Murus hanging on open after configuration

Murus
hany
Posts: 481
Joined: Wed Dec 10, 2014 5:20 pm

Re: Murus hanging on open after configuration

Post by hany » Fri Mar 27, 2015 11:41 pm

Ok, I bet this version will work..... :D :D :D
I modified the code that checks for .plist file. This version still shows the ugly debug window. In case the fix works, I will immediately send you a "clean" 1.1.2 working version without the ugly debug window.

http://www.murusfirewall.com/murus-1.1.2debug2.zip

P.S.
are you using english as primary language on your OS X?

crazyc
Posts: 21
Joined: Thu Mar 26, 2015 1:37 am

Re: Murus hanging on open after configuration

Post by crazyc » Sat Mar 28, 2015 12:26 pm

hany wrote:Ok, I bet this version will work..... :D :D :D
I modified the code that checks for .plist file. This version still shows the ugly debug window. In case the fix works, I will immediately send you a "clean" 1.1.2 working version without the ugly debug window.

http://www.murusfirewall.com/murus-1.1.2debug2.zip

P.S.
are you using english as primary language on your OS X?
Ok, I will try it sometime today and let you know. No time right now, but I'll get to it. Yes, English is primary.

crazyc
Posts: 21
Joined: Thu Mar 26, 2015 1:37 am

Re: Murus hanging on open after configuration

Post by crazyc » Sat Mar 28, 2015 9:37 pm

Same thing. Screenshot attached. I'll see if I can do another install of Yosemite tomorrow, but I really don't think that's the problem, maybe, but not likely.
Screen Shot 2015-03-28 at 5.35.04 PM.png
You do not have the required permissions to view the files attached to this post.

crazyc
Posts: 21
Joined: Thu Mar 26, 2015 1:37 am

Re: Murus hanging on open after configuration

Post by crazyc » Sun Mar 29, 2015 1:40 pm

I was putting together a list of things I need to duplicate my setup in a new partition.... it's more than I really want to get into and I still can't think of anything that would require that to be done. The only time I have decided to start over with a fresh install was for upgrading OSX, never for an app. I've repaired permissions and files and clones OSX over to other computers without ever re-installing. I hope you understand my reluctance to want to do that.

I do have another thought though.... what could you be caching in settings that could expire? The emerging threats list maybe? What about that causing a hang. If I close and restart the app a bunch of times, it's not reloading that every time it's launched, right?

Like I said previously.... I can get everything working fine. I can close and restart the app every step of the way, but if I finish up, close the app and come back later, it hangs on launch. I don't know the exact time frame, but let's say it's more than an hour, probably more than 2 hours.

There has to be something that is different from when I initially launch and configure until the next time I'm opening the app. Any other dynamically created files, logs, rules, etc, that could be generated and loaded in at launch which could cause a hang? Blocks or access logs for custom services maybe? The stock settings file is fine, so it has to be related to custom services. I assure you that there isn't anything weird about my config.

- en3 is the WAN port, bond0 is the lan port (link aggregate)
- basic services and dynamic ports open to WAN
- VNC and SSH to Mac Pro (router) open to everyone (tried BFD on and off for SSH)
- VNC, SSH on to NAT, open on separate port to WAN, forwarded to standard port on LAN with LAN IP
- a few other custom ports open to 2 other LAN IPs.

I haven't even gotten into the special rules to get my DNS lookups working from the LAN side of the NAT. Well, I did, but removed them prior to the last time I configured the whole setup.

hany
Posts: 481
Joined: Wed Dec 10, 2014 5:20 pm

Re: Murus hanging on open after configuration

Post by hany » Sun Mar 29, 2015 10:54 pm

I was putting together a list of things I need to duplicate my setup in a new partition.... it's more than I really want to get into and I still can't think of anything that would require that to be done. The only time I have decided to start over with a fresh install was for upgrading OSX, never for an app. I've repaired permissions and files and clones OSX over to other computers without ever re-installing. I hope you understand my reluctance to want to do that.
I perfectly understand you but I was not asking you to reinstall your main OS :D , just to take a spare HD and put it a quick 10.10.2 + murus and see if it works.
I do have another thought though.... what could you be caching in settings that could expire? The emerging threats list maybe? What about that causing a hang. If I close and restart the app a bunch of times, it's not reloading that every time it's launched, right?
the emerging threats autoupdate is managed by a totally independent process. It's a launchd item so it's not related with Murus.app. When Murus.app starts it does not check for emerging threats, it does not load and/or update the runtime pf table.
In your case, as you can see from the debug window, Murus hangs when checking if .plist file exists. The next step should be "load the plist". The strings in the debug window should be printed before the functions actually start. This means that the function that checks the .plist file does not reach its end, it hangs. This is absolutely non-sense. It is a very simple basic swift function, using standard apis end methods (NSFileManager.fileExistsAtPath).
I assure you that there isn't anything weird about my config.

- en3 is the WAN port, bond0 is the lan port (link aggregate)
- basic services and dynamic ports open to WAN
- VNC and SSH to Mac Pro (router) open to everyone (tried BFD on and off for SSH)
- VNC, SSH on to NAT, open on separate port to WAN, forwarded to standard port on LAN with LAN IP
- a few other custom ports open to 2 other LAN IPs.
This is not a complex configuration, anyway it does not sound like the best one to troubleshoot such a issue :)
Probably you should simplify it a bit. You should start from a very basic NAT setup without filtering, redirection rules, and link aggregate. Just configure a very basic dual homed router and let pass these 2-3 hours and see. Then slowly add new options to see which option is causing the issue. This is boring I, know.
Of course I would disable ALL extra features like proactivity, emerging threats, autoupdate...

I will send you a new build on monday, i will put a more verbose debug window so probably I will be able to understand why the function hangs.

crazyc
Posts: 21
Joined: Thu Mar 26, 2015 1:37 am

Re: Murus hanging on open after configuration

Post by crazyc » Sun Mar 29, 2015 11:15 pm

I did realize what you meant. I was over thinking the process, but it's still an issue. And my statement about never reinstalling is still accurate.

If you send another version with more verbose output, I'll try that first. If we still can't come to a conclusion, I'll try something, but shutting down this computer for the amount of time needed to test is the problem. I agree with you to take even smaller steps than I have been, but that means that everything on this machine isn't running for that time. (mostly the VM)
Even if I was to put the rest of the LAN back on the other router, the basic install won't allow the other apps to work.
I'll see if I can get another machine to run the VM. If I can do that, then there's no problem messing with the Mac Pro.... well... I dunno. It has multiple drives used by the network too. This thing has 8 drives attached to it, that I can't hook to the Mac Mini I have here. I'll put some thought into options and see what I can do if the next version doesn't help.
As much as I'm frustrated, I'm also the kind of person that won't give up either. If all other avenues of troubleshooting are exhausted, I'll make something work to try the same machine with a fresh Yosemite installation.

hany
Posts: 481
Joined: Wed Dec 10, 2014 5:20 pm

Re: Murus hanging on open after configuration

Post by hany » Mon Mar 30, 2015 1:06 pm

ok before making a new build I need you to clarify me something because I have a little confusion in my brain :)

1) you open Murus from scratch, it creates a new default plist
2) you click start, Murus starts PF. Install boot scripts, and reboot.
3) configure Murus with all you settings, click Start to apply
4) quit Murus and reopen Murus quickly a few times, to see if it works, as it should
5) leave Murus closed for, let's say, 2 hours
6) go back to you macpro, PF is still running ok in runtime, but you try to open Murus.app and it hangs.

Is this 100% correct? If it's correct, then:

1) once Murus hangs I suppose you force quit it, then you delete (or move) its plist (/Library/Preferences/it.murus.muruslibrary.plist)
2) you restart Murus, it does not find a plist, it creates a new one, then it opens correctly.

Is this correct? Then, if it's correct, then please do this test:

1) instead of deleting the buggy plist, when Murus hangs you have to force quit it then MOVE the plist somewhere to keep it.
2) restart Murus, it creates a new default plist and opens correctly
3) Quit Murus, DELETE the newly generated default plist, and put back the old "buggy" plist, and see if Murus opens.

In case Murus hangs then I need you to zip your buggy plist and send it to us.
Thanks

crazyc
Posts: 21
Joined: Thu Mar 26, 2015 1:37 am

Re: Murus hanging on open after configuration

Post by crazyc » Mon Mar 30, 2015 1:24 pm

Yes, you are 100% correct. That's exactly the situation and I HAVE already tried moving the .plist file, letting Murus generate a new one and then put my original back. I have gone as far as opening the newly generated and copy the settings from my original file into the new one.

And yes, firewall stays running correctly the whole time. Nothing changes unless I were to start Murus with a new .plist file and then hit start to apply the new settings.

I'm attaching my .plist file.
You do not have the required permissions to view the files attached to this post.

hany
Posts: 481
Joined: Wed Dec 10, 2014 5:20 pm

Re: Murus hanging on open after configuration

Post by hany » Mon Mar 30, 2015 3:32 pm

All this problems because you forgot to read page 18 of Murus manual when it is described how to correctly define a Murus service :) :D :D
You used "," to separate ports, while you should use spaces.
We will put more accurate control over services definition syntax in next build :)
There is another mistake: please do not put IPv6 addresses inside a NAT group, NAT is only for IPv4.
enjoy :)

crazyc
Posts: 21
Joined: Thu Mar 26, 2015 1:37 am

Re: Murus hanging on open after configuration

Post by crazyc » Mon Mar 30, 2015 3:59 pm

I forgot to read the manual? Seriously, who reads manuals? I used Icefloor for the last couple years on a few servers and when I opened Murus for the first time, it was so easy to configure, I never even looked at the manual. Oh, I lied. I did look at the NAT config for groups and allowed services.

Commas are standard for separating items like that. It was like that in Icefloor, except that ranges were separated with an underscore instead of a colon. The ONLY time I've ever had a problem with using commas to separate multiple items in a list was sshd_config. Don't use commas between users on the "AllowUsers" line or you'll lock yourself out. LOL :?

I wouldn't have even thought of that ever.

Of course, as a web programmer, I would write code to prevent users from entering incorrect information or if it got entered, not store it to the file, or filter it or something. LOL ;)

As far as the NAT, I just copied the local groups from the main groups. Will remove the IPV6.

YES, IT DOES ACTUALLY WORK NOW. I manually edited file to remove the commas and it opens just fine. I'm glad I didn't do a new install of OSX and spend hours troubleshooting that. :roll:

Post Reply