Re: Access Point & WPA2
On Tue, 2018-12-11 at 12:38 +0200, Berend De Schouwer via networkmanager-list wrote: > On Tue, 2018-12-11 at 10:58 +0100, Thomas Haller wrote: > > On Tue, 2018-12-11 at 10:41 +0200, Berend De Schouwer wrote: > > > On Mon, 2018-12-10 at 17:22 +0100, Thomas Haller wrote: > > > > On Mon, 2018-12-10 at 12:15 +0200, Berend De Schouwer via > > > > Hi Berend, > > > > > > : ifindex=3 (wlan0) alg=4 > > addr=0xe5906648 key_idx=4 set_tx=1 seq_len=0 key_len=16 > > nl80211: set_key failed; err=-22 Invalid argument) > > WPA: group state machine entering state FATAL_FAILURE > > > > Beniamino said, "alg=4 is the IGTK, that should be required by > > PMF." > > Maybe try: > > > > nmcli connection modify "$PROFILE" wifi.pmf disable > > > > and reactivate the profile. > > That fixed it! Thanks Beniamino and Thomas. > > wifi.pmf disable resulted in alg=2: > > Dec 11 12:35:16 morgue.deschouwer.co.za NetworkManager[839]: > [1544524516.5910] device (wlan0): Activation: (wifi) Stage 2 > of 5 (Device Configure) successful. Started Wi-Fi Hotspot > 'HotelGUI'. > Dec 11 12:35:16 morgue.deschouwer.co.za wpa_supplicant[2426]: > wpa_driver_nl80211_set_key: ifindex=3 (wlan0) alg=2 > addr=0xce5e1648 key_idx=1 set_tx=1 seq_len=0 key_len=32 > Dec 11 12:35:16 morgue.deschouwer.co.za wpa_supplicant[2426]: > nl80211: KEY_DATA - hexdump(len=32): [REMOVED] > Dec 11 12:35:16 morgue.deschouwer.co.za > wpa_supplicant[2426]:broadcast key > Dec 11 12:35:16 morgue.deschouwer.co.za wpa_supplicant[2426]: > nl80211: Set wlan0 operstate 0->1 (UP) > Dec 11 12:35:16 morgue.deschouwer.co.za wpa_supplicant[2426]: > netlink: Operstate: ifindex=3 linkmode=-1 (no change), operstate=6 > (IF_OPER_UP) > Dec 11 12:35:16 morgue.deschouwer.co.za wpa_supplicant[2426]: wlan0: > interface state UNINITIALIZED->ENABLED > Dec 11 12:35:16 morgue.deschouwer.co.za wpa_supplicant[2426]: wlan0: > AP-ENABLED > Dec 11 12:35:16 morgue.deschouwer.co.za wpa_supplicant[2426]: wlan0: > State: SCANNING -> COMPLETED Hi, good to know. I wonder whether this is a bug in NetworkManager. If you leave pmf at "0 (default)", it seems it should just work. best, Thomas > > PS: it would be better to reply to the mailing list, and not me > > personally. Because so nobody else can help, and it's also not > > helpful > > for others. And if you paste text (the logfile) into the email, it > > would be nice to make sure that the lines are not wrapped. > > Preferably, > > attach the file to the email instead. Thanks!! > > It was my intention to mail the list, but I didn't check the To: > field > after hitting 'reply'. My mistake. Sorry. no problem!! :) signature.asc Description: This is a digitally signed message part ___ networkmanager-list mailing list networkmanager-list@gnome.org https://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Adhoc via dbus API?
On Tue, 2018-12-11 at 10:15 -0500, Jane Wyngaard via networkmanager- list wrote: > Hi, > > I just started using the python dbus API, but am having some > difficulties, hoping someone here might be able to help me? (I did > find the old thread in this list with an example script but API has > changed so much that no longer works even with significant changes). > > In brief: > - I can successfully configure and use an ADHOC network using (1) > manual edits of host file (after disabling NetworkManager), and (2) > using iwconfig. > - I can create an ADHOC with nm-applette gui but cannot connect to > it. > - What I need to do is create an adhoc with dbus but the attached > script which works perfectly to create a hotspot (with mode 'ap') > fails with bellow syslog messages when mode is 'adhoc' > > It looks like it creates the connection fine and even attempts to > activate but then hits some weird authentication issue I can't debug? Hi, while the script is not particularly elegant (e.g. it keeps polling whether the profile is fully activate), it should work fine in principle. It also succeeds to create a profile, but activation fails later on. This has nothing to do with D-Bus API. You can create the exact same profile with nmcli and encounter the same problem. What I mean, is that when I try `nmcli connection up MyAdhoc`, the activation also fails (just like with the python script). The question is, why it fails. But I don't know... General tip: enabling level=TRACE logging is helpful (see [1]). Also, check what is happening with `nmcli connection` and `nmcli device`. [1] https://cgit.freedesktop.org/NetworkManager/NetworkManager/tree/contrib/fedora/rpm/NetworkManager.conf#n28 best, Thomas > > Any chance someone has a working dbus API Adhoc network setup script > they could share with me? > > */var/log/syslog* > Dec 11 10:12:01 Squid NetworkManager[17463]: > [1544541121.4386] keyfile: add connection /etc/NetworkManager/system- > connections/MyAdhoc-bac3019c-6be0-4d07-9617-c91a5438f422 (bac3019c- > 6be0-4d07-9617-c91a5438f422,"MyAdhoc") > Dec 11 10:12:01 Squid NetworkManager[17463]: > [1544541121.4397] audit: op="connection-add" uuid="bac3019c-6be0- > 4d07-9617-c91a5438f422" name="MyAdhoc" pid=18019 uid=1000 > result="success" > Dec 11 10:12:01 Squid NetworkManager[17463]: > [1544541121.4479] device (wlp4s0): disconnecting for new activation > request. > Dec 11 10:12:01 Squid NetworkManager[17463]: > [1544541121.4479] device (wlp4s0): state change: activated -> > deactivating (reason 'new-activation', sys-iface-state: 'managed') > Dec 11 10:12:01 Squid NetworkManager[17463]: > [1544541121.4480] manager: NetworkManager state is now > CONNECTED_LOCAL > Dec 11 10:12:01 Squid NetworkManager[17463]: > [1544541121.4594] audit: op="connection-activate" uuid="bac3019c- > 6be0-4d07-9617-c91a5438f422" name="MyAdhoc" pid=18019 uid=1000 > result="success" > Dec 11 10:12:01 Squid dbus-daemon[878]: [system] Activating via > systemd: service name='org.freedesktop.nm_dispatcher' unit='dbus- > org.freedesktop.nm-dispatcher.service' requested by ':1.5229' (uid=0 > pid=17463 comm="/usr/sbin/NetworkManager --no-daemon " > label="unconfined") > Dec 11 10:12:01 Squid NetworkManager[17463]: > [1544541121.4600] device (wlp4s0): state change: deactivating -> > disconnected (reason 'new-activation', sys-iface-state: 'managed') > Dec 11 10:12:01 Squid avahi-daemon[961]: Withdrawing address record > for fe80::d80d:7c02:f195:d84f on wlp4s0. > Dec 11 10:12:01 Squid avahi-daemon[961]: Leaving mDNS multicast group > on interface wlp4s0.IPv6 with address fe80::d80d:7c02:f195:d84f. > Dec 11 10:12:01 Squid avahi-daemon[961]: Interface wlp4s0.IPv6 no > longer relevant for mDNS. > Dec 11 10:12:01 Squid systemd[1]: Starting Network Manager Script > Dispatcher Service... > Dec 11 10:12:01 Squid dbus-daemon[878]: [system] Successfully > activated service 'org.freedesktop.nm_dispatcher' > Dec 11 10:12:01 Squid systemd[1]: Started Network Manager Script > Dispatcher Service. > Dec 11 10:12:01 Squid nm-dispatcher: req:1 'connectivity-change': new > request (1 scripts) > Dec 11 10:12:01 Squid nm-dispatcher: req:1 'connectivity-change': > start running ordered scripts... > Dec 11 10:12:01 Squid NetworkManager[17463]: > [1544541121.4951] dhcp4 (wlp4s0): canceled DHCP transaction, DHCP > client pid 17430 > Dec 11 10:12:01 Squid NetworkManager[17463]: > [1544541121.4951] dhcp4 (wlp4s0): state changed bound -> done > Dec 11 10:12:01 Squid avahi-daemon[961]: Withdrawing address record > for 10.38.83.150 on wlp4s0. > Dec 11 10:12:01 Squid avahi-daemon[961]: Leaving mDNS multicast group > on interface wlp4s0.IPv4 with address 10.38.83.150. > Dec 11 10:12:01 Squid kernel: [510680.306141] wlp4s0: > deauthenticating from 88:1d:fc:e2:f0:1d by local choice (Reason: > 3=DEAUTH_LEAVING) > Dec 11 10:12:01 Squid wpa_supplicant[963]: wlp4s0: CTRL-EVENT- > DISCONNECTED bssid=88:1d:fc:e2:f0:1d reason=3 locally_gen
Adhoc via dbus API?
Hi, I just started using the python dbus API, but am having some difficulties, hoping someone here might be able to help me? (I did find the old thread in this list with an example script but API has changed so much that no longer works even with significant changes). In brief: - I can successfully configure and use an ADHOC network using (1) manual edits of host file (after disabling NetworkManager), and (2) using iwconfig. - I can create an ADHOC with nm-applette gui but cannot connect to it. - What I need to do is create an adhoc with dbus but the attached script which works perfectly to create a hotspot (with mode 'ap') fails with bellow syslog messages when mode is 'adhoc' It looks like it creates the connection fine and even attempts to activate but then hits some weird authentication issue I can't debug? Any chance someone has a working dbus API Adhoc network setup script they could share with me? */var/log/syslog* Dec 11 10:12:01 Squid NetworkManager[17463]: [1544541121.4386] keyfile: add connection /etc/NetworkManager/system-connections/MyAdhoc-bac3019c-6be0-4d07-9617-c91a5438f422 (bac3019c-6be0-4d07-9617-c91a5438f422,"MyAdhoc") Dec 11 10:12:01 Squid NetworkManager[17463]: [1544541121.4397] audit: op="connection-add" uuid="bac3019c-6be0-4d07-9617-c91a5438f422" name="MyAdhoc" pid=18019 uid=1000 result="success" Dec 11 10:12:01 Squid NetworkManager[17463]: [1544541121.4479] device (wlp4s0): disconnecting for new activation request. Dec 11 10:12:01 Squid NetworkManager[17463]: [1544541121.4479] device (wlp4s0): state change: activated -> deactivating (reason 'new-activation', sys-iface-state: 'managed') Dec 11 10:12:01 Squid NetworkManager[17463]: [1544541121.4480] manager: NetworkManager state is now CONNECTED_LOCAL Dec 11 10:12:01 Squid NetworkManager[17463]: [1544541121.4594] audit: op="connection-activate" uuid="bac3019c-6be0-4d07-9617-c91a5438f422" name="MyAdhoc" pid=18019 uid=1000 result="success" Dec 11 10:12:01 Squid dbus-daemon[878]: [system] Activating via systemd: service name='org.freedesktop.nm_dispatcher' unit='dbus-org.freedesktop.nm-dispatcher.service' requested by ':1.5229' (uid=0 pid=17463 comm="/usr/sbin/NetworkManager --no-daemon " label="unconfined") Dec 11 10:12:01 Squid NetworkManager[17463]: [1544541121.4600] device (wlp4s0): state change: deactivating -> disconnected (reason 'new-activation', sys-iface-state: 'managed') Dec 11 10:12:01 Squid avahi-daemon[961]: Withdrawing address record for fe80::d80d:7c02:f195:d84f on wlp4s0. Dec 11 10:12:01 Squid avahi-daemon[961]: Leaving mDNS multicast group on interface wlp4s0.IPv6 with address fe80::d80d:7c02:f195:d84f. Dec 11 10:12:01 Squid avahi-daemon[961]: Interface wlp4s0.IPv6 no longer relevant for mDNS. Dec 11 10:12:01 Squid systemd[1]: Starting Network Manager Script Dispatcher Service... Dec 11 10:12:01 Squid dbus-daemon[878]: [system] Successfully activated service 'org.freedesktop.nm_dispatcher' Dec 11 10:12:01 Squid systemd[1]: Started Network Manager Script Dispatcher Service. Dec 11 10:12:01 Squid nm-dispatcher: req:1 'connectivity-change': new request (1 scripts) Dec 11 10:12:01 Squid nm-dispatcher: req:1 'connectivity-change': start running ordered scripts... Dec 11 10:12:01 Squid NetworkManager[17463]: [1544541121.4951] dhcp4 (wlp4s0): canceled DHCP transaction, DHCP client pid 17430 Dec 11 10:12:01 Squid NetworkManager[17463]: [1544541121.4951] dhcp4 (wlp4s0): state changed bound -> done Dec 11 10:12:01 Squid avahi-daemon[961]: Withdrawing address record for 10.38.83.150 on wlp4s0. Dec 11 10:12:01 Squid avahi-daemon[961]: Leaving mDNS multicast group on interface wlp4s0.IPv4 with address 10.38.83.150. Dec 11 10:12:01 Squid kernel: [510680.306141] wlp4s0: deauthenticating from 88:1d:fc:e2:f0:1d by local choice (Reason: 3=DEAUTH_LEAVING) Dec 11 10:12:01 Squid wpa_supplicant[963]: wlp4s0: CTRL-EVENT-DISCONNECTED bssid=88:1d:fc:e2:f0:1d reason=3 locally_generated=1 Dec 11 10:12:01 Squid avahi-daemon[961]: Interface wlp4s0.IPv4 no longer relevant for mDNS. Dec 11 10:12:01 Squid NetworkManager[17463]: [1544541121.5097] device (wlp4s0): Activation: starting connection 'MyAdhoc' (bac3019c-6be0-4d07-9617-c91a5438f422) Dec 11 10:12:01 Squid NetworkManager[17463]: [1544541121.5105] sup-iface[0x562fafaded90,wlp4s0]: connection disconnected (reason -3) Dec 11 10:12:01 Squid NetworkManager[17463]: [1544541121.5106] device (wlp4s0): supplicant interface state: completed -> disconnected Dec 11 10:12:01 Squid nm-dispatcher: req:2 'down' [wlp4s0]: new request (1 scripts) Dec 11 10:12:01 Squid NetworkManager[17463]: [1544541121.5171] device (wlp4s0): state change: disconnected -> prepare (reason 'none', sys-iface-state: 'managed') Dec 11 10:12:01 Squid nm-dispatcher: req:2 'down' [wlp4s0]: start running ordered scripts... Dec 11 10:12:01 Squid NetworkManager[17463]: [1544541121.5173] manager: NetworkManager state is now CONNECTING Dec 11 10:12:01 Squid NetworkManager[17463]: [15445
Re: Access Point & WPA2
On Tue, 2018-12-11 at 10:58 +0100, Thomas Haller wrote: > On Tue, 2018-12-11 at 10:41 +0200, Berend De Schouwer wrote: > > On Mon, 2018-12-10 at 17:22 +0100, Thomas Haller wrote: > > > On Mon, 2018-12-10 at 12:15 +0200, Berend De Schouwer via > > Hi Berend, > > > : ifindex=3 (wlan0) alg=4 > addr=0xe5906648 key_idx=4 set_tx=1 seq_len=0 key_len=16 > nl80211: set_key failed; err=-22 Invalid argument) > WPA: group state machine entering state FATAL_FAILURE > > Beniamino said, "alg=4 is the IGTK, that should be required by PMF." > Maybe try: > > nmcli connection modify "$PROFILE" wifi.pmf disable > > and reactivate the profile. That fixed it! Thanks Beniamino and Thomas. wifi.pmf disable resulted in alg=2: Dec 11 12:35:16 morgue.deschouwer.co.za NetworkManager[839]: [1544524516.5910] device (wlan0): Activation: (wifi) Stage 2 of 5 (Device Configure) successful. Started Wi-Fi Hotspot 'HotelGUI'. Dec 11 12:35:16 morgue.deschouwer.co.za wpa_supplicant[2426]: wpa_driver_nl80211_set_key: ifindex=3 (wlan0) alg=2 addr=0xce5e1648 key_idx=1 set_tx=1 seq_len=0 key_len=32 Dec 11 12:35:16 morgue.deschouwer.co.za wpa_supplicant[2426]: nl80211: KEY_DATA - hexdump(len=32): [REMOVED] Dec 11 12:35:16 morgue.deschouwer.co.za wpa_supplicant[2426]:broadcast key Dec 11 12:35:16 morgue.deschouwer.co.za wpa_supplicant[2426]: nl80211: Set wlan0 operstate 0->1 (UP) Dec 11 12:35:16 morgue.deschouwer.co.za wpa_supplicant[2426]: netlink: Operstate: ifindex=3 linkmode=-1 (no change), operstate=6 (IF_OPER_UP) Dec 11 12:35:16 morgue.deschouwer.co.za wpa_supplicant[2426]: wlan0: interface state UNINITIALIZED->ENABLED Dec 11 12:35:16 morgue.deschouwer.co.za wpa_supplicant[2426]: wlan0: AP-ENABLED Dec 11 12:35:16 morgue.deschouwer.co.za wpa_supplicant[2426]: wlan0: State: SCANNING -> COMPLETED > best, > Thomas > > > > PS: it would be better to reply to the mailing list, and not me > personally. Because so nobody else can help, and it's also not > helpful > for others. And if you paste text (the logfile) into the email, it > would be nice to make sure that the lines are not wrapped. > Preferably, > attach the file to the email instead. Thanks!! It was my intention to mail the list, but I didn't check the To: field after hitting 'reply'. My mistake. Sorry. > > > networkmanager-list wrote: > > > > Hi, > > > > > > > > I've got a system running 1.12.4 that I've got trouble setting > > > > up > > > > as > > > > an > > > > access point. > > > > > > > > I can set it up using hostapd, and NetworkManager without WPA, > > > > but > > > > cannot configure using NetworkManager with WPA. > > > > > > > > I've tried with a few different options, using the GUI and > > > > nmcli, > > > > and > > > > I > > > > keep seeing: > > > > > > > > Using interface wlan0 with hwaddr r:a:n:d:o:m and ssid > > > > "TestNet" > > > > Interface initialization failed > > > > wlan0: interface state UNINITIALIZED->DISABLED > > > > wlan0: Unable to setup interface > > > > Failed to initialize AP interface > > > > wlan0: interface state DISABLED->DISABLED > > > > wlan0: AP-DISABLED > > > > hostapd_free_hapd_data: Interface wlan0 wasn't started > > > > > > > > > > > > I've noticed that hostapd needs to bring wlan0 down first, > > > > can't > > > > change > > > > modes to AP while wlan0 is up. > > > > > > > > I've also noticed "Note: nl80211 driver interface is not > > > > designed > > > > to > > > > be > > > > used with ap_scan=2; this can result in connection failures" > > > > which > > > > seems to be a normal message for AP configuration. > > > > > > > > Hardware: > > > > Bus 001 Device 020: ID 148f:3070 Ralink Technology, Corp. > > > > RT2870/RT3070 > > > > Wireless Adapter > > > > > > > > > > > > What do I look at next? > > > > > > Hi, > > > > > > I don't think hostapd matters much, because NetworkManager uses > > > wpa_supplicant's AP functionality (of course, wpa_supplicant and > > > hostapd are the same project, so they share code). > > > > I just mentioned that to prove the hardware could do it. I tried > > to > > set nmcli equivalent. > > > > > > > Is the quoted log from from wpa_supplicant? > > > > Yes, as started by NetworkManager > > > > > > > I'd suggest, to enable level=TRACE logging for NetworkManager > > > (see > > > [1]) > > > and debug logging to wpa_supplicant, and look at the logs. > > > If possible, provide them here. > > > > I've done so at the bottom of this e-mail. > > > > NetworkManager and wpa_supplicant debug separate. > > > > > > > https://cgit.freedesktop.org/NetworkManager/NetworkManager/tree/contrib/fedora/rpm/NetworkManager.conf#n28 > > > > > > > > > Sometimes, changing the MAC address trips up supplicant or the > > > driver. > > > You could disable that, see: > > > https://cgit.freedesktop.org/NetworkManager/NetworkManager/tree/examples/nm-conf.d/31-mac-addr-change.conf?id=8dfa903a9d6d558cac684c9a3b15bb685a369aad > > > > Tried disabling mac-address randomization. It didn't h
Re: Using both VPN and non-VPN (default route non-VPN)
btw bing works with both: galex-713@portable:~$ ping -c1 -I tun0 ifconfig.me PING ifconfig.me (216.239.32.21) from 89.234.186.82 tun0: 56(84) bytes of data. 64 bytes from any-in-2015.1e100.net (216.239.32.21): icmp_seq=1 ttl=55 time=32.8 ms --- ifconfig.me ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 32.877/32.877/32.877/0.000 ms galex-713@portable:~$ ping -c1 -I enp0s25 ifconfig.me PING ifconfig.me (216.239.32.21) from 192.168.1.38 enp0s25: 56(84) bytes of data. 64 bytes from any-in-2015.1e100.net (216.239.32.21): icmp_seq=1 ttl=57 time=10.2 ms --- ifconfig.me ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 10.220/10.220/10.220/0.000 ms ___ networkmanager-list mailing list networkmanager-list@gnome.org https://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Using both VPN and non-VPN (default route non-VPN)
I said it already: it timeouts or stay still forever without receiving any answer whenever I try to use another interface. For instance, currently I didn’t check the checkbox, so by default it uses tun0, and if I want to use the other interface (currently rj45 cable, that is enp0s25), here what I see: galex-713@portable:~$ curl --interface tun0 ifconfig.me; echo 89.234.186.82 galex-713@portable:~$ curl --interface enp0s25 ifconfig.me; echo And I keep a blank line with that command staying still forever until I do Ctrl+C or I disconnect. If I check that checkbox and enp0s25 becomes the default, the opposite happen: I can do that with enp0s25, but tun0 stop being usable. ___ networkmanager-list mailing list networkmanager-list@gnome.org https://mail.gnome.org/mailman/listinfo/networkmanager-list
