Iptables fail on 'start'

Support
#1

I’m running Linux Mint Cinnamon 18.1 on a cheap HP laptop without a GPU.

$ ./Blockstack-for-Linux-v0.28.0.sh pull
…completes satisfactorily.

$ ./Blockstack-for-Linux-v0.28.0.sh install-protocol-handler
…gives no indication of success or failure, and simply jumps to the next prompt.

When I run:
$ ./Blockstack-for-Linux-v0.28.0.sh start

… I get the following output:

245ad35965a79d437a1728acf27f9c60a253448d4e4cb002f0e09ba5a1286166
docker: Error response from daemon: driver failed programming external connectivity on endpoint blockstack-browser-static (fe62d1a657fc633c6326b7bc36005c2fcda9ed57cad391663d6fe2a0339267f3): (iptables failed: iptables --wait -t filter -A DOCKER ! -i docker0 -o docker0 -p tcp -d 172.17.0.2 --dport 8888 -j ACCEPT: iptables: No chain/target/match by that name.
(exit status 1)).
4f728b12f39cf32cbfd36fa0d57c7a0877867b2d9211382687b97767d2125f3f
docker: Error response from daemon: driver failed programming external connectivity on endpoint blockstack-browser-cors (a4a2406f85961f90da53590da99c3181ca8fdcba5e11d02c1716aa75369207b8): (iptables failed: iptables --wait -t filter -A DOCKER ! -i docker0 -o docker0 -p tcp -d 172.17.0.2 --dport 1337 -j ACCEPT: iptables: No chain/target/match by that name.
(exit status 1)).

Before the run I flushed the iptables current settings with:
iptables -F; iptables -X

The output of iptables -L -n then becomes:

Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

It remains the same on the host laptop after running ‘start’, so it does not appear that the local iptables is blocking any access.

It would appear that either the DOCKER chain or the ACCEPT chain are not being created on the containers. How do I get past this? Is there a Dockerfile I could look at to try to troubleshoot this?

The end result is a new tab does open up in my Google Chrome browser, pointed to “http://localhost:8888/#coreAPIPassword=0”, with the following error messages on the screen.:

This site can’t be reached
localhost refused to connect.
Try:

Checking the connection
Checking the proxy and the firewall
ERR_CONNECTION_REFUSED

This is the output I get from netstat:

$ sudo netstat -tulpn | grep 8888

Nada. It is not listening on 8888.

Your assistance would be greatly appreciated. I’d love to try this browser, but am stymied at the moment.

#2

Hey @KernelXitron,

Do you have Docker installed? You’ll need Docker to be running and accessible to your user account to use the default script.

If you don’t want to use Docker, you should be able to run the latest Browser as follows:

$ git clone https://github.com/blockstack/blockstack-browser
$ cd blockstack-browser
$ npm install 
$ echo > ~/.local/share/applications/blockstack.desktop <<EOF
[Desktop Entry]
Name=Blockstack
Exec=blockstack.sh %u
Type=Application
NoDisplay=true
Categories=System;
MimeType=x-scheme-handler/blockstack;
EOF
$ sudo echo > /usr/local/bin/blockstack.sh <<EOF
#!/bin/sh

PORTNUM="$BLOCKSTACK_BROWSER_PORT"
if [ -z "$PORTNUM" ]; then
   PORTNUM=3000
fi

PORTAL_URL="http://localhost:$PORTNUM"

# logging...
echo "request: $@" >> /tmp/blockstack.log

# expect blockstack:AUTHENTICATION_TOKEN
if [ -z "$1" ]; then
   exit 1
fi

AUTH_TOKEN="$(echo "$1" | sed -r 's/blockstack://g')"
exec chromium-browser "$PORTAL_URL/auth?authRequest=$AUTH_TOKEN"
EOF
$ npm run dev-proxy & npm run dev
#3

Hi @KernelXitron this looks like a docker issue, which version are you running? have you restarted docker after flushing the iptables?

also maybe you can try the following:

ip link delete docker0
systemctl restart docker

If nothing is working even with latest docker version maybe you should try just build from source instead of the docker way since you are running linux.

1 Like