van egy openvpn szerver, a következő konfiggal: http://pastebin.com/yxLLvtYS , bridge-startnál feláll a tap0, és br0 192.168.10.1/24-gyel, kliens szépen fel is tud lépni, nade ezt kapom syslogba:
Mar 9 13:27:33 gep ovpn-server[8030]: OpenVPN 2.1.3 x86_64-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [MH] [PF_INET6] [eurephia] built on Feb 21 2012
Mar 9 13:27:33 gep ovpn-server[8030]: NOTE: when bridging your LAN adapter with the TAP adapter, note that the new bridge adapter will often take on its own IP address that is different from what the LAN adapter was previously set to
Mar 9 13:27:33 gep ovpn-server[8030]: NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Mar 9 13:27:33 gep ovpn-server[8030]: Diffie-Hellman initialized with 1024 bit key
Mar 9 13:27:33 gep ovpn-server[8030]: /usr/bin/openssl-vulnkey -q -b 1024 -m
Mar 9 13:27:33 gep ovpn-server[8030]: TLS-Auth MTU parms [ L:1574 D:138 EF:38 EB:0 ET:0 EL:0 ]
Mar 9 13:27:33 gep ovpn-server[8030]: Socket Buffers: R=[124928->131072] S=[124928->131072]
Mar 9 13:27:33 gep ovpn-server[8030]: TUN/TAP device tap1 opened
Mar 9 13:27:33 gep ovpn-server[8030]: TUN/TAP TX queue length set to 100
Mar 9 13:27:33 gep ovpn-server[8030]: Data Channel MTU parms [ L:1574 D:1450 EF:42 EB:135 ET:32 EL:0 AF:3/1 ]
Mar 9 13:27:33 gep ovpn-server[8033]: UDPv4 link local (bound): [undef]
Mar 9 13:27:33 gep ovpn-server[8033]: UDPv4 link remote: [undef]
Mar 9 13:27:33 gep ovpn-server[8033]: MULTI: multi_init called, r=256 v=256
Mar 9 13:27:33 gep ovpn-server[8033]: IFCONFIG POOL: base=192.168.10.2 size=19
Mar 9 13:27:33 gep ovpn-server[8033]: IFCONFIG POOL LIST
Mar 9 13:27:33 gep ovpn-server[8033]: asztali,192.168.10.2
Mar 9 13:27:33 gep ovpn-server[8033]: Initialization Sequence Completed
Mar 9 13:28:11 gep ovpn-server[8033]: MULTI: multi_create_instance called
Mar 9 13:28:11 gep ovpn-server[8033]: 82.144.164.70:1194 Re-using SSL/TLS context
Mar 9 13:28:11 gep ovpn-server[8033]: 82.144.164.70:1194 LZO compression initialized
Mar 9 13:28:11 gep ovpn-server[8033]: 82.144.164.70:1194 Control Channel MTU parms [ L:1574 D:138 EF:38 EB:0 ET:0 EL:0 ]
Mar 9 13:28:11 gep ovpn-server[8033]: 82.144.164.70:1194 Data Channel MTU parms [ L:1574 D:1450 EF:42 EB:135 ET:32 EL:0 AF:3/1 ]
Mar 9 13:28:11 gep ovpn-server[8033]: 82.144.164.70:1194 Local Options hash (VER=V4): 'f7df56b8'
Mar 9 13:28:11 gep ovpn-server[8033]: 82.144.164.70:1194 Expected Remote Options hash (VER=V4): 'd79ca330'
Mar 9 13:28:11 gep ovpn-server[8033]: 82.144.164.70:1194 TLS: Initial packet from [AF_INET]82.144.164.70:1194, sid=1338fcc5 a25ed336
Mar 9 13:28:12 gep ovpn-server[8033]: 82.144.164.70:1194 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Mar 9 13:28:12 gep ovpn-server[8033]: 82.144.164.70:1194 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mar 9 13:28:12 gep ovpn-server[8033]: 82.144.164.70:1194 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Mar 9 13:28:12 gep ovpn-server[8033]: 82.144.164.70:1194 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mar 9 13:28:12 gep ovpn-server[8033]: 82.144.164.70:1194 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Mar 9 13:28:12 gep ovpn-server[8033]: 82.144.164.70:1194 [asztali] Peer Connection Initiated with [AF_INET]82.144.164.70:1194
Mar 9 13:28:14 gep ovpn-server[8033]: asztali/82.144.164.70:1194 PUSH: Received control message: 'PUSH_REQUEST'
Mar 9 13:28:14 gep ovpn-server[8033]: asztali/82.144.164.70:1194 SENT CONTROL [asztali]: 'PUSH_REPLY,route 192.168.3.0 255.255.255.0,route-gateway 192.168.10.1,ping 10,ping-restart 120,ifconfig 192.168.10.2 255.255.255.0' (status=1)
Mar 9 13:28:14 gep ovpn-server[8033]: asztali/82.144.164.70:1194 MULTI: Learn: 00:ff:e0:57:57:6b -> asztali/82.144.164.70:1194
Mar 9 13:28:15 gep kernel: [8736333.519948] martian source 192.168.10.255 from 192.168.10.2, on dev tap1
Mar 9 13:28:15 gep kernel: [8736333.519953] ll header: ff:ff:ff:ff:ff:ff:00:ff:e0:57:57:6b:08:00
Mar 9 13:28:15 gep kernel: [8736333.521455] martian source 192.168.10.255 from 192.168.10.2, on dev tap1
Mar 9 13:28:15 gep kernel: [8736333.521459] ll header: ff:ff:ff:ff:ff:ff:00:ff:e0:57:57:6b:08:00
Mar 9 13:28:15 gep kernel: [8736333.521924] martian source 192.168.10.255 from 192.168.10.2, on dev tap1
Mar 9 13:28:15 gep kernel: [8736333.521929] ll header: ff:ff:ff:ff:ff:ff:00:ff:e0:57:57:6b:08:00
Mar 9 13:28:15 gep kernel: [8736333.565044] martian source 192.168.10.255 from 192.168.10.2, on dev tap1
Mar 9 13:28:15 gep kernel: [8736333.565048] ll header: ff:ff:ff:ff:ff:ff:00:ff:e0:57:57:6b:08:00
Mar 9 13:28:15 gep kernel: [8736334.269239] martian source 192.168.10.255 from 192.168.10.2, on dev tap1
Mar 9 13:28:15 gep kernel: [8736334.269243] ll header: ff:ff:ff:ff:ff:ff:00:ff:e0:57:57:6b:08:00
mi a hiba?
- 4984 megtekintés
Hozzászólások
kliens oldalon ezt írja:
Sat Mar 09 15:26:21 2013 TCP/UDP: Incoming packet rejected from [AF_INET]89.134.127.241:1194[2], expected peer address: [AF_INET]62.77.193.xxx:1194 (allow this incoming source address/port by removing --remote or adding --float)
Sat Mar 09 15:26:31 2013 TCP/UDP: Incoming packet rejected from [AF_INET]89.134.127.241:1194[2], expected peer address: [AF_INET]62.77.193.xxx:1194 (allow this incoming source address/port by removing --remote or adding --float)
--
>'The time has come,' the Walrus said<
- A hozzászóláshoz be kell jelentkezni
senki nem járt még így? :/
--
>'The time has come,' the Walrus said<
- A hozzászóláshoz be kell jelentkezni
hát, ez egy tanulságos sztori, server.conf-ban lemaradt a dev tap mögül a 0 :>
--
>'The time has come,' the Walrus said<
- A hozzászóláshoz be kell jelentkezni