API tools faq
paste
Advertisement
tovis

INVALID openvpn server configuration on opemwrt

tovis
Feb 22nd, 2016
288
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 33.65 KB | None | 0 0
raw download clone embed print report
  1. # Server side - configuration FAILURE
  2. # Client could ping server side hosts, but
  3. # server side hosts can not ping client side hosts
  4. #
  5. # /etc/config/network
  6. #
  7.  
  8. config interface 'loopback'
  9. option ifname 'lo'
  10. option proto 'static'
  11. option ipaddr '127.0.0.1'
  12. option netmask '255.0.0.0'
  13.  
  14. config interface 'lan'
  15. option ifname 'eth0.1'
  16. option type 'bridge'
  17. option proto 'static'
  18. option netmask '255.255.255.0'
  19. option ipaddr '192.168.1.254'
  20.  
  21. config interface 'wan'
  22. option ifname 'eth0.2'
  23. option proto 'dhcp'
  24. option macaddr '00:04:E2:2A:CE:F6'
  25.  
  26. config switch
  27. option name 'rtl8366rb'
  28. option reset '1'
  29. option enable_vlan '1'
  30.  
  31. config switch_vlan
  32. option device 'rtl8366rb'
  33. option vlan '1'
  34. option ports '1 2 3 4 5t'
  35.  
  36. config switch_vlan
  37. option device 'rtl8366rb'
  38. option vlan '2'
  39. option ports '0 5t'
  40.  
  41. config interface 'vpn'
  42. option proto 'static'
  43. option ifname 'tun0'
  44. option ipaddr '10.8.0.1'
  45. option netmask '255.255.255.0'
  46.  
  47. #
  48. # /etc/config/firewall
  49. #
  50.  
  51. config defaults
  52. option syn_flood '1'
  53. option input 'ACCEPT'
  54. option output 'ACCEPT'
  55. option forward 'REJECT'
  56.  
  57. config zone
  58. option name 'lan'
  59. option network 'lan'
  60. option input 'ACCEPT'
  61. option output 'ACCEPT'
  62. option forward 'REJECT'
  63.  
  64. config zone
  65. option name 'wan'
  66. option network 'wan'
  67. option input 'REJECT'
  68. option output 'ACCEPT'
  69. option forward 'REJECT'
  70. option masq '1'
  71. option mtu_fix '1'
  72.  
  73. config forwarding
  74. option src 'lan'
  75. option dest 'wan'
  76.  
  77. config rule
  78. option name 'Allow-DHCP-Renew'
  79. option src 'wan'
  80. option proto 'udp'
  81. option dest_port '68'
  82. option target 'ACCEPT'
  83. option family 'ipv4'
  84.  
  85. config rule
  86. option name 'Allow-Ping'
  87. option src 'wan'
  88. option proto 'icmp'
  89. option icmp_type 'echo-request'
  90. option family 'ipv4'
  91. option target 'ACCEPT'
  92.  
  93. config rule
  94. option name 'Allow-DHCPv6'
  95. option src 'wan'
  96. option proto 'udp'
  97. option src_ip 'fe80::/10'
  98. option src_port '547'
  99. option dest_ip 'fe80::/10'
  100. option dest_port '546'
  101. option family 'ipv6'
  102. option target 'ACCEPT'
  103.  
  104. config rule
  105. option name 'Allow-ICMPv6-Input'
  106. option src 'wan'
  107. option proto 'icmp'
  108. list icmp_type 'echo-request'
  109. list icmp_type 'echo-reply'
  110. list icmp_type 'destination-unreachable'
  111. list icmp_type 'packet-too-big'
  112. list icmp_type 'time-exceeded'
  113. list icmp_type 'bad-header'
  114. list icmp_type 'unknown-header-type'
  115. list icmp_type 'router-solicitation'
  116. list icmp_type 'neighbour-solicitation'
  117. list icmp_type 'router-advertisement'
  118. list icmp_type 'neighbour-advertisement'
  119. option limit '1000/sec'
  120. option family 'ipv6'
  121. option target 'ACCEPT'
  122.  
  123. config rule
  124. option name 'Allow-ICMPv6-Forward'
  125. option src 'wan'
  126. option dest '*'
  127. option proto 'icmp'
  128. list icmp_type 'echo-request'
  129. list icmp_type 'echo-reply'
  130. list icmp_type 'destination-unreachable'
  131. list icmp_type 'packet-too-big'
  132. list icmp_type 'time-exceeded'
  133. list icmp_type 'bad-header'
  134. list icmp_type 'unknown-header-type'
  135. option limit '1000/sec'
  136. option family 'ipv6'
  137. option target 'ACCEPT'
  138.  
  139. config include
  140. option path '/etc/firewall.user'
  141.  
  142. config redirect
  143. option target 'DNAT'
  144. option src 'wan'
  145. option dest 'lan'
  146. option proto 'tcp'
  147. option src_dport '22'
  148. option dest_ip '192.168.1.251'
  149. option dest_port '22'
  150. option name 'nusi_ssh'
  151.  
  152. config redirect
  153. option target 'DNAT'
  154. option src 'wan'
  155. option dest 'lan'
  156. option proto 'tcp'
  157. option src_dport '443'
  158. option dest_ip '192.168.1.251'
  159. option dest_port '443'
  160. option name 'nusi_https'
  161.  
  162. config redirect
  163. option target 'DNAT'
  164. option src 'wan'
  165. option dest 'lan'
  166. option proto 'tcp'
  167. option src_dport '3389'
  168. option dest_ip '192.168.1.249'
  169. option dest_port '3389'
  170. option name 'titan'
  171.  
  172. config redirect
  173. option target 'DNAT'
  174. option src 'wan'
  175. option dest 'lan'
  176. option proto 'tcp udp'
  177. option src_dport '54321'
  178. option dest_ip '192.168.1.56'
  179. option dest_port '5900'
  180. option name 'VNC-MST03'
  181.  
  182. config rule
  183. option src 'wan'
  184. option target 'ACCEPT'
  185. option proto 'tcp'
  186. option dest_port '22'
  187.  
  188. config rule
  189. option target 'ACCEPT'
  190. option name 'vpn'
  191. option src 'wan'
  192. option proto 'udp'
  193. option dest_port '1194'
  194. option family 'ipv4'
  195.  
  196. config redirect
  197. option target 'DNAT'
  198. option src 'wan'
  199. option dest 'lan'
  200. option proto 'tcp'
  201. option src_dport '54322'
  202. option dest_ip '192.168.1.56'
  203. option dest_port '3389'
  204. option name 'WPC-MST03'
  205.  
  206. config redirect
  207. option target 'DNAT'
  208. option src 'wan'
  209. option dest 'lan'
  210. option proto 'tcp'
  211. option src_dport '10022'
  212. option dest_ip '192.168.1.254'
  213. option dest_port '10022'
  214. option name 'lab-ssh'
  215.  
  216. config zone
  217. option input 'ACCEPT'
  218. option output 'ACCEPT'
  219. option name 'vpn'
  220. option forward 'ACCEPT'
  221. option masq '1'
  222. option network 'vpn'
  223. option family 'ipv4'
  224.  
  225. config forwarding
  226. option src 'vpn'
  227. option dest 'lan'
  228.  
  229. config forwarding
  230. option src 'lan'
  231. option dest 'vpn'
  232.  
  233. #
  234. # /etc/config/openvpn - consist only an include to /etc/openvpn/srv-vpn.conf
  235. #
  236. port 1194
  237. proto udp
  238. dev tun
  239. ca /etc/openvpn/ca.crt
  240. cert /etc/openvpn/server.crt
  241. key /etc/openvpn/server.key
  242. dh /etc/openvpn/dh1024.pem
  243. server 10.8.0.0 255.255.255.0
  244. ifconfig-pool-persist /tmp/openvpn-ipp.txt
  245. push "route 192.168.1.0 255.255.255.0"
  246. client-config-dir ccd
  247. route 192.168.2.0 255.255.255.0 10.8.0.1
  248. keepalive 10 120
  249. max-clients 3
  250. persist-key 1
  251. persist-tun 1
  252. status /tmp/openvpn-status.log
  253. log /tmp/openvpn.log
  254. # 9 is extremely verbose
  255. verb 7
  256. mute 5
  257.  
  258. #
  259. # /etc/openvpn/ccd/tovis-lak
  260. # contain only one row
  261. #
  262. iroute 192.168.2.0 255.255.255.0
  263.  
  264. #
  265. # the output of command # ifconfig
  266. #
  267. br-lan Link encap:Ethernet HWaddr B0:48:7A:99:AA:2A
  268. inet addr:192.168.1.254 Bcast:192.168.1.255 Mask:255.255.255.0
  269. UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
  270. RX packets:7957 errors:0 dropped:0 overruns:0 frame:0
  271. TX packets:6727 errors:0 dropped:0 overruns:0 carrier:0
  272. collisions:0 txqueuelen:0
  273. RX bytes:896215 (875.2 KiB) TX bytes:2458271 (2.3 MiB)
  274.  
  275. eth0 Link encap:Ethernet HWaddr B0:48:7A:99:AA:2A
  276. UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
  277. RX packets:29244 errors:0 dropped:0 overruns:59047 frame:0
  278. TX packets:14520 errors:0 dropped:0 overruns:0 carrier:0
  279. collisions:0 txqueuelen:1000
  280. RX bytes:4359874 (4.1 MiB) TX bytes:3417832 (3.2 MiB)
  281. Interrupt:4
  282.  
  283. eth0.1 Link encap:Ethernet HWaddr B0:48:7A:99:AA:2A
  284. UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
  285. RX packets:7957 errors:0 dropped:0 overruns:0 frame:0
  286. TX packets:6734 errors:0 dropped:0 overruns:0 carrier:0
  287. collisions:0 txqueuelen:0
  288. RX bytes:896215 (875.2 KiB) TX bytes:2458593 (2.3 MiB)
  289.  
  290. eth0.2 Link encap:Ethernet HWaddr 00:04:E2:2A:CE:F6
  291. inet addr:80.98.106.112 Bcast:80.98.106.255 Mask:255.255.255.0
  292. UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
  293. RX packets:21079 errors:0 dropped:0 overruns:0 frame:0
  294. TX packets:7785 errors:0 dropped:0 overruns:0 carrier:0
  295. collisions:0 txqueuelen:0
  296. RX bytes:2927851 (2.7 MiB) TX bytes:900120 (879.0 KiB)
  297.  
  298. lo Link encap:Local Loopback
  299. inet addr:127.0.0.1 Mask:255.0.0.0
  300. UP LOOPBACK RUNNING MTU:16436 Metric:1
  301. RX packets:106 errors:0 dropped:0 overruns:0 frame:0
  302. TX packets:106 errors:0 dropped:0 overruns:0 carrier:0
  303. collisions:0 txqueuelen:0
  304. RX bytes:8253 (8.0 KiB) TX bytes:8253 (8.0 KiB)
  305.  
  306. tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
  307. inet addr:10.8.0.1 P-t-P:10.8.0.2 Mask:255.255.255.0
  308. UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
  309. RX packets:6 errors:0 dropped:0 overruns:0 frame:0
  310. TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
  311. collisions:0 txqueuelen:100
  312. RX bytes:456 (456.0 B) TX bytes:456 (456.0 B)
  313.  
  314. wlan0 Link encap:Ethernet HWaddr B0:48:7A:99:AA:2A
  315. UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
  316. RX packets:0 errors:0 dropped:0 overruns:0 frame:0
  317. TX packets:107 errors:0 dropped:0 overruns:0 carrier:0
  318. collisions:0 txqueuelen:32
  319. RX bytes:0 (0.0 B) TX bytes:21124 (20.6 KiB)
  320.  
  321. #
  322. # output of command # route
  323. #
  324. Kernel IP routing table
  325. Destination Gateway Genmask Flags Metric Ref Use Iface
  326. default catv-80-98-106- 0.0.0.0 UG 0 0 0 eth0.2
  327. 10.8.0.0 10.8.0.2 255.255.255.0 UG 0 0 0 tun0
  328. 10.8.0.0 * 255.255.255.0 U 0 0 0 tun0
  329. 80.98.106.0 * 255.255.255.0 U 0 0 0 eth0.2
  330. 192.168.1.0 * 255.255.255.0 U 0 0 0 br-lan
  331. 192.168.2.0 10.8.0.1 255.255.255.0 UG 0 0 0 tun0
  332.  
  333. #
  334. # output of command # iptables -L
  335. #
  336. Chain INPUT (policy ACCEPT)
  337. target prot opt source destination
  338. ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
  339. ACCEPT all -- anywhere anywhere
  340. syn_flood tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN
  341. input_rule all -- anywhere anywhere
  342. input all -- anywhere anywhere
  343.  
  344. Chain FORWARD (policy DROP)
  345. target prot opt source destination
  346. ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
  347. forwarding_rule all -- anywhere anywhere
  348. forward all -- anywhere anywhere
  349. reject all -- anywhere anywhere
  350.  
  351. Chain OUTPUT (policy ACCEPT)
  352. target prot opt source destination
  353. ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
  354. ACCEPT all -- anywhere anywhere
  355. output_rule all -- anywhere anywhere
  356. output all -- anywhere anywhere
  357.  
  358. Chain forward (1 references)
  359. target prot opt source destination
  360. zone_lan_forward all -- anywhere anywhere
  361. zone_wan_forward all -- anywhere anywhere
  362. zone_vpn_forward all -- anywhere anywhere
  363.  
  364. Chain forwarding_lan (1 references)
  365. target prot opt source destination
  366.  
  367. Chain forwarding_rule (1 references)
  368. target prot opt source destination
  369. nat_reflection_fwd all -- anywhere anywhere
  370.  
  371. Chain forwarding_vpn (1 references)
  372. target prot opt source destination
  373.  
  374. Chain forwarding_wan (1 references)
  375. target prot opt source destination
  376.  
  377. Chain input (1 references)
  378. target prot opt source destination
  379. zone_lan all -- anywhere anywhere
  380. zone_wan all -- anywhere anywhere
  381. zone_vpn all -- anywhere anywhere
  382.  
  383. Chain input_lan (1 references)
  384. target prot opt source destination
  385.  
  386. Chain input_rule (1 references)
  387. target prot opt source destination
  388.  
  389. Chain input_vpn (1 references)
  390. target prot opt source destination
  391.  
  392. Chain input_wan (1 references)
  393. target prot opt source destination
  394.  
  395. Chain nat_reflection_fwd (1 references)
  396. target prot opt source destination
  397. ACCEPT tcp -- 192.168.1.0/24 192.168.1.251 tcp dpt:ssh /* wan */
  398. ACCEPT tcp -- 192.168.1.0/24 192.168.1.251 tcp dpt:https /* wan */
  399. ACCEPT tcp -- 192.168.1.0/24 192.168.1.249 tcp dpt:3389 /* wan */
  400. ACCEPT tcp -- 192.168.1.0/24 192.168.1.56 tcp dpt:5900 /* wan */
  401. ACCEPT udp -- 192.168.1.0/24 192.168.1.56 udp dpt:5900 /* wan */
  402. ACCEPT tcp -- 192.168.1.0/24 192.168.1.56 tcp dpt:3389 /* wan */
  403. ACCEPT tcp -- 192.168.1.0/24 tovis-lab.lan tcp dpt:10022 /* wan */
  404.  
  405. Chain output (1 references)
  406. target prot opt source destination
  407. zone_lan_ACCEPT all -- anywhere anywhere
  408. zone_wan_ACCEPT all -- anywhere anywhere
  409. zone_vpn_ACCEPT all -- anywhere anywhere
  410.  
  411. Chain output_rule (1 references)
  412. target prot opt source destination
  413.  
  414. Chain reject (7 references)
  415. target prot opt source destination
  416. REJECT tcp -- anywhere anywhere reject-with tcp-reset
  417. REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
  418.  
  419. Chain syn_flood (1 references)
  420. target prot opt source destination
  421. RETURN tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN limit: avg 25/sec burst 50
  422. DROP all -- anywhere anywhere
  423.  
  424. Chain zone_lan (1 references)
  425. target prot opt source destination
  426. input_lan all -- anywhere anywhere
  427. zone_lan_ACCEPT all -- anywhere anywhere
  428.  
  429. Chain zone_lan_ACCEPT (3 references)
  430. target prot opt source destination
  431. ACCEPT all -- anywhere anywhere
  432. ACCEPT all -- anywhere anywhere
  433.  
  434. Chain zone_lan_DROP (0 references)
  435. target prot opt source destination
  436. DROP all -- anywhere anywhere
  437. DROP all -- anywhere anywhere
  438.  
  439. Chain zone_lan_REJECT (1 references)
  440. target prot opt source destination
  441. reject all -- anywhere anywhere
  442. reject all -- anywhere anywhere
  443.  
  444. Chain zone_lan_forward (1 references)
  445. target prot opt source destination
  446. zone_vpn_ACCEPT all -- anywhere anywhere
  447. zone_wan_ACCEPT all -- anywhere anywhere
  448. forwarding_lan all -- anywhere anywhere
  449. zone_lan_REJECT all -- anywhere anywhere
  450.  
  451. Chain zone_vpn (1 references)
  452. target prot opt source destination
  453. input_vpn all -- anywhere anywhere
  454. zone_vpn_ACCEPT all -- anywhere anywhere
  455.  
  456. Chain zone_vpn_ACCEPT (4 references)
  457. target prot opt source destination
  458. ACCEPT all -- anywhere anywhere
  459. ACCEPT all -- anywhere anywhere
  460.  
  461. Chain zone_vpn_DROP (0 references)
  462. target prot opt source destination
  463. DROP all -- anywhere anywhere
  464. DROP all -- anywhere anywhere
  465.  
  466. Chain zone_vpn_REJECT (0 references)
  467. target prot opt source destination
  468. reject all -- anywhere anywhere
  469. reject all -- anywhere anywhere
  470.  
  471. Chain zone_vpn_forward (1 references)
  472. target prot opt source destination
  473. zone_lan_ACCEPT all -- anywhere anywhere
  474. forwarding_vpn all -- anywhere anywhere
  475. zone_vpn_ACCEPT all -- anywhere anywhere
  476.  
  477. Chain zone_wan (1 references)
  478. target prot opt source destination
  479. ACCEPT udp -- anywhere anywhere udp dpt:bootpc
  480. ACCEPT icmp -- anywhere anywhere icmp echo-request
  481. ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
  482. ACCEPT udp -- anywhere anywhere udp dpt:openvpn
  483. ACCEPT tcp -- anywhere tovis-lab.lan tcp dpt:10022 ctstate DNAT
  484. input_wan all -- anywhere anywhere
  485. zone_wan_REJECT all -- anywhere anywhere
  486.  
  487. Chain zone_wan_ACCEPT (2 references)
  488. target prot opt source destination
  489. ACCEPT all -- anywhere anywhere
  490. ACCEPT all -- anywhere anywhere
  491.  
  492. Chain zone_wan_DROP (0 references)
  493. target prot opt source destination
  494. DROP all -- anywhere anywhere
  495. DROP all -- anywhere anywhere
  496.  
  497. Chain zone_wan_REJECT (2 references)
  498. target prot opt source destination
  499. reject all -- anywhere anywhere
  500. reject all -- anywhere anywhere
  501.  
  502. Chain zone_wan_forward (1 references)
  503. target prot opt source destination
  504. ACCEPT tcp -- anywhere 192.168.1.251 tcp dpt:ssh
  505. ACCEPT tcp -- anywhere 192.168.1.251 tcp dpt:https
  506. ACCEPT tcp -- anywhere 192.168.1.249 tcp dpt:3389
  507. ACCEPT tcp -- anywhere 192.168.1.56 tcp dpt:5900
  508. ACCEPT udp -- anywhere 192.168.1.56 udp dpt:5900
  509. ACCEPT tcp -- anywhere 192.168.1.56 tcp dpt:3389
  510. forwarding_wan all -- anywhere anywhere
  511. zone_wan_REJECT all -- anywhere anywhere
  512.  
  513. #
  514. # /tmp/openvpn-status.log
  515. #
  516. OpenVPN CLIENT LIST
  517. Updated,Mon Feb 22 17:40:01 2016
  518. Common Name,Real Address,Bytes Received,Bytes Sent,Connected Since
  519. tovis-lak,37.76.82.165:40435,6298,7711,Mon Feb 22 17:34:58 2016
  520. ROUTING TABLE
  521. Virtual Address,Common Name,Real Address,Last Ref
  522. 10.8.0.6,tovis-lak,37.76.82.165:40435,Mon Feb 22 17:39:27 2016
  523. GLOBAL STATS
  524. Max bcast/mcast queue length,0
  525. END
  526.  
  527. #
  528. # /tmp/openvpn.log
  529. #
  530. Mon Feb 22 17:34:43 2016 us=343785 OpenVPN 2.2.2 mips-openwrt-linux [SSL] [LZO2] [EPOLL] built on Mar 14 2013
  531. Mon Feb 22 17:34:43 2016 us=345027 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
  532. Mon Feb 22 17:34:43 2016 us=516981 Diffie-Hellman initialized with 1024 bit key
  533. Mon Feb 22 17:34:43 2016 us=537367 TLS-Auth MTU parms [ L:1541 D:138 EF:38 EB:0 ET:0 EL:0 ]
  534. Mon Feb 22 17:34:43 2016 us=537717 Socket Buffers: R=[163840->131072] S=[163840->131072]
  535. Mon Feb 22 17:34:43 2016 us=546356 TUN/TAP device tun0 opened
  536. Mon Feb 22 17:34:43 2016 us=546656 TUN/TAP TX queue length set to 100
  537. Mon Feb 22 17:34:43 2016 us=547095 /sbin/ifconfig tun0 10.8.0.1 pointopoint 10.8.0.2 mtu 1500
  538. Mon Feb 22 17:34:43 2016 us=561230 /sbin/route add -net 192.168.2.0 netmask 255.255.255.0 gw 10.8.0.1
  539. Mon Feb 22 17:34:43 2016 us=572392 /sbin/route add -net 10.8.0.0 netmask 255.255.255.0 gw 10.8.0.2
  540. Mon Feb 22 17:34:43 2016 us=598377 Data Channel MTU parms [ L:1541 D:1450 EF:41 EB:4 ET:0 EL:0 ]
  541. Mon Feb 22 17:34:43 2016 us=598865 UDPv4 link local (bound): [undef]:1194
  542. Mon Feb 22 17:34:43 2016 us=599041 UDPv4 link remote: [undef]
  543. Mon Feb 22 17:34:43 2016 us=599205 MULTI: multi_init called, r=256 v=256
  544. Mon Feb 22 17:34:43 2016 us=599578 IFCONFIG POOL: base=10.8.0.4 size=62
  545. Mon Feb 22 17:34:43 2016 us=599785 IFCONFIG POOL LIST
  546. Mon Feb 22 17:34:43 2016 us=600094 Initialization Sequence Completed
  547. Mon Feb 22 17:34:58 2016 us=211288 MULTI: multi_create_instance called
  548. Mon Feb 22 17:34:58 2016 us=211836 37.76.82.165:40435 Re-using SSL/TLS context
  549. Mon Feb 22 17:34:58 2016 us=213180 37.76.82.165:40435 Control Channel MTU parms [ L:1541 D:138 EF:38 EB:0 ET:0 EL:0 ]
  550. Mon Feb 22 17:34:58 2016 us=213441 37.76.82.165:40435 Data Channel MTU parms [ L:1541 D:1450 EF:41 EB:4 ET:0 EL:0 ]
  551. Mon Feb 22 17:34:58 2016 us=213845 37.76.82.165:40435 UDPv4 READ [14] from 37.76.82.165:40435: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ ] pid=0 DATA len=0
  552. Mon Feb 22 17:34:58 2016 us=214163 37.76.82.165:40435 TLS: Initial packet from 37.76.82.165:40435, sid=2e7f9dba 37d188d7
  553. Mon Feb 22 17:34:58 2016 us=214526 37.76.82.165:40435 UDPv4 WRITE [26] to 37.76.82.165:40435: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 [ 0 ] pid=0 DATA len=0
  554. Mon Feb 22 17:34:58 2016 us=332026 37.76.82.165:40435 UDPv4 READ [22] from 37.76.82.165:40435: P_ACK_V1 kid=0 [ 0 ]
  555. Mon Feb 22 17:34:58 2016 us=339858 37.76.82.165:40435 UDPv4 READ [114] from 37.76.82.165:40435: P_CONTROL_V1 kid=0 [ ] pid=1 DATA len=100
  556. Mon Feb 22 17:34:58 2016 us=340497 37.76.82.165:40435 UDPv4 WRITE [22] to 37.76.82.165:40435: P_ACK_V1 kid=0 [ 1 ]
  557. Mon Feb 22 17:34:58 2016 us=341173 37.76.82.165:40435 UDPv4 READ [32] from 37.76.82.165:40435: P_CONTROL_V1 kid=0 [ ] pid=2 DATA len=18
  558. Mon Feb 22 17:34:58 2016 us=494657 37.76.82.165:40435 NOTE: --mute triggered...
  559. Mon Feb 22 17:34:59 2016 us=141920 37.76.82.165:40435 96 variation(s) on previous 5 message(s) suppressed by --mute
  560. Mon Feb 22 17:34:59 2016 us=142272 37.76.82.165:40435 VERIFY OK: depth=1, /C=HU/ST=BP/L=Budapest/O=tovis-lab/OU=changeme/CN=tovis-lab.some_dns.org/name=tovis/emailAddress=tovises@freemail.hu
  561. Mon Feb 22 17:34:59 2016 us=145498 37.76.82.165:40435 VERIFY OK: depth=0, /C=HU/ST=Budapest/L=Budapest/O=tovis-lak/OU=houskeeping/CN=tovis-lak/name=tovis/emailAddress=tovises@freemail.hu
  562. Mon Feb 22 17:34:59 2016 us=146080 37.76.82.165:40435 UDPv4 WRITE [22] to 37.76.82.165:40435: P_ACK_V1 kid=0 [ 23 ]
  563. Mon Feb 22 17:34:59 2016 us=146877 37.76.82.165:40435 UDPv4 READ [114] from 37.76.82.165:40435: P_CONTROL_V1 kid=0 [ ] pid=24 DATA len=100
  564. Mon Feb 22 17:34:59 2016 us=147558 37.76.82.165:40435 UDPv4 WRITE [22] to 37.76.82.165:40435: P_ACK_V1 kid=0 [ 24 ]
  565. Mon Feb 22 17:34:59 2016 us=148227 37.76.82.165:40435 UDPv4 READ [114] from 37.76.82.165:40435: P_CONTROL_V1 kid=0 [ ] pid=25 DATA len=100
  566. Mon Feb 22 17:34:59 2016 us=255604 37.76.82.165:40435 UDPv4 WRITE [22] to 37.76.82.165:40435: P_ACK_V1 kid=0 [ 25 ]
  567. Mon Feb 22 17:34:59 2016 us=256261 37.76.82.165:40435 NOTE: --mute triggered...
  568. Mon Feb 22 17:34:59 2016 us=409616 37.76.82.165:40435 35 variation(s) on previous 5 message(s) suppressed by --mute
  569. Mon Feb 22 17:34:59 2016 us=409914 37.76.82.165:40435 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
  570. Mon Feb 22 17:34:59 2016 us=410121 37.76.82.165:40435 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
  571. Mon Feb 22 17:34:59 2016 us=410906 37.76.82.165:40435 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
  572. Mon Feb 22 17:34:59 2016 us=411096 37.76.82.165:40435 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
  573. Mon Feb 22 17:34:59 2016 us=412058 37.76.82.165:40435 UDPv4 WRITE [126] to 37.76.82.165:40435: P_CONTROL_V1 kid=0 [ 30 ] pid=43 DATA len=100
  574. Mon Feb 22 17:34:59 2016 us=412655 37.76.82.165:40435 UDPv4 WRITE [68] to 37.76.82.165:40435: P_CONTROL_V1 kid=0 [ ] pid=44 DATA len=54
  575. Mon Feb 22 17:34:59 2016 us=438448 37.76.82.165:40435 UDPv4 READ [22] from 37.76.82.165:40435: P_ACK_V1 kid=0 [ 43 ]
  576. Mon Feb 22 17:34:59 2016 us=444151 37.76.82.165:40435 UDPv4 READ [22] from 37.76.82.165:40435: P_ACK_V1 kid=0 [ 44 ]
  577. Mon Feb 22 17:34:59 2016 us=444524 37.76.82.165:40435 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
  578. Mon Feb 22 17:34:59 2016 us=444843 37.76.82.165:40435 [tovis-lak] Peer Connection Initiated with 37.76.82.165:40435
  579. Mon Feb 22 17:34:59 2016 us=445810 tovis-lak/37.76.82.165:40435 MULTI: Learn: 10.8.0.6 -> tovis-lak/37.76.82.165:40435
  580. Mon Feb 22 17:34:59 2016 us=446022 tovis-lak/37.76.82.165:40435 MULTI: primary virtual IP for tovis-lak/37.76.82.165:40435: 10.8.0.6
  581. Mon Feb 22 17:35:01 2016 us=860038 tovis-lak/37.76.82.165:40435 UDPv4 READ [104] from 37.76.82.165:40435: P_CONTROL_V1 kid=0 [ ] pid=31 DATA len=90
  582. Mon Feb 22 17:35:01 2016 us=860867 tovis-lak/37.76.82.165:40435 PUSH: Received control message: 'PUSH_REQUEST'
  583. Mon Feb 22 17:35:01 2016 us=861752 tovis-lak/37.76.82.165:40435 SENT CONTROL [tovis-lak]: 'PUSH_REPLY,route 192.168.1.0 255.255.255.0,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5' (status=1)
  584. Mon Feb 22 17:35:01 2016 us=862115 tovis-lak/37.76.82.165:40435 UDPv4 WRITE [22] to 37.76.82.165:40435: P_ACK_V1 kid=0 [ 31 ]
  585. Mon Feb 22 17:35:01 2016 us=862667 tovis-lak/37.76.82.165:40435 UDPv4 WRITE [114] to 37.76.82.165:40435: P_CONTROL_V1 kid=0 [ ] pid=45 DATA len=100
  586. Mon Feb 22 17:35:01 2016 us=863236 tovis-lak/37.76.82.165:40435 UDPv4 WRITE [84] to 37.76.82.165:40435: P_CONTROL_V1 kid=0 [ ] pid=46 DATA len=70
  587. Mon Feb 22 17:35:01 2016 us=888626 tovis-lak/37.76.82.165:40435 UDPv4 READ [22] from 37.76.82.165:40435: P_ACK_V1 kid=0 [ 45 ]
  588. Mon Feb 22 17:35:01 2016 us=890775 tovis-lak/37.76.82.165:40435 UDPv4 READ [22] from 37.76.82.165:40435: P_ACK_V1 kid=0 [ 46 ]
  589. Mon Feb 22 17:35:06 2016 us=8852 tovis-lak/37.76.82.165:40435 NOTE: --mute triggered...
  590. Mon Feb 22 18:34:59 2016 us=125343 tovis-lak/37.76.82.165:40435 761 variation(s) on previous 5 message(s) suppressed by --mute
  591. Mon Feb 22 18:34:59 2016 us=125574 tovis-lak/37.76.82.165:40435 TLS: soft reset sec=0 bytes=46996/0 pkts=761/0
  592. Mon Feb 22 18:34:59 2016 us=126395 tovis-lak/37.76.82.165:40435 UDPv4 WRITE [14] to 37.76.82.165:40435: P_CONTROL_SOFT_RESET_V1 kid=1 [ ] pid=0 DATA len=0
  593. Mon Feb 22 18:34:59 2016 us=170568 tovis-lak/37.76.82.165:40435 UDPv4 READ [26] from 37.76.82.165:40435: P_CONTROL_SOFT_RESET_V1 kid=1 [ 0 ] pid=0 DATA len=0
  594. Mon Feb 22 18:34:59 2016 us=171176 tovis-lak/37.76.82.165:40435 UDPv4 WRITE [22] to 37.76.82.165:40435: P_ACK_V1 kid=1 [ 0 ]
  595. Mon Feb 22 18:34:59 2016 us=204189 tovis-lak/37.76.82.165:40435 UDPv4 READ [114] from 37.76.82.165:40435: P_CONTROL_V1 kid=1 [ ] pid=1 DATA len=100
  596. Mon Feb 22 18:34:59 2016 us=204799 tovis-lak/37.76.82.165:40435 UDPv4 WRITE [22] to 37.76.82.165:40435: P_ACK_V1 kid=1 [ 1 ]
  597. Mon Feb 22 18:34:59 2016 us=205340 tovis-lak/37.76.82.165:40435 NOTE: --mute triggered...
  598. Mon Feb 22 18:34:59 2016 us=988971 tovis-lak/37.76.82.165:40435 97 variation(s) on previous 5 message(s) suppressed by --mute
  599. Mon Feb 22 18:34:59 2016 us=989199 tovis-lak/37.76.82.165:40435 VERIFY OK: depth=1, /C=HU/ST=BP/L=Budapest/O=tovis-lab/OU=changeme/CN=tovis-lab.some_dns.org/name=tovis/emailAddress=tovises@freemail.hu
  600. Mon Feb 22 18:34:59 2016 us=992613 tovis-lak/37.76.82.165:40435 VERIFY OK: depth=0, /C=HU/ST=Budapest/L=Budapest/O=tovis-lak/OU=houskeeping/CN=tovis-lak/name=tovis/emailAddress=tovises@freemail.hu
  601. Mon Feb 22 18:34:59 2016 us=993198 tovis-lak/37.76.82.165:40435 UDPv4 WRITE [22] to 37.76.82.165:40435: P_ACK_V1 kid=1 [ 23 ]
  602. Mon Feb 22 18:34:59 2016 us=993867 tovis-lak/37.76.82.165:40435 UDPv4 READ [114] from 37.76.82.165:40435: P_CONTROL_V1 kid=1 [ ] pid=24 DATA len=100
  603. Mon Feb 22 18:34:59 2016 us=994432 tovis-lak/37.76.82.165:40435 UDPv4 WRITE [22] to 37.76.82.165:40435: P_ACK_V1 kid=1 [ 24 ]
  604. Mon Feb 22 18:34:59 2016 us=996478 tovis-lak/37.76.82.165:40435 UDPv4 READ [114] from 37.76.82.165:40435: P_CONTROL_V1 kid=1 [ ] pid=25 DATA len=100
  605. Mon Feb 22 18:35:00 2016 us=102638 tovis-lak/37.76.82.165:40435 UDPv4 WRITE [22] to 37.76.82.165:40435: P_ACK_V1 kid=1 [ 25 ]
  606. Mon Feb 22 18:35:00 2016 us=103250 tovis-lak/37.76.82.165:40435 NOTE: --mute triggered...
  607. Mon Feb 22 18:35:00 2016 us=249009 tovis-lak/37.76.82.165:40435 35 variation(s) on previous 5 message(s) suppressed by --mute
  608. Mon Feb 22 18:35:00 2016 us=249261 tovis-lak/37.76.82.165:40435 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
  609. Mon Feb 22 18:35:00 2016 us=249445 tovis-lak/37.76.82.165:40435 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
  610. Mon Feb 22 18:35:00 2016 us=250230 tovis-lak/37.76.82.165:40435 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
  611. Mon Feb 22 18:35:00 2016 us=250421 tovis-lak/37.76.82.165:40435 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
  612. Mon Feb 22 18:35:00 2016 us=251384 tovis-lak/37.76.82.165:40435 UDPv4 WRITE [126] to 37.76.82.165:40435: P_CONTROL_V1 kid=1 [ 30 ] pid=43 DATA len=100
  613. Mon Feb 22 18:35:00 2016 us=251994 tovis-lak/37.76.82.165:40435 UDPv4 WRITE [68] to 37.76.82.165:40435: P_CONTROL_V1 kid=1 [ ] pid=44 DATA len=54
  614. Mon Feb 22 18:35:00 2016 us=278510 tovis-lak/37.76.82.165:40435 UDPv4 READ [22] from 37.76.82.165:40435: P_ACK_V1 kid=1 [ 43 ]
  615. Mon Feb 22 18:35:00 2016 us=284600 tovis-lak/37.76.82.165:40435 UDPv4 READ [22] from 37.76.82.165:40435: P_ACK_V1 kid=1 [ 44 ]
  616. Mon Feb 22 18:35:00 2016 us=284914 tovis-lak/37.76.82.165:40435 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
  617. Mon Feb 22 18:35:06 2016 us=378815 tovis-lak/37.76.82.165:40435 UDPv4 READ [117] from 37.76.82.165:40435: P_DATA_V1 kid=0 DATA len=116
  618. Mon Feb 22 18:35:06 2016 us=379938 tovis-lak/37.76.82.165:40435 UDPv4 WRITE [117] to 37.76.82.165:40435: P_DATA_V1 kid=0 DATA len=116
  619. Mon Feb 22 18:35:16 2016 us=477798 tovis-lak/37.76.82.165:40435 UDPv4 WRITE [53] to 37.76.82.165:40435: P_DATA_V1 kid=0 DATA len=52
  620. Mon Feb 22 18:35:17 2016 us=252504 tovis-lak/37.76.82.165:40435 UDPv4 READ [53] from 37.76.82.165:40435: P_DATA_V1 kid=0 DATA len=52
  621. Mon Feb 22 18:35:26 2016 us=316629 tovis-lak/37.76.82.165:40435 UDPv4 WRITE [53] to 37.76.82.165:40435: P_DATA_V1 kid=0 DATA len=52
  622. Mon Feb 22 18:35:27 2016 us=412118 tovis-lak/37.76.82.165:40435 NOTE: --mute triggered...
  623. Mon Feb 22 19:34:59 2016 us=468325 tovis-lak/37.76.82.165:40435 755 variation(s) on previous 5 message(s) suppressed by --mute
  624. Mon Feb 22 19:34:59 2016 us=468563 tovis-lak/37.76.82.165:40435 TLS: tls_process: killed expiring key
  625. Mon Feb 22 19:35:00 2016 us=510936 tovis-lak/37.76.82.165:40435 TLS: soft reset sec=0 bytes=45929/0 pkts=748/0
  626. Mon Feb 22 19:35:00 2016 us=511642 tovis-lak/37.76.82.165:40435 UDPv4 WRITE [14] to 37.76.82.165:40435: P_CONTROL_SOFT_RESET_V1 kid=2 [ ] pid=0 DATA len=0
  627. Mon Feb 22 19:35:00 2016 us=633187 tovis-lak/37.76.82.165:40435 UDPv4 READ [14] from 37.76.82.165:40435: P_CONTROL_SOFT_RESET_V1 kid=2 [ ] pid=0 DATA len=0
  628. Mon Feb 22 19:35:00 2016 us=633785 tovis-lak/37.76.82.165:40435 UDPv4 WRITE [22] to 37.76.82.165:40435: P_ACK_V1 kid=2 [ 0 ]
  629. Mon Feb 22 19:35:00 2016 us=662842 tovis-lak/37.76.82.165:40435 UDPv4 READ [22] from 37.76.82.165:40435: P_ACK_V1 kid=2 [ 0 ]
  630. Mon Feb 22 19:35:00 2016 us=671090 tovis-lak/37.76.82.165:40435 UDPv4 READ [114] from 37.76.82.165:40435: P_CONTROL_V1 kid=2 [ ] pid=1 DATA len=100
  631. Mon Feb 22 19:35:00 2016 us=671635 tovis-lak/37.76.82.165:40435 NOTE: --mute triggered...
  632. Mon Feb 22 19:35:01 2016 us=459023 tovis-lak/37.76.82.165:40435 98 variation(s) on previous 5 message(s) suppressed by --mute
  633. Mon Feb 22 19:35:01 2016 us=459235 tovis-lak/37.76.82.165:40435 VERIFY OK: depth=1, /C=HU/ST=BP/L=Budapest/O=tovis-lab/OU=changeme/CN=tovis-lab.some_dns.org/name=tovis/emailAddress=tovises@freemail.hu
  634. Mon Feb 22 19:35:01 2016 us=463496 tovis-lak/37.76.82.165:40435 VERIFY OK: depth=0, /C=HU/ST=Budapest/L=Budapest/O=tovis-lak/OU=houskeeping/CN=tovis-lak/name=tovis/emailAddress=tovises@freemail.hu
  635. Mon Feb 22 19:35:01 2016 us=464077 tovis-lak/37.76.82.165:40435 UDPv4 WRITE [22] to 37.76.82.165:40435: P_ACK_V1 kid=2 [ 23 ]
  636. Mon Feb 22 19:35:01 2016 us=464760 tovis-lak/37.76.82.165:40435 UDPv4 READ [114] from 37.76.82.165:40435: P_CONTROL_V1 kid=2 [ ] pid=24 DATA len=100
  637. Mon Feb 22 19:35:01 2016 us=465331 tovis-lak/37.76.82.165:40435 UDPv4 WRITE [22] to 37.76.82.165:40435: P_ACK_V1 kid=2 [ 24 ]
  638. Mon Feb 22 19:35:01 2016 us=466005 tovis-lak/37.76.82.165:40435 UDPv4 READ [114] from 37.76.82.165:40435: P_CONTROL_V1 kid=2 [ ] pid=25 DATA len=100
  639. Mon Feb 22 19:35:01 2016 us=572311 tovis-lak/37.76.82.165:40435 UDPv4 WRITE [22] to 37.76.82.165:40435: P_ACK_V1 kid=2 [ 25 ]
  640. Mon Feb 22 19:35:01 2016 us=572964 tovis-lak/37.76.82.165:40435 NOTE: --mute triggered...
  641. Mon Feb 22 19:35:01 2016 us=715889 tovis-lak/37.76.82.165:40435 35 variation(s) on previous 5 message(s) suppressed by --mute
  642. Mon Feb 22 19:35:01 2016 us=716135 tovis-lak/37.76.82.165:40435 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
  643. Mon Feb 22 19:35:01 2016 us=716485 tovis-lak/37.76.82.165:40435 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
  644. Mon Feb 22 19:35:01 2016 us=717300 tovis-lak/37.76.82.165:40435 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
  645. Mon Feb 22 19:35:01 2016 us=717490 tovis-lak/37.76.82.165:40435 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
  646. Mon Feb 22 19:35:01 2016 us=718844 tovis-lak/37.76.82.165:40435 UDPv4 WRITE [126] to 37.76.82.165:40435: P_CONTROL_V1 kid=2 [ 30 ] pid=43 DATA len=100
  647. Mon Feb 22 19:35:01 2016 us=719450 tovis-lak/37.76.82.165:40435 UDPv4 WRITE [68] to 37.76.82.165:40435: P_CONTROL_V1 kid=2 [ ] pid=44 DATA len=54
  648. Mon Feb 22 19:35:01 2016 us=744985 tovis-lak/37.76.82.165:40435 UDPv4 READ [22] from 37.76.82.165:40435: P_ACK_V1 kid=2 [ 43 ]
  649. Mon Feb 22 19:35:01 2016 us=749970 tovis-lak/37.76.82.165:40435 UDPv4 READ [22] from 37.76.82.165:40435: P_ACK_V1 kid=2 [ 44 ]
  650. Mon Feb 22 19:35:01 2016 us=750287 tovis-lak/37.76.82.165:40435 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
  651. Mon Feb 22 19:35:11 2016 us=926805 tovis-lak/37.76.82.165:40435 UDPv4 WRITE [53] to 37.76.82.165:40435: P_DATA_V1 kid=1 DATA len=52
  652. Mon Feb 22 19:35:11 2016 us=933217 tovis-lak/37.76.82.165:40435 UDPv4 READ [53] from 37.76.82.165:40435: P_DATA_V1 kid=1 DATA len=52
  653. Mon Feb 22 19:35:15 2016 us=339673 tovis-lak/37.76.82.165:40435 UDPv4 READ [117] from 37.76.82.165:40435: P_DATA_V1 kid=1 DATA len=116
  654. Mon Feb 22 19:35:15 2016 us=340896 tovis-lak/37.76.82.165:40435 UDPv4 WRITE [117] to 37.76.82.165:40435: P_DATA_V1 kid=1 DATA len=116
  655. Mon Feb 22 19:35:25 2016 us=532358 tovis-lak/37.76.82.165:40435 UDPv4 READ [53] from 37.76.82.165:40435: P_DATA_V1 kid=1 DATA len=52
  656. Mon Feb 22 19:35:25 2016 us=532908 tovis-lak/37.76.82.165:40435 NOTE: --mute triggered...
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!