Thanks to visit codestin.com
Credit goes to github.com

Skip to content

OpenBSD 6.1, 6.2, 6.3 client fails with IOError: [Errno 19] Operation not supported by device #219

Closed
#282
Closed
OpenBSD 6.1, 6.2, 6.3 client fails with IOError: [Errno 19] Operation not supported by device#219
#282
Labels
OpenBSD
@scottwalters

Description

@scottwalters
scottwalters
opened on Apr 11, 2018
Starting sshuttle proxy.
firewall manager: Starting firewall with Python version 2.7.14
firewall manager: ready method name pf.
IPv6 enabled: True
UDP enabled: False
DNS enabled: False
User enabled: False
Binding redirector: 12300
TCP redirector listening on ('::1', 12300, 0, 0).
TCP redirector listening with <socket._socketobject object at 0x520de92fb40>.
TCP redirector listening on ('127.0.0.1', 12300).
TCP redirector listening with <socket._socketobject object at 0x520b496f280>.
Starting client with Python version 2.7.14
c : connecting to server...
c : executing: ['ssh', '[email protected]', '--', 'exec /bin/sh -c \'P=python3; $P -V 2>/dev/null || P=python; exec "$P" -c \'"\'"\'import sys, os; verbosity=3; sys.stdin = os.fdopen(0, "rb"); exec(compile(sys.stdin.read(1082), "assembler.py", "exec"))\'"\'"\'\'']
c :  > channel=0 cmd=PING len=7 (fullness=0)
server: assembling u'sshuttle' (8 bytes)
server: assembling u'sshuttle.cmdline_options' (61 bytes)
server: assembling u'sshuttle.helpers' (942 bytes)
server: assembling u'sshuttle.ssnet' (5648 bytes)
server: assembling u'sshuttle.hostwatch' (2387 bytes)
server: assembling u'sshuttle.server' (3776 bytes)
Starting server with Python version 2.7.3
 s: latency control setting = True
 s: available routes:
 s:   2/45.33.22.0/24
 s:  > channel=0 cmd=PING len=7 (fullness=0)
 s:  > channel=0 cmd=ROUTES len=16 (fullness=7)
 s: Waiting: 1 r=[4] w=[5] x=[] (fullness=23/0)
 s:   Ready: 1 r=[] w=[5] x=[]
 s: mux wrote: 15/15
c : Connected.
c : Waiting: 2 r=[4, 7, 10] w=[10] x=[] (fullness=7/0)
c :   Ready: 2 r=[10] w=[10] x=[]
c : <  channel=0 cmd=PING len=7
c :  > channel=0 cmd=PONG len=7 (fullness=7)
c : mux wrote: 15/15
c : mux wrote: 15/15
c : Waiting: 2 r=[4, 7, 10] w=[] x=[] (fullness=14/0)
 s: Waiting: 1 r=[4] w=[5] x=[] (fullness=23/0)
c :   Ready: 2 r=[10] w=[] x=[]
c : <  channel=0 cmd=ROUTES len=16
 s:   Ready: 1 r=[] w=[5] x=[]
 s: mux wrote: 24/24
 s: Waiting: 1 r=[4] w=[] x=[] (fullness=23/0)
firewall manager: Got subnets: [(2, 0, False, '0.0.0.0', 0, 0), (2, 32, True, '127.0.0.1', 0, 0), (24, 128, True, '::1', 0, 0)]
firewall manager: Got nslist: []
firewall manager: Got ports: 12300,12300,0,0
firewall manager: Got udp: False, user: None
firewall manager: setting up.
firewall manager: setting up IPv6.
>> pfctl -s Interfaces -i lo -v
>> pfctl -s all
firewall manager: undoing changes.
firewall manager: undoing IPv6 changes.
>> pfctl -a sshuttle6-12300 -F all
firewall manager: Error trying to undo IPv6 firewall.
---> Traceback (most recent call last):
--->   File "/usr/local/lib/python2.7/site-packages/sshuttle-0.78.5.dev0+ng6ec42ad.d20180411-py2.7.egg/sshuttle/firewall.py", line 257, in main
--->     method.restore_firewall(port_v6, socket.AF_INET6, udp, user)
--->   File "/usr/local/lib/python2.7/site-packages/sshuttle-0.78.5.dev0+ng6ec42ad.d20180411-py2.7.egg/sshuttle/methods/pf.py", line 474, in restore_firewall
--->     pf.disable(pf_get_anchor(family, port))
--->   File "/usr/local/lib/python2.7/site-packages/sshuttle-0.78.5.dev0+ng6ec42ad.d20180411-py2.7.egg/sshuttle/methods/pf.py", line 71, in disable
--->     pfctl('-a %s -F all' % anchor)
--->   File "/usr/local/lib/python2.7/site-packages/sshuttle-0.78.5.dev0+ng6ec42ad.d20180411-py2.7.egg/sshuttle/methods/pf.py", line 396, in pfctl
--->     raise Fatal('%r returned %d' % (argv, p.returncode))
---> Fatal: ['pfctl', '-a', 'sshuttle6-12300', '-F', 'all'] returned 1
firewall manager: undoing IPv4 changes.
>> pfctl -a sshuttle-12300 -F all
firewall manager: Error trying to undo IPv4 firewall.
firewall manager: ---> Traceback (most recent call last):
firewall manager: --->   File "/usr/local/lib/python2.7/site-packages/sshuttle-0.78.5.dev0+ng6ec42ad.d20180411-py2.7.egg/sshuttle/firewall.py", line 270, in main
firewall manager: --->     method.restore_firewall(port_v4, socket.AF_INET, udp, user)
firewall manager: --->   File "/usr/local/lib/python2.7/site-packages/sshuttle-0.78.5.dev0+ng6ec42ad.d20180411-py2.7.egg/sshuttle/methods/pf.py", line 474, in restore_firewall
firewall manager: --->     pf.disable(pf_get_anchor(family, port))
firewall manager: --->   File "/usr/local/lib/python2.7/site-packages/sshuttle-0.78.5.dev0+ng6ec42ad.d20180411-py2.7.egg/sshuttle/methods/pf.py", line 71, in disable
firewall manager: --->     pfctl('-a %s -F all' % anchor)
firewall manager: --->   File "/usr/local/lib/python2.7/site-packages/sshuttle-0.78.5.dev0+ng6ec42ad.d20180411-py2.7.egg/sshuttle/methods/pf.py", line 396, in pfctl
firewall manager: --->     raise Fatal('%r returned %d' % (argv, p.returncode))
firewall manager: ---> Fatal: ['pfctl', '-a', 'sshuttle-12300', '-F', 'all'] returned 1
firewall manager: undoing /etc/hosts changes.
Traceback (most recent call last):
  File "/usr/local/bin/sshuttle", line 11, in <module>
    load_entry_point('sshuttle==0.78.5.dev0+ng6ec42ad.d20180411', 'console_scripts', 'sshuttle')()
  File "/usr/local/lib/python2.7/site-packages/sshuttle-0.78.5.dev0+ng6ec42ad.d20180411-py2.7.egg/sshuttle/cmdline.py", line 26, in main
    return firewall.main(opt.method, opt.syslog)
  File "/usr/local/lib/python2.7/site-packages/sshuttle-0.78.5.dev0+ng6ec42ad.d20180411-py2.7.egg/sshuttle/firewall.py", line 212, in main
    user)
  File "/usr/local/lib/python2.7/site-packages/sshuttle-0.78.5.dev0+ng6ec42ad.d20180411-py2.7.egg/sshuttle/methods/pf.py", line 462, in setup_firewall
    pf.add_anchors(anchor)
  File "/usr/local/lib/python2.7/site-packages/sshuttle-0.78.5.dev0+ng6ec42ad.d20180411-py2.7.egg/sshuttle/methods/pf.py", line 274, in add_anchors
    super(OpenBsd, self).add_anchors(anchor)
  File "/usr/local/lib/python2.7/site-packages/sshuttle-0.78.5.dev0+ng6ec42ad.d20180411-py2.7.egg/sshuttle/methods/pf.py", line 116, in add_anchors
    self._add_anchor_rule(self.PF_PASS, anchor.encode('ASCII'))
  File "/usr/local/lib/python2.7/site-packages/sshuttle-0.78.5.dev0+ng6ec42ad.d20180411-py2.7.egg/sshuttle/methods/pf.py", line 129, in _add_anchor_rule
    ioctl(pf_get_dev(), pf.DIOCCHANGERULE, pr)
IOError: [Errno 19] Operation not supported by device
 s:   Ready: 1 r=[4] w=[] x=[]
 s: <  channel=0 cmd=PING len=7
 s:  > channel=0 cmd=PONG len=7 (fullness=23)
 s: <  channel=0 cmd=PONG len=7
 s: received PING response
 s: mux wrote: 15/15
 s: Waiting: 1 r=[4] w=[] x=[] (fullness=0/0)
c : fatal: cleanup: ['/usr/local/bin/python', '/usr/local/bin/sshuttle', '-v', '-v', '-v', '--method', 'auto', '--firewall'] returned 1
 s:   Ready: 1 r=[4] w=[] x=[]

It looks like pfioc_rule may have changed:

             struct pfioc_rule {
                     u_int32_t       action;                   0                    +0
                     u_int32_t       ticket;                                        +4
                     u_int32_t       nr;                                            +8
                     char            anchor[PATH_MAX];                             +12
                     char            anchor_call[PATH_MAX];    sshuttle6-12300   +1036
                     struct pf_rule  rule;                       6                +2060
             };

And I'm not sure about the value that goes in to pfioc_rule.rule. It's putting uint 32 6 in there instead of an enormous pf_rule struct.

I didn't checkout OpenBSD and do a git history on /usr/include/net/pfvar.h etc, so it just looks at a glance to me like this maybe this changed out from under you.

Metadata

Metadata

Assignees

No one assigned

    Labels

    OpenBSD

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions