You are not logged in.
Hello,
I have no longer access to aur:
$ telnet aur.archlinux.org 22
Trying 2a01:4f9:c010:50::1...
Connection failed: Connexion refusée
Trying 95.216.144.15...
telnet: Unable to connect to remote host: Connexion refusée
$ telnet aur.archlinux.org 443
Trying 2a01:4f9:c010:50::1...
Connection failed: Connexion refusée
Trying 95.216.144.15...
telnet: Unable to connect to remote host: Connexion refusée
The weird thing is that it only happens on one particular arch box. Other hosts from the same LAN are OK.
All iptables stuff have been disabled, routes are OK, system is up to date.
Could possibly AUR block some systems based on MAC address ?
Offline
If you have a typical consumer DSL connection, the AUR server knows nothing about the specific computer's local IP or MAC address, since it's behind a NAT firewall.
Please post your entire network configuration including your presumably disabled firewall and the routing tables. Also please provide the output of
$ telnet --version
$ which telnet
$ type telnet
Last edited by schard (2020-09-11 09:08:00)
macro_rules! yolo { { $($tokens:tt)* } => { unsafe { $($tokens)* } }; }
Offline
If you have a typical consumer DSL connection, the AUR server knows nothing about the specific computer's local IP or MAC address, since it's behind a NAT firewall.
Very strange indeed.
If I run a VM guest inside my faulty box, it can telnet to aur.archlinux.org 22.
I don't think it is a telnet related problem, because neither firefox, chromium can access aur.archlinux.org (all other domains are OK).
telnet (GNU inetutils) 1.9.4
Copyright (C) 2015 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Written by many authors.
[mrechte@linux2 ~]$ which telnet
/usr/bin/telnet
[mrechte@linux2 ~]$ type telnet
telnet est haché (/usr/bin/telnet)
Thanks
Offline
A wireshark analysis on a "telnet aur.archlinux.org 22" gives:
No. Time Source Destination Protocol Length Info
19 2020-09-11 12:04:22,628188771 192.168.42.2 95.216.144.15 TCP 74 59428 → 22 [SYN] Seq=0 Win=64240 Len=0 MSS=1460 SACK_PERM=1 TSval=671762926 TSecr=0 WS=128
Frame 19: 74 bytes on wire (592 bits), 74 bytes captured (592 bits) on interface br1, id 0
Ethernet II, Src: ASUSTekC_c9:39:e8 (c8:60:00:c9:39:e8), Dst: FreeboxS_3b:0c:69 (34:27:92:3b:0c:69)
Internet Protocol Version 4, Src: 192.168.42.2, Dst: 95.216.144.15
Transmission Control Protocol, Src Port: 59428, Dst Port: 22, Seq: 0, Len: 0
Source Port: 59428
Destination Port: 22
[Stream index: 3]
[TCP Segment Len: 0]
Sequence number: 0 (relative sequence number)
Sequence number (raw): 678114343
[Next sequence number: 1 (relative sequence number)]
Acknowledgment number: 0
Acknowledgment number (raw): 0
1010 .... = Header Length: 40 bytes (10)
Flags: 0x002 (SYN)
Window size value: 64240
[Calculated window size: 64240]
Checksum: 0xdac0 [unverified]
[Checksum Status: Unverified]
Urgent pointer: 0
Options: (20 bytes), Maximum segment size, SACK permitted, Timestamps, No-Operation (NOP), Window scale
[Timestamps]
No. Time Source Destination Protocol Length Info
20 2020-09-11 12:04:22,676423692 95.216.144.15 192.168.42.2 ICMP 102 Destination unreachable (Port unreachable)
Frame 20: 102 bytes on wire (816 bits), 102 bytes captured (816 bits) on interface br1, id 0
Ethernet II, Src: FreeboxS_3b:0c:69 (34:27:92:3b:0c:69), Dst: ASUSTekC_c9:39:e8 (c8:60:00:c9:39:e8)
Internet Protocol Version 4, Src: 95.216.144.15, Dst: 192.168.42.2
Internet Control Message Protocol
Type: 3 (Destination unreachable)
Code: 3 (Port unreachable)
Checksum: 0xd7bd [correct]
[Checksum Status: Good]
Unused: 00000000
Internet Protocol Version 4, Src: 192.168.42.2, Dst: 95.216.144.15
Transmission Control Protocol, Src Port: 59428, Dst Port: 22, Seq: 678114343
Source Port: 59428
Destination Port: 22
Sequence number: 678114343
[Stream index: 3]
Acknowledgment number: 0
Acknowledgment number (raw): 0
1010 .... = Header Length: 40 bytes (10)
Flags: 0x002 (SYN)
Window size value: 64240
[Calculated window size: 64240]
Checksum: 0xbbb7 [unverified]
[Checksum Status: Unverified]
Urgent pointer: 0
Options: (20 bytes), Maximum segment size, SACK permitted, Timestamps, No-Operation (NOP), Window scale
[Timestamps]
Offline
No. Time Source Destination Protocol Length Info 20 2020-09-11 12:04:22,676423692 95.216.144.15 192.168.42.2 ICMP 102 Destination unreachable (Port unreachable)
So the reverse path is screwed up.
Looks like a problem with your system's firewall, routes or the routing settings in your IAD ("Router").
Last edited by schard (2020-09-11 12:30:11)
macro_rules! yolo { { $($tokens:tt)* } => { unsafe { $($tokens)* } }; }
Offline
Wouldn't the fact a VM within this system can telnet to the server suggest that the problem is on the local machine? Most likely a firewall setting rejecting / dropping ICMP packets.
"UNIX is simple and coherent..." - Dennis Ritchie, "GNU's Not UNIX" - Richard Stallman
Offline
Wouldn't the fact a VM within this system can telnet to the server suggest that the problem is on the local machine? Most likely a firewall setting rejecting / dropping ICMP packets.
It using the same interface (bridge br1).
I set-up a 4G usb connection with my phone, and it now works on the host (at least I have been able to push my package).
The only component that could filter traffic would be my Internet box. But the ICMP response from aur.archlinux.org host suggests that it refuses the tcp connection request.
Offline
Hi,
I have the same problem. Currently I'm unable to connect wirh aur repository https://aur.archlinux.org/ from any device connected to my local network (LAN/WLAN).
When telnet have:
[~]$ telnet 95.216.144.15 443
Trying 95.216.144.15...
telnet: Unable to connect to remote host: Connection refused
seems that problem is outside my local broadband provider, when trying to connect by another mobile provider all works fine
I really appreciate your help.
Slaw
Last edited by infoslaw (2020-09-14 14:27:29)
Offline
The strange thing is that others can open https://aur.archlinux.org/ from the same broadband provider also local broadband technical support confirm that network access are transparent to this website. I restarted router to default settings but it seems no issue here coz even don't use firewall etc.
Last edited by infoslaw (2020-09-14 14:33:37)
Offline
If you boot the installation media or some other live media can you then connect to https://aur.archlinux.org/
curl -o /dev/null -v https://aur.archlinux.org/
Offline
Unfortunately I can't connect from live media.
[~]$ curl -o /dev/null -v https://aur.archlinux.org/
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Trying 95.216.144.15:443...
* connect to 95.216.144.15 port 443 failed: Connection refused
* Trying 2a01:4f9:c010:50::1:443...
* Immediate connect fail for 2a01:4f9:c010:50::1: Network is unreachable
* Failed to connect to aur.archlinux.org port 443: Connection refused
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
* Closing connection 0
curl: (7) Failed to connect to aur.archlinux.org port 443: Connection refused
[~]$
Last edited by infoslaw (2020-09-14 22:51:25)
Offline
You stil haven't provided any firewall config or routing tables of either the host or the VM.
All we can do here is wild guessing, which will lead us nowhere.
macro_rules! yolo { { $($tokens:tt)* } => { unsafe { $($tokens)* } }; }
Offline
I have issue to open website https://aur.archlinux.org/ from any device at home and I don't believe that is issue with my linux device. It doesn't work on Android tablet, mobile, Mac and my laptop with ArchLinux.
I don't have any firewall restrictions on my local broadband router.
below traceroute
traceroute to aur.archlinux.org (95.216.144.15), 30 hops max, 60 byte packets
1 _gateway (192.168.0.1) 1.308 ms 2.007 ms 2.014 ms
2 * * *
3 89-75-2-81.infra.chello.pl (89.75.2.81) 17.293 ms 17.419 ms 18.694 ms
4 pl-waw04a-rc1-ae-45-1484.aorta.net (84.116.253.133) 20.533 ms 20.596 ms 20.356 ms
5 pl-waw26b-ri1-ae-3-0.aorta.net (84.116.138.102) 26.801 ms 20.516 ms 19.940 ms
6 213.46.178.34 (213.46.178.34) 20.606 ms 19.477 ms 19.121 ms
7 hbg-bb4-link.telia.net (62.115.118.40) 47.227 ms hbg-bb3-link.telia.net (62.115.120.68) 52.068 ms 56.741 ms
8 s-bb4-link.telia.net (62.115.115.59) 52.266 ms 50.759 ms 52.087 ms
9 hls-b1-link.telia.net (80.91.246.85) 51.999 ms hls-b1-link.telia.net (62.115.123.31) 45.479 ms 47.086 ms
10 hetzner-svc067711-ic351605.c.telia.net (62.115.183.185) 64.828 ms 51.746 ms 67.169 ms
11 core31.hel1.hetzner.com (213.239.224.38) 48.696 ms core32.hel1.hetzner.com (213.239.224.26) 46.661 ms 48.526 ms
12 spine1.cloud1.hel1.hetzner.com (88.198.249.90) 49.016 ms static.88-198-245-254.clients.your-server.de (88.198.245.254) 50.613 ms 53.568 ms
13 * * *
14 13496.your-cloud.host (95.216.130.243) 53.653 ms 54.873 ms 54.922 ms
15 * * *
16 aur.archlinux.org (95.216.144.15) 51.392 ms 53.820 ms 48.582 ms
Last edited by infoslaw (2020-09-15 08:40:41)
Offline
Do a tcptraceroute.
Are you familiar with our Forum Rules, and How To Ask Questions The Smart Way?
BlueHackers // fscanary // resticctl
Offline
Do a tcptraceroute.
Thank you for idea. tcp traceroute below
sudo tcptraceroute aur.archlinux.org
Selected device wlp4s0, address 192.168.0.178, port 37569 for outgoing packets
Tracing the path to aur.archlinux.org (95.216.144.15) on TCP port 80 (http), 30 hops max
1 * * *
2 * * *
3 89-75-2-81.infra.chello.pl (89.75.2.81) 187.597 ms 12.780 ms 14.390 ms
4 pl-waw04a-rc1-ae-45-1484.aorta.net (84.116.253.133) 17.331 ms 14.715 ms 16.878 ms
5 pl-waw26b-ri1-ae-3-0.aorta.net (84.116.138.102) 16.155 ms 15.503 ms 14.628 ms
6 213.46.178.34 16.241 ms 15.277 ms 15.689 ms
7 hbg-bb4-link.telia.net (62.115.118.40) 49.034 ms 44.063 ms 46.167 ms
8 s-bb4-link.telia.net (62.115.115.59) 47.141 ms 49.750 ms 50.061 ms
9 hls-b1-link.telia.net (62.115.123.31) 48.671 ms 46.850 ms 44.708 ms
10 hetzner-svc067711-ic351605.c.telia.net (62.115.183.185) 50.862 ms 48.905 ms 51.032 ms
11 core31.hel1.hetzner.com (213.239.224.38) 57.555 ms 51.620 ms 54.857 ms
12 static.88-198-242-250.clients.your-server.de (88.198.242.250) 45.652 ms 48.890 ms 48.148 ms
13 * * *
14 13496.your-cloud.host (95.216.130.243) 70.972 ms 49.209 ms 49.028 ms
15 * * *
16 aur.archlinux.org (95.216.144.15) 156.077 ms !p 45.800 ms !p 47.706 ms !p
Last edited by infoslaw (2020-09-15 10:50:28)
Offline
Interesting. You might need to ask in #archlinux-devops on Freenode where those with access to the servers can debug.
Are you familiar with our Forum Rules, and How To Ask Questions The Smart Way?
BlueHackers // fscanary // resticctl
Offline
Interesting. You might need to ask in #archlinux-devops on Freenode where those with access to the servers can debug.
Thank you for replay. I will do. It never happen for me before.
Offline
Could you tell me please how to find #archlinux-devops on Freenode to report it?
Offline
Could you tell me please how to find #archlinux-devops on Freenode to report it?
freenode is an IRC server, a web client is available here: https://webchat.freenode.net/?channels=archlinux-devops
| alias CUTF='LANG=en_XX.UTF-8@POSIX ' |
Offline
Thank you guys for your help. I chat on irc with archlinux-devops and it was ban on firewall on suspect packer aur wrapper which it's out dated and discontinued.
Access to website has been unlocked and I'm able to connect now to aur.archlinux.org.
Meantime swap to pacaur wrapper which is officially available in aur helper.
Last edited by infoslaw (2020-09-19 00:29:23)
Offline
Adding a side note you may want to manage a local AUR repo.
It can be done with repo-{add,remove} and makepkg with proper configuration in pacman.conf.
This page has the info: https://wiki.archlinux.org/index.php/Pa … repository
You can also do queries to the AUR through RPC, instructions here: https://wiki.archlinux.org/index.php/Au … _interface
There's also a tool by @alad called aurutils that haves helpers for those actions as well, as other helpers for building in a clean chroot for example.
Certain helpers abuse|spam the interface so that may explain the source of the issue...
Hope it's useful.
Last edited by GaKu999 (2020-09-19 01:13:23)
Offline
@GaKu999 I'm unsure why maintaining a local AUR repo would help OP in this instance. Whether you're installing from the AUR or building a repo of AUR package, you still need to access the AUR. Building a repo first is just another step.
Are you familiar with our Forum Rules, and How To Ask Questions The Smart Way?
BlueHackers // fscanary // resticctl
Offline
@GaKu999 I'm unsure why maintaining a local AUR repo would help OP in this instance. Whether you're installing from the AUR or building a repo of AUR package, you still need to access the AUR. Building a repo first is just another step.
Yep it needs refactoring, I tried at least to point him to learn to make things by hand or know how they work, so he didn't use AUR helpers that spam the RPC interface, (AFAIK yay).
Maybe he got banned for spamming? So I suggested ways to not spam.
Then again, idk if the AUR can ban you for spamming the RPC interface, they have something already for spam.
Local AUR repos are a side benefit of doing things by hand, so I mentioned them.
Still you can have a plain o'l dir holding PKGBUILDS and just loop and makepkg.
Just sharing my knowledge a little bit, contributing, the Wiki already haves it, so I point to the Wiki as well, I know threads get buried with time...
Offline