|
|
Hi,
I'm trying to run in tcp-server mode, but if someone
disconnects before proper negotiation happens, the server
exits (which I don't want it to, I want it to keep listening
for connections whether someone connects succesfully or
not). Here is the log:
Sun Feb 8 09:43:33 2004 0[0]: OpenVPN 1.5.0 i586-mandrake-linux-gnu [SSL] [LZO] [PTHREAD] built on Nov 25 2003
Sun Feb 8 09:43:33 2004 1[0]: mlockall call succeeded
Sun Feb 8 09:43:33 2004 2[0]: Static Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sun Feb 8 09:43:33 2004 3[0]: Static Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sun Feb 8 09:43:33 2004 4[0]: Static Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sun Feb 8 09:43:33 2004 5[0]: Static Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sun Feb 8 09:43:33 2004 6[0]: LZO compression initialized
Sun Feb 8 09:43:33 2004 7[0]: TUN/TAP device ada01 opened
Sun Feb 8 09:43:33 2004 8[0]: /sbin/ifconfig ada01 192.168.92.1 pointopoint 192.168.92.2 mtu 1253
Sun Feb 8 09:43:33 2004 9[0]: Data Channel MTU parms [ L:1300 D:1300 EF:47 EB:19 ET:0 ]
Sun Feb 8 09:43:33 2004 10[0]: Local Options hash (VER=V3): '6e64b87d'
Sun Feb 8 09:43:33 2004 11[0]: Expected Remote Options hash (VER=V3): '5967690f'
Sun Feb 8 09:43:33 2004 12[0]: GID set to openvpn
Sun Feb 8 09:43:33 2004 13[0]: UID set to openvpn
Sun Feb 8 09:43:33 2004 14[0]: PTHREAD support initialized
Sun Feb 8 09:43:33 2004 15[0]: Listening for incoming TCP connection on [undef]:443
$ ( echo -n "" ; sleep 3 ) | telnet vpn-server 443 | cat -vA
Trying 29.138.18.57...^M$
Connected to vpn-server (29.138.18.57).^M$
Escape character is '^]'.^M$
^@<M-^UM-X/M-)X^IeM-^HJM-VM-gM-NRM-&Q^YM-eM-PM-:Pi^UM-^QM-bM-Xe'5uM-^VVM-^DzM-^IM-)M-|M-^\M-mM-G2M-^Q(WM->UcM-7^]M-{M-3$M-^SM-9M-M?;M-33M-]M-D^]q
$
Connection closed.^M$
Sun Feb 8 09:44:13 2004 16[0]: TCP connection established with 209.14.21.69:42602
Sun Feb 8 09:44:13 2004 17[0]: TCPv4_SERVER link local (bound): [undef]:443
Sun Feb 8 09:44:13 2004 18[0]: TCPv4_SERVER link remote: 209.14.21.69:42602
Sun Feb 8 09:44:18 2004 19[0]: Connection reset, restarting [0]
Sun Feb 8 09:44:18 2004 20[0]: Closing TCP/UDP socket
Sun Feb 8 09:44:18 2004 21[0]: Restart pause, 1 second(s)
Sun Feb 8 09:44:19 2004 22[0]: Static Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sun Feb 8 09:44:19 2004 23[0]: Static Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sun Feb 8 09:44:19 2004 24[0]: Static Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sun Feb 8 09:44:19 2004 25[0]: Static Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sun Feb 8 09:44:19 2004 26[0]: LZO compression initialized
Sun Feb 8 09:44:19 2004 27[0]: Socket bind failed on local address [undef]:443: Permission denied
Sun Feb 8 09:44:19 2004 28[0]: Exiting
but if I restart the server immediately manually, it binds
successfully and is happy.
I'm running the server like this:
/usr/sbin/openvpn --cd /etc/openvpn --user openvpn --group openvpn
--writepid /var/run/openvpn/smurf.pid --config smurf.conf;
and my smurf.conf:
cd /etc/openvpn
verb 3
mlock
comp-lzo
comp-noadapt
persist-remote-ip
dev smurf
float
lport 443
proto tcp-server
replay-persist /var/lib/openvpn/smurf.replay-persist
ping 15
ping-restart 35
ping-timer-rem
dev-type tun
persist-tun
ifconfig 192.168.92.1 192.168.92.2
secret smurf.key
Is this a bug or my misconfiguration ?
I know I could perhaps run this from inetd, but that is
unfortunately not feasible on this machine for reasons
beyond my control.
Thanks,
John
-------------------------------------------------------
The SF.Net email is sponsored by EclipseCon 2004
Premiere Conference on Open Tools Development and Integration
See the breadth of Eclipse activity. February 3-5 in Anaheim, CA.
http://www.eclipsecon.org/osdn
_______________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users
|