Skip to main content
Topic: Connman sends tons of unnecessary queries (Read 3810 times) previous topic - next topic
0 Members and 2 Guests are viewing this topic.

Re: Connman sends tons of unnecessary queries

Reply #15
I usually connect manually via very simple short scripts based on these principles, and some of the underlying actions in the Debian ifupdown package which I used to use, this makes it simpler to know what is happening:
https://wiki.archlinux.org/title/Network_configuration/Wireless
But if you do this then you find you need to throw in short arbitrary "sleep" pauses, whether with ethernet or wireless, because otherwise subsequent actions may fail, it takes a while for the network and interface to initialize. Also a "proper" network manager usually provides a service that other things rely on, for example netmount - parts of the OS filesystem might be on different computers, even in different countries. So the (only?) correct and reliable way to do this is to make a positive check that the network connection is working somehow, by pinging some random address, or apparently in the case of Connman, checking if it can reach a presumably purpose made web address. It would send the request rapidly at first so as not to delay boot, then probably gives up hope of an immediate connection and sends at a lower frequency afterwards.

Re: Connman sends tons of unnecessary queries

Reply #16
When you start your machine and you're in the middle of the boot connman already is sending it's packets and after that remains silent.
That would mean that watch netstat (from a terminal emulator) wouldn't show connections to ipv4.connman.net.

In any case, I've checked the source code, and like I said, while there is one execution flow which would lead to unconditional connections to connman.net, it is not done by default as it relies on the variable which is not set by default, Enable6to4. The only other way (aside from EnableOnlineCheck=true and EnableOnlineToReadyTransition = true) for anyone to see connections to connman.net being made is to set
Code: [Select]
Enable6to4 = true
in  /etc/connman/main.conf.

Re: Connman sends tons of unnecessary queries

Reply #17
Tried to set those like you said again and with no effect. Those settings seems to be just for fun they don't have any functionality in  connman behaviour. It's sending like a spam bot queries after queries. Told you if you wanna see this behavior you have to block it in some way if you let it connect to that domain since is doing what he wants after that he's not sending other requests unless you disconnect and reconnect from connman. Don't know how you managed to review the code so fast but for sure something is missing or you looked in a hurry. Don't think it's related to init system either. Would be useful to have your DNS somehow logged otherwise will be hard for you to know when or what King Connman is really doing.

Re: Connman sends tons of unnecessary queries

Reply #18
Program cannot do anything outside of what is written in its source code. Unless you are running a modified version of connman (or have in place some convoluted way of aliasing connman to 'connman -c /some/other/config/file', just to bypass /etc/connman/main.conf), I don't believe it.

Re: Connman sends tons of unnecessary queries

Reply #19
Man if you are so sure then yeah maybe is something different on my end even i didn't change anything related to connman. I changed though default kernel from Artix with hardened kernel (linux-hardened), i use apparmor in enforce mode only for my firefox browser, xfce desktop environment installed very few packages. I have only 791 packages installed and also i use F2FS instead of EXT4 file system. Given the fact that i'm ok with blocking that ip with my firewall and you say that is everything ok if you change those "knobs" in main.conf. I will mark this topic as solved. Cos for sure anyone would choose what works for him from this long list of options. Thanks once again @strajder you really rock. I will mark this as solved at the end of the day if nothing "groundbreaking" new information intervenes. Cheers  ;)

Re: Connman sends tons of unnecessary queries

Reply #20
I stand corrected. There is a piece of code in src/wispr.c:
Code: [Select]
static int wispr_portal_detect(struct connman_wispr_portal_context *wp_context)
{

/* ... */

if (wp_context->type == CONNMAN_IPCONFIG_TYPE_IPV4) {
g_web_set_address_family(wp_context->web, AF_INET);
wp_context->status_url = STATUS_URL_IPV4;
} else {
g_web_set_address_family(wp_context->web, AF_INET6);
wp_context->status_url = STATUS_URL_IPV6;
}

/* ... */

}
This function is in turn called by __connman_wispr_start in two places: 1) in function redo_wispr and 2) in __connman_service_wispr_start.

1. redo_wispr is called by redo_wispr_ipv4 and redo_wispr_ipv6, which are both called only by __connman_service_online_check. This last function is called by: 1.1) portal_manage_status, but only if enable_online_to_ready_transition (set by configuration option) is non-zero, and by 1.2) wispr_portal_web_result, which is called by itself and wispr_portal_request_portal. This function is called by: 1.2.1) wispr_manage_message, which is called by wispr_portal_web_result and 1.2.2) proxy_callback, which is called by no_proxy_callback and wispr_portal_detect. So, a dead end.

2. __connman_service_wispr_start is called by: 2.1) wispr_portal_browser_reply_cb, 2.2) start_online_check, which is controlled by the configuration option, 2.3) set_property and 2.4) default_changed.

The functions set_property and default_changed are indeed called in multiple places.

Conclusion: this patch should introduce the absolute respecting of the configuration setting EnableOnlineCheck.

https://paste.artixlinux.org/18859960

Disclaimer: There could be interactions with regards to IPv4/IPv6 querying of localhost, or not.

Re: Connman sends tons of unnecessary queries

Reply #21
Maybe i forgot something important, i don't have ipv6 networking  even my ISP provides that cos i'm using some oldish router which doesn't provide ipv6 functionality. So I see if i get this straight you made some sort of a patch that presumably should enforce that connman respect it's "knobs" from main.conf. So if we want to apply that patch where should we place it? Also i will leave this topic open till we make a conclusion given the fact things still seems to be in a dynamic.  ;)

Re: Connman sends tons of unnecessary queries

Reply #22
I'd wait for Artix developers to first give their opinion on this and possibly make a separate package, as that would be the recommended route. If you want to know how to manually apply it, here's how it would be done:

The patch should be applied to the source tree of a cloned git repository of connman, available at https://git.kernel.org/pub/scm/network/connman/connman.git/tree/. One can do that using the commands:
Code: [Select]
$ git clone git://git.kernel.org/pub/scm/network/connman/connman.git
$ cd connman

Download paste from https://paste.artixlinux.org/view/18859960 (Edit: I made a mistake in the test in this one, should be negated, so use the fixed one - https://paste.artixlinux.org/view/c18d165e) to the newly created directory connman and apply the patch. If you download from paste.artixlinux.org by using the "Download paste", you'll need to convert line endings from CR+LF (DOS) to LF (Unix). If you downloaded the file to respect-enable_online_check.patch:
Code: [Select]
$ sed -e's/\r//g' < respect-enable_online_check.patch > respect-enable_online_check-lf.patch
Then apply the patch using git apply and build:
Code: [Select]
$ git apply respect-enable_online_check-lf.patch
$ ./bootstrap-configure    # gives error, just ignore
$ ./configure && make
$ sudo make install


Re: Connman sends tons of unnecessary queries

Reply #24
I'd wait for Artix developers to first give their opinion on this and possibly make a separate package, as that would be the recommended route. If you want to know how to manually apply it, here's how it would be done:
I don't see a separate package happening, unless someone from the team is actively using connman (and is equally concerned about its pinging home). In the good, old Arch Way, we follow upstream - so I suggest you file a bug report / feature request with them.

Re: Connman sends tons of unnecessary queries

Reply #25
In the good, old Arch Way, we follow upstream - so I suggest you file a bug report / feature request with them.
I can do that, but if this bug is "a feature", which seems likely, I don't have any hope for an answer, much less for them accepting this patch.

By the way, Artix package connman has:
Code: [Select]
$ pacman -Qi connman | grep ^URL | sed -e's/^URL\s\+: //g'
https://01.org/connman
and that website gives "Access denied". I think that might need an update?

Update: I asked in IRC #connman on irc.oftc.net.

Update 2: After no reply for more than an hour, I sent a patch to [email protected] via email.

Update 3: Modified the test (should use negation :P). Fixed one is at: https://paste.artixlinux.org/view/c18d165e

Re: Connman sends tons of unnecessary queries

Reply #26
Good job @strajder  8) you are such an inspiration for many, myself included  ;) . What i discovered was totally by chance cos if i didn't have those dns logs probably we would never know about that spooky "feature", at least they can make that main.conf option really work not just for misleading people (or maybe is just a bug let's not jump in the conspiracy just yet). Many thanks for all the folks out there who gave it a look for this small but sneaky bug or whatever it is.

Re: Connman sends tons of unnecessary queries

Reply #27
I think you have a good point there thinking about the implications, even presuming the connman test website is entirely well intentioned, it could still be compromised, and the data used by unknown dubious parties, and if you configure something not to happen because you are concerned about it and it still does happen, then that's surely a bug.

Re: Connman sends tons of unnecessary queries

Reply #28
Any HTTP/HTTPS request can be logged, and along with it requester's IP (containing geolocation), user agent (not applicable here though) and time of the request.

If the authors did "phone home" on purpose (I didn't get a response to my patch yet), they are not to be trusted.

I plan to test the script I mentioned above, setnet, as it is a lighter alternative to NetworkManager/connman anyway.

 

Re: Connman sends tons of unnecessary queries

Reply #29
@strajder yeah if it's on purpose it's kinda evil but i would let them more time since it's weekend so probably they didn't had enough time to react yet. Hope they will patch that soon. In the mean time the good old school firewall (ufw) can solve that partially or network manager

Code: [Select]
ufw insert 1 deny out from any to 82.165.8.211 

Let's wait and see what's next  :)

EDIT

Another solution would be to uninstall connman remove it's services and issue something like this for the ethernet connection

Code: [Select]
# dhclient eth0

Hope i remembered correctly the command

EDIT 2

Tried it for myself, removed connman + it's "services" and internet just works after that small command