On Wed, Apr 17, 2019 at 11:17:04AM +0300, Reco wrote: > Hi. > > On Wed, Apr 17, 2019 at 03:25:39PM +0900, Mark Fletcher wrote: > > I decided to try a reboot, which cleared the upowerd problem and returned > > load to 0 or close to it. But now, network activity is not working. > > Seems like a coincidence to me.
You were right -- see below > > > > Any attempt to ping an IP address (eg my router) results in “Operation not > > permitted” even when run as root. > > This. About the only known (for me, at least) way to achieve this is to > send back ICMP Type 3 (Destination Unreachable) Code 9 or 10 > (network/host administratively prohibited). > It *could* be a SELinux or Apparmor misconfiguration, of course, but > we'll deal with it later. > > The main question is, who sends ICMP back to your host. > No one -- as it turns out. The cause turned out to be that recent changes I had made to this machine to support making its MTA available to my VPN introduced a buggy iptables startup script which left my iptables settings in a stupid state on boot (blocking EVERYTHING). I'd never have thought of that if you hadn't asked me for the output of iptables-save. Soon as my eye landed on "iptables" I was like, "ooooooooohhhhhhhhhhh, sh*t". Fixing the bug in the startup script and rebooting (to make sure it will work next time) -- all is now well. No hardware fault, I'm very pleased to report. I don't know what caused upowerd to go nuts and probably never will, but right now I'm just happy my machine is back up and running properly. Thanks Reco Mark
