[pkg-netfilter-team] Bug#946996: wireguard-tools: 'wg-quick down' segfaults
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Mon Mar 9 21:22:57 GMT 2020
On Mon 2020-02-03 13:20:22 -0500, Celejar wrote:
> Okay, now I've gotten it. I've uninstalled nftables and put in the
> debug line, and I get this (with 1.0.20200121-2):
>
> ~# ifdown wg0
> [#] ip -4 rule delete table 51820
> [#] ip -4 rule delete table main suppress_prefixlength 0
> [#] ip link delete dev wg0
> [#] resolvconf -d tun.wg0 -f
> RESTORING: *filter
> COMMIT
> *nat
> COMMIT
> *mangle
> -D PREROUTING -p udp -m comment --comment "wg-quick(8) rule for wg0" -j CONNMARK --restore-mark --nfmask 0xffffffff --ctmask 0xffffffff
> -D POSTROUTING -p udp -m mark --mark 0xca6c -m comment --comment "wg-quick(8) rule for wg0" -j CONNMARK --save-mark --nfmask 0xffffffff --ctmask 0xffffffff
> COMMIT
> *raw
> COMMIT
> [#] iptables-restore -n
> /usr/bin/wg-quick: line 29: 2284068 Segmentation fault "$@"
OK, so it looks to me like the problem comes when feeding this set of
commands into iptables-restore.
But hm, i'm still having trouble replicating the segfault.
Is this still happening for you?
Can you send the output of these two commands?
dpkg -l iptables wireguard
dpkg -S $(readlink -f $(which iptables-restore))
That might help us narrow down the cause of the segfault.
Sorry for how long this is taking to debug!
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-netfilter-team/attachments/20200309/b1830acd/attachment.sig>
More information about the pkg-netfilter-team
mailing list