On 06/06/2016 11:07 AM, Skyflyer wrote: > With the new OTA-11 and Username/Password working (1567389 > <https://bugs.launchpad.net/ubuntu/+source/indicator-network/+bug/1567389>)my > vpn tunnel is operational. I was surprised to find the config file > writable (/etc/NetworkManager/system-connections/) and I had to edit > it with auth=SHA512 to get it working. Now I'm having some side > affects. I've also enabled ufw with : > > phablet@ubuntu-phablet:/etc/NetworkManager/system-connections$ sudo > ufw status verbose > Status: active > Logging: on (medium) > Default: deny (incoming), deny (outgoing), disabled (routed) > New profiles: skip > To Action From > -- ------ ---- > 22 ALLOW IN 192.168.XX.XX > XXX.XXX.XXX.XXX ALLOW OUT Anywhere #To VPN > Anywhere ALLOW OUT 10.33.0.0/16 > > I can turn the vpn on/off with the toggle in Settings tab and all > connections are blocked except those that travel the tunnel. I'm > getting this in the ufw.log file: > UFW BLOCK] IN= OUT=wlan0 SRC=fe80:0000:0000:0000:b69d:0bff:fe4f:ffb9 > DST=ff02:0000:0000:0000:0000:0000:0000:0002 LEN=48 TC=0 HOPLIMIT=255 > FLOWLBL=0 PROTO=ICMPv6 TYPE=133 CODE=0 > > 1> Is there anyway to disable IPv6? I would expect to see an option > in WiFi settings... but surprisingly there are no WiFi options at all. > > 2> I'm seeing unusually long times checking for Updates (on vpn). I > get a Software Up to Date confirmation, but I suspect it is just a > time-out default message. I'm currently at about 5 minutes Checking > for updates. Off the vpn (ufw disable) it takes 5 - 10 seconds. >
Jun 6 11:12:16 ubuntu-phablet kernel: [ 7214.928646] (0)[11677:Qt HTTP thread][UFW AUDIT] IN= OUT=tun0 SRC=10.33.XX.XX DST=162.213.33.200 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=49715 DF PROTO=TCP SPT=57250 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0 Jun 6 11:12:37 ubuntu-phablet kernel: [ 7235.466507] (0)[3089:QSGRenderThread][UFW BLOCK] IN= OUT=tun0 SRC=192.168.XX.XX DST=91.189.88.157 LEN=83 TOS=0x00 PREC=0x00 TTL=64 ID=50999 DF PROTO=TCP SPT=41575 DPT=443 WINDOW=289 RES=0x00 ACK PSH FIN URGP=0 Think I found something... on the UFW BLOCK, SRC=192.168.XX.XX and OUT=tun0 ; that can't happen? It should be SRC=10.33.XX.XX (vpn ip) and OUT=tun0. DST=91.189.88.157 is Canonical server, which should explain why I can't check for Updates on vpn. > 3> The vpn may have caused the app store purchase failure that I > already posted about earlier today. > > Otherwise things seem to be working well. > ~Will Atwood > > > > > >
-- Mailing list: https://launchpad.net/~ubuntu-phone Post to : ubuntu-phone@lists.launchpad.net Unsubscribe : https://launchpad.net/~ubuntu-phone More help : https://help.launchpad.net/ListHelp
