<div dir="ltr"><div dir="ltr">On Thu, Apr 2, 2020 at 7:55 AM Martin Simmons <<a href="mailto:martin@lispworks.com">martin@lispworks.com</a>> wrote:<br></div><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">>>>>> On Wed, 1 Apr 2020 08:59:30 -0400, Mirko Vukovic said:<br>
> <br>
> On Tue, Mar 31, 2020 at 11:51 AM Martin Simmons <<a href="mailto:martin@lispworks.com" target="_blank">martin@lispworks.com</a>><br>
> wrote:<br>
> <br>
> > >>>>> On Mon, 30 Mar 2020 21:16:00 -0400, Mirko Vukovic said:<br>
> > ><br>
> > > Hello,<br>
> > ><br>
> > > My setup is Sly on Spacemacs with Windows 10 running remote lisp on Linux<br>
> > > over a corporate network. I have not found a Sly mailing list, and I<br>
> > hope I<br>
> > > can get an answer here.<br>
> > ><br>
> > > Emacs is running Sly on Spacemacs on Windows 10. Lisp is running on a<br>
> > Linux<br>
> > > server. But Sly does not connect to the listening Lisp. Corporate network<br>
> > > security policies have changed. I can ask for IT to accommodate me, but<br>
> > > first I need to know what to ask for.<br>
> > ><br>
> > > So far, I have opened a tunnel, and started a listening lisp (details<br>
> > > below).<br>
> > ><br>
> > > In Emacs I get:<br>
> > ><br>
> > > sly-connect RET RET RET<br>
> > > [sly] Connecting to Slynk on port 4005..<br>
> > > helm-M-x-execute-command: make client process failed: Connection timed<br>
> > out,<br>
> > > :name, sly-9, :buffer, nil, :host, hal9000, :service, 4005, :nowait, nil,<br>
> > > :tls-parameters, nil<br>
> > ><br>
> > > The session transcript:<br>
> > > > ssh -L4005:localhost:4005 mirko@hal9000<br>
> > ><br>
> > > [mirko@hal9000 .roswell]$ ros -L ccl-bin run --load<br>
> > start-slynk-server.lisp<br>
> > ><br>
> > > Added SLYNK path to ASDF:*CENTRAL-REGISTRY*<br>
> > > SLYNK's ASDF loader finished.<br>
> > > Loaded ASDF system<br>
> > > ;; Slynk started at port: 4005.<br>
> > ><br>
> > > Created SLYNK server on port 4005<br>
> > > Set *USE-DEDICATED-OUTPUT-STREAM* to NIL<br>
> > > Clozure Common Lisp Version 1.11.5/v1.11.5 (LinuxX8664)<br>
> > ><br>
> > > For more information about CCL, please see <a href="http://ccl.clozure.com" rel="noreferrer" target="_blank">http://ccl.clozure.com</a>.<br>
> > ><br>
> > > CCL is free software. It is distributed under the terms of the Apache<br>
> > > Licence, Version 2.0.<br>
> > > ?<br>
> > ><br>
> > > My question is as follows:<br>
> > ><br>
> > > 1. Do I need bi-directional traffic on 4005?<br>
> ><br>
> > Assuming you are using the ssh tunnel above, then you don't need port 4005<br>
> > traffic on the LAN (it is all hidden in the tunnel).<br>
> ><br>
> > The most likely problem is that some firewall on the Windows machine is<br>
> > blocking port 4005. You may need to configure that firewall to allow ssh<br>
> > to<br>
> > listen on localhost:4005 and/or to accept connections to it from Spacemacs.<br>
> > In theory you might have similar localhost firewall issues on hal9000, but<br>
> > that is less likely.<br>
> ><br>
> ><br>
> > > 2. Do I need bi-directional traffic on 22? (after recent changes I<br>
> > > cannot ssh or scp into my Windows machine)<br>
> ><br>
> > I'm assuming that you ran the ssh command on the Windows 10 machine and it<br>
> > gave you a working login to hal9000. If so, then it looks like you already<br>
> > have what you need for port 22.<br>
> ><br>
> <br>
> Yes, I can log in to hal9000 with the -L switch:<br>
> <br>
> > ssh -L4005:localhost:4005 mirko@hal9000<br>
> Last login: Thu Mar 19 14:33:17 2020 from 172.27.236.189<br>
> [mirko@hal9000 ~]$<br>
> <br>
> <br>
> ><br>
> > Note that bi-directional traffic on a connected socket is different from<br>
> > whether you can make a connection in both directions.<br>
> ><br>
> ><br>
> > > 3. What tools can I use to try to narrow down the cause of the<br>
> > problem?<br>
> > > For instance, can I send a command to the lisp image, and see its<br>
> > effects<br>
> > > on the lisp side?<br>
> ><br>
> > Firstly, run "netstat -antp" on hal9000 to see if Lisp is listening on port<br>
> > 4005.<br>
> ><br>
> <br>
> It looks that ccl-bin is listening:<br>
> $ sudo netstat -antp | grep :4005<br>
> tcp 0 0 <a href="http://127.0.0.1:4005" rel="noreferrer" target="_blank">127.0.0.1:4005</a> 0.0.0.0:* LISTEN<br>
> 104461/lx86cl64<br>
> <br>
> <br>
> ><br>
> > Secondly, run "netstat -anop tcp" on the Windows 10 machine to see if ssh<br>
> > is<br>
> > listening on port 4005.<br>
> ><br>
> ><br>
> I have Msys2's netstat. On the laptop:<br>
> > which netstat<br>
> /c/WINDOWS/system32/netstat<br>
> /c/Users/mirko/Downloads<br>
> > netstat -anop tcp | grep :4005<br>
> TCP <a href="http://127.0.0.1:4005" rel="noreferrer" target="_blank">127.0.0.1:4005</a> <a href="http://0.0.0.0:0" rel="noreferrer" target="_blank">0.0.0.0:0</a> LISTENING 12052<br>
<br>
Yes, both netstat outputs look good at that point.<br>
<br>
<br>
> > Thirdly, run "ssh -p 4005 localhost" on the Windows 10 machine. This use a<br>
> > ssh is very bogus, but it should at least give an error message with some<br>
> > diagnostics. (Normally I would use telnet for this, but it is not<br>
> > installed<br>
> > on Windows 10 by default.)<br>
> ><br>
> <br>
> Outputs of both ssh and telnet on the laptop:<br>
> > which telnet<br>
> /usr/bin/telnet<br>
> /c/Users/mirko/Downloads<br>
> > telnet localhost 4005<br>
> Trying ::1...<br>
> Connected to localhost.<br>
> Escape character is '^]'.<br>
> Connection closed by foreign host.<br>
<br>
OK, so it is connected to the Windows side at least.<br>
<br>
Check that the Slynk server was created with :dont-close t (or set<br>
slynk:*dont-close* to t before creating it). If dont-close is nil, it will<br>
only accept one connection, which makes debugging difficult.<br>
<br>
Then restart the log in to hal9000 with -v option to ssh to make it print debug<br>
information:<br>
<br>
ssh -v -L4005:localhost:4005 mirko@hal9000<br>
<br>
and try the telnet again to see what is happening at the Linux end.<br>
<br>
__Martin<br></blockquote><div>Here is the test log. Telnet and ssh debug are at the bottom.</div><div id="gmail-content" style="color:rgb(0,0,0);font-family:"Times New Roman";font-size:medium"><div id="gmail-outline-container-orgb982551" class="gmail-outline-2"><h2 id="gmail-orgb982551"><span class="gmail-section-number-2">1</span> Start slynk with <code>:dont-close t</code></h2><div class="gmail-outline-text-2" id="gmail-text-1"><p>Modified startup script:</p><pre class="example" style="border:1px solid rgb(204,204,204);padding:8pt;overflow:auto;margin:1.2em">(let ((port 4005))
(slynk:create-server :port port :dont-close t)
(format t "~% Created SLYNK server on port ~a" port))
(setf slynk:*use-dedicated-output-stream* nil)
</pre></div></div><div id="gmail-outline-container-orgaa6b68a" class="gmail-outline-2"><h2 id="gmail-orgaa6b68a"><span class="gmail-section-number-2">2</span> Started tunnel with verbose option, <code>-v</code> switch</h2><div class="gmail-outline-text-2" id="gmail-text-2"><pre class="example" style="border:1px solid rgb(204,204,204);padding:8pt;overflow:auto;margin:1.2em">$ ssh -v -L4005:hal9000:4005 mirko@hal9000
</pre></div></div><div id="gmail-outline-container-org694162e" class="gmail-outline-2"><h2 id="gmail-org694162e"><span class="gmail-section-number-2">3</span> Telnet on laptop side to laptop port 4005</h2><div class="gmail-outline-text-2" id="gmail-text-3"><pre class="example" style="border:1px solid rgb(204,204,204);padding:8pt;overflow:auto;margin:1.2em">@laptop> telnet localhost 4005
Trying ::1...
Connected to localhost.
Escape character is '^]'.
Connection closed by foreign host.
</pre></div></div><div id="gmail-outline-container-orgd97c209" class="gmail-outline-2"><h2 id="gmail-orgd97c209"><span class="gmail-section-number-2">4</span> SSH debug output</h2><div class="gmail-outline-text-2" id="gmail-text-4"><pre class="example" style="border:1px solid rgb(204,204,204);padding:8pt;overflow:auto;margin:1.2em">@hal9000> debug1: Connection to port 4005 forwarding to hal9000 port 4005 requested.
debug1: channel 3: new [direct-tcpip]
channel 3: open failed: connect failed: Connection refused
debug1: channel 3: free: direct-tcpip: listening port 4005 for hal9000 port 4005, connect from ::1 port 64100 to ::1 port 4005, nchannels 4 </pre></div></div></div><div> Thanks,</div><div><br></div><div>Mirko</div></div></div>