Comments (34)
vieira
commented on May 26, 2024
Hello,
I tried to reproduce the problem on OSX10.11.2 (python 2.7.10 client; python 2.6.8 server) but was unable to. Is it happening with other servers?
While I was testing this I noticed that sshuttle is not properly cleaning up the ruleset on exit. I don't think that it is the cause of your issue but maybe you can try restarting your machine and see if the problem persists. You can also try with pr #37 although I am unsure if the problem you are experiencing is fixed there.
from sshuttle.
valmol
commented on May 26, 2024
Just updated to 10.11.2. Restarted.
Proxy still does not work. It is happening with other servers too.
from sshuttle.
vieira
commented on May 26, 2024
What kind of traffic? HTTP?
On 12 Dec 2015, at 19:31, Valeriy Molyakov [email protected] wrote:
Just updated to 10.1.2. Restarted.
Proxy still does not work. It is happening with other servers too.—
Reply to this email directly or view it on GitHub.
from sshuttle.
valmol
commented on May 26, 2024
i use sshuttle to connect to remote servers via ssh, connect to http servers, database servers etc.
all traffic to certain subnets shall be forwarded via a tunnel.
I have tried PR #37 - does not help.
from sshuttle.
brianmay
commented on May 26, 2024
Sounds very similar to #35 to me. Don't know what is going wrong, sorry. I note that the pf method doesn't log the pf rules being configured, maybe we should change that.
from sshuttle.
valmol
commented on May 26, 2024
Rules:
toyota:sshuttle vmolyakov$ sudo pfctl -a sshuttle -s rules
No ALTQ support in kernel
ALTQ related functions disabled
pass out route-to lo0 inet proto tcp from any to <forward_subnets> flags S/SA keep state
I also do not see anything in pf log
toyota:sshuttle vmolyakov$ sudo tcpdump -n -e -ttt -i pflog0
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on pflog0, link-type PFLOG (OpenBSD pflog file), capture size 262144 bytes
00:00:00.000000 rule 4294967295/8(ip-option): pass in on en0: 192.168.1.1 > 224.0.0.1: igmp query v2
no "pass out" entries when I tried to connect to external servers. It means that pf rules are not applied for some reason.
from sshuttle.
ethus3h
commented on May 26, 2024
(I reported #35)
Yeah, I'm using 10.11.1; I'll test again when I get around to updating to 10.11.2 and let you know if that fixes it. Thanks!
from sshuttle.
ethus3h
commented on May 26, 2024
(Oh also feel free to close #35 as a duplicate if you want; I think it might be the same issue as here)
from sshuttle.
brianmay
commented on May 26, 2024
What @molyakov posted doesn't list all the rules we setup. For example, the definition of <forward_subnets> is not given.
The latest version in git should output all of that in its debug output now.
from sshuttle.
valmol
commented on May 26, 2024
I have run latest version from repository:
vmolyakov:sshuttle vmolyakov$ sshuttle -r XXXX@XXXXX XXXX.216.10 -N -vv
Starting sshuttle proxy.
firewall manager: Starting firewall with Python version 2.7.10
firewall manager: ready method name pf.
UDP enabled: False
Binding redirector: 12300
TCP redirector listening on ('127.0.0.1', 12300).
TCP redirector listening with <socket._socketobject object at 0x110454980>.
Starting client with Python version 2.7.10
c : connecting to server...
c : executing: ['ssh', 'XXXX@XXXXXX', '--', 'P=python3.5; $P -V 2>/dev/null || P=python; exec "$P" -c \'import sys; verbosity=2; exec(compile(sys.stdin.read(890), "assembler.py", "exec"))\'']
########################################################
# #
# This system is for the use of authorized users only. #
# #
########################################################
Password:
c : > channel=0 cmd=PING len=7 (fullness=0)
server: assembling 'sshuttle' (8 bytes)
server: assembling 'sshuttle.cmdline_options' (27 bytes)
server: assembling 'sshuttle.helpers' (765 bytes)
server: assembling 'sshuttle.ssnet' (5506 bytes)
server: assembling 'sshuttle.hostwatch' (2307 bytes)
server: assembling 'sshuttle.server' (3047 bytes)
Starting server with Python version 2.6.6
s: latency control setting = True
s: available routes:
s: 2/10.XXX.136.64/27
s: 2/146.XXX.128.128/27
s: 2/XXX.XXX.140.0/26
s: 2/XXX.254.0.0/16
s: 2/XXX.254.0.0/16
s: > channel=0 cmd=PING len=7 (fullness=0)
s: > channel=0 cmd=ROUTES len=93 (fullness=7)
s: Waiting: 1 r=[4] w=[5] x=[] (fullness=100/0)
s: Ready: 1 r=[] w=[5] x=[]
s: mux wrote: 15/15
s: Waiting: 1 r=[4] w=[5] x=[] (fullness=100/0)
s: Ready: 1 r=[] w=[5] x=[]
s: mux wrote: 101/101
s: Waiting: 1 r=[4] w=[] x=[] (fullness=100/0)
c : Connected.
c : Waiting: 2 r=[8, 9] w=[9] x=[] (fullness=7/0)
c : Ready: 2 r=[9] w=[9] x=[]
c : < channel=0 cmd=PING len=7
c : > channel=0 cmd=PONG len=7 (fullness=7)
c : < channel=0 cmd=ROUTES len=93
firewall manager: Got subnets: [(2, 32, False, '10.150.135.166'), (2, 32, False, '139.114.216.10'), (2, 27, False, '10.158.136.64'), (2, 27, False, '146.213.128.128'), (2, 26, False, '153.110.140.0'), (2, 16, False, '169.254.0.0'), (2, 16, False, '169.254.0.0'), (2, 8, True, '127.0.0.0')]
firewall manager: Got nslist: []
firewall manager: Got ports: 0,12300,0,0
firewall manager: Got udp: False
firewall manager: setting up.
firewall manager: setting up IPv4.
>> pfctl -s all
>> pfctl -a sshuttle -f /dev/stdin
>> pfctl -E
c : mux wrote: 15/15
c : mux wrote: 15/15
c : Waiting: 2 r=[8, 9] w=[] x=[] (fullness=14/0)
s: Ready: 1 r=[4] w=[] x=[]
s: < channel=0 cmd=PING len=7
s: > channel=0 cmd=PONG len=7 (fullness=100)
s: mux wrote: 15/15
s: Waiting: 1 r=[4] w=[] x=[] (fullness=107/0)
c : Ready: 2 r=[9] w=[] x=[]
c : < channel=0 cmd=PONG len=7
c : received PING response
c : Waiting: 2 r=[8, 9] w=[] x=[] (fullness=0/0)
s: Ready: 1 r=[4] w=[] x=[]
s: < channel=0 cmd=PONG len=7
s: received PING response
s: Waiting: 1 r=[4] w=[] x=[] (fullness=0/0)
from sshuttle.
brianmay
commented on May 26, 2024
You need to use -vvv not just -vv to get the rules displayed.
from sshuttle.
valmol
commented on May 26, 2024
Output with pf rules:
vmolyakov:sshuttle vmolyakov$ sshuttle -r XXXX@XXXXXXX 10.150.135.166 139.114.216.10 -N -vvv
Starting sshuttle proxy.
firewall manager: Starting firewall with Python version 2.7.10
firewall manager: ready method name pf.
UDP enabled: False
Binding redirector: 12300
TCP redirector listening on ('127.0.0.1', 12300).
TCP redirector listening with <socket._socketobject object at 0x1087988a0>.
Starting client with Python version 2.7.10
c : connecting to server...
c : executing: ['ssh', 'XXXX@XXXXX', '--', 'P=python3.5; $P -V 2>/dev/null || P=python; exec "$P" -c \'import sys; verbosity=3; exec(compile(sys.stdin.read(890), "assembler.py", "exec"))\'']
[email protected]'s password:
c : > channel=0 cmd=PING len=7 (fullness=0)
server: assembling 'sshuttle' (8 bytes)
server: assembling 'sshuttle.cmdline_options' (27 bytes)
server: assembling 'sshuttle.helpers' (864 bytes)
server: assembling 'sshuttle.ssnet' (5500 bytes)
server: assembling 'sshuttle.hostwatch' (2308 bytes)
server: assembling 'sshuttle.server' (3048 bytes)
Starting server with Python version 2.6.6
s: latency control setting = True
s: available routes:
s: 2/146.213.0.128/27
s: 2/169.254.0.0/16
s: > channel=0 cmd=PING len=7 (fullness=0)
s: > channel=0 cmd=ROUTES len=36 (fullness=7)
s: Waiting: 1 r=[4] w=[5] x=[] (fullness=43/0)
s: Ready: 1 r=[] w=[5] x=[]
s: mux wrote: 15/15
s: Waiting: 1 r=[4] w=[5] x=[] (fullness=43/0)
s: Ready: 1 r=[] w=[5] x=[]
s: mux wrote: 44/44
s: Waiting: 1 r=[4] w=[] x=[] (fullness=43/0)
c : Connected.
c : Waiting: 2 r=[8, 9] w=[9] x=[] (fullness=7/0)
c : Ready: 2 r=[9] w=[9] x=[]
c : < channel=0 cmd=PING len=7
c : > channel=0 cmd=PONG len=7 (fullness=7)
c : < channel=0 cmd=ROUTES len=36
firewall manager: Got subnets: [(2, 32, False, '10.150.135.166'), (2, 32, False, '139.114.216.10'), (2, 27, False, '146.213.0.128'), (2, 16, False, '169.254.0.0'), (2, 8, True, '127.0.0.0')]
firewall manager: Got nslist: []
firewall manager: Got ports: 0,12300,0,0
firewall manager: Got udp: False
firewall manager: setting up.
firewall manager: setting up IPv4.
rules:
---> table <forward_subnets> {10.150.135.166/32,139.114.216.10/32,146.213.0.128/27,169.254.0.0/16,!127.0.0.0/8}
---> rdr pass on lo0 proto tcp to <forward_subnets> -> 127.0.0.1 port 12300
---> pass out route-to lo0 inet proto tcp to <forward_subnets> keep state
>> pfctl -s all
>> pfctl -a sshuttle -f /dev/stdin
>> pfctl -E
c : mux wrote: 15/15
c : mux wrote: 15/15
c : Waiting: 2 r=[8, 9] w=[] x=[] (fullness=14/0)
s: Ready: 1 r=[4] w=[] x=[]
s: < channel=0 cmd=PING len=7
s: > channel=0 cmd=PONG len=7 (fullness=43)
s: mux wrote: 15/15
s: Waiting: 1 r=[4] w=[] x=[] (fullness=50/0)
s: Ready: 1 r=[4] w=[] x=[]
s: < channel=0 cmd=PONG len=7
s: received PING response
s: Waiting: 1 r=[4] w=[] x=[] (fullness=0/0)
c : Ready: 2 r=[9] w=[] x=[]
c : < channel=0 cmd=PONG len=7
c : received PING response
c : Waiting: 2 r=[8, 9] w=[] x=[] (fullness=0/0)
``
from sshuttle.
valmol
commented on May 26, 2024
Just updated my previous comments by new debug output (after correct update of sources and re-install a tool)
from sshuttle.
John-K
commented on May 26, 2024
I'm running into the same issue:
sshuttle --python python2 -x 10.0.0.0/8 -r stealthy.ninja 0/0 -vvv
Starting sshuttle proxy.
firewall manager: Starting firewall with Python version 2.7.10
firewall manager: ready method name pf.
IPv6 enabled: False
UDP enabled: False
DNS enabled: False
Binding redirector: 12300
TCP redirector listening on ('127.0.0.1', 12300).
TCP redirector listening with <socket._socketobject object at 0x104ca12f0>.
Starting client with Python version 2.7.10
c : connecting to server...
c : executing: ['ssh', 'stealthy.ninja', '--', '\'python2\' -c \'import sys; verbosity=3; stdin=getattr(sys.stdin,"buffer",sys.stdin); exec(compile(stdin.read(915), "assembler.py", "exec"))\'']
Warning: Permanently added the ECDSA host key for IP address '192.241.233.215' to the list of known hosts.
c : > channel=0 cmd=PING len=7 (fullness=0)
server: assembling u'sshuttle' (8 bytes)
server: assembling u'sshuttle.cmdline_options' (27 bytes)
server: assembling u'sshuttle.helpers' (864 bytes)
server: assembling u'sshuttle.ssnet' (5500 bytes)
server: assembling u'sshuttle.hostwatch' (2334 bytes)
server: assembling u'sshuttle.server' (3089 bytes)
Starting server with Python version 2.7.11
s: latency control setting = True
s: available routes:
s: 2/192.241.233.0/24
s: > channel=0 cmd=PING len=7 (fullness=0)
s: > channel=0 cmd=ROUTES len=19 (fullness=7)
s: Waiting: 1 r=[4] w=[5] x=[] (fullness=26/0)
s: Ready: 1 r=[] w=[5] x=[]
s: mux wrote: 15/15
s: Waiting: 1 r=[4] w=[5] x=[] (fullness=26/0)
s: Ready: 1 r=[] w=[5] x=[]
c : Connected.
c : Waiting: 2 r=[7, 8] w=[8] x=[] (fullness=7/0)
c : Ready: 2 r=[8] w=[8] x=[]
c : < channel=0 cmd=PING len=7
c : > channel=0 cmd=PONG len=7 (fullness=7)
c : mux wrote: 15/15
c : mux wrote: 15/15
c : Waiting: 2 r=[7, 8] w=[] x=[] (fullness=14/0)
s: mux wrote: 27/27
s: Waiting: 1 r=[4] w=[] x=[] (fullness=26/0)
c : Ready: 2 r=[8] w=[] x=[]
c : < channel=0 cmd=ROUTES len=19
firewall manager: Got subnets: [(2, 0, False, '0.0.0.0'), (2, 8, True, '127.0.0.0'), (2, 8, True, '10.0.0.0')]
firewall manager: Got nslist: []
firewall manager: Got ports: 0,12300,0,0
firewall manager: Got udp: False
firewall manager: setting up.
firewall manager: setting up IPv4.
rules:
---> table <forward_subnets> {!127.0.0.0/8,!10.0.0.0/8,0.0.0.0/0}
---> rdr pass on lo0 proto tcp to <forward_subnets> -> 127.0.0.1 port 12300
---> pass out route-to lo0 inet proto tcp to <forward_subnets> keep state
>> pfctl -s all
>> pfctl -a sshuttle -f /dev/stdin
s: Ready: 1 r=[4] w=[] x=[]
s: < channel=0 cmd=PING len=7
s: > channel=0 cmd=PONG len=7 (fullness=26)
s: mux wrote: 15/15
s: Waiting: 1 r=[4] w=[] x=[] (fullness=33/0)
s: Ready: 1 r=[4] w=[] x=[]
s: < channel=0 cmd=PONG len=7
s: received PING response
s: Waiting: 1 r=[4] w=[] x=[] (fullness=0/0)
>> pfctl -E
c : < channel=0 cmd=PONG len=7
c : received PING response
c : Waiting: 2 r=[7, 8] w=[] x=[] (fullness=0/0)
from sshuttle.
vieira
commented on May 26, 2024
Could you give me any hints to reproduce this? I tried to reproduce this problem a few times but never managed to. Do you have some other rules on your pf? Have you ever enabled or configured your OSX firewall?
from sshuttle.
John-K
commented on May 26, 2024
I don't have any pf rules that I know of. Firewall is currently off but was certainly enabled at some point in the past.
from sshuttle.
achempion
commented on May 26, 2024
Have the same issue. It arised after switching to other PPPoE connection.
from sshuttle.
achempion
commented on May 26, 2024
Ok, I know what cause this issue. You need run pfctl -F all to flush all port forwarding rules. After that all works fine.
from sshuttle.
John-K
commented on May 26, 2024
I'll give this a shot and see if it resolves my issues as well
On Tuesday, February 16, 2016, Boris Kuznetsov [email protected]
wrote:
Ok, I know what cause this issue. You need run pfctl -F all to flush all
port forwarding rules. After that all works fine.—
Reply to this email directly or view it on GitHub
#43 (comment).
from sshuttle.
thshdw
commented on May 26, 2024
@achempion @John-K I'm using an older build with 10.11.3 https://github.com/sshuttle/sshuttle/tree/57d1cb1e119ac3a575fe25c3b73a2be2cfb92211
I can ssh to sites using reverse tunnels with no issues and when I exit the terminal I see the following
^CKilled by signal 2.
firewall manager: undoing changes.
>> pfctl -a sshuttle -F all
>> pfctl -X 11054111950947285861
c :
c : Keyboard interrupt: exiting.
from sshuttle.
vieira
commented on May 26, 2024
What rules were there before flushing? Are there any steps I can follow to reproduce getting those rules appended and sshuttle not working?
Thanks!
On 16 Feb 2016, at 21:27, Boris Kuznetsov [email protected] wrote:
Ok, I know what cause this issue. You need run pfctl -F all to flush all port forwarding rules. After that all works fine.
—
Reply to this email directly or view it on GitHub.
from sshuttle.
achempion
commented on May 26, 2024
@vieira Rules gone :) I think you need try to change network and NetBIOS name (System Preferences > Sharing > Computer name > Edit). That what I did to get this issue, I think.
from sshuttle.
havvg
commented on May 26, 2024
I'm encountering the same issue when running both commands. (OS X 10.11.3, sshuttle 0.75). Both commands are unable to connect to the hosts on the destination network (destination network is a Cisco IPSec VPN).
sshuttle -r overmind 172.16.0.0/12 -vv
Starting sshuttle proxy.
firewall manager: Starting firewall with Python version 2.7.10
firewall manager: ready method name pf.
IPv6 enabled: False
UDP enabled: False
DNS enabled: False
Binding redirector: 12300
TCP redirector listening on ('127.0.0.1', 12300).
TCP redirector listening with <socket._socketobject object at 0x10d9b7590>.
Starting client with Python version 2.7.10
c : connecting to server...
c : executing: ['ssh', 'overmind', '--', 'P=python3.5; $P -V 2>/dev/null || P=python; exec "$P" -c \'import sys; verbosity=2; stdin=getattr(sys.stdin,"buffer",sys.stdin); exec(compile(stdin.read(915), "assembler.py", "exec"))\'']
c : > channel=0 cmd=PING len=7 (fullness=0)
server: assembling u'sshuttle' (8 bytes)
server: assembling u'sshuttle.cmdline_options' (27 bytes)
server: assembling u'sshuttle.helpers' (864 bytes)
server: assembling u'sshuttle.ssnet' (5500 bytes)
server: assembling u'sshuttle.hostwatch' (2334 bytes)
server: assembling u'sshuttle.server' (3089 bytes)
Starting server with Python version 2.6.6
s: latency control setting = True
s: available routes:
s: 2/10.210.0.0/24
s: 2/172.30.63.0/24
s: 2/169.254.0.0/16
s: > channel=0 cmd=PING len=7 (fullness=0)
s: > channel=0 cmd=ROUTES len=50 (fullness=7)
c : Connected.
c : Waiting: 2 r=[8, 9] w=[9] x=[] (fullness=7/0)
c : Ready: 2 r=[] w=[9] x=[]
c : mux wrote: 15/15
s: Waiting: 1 r=[4] w=[5] x=[] (fullness=57/0)
s: Ready: 1 r=[] w=[5] x=[]
s: mux wrote: 15/15
c : < channel=0 cmd=PING len=7
c : > channel=0 cmd=PONG len=7 (fullness=7)
c : mux wrote: 15/15
c : Waiting: 2 r=[8, 9] w=[] x=[] (fullness=14/0)
s: Waiting: 1 r=[4] w=[5] x=[] (fullness=57/0)
s: Ready: 1 r=[] w=[5] x=[]
s: mux wrote: 58/58
s: Waiting: 1 r=[4] w=[] x=[] (fullness=57/0)
c : Ready: 2 r=[9] w=[] x=[]
c : < channel=0 cmd=ROUTES len=50
firewall manager: Got subnets: [(2, 12, False, '172.16.0.0'), (2, 8, True, '127.0.0.0')]
firewall manager: Got nslist: []
firewall manager: Got ports: 0,12300,0,0
firewall manager: Got udp: False
firewall manager: setting up.
firewall manager: setting up IPv4.
>> pfctl -s all
>> pfctl -a sshuttle -f /dev/stdin
s: Ready: 1 r=[4] w=[] x=[]
s: < channel=0 cmd=PING len=7
s: > channel=0 cmd=PONG len=7 (fullness=57)
s: < channel=0 cmd=PONG len=7
s: received PING response
s: mux wrote: 15/15
s: Waiting: 1 r=[4] w=[] x=[] (fullness=0/0)
>> pfctl -E
c : < channel=0 cmd=PONG len=7
c : received PING response
c : Waiting: 2 r=[8, 9] w=[] x=[] (fullness=0/0)
^Cfirewall manager: undoing changes.
Killed by signal 2.
firewall manager: undoing IPv4 changes.
>> pfctl -a sshuttle -F all
>> pfctl -X 6695040540956425419
firewall manager: undoing /etc/hosts changes.
c :
c : Keyboard interrupt: exiting.
sshuttle -x 0.0.0.0/8 -x 127.0.0.0/8 -x 169.254.0.0/16 -x 192.0.0.0/24 -r overmind 0/0 -vv
Starting sshuttle proxy.
firewall manager: Starting firewall with Python version 2.7.10
firewall manager: ready method name pf.
IPv6 enabled: False
UDP enabled: False
DNS enabled: False
Binding redirector: 12300
TCP redirector listening on ('127.0.0.1', 12300).
TCP redirector listening with <socket._socketobject object at 0x10ded7590>.
Starting client with Python version 2.7.10
c : connecting to server...
c : executing: ['ssh', 'overmind', '--', 'P=python3.5; $P -V 2>/dev/null || P=python; exec "$P" -c \'import sys; verbosity=2; stdin=getattr(sys.stdin,"buffer",sys.stdin); exec(compile(stdin.read(915), "assembler.py", "exec"))\'']
c : > channel=0 cmd=PING len=7 (fullness=0)
server: assembling u'sshuttle' (8 bytes)
server: assembling u'sshuttle.cmdline_options' (27 bytes)
server: assembling u'sshuttle.helpers' (864 bytes)
server: assembling u'sshuttle.ssnet' (5500 bytes)
server: assembling u'sshuttle.hostwatch' (2334 bytes)
server: assembling u'sshuttle.server' (3089 bytes)
Starting server with Python version 2.6.6
s: latency control setting = True
s: available routes:
s: 2/10.210.0.0/24
s: 2/172.30.63.0/24
s: 2/169.254.0.0/16
c : Connected.
c : Waiting: 2 r=[8, 9] w=[9] x=[] (fullness=7/0)
s: > channel=0 cmd=PING len=7 (fullness=0)
s: > channel=0 cmd=ROUTES len=50 (fullness=7)
c : Ready: 2 r=[] w=[9] x=[]
c : mux wrote: 15/15
c : Waiting: 2 r=[8, 9] w=[] x=[] (fullness=7/0)
s: Waiting: 1 r=[4] w=[5] x=[] (fullness=57/0)
s: Ready: 1 r=[] w=[5] x=[]
s: mux wrote: 15/15
c : Ready: 2 r=[9] w=[] x=[]
c : < channel=0 cmd=PING len=7
c : > channel=0 cmd=PONG len=7 (fullness=7)
c : mux wrote: 15/15
c : Waiting: 2 r=[8, 9] w=[] x=[] (fullness=14/0)
s: Waiting: 1 r=[4] w=[5] x=[] (fullness=57/0)
s: Ready: 1 r=[] w=[5] x=[]
s: mux wrote: 58/58
s: Waiting: 1 r=[4] w=[] x=[] (fullness=57/0)
c : Ready: 2 r=[9] w=[] x=[]
c : < channel=0 cmd=ROUTES len=50
firewall manager: Got subnets: [(2, 0, False, '0.0.0.0'), (2, 8, True, '127.0.0.0'), (2, 8, True, '0.0.0.0'), (2, 8, True, '127.0.0.0'), (2, 16, True, '169.254.0.0'), (2, 24, True, '192.0.0.0')]
firewall manager: Got nslist: []
firewall manager: Got ports: 0,12300,0,0
firewall manager: Got udp: False
firewall manager: setting up.
firewall manager: setting up IPv4.
>> pfctl -s all
>> pfctl -a sshuttle -f /dev/stdin
>> pfctl -E
s: Ready: 1 r=[4] w=[] x=[]
s: < channel=0 cmd=PING len=7
s: > channel=0 cmd=PONG len=7 (fullness=57)
s: mux wrote: 15/15
s: Waiting: 1 r=[4] w=[] x=[] (fullness=64/0)
s: Ready: 1 r=[4] w=[] x=[]
s: < channel=0 cmd=PONG len=7
s: received PING response
s: Waiting: 1 r=[4] w=[] x=[] (fullness=0/0)
c : < channel=0 cmd=PONG len=7
c : received PING response
c : Waiting: 2 r=[8, 9] w=[] x=[] (fullness=0/0)
^CKilled by signal 2.
firewall manager: undoing changes.
firewall manager: undoing IPv4 changes.
>> pfctl -a sshuttle -F all
>> pfctl -X 6695040540882176715
firewall manager: undoing /etc/hosts changes.
c :
c : Keyboard interrupt: exiting.
from sshuttle.
vieira
commented on May 26, 2024
Could you guys please post the output of the following commands (while sshuttle is running)?
pfctl -s Interfaces -v # checking for skip on lo or lo0
pfctl -s rules # checking for any conflicting rules in the main ruleset
pfctl -a sshuttle -s rules # checking that all rules in the sshuttle anchor were set
from sshuttle.
havvg
commented on May 26, 2024
@vieira I ran sshuttle -r overmind 172.16.0.0/12 -vv
sudo pfctl -s Interfaces -v
No ALTQ support in kernel
ALTQ related functions disabled
ALL
awdl0
bridge0
bridge100
en0
en1
en2
en4
gif0
lo0 (skip)
p2p0
stf0
utun0
utun1
utun2
vboxnet0
vboxnet1
vboxnet2
vboxnet3
sudo pfctl -s rules
No ALTQ support in kernel
ALTQ related functions disabled
scrub-anchor "com.apple/*" all fragment reassemble
scrub-anchor "com.apple.internet-sharing" all fragment reassemble
anchor "com.apple/*" all
anchor "com.apple.internet-sharing" all
anchor "sshuttle" all
sudo pfctl -a sshuttle -s rules
No ALTQ support in kernel
ALTQ related functions disabled
pass out route-to lo0 inet proto tcp from any to <forward_subnets> flags S/SA keep state
from sshuttle.
vieira
commented on May 26, 2024
@havvg Thanks a lot, that was helpful! I have some ideas now I will put to the test tomorrow.
from sshuttle.
vieira
commented on May 26, 2024
@havvg I was able to reproduce the problem you reported. e84a8df should fix it. I am not sure if this is the same problem that other people reported. It would be very helpful if someone else could test.
from sshuttle.
evanscottgray
commented on May 26, 2024
@vieira, I tested out the fix in e84a8df on the same version of OS X that @havvg was using with the lo0 (skip) issue and sshuttle works as intended now fwiw. Thanks for the fix!
from sshuttle.
John-K
commented on May 26, 2024
This also fixes the issue for me. Great work!
On Tue, Mar 1, 2016 at 10:44 PM, Evan Gray [email protected] wrote:
@vieira https://github.com/vieira, I tested out the fix in e84a8df
e84a8df
on the same version of OS X that @havvg https://github.com/havvg was
using with the lo0 (skip) issue and sshuttle works as intended now fwiw.
Thanks for the fix!—
Reply to this email directly or view it on GitHub
#43 (comment).
from sshuttle.
brianmay
commented on May 26, 2024
Closing due to reports that change (which was merged) fixes this.
from sshuttle.
havvg
commented on May 26, 2024
That was fast, @brianmay could you tag a new release so homebrew may update easily?
from sshuttle.
brianmay
commented on May 26, 2024
@havvg Have released version 0.77. Looks like I stuffed up the upload to pypi (forgot to pass the --sign parameter) so I may have to release version 0.78 shortly to rectify this.
from sshuttle.
havvg
commented on May 26, 2024
Indeed, there is no tarball available on pypi.
from sshuttle.
brianmay
commented on May 26, 2024
pypi is now fixed.
from sshuttle.
Related Issues (20)
- sw HOT 1
- Stopped working on MacOS Sonama HOT 7
- sshuttle seems to connect fine, but doesn't route traffic to the remote network HOT 1
- refused connections incorrectly get accepted HOT 5
- sshuttle woes with MacOS Sonoma HOT 8
- Sshutlle HOT 1
- failed to establish ssh session (2) HOT 1
- man page wrong, *buntu 22_04.3 HOT 5
- is there a way not to have sshuttle exit if one of the prefixes enter by domain name doesn't resolve ?
- Terminal broken with python3.12 HOT 19
- [Suggestion] Potential way to traffic UDP with udp-over-tcp
- [Feature Request] Forward to localhost
- use it to access services behind a gcloud IAP tunnel HOT 1
- Alternative connection backend (websockets)
- Sshuttle 1.1.1 not working on macOS Sonoma 14.1.1 HOT 7
- sshuttle fails when different sudo message appears.
- feature request: tunnel by process uid or gid
- Allowing local access to more specific local routes
- Why I can't connect to a remote VPS ? HOT 4
- cant open another ssh connection with sshuttle running
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from sshuttle.