m', 'cgroup', '--cgroup', '0x00110011', '-j', 'MARK', '--set-mark', '11'] 2019-09-23 09:10:24,632 - WARNING - iptables: failed to apply ['-t', 'nat', '-D', 'POSTROUTING', '-m', 'cgroup', '--cgroup', '0x00110011', '-o', 'enp0s25', '-j', 'MASQUERADE'] 2019-09-23 09:10:24,641 - WARNING - iptables: failed to apply ['-D', 'OUTPUT', '-m', 'cgroup', '--cgroup', '0x00110011', '-j', 'ACCEPT'] 2019-09-23 09:10:24,651 - WARNING - iptables: failed to apply ['-D', 'INPUT', '-m', 'cgroup', '--cgroup', '0x00110011', '-j', 'ACCEPT'] 2019-09-23 09:10:24,661 - WARNING - iptables: failed to apply ['-t', 'nat', '-D', 'OUTPUT', '-m', 'cgroup', '--cgroup', '0x00110011', '-p', 'tcp', '--dport', '53', '-j', 'REDIRECT', '--to-ports', '5354'] 2019-09-23 09:10:24,671 - WARNING - iptables: failed to apply ['-t', 'nat', '-D', 'OUTPUT', '-m', 'cgroup', '--cgroup', '0x00110011', '-p', 'udp', '--dport', '53', '-j', 'REDIRECT', '--to-ports', '5354'] 2019-09-23 09:10:24,672 - INFO - ipv6 stack not available 2019-09-23 09:10:24,672 - INFO - Deleted cgroup 2019-09-23 09:10:24,681 - WARNING - Desktop notifications not available 2019-09-23 09:11:14,609 - WARNING - Detected enable firewall service: ufw 2019-09-23 09:11:14,632 - WARNING - Desktop notifications not available 2019-09-23 09:11:57,250 - INFO - Configuration changes applied successfully 2019-09-23 09:11:57,256 - INFO - Disabled ipv6 2019-09-23 09:11:57,263 - INFO - ipv6 stack not available 2019-09-23 09:11:57,292 - INFO - ipv6 stack not available 2019-09-23 09:11:57,293 - INFO - iptables: flushed existing rules 2019-09-23 09:11:57,300 - INFO - ipv6 stack not available 2019-09-23 09:11:57,331 - INFO - ipv6 stack not available 2019-09-23 09:11:57,345 - INFO - ipv6 stack not available 2019-09-23 09:11:57,346 - INFO - iptables: deactivated firewall 2019-09-23 09:11:57,363 - WARNING - iptables: failed to apply ['-t', 'mangle', '-D', 'OUTPUT', '-m', 'cgroup', '--cgroup', '0x00110011', '-j', 'MARK', '--set-mark', '11'] 2019-09-23 09:11:57,373 - WARNING - iptables: failed to apply ['-t', 'nat', '-D', 'POSTROUTING', '-m', 'cgroup', '--cgroup', '0x00110011', '-o', 'enp0s25', '-j', 'MASQUERADE'] 2019-09-23 09:11:57,383 - WARNING - iptables: failed to apply ['-D', 'OUTPUT', '-m', 'cgroup', '--cgroup', '0x00110011', '-j', 'ACCEPT'] 2019-09-23 09:11:57,393 - WARNING - iptables: failed to apply ['-D', 'INPUT', '-m', 'cgroup', '--cgroup', '0x00110011', '-j', 'ACCEPT'] 2019-09-23 09:11:57,404 - WARNING - iptables: failed to apply ['-t', 'nat', '-D', 'OUTPUT', '-m', 'cgroup', '--cgroup', '0x00110011', '-p', 'tcp', '--dport', '53', '-j', 'REDIRECT', '--to-ports', '5354'] 2019-09-23 09:11:57,415 - WARNING - iptables: failed to apply ['-t', 'nat', '-D', 'OUTPUT', '-m', 'cgroup', '--cgroup', '0x00110011', '-p', 'udp', '--dport', '53', '-j', 'REDIRECT', '--to-ports', '5354'] 2019-09-23 09:11:57,416 - INFO - ipv6 stack not available 2019-09-23 09:11:57,416 - INFO - Deleted cgroup 2019-09-23 09:11:57,425 - WARNING - Desktop notifications not available``