Jump to content
Not connected, Your IP: 18.216.104.106
Staff

Hummingbird 1.0.2 released

Recommended Posts

On 2/28/2020 at 12:09 PM, Staff said:

Thanks! So, you get a segmentation fault even when you disable network lock?

--network-lock off
Kind regards
 

nftables fails with a "Segmentation fault", but disabling it entirely as you've mentioned allows hummingbird to connect. Thanks for the help! That said, I would imagine I would want some sort of network lock? It may not be necessary with the container setup I have. I'll have to do some testing.
 

Share this post


Link to post

I've just realized I haven't praised Humminbirg yet. I'm loving it so far. Thanks!

Share this post


Link to post
@bm9vbmUK

Hello!

Please check here:
https://dockerquestions.com/2019/07/07/docker-debian-buster-nftables/
 
Quote


Docker is tightly coupled with the old iptables stuff. I do not blame anyone, nftables is quite mature and a good replacement for iptables. The problem is in libcontainer, there is no work done in order to support nftables.


Reading on the article, it seems expected that both iptables-legacy and nftables can not be used in Docker. In such a case, you need to consider manually a "network lock" solution. Classic iptables should have no problems but it is not available in your images as far as we know. By the way, if it is you should install it, make sure to purge nftables, and force Hummingbird to use iptables with  "--network-lock iptables"

Kind regards
 

Share this post


Link to post

Hi guys, big problem here running humminbird latest on MX Linux 19 (based on Debian 10 stable).

I cannot get internet connection anymore unless hummingbird is running.
It seems it is persistently locked my network even across reboots.

Here what I have tried so far, with no success:

crtl+c in terminal seems to kill it but actually it does not. I mean terminal displays that process is terminated but then I have no connection.

Then I tried: 

 

$ sudo ./hummingbird --recover-network
Hummingbird - AirVPN OpenVPN 3 Client 1.0.2 - 4 February 2020

It seems this program has properly exited in its last run and
it has already restored network settings on exit.

System has not been booted with systemd as init system (PID 1). Can't operate.
Failed to connect to bus: Host is down
System has not been booted with systemd as init system (PID 1). Can't operate.
Failed to connect to bus: Host is down
System has not been booted with systemd as init system (PID 1). Can't operate.
Failed to connect to bus: Host is down
System has not been booted with systemd as init system (PID 1). Can't operate.
Failed to connect to bus: Host is down
ERROR: Backup copy of resolv.conf not found.
ERROR: Backup copy of network filter not found.

Also, 
$ sudo rm /etc/airvpn/hummingbird.lock
[sudo] password for mx: 
rm: cannot remove '/etc/airvpn/hummingbird.lock': No such file or directory

and then:

etc/airvpn is empty so I have found nothing to delete.

I need to kill hummingbird to be able to get back my connection even when not using it.
I think it messed up my iptables so when humminbird is not running I can't connect.

Thanks for your support.

Share this post


Link to post

Hello!

You need to resolve this paramount problem first:

System has not been booted with systemd as init system (PID 1). Can't operate.
Failed to connect to bus: Host is down

Debian 10 is based on systemd, failure to start systemd will cause all sorts of problem. The current version of Hummingbird relies on systemd, so if it can't start Hummingbird will not operate correctly, we're sorry. Why is your Debian 10 based distribution unable to boot through systemd? As far as we know Debian 10 is not really usable without systemd.

EDIT: Hummingbird "evolution" into a daemon will support SysV-Init based systems.

Kind regards
 

Share this post


Link to post

MX Linux is based on Debian 10 but with systemd disabled (and actually for good reasons).

https://mxlinux.org/wiki/system/systemd/

I can enable it, if this would fix that problem and disable it later again.

EDIT: enabled systemd and now I get this:

 

$ sudo ./hummingbird --recover-network
Hummingbird - AirVPN OpenVPN 3 Client 1.0.2 - 4 February 2020

It seems this program has properly exited in its last run and
it has already restored network settings on exit.

ERROR: Backup copy of resolv.conf not found.
ERROR: Backup copy of network filter not found.

Still no connection without hummingbird running.

I have also checked etc/airvpn content and it is basically wiped out as soon as I CTRL+C hummingbird. 

I have checked resolv.conf files:

etc/resolv.conf file looks exactly identical to etc/airvpn/resolv.conf.airvpnbackup.
Both points to Airvpn nameserver.

When shutting down hummingbird, etc/resolv.conf still has an Airvpn nameserver, so maybe that is the problem. Should'nt have it a non-airvpn nameserver?

thanks.

Share this post


Link to post
3 hours ago, misam said:

MX Linux is based on Debian 10 but with systemd disabled (and actually for good reasons).


Hello!

No doubts, but Hummingbird can't run properly then. However, as we wrote, we will soon propose a daemon which will run even in SysV-init based systems.

Kind regards
 

Share this post


Link to post

ok I see but unfortunately this does not fix my problem now. So I repeat my question: shall I modify my resolv.conf file or not? Thanks.

Share this post


Link to post
1 hour ago, misam said:

ok I see but unfortunately this does not fix my problem now. So I repeat my question: shall I modify my resolv.conf file or not? Thanks.


Yes, sorry for the incomplete answer. You need to edit it with root privileges (example "sudo nano /etc/resolv.conf") and restore your favorite nameservers.

Kind regards
 

Share this post


Link to post

In the meantime I was waiting for your last reply I did edit my resolv.conf and fixed that. Beside my problem Hummingbird works well even without systemd enabled. Cheers

Share this post


Link to post

Hi!
Is it possible for any of you to make an installation guide via a headless raspberry 4 unit? That would mean a lot for me :)

Share this post


Link to post
@ellert

Hello!

You can connect to your Raspberry via SSH or VNC and follow the instructions for Raspberry here:
https://airvpn.org/hummingbird/readme/

Make sure to pick the correct binary according to your system distribution architecture (32 or 64 bit).

If you need Hummingbird to start at Raspberry's bootstrap, you can enter the command to run it in /etc/rc.local for example.

When Hummingbird is not running in a terminal emulator, if necessary you can stop it cleanly via kill, for example:
sudo kill `pidof hummingbird`

Kind regards
 

Share this post


Link to post

Hummingbird looks very promising. Will it feature a bypass mode in the future to exclude certain applications from the tunnel?

Share this post


Link to post

Thanks!
I tried it out, but it was very taxing on the resources, more so than OpenVPN.

Share this post


Link to post
@ellert

Hello!

Did you talk about CPU load, memory usage or both? Would you like to publish a comparison and specify your Operating System name and exact version, as well as your hardware configuration? We do not observe what you report about CPU load (on Linux x86-64 and Linux ARM32/64)  BUT another community member reported something similar, on a Celeron J1900 based box running Debian 10, so it's definitely something to keep an eye on.

Kind regards
 

Share this post


Link to post

Staff:
Today, Sunday, I had a problem with Hummingbird freezing and not exiting cleanly with a Ctr-C, although it said it did, when I tried to recover the network. I had to restart the system to clean up the network settings. I've attached terminal details below, but here are the basics:

Running MacOS Mojave on a Mac Pro 5,1. Saturday night I started HB late evening using a bash script with options --persist-tun and --auth-retry (I don't know what they do or if they're even desirable but they sound good). The server was Virgo. Everything was fine and in the morning HB emerged from sleep without incident. But later I noticed I was getting a block of errors--KEY_SET_ERROR, KEV_NEGOTIATE_ERROR and HANDSHAKE_TIMEOUT for about an hour. During this time the connection tested okay with IPLEAK.Net. HB then quit and reconnected on its own and ran okay, for a while. Then, about three hours later it started throwing the same errors for a little more than and hour. I wasn't using the computer then, but sometime later the connection became unresponsive. I reset it with Ctr-C but the network remained frozen and I had to restart the system. I had previously removed Eddie and any other instances of OpenVPN from my system to avoid any latent/hidden conflicts, which leaves me puzzled as to what's going on with Hummingbird.

HumLog3-15-20

Share this post


Link to post

 @dedo299

Hello!

It has been reported sporadically that OpenVPN3 library fails DHE re-keying when it is initiated on server side. The gathered data is unfortunately anecdotal but those few users who met the problem could resolve it by forcing Hummingbird to be the first to initiate a re-keying.

Please add in your profile the following directive:

reneg-sec 1200

and the problem should disappear. The above directive will tell Hummingbird/OpenVPN3-AirVPN to perform a re-keying every 1200 seconds (20 minutes).

You can edit your profile with any text editor.

Kind regards
 

Share this post


Link to post
@dedo299

Thanks, please keep us posted, we would like to know whether it resolves the issue in your case too or not.

Kind regards

 

Share this post


Link to post
On 3/7/2020 at 5:38 AM, Staff said:
@bm9vbmUK

Hello!

Please check here:
https://dockerquestions.com/2019/07/07/docker-debian-buster-nftables/
 
Reading on the article, it seems expected that both iptables-legacy and nftables can not be used in Docker. In such a case, you need to consider manually a "network lock" solution. Classic iptables should have no problems but it is not available in your images as far as we know. By the way, if it is you should install it, make sure to purge nftables, and force Hummingbird to use iptables with  "--network-lock iptables"

Kind regards
 

I'm not sure what you mean by 'Classic iptables'. I do have iptables installed in the image, but the error still persists. If you're interested, my Dockerfile is here and the image is available here.

Share this post


Link to post
On 3/16/2020 at 5:07 AM, Staff said:

Please add in your profile the following directive:


reneg-sec 1200

and the problem should disappear. The above directive will tell Hummingbird/OpenVPN3-AirVPN to perform a re-keying every 1200 seconds (20 minutes).
 
On 3/17/2020 at 5:00 AM, Staff said:

...please keep us posted, we would like to know whether it resolves the issue in your case too or not.


Yes, it does seem to have solved the problem, so you can add me to your "it works for me" anecdotal list. I seem to have another issue, though, with HB intermittently locking the network after sleep. When this happens, HB shows up as an active process but my network access is blocked. It's only happening on this particular desktop computer because I don't have that problem on my MacBook Pro. Does Hummingbird write logs? If so, where are they (other than in terminal)? I'm open to troubleshooting ideas.

Forgive me for going off topic, but I hope all of you on staff are keeping healthy. I couldn't imagine Covid-19 shutting down an entire country like Italy...until yesterday, when the San Francisco Bay Area was ordered to shelter in place (7 million people). There's a lot more of that to come in the U.S. These are perilous times. Take care.

Share this post


Link to post
@dedo299

Hello!

Thank you very much. AirVPN staff and personnel are healthy and fully operational. We all work from home to reduce hazard as much as possible. We all have at least one landline and one or more mobile line, in different infrastructures when possible. Good luck to you too, and to San Francisco and the rest of the world.

We're glad to know that the previous problem seems resolved.

Hummingbird writes to stdout and stderr so you can re-direct the log and errors in any way you prefer, for example (if you want both of them in a single file):
sudo ./hummingbird [...] myprofile.ovpn > /var/log/hb.log 2>&1

To append log, instead of overwriting it:
sudo ./hummingbird [...] myprofile.ovpn >> /var/log/hb.log 2>&1

Maybe it can help us understand the other issue you mention.

Kind regards
 

Share this post


Link to post

Eureka! I found the sneaky little bugger that was raising wake-from-sleep havoc with Hummingbird. It was an anti-malware program--appropriately called BlockBlock--I had installed a while back and more or less forgotten about. It's supposed to throw up a notice when any software tries to make a persistent change in the system but didn't do so in this case. After removing it, Hummingbird seems to be humming right along after sleep like it should. A question, though: in my debugging process, another successful method was to run HB with the "--network-lock off" option. IPLeak gave it a clean bill of health, so I'm wondering what network lock actually does and what the ramifications/risks are of running with it off.

Share this post


Link to post
@dedo299

Hello!

We're glad to know that you found out the "culprit" causing the wake up issue.

Network Lock is a set of firewall rules preventing traffic leaks outside the VPN tunnel, including, but not limited to, leaks caused by unexpected VPN disconnection and those caused by processes binding to the physical network interface. In Hummingbird, Network Lock is on by default.

Kind regards
 

Share this post


Link to post

Sorry to say, I spoke too soon about finding my Hummingbird-fails-on-wake-from-sleep problem. It wasn’t BlockBlock, nor any other third party software. I removed or disabled everything I could find and the outcome is the same: on a wake-from-sleep, the network connection is blocked. No ping, nothing. In the past sometimes it survived one sleep cycle but now it seems to be constant. I’m now also having the same problem on my MacBook Pro (same Mojave 10.14.6) that used to be okay. That’s networked via Wi-Fi, though, whereas the desktop is ethernet connected to my ISP’s router. The problem seems to be centered on the way the Mac handles sleep in regard to the pf filter/lock because with that disabled Hummingbird comes out of sleep okay.

As for diagnosing, I’ve entered a black hole. My network communications knowledge is extremely limited so I don’t really know where to go from here. I welcome some direction on the kinds logs/data that would help you (such as Netstat). I’ve attached the latest Hummingbird terminal log. It starts last night, March 22, when I started Hummingbird, tested it ok, and then put the computer to sleep until about 9:30 A.M. on March 23. Waking from sleep the network was unresponsive. After I killed it, the network connection resumed on its own (without the VPN, of course).

hummigbird sleep log 3-23-20.txt

Share this post


Link to post
Guest
This topic is now closed to further replies.

×
×
  • Create New...