Lulu corrupting connection and disconnecting persistent connections #530
Comments
|
Aloha Chris, Do you see the same issue if the other filter (SentinelOne) is uninstalled or disabled? Mahalo! |
|
I'll test this with the SentinelOne content filter disabled and get back to you. Whats interesting is that I've tried the same setup with Little Snitch (and SentinelOne), which also uses a Network Extension, and I'm not seeing this same behaviour. So the network service chaining is happening here as well, but without the side effect (or direct effect). FYI, I actually spent some time growing up on Maui and lived in Haiku for a few years. Sure miss it! Mahalo! |
|
@objective-see Aloha Patrick, wondering if any progress has been made with network service chaining and Lulu. This appears to be what the issue is/was. I haven't tested recently, but I can only imagine that others are having the same issue as many enterprise/business users will have an EDR/AV solution on their macOS device as well. On a separate note, my heart goes out to you and the people of Maui (a place I once called home) regarding the devastation of the fires. I will be donating to your Go Fund Me to help with relief. God bless! |
|
LuLu keeps preventing me from joining any network when I start my Mac. This has been a constant issue. Finally after deleting LuLu my mac is back to normal, please fix this |
|
I think I’ve been having the same issue. I have Microsoft Defender installed as a second content filter and I see SSH connections getting corrupted quite often. Even connections to a local running VM end up corrupted sometimes! I looked at it in Wireshark and experimented with netcat to another machine. Wireshark was showing everything properly (no weird retransmissions or checksum errors), but some incoming packets that were visible in Wireshark were not delivered to nc. At first I thought it was some networking issue, but then I realized that a software problem on my Mac was way more likely. I disabled Lulu and it stopped happening (so far). |
|
Having periodic problems with ssh and now recently (v2.6.3), Lulu constantly reinstalls itself and forgets its rules. Then, today, it randomly disconnected all of my network connections. Uninstalling. Sad. |
MD. Be afraid, especially if it's MDE plan 2 where MSFT rolls out untested definitions to millions/billions of devices that end up deleting all of a user's start menu shortcuts (I shit you not). |
|
I also have such problems. Thats really a problem if i need to disable lulu multiple times during the day. |
|
This does indeed look to be very similar to #523. I can easily reproduce the issue as well:
I haven't tested if things also keep on having intermittent failures later on, but at the very least, I can also observe the basic behavior. I'm currently writing a toy network extension and the same issue applies for it, so this shouldn't be something purely specific to LuLu. More specifically, this seems to happen for any two extensions started in order:
Indeed, LuLu bases itself on macOS' After rebooting however, all extensions in pending uninstallation are indeed uninstalled and starting a new one will work just fine. This should therefore serve as a workaround: instead of restarting only LuLu, restart the whole system, then start LuLu if not configured to start at login. @objective-see do you know if this can be avoided in any way? I went through most of the API's documentation and cannot see any parameter that could affect this. Even by degrading my extension to only be |
|
Something new here? If @PaulDance is right then nothing will solve this problem until a other way is implemented. I love Lulu but as it is in the moment it is nearly unusable if the problem appears several times a day. |
Yes, it's similar in this aspect and therefore suffers from the same problem during activation. Later issues you mention might be different, however, since I was only able to reproduce the first case.
Little Snitch can be used for a bit of time free of charge: maybe you can try that? How frequently does the issue occur with LuLu? Also, have you tried rebooting your machine? |
|
@PaulDance Already though about to move to little snitch. |
|
LS works great. 0 issues (when used without LuLu). I've been using it since 2011 (~13 years) on multiple generations and architectures of machines. |
Good morning,
macOS version: 13.3
Lulu version: 2.4.2
I recently re-installed my Mac recently as I was getting frequent disconnects from SSH sessions and IRC. I thought it was a side effect from upgrading macOS over the years without a fresh install. I did a clean build of macOS and selectively restored data to clean out years of junk.
Even after this clean re-install of macOS I noticed that at some point it started having the same network symptoms as before where I would frequently get disconnected from my SSH sessions and IRC. I had recently re-installed Lulu, so I decided to disable it as I knew it installs a content filter which directly hooks into the network stack. Sure enough, after disabling it I was not having the same disconnects as before.
So something Lulu is doing to the network stack is causing network corruption under certain conditions. A couple of observations I've made:
For now, I've had to remove Lulu from my Mac until this is resolved, as it causes too much chaos for me during the work day. Please let me know if there is something I can provide (logs?) to help diagnose this issue. I can see in the list of GitHub issues that there are others experiencing network issues with applications, disconnects or flat out losing Internet access. So there is obviously some underlying issue that needs to be addressed.
When Lulu was working it was an amazing security solution and I look forward to re-introducing it some day soon.
Cheers,
-Chris
The text was updated successfully, but these errors were encountered: