Arch Linux :Частный доступ в Интернет VPN без интернет-трафика при подключении
С помощью инструмента sedэто тривиально:
sed -e 's/\t//4' input_file
Пояснение:
\t— это представление символаTAB. С GNU sed это нормально, OTW использует буквальную TAB.s/\t//4это означает удаление четвертого -вхождения символа TAB в текущей строке.
С Perlмы можем использовать обходные пути:
perl -pe 's/\t(?!.*\t)//' input_file
Пояснение:
-pзаставляет Perl читать на основе строки -+ автоматически печатает строки.s/\t(?!.*\t)//Регулярное выражение указывает Perl искать тот символ TAB, справа от которого вы не можете увидеть другой TAB, то есть это последний TAB. Затем этот TAB удаляется.
0
GnomGnom
19.09.2020, 19:43
Ссылка
1 ответ
Спасибо за подробный ответ. Я только что обновил клиент, и это все исправило, так что не беспокойтесь. Мне любопытно, что я должен был искать. У меня не было ни файла /var/log/messages, ни файла /var/log/syslog.
до -обновление:dmesgдавало следующее (начиная с того места, где заканчиваются сообщения о запуске об адаптерах bluetooth и звуковых картах):
[ 19.382223] Bluetooth: RFCOMM ver 1.11
[ 20.289468] rfkill: input handler disabled
[ 22.012225] wlp115s0: authenticate with 04:d9:f5:2b:4f:a8
[ 22.017983] wlp115s0: send auth to 04:d9:f5:2b:4f:a8 (try 1/3)
[ 22.049891] wlp115s0: authenticated
[ 22.050545] wlp115s0: associate with 04:d9:f5:2b:4f:a8 (try 1/3)
[ 22.052708] wlp115s0: RX AssocResp from 04:d9:f5:2b:4f:a8 (capab=0x1011 status=0 aid=5)
[ 22.062585] wlp115s0: associated
[ 22.089777] IPv6: ADDRCONF(NETDEV_CHANGE): wlp115s0: link becomes ready
[ 22.152999] wlp115s0: Limiting TX power to 30 (30 - 0) dBm as advertised by 04:d9:f5:2b:4f:a8
[ 28.880556] kauditd_printk_skb: 14 callbacks suppressed
[ 28.880557] audit: type=1131 audit(1600680230.347:286): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=user@969 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
[ 28.888291] audit: type=1131 audit(1600680230.357:287): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=user-runtime-dir@969 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
[ 32.025383] audit: type=1131 audit(1600680233.493:288): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=NetworkManager-dispatcher comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
[ 50.337876] audit: type=1131 audit(1600680251.807:289): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=systemd-hostnamed comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
[ 50.600663] audit: type=1334 audit(1600680252.070:290): prog-id=10 op=UNLOAD
[ 50.600667] audit: type=1334 audit(1600680252.070:291): prog-id=9 op=UNLOAD
[ 50.952688] audit: type=1131 audit(1600680252.420:292): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=systemd-localed comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
[ 51.200918] audit: type=1334 audit(1600680252.670:293): prog-id=16 op=UNLOAD
[ 51.200926] audit: type=1334 audit(1600680252.670:294): prog-id=15 op=UNLOAD
[ 80.021647] audit: type=1131 audit(1600680281.490:295): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=geoclue comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
[ 101.104781] audit: type=1334 audit(1600680302.573:296): prog-id=17 op=LOAD
[ 101.104813] audit: type=1334 audit(1600680302.573:297): prog-id=18 op=LOAD
[ 101.344804] audit: type=1130 audit(1600680302.813:298): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=systemd-timedated comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
[ 106.863153] audit: type=1325 audit(1600680308.330:299): table=filter family=2 entries=109 op=replace pid=3480 comm="iptables"
[ 106.867682] audit: type=1325 audit(1600680308.337:300): table=filter family=10 entries=93 op=replace pid=3483 comm="ip6tables"
[ 106.886807] audit: type=1325 audit(1600680308.353:301): table=filter family=10 entries=94 op=replace pid=3494 comm="ip6tables"
[ 106.902780] audit: type=1325 audit(1600680308.370:302): table=filter family=2 entries=110 op=replace pid=3503 comm="iptables"
[ 106.907625] audit: type=1325 audit(1600680308.377:303): table=filter family=10 entries=95 op=replace pid=3506 comm="ip6tables"
[ 106.931056] audit: type=1325 audit(1600680308.400:304): table=filter family=2 entries=111 op=replace pid=3519 comm="iptables"
[ 106.935530] audit: type=1325 audit(1600680308.403:305): table=filter family=10 entries=96 op=replace pid=3522 comm="ip6tables"
[ 106.955612] audit: type=1325 audit(1600680308.423:306): table=filter family=2 entries=110 op=replace pid=3533 comm="iptables"
[ 106.960281] audit: type=1325 audit(1600680308.427:307): table=filter family=10 entries=95 op=replace pid=3536 comm="ip6tables"
[ 106.964264] audit: type=1325 audit(1600680308.433:308): table=filter family=2 entries=111 op=replace pid=3539 comm="iptables"
[ 113.410094] tun: Universal TUN/TAP device driver, 1.6
[ 113.433268] kauditd_printk_skb: 1 callbacks suppressed
[ 113.433271] audit: type=1130 audit(1600680314.900:310): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=NetworkManager-dispatcher comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
[ 113.542142] audit: type=1325 audit(1600680315.010:311): table=filter family=2 entries=112 op=replace pid=3663 comm="iptables"
[ 113.545886] audit: type=1325 audit(1600680315.013:312): table=filter family=10 entries=97 op=replace pid=3666 comm="ip6tables"
[ 113.549615] audit: type=1325 audit(1600680315.017:313): table=filter family=2 entries=113 op=replace pid=3669 comm="iptables"
[ 113.553411] audit: type=1325 audit(1600680315.020:314): table=filter family=10 entries=98 op=replace pid=3672 comm="ip6tables"
[ 113.560479] audit: type=1325 audit(1600680315.027:315): table=filter family=2 entries=114 op=replace pid=3677 comm="iptables"
[ 113.564174] audit: type=1325 audit(1600680315.033:316): table=filter family=10 entries=99 op=replace pid=3680 comm="ip6tables"
[ 113.583354] audit: type=1325 audit(1600680315.050:317): table=filter family=2 entries=115 op=replace pid=3693 comm="iptables"
[ 113.587070] audit: type=1325 audit(1600680315.053:318): table=filter family=10 entries=100 op=replace pid=3696 comm="ip6tables"
[ 113.591050] audit: type=1325 audit(1600680315.060:319): table=filter family=2 entries=116 op=replace pid=3699 comm="iptables"
[ 124.029311] kauditd_printk_skb: 20 callbacks suppressed
[ 124.029317] audit: type=1131 audit(1600680325.497:340): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=NetworkManager-dispatcher comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
[ 131.383196] audit: type=1131 audit(1600680332.850:341): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=systemd-timedated comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
[ 131.402462] audit: type=1334 audit(1600680332.870:342): prog-id=18 op=UNLOAD
[ 131.402464] audit: type=1334 audit(1600680332.870:343): prog-id=17 op=UNLOAD
и iptables -Lдают (пост -обновление, извините, забыл экспортировать это перед обновлением):
Chain INPUT (policy ACCEPT)
target prot opt source destination
piavpn.INPUT all -- anywhere anywhere
Chain FORWARD (policy DROP)
target prot opt source destination
piavpn.FORWARD all -- anywhere anywhere
DOCKER-USER all -- anywhere anywhere
DOCKER-ISOLATION-STAGE-1 all -- anywhere anywhere
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
DOCKER all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
piavpn.anchors all -- anywhere anywhere
Chain DOCKER (1 references)
target prot opt source destination
Chain DOCKER-ISOLATION-STAGE-1 (1 references)
target prot opt source destination
DOCKER-ISOLATION-STAGE-2 all -- anywhere anywhere
RETURN all -- anywhere anywhere
Chain DOCKER-ISOLATION-STAGE-2 (1 references)
target prot opt source destination
DROP all -- anywhere anywhere
RETURN all -- anywhere anywhere
Chain DOCKER-USER (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
Chain piavpn.000.allowLoopback (0 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
Chain piavpn.100.blockAll (0 references)
target prot opt source destination
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
Chain piavpn.100.protectLoopback (1 references)
target prot opt source destination
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
Chain piavpn.200.allowVPN (0 references)
target prot opt source destination
Chain piavpn.290.allowDHCP (0 references)
target prot opt source destination
ACCEPT udp -- anywhere 255.255.255.255 udp spt:bootpc dpt:bootps
Chain piavpn.300.allowLAN (0 references)
target prot opt source destination
ACCEPT all -- anywhere 10.0.0.0/8
ACCEPT all -- anywhere 169.254.0.0/16
ACCEPT all -- anywhere 172.16.0.0/12
ACCEPT all -- anywhere 192.168.0.0/16
ACCEPT all -- anywhere base-address.mcast.net/4
ACCEPT all -- anywhere 255.255.255.255
Chain piavpn.305.allowSubnets (0 references)
target prot opt source destination
Chain piavpn.310.blockDNS (0 references)
target prot opt source destination
REJECT udp -- anywhere anywhere udp dpt:domain reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere tcp dpt:domain reject-with icmp-port-unreachable
Chain piavpn.320.allowDNS (0 references)
target prot opt source destination
ACCEPT udp -- anywhere anywhere cgroup 1384 udp dpt:domain
ACCEPT udp -- anywhere anywhere cgroup 1383 udp dpt:domain
ACCEPT tcp -- anywhere anywhere cgroup 1384 tcp dpt:domain
ACCEPT tcp -- anywhere anywhere cgroup 1383 tcp dpt:domain
Chain piavpn.340.blockVpnOnly (1 references)
target prot opt source destination
REJECT all -- anywhere anywhere cgroup 1384 reject-with icmp-port-unreachable
Chain piavpn.350.allowHnsd (0 references)
target prot opt source destination
Chain piavpn.350.cgAllowHnsd (0 references)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere owner GID match piahnsd cgroup 1384 multiport dports domain,13038
ACCEPT udp -- anywhere anywhere owner GID match piahnsd cgroup 1384 multiport dports domain,13038
REJECT all -- anywhere anywhere owner GID match piahnsd reject-with icmp-port-unreachable
Chain piavpn.390.allowWg (0 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere mark match 0x3213
Chain piavpn.400.allowPIA (0 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere owner GID match piavpn
Chain piavpn.FORWARD (1 references)
target prot opt source destination
Chain piavpn.INPUT (1 references)
target prot opt source destination
piavpn.a.100.protectLoopback all -- anywhere anywhere
Chain piavpn.a.000.allowLoopback (1 references)
target prot opt source destination
Chain piavpn.a.100.blockAll (1 references)
target prot opt source destination
Chain piavpn.a.100.protectLoopback (1 references)
target prot opt source destination
piavpn.100.protectLoopback all -- anywhere anywhere
Chain piavpn.a.200.allowVPN (1 references)
target prot opt source destination
Chain piavpn.a.290.allowDHCP (1 references)
target prot opt source destination
Chain piavpn.a.300.allowLAN (1 references)
target prot opt source destination
Chain piavpn.a.305.allowSubnets (1 references)
target prot opt source destination
Chain piavpn.a.310.blockDNS (1 references)
target prot opt source destination
Chain piavpn.a.320.allowDNS (1 references)
target prot opt source destination
Chain piavpn.a.340.blockVpnOnly (1 references)
target prot opt source destination
piavpn.340.blockVpnOnly all -- anywhere anywhere
Chain piavpn.a.350.allowHnsd (1 references)
target prot opt source destination
Chain piavpn.a.350.cgAllowHnsd (1 references)
target prot opt source destination
Chain piavpn.a.390.allowWg (1 references)
target prot opt source destination
Chain piavpn.a.400.allowPIA (1 references)
target prot opt source destination
Chain piavpn.anchors (1 references)
target prot opt source destination
piavpn.a.000.allowLoopback all -- anywhere anywhere
piavpn.a.400.allowPIA all -- anywhere anywhere
piavpn.a.390.allowWg all -- anywhere anywhere
piavpn.a.350.allowHnsd all -- anywhere anywhere
piavpn.a.350.cgAllowHnsd all -- anywhere anywhere
piavpn.a.340.blockVpnOnly all -- anywhere anywhere
piavpn.a.320.allowDNS all -- anywhere anywhere
piavpn.a.310.blockDNS all -- anywhere anywhere
piavpn.a.305.allowSubnets all -- anywhere anywhere
piavpn.a.300.allowLAN all -- anywhere anywhere
piavpn.a.290.allowDHCP all -- anywhere anywhere
piavpn.a.200.allowVPN all -- anywhere anywhere
piavpn.a.100.blockAll all -- anywhere anywhere
/etc/resolv.confдает:
# Generated by NetworkManager
nameserver 192.168.192.111
nameserver 192.168.192.1
nameserver 198.162.192.111
.111 — это мой DNS-сервер поиска пи -дыры, а.1 — мой маршрутизатор. Не знаю, почему.111 там дважды.
Также интересно -сетевой менеджер по-прежнему не работает, но клиент работает... Может это как-то связано с переходом на их новый протокол wireguard с OpenVPN?
0
GnomGnom
18.03.2021, 23:03
Ссылка