Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # Server side - configuration FAILURE
- # Client could ping server side hosts, but
- # server side hosts can not ping client side hosts
- #
- # /etc/config/network
- #
- config interface 'loopback'
- option ifname 'lo'
- option proto 'static'
- option ipaddr '127.0.0.1'
- option netmask '255.0.0.0'
- config interface 'lan'
- option ifname 'eth0.1'
- option type 'bridge'
- option proto 'static'
- option netmask '255.255.255.0'
- option ipaddr '192.168.1.254'
- config interface 'wan'
- option ifname 'eth0.2'
- option proto 'dhcp'
- option macaddr '00:04:E2:2A:CE:F6'
- config switch
- option name 'rtl8366rb'
- option reset '1'
- option enable_vlan '1'
- config switch_vlan
- option device 'rtl8366rb'
- option vlan '1'
- option ports '1 2 3 4 5t'
- config switch_vlan
- option device 'rtl8366rb'
- option vlan '2'
- option ports '0 5t'
- config interface 'vpn'
- option proto 'static'
- option ifname 'tun0'
- option ipaddr '10.8.0.1'
- option netmask '255.255.255.0'
- #
- # /etc/config/firewall
- #
- config defaults
- option syn_flood '1'
- option input 'ACCEPT'
- option output 'ACCEPT'
- option forward 'REJECT'
- config zone
- option name 'lan'
- option network 'lan'
- option input 'ACCEPT'
- option output 'ACCEPT'
- option forward 'REJECT'
- config zone
- option name 'wan'
- option network 'wan'
- option input 'REJECT'
- option output 'ACCEPT'
- option forward 'REJECT'
- option masq '1'
- option mtu_fix '1'
- config forwarding
- option src 'lan'
- option dest 'wan'
- config rule
- option name 'Allow-DHCP-Renew'
- option src 'wan'
- option proto 'udp'
- option dest_port '68'
- option target 'ACCEPT'
- option family 'ipv4'
- config rule
- option name 'Allow-Ping'
- option src 'wan'
- option proto 'icmp'
- option icmp_type 'echo-request'
- option family 'ipv4'
- option target 'ACCEPT'
- config rule
- option name 'Allow-DHCPv6'
- option src 'wan'
- option proto 'udp'
- option src_ip 'fe80::/10'
- option src_port '547'
- option dest_ip 'fe80::/10'
- option dest_port '546'
- option family 'ipv6'
- option target 'ACCEPT'
- config rule
- option name 'Allow-ICMPv6-Input'
- option src 'wan'
- option proto 'icmp'
- list icmp_type 'echo-request'
- list icmp_type 'echo-reply'
- list icmp_type 'destination-unreachable'
- list icmp_type 'packet-too-big'
- list icmp_type 'time-exceeded'
- list icmp_type 'bad-header'
- list icmp_type 'unknown-header-type'
- list icmp_type 'router-solicitation'
- list icmp_type 'neighbour-solicitation'
- list icmp_type 'router-advertisement'
- list icmp_type 'neighbour-advertisement'
- option limit '1000/sec'
- option family 'ipv6'
- option target 'ACCEPT'
- config rule
- option name 'Allow-ICMPv6-Forward'
- option src 'wan'
- option dest '*'
- option proto 'icmp'
- list icmp_type 'echo-request'
- list icmp_type 'echo-reply'
- list icmp_type 'destination-unreachable'
- list icmp_type 'packet-too-big'
- list icmp_type 'time-exceeded'
- list icmp_type 'bad-header'
- list icmp_type 'unknown-header-type'
- option limit '1000/sec'
- option family 'ipv6'
- option target 'ACCEPT'
- config include
- option path '/etc/firewall.user'
- config redirect
- option target 'DNAT'
- option src 'wan'
- option dest 'lan'
- option proto 'tcp'
- option src_dport '22'
- option dest_ip '192.168.1.251'
- option dest_port '22'
- option name 'nusi_ssh'
- config redirect
- option target 'DNAT'
- option src 'wan'
- option dest 'lan'
- option proto 'tcp'
- option src_dport '443'
- option dest_ip '192.168.1.251'
- option dest_port '443'
- option name 'nusi_https'
- config redirect
- option target 'DNAT'
- option src 'wan'
- option dest 'lan'
- option proto 'tcp'
- option src_dport '3389'
- option dest_ip '192.168.1.249'
- option dest_port '3389'
- option name 'titan'
- config redirect
- option target 'DNAT'
- option src 'wan'
- option dest 'lan'
- option proto 'tcp udp'
- option src_dport '54321'
- option dest_ip '192.168.1.56'
- option dest_port '5900'
- option name 'VNC-MST03'
- config rule
- option src 'wan'
- option target 'ACCEPT'
- option proto 'tcp'
- option dest_port '22'
- config rule
- option target 'ACCEPT'
- option name 'vpn'
- option src 'wan'
- option proto 'udp'
- option dest_port '1194'
- option family 'ipv4'
- config redirect
- option target 'DNAT'
- option src 'wan'
- option dest 'lan'
- option proto 'tcp'
- option src_dport '54322'
- option dest_ip '192.168.1.56'
- option dest_port '3389'
- option name 'WPC-MST03'
- config redirect
- option target 'DNAT'
- option src 'wan'
- option dest 'lan'
- option proto 'tcp'
- option src_dport '10022'
- option dest_ip '192.168.1.254'
- option dest_port '10022'
- option name 'lab-ssh'
- config zone
- option input 'ACCEPT'
- option output 'ACCEPT'
- option name 'vpn'
- option forward 'ACCEPT'
- option masq '1'
- option network 'vpn'
- option family 'ipv4'
- config forwarding
- option src 'vpn'
- option dest 'lan'
- config forwarding
- option src 'lan'
- option dest 'vpn'
- #
- # /etc/config/openvpn - consist only an include to /etc/openvpn/srv-vpn.conf
- #
- port 1194
- proto udp
- dev tun
- ca /etc/openvpn/ca.crt
- cert /etc/openvpn/server.crt
- key /etc/openvpn/server.key
- dh /etc/openvpn/dh1024.pem
- server 10.8.0.0 255.255.255.0
- ifconfig-pool-persist /tmp/openvpn-ipp.txt
- push "route 192.168.1.0 255.255.255.0"
- client-config-dir ccd
- route 192.168.2.0 255.255.255.0 10.8.0.1
- keepalive 10 120
- max-clients 3
- persist-key 1
- persist-tun 1
- status /tmp/openvpn-status.log
- log /tmp/openvpn.log
- # 9 is extremely verbose
- verb 7
- mute 5
- #
- # /etc/openvpn/ccd/tovis-lak
- # contain only one row
- #
- iroute 192.168.2.0 255.255.255.0
- #
- # the output of command # ifconfig
- #
- br-lan Link encap:Ethernet HWaddr B0:48:7A:99:AA:2A
- inet addr:192.168.1.254 Bcast:192.168.1.255 Mask:255.255.255.0
- UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
- RX packets:7957 errors:0 dropped:0 overruns:0 frame:0
- TX packets:6727 errors:0 dropped:0 overruns:0 carrier:0
- collisions:0 txqueuelen:0
- RX bytes:896215 (875.2 KiB) TX bytes:2458271 (2.3 MiB)
- eth0 Link encap:Ethernet HWaddr B0:48:7A:99:AA:2A
- UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
- RX packets:29244 errors:0 dropped:0 overruns:59047 frame:0
- TX packets:14520 errors:0 dropped:0 overruns:0 carrier:0
- collisions:0 txqueuelen:1000
- RX bytes:4359874 (4.1 MiB) TX bytes:3417832 (3.2 MiB)
- Interrupt:4
- eth0.1 Link encap:Ethernet HWaddr B0:48:7A:99:AA:2A
- UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
- RX packets:7957 errors:0 dropped:0 overruns:0 frame:0
- TX packets:6734 errors:0 dropped:0 overruns:0 carrier:0
- collisions:0 txqueuelen:0
- RX bytes:896215 (875.2 KiB) TX bytes:2458593 (2.3 MiB)
- eth0.2 Link encap:Ethernet HWaddr 00:04:E2:2A:CE:F6
- inet addr:80.98.106.112 Bcast:80.98.106.255 Mask:255.255.255.0
- UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
- RX packets:21079 errors:0 dropped:0 overruns:0 frame:0
- TX packets:7785 errors:0 dropped:0 overruns:0 carrier:0
- collisions:0 txqueuelen:0
- RX bytes:2927851 (2.7 MiB) TX bytes:900120 (879.0 KiB)
- lo Link encap:Local Loopback
- inet addr:127.0.0.1 Mask:255.0.0.0
- UP LOOPBACK RUNNING MTU:16436 Metric:1
- RX packets:106 errors:0 dropped:0 overruns:0 frame:0
- TX packets:106 errors:0 dropped:0 overruns:0 carrier:0
- collisions:0 txqueuelen:0
- RX bytes:8253 (8.0 KiB) TX bytes:8253 (8.0 KiB)
- tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
- inet addr:10.8.0.1 P-t-P:10.8.0.2 Mask:255.255.255.0
- UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
- RX packets:6 errors:0 dropped:0 overruns:0 frame:0
- TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
- collisions:0 txqueuelen:100
- RX bytes:456 (456.0 B) TX bytes:456 (456.0 B)
- wlan0 Link encap:Ethernet HWaddr B0:48:7A:99:AA:2A
- UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
- RX packets:0 errors:0 dropped:0 overruns:0 frame:0
- TX packets:107 errors:0 dropped:0 overruns:0 carrier:0
- collisions:0 txqueuelen:32
- RX bytes:0 (0.0 B) TX bytes:21124 (20.6 KiB)
- #
- # output of command # route
- #
- Kernel IP routing table
- Destination Gateway Genmask Flags Metric Ref Use Iface
- default catv-80-98-106- 0.0.0.0 UG 0 0 0 eth0.2
- 10.8.0.0 10.8.0.2 255.255.255.0 UG 0 0 0 tun0
- 10.8.0.0 * 255.255.255.0 U 0 0 0 tun0
- 80.98.106.0 * 255.255.255.0 U 0 0 0 eth0.2
- 192.168.1.0 * 255.255.255.0 U 0 0 0 br-lan
- 192.168.2.0 10.8.0.1 255.255.255.0 UG 0 0 0 tun0
- #
- # output of command # iptables -L
- #
- Chain INPUT (policy ACCEPT)
- target prot opt source destination
- ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
- ACCEPT all -- anywhere anywhere
- syn_flood tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN
- input_rule all -- anywhere anywhere
- input all -- anywhere anywhere
- Chain FORWARD (policy DROP)
- target prot opt source destination
- ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
- forwarding_rule all -- anywhere anywhere
- forward all -- anywhere anywhere
- reject all -- anywhere anywhere
- Chain OUTPUT (policy ACCEPT)
- target prot opt source destination
- ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
- ACCEPT all -- anywhere anywhere
- output_rule all -- anywhere anywhere
- output all -- anywhere anywhere
- Chain forward (1 references)
- target prot opt source destination
- zone_lan_forward all -- anywhere anywhere
- zone_wan_forward all -- anywhere anywhere
- zone_vpn_forward all -- anywhere anywhere
- Chain forwarding_lan (1 references)
- target prot opt source destination
- Chain forwarding_rule (1 references)
- target prot opt source destination
- nat_reflection_fwd all -- anywhere anywhere
- Chain forwarding_vpn (1 references)
- target prot opt source destination
- Chain forwarding_wan (1 references)
- target prot opt source destination
- Chain input (1 references)
- target prot opt source destination
- zone_lan all -- anywhere anywhere
- zone_wan all -- anywhere anywhere
- zone_vpn all -- anywhere anywhere
- Chain input_lan (1 references)
- target prot opt source destination
- Chain input_rule (1 references)
- target prot opt source destination
- Chain input_vpn (1 references)
- target prot opt source destination
- Chain input_wan (1 references)
- target prot opt source destination
- Chain nat_reflection_fwd (1 references)
- target prot opt source destination
- ACCEPT tcp -- 192.168.1.0/24 192.168.1.251 tcp dpt:ssh /* wan */
- ACCEPT tcp -- 192.168.1.0/24 192.168.1.251 tcp dpt:https /* wan */
- ACCEPT tcp -- 192.168.1.0/24 192.168.1.249 tcp dpt:3389 /* wan */
- ACCEPT tcp -- 192.168.1.0/24 192.168.1.56 tcp dpt:5900 /* wan */
- ACCEPT udp -- 192.168.1.0/24 192.168.1.56 udp dpt:5900 /* wan */
- ACCEPT tcp -- 192.168.1.0/24 192.168.1.56 tcp dpt:3389 /* wan */
- ACCEPT tcp -- 192.168.1.0/24 tovis-lab.lan tcp dpt:10022 /* wan */
- Chain output (1 references)
- target prot opt source destination
- zone_lan_ACCEPT all -- anywhere anywhere
- zone_wan_ACCEPT all -- anywhere anywhere
- zone_vpn_ACCEPT all -- anywhere anywhere
- Chain output_rule (1 references)
- target prot opt source destination
- Chain reject (7 references)
- target prot opt source destination
- REJECT tcp -- anywhere anywhere reject-with tcp-reset
- REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
- Chain syn_flood (1 references)
- target prot opt source destination
- RETURN tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN limit: avg 25/sec burst 50
- DROP all -- anywhere anywhere
- Chain zone_lan (1 references)
- target prot opt source destination
- input_lan all -- anywhere anywhere
- zone_lan_ACCEPT all -- anywhere anywhere
- Chain zone_lan_ACCEPT (3 references)
- target prot opt source destination
- ACCEPT all -- anywhere anywhere
- ACCEPT all -- anywhere anywhere
- Chain zone_lan_DROP (0 references)
- target prot opt source destination
- DROP all -- anywhere anywhere
- DROP all -- anywhere anywhere
- Chain zone_lan_REJECT (1 references)
- target prot opt source destination
- reject all -- anywhere anywhere
- reject all -- anywhere anywhere
- Chain zone_lan_forward (1 references)
- target prot opt source destination
- zone_vpn_ACCEPT all -- anywhere anywhere
- zone_wan_ACCEPT all -- anywhere anywhere
- forwarding_lan all -- anywhere anywhere
- zone_lan_REJECT all -- anywhere anywhere
- Chain zone_vpn (1 references)
- target prot opt source destination
- input_vpn all -- anywhere anywhere
- zone_vpn_ACCEPT all -- anywhere anywhere
- Chain zone_vpn_ACCEPT (4 references)
- target prot opt source destination
- ACCEPT all -- anywhere anywhere
- ACCEPT all -- anywhere anywhere
- Chain zone_vpn_DROP (0 references)
- target prot opt source destination
- DROP all -- anywhere anywhere
- DROP all -- anywhere anywhere
- Chain zone_vpn_REJECT (0 references)
- target prot opt source destination
- reject all -- anywhere anywhere
- reject all -- anywhere anywhere
- Chain zone_vpn_forward (1 references)
- target prot opt source destination
- zone_lan_ACCEPT all -- anywhere anywhere
- forwarding_vpn all -- anywhere anywhere
- zone_vpn_ACCEPT all -- anywhere anywhere
- Chain zone_wan (1 references)
- target prot opt source destination
- ACCEPT udp -- anywhere anywhere udp dpt:bootpc
- ACCEPT icmp -- anywhere anywhere icmp echo-request
- ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
- ACCEPT udp -- anywhere anywhere udp dpt:openvpn
- ACCEPT tcp -- anywhere tovis-lab.lan tcp dpt:10022 ctstate DNAT
- input_wan all -- anywhere anywhere
- zone_wan_REJECT all -- anywhere anywhere
- Chain zone_wan_ACCEPT (2 references)
- target prot opt source destination
- ACCEPT all -- anywhere anywhere
- ACCEPT all -- anywhere anywhere
- Chain zone_wan_DROP (0 references)
- target prot opt source destination
- DROP all -- anywhere anywhere
- DROP all -- anywhere anywhere
- Chain zone_wan_REJECT (2 references)
- target prot opt source destination
- reject all -- anywhere anywhere
- reject all -- anywhere anywhere
- Chain zone_wan_forward (1 references)
- target prot opt source destination
- ACCEPT tcp -- anywhere 192.168.1.251 tcp dpt:ssh
- ACCEPT tcp -- anywhere 192.168.1.251 tcp dpt:https
- ACCEPT tcp -- anywhere 192.168.1.249 tcp dpt:3389
- ACCEPT tcp -- anywhere 192.168.1.56 tcp dpt:5900
- ACCEPT udp -- anywhere 192.168.1.56 udp dpt:5900
- ACCEPT tcp -- anywhere 192.168.1.56 tcp dpt:3389
- forwarding_wan all -- anywhere anywhere
- zone_wan_REJECT all -- anywhere anywhere
- #
- # /tmp/openvpn-status.log
- #
- OpenVPN CLIENT LIST
- Updated,Mon Feb 22 17:40:01 2016
- Common Name,Real Address,Bytes Received,Bytes Sent,Connected Since
- tovis-lak,37.76.82.165:40435,6298,7711,Mon Feb 22 17:34:58 2016
- ROUTING TABLE
- Virtual Address,Common Name,Real Address,Last Ref
- 10.8.0.6,tovis-lak,37.76.82.165:40435,Mon Feb 22 17:39:27 2016
- GLOBAL STATS
- Max bcast/mcast queue length,0
- END
- #
- # /tmp/openvpn.log
- #
- Mon Feb 22 17:34:43 2016 us=343785 OpenVPN 2.2.2 mips-openwrt-linux [SSL] [LZO2] [EPOLL] built on Mar 14 2013
- Mon Feb 22 17:34:43 2016 us=345027 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
- Mon Feb 22 17:34:43 2016 us=516981 Diffie-Hellman initialized with 1024 bit key
- Mon Feb 22 17:34:43 2016 us=537367 TLS-Auth MTU parms [ L:1541 D:138 EF:38 EB:0 ET:0 EL:0 ]
- Mon Feb 22 17:34:43 2016 us=537717 Socket Buffers: R=[163840->131072] S=[163840->131072]
- Mon Feb 22 17:34:43 2016 us=546356 TUN/TAP device tun0 opened
- Mon Feb 22 17:34:43 2016 us=546656 TUN/TAP TX queue length set to 100
- Mon Feb 22 17:34:43 2016 us=547095 /sbin/ifconfig tun0 10.8.0.1 pointopoint 10.8.0.2 mtu 1500
- Mon Feb 22 17:34:43 2016 us=561230 /sbin/route add -net 192.168.2.0 netmask 255.255.255.0 gw 10.8.0.1
- Mon Feb 22 17:34:43 2016 us=572392 /sbin/route add -net 10.8.0.0 netmask 255.255.255.0 gw 10.8.0.2
- Mon Feb 22 17:34:43 2016 us=598377 Data Channel MTU parms [ L:1541 D:1450 EF:41 EB:4 ET:0 EL:0 ]
- Mon Feb 22 17:34:43 2016 us=598865 UDPv4 link local (bound): [undef]:1194
- Mon Feb 22 17:34:43 2016 us=599041 UDPv4 link remote: [undef]
- Mon Feb 22 17:34:43 2016 us=599205 MULTI: multi_init called, r=256 v=256
- Mon Feb 22 17:34:43 2016 us=599578 IFCONFIG POOL: base=10.8.0.4 size=62
- Mon Feb 22 17:34:43 2016 us=599785 IFCONFIG POOL LIST
- Mon Feb 22 17:34:43 2016 us=600094 Initialization Sequence Completed
- Mon Feb 22 17:34:58 2016 us=211288 MULTI: multi_create_instance called
- Mon Feb 22 17:34:58 2016 us=211836 37.76.82.165:40435 Re-using SSL/TLS context
- Mon Feb 22 17:34:58 2016 us=213180 37.76.82.165:40435 Control Channel MTU parms [ L:1541 D:138 EF:38 EB:0 ET:0 EL:0 ]
- Mon Feb 22 17:34:58 2016 us=213441 37.76.82.165:40435 Data Channel MTU parms [ L:1541 D:1450 EF:41 EB:4 ET:0 EL:0 ]
- Mon Feb 22 17:34:58 2016 us=213845 37.76.82.165:40435 UDPv4 READ [14] from 37.76.82.165:40435: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ ] pid=0 DATA len=0
- Mon Feb 22 17:34:58 2016 us=214163 37.76.82.165:40435 TLS: Initial packet from 37.76.82.165:40435, sid=2e7f9dba 37d188d7
- Mon Feb 22 17:34:58 2016 us=214526 37.76.82.165:40435 UDPv4 WRITE [26] to 37.76.82.165:40435: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 [ 0 ] pid=0 DATA len=0
- Mon Feb 22 17:34:58 2016 us=332026 37.76.82.165:40435 UDPv4 READ [22] from 37.76.82.165:40435: P_ACK_V1 kid=0 [ 0 ]
- Mon Feb 22 17:34:58 2016 us=339858 37.76.82.165:40435 UDPv4 READ [114] from 37.76.82.165:40435: P_CONTROL_V1 kid=0 [ ] pid=1 DATA len=100
- Mon Feb 22 17:34:58 2016 us=340497 37.76.82.165:40435 UDPv4 WRITE [22] to 37.76.82.165:40435: P_ACK_V1 kid=0 [ 1 ]
- Mon Feb 22 17:34:58 2016 us=341173 37.76.82.165:40435 UDPv4 READ [32] from 37.76.82.165:40435: P_CONTROL_V1 kid=0 [ ] pid=2 DATA len=18
- Mon Feb 22 17:34:58 2016 us=494657 37.76.82.165:40435 NOTE: --mute triggered...
- Mon Feb 22 17:34:59 2016 us=141920 37.76.82.165:40435 96 variation(s) on previous 5 message(s) suppressed by --mute
- Mon Feb 22 17:34:59 2016 us=142272 37.76.82.165:40435 VERIFY OK: depth=1, /C=HU/ST=BP/L=Budapest/O=tovis-lab/OU=changeme/CN=tovis-lab.some_dns.org/name=tovis/emailAddress=tovises@freemail.hu
- Mon Feb 22 17:34:59 2016 us=145498 37.76.82.165:40435 VERIFY OK: depth=0, /C=HU/ST=Budapest/L=Budapest/O=tovis-lak/OU=houskeeping/CN=tovis-lak/name=tovis/emailAddress=tovises@freemail.hu
- Mon Feb 22 17:34:59 2016 us=146080 37.76.82.165:40435 UDPv4 WRITE [22] to 37.76.82.165:40435: P_ACK_V1 kid=0 [ 23 ]
- Mon Feb 22 17:34:59 2016 us=146877 37.76.82.165:40435 UDPv4 READ [114] from 37.76.82.165:40435: P_CONTROL_V1 kid=0 [ ] pid=24 DATA len=100
- Mon Feb 22 17:34:59 2016 us=147558 37.76.82.165:40435 UDPv4 WRITE [22] to 37.76.82.165:40435: P_ACK_V1 kid=0 [ 24 ]
- Mon Feb 22 17:34:59 2016 us=148227 37.76.82.165:40435 UDPv4 READ [114] from 37.76.82.165:40435: P_CONTROL_V1 kid=0 [ ] pid=25 DATA len=100
- Mon Feb 22 17:34:59 2016 us=255604 37.76.82.165:40435 UDPv4 WRITE [22] to 37.76.82.165:40435: P_ACK_V1 kid=0 [ 25 ]
- Mon Feb 22 17:34:59 2016 us=256261 37.76.82.165:40435 NOTE: --mute triggered...
- Mon Feb 22 17:34:59 2016 us=409616 37.76.82.165:40435 35 variation(s) on previous 5 message(s) suppressed by --mute
- Mon Feb 22 17:34:59 2016 us=409914 37.76.82.165:40435 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
- Mon Feb 22 17:34:59 2016 us=410121 37.76.82.165:40435 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
- Mon Feb 22 17:34:59 2016 us=410906 37.76.82.165:40435 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
- Mon Feb 22 17:34:59 2016 us=411096 37.76.82.165:40435 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
- Mon Feb 22 17:34:59 2016 us=412058 37.76.82.165:40435 UDPv4 WRITE [126] to 37.76.82.165:40435: P_CONTROL_V1 kid=0 [ 30 ] pid=43 DATA len=100
- Mon Feb 22 17:34:59 2016 us=412655 37.76.82.165:40435 UDPv4 WRITE [68] to 37.76.82.165:40435: P_CONTROL_V1 kid=0 [ ] pid=44 DATA len=54
- Mon Feb 22 17:34:59 2016 us=438448 37.76.82.165:40435 UDPv4 READ [22] from 37.76.82.165:40435: P_ACK_V1 kid=0 [ 43 ]
- Mon Feb 22 17:34:59 2016 us=444151 37.76.82.165:40435 UDPv4 READ [22] from 37.76.82.165:40435: P_ACK_V1 kid=0 [ 44 ]
- Mon Feb 22 17:34:59 2016 us=444524 37.76.82.165:40435 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
- Mon Feb 22 17:34:59 2016 us=444843 37.76.82.165:40435 [tovis-lak] Peer Connection Initiated with 37.76.82.165:40435
- Mon Feb 22 17:34:59 2016 us=445810 tovis-lak/37.76.82.165:40435 MULTI: Learn: 10.8.0.6 -> tovis-lak/37.76.82.165:40435
- Mon Feb 22 17:34:59 2016 us=446022 tovis-lak/37.76.82.165:40435 MULTI: primary virtual IP for tovis-lak/37.76.82.165:40435: 10.8.0.6
- Mon Feb 22 17:35:01 2016 us=860038 tovis-lak/37.76.82.165:40435 UDPv4 READ [104] from 37.76.82.165:40435: P_CONTROL_V1 kid=0 [ ] pid=31 DATA len=90
- Mon Feb 22 17:35:01 2016 us=860867 tovis-lak/37.76.82.165:40435 PUSH: Received control message: 'PUSH_REQUEST'
- Mon Feb 22 17:35:01 2016 us=861752 tovis-lak/37.76.82.165:40435 SENT CONTROL [tovis-lak]: 'PUSH_REPLY,route 192.168.1.0 255.255.255.0,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5' (status=1)
- Mon Feb 22 17:35:01 2016 us=862115 tovis-lak/37.76.82.165:40435 UDPv4 WRITE [22] to 37.76.82.165:40435: P_ACK_V1 kid=0 [ 31 ]
- Mon Feb 22 17:35:01 2016 us=862667 tovis-lak/37.76.82.165:40435 UDPv4 WRITE [114] to 37.76.82.165:40435: P_CONTROL_V1 kid=0 [ ] pid=45 DATA len=100
- Mon Feb 22 17:35:01 2016 us=863236 tovis-lak/37.76.82.165:40435 UDPv4 WRITE [84] to 37.76.82.165:40435: P_CONTROL_V1 kid=0 [ ] pid=46 DATA len=70
- Mon Feb 22 17:35:01 2016 us=888626 tovis-lak/37.76.82.165:40435 UDPv4 READ [22] from 37.76.82.165:40435: P_ACK_V1 kid=0 [ 45 ]
- Mon Feb 22 17:35:01 2016 us=890775 tovis-lak/37.76.82.165:40435 UDPv4 READ [22] from 37.76.82.165:40435: P_ACK_V1 kid=0 [ 46 ]
- Mon Feb 22 17:35:06 2016 us=8852 tovis-lak/37.76.82.165:40435 NOTE: --mute triggered...
- Mon Feb 22 18:34:59 2016 us=125343 tovis-lak/37.76.82.165:40435 761 variation(s) on previous 5 message(s) suppressed by --mute
- Mon Feb 22 18:34:59 2016 us=125574 tovis-lak/37.76.82.165:40435 TLS: soft reset sec=0 bytes=46996/0 pkts=761/0
- Mon Feb 22 18:34:59 2016 us=126395 tovis-lak/37.76.82.165:40435 UDPv4 WRITE [14] to 37.76.82.165:40435: P_CONTROL_SOFT_RESET_V1 kid=1 [ ] pid=0 DATA len=0
- Mon Feb 22 18:34:59 2016 us=170568 tovis-lak/37.76.82.165:40435 UDPv4 READ [26] from 37.76.82.165:40435: P_CONTROL_SOFT_RESET_V1 kid=1 [ 0 ] pid=0 DATA len=0
- Mon Feb 22 18:34:59 2016 us=171176 tovis-lak/37.76.82.165:40435 UDPv4 WRITE [22] to 37.76.82.165:40435: P_ACK_V1 kid=1 [ 0 ]
- Mon Feb 22 18:34:59 2016 us=204189 tovis-lak/37.76.82.165:40435 UDPv4 READ [114] from 37.76.82.165:40435: P_CONTROL_V1 kid=1 [ ] pid=1 DATA len=100
- Mon Feb 22 18:34:59 2016 us=204799 tovis-lak/37.76.82.165:40435 UDPv4 WRITE [22] to 37.76.82.165:40435: P_ACK_V1 kid=1 [ 1 ]
- Mon Feb 22 18:34:59 2016 us=205340 tovis-lak/37.76.82.165:40435 NOTE: --mute triggered...
- Mon Feb 22 18:34:59 2016 us=988971 tovis-lak/37.76.82.165:40435 97 variation(s) on previous 5 message(s) suppressed by --mute
- Mon Feb 22 18:34:59 2016 us=989199 tovis-lak/37.76.82.165:40435 VERIFY OK: depth=1, /C=HU/ST=BP/L=Budapest/O=tovis-lab/OU=changeme/CN=tovis-lab.some_dns.org/name=tovis/emailAddress=tovises@freemail.hu
- Mon Feb 22 18:34:59 2016 us=992613 tovis-lak/37.76.82.165:40435 VERIFY OK: depth=0, /C=HU/ST=Budapest/L=Budapest/O=tovis-lak/OU=houskeeping/CN=tovis-lak/name=tovis/emailAddress=tovises@freemail.hu
- Mon Feb 22 18:34:59 2016 us=993198 tovis-lak/37.76.82.165:40435 UDPv4 WRITE [22] to 37.76.82.165:40435: P_ACK_V1 kid=1 [ 23 ]
- Mon Feb 22 18:34:59 2016 us=993867 tovis-lak/37.76.82.165:40435 UDPv4 READ [114] from 37.76.82.165:40435: P_CONTROL_V1 kid=1 [ ] pid=24 DATA len=100
- Mon Feb 22 18:34:59 2016 us=994432 tovis-lak/37.76.82.165:40435 UDPv4 WRITE [22] to 37.76.82.165:40435: P_ACK_V1 kid=1 [ 24 ]
- Mon Feb 22 18:34:59 2016 us=996478 tovis-lak/37.76.82.165:40435 UDPv4 READ [114] from 37.76.82.165:40435: P_CONTROL_V1 kid=1 [ ] pid=25 DATA len=100
- Mon Feb 22 18:35:00 2016 us=102638 tovis-lak/37.76.82.165:40435 UDPv4 WRITE [22] to 37.76.82.165:40435: P_ACK_V1 kid=1 [ 25 ]
- Mon Feb 22 18:35:00 2016 us=103250 tovis-lak/37.76.82.165:40435 NOTE: --mute triggered...
- Mon Feb 22 18:35:00 2016 us=249009 tovis-lak/37.76.82.165:40435 35 variation(s) on previous 5 message(s) suppressed by --mute
- Mon Feb 22 18:35:00 2016 us=249261 tovis-lak/37.76.82.165:40435 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
- Mon Feb 22 18:35:00 2016 us=249445 tovis-lak/37.76.82.165:40435 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
- Mon Feb 22 18:35:00 2016 us=250230 tovis-lak/37.76.82.165:40435 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
- Mon Feb 22 18:35:00 2016 us=250421 tovis-lak/37.76.82.165:40435 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
- Mon Feb 22 18:35:00 2016 us=251384 tovis-lak/37.76.82.165:40435 UDPv4 WRITE [126] to 37.76.82.165:40435: P_CONTROL_V1 kid=1 [ 30 ] pid=43 DATA len=100
- Mon Feb 22 18:35:00 2016 us=251994 tovis-lak/37.76.82.165:40435 UDPv4 WRITE [68] to 37.76.82.165:40435: P_CONTROL_V1 kid=1 [ ] pid=44 DATA len=54
- Mon Feb 22 18:35:00 2016 us=278510 tovis-lak/37.76.82.165:40435 UDPv4 READ [22] from 37.76.82.165:40435: P_ACK_V1 kid=1 [ 43 ]
- Mon Feb 22 18:35:00 2016 us=284600 tovis-lak/37.76.82.165:40435 UDPv4 READ [22] from 37.76.82.165:40435: P_ACK_V1 kid=1 [ 44 ]
- Mon Feb 22 18:35:00 2016 us=284914 tovis-lak/37.76.82.165:40435 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
- Mon Feb 22 18:35:06 2016 us=378815 tovis-lak/37.76.82.165:40435 UDPv4 READ [117] from 37.76.82.165:40435: P_DATA_V1 kid=0 DATA len=116
- Mon Feb 22 18:35:06 2016 us=379938 tovis-lak/37.76.82.165:40435 UDPv4 WRITE [117] to 37.76.82.165:40435: P_DATA_V1 kid=0 DATA len=116
- Mon Feb 22 18:35:16 2016 us=477798 tovis-lak/37.76.82.165:40435 UDPv4 WRITE [53] to 37.76.82.165:40435: P_DATA_V1 kid=0 DATA len=52
- Mon Feb 22 18:35:17 2016 us=252504 tovis-lak/37.76.82.165:40435 UDPv4 READ [53] from 37.76.82.165:40435: P_DATA_V1 kid=0 DATA len=52
- Mon Feb 22 18:35:26 2016 us=316629 tovis-lak/37.76.82.165:40435 UDPv4 WRITE [53] to 37.76.82.165:40435: P_DATA_V1 kid=0 DATA len=52
- Mon Feb 22 18:35:27 2016 us=412118 tovis-lak/37.76.82.165:40435 NOTE: --mute triggered...
- Mon Feb 22 19:34:59 2016 us=468325 tovis-lak/37.76.82.165:40435 755 variation(s) on previous 5 message(s) suppressed by --mute
- Mon Feb 22 19:34:59 2016 us=468563 tovis-lak/37.76.82.165:40435 TLS: tls_process: killed expiring key
- Mon Feb 22 19:35:00 2016 us=510936 tovis-lak/37.76.82.165:40435 TLS: soft reset sec=0 bytes=45929/0 pkts=748/0
- Mon Feb 22 19:35:00 2016 us=511642 tovis-lak/37.76.82.165:40435 UDPv4 WRITE [14] to 37.76.82.165:40435: P_CONTROL_SOFT_RESET_V1 kid=2 [ ] pid=0 DATA len=0
- Mon Feb 22 19:35:00 2016 us=633187 tovis-lak/37.76.82.165:40435 UDPv4 READ [14] from 37.76.82.165:40435: P_CONTROL_SOFT_RESET_V1 kid=2 [ ] pid=0 DATA len=0
- Mon Feb 22 19:35:00 2016 us=633785 tovis-lak/37.76.82.165:40435 UDPv4 WRITE [22] to 37.76.82.165:40435: P_ACK_V1 kid=2 [ 0 ]
- Mon Feb 22 19:35:00 2016 us=662842 tovis-lak/37.76.82.165:40435 UDPv4 READ [22] from 37.76.82.165:40435: P_ACK_V1 kid=2 [ 0 ]
- Mon Feb 22 19:35:00 2016 us=671090 tovis-lak/37.76.82.165:40435 UDPv4 READ [114] from 37.76.82.165:40435: P_CONTROL_V1 kid=2 [ ] pid=1 DATA len=100
- Mon Feb 22 19:35:00 2016 us=671635 tovis-lak/37.76.82.165:40435 NOTE: --mute triggered...
- Mon Feb 22 19:35:01 2016 us=459023 tovis-lak/37.76.82.165:40435 98 variation(s) on previous 5 message(s) suppressed by --mute
- Mon Feb 22 19:35:01 2016 us=459235 tovis-lak/37.76.82.165:40435 VERIFY OK: depth=1, /C=HU/ST=BP/L=Budapest/O=tovis-lab/OU=changeme/CN=tovis-lab.some_dns.org/name=tovis/emailAddress=tovises@freemail.hu
- Mon Feb 22 19:35:01 2016 us=463496 tovis-lak/37.76.82.165:40435 VERIFY OK: depth=0, /C=HU/ST=Budapest/L=Budapest/O=tovis-lak/OU=houskeeping/CN=tovis-lak/name=tovis/emailAddress=tovises@freemail.hu
- Mon Feb 22 19:35:01 2016 us=464077 tovis-lak/37.76.82.165:40435 UDPv4 WRITE [22] to 37.76.82.165:40435: P_ACK_V1 kid=2 [ 23 ]
- Mon Feb 22 19:35:01 2016 us=464760 tovis-lak/37.76.82.165:40435 UDPv4 READ [114] from 37.76.82.165:40435: P_CONTROL_V1 kid=2 [ ] pid=24 DATA len=100
- Mon Feb 22 19:35:01 2016 us=465331 tovis-lak/37.76.82.165:40435 UDPv4 WRITE [22] to 37.76.82.165:40435: P_ACK_V1 kid=2 [ 24 ]
- Mon Feb 22 19:35:01 2016 us=466005 tovis-lak/37.76.82.165:40435 UDPv4 READ [114] from 37.76.82.165:40435: P_CONTROL_V1 kid=2 [ ] pid=25 DATA len=100
- Mon Feb 22 19:35:01 2016 us=572311 tovis-lak/37.76.82.165:40435 UDPv4 WRITE [22] to 37.76.82.165:40435: P_ACK_V1 kid=2 [ 25 ]
- Mon Feb 22 19:35:01 2016 us=572964 tovis-lak/37.76.82.165:40435 NOTE: --mute triggered...
- Mon Feb 22 19:35:01 2016 us=715889 tovis-lak/37.76.82.165:40435 35 variation(s) on previous 5 message(s) suppressed by --mute
- Mon Feb 22 19:35:01 2016 us=716135 tovis-lak/37.76.82.165:40435 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
- Mon Feb 22 19:35:01 2016 us=716485 tovis-lak/37.76.82.165:40435 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
- Mon Feb 22 19:35:01 2016 us=717300 tovis-lak/37.76.82.165:40435 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
- Mon Feb 22 19:35:01 2016 us=717490 tovis-lak/37.76.82.165:40435 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
- Mon Feb 22 19:35:01 2016 us=718844 tovis-lak/37.76.82.165:40435 UDPv4 WRITE [126] to 37.76.82.165:40435: P_CONTROL_V1 kid=2 [ 30 ] pid=43 DATA len=100
- Mon Feb 22 19:35:01 2016 us=719450 tovis-lak/37.76.82.165:40435 UDPv4 WRITE [68] to 37.76.82.165:40435: P_CONTROL_V1 kid=2 [ ] pid=44 DATA len=54
- Mon Feb 22 19:35:01 2016 us=744985 tovis-lak/37.76.82.165:40435 UDPv4 READ [22] from 37.76.82.165:40435: P_ACK_V1 kid=2 [ 43 ]
- Mon Feb 22 19:35:01 2016 us=749970 tovis-lak/37.76.82.165:40435 UDPv4 READ [22] from 37.76.82.165:40435: P_ACK_V1 kid=2 [ 44 ]
- Mon Feb 22 19:35:01 2016 us=750287 tovis-lak/37.76.82.165:40435 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
- Mon Feb 22 19:35:11 2016 us=926805 tovis-lak/37.76.82.165:40435 UDPv4 WRITE [53] to 37.76.82.165:40435: P_DATA_V1 kid=1 DATA len=52
- Mon Feb 22 19:35:11 2016 us=933217 tovis-lak/37.76.82.165:40435 UDPv4 READ [53] from 37.76.82.165:40435: P_DATA_V1 kid=1 DATA len=52
- Mon Feb 22 19:35:15 2016 us=339673 tovis-lak/37.76.82.165:40435 UDPv4 READ [117] from 37.76.82.165:40435: P_DATA_V1 kid=1 DATA len=116
- Mon Feb 22 19:35:15 2016 us=340896 tovis-lak/37.76.82.165:40435 UDPv4 WRITE [117] to 37.76.82.165:40435: P_DATA_V1 kid=1 DATA len=116
- Mon Feb 22 19:35:25 2016 us=532358 tovis-lak/37.76.82.165:40435 UDPv4 READ [53] from 37.76.82.165:40435: P_DATA_V1 kid=1 DATA len=52
- Mon Feb 22 19:35:25 2016 us=532908 tovis-lak/37.76.82.165:40435 NOTE: --mute triggered...
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement