Running tests that create sockets leads to failures in WSL due to Windows firewall blocking socket activity #5542
Comments
|
I am not able to reproduce "popup every rename invocation" behavior here. I get one popup to allow port I think you'll get the same behavior if you were to do an equivalent powershell script in windows and launch a bunch of different executables listening on port 10000, given your firewall configuration. You'll probably get better eyeballs over in serverfault on firewall configuration than here. You'll get better answers if the question is frame as a Windows powershell script that renames Windows netcat (or anything that listens on a port). |
|
Ok. Thanks for the prompt response. I'll follow up on that suggestion. |
|
Looks like I was confusing two different problems. I will close this issue. |
Environment
Win32NT 10.0.18363.0 Microsoft Windows NT 10.0.18363.0
$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 16.04.6 LTS
Release: 16.04
Codename: xenial
/proc/version: Linux version 4.4.0-18362-Microsoft (Microsoft@Microsoft.com) (gcc version 5.4.0 (GCC) ) #836-Microsoft Mon May 05 16:04:00 PST 2020
Steps to reproduce
I'm looking at whether it would be possible to build our software under Ubuntu running on WSL rather than in a full VM. During the build a number of test programs are created that create listen sockets and make connections to test the behaviour of that code.
When the programs are run, the Windows firewall pops up asking whether to allow the connection to be set up. While normally this isn't a significant issue, it become a problem when there are a number of executables being created which may appear in different locations, though in fact be the same, due to being built under different paths.
This isn't what I'm doing but it demonstrates the point. Although the names of the generated programs are not random, the effect is similar to them being so. Thus, the following shell script demonstrates the problem
for i in 1 2 3 4 5 6 7 8 9 10; do new_name=/tmp/foo$(rand); cp /bin/nc $new_name; $new_name -l 10000 & proc_id=$!; sleep 2; kill $proc_id; doneBecause the /tmp/foo$(rand) generates a new name each time, every single invocation will cause a pop-up to permit the access to the network.
In my case, the access is only really necessary for localhost though the sockets bind to allow connections over any interface (for the applications in question, loopback only would be ok for the tests but the behaviour they are checking would need to be able to connect across any interface).
Expected behavior
I'd like to be able to set a firewall rule up that allowed any executable under a given path to proceed, or somehow to say that executables generated under certain conditions. I created a firewall rule and tried to associate it with a package to allow any inbound connections but this has not helped.
Actual behavior
There are firewall popups every time one of these programs is executed and this then causes the tests to fail.
The text was updated successfully, but these errors were encountered: