Re: Trouble setting VPN for specific IP via NetworkManager

[Michael Butash]

I've noticed similar behavior using vpnc-based vpn's that doesn't setup 
routes quite right.  It adds the prefixes negotiated for routes by the 
server, but it still insists on repointing a default route at the tun 
interface as well, breaking split-tunneling.  I keep forgetting to spam 
the list asking about this, thanks for the reminder.  :)


Can NM not explicitly repoint the default route to a tunnel please?  You 
only want this when the vpn server sends an explicit default, but for 
split tunneling, it needs to be versatile and only add the prefixes 
wanted, leaving the default at the original gateway.


You can remove and add routes manually every time, it's more or less 
what I do to override nm's bad behavior, but vpnc doesn't use ppp 
interfaces.  Not sure why that is complicating for you other than the 
fact the ppp interface


Try "route add default dev ppp0" without a gw addy?  PPP doesn't use 
gateways per se.


-mb


On 10/23/2011 02:33 PM, Mohan Sfo wrote:

Hello all,

I apologize for asking such an elementary question on this list. Thanks
for your help. Two question below:

1) I am playing with setting up VPN via NetworkManager. I am able to
successfully setup VPN. Unfortunately, it is setting up *all* the routes
to go via the VPN. I want traffic for only a few address to go via VPN
and everything else to use the existing routes on wlan0. How do I do it?

2) Where are the log files for VPN or pppd stuff in NetworkManager? How
do I setup so that there is logging so that I can debug why I am having
connectivity problems.

After setting up VPN connection:
#route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.116.78.13 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0
226.22.44.56 192.168.2.1 255.255.255.255 UGH 0 0 0 wlan0
226.22.44.56 192.168.2.1 255.255.255.255 UGH 0 0 0 wlan0
192.168.2.0 0.0.0.0 255.255.255.0 U 2 0 0 wlan0
169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 wlan0
0.0.0.0 0.0.0.0 0.0.0.0 U 0 0 0 ppp0
#


I deleted the default route below, and then added wlan0 as the new
default route. Regular stuff like google.com  are
working fine over wlan0. However, I run into trouble when I tell that
specific IP lists should go over ppp0.

#route del default
#route add default gw 192.168.2.1 dev wlan0


Now, I run into trouble when I tell that specific IP 10.10.115.123
should go over ppp0.


#route add host 10.10.115.123 gw 0.0.0.0 dev ppp0
SIOCADDRT: Invalid argument


Please suggest me how I can do it over command line via route or via
NetworkManager.



Thanks,
Mohan


___
networkmanager-list mailing list
networkmanager-list@gnome.org
http://mail.gnome.org/mailman/listinfo/networkmanager-list

___
networkmanager-list mailing list
networkmanager-list@gnome.org
http://mail.gnome.org/mailman/listinfo/networkmanager-list

Re: Trying to understand a kernel error

[Bill C Riemers]

OK.  In the mean time, is there a way to keep the network manager from trying 
to connect to this network, other than using my airport mode switch?

Bill


On 10/24/2011 01:42 PM, Dan Williams wrote:

On Mon, 2011-10-24 at 10:39 -0400, Bill C Riemers wrote:

Last night, I tried using wifi from the comfortinn I am staying at for the 
week, and I repeatedly received a kernel error:

:WARNING: at drivers/net/wireless/iwlwifi/iwl-core.c:482 iwl_check_rxon_cmd+0x21
1/0x21f [iwlagn]()

Actually, looking at the respective line of code, it seems the module is 
complaining that channel number 6 is not a valid channel number...

Probably best to persue this via kernel development lists actually, it's
probably more of a kernel driver bug than an NM bug.  But some things
that come to mind: perhaps the AP's 802.11d IE is telling your card that
it cannot use some channels; often APs get this wrong.  Second, if this
happens generally, it could be rfkill related.  But actually, your
problem is apparently this block:

if ((rxon->flags&  (RXON_FLG_CCK_MSK | RXON_FLG_SHORT_SLOT_MSK))
== (RXON_FLG_CCK_MSK | RXON_FLG_SHORT_SLOT_MSK)) {
IWL_WARN(priv, "CCK and short slot\n");
errors |= BIT(7);
}

which is much more a kernel driver issue than an NM issue...  (0x40 = bit 7)

Dan


Now here are the problems related to network manager:
1. I have no way of aborting the connection attempt.  In fact now when I'm 
in the hotel I have to have the wifi switched off otherwise it automatically 
tries to connect to comfortinn, and generates the error repeatedly, blocking me 
from doing anything else.
2. I'm not sure if the problem is a kernel bug, or network manager is 
passing invalid parameters.   There seems to be no way to open the connection 
in with the gnome interface to network manager.  I can only open the connection 
options for connections I'm actively connected to.   Is there a file on disk 
somewhere I can access, or an alternate UI?

BTW. This problem seems related to the settings used for comfort inn, as I have 
never had problems connecting to any other wifi network.

Regards,

Bill

___
networkmanager-list mailing list
networkmanager-list@gnome.org
http://mail.gnome.org/mailman/listinfo/networkmanager-list




___
networkmanager-list mailing list
networkmanager-list@gnome.org
http://mail.gnome.org/mailman/listinfo/networkmanager-list

Re: Trying to understand a kernel error

[Dan Williams]

On Mon, 2011-10-24 at 10:39 -0400, Bill C Riemers wrote:
> Last night, I tried using wifi from the comfortinn I am staying at for the 
> week, and I repeatedly received a kernel error:
> 
> :WARNING: at drivers/net/wireless/iwlwifi/iwl-core.c:482 
> iwl_check_rxon_cmd+0x21
> 1/0x21f [iwlagn]()
> 
> Actually, looking at the respective line of code, it seems the module is 
> complaining that channel number 6 is not a valid channel number...

Probably best to persue this via kernel development lists actually, it's
probably more of a kernel driver bug than an NM bug.  But some things
that come to mind: perhaps the AP's 802.11d IE is telling your card that
it cannot use some channels; often APs get this wrong.  Second, if this
happens generally, it could be rfkill related.  But actually, your
problem is apparently this block:

if ((rxon->flags & (RXON_FLG_CCK_MSK | RXON_FLG_SHORT_SLOT_MSK))
== (RXON_FLG_CCK_MSK | RXON_FLG_SHORT_SLOT_MSK)) {
IWL_WARN(priv, "CCK and short slot\n");
errors |= BIT(7);
}

which is much more a kernel driver issue than an NM issue...  (0x40 = bit 7)

Dan

> Now here are the problems related to network manager:
>1. I have no way of aborting the connection attempt.  In fact now when I'm 
> in the hotel I have to have the wifi switched off otherwise it automatically 
> tries to connect to comfortinn, and generates the error repeatedly, blocking 
> me from doing anything else.
>2. I'm not sure if the problem is a kernel bug, or network manager is 
> passing invalid parameters.   There seems to be no way to open the connection 
> in with the gnome interface to network manager.  I can only open the 
> connection options for connections I'm actively connected to.   Is there a 
> file on disk somewhere I can access, or an alternate UI?
> 
> BTW. This problem seems related to the settings used for comfort inn, as I 
> have never had problems connecting to any other wifi network.
> 
> Regards,
> 
> Bill
> 
> ___
> networkmanager-list mailing list
> networkmanager-list@gnome.org
> http://mail.gnome.org/mailman/listinfo/networkmanager-list


___
networkmanager-list mailing list
networkmanager-list@gnome.org
http://mail.gnome.org/mailman/listinfo/networkmanager-list

Re: Trying to understand a kernel error

[Bill C Riemers]

I suppose I should mention the actual message the kernel is putting in the 
warning:

:Invalid RXON (0x40), channel 6

I'm not sure what RXON means...  I'm only assuming this is setting the channel 
number to 6, but it occurs to me that could be an invalid assumption.


On 10/24/2011 10:39 AM, Bill C Riemers wrote:

Last night, I tried using wifi from the comfortinn I am staying at for the 
week, and I repeatedly received a kernel error:

:WARNING: at drivers/net/wireless/iwlwifi/iwl-core.c:482 iwl_check_rxon_cmd+0x21
1/0x21f [iwlagn]()

Actually, looking at the respective line of code, it seems the module is 
complaining that channel number 6 is not a valid channel number...

Now here are the problems related to network manager:
  1. I have no way of aborting the connection attempt.  In fact now when I'm in 
the hotel I have to have the wifi switched off otherwise it automatically tries 
to connect to comfortinn, and generates the error repeatedly, blocking me from 
doing anything else.
  2. I'm not sure if the problem is a kernel bug, or network manager is passing 
invalid parameters.   There seems to be no way to open the connection in with 
the gnome interface to network manager.  I can only open the connection options 
for connections I'm actively connected to.   Is there a file on disk somewhere 
I can access, or an alternate UI?

BTW. This problem seems related to the settings used for comfort inn, as I have 
never had problems connecting to any other wifi network.

Regards,

Bill



___
networkmanager-list mailing list
networkmanager-list@gnome.org
http://mail.gnome.org/mailman/listinfo/networkmanager-list

Trying to understand a kernel error

[Bill C Riemers]

Last night, I tried using wifi from the comfortinn I am staying at for the 
week, and I repeatedly received a kernel error:

:WARNING: at drivers/net/wireless/iwlwifi/iwl-core.c:482 iwl_check_rxon_cmd+0x21
1/0x21f [iwlagn]()

Actually, looking at the respective line of code, it seems the module is 
complaining that channel number 6 is not a valid channel number...

Now here are the problems related to network manager:
  1. I have no way of aborting the connection attempt.  In fact now when I'm in 
the hotel I have to have the wifi switched off otherwise it automatically tries 
to connect to comfortinn, and generates the error repeatedly, blocking me from 
doing anything else.
  2. I'm not sure if the problem is a kernel bug, or network manager is passing 
invalid parameters.   There seems to be no way to open the connection in with 
the gnome interface to network manager.  I can only open the connection options 
for connections I'm actively connected to.   Is there a file on disk somewhere 
I can access, or an alternate UI?

BTW. This problem seems related to the settings used for comfort inn, as I have 
never had problems connecting to any other wifi network.

Regards,

Bill

___
networkmanager-list mailing list
networkmanager-list@gnome.org
http://mail.gnome.org/mailman/listinfo/networkmanager-list

[PATCH 2/2] Add nm_connection_get_setting_serial()

[Thomas Graf]

Signed-off-by: Thomas Graf 
---
 libnm-util/libnm-util.ver |1 +
 libnm-util/nm-connection.c|   18 ++
 libnm-util/nm-connection.h|2 ++
 src/nm-device-bt.c|2 +-
 src/settings/plugins/keyfile/tests/test-keyfile.c |4 ++--
 5 files changed, 24 insertions(+), 3 deletions(-)

diff --git a/libnm-util/libnm-util.ver b/libnm-util/libnm-util.ver
index edf5d29..23ad6d8 100644
--- a/libnm-util/libnm-util.ver
+++ b/libnm-util/libnm-util.ver
@@ -25,6 +25,7 @@ global:
nm_connection_get_setting_olpc_mesh;
nm_connection_get_setting_ppp;
nm_connection_get_setting_pppoe;
+   nm_connection_get_setting_serial;
nm_connection_get_setting_vpn;
nm_connection_get_setting_wimax;
nm_connection_get_setting_wired;
diff --git a/libnm-util/nm-connection.c b/libnm-util/nm-connection.c
index 76af7e0..550a15a 100644
--- a/libnm-util/nm-connection.c
+++ b/libnm-util/nm-connection.c
@@ -42,6 +42,7 @@
 #include "nm-setting-wired.h"
 #include "nm-setting-wireless.h"
 #include "nm-setting-wireless-security.h"
+#include "nm-setting-serial.h"
 #include "nm-setting-vpn.h"
 #include "nm-setting-olpc-mesh.h"
 
@@ -1444,6 +1445,23 @@ nm_connection_get_setting_pppoe (NMConnection 
*connection)
 }
 
 /**
+ * nm_connection_get_setting_serial:
+ * @connection: the #NMConnection
+ *
+ * A shortcut to return any #NMSettingSerial the connection might contain.
+ *
+ * Returns: (transfer none): an #NMSettingSerial if the connection contains 
one, otherwise NULL
+ **/
+NMSettingSerial *
+nm_connection_get_setting_serial (NMConnection *connection)
+{
+   g_return_val_if_fail (connection != NULL, NULL);
+   g_return_val_if_fail (NM_IS_CONNECTION (connection), NULL);
+
+   return (NMSettingSerial *) nm_connection_get_setting (connection, 
NM_TYPE_SETTING_SERIAL);
+}
+
+/**
  * nm_connection_get_setting_vpn:
  * @connection: the #NMConnection
  *
diff --git a/libnm-util/nm-connection.h b/libnm-util/nm-connection.h
index 3245f7e..575121f 100644
--- a/libnm-util/nm-connection.h
+++ b/libnm-util/nm-connection.h
@@ -40,6 +40,7 @@
 #include 
 #include 
 #include 
+#include 
 #include 
 #include 
 #include 
@@ -189,6 +190,7 @@ NMSettingIP6Config *   
nm_connection_get_setting_ip6_config(NMConnec
 NMSettingOlpcMesh *nm_connection_get_setting_olpc_mesh 
(NMConnection *connection);
 NMSettingPPP * nm_connection_get_setting_ppp   
(NMConnection *connection);
 NMSettingPPPOE *   nm_connection_get_setting_pppoe 
(NMConnection *connection);
+NMSettingSerial *  nm_connection_get_setting_serial
(NMConnection *connection);
 NMSettingVPN * nm_connection_get_setting_vpn   
(NMConnection *connection);
 NMSettingWimax *   nm_connection_get_setting_wimax 
(NMConnection *connection);
 NMSettingWired *   nm_connection_get_setting_wired 
(NMConnection *connection);
diff --git a/src/nm-device-bt.c b/src/nm-device-bt.c
index 6b4f61a..2193c15 100644
--- a/src/nm-device-bt.c
+++ b/src/nm-device-bt.c
@@ -278,7 +278,7 @@ real_complete_connection (NMDevice *device,
 
s_gsm = nm_connection_get_setting_gsm (connection);
s_cdma = nm_connection_get_setting_cdma (connection);
-   s_serial = (NMSettingSerial *) nm_connection_get_setting (connection, 
NM_TYPE_SETTING_SERIAL);
+   s_serial = nm_connection_get_setting_serial (connection);
s_ppp = nm_connection_get_setting_ppp (connection);
 
s_bt = nm_connection_get_setting_bluetooth (connection);
diff --git a/src/settings/plugins/keyfile/tests/test-keyfile.c 
b/src/settings/plugins/keyfile/tests/test-keyfile.c
index 5c9ced7..bf95418 100644
--- a/src/settings/plugins/keyfile/tests/test-keyfile.c
+++ b/src/settings/plugins/keyfile/tests/test-keyfile.c
@@ -1952,7 +1952,7 @@ test_read_bt_dun_connection (void)
 
/* = SERIAL SETTING = */
 
-   s_serial = NM_SETTING_SERIAL (nm_connection_get_setting (connection, 
NM_TYPE_SETTING_SERIAL));
+   s_serial = nm_connection_get_setting_serial (connection);
ASSERT (s_serial != NULL,
"connection-verify-serial", "failed to verify %s: missing %s 
setting",
TEST_BT_DUN_FILE,
@@ -2215,7 +2215,7 @@ test_read_gsm_connection (void)
 
/* = SERIAL SETTING = */
 
-   s_serial = NM_SETTING_SERIAL (nm_connection_get_setting (connection, 
NM_TYPE_SETTING_SERIAL));
+   s_serial = nm_connection_get_setting_serial (connection);
ASSERT (s_serial != NULL,
"connection-verify-serial", "failed to verify %s: missing %s 
setting",
TEST_GSM_FILE,
-- 
1.7.6.4

___
networkmanager-list mailing list
networkmanager-list@gnome.org
http://mail.gnome.org/mailman/listinfo/networkmanager-list

[PATCH 0/2] nm_connection_get_setting() fixes

[Thomas Graf]

Pure cleanup patches to make use of
nm_connection_get_setting_() where applicable. 

Thomas Graf (2):
  Use nm_connection_get_setting_() whenever possible
  Add nm_connection_get_setting_serial()

 examples/C/glib/list-connections-libnm-glib.c  |2 +-
 libnm-glib/nm-device-bt.c  |2 +-
 libnm-util/libnm-util.ver  |1 +
 libnm-util/nm-connection.c |   28 ++-
 libnm-util/nm-connection.h |2 +
 libnm-util/tests/test-general.c|6 +-
 libnm-util/tests/test-secrets.c|4 +-
 src/NetworkManagerUtils.c  |6 +-
 src/modem-manager/nm-modem-cdma.c  |   12 +-
 src/modem-manager/nm-modem-gsm.c   |   12 +-
 src/modem-manager/nm-modem.c   |2 +-
 src/nm-device-bt.c |   18 +-
 src/nm-device-ethernet.c   |   30 +-
 src/nm-device-olpc-mesh.c  |8 +-
 src/nm-device-wifi.c   |   30 +-
 src/nm-device.c|   28 +-
 src/nm-manager-auth.c  |2 +-
 src/nm-manager.c   |   12 +-
 src/nm-policy.c|   12 +-
 src/nm-wifi-ap.c   |9 +-
 src/ppp-manager/nm-ppp-manager.c   |8 +-
 src/settings/nm-agent-manager.c|2 +-
 src/settings/nm-settings-connection.c  |   10 +-
 src/settings/nm-settings.c |9 +-
 src/settings/plugins/ifcfg-rh/plugin.c |2 +-
 src/settings/plugins/ifcfg-rh/reader.c |2 +-
 .../plugins/ifcfg-rh/tests/test-ifcfg-rh.c |  278 ++--
 src/settings/plugins/ifcfg-rh/writer.c |   20 +-
 src/settings/plugins/ifnet/connection_parser.c |   41 +--
 src/settings/plugins/ifnet/plugin.c|3 +-
 src/settings/plugins/ifupdown/parser.c |5 +-
 src/settings/plugins/ifupdown/plugin.c |   12 +-
 src/settings/plugins/keyfile/reader.c  |4 +-
 src/settings/plugins/keyfile/tests/test-keyfile.c  |   74 +++---
 src/tests/test-wifi-ap-utils.c |8 +-
 src/vpn-manager/nm-vpn-connection.c|   22 +-
 src/vpn-manager/nm-vpn-manager.c   |2 +-
 src/wimax/nm-wimax-nsp.c   |2 +-
 test/nm-tool.c |2 +-
 39 files changed, 366 insertions(+), 366 deletions(-)

-- 
1.7.6.4

___
networkmanager-list mailing list
networkmanager-list@gnome.org
http://mail.gnome.org/mailman/listinfo/networkmanager-list

Re: nm-connection-editor working only as root

[Ramon Diaz-Uriarte]

Actually, three problems remain ;-).


1. I've rebooted and reloged in several times, but I cannot save a
connection because it complaints about insufficient privileges. (I get a
pop-up message that says "Connection add failed", "Insufficient
privileges").


I have logged with kdm (or gdm) and have a local session:

ramon@Bufo:~$ ck-list-sessions 
Session1:
unix-user = '1000'
realname = 'ramon diaz-uriarte'
seat = 'Seat1'
session-type = ''
active = TRUE
x11-display = ':0'
x11-display-device = '/dev/tty7'
display-device = ''
remote-host-name = ''
is-local = TRUE
on-since = '2011-10-23T16:29:00.632372Z'
login-session-id = '4294967295'


2. There is the problem of not being able to access my previously defined
connections (versions 0.8.1). They must be somewhere, but the new versions
do not seem to be able to find them.



3. Finally, connections saved using, say, gksudo nm-connection-editor are
stored under 
/etc/NetworkManager/system-connections 

with passwords, etc, as plain text. Sure, they are only readable to root,
but ssn't this a potential problem? If I remember correctly, with previous
versions, you could only access connections (and their passwords) after
entering your password via keyring.


Best,

R.



On Fri, 21 Oct 2011 22:17:01 +0200,Ramon Diaz-Uriarte  wrote:



> On Fri, 21 Oct 2011 21:16:25 +0200,Michael Biebl  wrote:
> > [1  ]
> > Am 21.10.2011 21:14, schrieb Ramon Diaz-Uriarte:
> > > 
> > > 
> > > On Fri, 21 Oct 2011 16:42:52 +0200,Michael Biebl  wrote:
> > >> Am 21.10.2011 13:44, schrieb Ramon Diaz-Uriarte:
> > > 
> > >> What's the output of ck-list-sessions?
> > > 
> > > 
> > > Session5:
> > >   active = FALSE
> > >   is-local = FALSE

> > That's your problem. Use a login manager, like gdm or kdm, which
> > properly registers a ConsoleKit session.
> > Otherwise the PolicyKit rules used by NM won't work.

> Login with gdm does work, but only partially. I can now add and edit
> connections as non-root (ck-list-sessions now lists two local
> sessions). But the long list of wireless connections I had defined (prior
> to 0.9) is not there. Is there anyway to get those back?


> As well, can I get the PolicyKit rules to work with other login managers?
> I use wdm, but the trick of adding

> exec ck-launch-session xmonad

> at the end of my .xinitrc does not seem to work.


> Thanks,


> R.




> > Michael

> > -- 
> > Why is it that all of the instruments seeking intelligent life in the
> > universe are pointed away from Earth?

> > [2 OpenPGP digital signature ]

> -- 
> Ramon Diaz-Uriarte
> Department of Biochemistry
> Universidad Autónoma de Madrid
> Spain

> http://ligarto.org/rdiaz

> Temporarily at:
> Structural Biology and Biocomputing Programme
> Spanish National Cancer Centre (CNIO)
 
> Phone: +34-91-732-8000 ext. 3019
> Fax: +-34-91-224-6972
-- 
Ramon Diaz-Uriarte
Department of Biochemistry
Universidad Autónoma de Madrid
Spain

http://ligarto.org/rdiaz

Temporarily at:
Structural Biology and Biocomputing Programme
Spanish National Cancer Centre (CNIO)
 
Phone: +34-91-732-8000 ext. 3019
Fax: +-34-91-224-6972
___
networkmanager-list mailing list
networkmanager-list@gnome.org
http://mail.gnome.org/mailman/listinfo/networkmanager-list