Investigating NetworkManager on Manjaro
The reason for writing this article was after looking over the DNS logs coming from my Manjaro computer. There was a lookup for ping.manjaro.org
every 5 mins. Taking a look online didn't reveal much, there was a mention from someone saying "it's probably an ICMP Ping check" (which is wrong btw).
I am going to investigate this a little, get the facts and then configure it to use your own server or disable it completely.
I started with a clean Manjaro VM and installed Wireshark to monitor the network connections. Every 5 minutes or when toggling the Network connection an attempt to connect to ping.manjaro.org was made.
What's the connection for?
This connection is trying to make an HTTP GET request on http://ping.manjaro.org/check_network_status.txt
which simply contains the words NetworkManager is online
. This lets NetworkManager know you have access to the internet if an error occurs the Captive Portal popup appears so users can login to the WiFi network.
Wireshark TCP Stream: GET /check_network_status.txt HTTP/1.1 Host: ping.manjaro.org Accept: */* Connection: close HTTP/1.1 200 OK Server: nginx Date: Thu, 13 May 2021 14:13:12 GMT Content-Type: text/plain Content-Length: 24 Connection: close X-NetworkManager-Status: online Content-Type: text/plain NetworkManager is online
Configuration:
As your device is currently connecting to an external server every 5 minutes, you may regard this as a small privacy issue, therefore we'll look at disabling the check choosing a different server.
The current connection is HTTP, this results in far less overhead for sending 3 generic words to the client. I'd prefer this to be an HTTPS connection to mitigate against a MITM (Man In The Middle) attack where theoretically additional data could be injected into the response.
- Create configuration file:
sudo nano /etc/NetworkManager/conf.d/20-connectivity.conf
- The following is Manjaro default:
[connectivity] uri=http://ping.manjaro.org/check_network_status.txt interval=300
Setting the interval to 0 will disable it.
Change the URL to your desired host which contains that file.
Feel free to use ours running with https: https://mirror.cyberhost.uk/check_network_status.txt
- Restart with:
sudo systemctl restart NetworkManager
nmcli networking connectivity
should respond withfull
if working correctly.