This site can’t be reached - [SOLVED] firewall issue

[acondura]

Description

No docksal project works, nothing, empty page when trying to load boilerplate D8 website.
Went through #870, tried every command there but didn't help, I'm on a Mac.

Steps to reproduce the issue:

1. fin config generate
2. fin project start
3. Access http://d8.docksal, got This site can’t be reached.

Output of fin config:

fin config output

---------------------
COMPOSE_PROJECT_NAME_SAFE: d8
COMPOSE_FILE:
/Users/andreicondurachi/.docksal/stacks/overrides-osxfs.yml
/Users/andreicondurachi/.docksal/stacks/volumes-bind.yml
/Users/andreicondurachi/.docksal/stacks/stack-default.yml
/Users/andreicondurachi/Sites/devdesktop/d8/.docksal/docksal.yml
ENV_FILE:
/Users/andreicondurachi/Sites/devdesktop/d8/.docksal/docksal.env

PROJECT_ROOT: /Users/andreicondurachi/Sites/devdesktop/d8
DOCROOT: docroot
VIRTUAL_HOST: d8.docksal
VIRTUAL_HOST_ALIASES: *.d8.docksal
IP: 192.168.64.100
MYSQL: 192.168.64.100:32768

Docker Compose configuration
---------------------
services:
  cli:
    dns:
    - 192.168.64.100
    - 8.8.8.8
    environment:
      BLACKFIRE_CLIENT_ID: null
      BLACKFIRE_CLIENT_TOKEN: null
      DOCROOT: docroot
      GIT_USER_EMAIL: andrei@condurachi.ro
      GIT_USER_NAME: Andrei Condurachi
      HOST_GID: '20'
      HOST_UID: '501'
      SECRET_ACAPI_EMAIL: null
      SECRET_ACAPI_KEY: null
      SECRET_PLATFORMSH_CLI_TOKEN: null
      SECRET_SSH_PRIVATE_KEY: null
      SECRET_TERMINUS_TOKEN: null
      VIRTUAL_HOST: d8.docksal
      XDEBUG_CONFIG: remote_connect_back=0 remote_host=192.168.64.1
      XDEBUG_ENABLED: '0'
    hostname: cli
    image: docksal/cli:2.5-php7.1
    volumes:
    - docksal_ssh_agent:/.ssh-agent:ro
    - cli_home:/home/docker:rw
    - /Users/andreicondurachi/Sites/devdesktop/d8:/var/www:rw,cached
  db:
    dns:
    - 192.168.64.100
    - 8.8.8.8
    environment:
      MYSQL_ALLOW_EMPTY_PASSWORD: null
      MYSQL_DATABASE: default
      MYSQL_INITDB_SKIP_TZINFO: null
      MYSQL_ONETIME_PASSWORD: null
      MYSQL_PASSWORD: user
      MYSQL_RANDOM_ROOT_PASSWORD: null
      MYSQL_ROOT_PASSWORD: root
      MYSQL_USER: user
    hostname: db
    image: docksal/db:1.2-mysql-5.6
    ports:
    - 3306/tcp
    volumes:
    - db_data:/var/lib/mysql:rw
    - project_root:/var/www:ro,nocopy
  web:
    depends_on:
      cli:
        condition: service_started
    dns:
    - 192.168.64.100
    - 8.8.8.8
    environment:
      APACHE_BASIC_AUTH_PASS: null
      APACHE_BASIC_AUTH_USER: null
      APACHE_DOCUMENTROOT: /var/www/docroot
    hostname: web
    image: docksal/web:2.1-apache2.4
    labels:
      io.docksal.cert-name: none
      io.docksal.permanent: "false"
      io.docksal.project-root: /Users/andreicondurachi/Sites/devdesktop/d8
      io.docksal.virtual-host: d8.docksal,*.d8.docksal,d8.docksal.*
    volumes:
    - project_root:/var/www:ro,nocopy
version: '2.1'
volumes:
  cli_home: {}
  db_data: {}
  docksal_ssh_agent:
    external: true
    name: docksal_ssh_agent
  project_root:
    driver: local
    driver_opts:
      device: /Users/andreicondurachi/Sites/devdesktop/d8
      o: bind
      type: none

---------------------

Output of fin sysinfo:

fin sysinfo output

███  OS
Darwin Mac OS X 10.14.1
Darwin Andreis-MacBook-Pro.local 18.2.0 Darwin Kernel Version 18.2.0: Fri Oct  5 19:41:49 PDT 2018; root:xnu-4903.221.2~2/RELEASE_X86_64 x86_64

███  ENVIRONMENT
MODE : Docker for Mac

███  FIN
fin version: 1.80.1

███  DOCKER COMPOSE
EXPECTED VERSION: 1.23.1
docker-compose version 1.23.2, build 1110ad01
docker-py version: 3.6.0
CPython version: 3.6.6
OpenSSL version: OpenSSL 1.1.0h  27 Mar 2018

███  DOCKER
EXPECTED VERSION: 18.06.1-ce

Client: Docker Engine - Community
Version:           18.09.0
API version:       1.39
Go version:        go1.10.4
Git commit:        4d60db4
Built:             Wed Nov  7 00:47:43 2018
OS/Arch:           darwin/amd64
Experimental:      false

Server: Docker Engine - Community
Engine:
Version:          18.09.0
API version:      1.39 (minimum version 1.12)
Go version:       go1.10.4
Git commit:       4d60db4
Built:            Wed Nov  7 00:55:00 2018
OS/Arch:          linux/amd64
Experimental:     true

███  DOCKSAL: PROJECTS
project             STATUS              virtual host                           project root
d8                  Up 16 minutes       d8.docksal,*.d8.docksal,d8.docksal.*   /Users/andreicondurachi/Sites/devdesktop/d8

███  DOCKSAL: VIRTUAL HOSTS
*.d8.docksal
d8.docksal.*
d8.docksal

███  DOCKER: RUNNING CONTAINERS
CONTAINER ID        IMAGE                       COMMAND                  CREATED             STATUS                    PORTS                                                    NAMES
3e4a9c8db64a        docksal/vhost-proxy:1.4     "docker-entrypoint.s…"   5 minutes ago       Up 5 minutes (healthy)    192.168.64.100:80->80/tcp, 192.168.64.100:443->443/tcp   docksal-vhost-proxy
460d82db9b65        docksal/web:2.1-apache2.4   "httpd-foreground"       16 minutes ago      Up 16 minutes             80/tcp, 443/tcp                                          d8_web_1
9c94c0f1f817        docksal/cli:2.5-php7.1      "/opt/startup.sh sup…"   16 minutes ago      Up 16 minutes (healthy)   22/tcp, 3000/tcp, 9000/tcp                               d8_cli_1
d50638110550        docksal/db:1.2-mysql-5.6    "/entrypoint.sh mysq…"   16 minutes ago      Up 16 minutes             0.0.0.0:32768->3306/tcp                                  d8_db_1
3b7a6f01f0fe        docksal/ssh-agent:1.2       "docker-entrypoint.s…"   18 minutes ago      Up 18 minutes (healthy)                                                            docksal-ssh-agent
95fd32702f8d        docksal/dns:1.1             "docker-entrypoint.s…"   18 minutes ago      Up 18 minutes (healthy)   192.168.64.100:53->53/udp                                docksal-dns

███  DOCKER: NETWORKS
NETWORK ID          NAME                      DRIVER              SCOPE
de424f5ff36a        _default                  bridge              local
4b8051094eca        acuity_default            bridge              local
c77e984bd981        bridge                    bridge              local
bd2acb2c2b46        d7docksal_default         bridge              local
10e84506caff        d8_default                bridge              local
3ef400dbc99d        d_default                 bridge              local
ff35564945e6        docker-training_default   bridge              local
6272be5df72e        host                      host                local
018d92e1c56a        joc-varbase_default       bridge              local
d1f6801c968d        jocdocksal_default        bridge              local
fb170e3a06b0        none                      null                local
c39ce8153c2f        opencloud_default         bridge              local
969ec9ec6455        pocketlist_default        bridge              local

███  HDD Usage
Filesystem      Size   Used  Avail Capacity iused               ifree %iused  Mounted on
/dev/disk1s1   233Gi  153Gi   76Gi    67% 2568498 9223372036852207309    0%   /
devfs          335Ki  335Ki    0Bi   100%    1158                   0  100%   /dev
/dev/disk1s4   233Gi  4.0Gi   76Gi     5%       4 9223372036854775803    0%   /private/var/vm
map -hosts       0Bi    0Bi    0Bi   100%       0                   0  100%   /net
map auto_home    0Bi    0Bi    0Bi   100%       0                   0  100%   /home

[achekulaev]

1. Don't use fin config generate
2. Please show output of ping -t 1 dns-test.docksal
3. Use fin project create to install Drupal 8 (Choice Update env-setup.md #1) and tell if it works. If it works, then it is something about your Drupal. If it does not work then provide the output you had during fin project create

[acondura]

output of ping -t 1 dns-test.docksal:

[1] 24507 alarm ping -t 1 dns-test.docksal

Running fin project create now.

[acondura]

Created d8test through fin project create, still no show:

➜ fin project create

1. Name your project (lowercase alphanumeric, underscore, and hyphen): d8test

2. What would you like to install?
   PHP based

   1. Drupal 8
   2. Drupal 8 (Composer Version)
   3. Drupal 7
   4. Wordpress
   5. Magento
   6. Laravel
   7. Symfony Skeleton
   8. Symfony WebApp
   9. Grav CMS
   10. Backdrop CMS

Go based
11. Hugo

JS based
12. Gatsby JS

HTML
13. Static HTML site

Enter your choice (1-13): 1

Project folder: /Users/andreicondurachi/Sites/devdesktop/d8test
Project software: Drupal 8
Project URL: http://d8test.docksal

Do you wish to proceed? [y/n]: y
Cloning repository...
Cloning into 'd8test'...
remote: Enumerating objects: 67680, done.
remote: Total 67680 (delta 0), reused 0 (delta 0), pack-reused 67680
Receiving objects: 100% (67680/67680), 33.37 MiB | 1.34 MiB/s, done.
Resolving deltas: 100% (35140/35140), done.
Checking out files: 100% (15682/15682), done.
3. Installing site
Step 1 Initializing stack...
Removing containers...
Removing network d8test_default
WARNING: Network d8test_default not found.
Removing volume d8test_cli_home
WARNING: Volume d8test_cli_home not found.
Removing volume d8test_project_root
WARNING: Volume d8test_project_root not found.
Removing volume d8test_db_data
WARNING: Volume d8test_db_data not found.
Volume docksal_ssh_agent is external, skipping
Key 'id_rsa' already loaded in the agent. Skipping.
Starting services...
Creating network "d8test_default" with the default driver
Creating volume "d8test_cli_home" with default driver
Creating volume "d8test_project_root" with local driver
Creating volume "d8test_db_data" with default driver
Creating d8test_cli_1 ... done
Creating d8test_db_1 ... done
Creating d8test_web_1 ... done
Waiting 10s for container to start...
Connected vhost-proxy to "d8test_default" network.
Waiting 10s for MySQL to initialize...
Step 2 Initializing site...
Making site directory writable...
Copying /var/www/docroot/sites/default/settings.local.php...
You are about to DROP all tables in your 'default' database. Do you want to continue? (y/n): y
Starting Drupal installation. This takes a while. Consider using the --notify global option. [ok]
Installation complete. User name: admin User password: Gfyy6U44Xb [ok]
All necessary changes to sites/default and sites/default/settings.php have been made, so you should remove write [warning]
permissions to them now in order to avoid security risks. If you are unsure how to do so, consult the online handbook.
Congratulations, you installed Drupal! [status]

real 1m5.644s
user 0m13.560s
sys 0m12.040s
DONE! Open http://d8test.docksal in your browser to verify the setup.

[achekulaev]

output of ping -t 1 dns-test.docksal:

This is not an output

still no show:

1. Attach screenshot
2. Show output of curl -L http://d8test.docksal

[acondura]

[crittermike]

@achekulaev side note, why did you say "Don't use fin config generate"? I use it all the time for initial Docksal setup on existing projects.

[acondura]

I've even removed Docksal completely from my mac as per https://docs.docksal.io/getting-started/setup/#uninstall and installed it again. Ever since I started searching container based Drupal tools and discovered Docksal about 1-2 months ago I have not been able to make ANY website work with it, be it new or imported, and I went through a lot of tools https://drupaltools.github.io.

[lmakarov]

@acondura can you ping 192.168.64.100 and open http://192.168.64.100 a browser?

[acondura]

[lmakarov]

ok, so there is a networking issue in your case. Do you have any kind of firewall/antivirus running?

[lmakarov]

Please run the following and post the output here:

ifconfig lo0
fin system reset
ifconfig lo0

[lpeabody]

In the past, sometimes running VPN software has caused me not to be able to access the Docksal proxy service, depending on how strict that VPN software was. If it's aggressive and routes all local traffic through their network then you'll lose the ability to run. Figured I'd share that tidbit.

[acondura]

I'm using McAfee Total Protection.

[lmakarov]

@acondura your network config looks good - 192.168.64.100 is assigned to the lo0 interface and should be reachable.

@lpeabody great point about VPN!
@acondura are you connected to any kind of VPN? If so, disconnecting and test again.

[acondura]

Just hola! vpn (http://hola.org/) but it is off, it has been off. Different browsers (safari, firefox) respond the same thing, the site can't be reached.

[lmakarov]

netstat -nr -f inet
traceroute -m 2 192.168.64.100

[acondura]

[lmakarov]

Your routing table looks correct. So this must be a firewall/antivirus blocking connections.

Can you confirm in your firewall settings the following are unchecked?

Alternatively, try with the firewall disabled altogether

Use ping -t1 192.168.64.100 to test.

[acondura]

Both checkboxes are unchecked and I turned off the firewall. The result of the ping is 100% packet loss.

[lmakarov]

Can you at least ping 127.0.0.1?

[acondura]

Yes, that is working.

[acondura]

Finally, I found the McAfee specific Firewall page and disabled it and Docksal now works!

[lmakarov]

ok, I guess I missed you mentioning this earlier...

I'm using McAfee Total Protection.

Glad it works. Make sure you configure McAfee Firewall to alloca connections to and from 192.168.64.100 (Docksal's canonical IP address used across all systems and configurations).