portmaster
portmaster copied to clipboard
Published
20 hours ago •
safing
safing
Global and App Incoming Rules - filter configuration and functionality seems part broken.
What happened: Incoming LAN UDP connections are dropped despite have a Global incoming "Allow" "LAN" filter.
Also when I attempt to add allow the filters below, at Global and App level, to try to fix this, via the Advanced interface, all were rejected, which appears to contradict https://docs.safing.io/portmaster/settings#filter/serviceEndpoints: e.g. "Allow" filter "UDP/1-65535,LAN" e.g. "Allow" filter "UDP/*,LAN" e.g. "Allow" filter "UDP,LAN"
What did you expect to happen?: All incoming UDP and TCP connections, from all LAN address, for all ports, should be allowed when an "Allow" "LAN" filter is present.
The incoming filter configuration, should accept all the documented filter terms, beyond just an IP address, IP address mask or IP address mask label i.e. by protocol and/or port/port-range too.
How did you reproduce it?: Wait until I see an incoming LAN device connection be dropped.
Trying again to add a now incoming filter which is not just an IP address, IP address mask or IP address mask label.
Debug Information: MATE desktop
Version 1.0.0
Portmaster
version 1.0.0
commit tags/v1.0.0-0-g6868333425ff0c4ab25bba19e22f560da6eaced0
built with go1.19 (gc) linux/amd64
using options main.go
by user@docker
on 18.10.2022
Licensed under the AGPLv3 license.
The source code is available here: https://github.com/safing/portmaster
Platform: linuxmint 21
System: linuxmint linux (debian) 21
Kernel: 5.15.0-52-generic x86_64
Status: Trusted
ActiveSecurityLevel: Trusted
SelectedSecurityLevel: Off
ThreatMitigationLevel: Trusted
CaptivePortal:
OnlineStatus: Online
Config: 7
core/expertiseLevel: expert
dns/nameservers: [redacted]
filter/askWithSystemNotifications: true
filter/blockInbound: 7
filter/endpoints: [redacted]
filter/lists: []
filter/serviceEndpoints: [redacted]
Resolvers: 2/2
192.168.1.130 (dns://192.168.1.130:53#system)
dns://192.168.1.130:53#system
Failing: false
79.79.79.80 (dns://79.79.79.80:53#system)
dns://79.79.79.80:53#system
Failing: false
SPN: disabled (module disabled)
HomeHubID:
HomeHubName:
HomeHubIP:
Transport:
---
Client: true
PublicHub: false
HubHasIPv4: false
HubHasIPv6: false
Compatibility: IPTables Chains (41)
v4
filter
INPUT
FORWARD
OUTPUT
DOCKER
DOCKER-ISOLATION-STAGE-1
DOCKER-ISOLATION-STAGE-2
DOCKER-USER
PORTMASTER-FILTER
nat
PREROUTING
INPUT
OUTPUT
POSTROUTING
DOCKER
PORTMASTER-REDIRECT
mangle
PREROUTING
INPUT
FORWARD
OUTPUT
POSTROUTING
PORTMASTER-INGEST-INPUT
PORTMASTER-INGEST-OUTPUT
raw
PREROUTING
OUTPUT
v6
filter
INPUT
FORWARD
OUTPUT
PORTMASTER-FILTER
nat
PREROUTING
INPUT
OUTPUT
POSTROUTING
PORTMASTER-REDIRECT
mangle
PREROUTING
INPUT
FORWARD
OUTPUT
POSTROUTING
PORTMASTER-INGEST-INPUT
PORTMASTER-INGEST-OUTPUT
raw
PREROUTING
OUTPUT
No Module Error
Unexpected Logs
221024 18:24:06.205 /resolvers:388 ▶ WARN 018 resolver: no (valid) dns server found in config or system, falling back to global defaults
221024 18:24:10.926 oc/findpid:138 ▶ WARN 020 proc: could not get entries from directory /proc/1691/fd: readdirent /proc/1691/fd: no such file or directory
221024 18:24:10.936 oc/findpid:138 ▶ WARN 022 proc: could not get entries from directory /proc/1691/fd: readdirent /proc/1691/fd: no such file or directory
221024 18:24:10.968 oc/findpid:138 ▶ WARN 024 proc: could not get entries from directory /proc/1676/fd: readdirent /proc/1676/fd: no such file or directory
221024 18:24:11.788 oc/findpid:138 ▶ WARN 026 proc: could not get entries from directory /proc/1901/fd: readdirent /proc/1901/fd: no such file or directory
221024 18:24:12.044 oc/findpid:138 ▶ WARN 028 proc: could not get entries from directory /proc/2019/fd: readdirent /proc/2019/fd: no such file or directory
221024 18:24:12.913 r/electron:050 ▶ ERRO 030 Failed to set SUID permissions for chrome-sandbox. This is required for Linux kernel versions that do not have unprivileged user namespaces (CONFIG_USER_NS_UNPRIVILEGED) enabled. If you're running and up-to-date distribution kernel you can likely ignore this warning. If you encounter issue starting the user interface please either update your kernel or set the SUID bit (mode 040000755) on /opt/safing/portmaster/updates/linux_amd64/app/portmaster-app_v0-2-5/chrome-sandbox
221024 18:24:12.913 s/upgrader:074 ▶ WARN 032 updates: failed to handle electron upgrade: failed to chmod: chmod /opt/safing/portmaster/updates/linux_amd64/app/portmaster-app_v0-2-5/chrome-sandbox: operation not permitted
221028 11:25:02.456 er/resolve:277 ▶ WARN 034 resolver: async query for securepubads.g.doubleclick.net.A failed: query was blocked by upstream DNS resolver 192.168.1.130 (dns://192.168.1.130:53#system)
221028 11:25:02.630 er/resolve:277 ▶ WARN 036 resolver: async query for www.google-analytics.com.A failed: query was blocked by upstream DNS resolver 192.168.1.130 (dns://192.168.1.130:53#system)
221107 19:45:41.978 CURRENT TIME
Goroutine Stack
goroutine profile: total 95
34 @ 0x439e76 0x449d3c 0x7aa166 0x7aa756 0x468c81
# 0x7aa165 github.com/safing/portbase/api.(*DatabaseAPI).processSub+0x225 /home/user/git/safing/portbase/api/database.go:411
# 0x7aa755 github.com/safing/portbase/api.(*DatabaseAPI).handleQsub+0xd5 /home/user/git/safing/portbase/api/database.go:474
4 @ 0x439e76 0x40665b 0x406158 0xc7bdf3 0x468c81
# 0xc7bdf2 github.com/florianl/go-nfqueue.(*Nfqueue).socketCallback.func2+0x72 /home/user/go/pkg/mod/github.com/florianl/[email protected]/nfqueue.go:337
4 @ 0x439e76 0x432717 0x463349 0x4995b2 0x49e9a5 0x49e989 0x4a7796 0xc6496a 0xc6424c 0xc69025 0xc6824d 0xc67ed3 0xc67d99 0xc7b9f7 0xc7a9b2 0x468c81
# 0x463348 internal/poll.runtime_pollWait+0x88 /usr/local/go/src/runtime/netpoll.go:305
# 0x4995b1 internal/poll.(*pollDesc).wait+0x31 /usr/local/go/src/internal/poll/fd_poll_runtime.go:84
# 0x49e9a4 internal/poll.(*pollDesc).waitRead+0x144 /usr/local/go/src/internal/poll/fd_poll_runtime.go:89
# 0x49e988 internal/poll.(*FD).RawRead+0x128 /usr/local/go/src/internal/poll/fd_unix.go:766
# 0x4a7795 os.(*rawConn).Read+0x55 /usr/local/go/src/os/rawconn.go:31
# 0xc64969 github.com/mdlayher/socket.(*Conn).read+0xe9 /home/user/go/pkg/mod/github.com/mdlayher/[email protected]/conn.go:576
# 0xc6424b github.com/mdlayher/socket.(*Conn).Recvmsg+0x1eb /home/user/go/pkg/mod/github.com/mdlayher/[email protected]/conn.go:497
# 0xc69024 github.com/mdlayher/netlink.(*conn).Receive+0xa4 /home/user/go/pkg/mod/github.com/mdlayher/[email protected]/conn_linux.go:127
# 0xc6824c github.com/mdlayher/netlink.(*Conn).receive+0x6c /home/user/go/pkg/mod/github.com/mdlayher/[email protected]/conn.go:279
# 0xc67ed2 github.com/mdlayher/netlink.(*Conn).lockedReceive+0x32 /home/user/go/pkg/mod/github.com/mdlayher/[email protected]/conn.go:238
# 0xc67d98 github.com/mdlayher/netlink.(*Conn).Receive+0x98 /home/user/go/pkg/mod/github.com/mdlayher/[email protected]/conn.go:231
# 0xc7b9f6 github.com/florianl/go-nfqueue.(*Nfqueue).socketCallback+0x176 /home/user/go/pkg/mod/github.com/florianl/[email protected]/nfqueue.go:348
# 0xc7a9b1 github.com/florianl/go-nfqueue.(*Nfqueue).RegisterWithErrorFunc.func1+0x71 /home/user/go/pkg/mod/github.com/florianl/[email protected]/nfqueue.go:157
4 @ 0x439e76 0x449d3c 0x7aa166 0x7a9d92 0x468c81
# 0x7aa165 github.com/safing/portbase/api.(*DatabaseAPI).processSub+0x225 /home/user/git/safing/portbase/api/database.go:411
# 0x7a9d91 github.com/safing/portbase/api.(*DatabaseAPI).handleSub+0x91 /home/user/git/safing/portbase/api/database.go:383
4 @ 0x439e76 0x449d3c 0xc7c9f6 0x468c81
# 0xc7c9f5 github.com/safing/portmaster/firewall/interception/nfq.New.func1+0x95 /home/user/git/safing/portmaster/firewall/interception/nfq/nfq.go:66
2 @ 0x439e76 0x432717 0x463349 0x4995b2 0x49a6fa 0x49a6e8 0x5bc7a9 0x5ca6e5 0x63a49f 0x63a5fd 0x79808c 0x79a1bb 0x79b1ec 0x79b7f9 0x7a77e5 0x75e213 0x75d7b7 0x75d5aa 0x468c81
# 0x463348 internal/poll.runtime_pollWait+0x88 /usr/local/go/src/runtime/netpoll.go:305
# 0x4995b1 internal/poll.(*pollDesc).wait+0x31 /usr/local/go/src/internal/poll/fd_poll_runtime.go:84
# 0x49a6f9 internal/poll.(*pollDesc).waitRead+0x259 /usr/local/go/src/internal/poll/fd_poll_runtime.go:89
# 0x49a6e7 internal/poll.(*FD).Read+0x247 /usr/local/go/src/internal/poll/fd_unix.go:167
# 0x5bc7a8 net.(*netFD).Read+0x28 /usr/local/go/src/net/fd_posix.go:55
# 0x5ca6e4 net.(*conn).Read+0x44 /usr/local/go/src/net/net.go:183
# 0x63a49e bufio.(*Reader).fill+0xfe /usr/local/go/src/bufio/bufio.go:106
# 0x63a5fc bufio.(*Reader).Peek+0x5c /usr/local/go/src/bufio/bufio.go:144
# 0x79808b github.com/gorilla/websocket.(*Conn).read+0x2b /home/user/go/pkg/mod/github.com/gorilla/[email protected]/conn.go:371
# 0x79a1ba github.com/gorilla/websocket.(*Conn).advanceFrame+0x7a /home/user/go/pkg/mod/github.com/gorilla/[email protected]/conn.go:809
# 0x79b1eb github.com/gorilla/websocket.(*Conn).NextReader+0xcb /home/user/go/pkg/mod/github.com/gorilla/[email protected]/conn.go:1009
# 0x79b7f8 github.com/gorilla/websocket.(*Conn).ReadMessage+0x18 /home/user/go/pkg/mod/github.com/gorilla/[email protected]/conn.go:1093
# 0x7a77e4 github.com/safing/portbase/api.(*DatabaseAPI).handler+0x44 /home/user/git/safing/portbase/api/database.go:146
# 0x75e212 github.com/safing/portbase/modules.(*Module).runWorker+0x92 /home/user/git/safing/portbase/modules/worker.go:128
# 0x75d7b6 github.com/safing/portbase/modules.(*Module).RunWorker+0x76 /home/user/git/safing/portbase/modules/worker.go:52
# 0x75d5a9 github.com/safing/portbase/modules.(*Module).StartWorker.func1+0x49 /home/user/git/safing/portbase/modules/worker.go:27
2 @ 0x439e76 0x432717 0x463349 0x4995b2 0x49a6fa 0x49a6e8 0x5bc7a9 0x5ca6e5 0x69e931 0x63a49f 0x63a5fd 0x69fe78 0x6a4405 0x468c81
# 0x463348 internal/poll.runtime_pollWait+0x88 /usr/local/go/src/runtime/netpoll.go:305
# 0x4995b1 internal/poll.(*pollDesc).wait+0x31 /usr/local/go/src/internal/poll/fd_poll_runtime.go:84
# 0x49a6f9 internal/poll.(*pollDesc).waitRead+0x259 /usr/local/go/src/internal/poll/fd_poll_runtime.go:89
# 0x49a6e7 internal/poll.(*FD).Read+0x247 /usr/local/go/src/internal/poll/fd_unix.go:167
# 0x5bc7a8 net.(*netFD).Read+0x28 /usr/local/go/src/net/fd_posix.go:55
# 0x5ca6e4 net.(*conn).Read+0x44 /usr/local/go/src/net/net.go:183
# 0x69e930 net/http.(*connReader).Read+0x170 /usr/local/go/src/net/http/server.go:786
# 0x63a49e bufio.(*Reader).fill+0xfe /usr/local/go/src/bufio/bufio.go:106
# 0x63a5fc bufio.(*Reader).Peek+0x5c /usr/local/go/src/bufio/bufio.go:144
# 0x69fe77 net/http.(*conn).readRequest+0x1f7 /usr/local/go/src/net/http/server.go:991
# 0x6a4404 net/http.(*conn).serve+0x344 /usr/local/go/src/net/http/server.go:1916
2 @ 0x439e76 0x449d3c 0x74ec45 0x75e213 0x75dbf6 0x468c81
# 0x74ec44 github.com/safing/portbase/database.(*Interface).DelayedCacheWriter+0x184 /home/user/git/safing/portbase/database/interface_cache.go:34
# 0x75e212 github.com/safing/portbase/modules.(*Module).runWorker+0x92 /home/user/git/safing/portbase/modules/worker.go:128
# 0x75dbf5 github.com/safing/portbase/modules.(*Module).runServiceWorker+0x135 /home/user/git/safing/portbase/modules/worker.go:83
2 @ 0x439e76 0x449d3c 0x794c26 0x75e213 0x75dbf6 0x468c81
# 0x794c25 github.com/safing/portbase/rng.(*Feeder).run+0x165 /home/user/git/safing/portbase/rng/entropy.go:117
# 0x75e212 github.com/safing/portbase/modules.(*Module).runWorker+0x92 /home/user/git/safing/portbase/modules/worker.go:128
# 0x75dbf5 github.com/safing/portbase/modules.(*Module).runServiceWorker+0x135 /home/user/git/safing/portbase/modules/worker.go:83
2 @ 0x439e76 0x449d3c 0x7a899e 0x75e213 0x75d7b7 0x75d5aa 0x468c81
# 0x7a899d github.com/safing/portbase/api.(*DatabaseAPI).writer+0xdd /home/user/git/safing/portbase/api/database.go:213
# 0x75e212 github.com/safing/portbase/modules.(*Module).runWorker+0x92 /home/user/git/safing/portbase/modules/worker.go:128
# 0x75d7b6 github.com/safing/portbase/modules.(*Module).RunWorker+0x76 /home/user/git/safing/portbase/modules/worker.go:52
# 0x75d5a9 github.com/safing/portbase/modules.(*Module).StartWorker.func1+0x49 /home/user/git/safing/portbase/modules/worker.go:27
1 @ 0x40bb34 0x46536f 0x7c3d39 0x468c81
# 0x46536e os/signal.signal_recv+0x2e /usr/local/go/src/runtime/sigqueue.go:152
# 0x7c3d38 os/signal.loop+0x18 /usr/local/go/src/os/signal/signal_unix.go:23
1 @ 0x42f1f6 0x462ea5 0x765a15 0x76582d 0x7627ab 0x77e765 0xc60ba5 0x7ad858 0x7ad089 0x7b2113 0x7b0cc9 0x75e213 0x75d7b7 0x7b0c4d 0x6a87ac 0x6a46c7 0x468c81
# 0x462ea4 runtime/pprof.runtime_goroutineProfileWithLabels+0x24 /usr/local/go/src/runtime/mprof.go:846
# 0x765a14 runtime/pprof.writeRuntimeProfile+0xb4 /usr/local/go/src/runtime/pprof/pprof.go:723
# 0x76582c runtime/pprof.writeGoroutine+0x4c /usr/local/go/src/runtime/pprof/pprof.go:683
# 0x7627aa runtime/pprof.(*Profile).WriteTo+0x14a /usr/local/go/src/runtime/pprof/pprof.go:330
# 0x77e764 github.com/safing/portbase/utils/debug.(*Info).AddGoroutineStack+0x64 /home/user/git/safing/portbase/utils/debug/debug.go:133
# 0xc60ba4 github.com/safing/portmaster/core.debugInfo+0x124 /home/user/git/safing/portmaster/core/api.go:149
# 0x7ad857 github.com/safing/portbase/api.(*Endpoint).ServeHTTP+0x757 /home/user/git/safing/portbase/api/endpoints.go:442
# 0x7ad088 github.com/safing/portbase/api.(*endpointHandler).ServeHTTP+0x48 /home/user/git/safing/portbase/api/endpoints.go:358
# 0x7b2112 github.com/safing/portbase/api.(*mainHandler).handle+0x1432 /home/user/git/safing/portbase/api/router.go:278
# 0x7b0cc8 github.com/safing/portbase/api.(*mainHandler).ServeHTTP.func1+0x28 /home/user/git/safing/portbase/api/router.go:84
# 0x75e212 github.com/safing/portbase/modules.(*Module).runWorker+0x92 /home/user/git/safing/portbase/modules/worker.go:128
# 0x75d7b6 github.com/safing/portbase/modules.(*Module).RunWorker+0x76 /home/user/git/safing/portbase/modules/worker.go:52
# 0x7b0c4c github.com/safing/portbase/api.(*mainHandler).ServeHTTP+0x6c /home/user/git/safing/portbase/api/router.go:83
# 0x6a87ab net/http.serverHandler.ServeHTTP+0x30b /usr/local/go/src/net/http/server.go:2947
# 0x6a46c6 net/http.(*conn).serve+0x606 /usr/local/go/src/net/http/server.go:1991
1 @ 0x439e76 0x40665b 0x406158 0x907612 0x468c81
# 0x907611 github.com/godbus/dbus/v5.newConn.func1+0x31 /home/user/go/pkg/mod/github.com/godbus/dbus/[email protected]/conn.go:303
1 @ 0x439e76 0x40665b 0x406158 0x9cbe3a 0x75e213 0x75dbf6 0x468c81
# 0x9cbe39 github.com/safing/portmaster/resolver.listenToMDNS+0x619 /home/user/git/safing/portmaster/resolver/resolver-mdns.go:144
# 0x75e212 github.com/safing/portbase/modules.(*Module).runWorker+0x92 /home/user/git/safing/portbase/modules/worker.go:128
# 0x75dbf5 github.com/safing/portbase/modules.(*Module).runServiceWorker+0x135 /home/user/git/safing/portbase/modules/worker.go:83
1 @ 0x439e76 0x432717 0x463349 0x4995b2 0x49a6fa 0x49a6e8 0x5bc7a9 0x5ca6e5 0x69e45f 0x468c81
# 0x463348 internal/poll.runtime_pollWait+0x88 /usr/local/go/src/runtime/netpoll.go:305
# 0x4995b1 internal/poll.(*pollDesc).wait+0x31 /usr/local/go/src/internal/poll/fd_poll_runtime.go:84
# 0x49a6f9 internal/poll.(*pollDesc).waitRead+0x259 /usr/local/go/src/internal/poll/fd_poll_runtime.go:89
# 0x49a6e7 internal/poll.(*FD).Read+0x247 /usr/local/go/src/internal/poll/fd_unix.go:167
# 0x5bc7a8 net.(*netFD).Read+0x28 /usr/local/go/src/net/fd_posix.go:55
# 0x5ca6e4 net.(*conn).Read+0x44 /usr/local/go/src/net/net.go:183
# 0x69e45e net/http.(*connReader).backgroundRead+0x3e /usr/local/go/src/net/http/server.go:678
1 @ 0x439e76 0x432717 0x463349 0x4995b2 0x49a6fa 0x49a6e8 0x5bc7a9 0x5ca6e5 0x9cdd05 0x9cbf8e 0x75e213 0x75dbf6 0x468c81
# 0x463348 internal/poll.runtime_pollWait+0x88 /usr/local/go/src/runtime/netpoll.go:305
# 0x4995b1 internal/poll.(*pollDesc).wait+0x31 /usr/local/go/src/internal/poll/fd_poll_runtime.go:84
# 0x49a6f9 internal/poll.(*pollDesc).waitRead+0x259 /usr/local/go/src/internal/poll/fd_poll_runtime.go:89
# 0x49a6e7 internal/poll.(*FD).Read+0x247 /usr/local/go/src/internal/poll/fd_unix.go:167
# 0x5bc7a8 net.(*netFD).Read+0x28 /usr/local/go/src/net/fd_posix.go:55
# 0x5ca6e4 net.(*conn).Read+0x44 /usr/local/go/src/net/net.go:183
# 0x9cdd04 github.com/safing/portmaster/resolver.listenForDNSPackets+0x84 /home/user/git/safing/portmaster/resolver/resolver-mdns.go:340
# 0x9cbf8d github.com/safing/portmaster/resolver.listenToMDNS.func7+0x2d /home/user/git/safing/portmaster/resolver/resolver-mdns.go:128
# 0x75e212 github.com/safing/portbase/modules.(*Module).runWorker+0x92 /home/user/git/safing/portbase/modules/worker.go:128
# 0x75dbf5 github.com/safing/portbase/modules.(*Module).runServiceWorker+0x135 /home/user/git/safing/portbase/modules/worker.go:83
1 @ 0x439e76 0x432717 0x463349 0x4995b2 0x49a6fa 0x49a6e8 0x5bc7a9 0x5ca6e5 0x9cdd05 0x9cc04e 0x75e213 0x75dbf6 0x468c81
# 0x463348 internal/poll.runtime_pollWait+0x88 /usr/local/go/src/runtime/netpoll.go:305
# 0x4995b1 internal/poll.(*pollDesc).wait+0x31 /usr/local/go/src/internal/poll/fd_poll_runtime.go:84
# 0x49a6f9 internal/poll.(*pollDesc).waitRead+0x259 /usr/local/go/src/internal/poll/fd_poll_runtime.go:89
# 0x49a6e7 internal/poll.(*FD).Read+0x247 /usr/local/go/src/internal/poll/fd_unix.go:167
# 0x5bc7a8 net.(*netFD).Read+0x28 /usr/local/go/src/net/fd_posix.go:55
# 0x5ca6e4 net.(*conn).Read+0x44 /usr/local/go/src/net/net.go:183
# 0x9cdd04 github.com/safing/portmaster/resolver.listenForDNSPackets+0x84 /home/user/git/safing/portmaster/resolver/resolver-mdns.go:340
# 0x9cc04d github.com/safing/portmaster/resolver.listenToMDNS.func3+0x2d /home/user/git/safing/portmaster/resolver/resolver-mdns.go:101
# 0x75e212 github.com/safing/portbase/modules.(*Module).runWorker+0x92 /home/user/git/safing/portbase/modules/worker.go:128
# 0x75dbf5 github.com/safing/portbase/modules.(*Module).runServiceWorker+0x135 /home/user/git/safing/portbase/modules/worker.go:83
1 @ 0x439e76 0x432717 0x463349 0x4995b2 0x49b83c 0x49b826 0x5bcc17 0x5d88ef 0x5d6fdc 0x91b525 0x4952da 0x91bb3e 0x91bb1c 0x907988 0x468c81
# 0x463348 internal/poll.runtime_pollWait+0x88 /usr/local/go/src/runtime/netpoll.go:305
# 0x4995b1 internal/poll.(*pollDesc).wait+0x31 /usr/local/go/src/internal/poll/fd_poll_runtime.go:84
# 0x49b83b internal/poll.(*pollDesc).waitRead+0x31b /usr/local/go/src/internal/poll/fd_poll_runtime.go:89
# 0x49b825 internal/poll.(*FD).ReadMsg+0x305 /usr/local/go/src/internal/poll/fd_unix.go:304
# 0x5bcc16 net.(*netFD).readMsg+0x36 /usr/local/go/src/net/fd_posix.go:78
# 0x5d88ee net.(*UnixConn).readMsg+0x4e /usr/local/go/src/net/unixsock_posix.go:115
# 0x5d6fdb net.(*UnixConn).ReadMsgUnix+0x3b /usr/local/go/src/net/unixsock.go:143
# 0x91b524 github.com/godbus/dbus/v5.(*oobReader).Read+0x44 /home/user/go/pkg/mod/github.com/godbus/dbus/[email protected]/transport_unix.go:21
# 0x4952d9 io.ReadAtLeast+0x99 /usr/local/go/src/io/io.go:332
# 0x91bb3d io.ReadFull+0x11d /usr/local/go/src/io/io.go:351
# 0x91bb1b github.com/godbus/dbus/v5.(*unixTransport).ReadMessage+0xfb /home/user/go/pkg/mod/github.com/godbus/dbus/[email protected]/transport_unix.go:91
# 0x907987 github.com/godbus/dbus/v5.(*Conn).inWorker+0x47 /home/user/go/pkg/mod/github.com/godbus/dbus/[email protected]/conn.go:390
1 @ 0x439e76 0x432717 0x463349 0x4995b2 0x49bd3d 0x49bd27 0x5bcd77 0x5d5f0b 0x5d43b3 0x5d428a 0x809ee7 0x7f8b50 0x7f60b9 0x7f7849 0x7f6875 0xc9380a 0x75e213 0x75dbf6 0x468c81
# 0x463348 internal/poll.runtime_pollWait+0x88 /usr/local/go/src/runtime/netpoll.go:305
# 0x4995b1 internal/poll.(*pollDesc).wait+0x31 /usr/local/go/src/internal/poll/fd_poll_runtime.go:84
# 0x49bd3c internal/poll.(*pollDesc).waitRead+0x2dc /usr/local/go/src/internal/poll/fd_poll_runtime.go:89
# 0x49bd26 internal/poll.(*FD).ReadMsgInet4+0x2c6 /usr/local/go/src/internal/poll/fd_unix.go:331
# 0x5bcd76 net.(*netFD).readMsgInet4+0x36 /usr/local/go/src/net/fd_posix.go:84
# 0x5d5f0a net.(*UDPConn).readMsg+0x16a /usr/local/go/src/net/udpsock_posix.go:101
# 0x5d43b2 net.(*UDPConn).ReadMsgUDPAddrPort+0x52 /usr/local/go/src/net/udpsock.go:203
# 0x5d4289 net.(*UDPConn).ReadMsgUDP+0x29 /usr/local/go/src/net/udpsock.go:191
# 0x809ee6 github.com/miekg/dns.ReadFromSessionUDP+0x86 /home/user/go/pkg/mod/github.com/miekg/[email protected]/udp.go:42
# 0x7f8b4f github.com/miekg/dns.(*Server).readUDP+0x10f /home/user/go/pkg/mod/github.com/miekg/[email protected]/server.go:695
# 0x7f60b8 github.com/miekg/dns.defaultReader.ReadUDP+0x18 /home/user/go/pkg/mod/github.com/miekg/[email protected]/server.go:174
# 0x7f7848 github.com/miekg/dns.(*Server).serveUDP+0x2a8 /home/user/go/pkg/mod/github.com/miekg/[email protected]/server.go:513
# 0x7f6874 github.com/miekg/dns.(*Server).ListenAndServe+0x514 /home/user/go/pkg/mod/github.com/miekg/[email protected]/server.go:342
# 0xc93809 github.com/safing/portmaster/nameserver.startListener.func1+0x249 /home/user/git/safing/portmaster/nameserver/module.go:147
# 0x75e212 github.com/safing/portbase/modules.(*Module).runWorker+0x92 /home/user/git/safing/portbase/modules/worker.go:128
# 0x75dbf5 github.com/safing/portbase/modules.(*Module).runServiceWorker+0x135 /home/user/git/safing/portbase/modules/worker.go:83
1 @ 0x439e76 0x432717 0x463349 0x4995b2 0x49c1fd 0x49c1e7 0x5bced7 0x5d5e45 0x5d43b3 0x5d428a 0x809ee7 0x7f8b50 0x7f60b9 0x7f7849 0x7f6875 0xc9380a 0x75e213 0x75dbf6 0x468c81
# 0x463348 internal/poll.runtime_pollWait+0x88 /usr/local/go/src/runtime/netpoll.go:305
# 0x4995b1 internal/poll.(*pollDesc).wait+0x31 /usr/local/go/src/internal/poll/fd_poll_runtime.go:84
# 0x49c1fc internal/poll.(*pollDesc).waitRead+0x2dc /usr/local/go/src/internal/poll/fd_poll_runtime.go:89
# 0x49c1e6 internal/poll.(*FD).ReadMsgInet6+0x2c6 /usr/local/go/src/internal/poll/fd_unix.go:358
# 0x5bced6 net.(*netFD).readMsgInet6+0x36 /usr/local/go/src/net/fd_posix.go:90
# 0x5d5e44 net.(*UDPConn).readMsg+0xa4 /usr/local/go/src/net/udpsock_posix.go:106
# 0x5d43b2 net.(*UDPConn).ReadMsgUDPAddrPort+0x52 /usr/local/go/src/net/udpsock.go:203
# 0x5d4289 net.(*UDPConn).ReadMsgUDP+0x29 /usr/local/go/src/net/udpsock.go:191
# 0x809ee6 github.com/miekg/dns.ReadFromSessionUDP+0x86 /home/user/go/pkg/mod/github.com/miekg/[email protected]/udp.go:42
# 0x7f8b4f github.com/miekg/dns.(*Server).readUDP+0x10f /home/user/go/pkg/mod/github.com/miekg/[email protected]/server.go:695
# 0x7f60b8 github.com/miekg/dns.defaultReader.ReadUDP+0x18 /home/user/go/pkg/mod/github.com/miekg/[email protected]/server.go:174
# 0x7f7848 github.com/miekg/dns.(*Server).serveUDP+0x2a8 /home/user/go/pkg/mod/github.com/miekg/[email protected]/server.go:513
# 0x7f6874 github.com/miekg/dns.(*Server).ListenAndServe+0x514 /home/user/go/pkg/mod/github.com/miekg/[email protected]/server.go:342
# 0xc93809 github.com/safing/portmaster/nameserver.startListener.func1+0x249 /home/user/git/safing/portmaster/nameserver/module.go:147
# 0x75e212 github.com/safing/portbase/modules.(*Module).runWorker+0x92 /home/user/git/safing/portbase/modules/worker.go:128
# 0x75dbf5 github.com/safing/portbase/modules.(*Module).runServiceWorker+0x135 /home/user/git/safing/portbase/modules/worker.go:83
1 @ 0x439e76 0x432717 0x463349 0x4995b2 0x49dd94 0x49dd81 0x5be635 0x5d34e8 0x5d24dd 0x6a8d05 0x6a893d 0x7b09e5 0x75e213 0x75d7b7 0x7b0b65 0x468c81
# 0x463348 internal/poll.runtime_pollWait+0x88 /usr/local/go/src/runtime/netpoll.go:305
# 0x4995b1 internal/poll.(*pollDesc).wait+0x31 /usr/local/go/src/internal/poll/fd_poll_runtime.go:84
# 0x49dd93 internal/poll.(*pollDesc).waitRead+0x233 /usr/local/go/src/internal/poll/fd_poll_runtime.go:89
# 0x49dd80 internal/poll.(*FD).Accept+0x220 /usr/local/go/src/internal/poll/fd_unix.go:614
# 0x5be634 net.(*netFD).accept+0x34 /usr/local/go/src/net/fd_unix.go:172
# 0x5d34e7 net.(*TCPListener).accept+0x27 /usr/local/go/src/net/tcpsock_posix.go:142
# 0x5d24dc net.(*TCPListener).Accept+0x3c /usr/local/go/src/net/tcpsock.go:288
# 0x6a8d04 net/http.(*Server).Serve+0x384 /usr/local/go/src/net/http/server.go:3070
# 0x6a893c net/http.(*Server).ListenAndServe+0x7c /usr/local/go/src/net/http/server.go:2999
# 0x7b09e4 github.com/safing/portbase/api.Serve.func1+0x24 /home/user/git/safing/portbase/api/router.go:66
# 0x75e212 github.com/safing/portbase/modules.(*Module).runWorker+0x92 /home/user/git/safing/portbase/modules/worker.go:128
# 0x75d7b6 github.com/safing/portbase/modules.(*Module).RunWorker+0x76 /home/user/git/safing/portbase/modules/worker.go:52
# 0x7b0b64 github.com/safing/portbase/api.Serve+0x164 /home/user/git/safing/portbase/api/router.go:65
1 @ 0x439e76 0x449d3c 0x4f2f46 0x4f2daa 0x468c81
# 0x4f2f45 github.com/safing/portbase/log.writer+0xe5 /home/user/git/safing/portbase/log/output.go:154
# 0x4f2da9 github.com/safing/portbase/log.writerManager+0x89 /home/user/git/safing/portbase/log/output.go:113
1 @ 0x439e76 0x449d3c 0x755a66 0x468c81
# 0x755a65 github.com/safing/portbase/modules.microTaskScheduler+0x2a5 /home/user/git/safing/portbase/modules/microtasks.go:291
1 @ 0x439e76 0x449d3c 0x75cfe5 0x468c81
# 0x75cfe4 github.com/safing/portbase/modules.taskQueueHandler+0x84 /home/user/git/safing/portbase/modules/tasks.go:468
1 @ 0x439e76 0x449d3c 0x75d2f8 0x468c81
# 0x75d2f7 github.com/safing/portbase/modules.taskScheduleHandler+0xb7 /home/user/git/safing/portbase/modules/tasks.go:518
1 @ 0x439e76 0x449d3c 0x79500e 0x75e213 0x75dbf6 0x468c81
# 0x79500d github.com/safing/portbase/rng.fullFeeder+0x8d /home/user/git/safing/portbase/rng/fullfeed.go:24
# 0x75e212 github.com/safing/portbase/modules.(*Module).runWorker+0x92 /home/user/git/safing/portbase/modules/worker.go:128
# 0x75dbf5 github.com/safing/portbase/modules.(*Module).runServiceWorker+0x135 /home/user/git/safing/portbase/modules/worker.go:83
1 @ 0x439e76 0x449d3c 0x795a45 0x75e213 0x75dbf6 0x468c81
# 0x795a44 github.com/safing/portbase/rng.osFeeder+0x184 /home/user/git/safing/portbase/rng/osfeeder.go:26
# 0x75e212 github.com/safing/portbase/modules.(*Module).runWorker+0x92 /home/user/git/safing/portbase/modules/worker.go:128
# 0x75dbf5 github.com/safing/portbase/modules.(*Module).runServiceWorker+0x135 /home/user/git/safing/portbase/modules/worker.go:83
1 @ 0x439e76 0x449d3c 0x7963a5 0x75e213 0x75dbf6 0x468c81
# 0x7963a4 github.com/safing/portbase/rng.tickFeeder+0x244 /home/user/git/safing/portbase/rng/tickfeeder.go:58
# 0x75e212 github.com/safing/portbase/modules.(*Module).runWorker+0x92 /home/user/git/safing/portbase/modules/worker.go:128
# 0x75dbf5 github.com/safing/portbase/modules.(*Module).runServiceWorker+0x135 /home/user/git/safing/portbase/modules/worker.go:83
1 @ 0x439e76 0x449d3c 0x7c417e 0xc98bd9 0x439ab2 0x468c81
# 0x7c417d github.com/safing/portbase/run.Run+0x27d /home/user/git/safing/portbase/run/main.go:76
# 0xc98bd8 main.main+0xf8 /home/user/git/safing/portmaster/cmds/portmaster-core/main.go:36
# 0x439ab1 runtime.main+0x211 /usr/local/go/src/runtime/proc.go:250
1 @ 0x439e76 0x449d3c 0x8f1f45 0x75e213 0x75dbf6 0x468c81
# 0x8f1f44 github.com/safing/portbase/notifications.cleaner+0xe4 /home/user/git/safing/portbase/notifications/cleaner.go:13
# 0x75e212 github.com/safing/portbase/modules.(*Module).runWorker+0x92 /home/user/git/safing/portbase/modules/worker.go:128
# 0x75dbf5 github.com/safing/portbase/modules.(*Module).runServiceWorker+0x135 /home/user/git/safing/portbase/modules/worker.go:83
1 @ 0x439e76 0x449d3c 0x9309dd 0x75e213 0x75dbf6 0x468c81
# 0x9309dc github.com/safing/portmaster/intel/geoip.(*updateWorker).run+0x17c /home/user/git/safing/portmaster/intel/geoip/database.go:173
# 0x75e212 github.com/safing/portbase/modules.(*Module).runWorker+0x92 /home/user/git/safing/portbase/modules/worker.go:128
# 0x75dbf5 github.com/safing/portbase/modules.(*Module).runServiceWorker+0x135 /home/user/git/safing/portbase/modules/worker.go:83
1 @ 0x439e76 0x449d3c 0x93905e 0x75e213 0x75dbf6 0x468c81
# 0x93905d github.com/safing/portmaster/netenv.monitorNetworkChanges+0x11d /home/user/git/safing/portmaster/netenv/network-change.go:49
# 0x75e212 github.com/safing/portbase/modules.(*Module).runWorker+0x92 /home/user/git/safing/portbase/modules/worker.go:128
# 0x75dbf5 github.com/safing/portbase/modules.(*Module).runServiceWorker+0x135 /home/user/git/safing/portbase/modules/worker.go:83
1 @ 0x439e76 0x449d3c 0x93a3a6 0x75e213 0x75dbf6 0x468c81
# 0x93a3a5 github.com/safing/portmaster/netenv.monitorOnlineStatus+0xe5 /home/user/git/safing/portmaster/netenv/online-status.go:357
# 0x75e212 github.com/safing/portbase/modules.(*Module).runWorker+0x92 /home/user/git/safing/portbase/modules/worker.go:128
# 0x75dbf5 github.com/safing/portbase/modules.(*Module).runServiceWorker+0x135 /home/user/git/safing/portbase/modules/worker.go:83
1 @ 0x439e76 0x449d3c 0x949785 0x75e213 0x75d7b7 0x75d5aa 0x468c81
# 0x949784 github.com/safing/portmaster/status.autoPilot+0x84 /home/user/git/safing/portmaster/status/autopilot.go:16
# 0x75e212 github.com/safing/portbase/modules.(*Module).runWorker+0x92 /home/user/git/safing/portbase/modules/worker.go:128
# 0x75d7b6 github.com/safing/portbase/modules.(*Module).RunWorker+0x76 /home/user/git/safing/portbase/modules/worker.go:52
# 0x75d5a9 github.com/safing/portbase/modules.(*Module).StartWorker.func1+0x49 /home/user/git/safing/portbase/modules/worker.go:27
1 @ 0x439e76 0x449d3c 0x9a840b 0x75e213 0x75dbf6 0x468c81
# 0x9a840a github.com/safing/portmaster/profile.cleanActiveProfiles+0xaa /home/user/git/safing/portmaster/profile/active.go:58
# 0x75e212 github.com/safing/portbase/modules.(*Module).runWorker+0x92 /home/user/git/safing/portbase/modules/worker.go:128
# 0x75dbf5 github.com/safing/portbase/modules.(*Module).runServiceWorker+0x135 /home/user/git/safing/portbase/modules/worker.go:83
1 @ 0x439e76 0x449d3c 0x9ad34e 0x75e213 0x75dbf6 0x468c81
# 0x9ad34d github.com/safing/portmaster/profile.startProfileUpdateChecker.func1+0x1ed /home/user/git/safing/portmaster/profile/database.go:54
# 0x75e212 github.com/safing/portbase/modules.(*Module).runWorker+0x92 /home/user/git/safing/portbase/modules/worker.go:128
# 0x75dbf5 github.com/safing/portbase/modules.(*Module).runServiceWorker+0x135 /home/user/git/safing/portbase/modules/worker.go:83
1 @ 0x439e76 0x449d3c 0x9cc1a6 0x9cbf27 0x75e213 0x75dbf6 0x468c81
# 0x9cc1a5 github.com/safing/portmaster/resolver.handleMDNSMessages+0xc5 /home/user/git/safing/portmaster/resolver/resolver-mdns.go:150
# 0x9cbf26 github.com/safing/portmaster/resolver.listenToMDNS.func9+0x26 /home/user/git/safing/portmaster/resolver/resolver-mdns.go:140
# 0x75e212 github.com/safing/portbase/modules.(*Module).runWorker+0x92 /home/user/git/safing/portbase/modules/worker.go:128
# 0x75dbf5 github.com/safing/portbase/modules.(*Module).runServiceWorker+0x135 /home/user/git/safing/portbase/modules/worker.go:83
1 @ 0x439e76 0x449d3c 0xa5ab85 0x75e213 0x75dbf6 0x468c81
# 0xa5ab84 github.com/safing/portmaster/network.connectionCleaner+0xa4 /home/user/git/safing/portmaster/network/clean.go:25
# 0x75e212 github.com/safing/portbase/modules.(*Module).runWorker+0x92 /home/user/git/safing/portbase/modules/worker.go:128
# 0x75dbf5 github.com/safing/portbase/modules.(*Module).runServiceWorker+0x135 /home/user/git/safing/portbase/modules/worker.go:83
1 @ 0x439e76 0x449d3c 0xa60026 0x75e213 0x75dbf6 0x468c81
# 0xa60025 github.com/safing/portmaster/network.openDNSRequestWriter+0xe5 /home/user/git/safing/portmaster/network/dns.go:91
# 0x75e212 github.com/safing/portbase/modules.(*Module).runWorker+0x92 /home/user/git/safing/portbase/modules/worker.go:128
# 0x75dbf5 github.com/safing/portbase/modules.(*Module).runServiceWorker+0x135 /home/user/git/safing/portbase/modules/worker.go:83
1 @ 0x439e76 0x449d3c 0xc5268e 0xc54838 0x75e213 0x75dbf6 0x468c81
# 0xc5268d github.com/safing/portmaster/netquery.(*Manager).HandleFeed+0xcd /home/user/git/safing/portmaster/netquery/manager.go:82
# 0xc54837 github.com/safing/portmaster/netquery.(*module).start.func2+0x37 /home/user/git/safing/portmaster/netquery/module_api.go:131
# 0x75e212 github.com/safing/portbase/modules.(*Module).runWorker+0x92 /home/user/git/safing/portbase/modules/worker.go:128
# 0x75dbf5 github.com/safing/portbase/modules.(*Module).runServiceWorker+0x135 /home/user/git/safing/portbase/modules/worker.go:83
1 @ 0x439e76 0x449d3c 0xc5467a 0x75e213 0x75dbf6 0x468c81
# 0xc54679 github.com/safing/portmaster/netquery.(*module).start.func3+0xb9 /home/user/git/safing/portmaster/netquery/module_api.go:137
# 0x75e212 github.com/safing/portbase/modules.(*Module).runWorker+0x92 /home/user/git/safing/portbase/modules/worker.go:128
# 0x75dbf5 github.com/safing/portbase/modules.(*Module).runServiceWorker+0x135 /home/user/git/safing/portbase/modules/worker.go:83
1 @ 0x439e76 0x449d3c 0xc54acb 0x75e213 0x75dbf6 0x468c81
# 0xc54aca github.com/safing/portmaster/netquery.(*module).start.func1+0x24a /home/user/git/safing/portmaster/netquery/module_api.go:110
# 0x75e212 github.com/safing/portbase/modules.(*Module).runWorker+0x92 /home/user/git/safing/portbase/modules/worker.go:128
# 0x75dbf5 github.com/safing/portbase/modules.(*Module).runServiceWorker+0x135 /home/user/git/safing/portbase/modules/worker.go:83
1 @ 0x439e76 0x449d3c 0xc811f0 0x468c81
# 0xc811ef github.com/safing/portmaster/firewall/interception.handleInterception+0x18f /home/user/git/safing/portmaster/firewall/interception/nfqueue_linux.go:316
1 @ 0x439e76 0x449d3c 0xc8afad 0x75e213 0x75d7b7 0x75d5aa 0x468c81
# 0xc8afac github.com/safing/portmaster/firewall.packetHandler+0xac /home/user/git/safing/portmaster/firewall/interception.go:689
# 0x75e212 github.com/safing/portbase/modules.(*Module).runWorker+0x92 /home/user/git/safing/portbase/modules/worker.go:128
# 0x75d7b6 github.com/safing/portbase/modules.(*Module).RunWorker+0x76 /home/user/git/safing/portbase/modules/worker.go:52
# 0x75d5a9 github.com/safing/portbase/modules.(*Module).StartWorker.func1+0x49 /home/user/git/safing/portbase/modules/worker.go:27
1 @ 0x439e76 0x449d3c 0xc8b266 0x75e213 0x75d7b7 0x75d5aa 0x468c81
# 0xc8b265 github.com/safing/portmaster/firewall.statLogger+0x1c5 /home/user/git/safing/portmaster/firewall/interception.go:703
# 0x75e212 github.com/safing/portbase/modules.(*Module).runWorker+0x92 /home/user/git/safing/portbase/modules/worker.go:128
# 0x75d7b6 github.com/safing/portbase/modules.(*Module).RunWorker+0x76 /home/user/git/safing/portbase/modules/worker.go:52
# 0x75d5a9 github.com/safing/portbase/modules.(*Module).StartWorker.func1+0x49 /home/user/git/safing/portbase/modules/worker.go:27
Did you disable force block incoming connections? otherwise all incoming connections are blocked.
For:
- v1.40.0
- "Privacy Filter" -> "Force Block Incoming Connections" turned on (get nagged when off)
- "Privacy Filter" -> "Rules" -> "Incoming Rules" -> "Allow" "LAN"
logged:
Started: 1:27:33 AM
Ended:
Verdict: Drop
Local Address: ff02::fb :5353
Direction: Incoming
Protocol:UDP
Encrypted:no
Tunneled:no
Scope:LAN Peer-to-Peer Incoming
Remote Peer: fe80::eaea:c404:82f1:a925 :5353
Country:N/A
ASN:N/A
AS Org:N/A
Binary Path:/usr/sbin/avahi-daemon
Reason: inbound connections blocked
Applied Setting:Force Block Incoming Connections from Global Settings
See
- All the above IPv6 addresses are within the specified "Multicast" or "Link-Local unicast" CIDRs (address ranges) specified at https://datatracker.ietf.org/doc/html/rfc4291#section-2.4
-
Scope:LAN Peer-to-Peer Incoming, shows it even knows this is LAN traffic!
Thus, the bug is still present.
I'm going to try seeing if adding these (should be redundant) "Incoming Rules" will help:
- "Allow" "FE80:/10" (https://iplocation.io/ipv6-cidr-to-range/FE80::/10)
- "Allow" "FF00:/8" (https://iplocation.io/ipv6-cidr-to-range/FF00::/8)
Even if these help, they shouldn't be needed!
This issue has been automatically marked as inactive because it has not had activity in the past two months.
If no further activity occurs, this issue will be automatically closed in one week in order to increase our focus on active topics.
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
This issue has been automatically closed because it has not had recent activity. Thank you for your contributions.
If the issue has not been resolved, you can find more information in our Wiki or continue the conversation on our Discord.