(Courriels de diversion: <aimons@boxerais-abonde.com> <desapprend@alienais-lambrissees.com> <fissure@distillons-coudrons.com> <repondit@suppletifs-reverer.com> <amortissait@renaîtront-creuses.com> <navigable@echos-troues.com> <regater@dignitaire-obsequieuse.com> <differenciation@limonadiers-jouxtaient.com> <mystificatrices@ecu-regal.com> <pacifies@fusillee-astreindras.com> )
J'ai ce message d'erreur Wed Feb 2 09:43:19 2005 OpenVPN 2.0_rc6 i686-pc-linux [SSL] [LZO] [EPOLL] built on Jan 21 2005 Wed Feb 2 09:43:19 2005 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port. Wed Feb 2 09:43:19 2005 WARNING: file 'testkey.pem' is group or others accessible Wed Feb 2 09:43:19 2005 LZO compression initialized Wed Feb 2 09:43:19 2005 Control Channel MTU parms [ L:1574 D:138 EF:38 EB:0 ET:0 EL:0 ] Wed Feb 2 09:43:19 2005 Data Channel MTU parms [ L:1574 D:1450 EF:42 EB:23 ET:32 EL:0 AF:3/1 ] Wed Feb 2 09:43:19 2005 Local Options hash (VER=V4): 'd79ca330' Wed Feb 2 09:43:19 2005 Expected Remote Options hash (VER=V4): 'f7df56b8' Wed Feb 2 09:43:19 2005 UDPv4 link local: [undef] Wed Feb 2 09:43:19 2005 UDPv4 link remote: 82.66.12.32:5000 Wed Feb 2 09:43:19 2005 VERIFY OK: depth=1, /C=FR/ST=Midi- Wed Feb 2 09:43:19 2005 TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed Wed Feb 2 09:43:19 2005 TLS Error: TLS object -> incoming plaintext read error Wed Feb 2 09:43:19 2005 TLS Error: TLS handshake failed Wed Feb 2 09:43:19 2005 TCP/UDP: Closing socket Wed Feb 2 09:43:19 2005 SIGUSR1[soft,tls-error] received, process restarting Wed Feb 2 09:43:21 2005 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port. Wed Feb 2 09:43:21 2005 Re-using SSL/TLS context Wed Feb 2 09:43:21 2005 LZO compression initialized Wed Feb 2 09:43:21 2005 Control Channel MTU parms [ L:1574 D:138 EF:38 EB:0 ET:0 EL:0 ] Wed Feb 2 09:43:21 2005 Data Channel MTU parms [ L:1574 D:1450 EF:42 EB:23 ET:32 EL:0 AF:3/1 ] Wed Feb 2 09:43:21 2005 Local Options hash (VER=V4): 'd79ca330' Wed Feb 2 09:43:21 2005 Expected Remote Options hash (VER=V4): 'f7df56b8' Wed Feb 2 09:43:21 2005 UDPv4 link local: [undef] Wed Feb 2 09:43:21 2005 UDPv4 link remote: 82.66.12.32:5000 Wed Feb 2 09:43:21 2005 TLS Error: Unroutable control packet received from 82.66.12.32:5000 (si=3 op=P_CONTROL_V1) Wed Feb 2 09:43:21 2005 TLS Error: Unroutable control packet received from 82.66.12.32:5000 (si=3 op=P_CONTROL_V1) Wed Feb 2 09:43:21 2005 TLS Error: Unroutable control packet received from 82.66.12.32:5000 (si=3 op=P_CONTROL_V1) Wed Feb 2 09:43:21 2005 TLS Error: Unroutable control packet received from 82.66.12.32:5000 (si=3 op=P_CONTROL_V1) Wed Feb 2 09:43:21 2005 TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed Wed Feb 2 09:43:21 2005 TLS Error: TLS object -> incoming plaintext read error Wed Feb 2 09:43:21 2005 TLS Error: TLS handshake failed Wed Feb 2 09:43:21 2005 TCP/UDP: Closing socket Wed Feb 2 09:43:21 2005 SIGUSR1[soft,tls-error] received, process restarting Wed Feb 2 09:43:23 2005 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port. Wed Feb 2 09:43:23 2005 Re-using SSL/TLS context Wed Feb 2 09:43:23 2005 LZO compression initialized Wed Feb 2 09:43:23 2005 Control Channel MTU parms [ L:1574 D:138 EF:38 EB:0 ET:0 EL:0 ] Wed Feb 2 09:43:23 2005 Data Channel MTU parms [ L:1574 D:1450 EF:42 EB:23 ET:32 EL:0 AF:3/1 ] Wed Feb 2 09:43:23 2005 Local Options hash (VER=V4): 'd79ca330' Wed Feb 2 09:43:23 2005 Expected Remote Options hash (VER=V4): 'f7df56b8' Wed Feb 2 09:43:23 2005 UDPv4 link local: [undef] ????????? Wed Feb 2 09:43:23 2005 UDPv4 link remote: 82.66.12.32:5000 Wed Feb 2 09:43:23 2005 TLS Error: Unroutable control packet received from 82.66.12.32:5000 (si=3 op=P_CONTROL_V1)?????????????????? Wed Feb 2 09:43:23 2005 TLS Error: Unroutable control packet received from 82.66.12.32:5000 (si=3 op=P_CONTROL_V1) Wed Feb 2 09:43:23 2005 TLS Error: Unroutable control packet received from 82.66.12.32:5000 (si=3 op=P_CONTROL_V1) Wed Feb 2 09:43:23 2005 TLS Error: Unroutable control packet received from 82.66.12.32:5000 (si=3 op=P_CONTROL_V1) Wed Feb 2 09:43:23 2005 TLS Error: Unroutable control packet received from 82.66.12.32:5000 (si=3 op=P_CONTROL_V1) Wed Feb 2 09:43:23 2005 NOTE: --mute triggered... Wed Feb 2 09:44:17 2005 236 variation(s) on previous 5 message(s) suppressed by --mute Wed Feb 2 09:44:17 2005 event_wait : Interrupted system call (code=4) Wed Feb 2 09:44:17 2005 TCP/UDP: Closing socket Wed Feb 2 09:44:17 2005 SIGINT[hard,] received, process exiting+ openvpn --config server_test Wed Feb 2 09:40:43 2005 us=649511 Current Parameter Settings: Wed Feb 2 09:40:43 2005 us=649801 config = 'server_test' Wed Feb 2 09:40:43 2005 us=649872 mode = 1 Wed Feb 2 09:40:43 2005 us=649936 persist_config = DISABLED Wed Feb 2 09:40:43 2005 us=649999 persist_mode = 1 Wed Feb 2 09:40:43 2005 us=650060 show_ciphers = DISABLED Wed Feb 2 09:40:43 2005 us=650123 show_digests = DISABLED Wed Feb 2 09:40:43 2005 us=650185 show_engines = DISABLED Wed Feb 2 09:40:43 2005 us=650247 genkey = DISABLED Wed Feb 2 09:40:43 2005 us=650309 key_pass_file = '[UNDEF]' Wed Feb 2 09:40:43 2005 us=650371 NOTE: --mute triggered... Wed Feb 2 09:40:43 2005 us=650465 165 variation(s) on previous 10 message(s) suppressed by --mute Wed Feb 2 09:40:43 2005 us=650533 OpenVPN 2.0_rc6 i686-pc-linux [SSL] [LZO] [EPOLL] built on Jan 21 2005 Wed Feb 2 09:40:43 2005 us=706488 Diffie-Hellman initialized with 1024 bit key Wed Feb 2 09:40:43 2005 us=724263 WARNING: file '/etc/openvpn/openvpn.pem' is group or others accessible Wed Feb 2 09:40:43 2005 us=731728 TLS-Auth MTU parms [ L:1574 D:138 EF:38 EB:0 ET:0 EL:0 ] Wed Feb 2 09:40:43 2005 us=858734 TUN/TAP device tap0 opened Wed Feb 2 09:40:43 2005 us=858902 TUN/TAP TX queue length set to 100 Wed Feb 2 09:40:43 2005 us=859059 Data Channel MTU parms [ L:1574 D:1450 EF:42 EB:23 ET:32 EL:0 AF:3/1 ] Wed Feb 2 09:40:43 2005 us=859627 GID set to mongroupe Wed Feb 2 09:40:43 2005 us=859739 UID set to nobody Wed Feb 2 09:40:43 2005 us=859814 Socket Buffers: R=[109568->131072] S=[109568->131072] Wed Feb 2 09:40:43 2005 us=859886 UDPv4 link local (bound): 82.66.78.69:5000 Wed Feb 2 09:40:43 2005 us=859945 UDPv4 link remote: [undef]?????????? Wed Feb 2 09:40:43 2005 us=860005 MULTI: multi_init called, r=256 v=256 Wed Feb 2 09:40:43 2005 us=860094 IFCONFIG POOL: base=192.168.0.5 size=11 Wed Feb 2 09:40:43 2005 us=860182 Initialization Sequence Completed Wed Feb 2 09:43:19 2005 us=320137 MULTI: multi_create_instance called Wed Feb 2 09:43:19 2005 us=320189 82.66.12.32:32798 Re-using SSL/TLS context Wed Feb 2 09:43:19 2005 us=320241 82.66.12.32:32798 LZO compression initialized Wed Feb 2 09:43:19 2005 us=320451 82.66.12.32:32798 Control Channel MTU parms [ L:1574 D:138 EF:38 EB:0 ET:0 EL:0 ] Wed Feb 2 09:43:19 2005 us=320481 82.66.12.32:32798 Data Channel MTU parms [ L:1574 D:1450 EF:42 EB:23 ET:32 EL:0 AF:3/1 ] Wed Feb 2 09:43:19 2005 us=320522 82.66.12.32:32798 Local Options String: 'V4,dev-type tap,link-mtu 1574,tun-mtu 1532,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server' Wed Feb 2 09:43:19 2005 us=320544 82.66.12.32:32798 Expected Remote Options String: 'V4,dev-type tap,link-mtu 1574,tun-mtu 1532,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client' Wed Feb 2 09:43:19 2005 us=320584 82.66.12.32:32798 Local Options hash (VER=V4): 'f7df56b8' Wed Feb 2 09:43:19 2005 us=320616 82.66.12.32:32798 Expected Remote Options hash (VER=V4): 'd79ca330' Wed Feb 2 09:43:19 2005 us=320678 82.66.12.32:32798 TLS: Initial packet from 82.66.12.32:32798, sid=e05983f4 6ec3f349 Wed Feb 2 09:43:21 2005 us=398416 82.66.12.32:32798 TLS: new session incoming connection from 82.66.12.32:32798 Wed Feb 2 09:43:21 2005 us=471535 read UDPv4 [ECONNREFUSED]: Connection refused (code=111) ???????????????????????????? Wed Feb 2 09:43:21 2005 us=471873 read UDPv4 [ECONNREFUSED]: Connection refused (code=111) WedFeb 2 09:43:21 2005 us=472165 read UDPv4 [ECONNREFUSED]: Connection refused (code=111) Wed Feb 2 09:43:23 2005 us=472956 82.66.12.32:32798 TLS: new session incoming connection from 82.66.12.32:32798 Wed Feb 2 09:44:19 2005 us=303688 82.66.12.32:32798 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) ???????????????????????????????????? Wed Feb 2 09:44:19 2005 us=303737 82.66.12.32:32798 TLS Error: TLS handshake failed ??????????????????????????????????????????? Wed Feb 2 09:44:19 2005 us=303922 82.66.12.32:32798 SIGUSR1[soft,tls-error] received, client-instance restarting Wed Feb 2 09:44:22 2005 us=934668 event_wait : Interrupted system call (code=4) Wed Feb 2 09:44:22 2005 us=934822 TCP/UDP: Closing socket Wed Feb 2 09:44:22 2005 us=934858 Closing TUN/TAP interface Wed Feb 2 09:44:22 2005 us=943185 SIGINT[hard,] received, process exiting Bon les 6 dernières lignes sont apparues lorsque j’ai fait un CTRL – C pour quitter de même pour le client Voici ma procédure (j’ai pas encore fait de script) mkdir /dev/net mknod /dev/net/tun c 10 200 je lance le parefeu vpn IPTABLES=/sbin/iptables LAN=eth0 ADSL=eth1 modprobe bridge modprobe tun $IPTABLES -A INPUT -p udp --dport 5000 -j ACCEPT $IPTABLES -A INPUT -i tun+ -j ACCEPT $IPTABLES -A FORWARD -i tun+ -j ACCEPT $IPTABLES -A INPUT -i tap+ -j ACCEPT $IPTABLES -A FORWARD -i tap+ -j ACCEPT $IPTABLES -A INPUT -i br0 -j ACCEPT $IPTABLES -A FORWARD -i br0 -j ACCEPT $IPTABLES -A INPUT -p tcp --sport 137:139 -i eth0 -j ACCEPT Je lance le bridge $OPENVPN --mktun --dev tap0 brctl addbr br0 brctl addif br0 tap0 brctl addif br0 eth0 ifconfig tap0 0.0.0.0 promisc up ifconfig eth0 0.0.0.0 promisc up ifconfig br0 192.168.0.254 netmask 255.255.255.0 broadcast 192.168.0.255 Puis je lance le openvpn –config server.conf -------------------------------------------------------------------- Les listes de diffusion occultes: <URL:http://www.CULTe.org/listes/>