6.1.12-1-lts커널 과 함께 시스템에 Arch Linux가 설치되어 있습니다 . VPN 클라이언트를 dhcpcd설치 했으며 NetworkManager연결을 통해 인터넷에 액세스할 수 있습니다. 나는 그것을 설치하지 않았습니다 ufw. dhcpcd또는 경고가 없고 NetworkManager라우터(Edgerouter X)에 특정 방화벽 규칙이 구성되어 있지 않습니다.
그러나 이 상자에서는 내 라우터나 네트워크의 다른 컴퓨터에 지속적으로 액세스할 수 없습니다. 예전에는 가끔 할 수 있었지만 이제는 그렇지 않습니다. 도움이 될 수 있는 결과는 다음과 같습니다. 내가 무엇을 놓치고 있나요?
ip addr
(permaddr이 삭제되었으며, VPN IP가 삭제되었습니다)
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: enp89s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 48:21:0b:33:32:5f brd ff:ff:ff:ff:ff:ff
inet 192.168.1.75/24 brd 192.168.1.255 scope global dynamic noprefixroute enp89s0
valid_lft 85461sec preferred_lft 85461sec
3: wlan0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
link/ether 5e:17:af:6b:7c:6d brd ff:ff:ff:ff:ff:ff permaddr
4: nordlynx: <POINTOPOINT,UP,LOWER_UP> mtu 1420 qdisc noqueue state UNKNOWN group default qlen 1000
link/none
inet xx.xx.xx.xx/32 scope global nordlynx
valid_lft forever preferred_lft forever
ip neigh
192.168.1.1 dev enp89s0 lladdr 78:8a:20:be:20:63 REACHABLE
192.168.1.47 dev enp89s0 lladdr 90:09:d0:0a:2b:4f STALE
sudo iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere connmark match 0xe1f1 /* nordvpn */
ACCEPT all -- anywhere anywhere connmark match 0xe1f1 /* nordvpn */
DROP all -- anywhere anywhere /* nordvpn */
DROP all -- anywhere anywhere /* nordvpn */
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
CONNMARK all -- anywhere anywhere mark match 0xe1f1 /* nordvpn */ CONNMARK save
ACCEPT all -- anywhere anywhere connmark match 0xe1f1 /* nordvpn */
CONNMARK all -- anywhere anywhere mark match 0xe1f1 /* nordvpn */ CONNMARK save
ACCEPT all -- anywhere anywhere connmark match 0xe1f1 /* nordvpn */
DROP all -- anywhere anywhere /* nordvpn */
DROP all -- anywhere anywhere /* nordvpn */
tracepath 192.168.1.1
1?: [LOCALHOST] pmtu 1500
1: send failed
1: send failed
Resume: pmtu 1500
ip route show
default via 192.168.1.1 dev enp89s0 proto dhcp src 192.168.1.75 metric 1002
default via 192.168.1.1 dev enp89s0 proto dhcp src 192.168.1.75 metric 20100
192.168.1.0/24 dev enp89s0 proto kernel scope link src 192.168.1.75 metric 100
192.168.1.0/24 dev enp89s0 proto dhcp scope link src 192.168.1.75 metric 1002
192.168.1.1 dev enp89s0 proto dhcp scope link src 192.168.1.75 metric 100
192.168.1.47 dev enp89s0 proto dhcp scope link src 192.168.1.75 metric 100
systemctl status dhcpcd
● dhcpcd.service - dhcpcd on all interfaces
Loaded: loaded (/usr/lib/systemd/system/dhcpcd.service; enabled; preset: disabled)
Active: active (running) since Wed 2023-02-22 16:48:48; 21min ago
Process: 530 ExecStart=/usr/bin/dhcpcd -q -b (code=exited, status=0/SUCCESS)
Main PID: 533 (dhcpcd)
Tasks: 5 (limit: 38095)
Memory: 2.4M
CPU: 96ms
CGroup: /system.slice/dhcpcd.service
├─533 "dhcpcd: [manager] [ip4] [ip6]"
├─534 "dhcpcd: [privileged proxy]"
├─535 "dhcpcd: [network proxy]"
├─536 "dhcpcd: [control proxy]"
└─645 "dhcpcd: [BPF ARP] enp89s0 192.168.1.75"
systemctl status NetworkManager
● NetworkManager.service - Network Manager
Loaded: loaded (/usr/lib/systemd/system/NetworkManager.service; enabled; preset: disabled)
Active: active (running) since Wed 2023-02-22 16:48:47; 21min ago
Docs: man:NetworkManager(8)
Main PID: 4915 (NetworkManager)
Tasks: 4 (limit: 38095)
Memory: 6.1M
CPU: 94ms
CGroup: /system.slice/NetworkManager.service
└─4915 /usr/bin/NetworkManager --no-daemon
답변1
이 문제는 활성화된 경우 액세스를 차단하는 VPN인 NordVPN과 관련이 있습니다. 또한 VPN을 활성화한 후 비활성화한 후에도 액세스를 차단합니다.
다른 컴퓨터에 대한 액세스는 내 VPN이 처음에 활성화되지 않은 경우에만 가능하며 활성화 후에는 중지됩니다.
로컬 서브넷을 화이트리스트에 등록하면 192.168.1.0/24문제가 해결되었습니다.