You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@guacamole.apache.org by EricSten <ia...@gmail.com> on 2017/09/09 01:35:13 UTC
Websocket tunnel connection time out issues
I am trying to get Guacamole 0.9.13 up and running on a FreeBSD 10.3
environment and am having difficulties. I've complied both the server and
the client from the FreeBSD ports and installed all the other required
packages (I believe at least). The guacd service starts up and runs on port
4822, and the client package is installed under Tomcat 8. I'm able to log
into the Guacamole front end and have configured an SSH and RDP connection
in the user-mapping.xml file. However, when I try to connect to either I
get the "Connected to Guacamole. Waiting for response..." message. The
sessions never connect. Setting the debug level in the guacd.conf file and
viewing the catalina.out log file I find the following error(s):
21:13:52.494 [http-nio-8080-exec-4] DEBUG
o.a.g.a.f.FileAuthenticationProvider - Reading user mapping file:
"/root/.guacamole/user-mapping.xml"
21:13:52.521 [http-nio-8080-exec-4] DEBUG o.a.g.r.auth.AuthenticationService
- Anonymous authentication attempt from 192.168.0.130 failed.
21:13:56.784 [http-nio-8080-exec-6] INFO o.a.g.r.auth.AuthenticationService
- User "guacamole" successfully authenticated from 192.168.0.130.
21:13:56.799 [http-nio-8080-exec-6] DEBUG o.a.g.r.auth.AuthenticationService
- Login was successful for user "guacamole".
21:14:01.037 [http-nio-8080-exec-4] DEBUG o.a.g.net.InetGuacamoleSocket -
Connecting to guacd at localhost:4822.
21:14:16.077 [http-nio-8080-exec-4] ERROR
o.a.g.w.GuacamoleWebSocketTunnelEndpoint - Creation of WebSocket tunnel to
guacd failed: Connection to guacd timed out.
21:14:16.087 [http-nio-8080-exec-4] DEBUG
o.a.g.w.GuacamoleWebSocketTunnelEndpoint - Error connecting WebSocket
tunnel.
org.apache.guacamole.GuacamoleUpstreamTimeoutException: Connection to guacd
timed out.
at
org.apache.guacamole.io.ReaderGuacamoleReader.read(ReaderGuacamoleReader.java:180)
~[guacamole-common-0.9.13-incubating.jar:na]
at
org.apache.guacamole.io.ReaderGuacamoleReader.readInstruction(ReaderGuacamoleReader.java:195)
~[guacamole-common-0.9.13-incubating.jar:na]
at
org.apache.guacamole.protocol.ConfiguredGuacamoleSocket.expect(ConfiguredGuacamoleSocket.java:74)
~[guacamole-common-0.9.13-incubating.jar:na]
at
org.apache.guacamole.protocol.ConfiguredGuacamoleSocket.<init>(ConfiguredGuacamoleSocket.java:136)
~[guacamole-common-0.9.13-incubating.jar:na]
at
org.apache.guacamole.net.auth.simple.SimpleConnection.connect(SimpleConnection.java:123)
~[guacamole-ext-0.9.13-incubating.jar:na]
at
org.apache.guacamole.tunnel.TunnelRequestService.createConnectedTunnel(TunnelRequestService.java:160)
~[classes/:na]
at
org.apache.guacamole.tunnel.TunnelRequestService.createTunnel(TunnelRequestService.java:329)
~[classes/:na]
at
org.apache.guacamole.tunnel.websocket.RestrictedGuacamoleWebSocketTunnelEndpoint.createTunnel(RestrictedGuacamoleWebSocketTunnelEndpoint.java:113)
~[classes/:na]
at
org.apache.guacamole.websocket.GuacamoleWebSocketTunnelEndpoint.onOpen(GuacamoleWebSocketTunnelEndpoint.java:110)
~[guacamole-common-0.9.13-incubating.jar:na]
at
org.apache.tomcat.websocket.server.WsHttpUpgradeHandler.init(WsHttpUpgradeHandler.java:127)
[tomcat-websocket.jar:8.0.43]
at
org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:717)
[tomcat-coyote.jar:8.0.43]
at
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1533)
[tomcat-coyote.jar:8.0.43]
at
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1489)
[tomcat-coyote.jar:8.0.43]
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
[na:1.8.0_131]
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
[na:1.8.0_131]
at
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
[tomcat-util.jar:8.0.43]
at java.lang.Thread.run(Thread.java:748) [na:1.8.0_131]
Caused by: java.net.SocketTimeoutException: Read timed out
at java.net.SocketInputStream.socketRead0(Native Method)
~[na:1.8.0_131]
at java.net.SocketInputStream.socketRead(SocketInputStream.java:116)
~[na:1.8.0_131]
at java.net.SocketInputStream.read(SocketInputStream.java:171)
~[na:1.8.0_131]
at java.net.SocketInputStream.read(SocketInputStream.java:141)
~[na:1.8.0_131]
at sun.nio.cs.StreamDecoder.readBytes(StreamDecoder.java:284)
~[na:1.8.0_131]
at sun.nio.cs.StreamDecoder.implRead(StreamDecoder.java:326)
~[na:1.8.0_131]
at sun.nio.cs.StreamDecoder.read(StreamDecoder.java:178)
~[na:1.8.0_131]
at java.io.InputStreamReader.read(InputStreamReader.java:184)
~[na:1.8.0_131]
at
org.apache.guacamole.io.ReaderGuacamoleReader.read(ReaderGuacamoleReader.java:169)
~[guacamole-common-0.9.13-incubating.jar:na]
... 16 common frames omitted
Any suggestions as to what might be causing the inability to connect to the
guacamole service? Suggestions on where to look?
I currently have guacamole 0.9.9 running in another FreeBSD 10.3 environment
and everything is working properly, I just am unable to get any later
versions to run.
Thank you in advance
Eric Sten
--
Sent from: http://apache-guacamole-incubating-users.2363388.n4.nabble.com/
Re: Websocket tunnel connection time out issues
Posted by Eric Sten <ia...@gmail.com>.
So, I've given up on making this work in FreeBSD, for now. :-) I built a
new VM with CentOS and have it running, but not 100%, issues with mysql,
user-mapping.xml authentication is working and I can get to resources. If I
cannot figure it out I will start a new thread.
Thanks for your help Nick and Mike.
Eric Sten
--
Eric Sten
Visit Trixies Tales, adventures of a domestic dog. — www.trixiestales.com
On September 11, 2017 at 6:42:45 PM, Eric Sten (iam.ericsten@gmail.com)
wrote:
Nick, Mike:
Can you explain how to attach gdb to the guard process? I tried running
the following (based on some searching on the net):
gdb —args /usr/local/sbin/guacd -L debug -f
which then brought up the gdb console where I entered “run”.
I got a bunch of messages stating that no debugging symbols were found and
when I tried connecting to guacamole I got the same level of logging as
before.
I suspect I am running the correct command but I don’t believe I have
debugging compiled into guacd. What would be the proper way to compile
guacd with debugging? My experience is limited to running make, make
install and make clean, when it comes to compiling programs. :-)
Thanks
Eric Sten
--
Eric Sten
Visit Trixies Tales, adventures of a domestic dog. — www.trixiestales.com
On September 10, 2017 at 8:33:02 PM, vnick (vnick@apache.org) wrote:
EricSten wrote
> Nick,
>
> I’m guessing you tried to attach an image of some sort to your last
> email
> but it didn’t show up. When I run a “make" on the guacamole-server 0.9.13
> this is what I get at the end of the script run…
> ...
Yeah, I had tried to use the code tag on Nabble, which apparently the Apache
list server stripped out. The configure output you posted looks fine to me,
so not sure what's going on there.
As Mike suggested, it might be good to try to attach gdb to the guacd
process and gather the output during one of the connection attempts. I
think you'll need to run it with the -f option to capture forked processes,
and you can also use -o to specify an output file so that it doesn't just
spew it all over the terminal. I'd be happy to do it myself, but since I
can't reproduce it, that's not going to help much.
-Nick
--
Sent from: http://apache-guacamole-incubating-users.2363388.n4.nabble.com/
Re: Websocket tunnel connection time out issues
Posted by Eric Sten <ia...@gmail.com>.
Nick, Mike:
Can you explain how to attach gdb to the guard process? I tried running
the following (based on some searching on the net):
gdb —args /usr/local/sbin/guacd -L debug -f
which then brought up the gdb console where I entered “run”.
I got a bunch of messages stating that no debugging symbols were found and
when I tried connecting to guacamole I got the same level of logging as
before.
I suspect I am running the correct command but I don’t believe I have
debugging compiled into guacd. What would be the proper way to compile
guacd with debugging? My experience is limited to running make, make
install and make clean, when it comes to compiling programs. :-)
Thanks
Eric Sten
--
Eric Sten
Visit Trixies Tales, adventures of a domestic dog. — www.trixiestales.com
On September 10, 2017 at 8:33:02 PM, vnick (vnick@apache.org) wrote:
EricSten wrote
> Nick,
>
> I’m guessing you tried to attach an image of some sort to your last
> email
> but it didn’t show up. When I run a “make" on the guacamole-server 0.9.13
> this is what I get at the end of the script run…
> ...
Yeah, I had tried to use the code tag on Nabble, which apparently the
Apache
list server stripped out. The configure output you posted looks fine to me,
so not sure what's going on there.
As Mike suggested, it might be good to try to attach gdb to the guacd
process and gather the output during one of the connection attempts. I
think you'll need to run it with the -f option to capture forked processes,
and you can also use -o to specify an output file so that it doesn't just
spew it all over the terminal. I'd be happy to do it myself, but since I
can't reproduce it, that's not going to help much.
-Nick
--
Sent from: http://apache-guacamole-incubating-users.2363388.n4.nabble.com/
Re: Websocket tunnel connection time out issues
Posted by Nick Couchman <vn...@apache.org>.
On Wed, Sep 20, 2017 at 10:08 PM, Eric Sten <ia...@gmail.com> wrote:
> Mike, Nick:
>
> Because I am a glutton for punishment I decided to try installing
> Guacamole 0.9.13 one more time in FreeBSD, but this time with a fresh
> FreeBSD 11 install, not 10.3. Wouldn’t you know it installing via the
> FreeBSD pkg system under version 11, everything installed and works
> properly out of the gate! Very strange indeed.
>
> Thanks
>
> Eric Sten
>
>
Cool, thanks for trying that out. I did the same thing with 10.3 and it
worked for me, so not sure what was going on, but that's very strange.
-Nick
Re: Websocket tunnel connection time out issues
Posted by Eric Sten <ia...@gmail.com>.
Mike, Nick:
Because I am a glutton for punishment I decided to try installing
Guacamole 0.9.13 one more time in FreeBSD, but this time with a fresh
FreeBSD 11 install, not 10.3. Wouldn’t you know it installing via the
FreeBSD pkg system under version 11, everything installed and works
properly out of the gate! Very strange indeed.
Thanks
Eric Sten
--
Eric Sten
Visit Trixies Tales, adventures of a domestic dog. — www.trixiestales.com
On September 10, 2017 at 8:33:02 PM, vnick (vnick@apache.org) wrote:
EricSten wrote
> Nick,
>
> I’m guessing you tried to attach an image of some sort to your last
> email
> but it didn’t show up. When I run a “make" on the guacamole-server 0.9.13
> this is what I get at the end of the script run…
> ...
Yeah, I had tried to use the code tag on Nabble, which apparently the
Apache
list server stripped out. The configure output you posted looks fine to me,
so not sure what's going on there.
As Mike suggested, it might be good to try to attach gdb to the guacd
process and gather the output during one of the connection attempts. I
think you'll need to run it with the -f option to capture forked processes,
and you can also use -o to specify an output file so that it doesn't just
spew it all over the terminal. I'd be happy to do it myself, but since I
can't reproduce it, that's not going to help much.
-Nick
--
Sent from: http://apache-guacamole-incubating-users.2363388.n4.nabble.com/
Re: Websocket tunnel connection time out issues
Posted by vnick <vn...@apache.org>.
EricSten wrote
> Nick,
>
> I’m guessing you tried to attach an image of some sort to your last
> email
> but it didn’t show up. When I run a “make" on the guacamole-server 0.9.13
> this is what I get at the end of the script run…
> ...
Yeah, I had tried to use the code tag on Nabble, which apparently the Apache
list server stripped out. The configure output you posted looks fine to me,
so not sure what's going on there.
As Mike suggested, it might be good to try to attach gdb to the guacd
process and gather the output during one of the connection attempts. I
think you'll need to run it with the -f option to capture forked processes,
and you can also use -o to specify an output file so that it doesn't just
spew it all over the terminal. I'd be happy to do it myself, but since I
can't reproduce it, that's not going to help much.
-Nick
--
Sent from: http://apache-guacamole-incubating-users.2363388.n4.nabble.com/
Re: Websocket tunnel connection time out issues
Posted by Eric Sten <ia...@gmail.com>.
Nick,
I’m guessing you tried to attach an image of some sort to your last email
but it didn’t show up. When I run a “make" on the guacamole-server 0.9.13
this is what I get at the end of the script run…
libtool: install: /usr/bin/install -c .libs/libguac-client-vnc.so.0.0.0T
/usr/ports/net/guacamole-server/work/stage/usr/local/lib/libguac-client-vnc.so.0.0.0
libtool: install: strip --strip-unneeded
/usr/ports/net/guacamole-server/work/stage/usr/local/lib/libguac-client-vnc.so.0.0.0
libtool: install: (cd
/usr/ports/net/guacamole-server/work/stage/usr/local/lib && { ln -s -f
libguac-client-vnc.so.0.0.0 libguac-client-vnc.so.0 || { rm -f
libguac-client-vnc.so.0 && ln -s libguac-client-vnc.so.0.0.0
libguac-client-vnc.so.0; }; })
libtool: install: (cd
/usr/ports/net/guacamole-server/work/stage/usr/local/lib && { ln -s -f
libguac-client-vnc.so.0.0.0 libguac-client-vnc.so || { rm -f
libguac-client-vnc.so && ln -s libguac-client-vnc.so.0.0.0
libguac-client-vnc.so; }; })
libtool: install: /usr/bin/install -c .libs/libguac-client-vnc.lai
/usr/ports/net/guacamole-server/work/stage/usr/local/lib/
libguac-client-vnc.la
libtool: install: /usr/bin/install -c .libs/libguac-client-vnc.a
/usr/ports/net/guacamole-server/work/stage/usr/local/lib/libguac-client-vnc.a
libtool: install: strip --strip-debug
/usr/ports/net/guacamole-server/work/stage/usr/local/lib/libguac-client-vnc.a
libtool: install: chmod 644
/usr/ports/net/guacamole-server/work/stage/usr/local/lib/libguac-client-vnc.a
libtool: install: ranlib
/usr/ports/net/guacamole-server/work/stage/usr/local/lib/libguac-client-vnc.a
libtool: warning: remember to run 'libtool --finish /usr/local/lib'
Making install in src/guacd
/bin/mkdir -p '/usr/ports/net/guacamole-server/work/stage/usr/local/sbin'
STRIPPROG='strip' /bin/sh ../../libtool --mode=install /bin/sh
/usr/ports/net/guacamole-server/work/incubator-guacamole-server-0.9.13-incubating/install-sh
-c -s guacd '/usr/ports/net/guacamole-server/work/stage/usr/local/sbin'
libtool: warning:
'/usr/ports/net/guacamole-server/work/incubator-guacamole-server-0.9.13-incubating/src/libguac/
libguac.la' has not been installed in '/usr/local/lib'
libtool: warning: '../../src/libguac/libguac.la' has not been installed in
'/usr/local/lib'
libtool: install: /bin/sh
/usr/ports/net/guacamole-server/work/incubator-guacamole-server-0.9.13-incubating/install-sh
-c -s .libs/guacd
/usr/ports/net/guacamole-server/work/stage/usr/local/sbin/guacd
/bin/mkdir -p
'/usr/ports/net/guacamole-server/work/stage/usr/local/man/man5'
install -m 0644 man/guacd.conf.5
'/usr/ports/net/guacamole-server/work/stage/usr/local/man/man5'
/bin/mkdir -p
'/usr/ports/net/guacamole-server/work/stage/usr/local/man/man8'
install -m 0644 man/guacd.8
'/usr/ports/net/guacamole-server/work/stage/usr/local/man/man8'
Making install in src/guacenc
/bin/mkdir -p '/usr/ports/net/guacamole-server/work/stage/usr/local/bin'
STRIPPROG='strip' /bin/sh ../../libtool --mode=install /bin/sh
/usr/ports/net/guacamole-server/work/incubator-guacamole-server-0.9.13-incubating/install-sh
-c -s guacenc '/usr/ports/net/guacamole-server/work/stage/usr/local/bin'
libtool: warning: '../../src/libguac/libguac.la' has not been installed in
'/usr/local/lib'
libtool: install: /bin/sh
/usr/ports/net/guacamole-server/work/incubator-guacamole-server-0.9.13-incubating/install-sh
-c -s .libs/guacenc
/usr/ports/net/guacamole-server/work/stage/usr/local/bin/guacenc
/bin/mkdir -p
'/usr/ports/net/guacamole-server/work/stage/usr/local/man/man1'
install -m 0644 man/guacenc.1
'/usr/ports/net/guacamole-server/work/stage/usr/local/man/man1'
install -m 0644 /usr/ports/net/guacamole-server/files/guacd.conf.sample
/usr/ports/net/guacamole-server/work/stage/usr/local/etc/guacamole-server
====> Compressing man pages (compress-man)
===> Staging rc.d startup script(s)
Earlier in the compile I did get this:
------------------------------------------------
guacamole-server version 0.9.13-incubating
------------------------------------------------
Library status:
freerdp ............. yes
pango ............... yes
libavcodec .......... yes
libavutil ........... yes
libssh2 ............. yes
libssl .............. yes
libswscale .......... yes
libtelnet ........... no
libVNCServer ........ yes
libvorbis ........... yes
libpulse ............ yes
libwebp ............. yes
Protocol support:
RDP ....... yes
SSH ....... yes
Telnet .... no
VNC ....... yes
Services / tools:
guacd ...... yes
guacenc .... yes
Init scripts: no
Type "make" to compile guacamole-server.
When I run the “make” command it appears to run two scripts, one that
checks the config and dependencies and the other that does the actual
compile. I don’t know if this is normal or not. The steps I took when
compiling the server was as follows:
make clean
make config
make
make install
Thanks!
Eric Sten
--
Eric Sten
Visit Trixies Tales, adventures of a domestic dog. — www.trixiestales.com
On September 9, 2017 at 9:48:16 PM, vnick (vnick@apache.org) wrote:
Mike Jumper wrote
> On Sat, Sep 9, 2017 at 12:28 PM, vnick <
> vnick@
> > wrote:
>> EricSten wrote
>>> ...
>>> guacd[51911]: INFO: Creating new client for protocol "rdp"
>>> guacd[51911]: INFO: Connection ID is
>>> "$425c3cfe-029f-4465-b2fa-059d51f253b8"
>>> guacd[51911]: INFO: Connection
>>> "$425c3cfe-029f-4465-b2fa-059d51f253b8"
>>> removed.
>>> ...
>>
>> If I get a chance I'll try to spin up a FreeBSD VM and see if I can
>> replicate it or if I can get it to work.
>>
>
> Assuming that you succeed in reproducing this, it may help to run
> guacd under gdb. Normally, when a connection terminates, even
> unsuccessfully, there will be at least two log messages: one from the
> protocol-specific plugin noting that the client has closed, and
> another from guacd noting that it has cleaned up after the connection.
> As only the latter is present here, that suggests that something might
> be causing the connection's child process to crash completely.
>
> - Mike
Eric,
Well, I have good news and bad news. I was unable to reproduce the failure
you're seeing. (That's both the good and bad, by the way.) I built a
FreeBSD 10.3 virtual machine (64-bit) and installed all of the required
packages on it to get it up and running. This included installing several
development packages so that I could compile the guacd component with RDP
and SSH support.
I tested out both the latest git master branch and the 0.9.13-incubating
version. My process was something like this:
- Install FreeBSD 10.3 into Intel 64-bit VM
- Install a few support packages (git, wget, bash, pkg, etc.)
- Install Tomcat8 and PostgreSQL
- Checkout the latest git master of Guacamole client and server
- Build and install server (took some tweaking to get the build to work,
and
had to install several required packages)
- Build client, copy JDBC PostgreSQL authentication extension to
/etc/guacamole/extensions and configure guacamole.properties.
- Load Guacamole PostgreSQL schema into new database.
- Load guacamole WAR file into Tomcat
- Go to Guacamole page, log in, and configure two connections - one RDP and
one SSH.
- Test connections - both worked fine.
- Remove all of those Guacamole components from the system.
- Download the Guacamole server source, build, (tweak a few things) and
install.
- Download the pre-built Guacamole client files, including the JDBC
extensions and the WAR file
- Deploy pre-built client files into Tomcat, log in, test connections -
both
RDP and SSH work fine.
- Remove JDBC support, configure user-mapping.xml, and test connections
that
way - both RDP and SSH work fine.
So, it seems like there's something about your FreeBSD setup that's at
least
slightly different from my quick-and-dirty test. I don't know if it's some
sort of Mandatory Access Control system, application firewall, or what, but
something is causing guacd on your system to drop the connection
immediately.
Can you confirm when you compiled guacd (guacamole server) that the end of
your configure script showed something like this:
In particular, that, under Protocol Support, you see "yes" for the
protocols
you're trying to use? As I alluded to before, it took me some tweaking to
actually get the guacd compile to run correctly and recognize all of the
libraries - I'm curious if maybe you ended up with a guacd instance that
supports no protocols, or at least doesn't support RDP and SSH?
-Nick
--
Sent from: http://apache-guacamole-incubating-users.2363388.n4.nabble.com/
Re: Websocket tunnel connection time out issues
Posted by vnick <vn...@apache.org>.
Mike Jumper wrote
> On Sat, Sep 9, 2017 at 12:28 PM, vnick <
> vnick@
> > wrote:
>> EricSten wrote
>>> ...
>>> guacd[51911]: INFO: Creating new client for protocol "rdp"
>>> guacd[51911]: INFO: Connection ID is
>>> "$425c3cfe-029f-4465-b2fa-059d51f253b8"
>>> guacd[51911]: INFO: Connection
>>> "$425c3cfe-029f-4465-b2fa-059d51f253b8"
>>> removed.
>>> ...
>>
>> If I get a chance I'll try to spin up a FreeBSD VM and see if I can
>> replicate it or if I can get it to work.
>>
>
> Assuming that you succeed in reproducing this, it may help to run
> guacd under gdb. Normally, when a connection terminates, even
> unsuccessfully, there will be at least two log messages: one from the
> protocol-specific plugin noting that the client has closed, and
> another from guacd noting that it has cleaned up after the connection.
> As only the latter is present here, that suggests that something might
> be causing the connection's child process to crash completely.
>
> - Mike
Eric,
Well, I have good news and bad news. I was unable to reproduce the failure
you're seeing. (That's both the good and bad, by the way.) I built a
FreeBSD 10.3 virtual machine (64-bit) and installed all of the required
packages on it to get it up and running. This included installing several
development packages so that I could compile the guacd component with RDP
and SSH support.
I tested out both the latest git master branch and the 0.9.13-incubating
version. My process was something like this:
- Install FreeBSD 10.3 into Intel 64-bit VM
- Install a few support packages (git, wget, bash, pkg, etc.)
- Install Tomcat8 and PostgreSQL
- Checkout the latest git master of Guacamole client and server
- Build and install server (took some tweaking to get the build to work, and
had to install several required packages)
- Build client, copy JDBC PostgreSQL authentication extension to
/etc/guacamole/extensions and configure guacamole.properties.
- Load Guacamole PostgreSQL schema into new database.
- Load guacamole WAR file into Tomcat
- Go to Guacamole page, log in, and configure two connections - one RDP and
one SSH.
- Test connections - both worked fine.
- Remove all of those Guacamole components from the system.
- Download the Guacamole server source, build, (tweak a few things) and
install.
- Download the pre-built Guacamole client files, including the JDBC
extensions and the WAR file
- Deploy pre-built client files into Tomcat, log in, test connections - both
RDP and SSH work fine.
- Remove JDBC support, configure user-mapping.xml, and test connections that
way - both RDP and SSH work fine.
So, it seems like there's something about your FreeBSD setup that's at least
slightly different from my quick-and-dirty test. I don't know if it's some
sort of Mandatory Access Control system, application firewall, or what, but
something is causing guacd on your system to drop the connection
immediately.
Can you confirm when you compiled guacd (guacamole server) that the end of
your configure script showed something like this:
In particular, that, under Protocol Support, you see "yes" for the protocols
you're trying to use? As I alluded to before, it took me some tweaking to
actually get the guacd compile to run correctly and recognize all of the
libraries - I'm curious if maybe you ended up with a guacd instance that
supports no protocols, or at least doesn't support RDP and SSH?
-Nick
--
Sent from: http://apache-guacamole-incubating-users.2363388.n4.nabble.com/
Re: Websocket tunnel connection time out issues
Posted by Mike Jumper <mi...@guac-dev.org>.
On Sat, Sep 9, 2017 at 12:28 PM, vnick <vn...@apache.org> wrote:
> EricSten wrote
>> ...
>> guacd[51911]: INFO: Creating new client for protocol "rdp"
>> guacd[51911]: INFO: Connection ID is
>> "$425c3cfe-029f-4465-b2fa-059d51f253b8"
>> guacd[51911]: INFO: Connection "$425c3cfe-029f-4465-b2fa-059d51f253b8"
>> removed.
>> ...
>
> If I get a chance I'll try to spin up a FreeBSD VM and see if I can
> replicate it or if I can get it to work.
>
Assuming that you succeed in reproducing this, it may help to run
guacd under gdb. Normally, when a connection terminates, even
unsuccessfully, there will be at least two log messages: one from the
protocol-specific plugin noting that the client has closed, and
another from guacd noting that it has cleaned up after the connection.
As only the latter is present here, that suggests that something might
be causing the connection's child process to crash completely.
- Mike
Re: Websocket tunnel connection time out issues
Posted by Eric Sten <ia...@gmail.com>.
Nick,
I am able to establish a SSH session out to the destination host.
Apparently FreeBSD has a system called Mandatory Access Control that is
like SELinux. I don’t think it is running but I will investigate that path.
Thank you for your help!
Eric Sten
Eric Sten
Visit Trixies Tales, adventures of a domestic dog. — www.trixiestales.com
On September 9, 2017 at 3:28:28 PM, vnick (vnick@apache.org) wrote:
EricSten wrote
> vnick:
>
> Yes, both guacd and Tomcat are running on the same system.
>
> The output from running the guacd service with debugging and output to
> console results in the following:
>
> guacd[51911]: INFO: Guacamole proxy daemon (guacd) version
> 0.9.13-incubating started
> guacd[51911]: DEBUG: Successfully bound socket to host 127.0.0.1, port
> 4822
> guacd[51911]: INFO: Listening on host 127.0.0.1, port 4822
> guacd[51911]: INFO: Creating new client for protocol "rdp"
> guacd[51911]: INFO: Connection ID is
> "$425c3cfe-029f-4465-b2fa-059d51f253b8"
> guacd[51911]: INFO: Connection "$425c3cfe-029f-4465-b2fa-059d51f253b8"
> removed.
> guacd[51911]: INFO: Creating new client for protocol "ssh"
> guacd[51911]: INFO: Connection ID is
> "$2653e39d-6cdb-4b74-bf14-136ded481a0d"
> guacd[52064]: INFO: Current locale does not use UTF-8. Some characters
> may not render correctly.
> guacd[51911]: INFO: Connection "$2653e39d-6cdb-4b74-bf14-136ded481a0d"
> removed.
> guacd[51911]: INFO: Creating new client for protocol "ssh"
> guacd[51911]: INFO: Connection ID is
> "$05f4e35b-47ee-4872-8886-034978745fa0"
> guacd[52144]: INFO: Current locale does not use UTF-8. Some characters
> may not render correctly.
> guacd[51911]: INFO: Connection "$05f4e35b-47ee-4872-8886-034978745fa0"
> removed.
> guacd[51911]: INFO: Creating new client for protocol "ssh"
> guacd[51911]: INFO: Connection ID is
> "$0a4cb99c-9122-4b65-a502-6f7ed17714fb"
> guacd[52176]: INFO: Current locale does not use UTF-8. Some characters
> may not render correctly.
> guacd[51911]: INFO: Connection "$0a4cb99c-9122-4b65-a502-6f7ed17714fb"
> removed.
> guacd[51911]: INFO: Creating new client for protocol "ssh"
> guacd[51911]: INFO: Connection ID is
> "$14016334-3cf7-4721-8185-5368572f3243"
> guacd[52179]: INFO: Current locale does not use UTF-8. Some characters
> may not render correctly.
> guacd[51911]: INFO: Connection "$14016334-3cf7-4721-8185-5368572f3243"
> removed.
>
> No specific errors but it appears that the connection attempt is dropped
> immediately.
On the system where Guacamole is running can you verify that you can make
the SSH and/or RDP connections from there to the destination hosts? It
looks to me like the Guacamole client<->guacd traffic is happening, but for
some reason it cannot make the connection out from guacd to the other
hosts.
I'm also not real familiar with FreeBSD, so I'm not sure if there's any
sort
of Discretionary Access Control system or application firewall (like
SELinux
or AppArmor for Linux) that runs that would block outbound traffic by
default?
If I get a chance I'll try to spin up a FreeBSD VM and see if I can
replicate it or if I can get it to work.
-Nick
--
Sent from: http://apache-guacamole-incubating-users.2363388.n4.nabble.com/
Re: Websocket tunnel connection time out issues
Posted by vnick <vn...@apache.org>.
EricSten wrote
> vnick:
>
> Yes, both guacd and Tomcat are running on the same system.
>
> The output from running the guacd service with debugging and output to
> console results in the following:
>
> guacd[51911]: INFO: Guacamole proxy daemon (guacd) version
> 0.9.13-incubating started
> guacd[51911]: DEBUG: Successfully bound socket to host 127.0.0.1, port
> 4822
> guacd[51911]: INFO: Listening on host 127.0.0.1, port 4822
> guacd[51911]: INFO: Creating new client for protocol "rdp"
> guacd[51911]: INFO: Connection ID is
> "$425c3cfe-029f-4465-b2fa-059d51f253b8"
> guacd[51911]: INFO: Connection "$425c3cfe-029f-4465-b2fa-059d51f253b8"
> removed.
> guacd[51911]: INFO: Creating new client for protocol "ssh"
> guacd[51911]: INFO: Connection ID is
> "$2653e39d-6cdb-4b74-bf14-136ded481a0d"
> guacd[52064]: INFO: Current locale does not use UTF-8. Some characters
> may not render correctly.
> guacd[51911]: INFO: Connection "$2653e39d-6cdb-4b74-bf14-136ded481a0d"
> removed.
> guacd[51911]: INFO: Creating new client for protocol "ssh"
> guacd[51911]: INFO: Connection ID is
> "$05f4e35b-47ee-4872-8886-034978745fa0"
> guacd[52144]: INFO: Current locale does not use UTF-8. Some characters
> may not render correctly.
> guacd[51911]: INFO: Connection "$05f4e35b-47ee-4872-8886-034978745fa0"
> removed.
> guacd[51911]: INFO: Creating new client for protocol "ssh"
> guacd[51911]: INFO: Connection ID is
> "$0a4cb99c-9122-4b65-a502-6f7ed17714fb"
> guacd[52176]: INFO: Current locale does not use UTF-8. Some characters
> may not render correctly.
> guacd[51911]: INFO: Connection "$0a4cb99c-9122-4b65-a502-6f7ed17714fb"
> removed.
> guacd[51911]: INFO: Creating new client for protocol "ssh"
> guacd[51911]: INFO: Connection ID is
> "$14016334-3cf7-4721-8185-5368572f3243"
> guacd[52179]: INFO: Current locale does not use UTF-8. Some characters
> may not render correctly.
> guacd[51911]: INFO: Connection "$14016334-3cf7-4721-8185-5368572f3243"
> removed.
>
> No specific errors but it appears that the connection attempt is dropped
> immediately.
On the system where Guacamole is running can you verify that you can make
the SSH and/or RDP connections from there to the destination hosts? It
looks to me like the Guacamole client<->guacd traffic is happening, but for
some reason it cannot make the connection out from guacd to the other hosts.
I'm also not real familiar with FreeBSD, so I'm not sure if there's any sort
of Discretionary Access Control system or application firewall (like SELinux
or AppArmor for Linux) that runs that would block outbound traffic by
default?
If I get a chance I'll try to spin up a FreeBSD VM and see if I can
replicate it or if I can get it to work.
-Nick
--
Sent from: http://apache-guacamole-incubating-users.2363388.n4.nabble.com/
Re: Websocket tunnel connection time out issues
Posted by Eric Sten <ia...@gmail.com>.
vnick:
Yes, both guacd and Tomcat are running on the same system.
The output from running the guacd service with debugging and output to
console results in the following:
guacd[51911]: INFO: Guacamole proxy daemon (guacd) version
0.9.13-incubating started
guacd[51911]: DEBUG: Successfully bound socket to host 127.0.0.1, port
4822
guacd[51911]: INFO: Listening on host 127.0.0.1, port 4822
guacd[51911]: INFO: Creating new client for protocol "rdp"
guacd[51911]: INFO: Connection ID is
"$425c3cfe-029f-4465-b2fa-059d51f253b8"
guacd[51911]: INFO: Connection "$425c3cfe-029f-4465-b2fa-059d51f253b8"
removed.
guacd[51911]: INFO: Creating new client for protocol "ssh"
guacd[51911]: INFO: Connection ID is
"$2653e39d-6cdb-4b74-bf14-136ded481a0d"
guacd[52064]: INFO: Current locale does not use UTF-8. Some characters
may not render correctly.
guacd[51911]: INFO: Connection "$2653e39d-6cdb-4b74-bf14-136ded481a0d"
removed.
guacd[51911]: INFO: Creating new client for protocol "ssh"
guacd[51911]: INFO: Connection ID is
"$05f4e35b-47ee-4872-8886-034978745fa0"
guacd[52144]: INFO: Current locale does not use UTF-8. Some characters
may not render correctly.
guacd[51911]: INFO: Connection "$05f4e35b-47ee-4872-8886-034978745fa0"
removed.
guacd[51911]: INFO: Creating new client for protocol "ssh"
guacd[51911]: INFO: Connection ID is
"$0a4cb99c-9122-4b65-a502-6f7ed17714fb"
guacd[52176]: INFO: Current locale does not use UTF-8. Some characters
may not render correctly.
guacd[51911]: INFO: Connection "$0a4cb99c-9122-4b65-a502-6f7ed17714fb"
removed.
guacd[51911]: INFO: Creating new client for protocol "ssh"
guacd[51911]: INFO: Connection ID is
"$14016334-3cf7-4721-8185-5368572f3243"
guacd[52179]: INFO: Current locale does not use UTF-8. Some characters
may not render correctly.
guacd[51911]: INFO: Connection "$14016334-3cf7-4721-8185-5368572f3243"
removed.
No specific errors but it appears that the connection attempt is dropped
immediately.
Thanks
Eric Sten
--
Eric Sten
Visit Trixies Tales, adventures of a domestic dog. — www.trixiestales.com
On September 9, 2017 at 11:15:29 AM, vnick (vnick@apache.org) wrote:
EricSten wrote
> I am trying to get Guacamole 0.9.13 up and running on a FreeBSD 10.3
> environment and am having difficulties. I've complied both the server and
> the client from the FreeBSD ports and installed all the other required
> packages (I believe at least). The guacd service starts up and runs on
> port
> 4822, and the client package is installed under Tomcat 8. I'm able to log
> into the Guacamole front end and have configured an SSH and RDP
connection
> in the user-mapping.xml file. However, when I try to connect to either I
> get the "Connected to Guacamole. Waiting for response..." message. The
> sessions never connect. Setting the debug level in the guacd.conf file
> and
> viewing the catalina.out log file I find the following error(s):
> ...
> Any suggestions as to what might be causing the inability to connect to
> the
> guacamole service? Suggestions on where to look?
>
> I currently have guacamole 0.9.9 running in another FreeBSD 10.3
> environment
> and everything is working properly, I just am unable to get any later
> versions to run.
Eric,
A couple of questions for you:
- Are guacd and Tomcat running on the same system?
- If you start guacd in debug mode (shut down the existing guacd instance),
and keep it in the foreground (guacd -L debug -f), and then try the
connection, do you see any indication from guacd that it is receiving the
connection? Are there any errors in that output?
-Nick
--
Sent from: http://apache-guacamole-incubating-users.2363388.n4.nabble.com/
Re: Websocket tunnel connection time out issues
Posted by vnick <vn...@apache.org>.
EricSten wrote
> I am trying to get Guacamole 0.9.13 up and running on a FreeBSD 10.3
> environment and am having difficulties. I've complied both the server and
> the client from the FreeBSD ports and installed all the other required
> packages (I believe at least). The guacd service starts up and runs on
> port
> 4822, and the client package is installed under Tomcat 8. I'm able to log
> into the Guacamole front end and have configured an SSH and RDP connection
> in the user-mapping.xml file. However, when I try to connect to either I
> get the "Connected to Guacamole. Waiting for response..." message. The
> sessions never connect. Setting the debug level in the guacd.conf file
> and
> viewing the catalina.out log file I find the following error(s):
> ...
> Any suggestions as to what might be causing the inability to connect to
> the
> guacamole service? Suggestions on where to look?
>
> I currently have guacamole 0.9.9 running in another FreeBSD 10.3
> environment
> and everything is working properly, I just am unable to get any later
> versions to run.
Eric,
A couple of questions for you:
- Are guacd and Tomcat running on the same system?
- If you start guacd in debug mode (shut down the existing guacd instance),
and keep it in the foreground (guacd -L debug -f), and then try the
connection, do you see any indication from guacd that it is receiving the
connection? Are there any errors in that output?
-Nick
--
Sent from: http://apache-guacamole-incubating-users.2363388.n4.nabble.com/