API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jun 17th, 2019
1,265
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 17.01 KB | None | 0 0
raw download clone embed print report
  1. WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1552', remote='link-mtu 1544'
  2. WARNING: 'cipher' is used inconsistently, local='cipher AES-256-GCM', remote='cipher BF-CBC'
  3. WARNING: 'auth' is used inconsistently, local='auth [null-digest]', remote='auth SHA1'
  4. WARNING: 'keysize' is used inconsistently, local='keysize 256', remote='keysize 128'
  5.  
  6. [openvpn]
  7. accept = 44444
  8. connect = 127.0.0.1:1194
  9. ciphers = DHE-RSA-AES256-SHA256
  10.  
  11. [sslssh]
  12. accept = 55555
  13. connect = 127.0.0.1:22
  14.  
  15. client = yes
  16. accept = 127.0.0.1:11194
  17. connect = <my_ip>:44444
  18. ;cert = /usr/local/etc/stunnel/cert.pem
  19. ;connect = 192.168.255.25:44444
  20. ciphers = DHE-RSA-AES256-SHA256
  21.  
  22. [sslssh]
  23. client = yes
  24. accept = 127.0.0.1:2222
  25. connect = <my_IP>:55555
  26.  
  27. remote localhost 11194
  28. proto tcp
  29. remote-cert-tls server
  30.  
  31.  
  32. client
  33. dev tun
  34. resolv-retry infinite
  35. keepalive 10 120
  36. nobind
  37. comp-lzo
  38. verb 3
  39.  
  40. port 1194
  41. proto tcp
  42. dev tun
  43.  
  44. comp-lzo
  45. keepalive 10 120
  46.  
  47. persist-key
  48. persist-tun
  49. user nobody
  50. group nogroup
  51.  
  52. chroot /etc/openvpn/easy-rsa/keys/crl.jail
  53. crl-verify crl.pem
  54.  
  55. ca /etc/openvpn/easy-rsa/keys/ca.crt
  56. dh /etc/openvpn/easy-rsa/keys/dh2048.pem
  57. tls-auth /etc/openvpn/easy-rsa/keys/ta.key 0
  58. key /etc/openvpn/easy-rsa/keys/server.key
  59. cert /etc/openvpn/easy-rsa/keys/server.crt
  60.  
  61. ifconfig-pool-persist /var/lib/openvpn/server.ipp
  62. client-config-dir /etc/openvpn/server.ccd
  63. status /var/log/openvpn/server.log
  64. verb 4
  65.  
  66. 2019-05-27 14:10:53 *Tunnelblick: openvpnstart starting OpenVPN
  67. *Tunnelblick: OS X 10.14.6; Tunnelblick 3.7.5a (build 5011); prior version 3.4.0 (build 4007)
  68. 2019-05-27 14:10:53 *Tunnelblick: Attempting connection with mikewarde_tcp_stunnel using shadow copy; Set nameserver = 769; monitoring connection
  69. 2019-05-27 14:10:53 *Tunnelblick: openvpnstart start mikewarde_tcp_stunnel.tblk 1337 769 0 1 0 1065264 -ptADGNWradsgnw 2.4.4-openssl-1.0.2o
  70. 2019-05-27 14:10:54 *Tunnelblick: openvpnstart log:
  71. OpenVPN started successfully. Command used to start OpenVPN (one argument per displayed line):
  72.  
  73. /Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.4.4-openssl-1.0.2o/openvpn
  74. --daemon
  75. --log
  76. /Library/Application Support/Tunnelblick/Logs/-SUsers-Smikewarde-SLibrary-SApplication Support-STunnelblick-SConfigurations-Smikewarde_tcp_stunnel.tblk-SContents-SResources-Sconfig.ovpn.769_0_1_0_1065264.1337.openvpn.log
  77. --cd
  78. /Library/Application Support/Tunnelblick/Users/mikewarde/mikewarde_tcp_stunnel.tblk/Contents/Resources
  79. --setenv
  80. IV_GUI_VER
  81. "net.tunnelblick.tunnelblick 5011 3.7.5a (build 5011)"
  82. --verb
  83. 3
  84. --config
  85. /Library/Application Support/Tunnelblick/Users/mikewarde/mikewarde_tcp_stunnel.tblk/Contents/Resources/config.ovpn
  86. --verb
  87. 3
  88. --cd
  89. /Library/Application Support/Tunnelblick/Users/mikewarde/mikewarde_tcp_stunnel.tblk/Contents/Resources
  90. --management
  91. 127.0.0.1
  92. 1337
  93. /Library/Application Support/Tunnelblick/fognhooiggkindigaihckcifckpilcfpnmgdikmh.mip
  94. --management-query-passwords
  95. --management-hold
  96. --script-security
  97. 2
  98. --up
  99. /Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -9 -d -f -m -w -ptADGNWradsgnw
  100. --down
  101. /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -9 -d -f -m -w -ptADGNWradsgnw
  102.  
  103. 2019-05-27 14:10:54 *Tunnelblick: Established communication with OpenVPN
  104. 2019-05-27 14:10:54 OpenVPN 2.4.4 x86_64-apple-darwin [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [MH/RECVDA] [AEAD] built on Mar 27 2018
  105. 2019-05-27 14:10:54 library versions: OpenSSL 1.0.2o 27 Mar 2018, LZO 2.10
  106. 2019-05-27 14:10:54 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:1337
  107. 2019-05-27 14:10:54 Need hold release from management interface, waiting...
  108. 2019-05-27 14:10:54 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:1337
  109. 2019-05-27 14:10:54 MANAGEMENT: CMD 'pid'
  110. 2019-05-27 14:10:54 MANAGEMENT: CMD 'state on'
  111. 2019-05-27 14:10:54 MANAGEMENT: CMD 'state'
  112. 2019-05-27 14:10:54 MANAGEMENT: CMD 'bytecount 1'
  113. 2019-05-27 14:10:54 MANAGEMENT: CMD 'hold release'
  114. 2019-05-27 14:10:54 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
  115. 2019-05-27 14:10:54 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
  116. 2019-05-27 14:10:54 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
  117. 2019-05-27 14:10:54 MANAGEMENT: >STATE:1558962654,RESOLVE,,,,,,
  118. 2019-05-27 14:10:54 TCP/UDP: Preserving recently used remote address: [AF_INET]127.0.0.1:11194
  119. 2019-05-27 14:10:54 Socket Buffers: R=[131072->131072] S=[131072->131072]
  120. 2019-05-27 14:10:54 Attempting to establish TCP connection with [AF_INET]127.0.0.1:11194 [nonblock]
  121. 2019-05-27 14:10:54 MANAGEMENT: >STATE:1558962654,TCP_CONNECT,,,,,,
  122. 2019-05-27 14:10:55 TCP connection established with [AF_INET]127.0.0.1:11194
  123. 2019-05-27 14:10:55 TCP_CLIENT link local: (not bound)
  124. 2019-05-27 14:10:55 TCP_CLIENT link remote: [AF_INET]127.0.0.1:11194
  125. 2019-05-27 14:10:55 MANAGEMENT: >STATE:1558962655,WAIT,,,,,,
  126. 2019-05-27 14:10:55 MANAGEMENT: >STATE:1558962655,AUTH,,,,,,
  127. 2019-05-27 14:10:55 TLS: Initial packet from [AF_INET]127.0.0.1:11194, sid=c58c277c 5918dc12
  128. 2019-05-27 14:10:55 VERIFY OK: depth=1, C=US, ST=CA, L=San Francisco, O=TurnKey Linux, OU=OpenVPN, CN=server, name=openvpn, emailAddress=vpn@radged.com
  129. 2019-05-27 14:10:55 VERIFY KU OK
  130. 2019-05-27 14:10:55 Validating certificate extended key usage
  131. 2019-05-27 14:10:55 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
  132. 2019-05-27 14:10:55 VERIFY EKU OK
  133. 2019-05-27 14:10:55 VERIFY OK: depth=0, C=US, ST=CA, L=San Francisco, O=TurnKey Linux, OU=OpenVPN, CN=server, name=openvpn, emailAddress=vpn@radged.com
  134. 2019-05-27 14:10:55 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
  135. 2019-05-27 14:10:55 [server] Peer Connection Initiated with [AF_INET]127.0.0.1:11194
  136. 2019-05-27 14:10:57 MANAGEMENT: >STATE:1558962657,GET_CONFIG,,,,,,
  137. 2019-05-27 14:10:57 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
  138. 2019-05-27 14:10:57 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 208.67.222.222,dhcp-option DNS 208.67.220.220,route 10.222.29.1,topology net30,ping 10,ping-restart 120,ifconfig 10.222.29.6 10.222.29.5,peer-id 0,cipher AES-256-GCM'
  139. 2019-05-27 14:10:57 OPTIONS IMPORT: timers and/or timeouts modified
  140. 2019-05-27 14:10:57 OPTIONS IMPORT: --ifconfig/up options modified
  141. 2019-05-27 14:10:57 OPTIONS IMPORT: route options modified
  142. 2019-05-27 14:10:57 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
  143. 2019-05-27 14:10:57 OPTIONS IMPORT: peer-id set
  144. 2019-05-27 14:10:57 OPTIONS IMPORT: adjusting link_mtu to 1627
  145. 2019-05-27 14:10:57 OPTIONS IMPORT: data channel crypto options modified
  146. 2019-05-27 14:10:57 Data Channel: using negotiated cipher 'AES-256-GCM'
  147. 2019-05-27 14:10:57 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
  148. 2019-05-27 14:10:57 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
  149. 2019-05-27 14:10:57 Opening utun (connect(AF_SYS_CONTROL)): Resource busy (errno=16)
  150. 2019-05-27 14:10:57 Opening utun (connect(AF_SYS_CONTROL)): Resource busy (errno=16)
  151. 2019-05-27 14:10:57 Opened utun device utun2
  152. 2019-05-27 14:10:57 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
  153. 2019-05-27 14:10:57 MANAGEMENT: >STATE:1558962657,ASSIGN_IP,,10.222.29.6,,,,
  154. 2019-05-27 14:10:57 /sbin/ifconfig utun2 delete
  155. ifconfig: ioctl (SIOCDIFADDR): Can't assign requested address
  156. 2019-05-27 14:10:57 NOTE: Tried to delete pre-existing tun/tap instance -- No Problem if failure
  157. 2019-05-27 14:10:57 /sbin/ifconfig utun2 10.222.29.6 10.222.29.5 mtu 1500 netmask 255.255.255.255 up
  158. 2019-05-27 14:10:57 /Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -9 -d -f -m -w -ptADGNWradsgnw utun2 1500 1555 10.222.29.6 10.222.29.5 init
  159. **********************************************
  160. Start of output from client.up.tunnelblick.sh
  161. Disabled IPv6 for 'iPhone USB'
  162. Disabled IPv6 for 'Wi-Fi'
  163. Disabled IPv6 for 'Bluetooth PAN'
  164. Disabled IPv6 for 'Thunderbolt Bridge'
  165. Retrieved from OpenVPN: name server(s) [ 208.67.222.222 208.67.220.220 ], search domain(s) [ ] and SMB server(s) [ ] and using default domain name [ openvpn ]
  166. WARNING: Ignoring ServerAddresses '208.67.222.222 208.67.220.220' because ServerAddresses was set manually and '-allowChangesToManuallySetNetworkSettings' was not specified
  167. Setting search domains to 'openvpn' because running under OS X 10.6 or higher and the search domains were not set manually (or are allowed to be changed) and 'Prepend domain name to search domains' was not selected
  168. Saved the DNS and SMB configurations so they can be restored
  169. Did not change DNS ServerAddresses setting of '1.1.1.1 1.0.0.1' (but re-set it)
  170. Changed DNS SearchDomains setting from '' to 'openvpn'
  171. Changed DNS DomainName setting from '' to 'openvpn'
  172. Did not change SMB NetBIOSName setting of ''
  173. Did not change SMB Workgroup setting of ''
  174. Did not change SMB WINSAddresses setting of ''
  175. DNS servers '1.1.1.1 1.0.0.1' were set manually
  176. DNS servers '1.1.1.1 1.0.0.1' will be used for DNS queries when the VPN is active
  177. NOTE: The DNS servers do not include any free public DNS servers known to Tunnelblick. This may cause DNS queries to fail or be intercepted or falsified even if they are directed through the VPN. Specify only known public DNS servers or DNS servers located on the VPN network to avoid such problems.
  178. Flushed the DNS cache via dscacheutil
  179. /usr/sbin/discoveryutil not present. Not flushing the DNS cache via discoveryutil
  180. Notified mDNSResponder that the DNS cache was flushed
  181. Setting up to monitor system configuration with process-network-changes
  182. End of output from client.up.tunnelblick.sh
  183. **********************************************
  184. 2019-05-27 14:11:00 *Tunnelblick: No 'connected.sh' script to execute
  185. 2019-05-27 14:11:00 /sbin/route add -net 127.0.0.1 192.168.255.1 255.255.255.255
  186. add net 127.0.0.1: gateway 192.168.255.1
  187. 2019-05-27 14:11:00 /sbin/route add -net 0.0.0.0 10.222.29.5 128.0.0.0
  188. add net 0.0.0.0: gateway 10.222.29.5
  189. 2019-05-27 14:11:00 /sbin/route add -net 128.0.0.0 10.222.29.5 128.0.0.0
  190. add net 128.0.0.0: gateway 10.222.29.5
  191. 2019-05-27 14:11:00 MANAGEMENT: >STATE:1558962660,ADD_ROUTES,,,,,,
  192. 2019-05-27 14:11:00 /sbin/route add -net 10.222.29.1 10.222.29.5 255.255.255.255
  193. add net 10.222.29.1: gateway 10.222.29.5
  194. 2019-05-27 14:11:00 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
  195. 2019-05-27 14:11:00 Initialization Sequence Completed
  196. 2019-05-27 14:11:00 MANAGEMENT: >STATE:1558962660,CONNECTED,SUCCESS,10.222.29.6,127.0.0.1,11194,127.0.0.1,55166
  197. 2019-05-27 14:11:24 Connection reset, restarting [-1]
  198. 2019-05-27 14:11:24 /sbin/route delete -net 10.222.29.1 10.222.29.5 255.255.255.255
  199. delete net 10.222.29.1: gateway 10.222.29.5
  200. 2019-05-27 14:11:24 /sbin/route delete -net 127.0.0.1 192.168.255.1 255.255.255.255
  201. delete net 127.0.0.1: gateway 192.168.255.1
  202. 2019-05-27 14:11:24 /sbin/route delete -net 0.0.0.0 10.222.29.5 128.0.0.0
  203. delete net 0.0.0.0: gateway 10.222.29.5
  204. 2019-05-27 14:11:24 /sbin/route delete -net 128.0.0.0 10.222.29.5 128.0.0.0
  205. delete net 128.0.0.0: gateway 10.222.29.5
  206. 2019-05-27 14:11:24 Closing TUN/TAP interface
  207. 2019-05-27 14:11:24 /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -9 -d -f -m -w -ptADGNWradsgnw utun2 1500 1555 10.222.29.6 10.222.29.5 init
  208. **********************************************
  209. Start of output from client.down.tunnelblick.sh
  210. Cancelled monitoring of system configuration changes
  211. Restored the DNS and SMB configurations
  212. Re-enabled IPv6 (automatic) for 'iPhone USB'
  213. Re-enabled IPv6 (automatic) for 'Wi-Fi'
  214. Re-enabled IPv6 (automatic) for 'Bluetooth PAN'
  215. Re-enabled IPv6 (automatic) for 'Thunderbolt Bridge'
  216. Flushed the DNS cache via dscacheutil
  217. /usr/sbin/discoveryutil not present. Not flushing the DNS cache via discoveryutil
  218. Notified mDNSResponder that the DNS cache was flushed
  219. End of output from client.down.tunnelblick.sh
  220. **********************************************
  221. 2019-05-27 14:11:25 SIGUSR1[soft,connection-reset] received, process restarting
  222. 2019-05-27 14:11:25 MANAGEMENT: >STATE:1558962685,RECONNECTING,connection-reset,,,,,
  223. 2019-05-27 14:11:25 *Tunnelblick: No 'reconnecting.sh' script to execute
  224. 2019-05-27 14:11:25 MANAGEMENT: CMD 'hold release'
  225. 2019-05-27 14:11:25 MANAGEMENT: CMD 'hold release'
  226. 2019-05-27 14:11:25 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
  227. 2019-05-27 14:11:25 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
  228. 2019-05-27 14:11:25 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
  229. 2019-05-27 14:11:25 TCP/UDP: Preserving recently used remote address: [AF_INET]127.0.0.1:11194
  230. 2019-05-27 14:11:25 Socket Buffers: R=[131072->131072] S=[131072->131072]
  231. 2019-05-27 14:11:25 Attempting to establish TCP connection with [AF_INET]127.0.0.1:11194 [nonblock]
  232. 2019-05-27 14:11:25 MANAGEMENT: >STATE:1558962685,TCP_CONNECT,,,,,,
  233. 2019-05-27 14:11:26 TCP connection established with [AF_INET]127.0.0.1:11194
  234. 2019-05-27 14:11:26 TCP_CLIENT link local: (not bound)
  235. 2019-05-27 14:11:26 TCP_CLIENT link remote: [AF_INET]127.0.0.1:11194
  236. 2019-05-27 14:11:26 MANAGEMENT: >STATE:1558962686,WAIT,,,,,,
  237. 2019-05-27 14:11:26 MANAGEMENT: >STATE:1558962686,AUTH,,,,,,
  238. 2019-05-27 14:11:26 TLS: Initial packet from [AF_INET]127.0.0.1:11194, sid=072914d3 4912c8a0
  239. 2019-05-27 14:11:26 VERIFY OK: depth=1, C=US, ST=CA, L=San Francisco, O=TurnKey Linux, OU=OpenVPN, CN=server, name=openvpn, emailAddress=vpn@radged.com
  240. 2019-05-27 14:11:26 VERIFY KU OK
  241. 2019-05-27 14:11:26 Validating certificate extended key usage
  242. 2019-05-27 14:11:26 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
  243. 2019-05-27 14:11:26 VERIFY EKU OK
  244. 2019-05-27 14:11:26 VERIFY OK: depth=0, C=US, ST=CA, L=San Francisco, O=TurnKey Linux, OU=OpenVPN, CN=server, name=openvpn, emailAddress=vpn@radged.com
  245. 2019-05-27 14:11:26 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1552', remote='link-mtu 1544'
  246. 2019-05-27 14:11:26 WARNING: 'cipher' is used inconsistently, local='cipher AES-256-GCM', remote='cipher BF-CBC'
  247. 2019-05-27 14:11:26 WARNING: 'auth' is used inconsistently, local='auth [null-digest]', remote='auth SHA1'
  248. 2019-05-27 14:11:26 WARNING: 'keysize' is used inconsistently, local='keysize 256', remote='keysize 128'
  249. 2019-05-27 14:11:26 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
  250. 2019-05-27 14:11:26 [server] Peer Connection Initiated with [AF_INET]127.0.0.1:11194
  251. 2019-05-27 14:11:26 *Tunnelblick: Disconnecting; notification window disconnect button pressed
  252. 2019-05-27 14:11:27 *Tunnelblick: No 'pre-disconnect.sh' script to execute
  253. 2019-05-27 14:11:27 *Tunnelblick: Disconnecting using 'kill'
  254. 2019-05-27 14:11:27 event_wait : Interrupted system call (code=4)
  255. 2019-05-27 14:11:27 SIGTERM[hard,] received, process exiting
  256. 2019-05-27 14:11:27 MANAGEMENT: >STATE:1558962687,EXITING,SIGTERM,,,,,
  257. 2019-05-27 14:11:27 *Tunnelblick: No 'post-disconnect.sh' script to execute
  258. 2019-05-27 14:11:27 *Tunnelblick: Expected disconnection occurred.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!