vpn blocking on first run
Using bitmask 0.9.2rc2 on the first run after creating VPN starts but blocks all the connections outside. The second run works fine.
The output of ifconfig shows that the tun device is created:
tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:10.42.0.31 P-t-P:10.42.0.31 Mask:255.255.255.255
inet6 addr: 2001:db8:123::101d/64 Scope:Global
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:13 errors:0 dropped:0 overruns:0 frame:0
TX packets:1 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:1701 (1.7 KB) TX bytes:62 (62.0 B)
But the route is not created:
Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 192.168.122.1 0.0.0.0 UG 100 0 0 ens3 169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 ens3 192.168.122.0 0.0.0.0 255.255.255.0 U 100 0 0 ens3 198.252.153.84 192.168.122.1 255.255.255.255 UGH 0 0 0 ens3
And iptables is configured to block traffic:
Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination bitmask all -- anywhere anywhere Chain bitmask (1 references) target prot opt source destination ACCEPT all -- anywhere 192.168.122.0/24 ACCEPT udp -- 192.168.122.0/24 anywhere udp dpt:domain ACCEPT tcp -- 192.168.122.0/24 anywhere tcp dpt:domain RETURN udp -- anywhere 239.255.255.250 udp dpt:1900 RETURN udp -- anywhere 224.0.0.251 udp dpt:mdns ACCEPT all -- anywhere millipede.leap.se ACCEPT all -- anywhere otter.bitmask.net REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
I attach the log.
(from redmine: created on 2016-04-27)