[solved] apt-get update not working

Gord_W · 16 February 2017 15:12

Hi,

I’m try

root@LapCam:~# apt-get update
0% [Connecting to mirror.ox.ac.uk (163.1.160.163)] [Connecting to archive.raspberrypi.org (46.235.227.11)]

and it stall there for a few minutes and then gives

Err http://mirror.ox.ac.uk jessie InRelease

Err http://mirror.ox.ac.uk jessie Release.gpg
Unable to connect to mirror.ox.ac.uk:http: [IP: 163.1.221.67 80]
0% [Connecting to archive.raspberrypi.org (93.93.128.230)]

where it stops.

If I try
root@LapCam:~# dietpi-update

DietPi-Update
─────────────────────────────────────────────────────
Mode: Checking for DietPi updates
Please wait…

[Info] Checking Mirror : http://dietpi.com/downloads/dietpi-update_mirror/master/server_version
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:–:-- 0:00:30 --:–:-- 0

and nothing happens.

Internet is working. I can ping 163.1.160.163

Any ideas for where to start looking?

Gordon Williams

Fourdee · 16 February 2017 18:56

Hi Gordon,

Looks like a possible DNS issue.

What happens when you try to ping DNS names, eg:

ping google.com
ping dietpi.con

Gord_W · 16 February 2017 21:01

Yes I can ping both of those sites.

OK, after a lot of trial and error it is the iptables for port forwarding that is causing the problem for some reason.

The iptables work in the way that I want them, but there seems to be a side effect with both apt-get and dietpi-update that causes problems.

I’m guessing that apt-get is trying to use the wrong interface. etc/network/interfaces file specifies gateway as 192.168.1.1 which is on the wifi interface.

I connect to the rpi through wifi. The rpi has an IP camera connected to the ethernet port. The rpi requests pictures from the camera and saves them locally. A web server with a web app serves the pictures that are requested back to a laptop with browser. There are times when I want to access the camera directly from the laptop browser. To do this I point the browser to rpi 192.168.1.104:5001, which gets forwarded to camera at 10.0.0.101:80.

IP camera 10.0.0.101:80
rpi ethernet port 10.0.0.1
rpi wifi server 192.168.1.104:80
rpi port forward to camera 192.168.1.104:5001
laptop connected router 192.168.1.1

To create the iptables I use:
root@dietpi:~# iptables -t nat -A POSTROUTING -p tcp -j SNAT --to-source 10.0.0.1
root@dietpi:~# iptables -t nat -A PREROUTING -p tcp --dport 5001 -j DNAT --to-destination 10.0.0.100:80

root@DietPi:~# sysctl net.ipv4.ip_forward=1

root@FinCam:~# iptables -L -vt nat
Chain PREROUTING (policy ACCEPT 2 packets, 256 bytes)
pkts bytes target prot opt in out source destination
0 0 DNAT tcp – any any anywhere anywhere tcp dpt:5001 to:10.0.0.101:80

Chain INPUT (policy ACCEPT 2 packets, 256 bytes)
pkts bytes target prot opt in out source destination

Chain OUTPUT (policy ACCEPT 42 packets, 2545 bytes)
pkts bytes target prot opt in out source destination

Chain POSTROUTING (policy ACCEPT 7 packets, 445 bytes)
pkts bytes target prot opt in out source destination
35 2100 SNAT tcp – any any anywhere anywhere to:10.0.0.1

Can you see anything that is causing problems here?

Thanks,
Gordon Williams

Gord_W · 17 February 2017 15:53

Just to follow up with the solution. The proper iptables incantation is
root@dietpi:~# iptables -t nat -A POSTROUTING -o eth0 -p tcp -j SNAT --to-source 10.0.0.1
root@dietpi:~# iptables -t nat -A PREROUTING -i wlan0 -p tcp --dport 5001 -j DNAT --to-destination 10.0.0.100:80

Although without the -o and -i it was forwarding properly, it seems to need these arguments to make apt-get work properly.

Gordon Williams

Fourdee · 17 February 2017 18:44

Thanks Gordon, great work and thanks for sharing