What is the problem you are having with rclone?
I regularly run rclone sync
on a Raspberry Pi to sync some local files with Backblaze B2. When rclone is running, the kernel logs show ufw firewall blocked several incoming packets. These originate from Backblaze-owned IPs. The Pi is behind a router which has a firewall -- so it shouldn't be receiving any incoming packets at all.
My questions are:
- It looks like Backblaze is trying to connect to the Pi - why is this happening? I had assumed rclone only involved outgoing connections.
- Why do the packets get through the router firewall, to the Pi?
I don't appear to get any ufw block messages when rclone is not running. So it is somehow rclone-related -- even if it is ultimately a network configuration issue of some kind.
Further details:
- here is the kernel log when rclone was running:
Jun 24 11:20:42 percival kernel: [UFW BLOCK] IN=eth0 OUT= MAC=dc:a6:32:00:e4:e5:40:0d:10:e4:31:f0:08:00 SRC=206.190.215.15 DST=192.168.0.102 LEN=40 TOS=0x08 PREC=0x20 TTL=50 ID=20792 DF PROTO=TCP SPT=443 DPT=42744 WINDOW=0 RES=0x00 RST URGP=0
Jun 24 11:20:42 percival kernel: [UFW BLOCK] IN=eth0 OUT= MAC=dc:a6:32:00:e4:e5:40:0d:10:e4:31:f0:08:00 SRC=206.190.215.15 DST=192.168.0.102 LEN=40 TOS=0x08 PREC=0x20 TTL=50 ID=20793 DF PROTO=TCP SPT=443 DPT=42744 WINDOW=0 RES=0x00 RST URGP=0
Jun 24 11:20:42 percival kernel: [UFW BLOCK] IN=eth0 OUT= MAC=dc:a6:32:00:e4:e5:40:0d:10:e4:31:f0:08:00 SRC=206.190.215.15 DST=192.168.0.102 LEN=40 TOS=0x08 PREC=0x20 TTL=50 ID=0 DF PROTO=TCP SPT=443 DPT=42738 WINDOW=0 RES=0x00 RST URGP=0
Jun 24 11:20:42 percival kernel: [UFW BLOCK] IN=eth0 OUT= MAC=dc:a6:32:00:e4:e5:40:0d:10:e4:31:f0:08:00 SRC=206.190.215.15 DST=192.168.0.102 LEN=40 TOS=0x08 PREC=0x20 TTL=50 ID=0 DF PROTO=TCP SPT=443 DPT=42738 WINDOW=0 RES=0x00 RST URGP=0
Jun 24 11:20:42 percival kernel: [UFW BLOCK] IN=eth0 OUT= MAC=dc:a6:32:00:e4:e5:40:0d:10:e4:31:f0:08:00 SRC=206.190.215.15 DST=192.168.0.102 LEN=40 TOS=0x08 PREC=0x20 TTL=50 ID=20320 DF PROTO=TCP SPT=443 DPT=42736 WINDOW=0 RES=0x00 RST URGP=0
Jun 24 11:20:42 percival kernel: [UFW BLOCK] IN=eth0 OUT= MAC=dc:a6:32:00:e4:e5:40:0d:10:e4:31:f0:08:00 SRC=206.190.215.15 DST=192.168.0.102 LEN=40 TOS=0x08 PREC=0x20 TTL=50 ID=20321 DF PROTO=TCP SPT=443 DPT=42736 WINDOW=0 RES=0x00 RST URGP=0
Jun 24 11:20:42 percival kernel: [UFW BLOCK] IN=eth0 OUT= MAC=dc:a6:32:00:e4:e5:40:0d:10:e4:31:f0:08:00 SRC=206.190.215.15 DST=192.168.0.102 LEN=40 TOS=0x08 PREC=0x20 TTL=50 ID=0 DF PROTO=TCP SPT=443 DPT=42742 WINDOW=0 RES=0x00 RST URGP=0
Jun 24 11:20:42 percival kernel: [UFW BLOCK] IN=eth0 OUT= MAC=dc:a6:32:00:e4:e5:40:0d:10:e4:31:f0:08:00 SRC=206.190.215.15 DST=192.168.0.102 LEN=40 TOS=0x08 PREC=0x20 TTL=50 ID=0 DF PROTO=TCP SPT=443 DPT=42742 WINDOW=0 RES=0x00 RST URGP=0
Jun 24 11:20:42 percival kernel: [UFW BLOCK] IN=eth0 OUT= MAC=dc:a6:32:00:e4:e5:40:0d:10:e4:31:f0:08:00 SRC=206.190.215.15 DST=192.168.0.102 LEN=40 TOS=0x08 PREC=0x20 TTL=50 ID=20408 DF PROTO=TCP SPT=443 DPT=42740 WINDOW=0 RES=0x00 RST URGP=0
Jun 24 11:20:42 percival kernel: [UFW BLOCK] IN=eth0 OUT= MAC=dc:a6:32:00:e4:e5:40:0d:10:e4:31:f0:08:00 SRC=206.190.215.15 DST=192.168.0.102 LEN=40 TOS=0x08 PREC=0x20 TTL=50 ID=20409 DF PROTO=TCP SPT=443 DPT=42740 WINDOW=0 RES=0x00 RST URGP=0
- the connections originate from 206.190.215.15 (on port 443). This IP address redirects to Backblaze. At other times when rclone has run, other IPs have appeared in the logs
- the router is a standard home router from Virgin Media. The router firewall is enabled, there are no open ports, and UPnP is disabled.
- the ufw setup is straightforward:
pi@percival:~ $ sudo ufw status verbose
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), disabled (routed)
New profiles: skip
To Action From
-- ------ ----
Anywhere ALLOW IN 192.168.0.0/24
What is your rclone version (output from rclone version
)
rclone v1.50.2
- os/arch: linux/arm
- go version: go1.13.6
Which OS you are using and how many bits (eg Windows 7, 64 bit)
Raspbian 5.4.47-v7l+ armv7l
Which cloud storage system are you using? (eg Google Drive)
Backblaze B2
The command you were trying to run (eg rclone copy /tmp remote:tmp
)
sudo rclone sync -vv /mnt/hdd0/backup b2-pi-encrypted:/backup_remote_copy
The rclone config contents with secrets removed.
[b2-pi-encrypted]
type = crypt
remote = b2-pi:XXXXXXX-backup-pi
filename_encryption = standard
directory_name_encryption = true
password = XXXXXXX
password2 = XXXXXXX
[b2-pi]
type = b2
account = XXXXXXX
key = XXXXXXX
hard_delete = true
A log from the command with the -vv
flag
Forum stops me from including links - the log is at:
gist [dot] github [dot] com/mrankine/3ea21f3c08a59f29107aa7f0e1f06907
Note: Edited to obscure local filenames.