API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Sep 17th, 2016
88
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 23.62 KB | None | 0 0
raw download clone embed print report
  1. Destination Gateway Genmask Flags Metric Ref Use lface
  2.  
  3. # Which local IP address should OpenVPN
  4. # listen on? (optional)
  5. ;local a.b.c.d
  6.  
  7. # Which TCP/UDP port should OpenVPN listen on?
  8. # If you want to run multiple OpenVPN instances
  9. # on the same machine, use a different port
  10. # number for each one. You will need to
  11. # open up this port on your firewall.
  12. port 1194
  13.  
  14. # TCP or UDP server?
  15. ;proto tcp
  16. proto udp
  17.  
  18. # "dev tun" will create a routed IP tunnel,
  19. # "dev tap" will create an ethernet tunnel.
  20. # Use "dev tap0" if you are ethernet bridging
  21. # and have precreated a tap0 virtual interface
  22. # and bridged it with your ethernet interface.
  23. # If you want to control access policies
  24. # over the VPN, you must create firewall
  25. # rules for the the TUN/TAP interface.
  26. # On non-Windows systems, you can give
  27. # an explicit unit number, such as tun0.
  28. # On Windows, use "dev-node" for this.
  29. # On most systems, the VPN will not function
  30. # unless you partially or fully disable
  31. # the firewall for the TUN/TAP interface.
  32. ;dev tap
  33. dev tun
  34.  
  35. # Windows needs the TAP-Win32 adapter name
  36. # from the Network Connections panel if you
  37. # have more than one. On XP SP2 or higher,
  38. # you may need to selectively disable the
  39. # Windows firewall for the TAP adapter.
  40. # Non-Windows systems usually don't need this.
  41. ;dev-node MyTap
  42.  
  43. # SSL/TLS root certificate (ca), certificate
  44. # (cert), and private key (key). Each client
  45. # and the server must have their own cert and
  46. # key file. The server and all clients will
  47. # use the same ca file.
  48. #
  49. # See the "easy-rsa" directory for a series
  50. # of scripts for generating RSA certificates
  51. # and private keys. Remember to use
  52. # a unique Common Name for the server
  53. # and each of the client certificates.
  54. #
  55. # Any X509 key management system can be used.
  56. # OpenVPN can also use a PKCS #12 formatted key file
  57. # (see "pkcs12" directive in man page).
  58. ca ca.crt
  59. cert server.crt
  60. key server.key # This file should be kept secret
  61.  
  62. # Diffie hellman parameters.
  63. # Generate your own with:
  64. # openssl dhparam -out dh1024.pem 1024
  65. # Substitute 2048 for 1024 if you are using
  66. # 2048 bit keys.
  67. dh dh2048.pem
  68.  
  69. # Configure server mode and supply a VPN subnet
  70. # for OpenVPN to draw client addresses from.
  71. # The server will take 10.8.0.1 for itself,
  72. # the rest will be made available to clients.
  73. # Each client will be able to reach the server
  74. # on 10.8.0.1. Comment this line out if you are
  75. # ethernet bridging. See the man page for more info.
  76. server 10.8.0.0 255.255.255.0
  77.  
  78. # Maintain a record of client <-> virtual IP address
  79. # associations in this file. If OpenVPN goes down or
  80. # is restarted, reconnecting clients can be assigned
  81. # the same virtual IP address from the pool that was
  82. # previously assigned.
  83. ifconfig-pool-persist ipp.txt
  84.  
  85. # Configure server mode for ethernet bridging.
  86. # You must first use your OS's bridging capability
  87. # to bridge the TAP interface with the ethernet
  88. # NIC interface. Then you must manually set the
  89. # IP/netmask on the bridge interface, here we
  90. # assume 10.8.0.4/255.255.255.0. Finally we
  91. # must set aside an IP range in this subnet
  92. # (start=10.8.0.50 end=10.8.0.100) to allocate
  93. # to connecting clients. Leave this line commented
  94. # out unless you are ethernet bridging.
  95. ;server-bridge 10.8.0.4 255.255.255.0 10.8.0.50 10.8.0.100
  96.  
  97. # Configure server mode for ethernet bridging
  98. # using a DHCP-proxy, where clients talk
  99. # to the OpenVPN server-side DHCP server
  100. # to receive their IP address allocation
  101. # and DNS server addresses. You must first use
  102. # your OS's bridging capability to bridge the TAP
  103. # interface with the ethernet NIC interface.
  104. # Note: this mode only works on clients (such as
  105. # Windows), where the client-side TAP adapter is
  106. # bound to a DHCP client.
  107. ;server-bridge
  108.  
  109. # Push routes to the client to allow it
  110. # to reach other private subnets behind
  111. # the server. Remember that these
  112. # private subnets will also need
  113. # to know to route the OpenVPN client
  114. # address pool (10.8.0.0/255.255.255.0)
  115. # back to the OpenVPN server.
  116. ;push "route 192.168.10.0 255.255.255.0"
  117. ;push "route 192.168.20.0 255.255.255.0"
  118.  
  119. # To assign specific IP addresses to specific
  120. # clients or if a connecting client has a private
  121. # subnet behind it that should also have VPN access,
  122. # use the subdirectory "ccd" for client-specific
  123. # configuration files (see man page for more info).
  124.  
  125. # EXAMPLE: Suppose the client
  126. # having the certificate common name "Thelonious"
  127. # also has a small subnet behind his connecting
  128. # machine, such as 192.168.40.128/255.255.255.248.
  129. # First, uncomment out these lines:
  130. ;client-config-dir ccd
  131. ;route 192.168.40.128 255.255.255.248
  132. # Then create a file ccd/Thelonious with this line:
  133. # iroute 192.168.40.128 255.255.255.248
  134. # This will allow Thelonious' private subnet to
  135. # access the VPN. This example will only work
  136. # if you are routing, not bridging, i.e. you are
  137. # using "dev tun" and "server" directives.
  138.  
  139. # EXAMPLE: Suppose you want to give
  140. # Thelonious a fixed VPN IP address of 10.9.0.1.
  141. # First uncomment out these lines:
  142. ;client-config-dir ccd
  143. ;route 10.9.0.0 255.255.255.252
  144. # Then add this line to ccd/Thelonious:
  145. # ifconfig-push 10.9.0.1 10.9.0.2
  146.  
  147. # Suppose that you want to enable different
  148. # firewall access policies for different groups
  149. # of clients. There are two methods:
  150. # (1) Run multiple OpenVPN daemons, one for each
  151. # group, and firewall the TUN/TAP interface
  152. # for each group/daemon appropriately.
  153. # (2) (Advanced) Create a script to dynamically
  154. # modify the firewall in response to access
  155. # from different clients. See man
  156. # page for more info on learn-address script.
  157. ;learn-address ./script
  158.  
  159. # If enabled, this directive will configure
  160. # all clients to redirect their default
  161. # network gateway through the VPN, causing
  162. # all IP traffic such as web browsing and
  163. # and DNS lookups to go through the VPN
  164. # (The OpenVPN server machine may need to NAT
  165. # or bridge the TUN/TAP interface to the internet
  166. # in order for this to work properly).
  167. push "redirect-gateway def1 bypass-dhcp"
  168.  
  169. # Certain Windows-specific network settings
  170. # can be pushed to clients, such as DNS
  171. # or WINS server addresses. CAVEAT:
  172. # http://openvpn.net/faq.html#dhcpcaveats
  173. # The addresses below refer to the public
  174. # DNS servers provided by opendns.com.
  175. push "dhcp-option DNS 208.67.222.222"
  176. push "dhcp-option DNS 208.67.220.220"
  177.  
  178. # Uncomment this directive to allow different
  179. # clients to be able to "see" each other.
  180. # By default, clients will only see the server.
  181. # To force clients to only see the server, you
  182. # will also need to appropriately firewall the
  183. # server's TUN/TAP interface.
  184. ;client-to-client
  185.  
  186. # Uncomment this directive if multiple clients
  187. # might connect with the same certificate/key
  188. # files or common names. This is recommended
  189. # only for testing purposes. For production use,
  190. # each client should have its own certificate/key
  191. # pair.
  192. #
  193. # IF YOU HAVE NOT GENERATED INDIVIDUAL
  194. # CERTIFICATE/KEY PAIRS FOR EACH CLIENT,
  195. # EACH HAVING ITS OWN UNIQUE "COMMON NAME",
  196. # UNCOMMENT THIS LINE OUT.
  197. ;duplicate-cn
  198.  
  199. # The keepalive directive causes ping-like
  200. # messages to be sent back and forth over
  201. # the link so that each side knows when
  202. # the other side has gone down.
  203. # Ping every 10 seconds, assume that remote
  204. # peer is down if no ping received during
  205. # a 120 second time period.
  206. keepalive 10 120
  207.  
  208. # For extra security beyond that provided
  209. # by SSL/TLS, create an "HMAC firewall"
  210. # to help block DoS attacks and UDP port flooding.
  211. #
  212. # Generate with:
  213. # openvpn --genkey --secret ta.key
  214. #
  215. # The server and each client must have
  216. # a copy of this key.
  217. # The second parameter should be '0'
  218. # on the server and '1' on the clients.
  219. ;tls-auth ta.key 0 # This file is secret
  220.  
  221. # Select a cryptographic cipher.
  222. # This config item must be copied to
  223. # the client config file as well.
  224. ;cipher BF-CBC # Blowfish (default)
  225. cipher AES-256-CBC # AES
  226. ;cipher DES-EDE3-CBC # Triple-DES
  227.  
  228. # Enable compression on the VPN link.
  229. # If you enable it here, you must also
  230. # enable it in the client config file.
  231. comp-lzo
  232.  
  233. # The maximum number of concurrently connected
  234. # clients we want to allow.
  235. ;max-clients 100
  236.  
  237. # It's a good idea to reduce the OpenVPN
  238. # daemon's privileges after initialization.
  239. #
  240. # You can uncomment this out on
  241. # non-Windows systems.
  242. user nobody
  243. group nogroup
  244.  
  245. # The persist options will try to avoid
  246. # accessing certain resources on restart
  247. # that may no longer be accessible because
  248. # of the privilege downgrade.
  249. persist-key
  250. persist-tun
  251.  
  252. # Output a short status file showing
  253. # current connections, truncated
  254. # and rewritten every minute.
  255. status openvpn-status.log
  256.  
  257. # By default, log messages will go to the syslog (or
  258. # on Windows, if running as a service, they will go to
  259. # the "Program FilesOpenVPNlog" directory).
  260. # Use log or log-append to override this default.
  261. # "log" will truncate the log file on OpenVPN startup,
  262. # while "log-append" will append to it. Use one
  263. # or the other (but not both).
  264. ;log openvpn.log
  265. ;log-append openvpn.log
  266.  
  267. # Set the appropriate level of log
  268. # file verbosity.
  269. #
  270. # 0 is silent, except for fatal errors
  271. # 4 is reasonable for general usage
  272. # 5 and 6 can help to debug connection problems
  273. # 9 is extremely verbose
  274. verb 3
  275.  
  276. # Silence repeating messages. At most 20
  277. # sequential messages of the same message
  278. # category will be output to the log.
  279. ;mute 20
  280.  
  281. # Specify that we are a client and that we
  282. # will be pulling certain config file directives
  283. # from the server.
  284. client
  285.  
  286. # Use the same setting as you are using on
  287. # the server.
  288. # On most systems, the VPN will not function
  289. # unless you partially or fully disable
  290. # the firewall for the TUN/TAP interface.
  291. ;dev tap
  292. dev tun
  293.  
  294. # Windows needs the TAP-Win32 adapter name
  295. # from the Network Connections panel
  296. # if you have more than one. On XP SP2,
  297. # you may need to disable the firewall
  298. # for the TAP adapter.
  299. ;dev-node MyTap
  300.  
  301. # Are we connecting to a TCP or
  302. # UDP server? Use the same setting as
  303. # on the server.
  304. ;proto tcp
  305. proto udp
  306.  
  307. # The hostname/IP and port of the server.
  308. # You can have multiple remote entries
  309. # to load balance between the servers.
  310. remote xx.x54.1x8.235 1194
  311. ;remote my-server-2 1194
  312.  
  313. # Choose a random host from the remote
  314. # list for load-balancing. Otherwise
  315. # try hosts in the order specified.
  316. ;remote-random
  317.  
  318. # Keep trying indefinitely to resolve the
  319. # host name of the OpenVPN server. Very useful
  320. # on machines which are not permanently connected
  321. # to the internet such as laptops.
  322. resolv-retry infinite
  323.  
  324. # Most clients don't need to bind to
  325. # a specific local port number.
  326. nobind
  327.  
  328. # Downgrade privileges after initialization (non-Windows only)
  329. user nobody
  330. group nogroup
  331.  
  332. # Try to preserve some state across restarts.
  333. persist-key
  334. persist-tun
  335.  
  336. # If you are connecting through an
  337. # HTTP proxy to reach the actual OpenVPN
  338. # server, put the proxy server/IP and
  339. # port number here. See the man page
  340. # if your proxy server requires
  341. # authentication.
  342. ;http-proxy-retry # retry on connection failures
  343. ;http-proxy [proxy server] [proxy port #]
  344.  
  345. # Wireless networks often produce a lot
  346. # of duplicate packets. Set this flag
  347. # to silence duplicate packet warnings.
  348. ;mute-replay-warnings
  349.  
  350. # SSL/TLS parms.
  351. # See the server config file for more
  352. # description. It's best to use
  353. # a separate .crt/.key file pair
  354. # for each client. A single ca
  355. # file can be used for all clients.
  356. ca /root/Desktop/FranceVPS/ca.crt
  357. cert /root/Desktop/FranceVPS/france.crt
  358. key /root/Desktop/FranceVPS/france.key
  359.  
  360. # Verify server certificate by checking
  361. # that the certicate has the nsCertType
  362. # field set to "server". This is an
  363. # important precaution to protect against
  364. # a potential attack discussed here:
  365. # http://openvpn.net/howto.html#mitm
  366. #
  367. # To use this feature, you will need to generate
  368. # your server certificates with the nsCertType
  369. # field set to "server". The build-key-server
  370. # script in the easy-rsa folder will do this.
  371. ns-cert-type server
  372.  
  373. # If a tls-auth key is used on the server
  374. # then every client must also have the key.
  375. ;tls-auth ta.key 1
  376.  
  377. # Select a cryptographic cipher.
  378. # If the cipher option is used on the server
  379. # then you must also specify it here.
  380. cipher AES-256-CBC
  381.  
  382. # Enable compression on the VPN link.
  383. # Don't enable this unless it is also
  384. # enabled in the server config file.
  385. comp-lzo
  386.  
  387. # Set log file verbosity.
  388. verb 3
  389.  
  390. # Silence repeating messages
  391. ;mute 20
  392.  
  393. Sep 17 13:37:18 4716372 ovpn-server[3208]: OpenVPN 2.3.4 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Nov 12 2015
  394. Sep 17 13:37:18 4716372 ovpn-server[3208]: library versions: OpenSSL 1.0.1t 3 May 2016, LZO 2.08
  395. Sep 17 13:37:18 4716372 ovpn-server[3208]: Diffie-Hellman initialized with 2048 bit key
  396. Sep 17 13:37:18 4716372 ovpn-server[3208]: Socket Buffers: R=[133120->131072] S=[133120->131072]
  397. Sep 17 13:37:18 4716372 ovpn-server[3208]: ROUTE_GATEWAY ON_LINK IFACE=venet0 HWADDR=00:00:00:00:00:00
  398. Sep 17 13:37:18 4716372 ovpn-server[3208]: TUN/TAP device tun0 opened
  399. Sep 17 13:37:18 4716372 ovpn-server[3208]: TUN/TAP TX queue length set to 100
  400. Sep 17 13:37:18 4716372 ovpn-server[3208]: do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
  401. Sep 17 13:37:18 4716372 ovpn-server[3208]: /sbin/ip link set dev tun0 up mtu 1500
  402. Sep 17 13:37:18 4716372 systemd[1]: Started OpenVPN service.
  403. Sep 17 13:37:18 4716372 ovpn-server[3208]: /sbin/ip addr add dev tun0 local 10.8.0.1 peer 10.8.0.2
  404. Sep 17 13:37:18 4716372 ovpn-server[3208]: /sbin/ip route add 10.8.0.0/24 via 10.8.0.2
  405. Sep 17 13:37:18 4716372 systemd[1]: Started OpenVPN connection to server.
  406. Sep 17 13:37:18 4716372 ovpn-server[3221]: GID set to nogroup
  407. Sep 17 13:37:18 4716372 ovpn-server[3221]: UID set to nobody
  408. Sep 17 13:37:18 4716372 ovpn-server[3221]: UDPv4 link local (bound): [undef]
  409. Sep 17 13:37:18 4716372 ovpn-server[3221]: UDPv4 link remote: [undef]
  410. Sep 17 13:37:18 4716372 ovpn-server[3221]: MULTI: multi_init called, r=256 v=256
  411. Sep 17 13:37:18 4716372 ovpn-server[3221]: IFCONFIG POOL: base=10.8.0.4 size=62, ipv6=0
  412. Sep 17 13:37:18 4716372 ovpn-server[3221]: IFCONFIG POOL LIST
  413. Sep 17 13:37:18 4716372 ovpn-server[3221]: Initialization Sequence Completed
  414. Sep 17 13:37:55 4716372 systemd[1]: Starting Cleanup of Temporary Directories...
  415. Sep 17 13:37:55 4716372 systemd[1]: Failed to reset devices.list on /system.slice/systemd-tmpfiles-clean.service: No such file or directory
  416. Sep 17 13:37:55 4716372 systemd[1]: Failed to reset devices.list on /system.slice/openvpn.service: No such file or directory
  417. Sep 17 13:37:55 4716372 systemd[1]: Started Cleanup of Temporary Directories.
  418. Sep 17 13:45:49 4716372 ovpn-server[3221]: 31.41.46.103:48014 TLS: Initial packet from [AF_INET]31.41.46.103:48014, sid=cc02d23c 0dcfdf5f
  419. Sep 17 13:45:52 4716372 ovpn-server[3221]: 31.41.46.103:48014 VERIFY OK: depth=1, C=FR, ST=FR, L=Paris, O=Dreamgrinders, OU=Dreamgrinders, CN=Dreamgrinders CA, name=server, emailAddress=Dreamgrinders@gmail.com
  420. Sep 17 13:45:52 4716372 ovpn-server[3221]: 31.41.46.103:48014 VERIFY OK: depth=0, C=FR, ST=FR, L=Paris, O=Dreamgrinders, OU=Dreamgrinders, CN=france, name=server, emailAddress=Dreamgrinders@gmail.com
  421. Sep 17 13:45:52 4716372 ovpn-server[3221]: 31.41.46.103:48014 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
  422. Sep 17 13:45:52 4716372 ovpn-server[3221]: 31.41.46.103:48014 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
  423. Sep 17 13:45:52 4716372 ovpn-server[3221]: 31.41.46.103:48014 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
  424. Sep 17 13:45:52 4716372 ovpn-server[3221]: 31.41.46.103:48014 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
  425. Sep 17 13:45:52 4716372 ovpn-server[3221]: 31.41.46.103:48014 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
  426. Sep 17 13:45:52 4716372 ovpn-server[3221]: 31.41.46.103:48014 [france] Peer Connection Initiated with [AF_INET]31.41.46.103:48014
  427. Sep 17 13:45:52 4716372 ovpn-server[3221]: france/31.41.46.103:48014 MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=(Not enabled)
  428. Sep 17 13:45:52 4716372 ovpn-server[3221]: france/31.41.46.103:48014 MULTI: Learn: 10.8.0.6 -> france/31.41.46.103:48014
  429. Sep 17 13:45:52 4716372 ovpn-server[3221]: france/31.41.46.103:48014 MULTI: primary virtual IP for france/31.41.46.103:48014: 10.8.0.6
  430. Sep 17 13:45:55 4716372 ovpn-server[3221]: france/31.41.46.103:48014 PUSH: Received control message: 'PUSH_REQUEST'
  431. Sep 17 13:45:55 4716372 ovpn-server[3221]: france/31.41.46.103:48014 send_push_reply(): safe_cap=940
  432. Sep 17 13:45:55 4716372 ovpn-server[3221]: france/31.41.46.103:48014 SENT CONTROL [france]: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 208.67.222.222,dhcp-option DNS 208.67.220.220,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5' (status=1)
  433. Sep 17 13:46:01 4716372 ovpn-server[3221]: 31.41.46.103:41813 TLS: Initial packet from [AF_INET]31.41.46.103:41813, sid=e607ab0a 2ae77583
  434. Sep 17 13:46:04 4716372 ovpn-server[3221]: 31.41.46.103:41813 VERIFY OK: depth=1, C=FR, ST=FR, L=Paris, O=Dreamgrinders, OU=Dreamgrinders, CN=Dreamgrinders CA, name=server, emailAddress=Dreamgrinders@gmail.com
  435. Sep 17 13:46:04 4716372 ovpn-server[3221]: 31.41.46.103:41813 VERIFY OK: depth=0, C=FR, ST=FR, L=Paris, O=Dreamgrinders, OU=Dreamgrinders, CN=france, name=server, emailAddress=Dreamgrinders@gmail.com
  436. Sep 17 13:46:04 4716372 ovpn-server[3221]: 31.41.46.103:41813 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
  437. Sep 17 13:46:04 4716372 ovpn-server[3221]: 31.41.46.103:41813 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
  438. Sep 17 13:46:04 4716372 ovpn-server[3221]: 31.41.46.103:41813 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
  439. Sep 17 13:46:04 4716372 ovpn-server[3221]: 31.41.46.103:41813 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
  440. Sep 17 13:46:04 4716372 ovpn-server[3221]: 31.41.46.103:41813 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
  441. Sep 17 13:46:04 4716372 ovpn-server[3221]: 31.41.46.103:41813 [france] Peer Connection Initiated with [AF_INET]31.41.46.103:41813
  442. Sep 17 13:46:04 4716372 ovpn-server[3221]: MULTI: new connection by client 'france' will cause previous active sessions by this client to be dropped. Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect.
  443. Sep 17 13:46:04 4716372 ovpn-server[3221]: MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=(Not enabled)
  444. Sep 17 13:46:04 4716372 ovpn-server[3221]: MULTI: Learn: 10.8.0.6 -> france/31.41.46.103:41813
  445. Sep 17 13:46:04 4716372 ovpn-server[3221]: MULTI: primary virtual IP for france/31.41.46.103:41813: 10.8.0.6
  446. Sep 17 13:46:06 4716372 ovpn-server[3221]: france/31.41.46.103:41813 PUSH: Received control message: 'PUSH_REQUEST'
  447. Sep 17 13:46:06 4716372 ovpn-server[3221]: france/31.41.46.103:41813 send_push_reply(): safe_cap=940
  448. Sep 17 13:46:06 4716372 ovpn-server[3221]: france/31.41.46.103:41813 SENT CONTROL [france]: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 208.67.222.222,dhcp-option DNS 208.67.220.220,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5' (status=1)
  449. Sep 17 13:52:35 4716372 ovpn-server[3221]: france/31.41.46.103:41813 [france] Inactivity timeout (--ping-restart), restarting
  450. Sep 17 13:52:35 4716372 ovpn-server[3221]: france/31.41.46.103:41813 SIGUSR1[soft,ping-restart] received, client-instance restarting
  451.  
  452. root@igotyoubitch:~# openvpn --config /root/Desktop/FranceVPS/france.ovpn
  453. Sat Sep 17 12:11:19 2016 OpenVPN 2.3.4 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Nov 12 2015
  454. Sat Sep 17 12:11:19 2016 library versions: OpenSSL 1.0.1t 3 May 2016, LZO 2.08
  455. Sat Sep 17 12:11:19 2016 WARNING: file '/root/Desktop/FranceVPS/france.key' is group or others accessible
  456. Sat Sep 17 12:11:19 2016 Socket Buffers: R=[212992->131072] S=[212992->131072]
  457. Sat Sep 17 12:11:19 2016 NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay
  458. Sat Sep 17 12:11:19 2016 UDPv4 link local: [undef]
  459. Sat Sep 17 12:11:19 2016 UDPv4 link remote: [AF_INET]5x.2xx.148.2xx:1194
  460. Sat Sep 17 12:11:19 2016 TLS: Initial packet from [AF_INET]5x.2xx.1xx.2xx:1194, sid=dd6cbfe8 431d7d48
  461. Sat Sep 17 12:11:21 2016 VERIFY OK: depth=1, C=FR, ST=FR, L=Paris, O=Dreamgrinders, OU=Dreamgrinders, CN=Dreamgrinders CA, name=server, emailAddress=Dreamgrinders@gmail.com
  462. Sat Sep 17 12:11:21 2016 VERIFY OK: nsCertType=SERVER
  463. Sat Sep 17 12:11:21 2016 VERIFY OK: depth=0, C=FR, ST=FR, L=Paris, O=Dreamgrinders, OU=Dreamgrinders, CN=server, name=server, emailAddress=Dreamgrinders@gmail.com
  464. Sat Sep 17 12:11:26 2016 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
  465. Sat Sep 17 12:11:26 2016 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
  466. Sat Sep 17 12:11:26 2016 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
  467. Sat Sep 17 12:11:26 2016 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
  468. Sat Sep 17 12:11:26 2016 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
  469. Sat Sep 17 12:11:26 2016 [server] Peer Connection Initiated with [AF_INET]5x.2xx.1xx.2xx:1194
  470. Sat Sep 17 12:11:28 2016 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
  471. Sat Sep 17 12:11:29 2016 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 208.67.222.222,dhcp-option DNS 208.67.220.220,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5'
  472. Sat Sep 17 12:11:29 2016 OPTIONS IMPORT: timers and/or timeouts modified
  473. Sat Sep 17 12:11:29 2016 OPTIONS IMPORT: --ifconfig/up options modified
  474. Sat Sep 17 12:11:29 2016 OPTIONS IMPORT: route options modified
  475. Sat Sep 17 12:11:29 2016 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
  476. Sat Sep 17 12:11:29 2016 ROUTE_GATEWAY 10.0.2.2/255.255.255.0 IFACE=eth0 HWADDR=08:00:27:33:2c:e8
  477. Sat Sep 17 12:11:29 2016 TUN/TAP device tun1 opened
  478. Sat Sep 17 12:11:29 2016 TUN/TAP TX queue length set to 100
  479. Sat Sep 17 12:11:29 2016 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
  480. Sat Sep 17 12:11:29 2016 /sbin/ip link set dev tun1 up mtu 1500
  481. Sat Sep 17 12:11:29 2016 /sbin/ip addr add dev tun1 local 10.8.0.6 peer 10.8.0.5
  482. Sat Sep 17 12:11:29 2016 /sbin/ip route add 5x.2xx.1xx.2xx/32 via 10.0.2.2
  483. Sat Sep 17 12:11:29 2016 /sbin/ip route add 0.0.0.0/1 via 10.8.0.5
  484. RTNETLINK answers: File exists
  485. Sat Sep 17 12:11:29 2016 ERROR: Linux route add command failed: external program exited with error status: 2
  486. Sat Sep 17 12:11:29 2016 /sbin/ip route add 128.0.0.0/1 via 10.8.0.5
  487. Sat Sep 17 12:11:29 2016 /sbin/ip route add 10.8.0.1/32 via 10.8.0.5
  488. Sat Sep 17 12:11:29 2016 GID set to nogroup
  489. Sat Sep 17 12:11:29 2016 UID set to nobody
  490. Sat Sep 17 12:11:29 2016 Initialization Sequence Completed
  491. ^CSat Sep 17 12:17:15 2016 event_wait : Interrupted system call (code=4)
  492. Sat Sep 17 12:17:15 2016 /sbin/ip route del 10.8.0.1/32
  493. RTNETLINK answers: Operation not permitted
  494. Sat Sep 17 12:17:15 2016 ERROR: Linux route delete command failed: external program exited with error status: 2
  495. Sat Sep 17 12:17:15 2016 /sbin/ip route del 5x.2xx.1xx.2xx/32
  496. RTNETLINK answers: Operation not permitted
  497. Sat Sep 17 12:17:15 2016 ERROR: Linux route delete command failed: external program exited with error status: 2
  498. Sat Sep 17 12:17:15 2016 /sbin/ip route del 0.0.0.0/1
  499. RTNETLINK answers: Operation not permitted
  500. Sat Sep 17 12:17:15 2016 ERROR: Linux route delete command failed: external program exited with error status: 2
  501. Sat Sep 17 12:17:15 2016 /sbin/ip route del 128.0.0.0/1
  502. RTNETLINK answers: Operation not permitted
  503. Sat Sep 17 12:17:15 2016 ERROR: Linux route delete command failed: external program exited with error status: 2
  504. Sat Sep 17 12:17:15 2016 Closing TUN/TAP interface
  505. Sat Sep 17 12:17:15 2016 /sbin/ip addr del dev tun1 local 10.8.0.6 peer 10.8.0.5
  506. RTNETLINK answers: Operation not permitted
  507. Sat Sep 17 12:17:15 2016 Linux ip addr del failed: external program exited with error status: 2
  508. Sat Sep 17 12:17:15 2016 SIGINT[hard,] received, process exiting
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!