Member
Registered: Aug 2007
Location: Melbourne
Posts: 111
Original Poster
Rep:
|
So I have removed openresolve and created up.sh and down.sh as suggested.
Still getting the same issues.
firstly the timeout error
Sat Oct 24 22:06:31 2015 OpenVPN 2.3.6 x86_64-slackware-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Dec 10 2014
Sat Oct 24 22:06:31 2015 library versions: OpenSSL 1.0.1p 9 Jul 2015, LZO 2.03
Sat Oct 24 22:06:31 2015 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Sat Oct 24 22:06:31 2015 Socket Buffers: R=[212992->131072] S=[212992->131072]
Sat Oct 24 22:06:31 2015 UDPv4 link local: [undef]
Sat Oct 24 22:06:31 2015 UDPv4 link remote: [AF_INET]178.73.195.108:1199
Sat Oct 24 22:06:31 2015 TLS: Initial packet from [AF_INET]178.73.195.108:1199, sid=a7ecd6bd 7dad8d84
Sat Oct 24 22:06:31 2015 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Sat Oct 24 22:06:34 2015 VERIFY OK: depth=1, C=SE, ST=QQ, L=FrootTown, O=FrootOrg, OU=changeme, CN=changeme, name=changeme, emailAddress=mail@host.domain
Sat Oct 24 22:06:34 2015 VERIFY OK: nsCertType=SERVER
Sat Oct 24 22:06:34 2015 VERIFY OK: depth=0, C=SE, ST=QQ, L=FrootTown, O=FrootOrg, OU=changeme, CN=server, name=changeme, emailAddress=mail@host.domain
Sat Oct 24 22:06:35 2015 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat Oct 24 22:06:35 2015 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Oct 24 22:06:35 2015 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat Oct 24 22:06:35 2015 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Oct 24 22:06:35 2015 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Sat Oct 24 22:06:35 2015 [server] Peer Connection Initiated with [AF_INET]178.73.195.108:1199
Sat Oct 24 22:06:37 2015 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Sat Oct 24 22:06:38 2015 PUSH: Received control message: 'PUSH_REPLY,ifconfig-ipv6 2a00:1a28:155a:5::1016/64 2a00:1a28:155a:5::1,dhcp-option DNS 80.67.0.2,dhcp-option DNS 91.213.246.2,redirect-gateway def1,tun-ipv6,route-gateway 178.73.192.161,topology subnet,ping 10,ping-restart 160,ifconfig 178.73.192.184 255.255.255.224'
Sat Oct 24 22:06:38 2015 OPTIONS IMPORT: timers and/or timeouts modified
Sat Oct 24 22:06:38 2015 OPTIONS IMPORT: --ifconfig/up options modified
Sat Oct 24 22:06:38 2015 OPTIONS IMPORT: route options modified
Sat Oct 24 22:06:38 2015 OPTIONS IMPORT: route-related options modified
Sat Oct 24 22:06:38 2015 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Sat Oct 24 22:06:38 2015 ROUTE_GATEWAY 192.168.1.254/255.255.255.0 IFACE=eth0 HWADDR=00:1d:7d:af:ec:8e
Sat Oct 24 22:06:38 2015 TUN/TAP device tun0 opened
Sat Oct 24 22:06:38 2015 TUN/TAP TX queue length set to 100
Sat Oct 24 22:06:38 2015 do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=1
Sat Oct 24 22:06:38 2015 /usr/sbin/ip link set dev tun0 up mtu 1500
Sat Oct 24 22:06:38 2015 /usr/sbin/ip addr add dev tun0 178.73.192.184/27 broadcast 178.73.192.191
Sat Oct 24 22:06:38 2015 /usr/sbin/ip -6 addr add 2a00:1a28:155a:5::1016/64 dev tun0
Sat Oct 24 22:06:38 2015 /etc/openvpn/up.sh tun0 1500 1541 178.73.192.184 255.255.255.224 init
Sat Oct 24 22:06:38 2015 /usr/sbin/ip route add 178.73.195.108/32 via 192.168.1.254
Sat Oct 24 22:06:38 2015 /usr/sbin/ip route add 0.0.0.0/1 via 178.73.192.161
Sat Oct 24 22:06:38 2015 /usr/sbin/ip route add 128.0.0.0/1 via 178.73.192.161
Sat Oct 24 22:06:38 2015 Initialization Sequence Completed
Sat Oct 24 22:22:21 2015 [server] Inactivity timeout (--ping-restart), restarting
Sat Oct 24 22:22:21 2015 SIGUSR1[soft,ping-restart] received, process restarting
Sat Oct 24 22:22:21 2015 Restart pause, 10 second(s)
Sat Oct 24 22:22:39 2015 Initialization Sequence Completed
Sat Oct 24 22:32:51 2015 [server] Inactivity timeout (--ping-restart), restarting
Sat Oct 24 22:32:51 2015 SIGUSR1[soft,ping-restart] received, process restarting
Sun Oct 25 00:01:49 2015 [server] Inactivity timeout (--ping-restart), restarting
Sun Oct 25 00:01:49 2015 SIGUSR1[soft,ping-restart] received, process restarting
Sun Oct 25 00:01:49 2015 Restart pause, 10 second(s)
also a reset problem
Sat Oct 24 22:33:08 2015 Initialization Sequence Completed
Sat Oct 24 23:33:05 2015 TLS: soft reset sec=0 bytes=2296901738/0 pkts=3971461/0
which often happens exactly one hour after starting.
Not to mention things like the .auth file containing a username and password in plain text!
the output from ifconfig is
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.100 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::21d:7dff:feaf:ec8e prefixlen 64 scopeid 0x20<link>
ether 00:1d:7d:af:ec:8e txqueuelen 1000 (Ethernet)
RX packets 3183699 bytes 3030973972 (2.8 GiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 3813498 bytes 991243694 (945.3 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 0 (Local Loopback)
RX packets 29975 bytes 1843516 (1.7 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 29975 bytes 1843516 (1.7 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
tun0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1500
inet 178.73.192.164 netmask 255.255.255.224 destination 178.73.192.164
inet6 2a00:1a28:155a:5::1002 prefixlen 64 scopeid 0x0<global>
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 100 (UNSPEC)
RX packets 2512796 bytes 2297205777 (2.1 GiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 3094821 bytes 600373471 (572.5 MiB)
TX errors 0 dropped 205405 overruns 0 carrier 0 collisions 0
the output from route is
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default c-178-73-192-16 128.0.0.0 UG 0 0 0 tun0
default 192-168-1-254.t 0.0.0.0 UG 0 0 0 eth0
loopback * 255.0.0.0 U 0 0 0 lo
128.0.0.0 c-178-73-192-16 128.0.0.0 UG 0 0 0 tun0
178.73.192.160 * 255.255.255.224 U 0 0 0 tun0
178.73.195.108 192-168-1-254.t 255.255.255.255 UGH 0 0 0 eth0
192.168.1.0 * 255.255.255.0 U 1 0 0 eth0
192-168-1-100.t localhost 255.255.255.255 UGH 202 0 0 lo
It seems there was as much traffic going through eth0 as there was with tun0 so I am going to try removing my ISP nameserver from resolv.conf.openvpndns
|