|
Титла: PopTop Публикувано от: n00b в Mar 31, 2009, 18:34 Привет.
Днес се опитах да инсталирам Poptop на FC6. И успях. Ето част от лога при успешно свързване: --------------------------------------------------- Mar 31 05:16:20 icbm pptpd[25046]: CTRL: Client 77.78.2.5 control connection started Mar 31 05:16:21 icbm pptpd[25046]: CTRL: Starting call (launching pppd, opening GRE) Mar 31 05:16:21 icbm pppd[25047]: Plugin /usr/lib/pptpd/pptpd-logwtmp.so loaded. Mar 31 05:16:21 icbm pppd[25047]: pppd 2.4.4 started by root, uid 0 Mar 31 05:16:21 icbm pppd[25047]: Using interface ppp0 Mar 31 05:16:21 icbm pppd[25047]: Connect: ppp0 <--> /dev/pts/2 Mar 31 05:16:24 icbm pptpd[25046]: CTRL: Ignored a SET LINK INFO packet with real ACCMs! Mar 31 05:16:24 icbm pppd[25047]: MPPE 128-bit stateless compression enabled Mar 31 05:16:26 icbm pppd[25047]: Cannot determine ethernet address for proxy ARP Mar 31 05:16:26 icbm pppd[25047]: local IP address 192.168.0.1 Mar 31 05:16:26 icbm pppd[25047]: remote IP address 192.168.0.200 Mar 31 05:16:35 icbm kernel: martian source 92.122.212.11 from 10.10.10.11, on dev ppp0 Mar 31 05:16:35 icbm kernel: ll header: 45:00:02:81 Mar 31 05:16:35 icbm kernel: martian source 92.122.212.11 from 10.10.10.11, on dev ppp0 Mar 31 05:16:35 icbm kernel: ll header: 45:00:02:81 Mar 31 05:16:37 icbm kernel: martian source 92.122.212.11 from 10.10.10.11, on dev ppp0 Mar 31 05:16:37 icbm kernel: ll header: 45:00:02:81 Mar 31 05:16:40 icbm kernel: martian source 92.122.212.11 from 10.10.10.11, on dev ppp0 Mar 31 05:16:40 icbm kernel: ll header: 45:00:02:81 Mar 31 05:16:46 icbm kernel: martian source 92.122.212.11 from 10.10.10.11, on dev ppp0 Mar 31 05:16:46 icbm kernel: ll header: 45:00:02:81 Mar 31 05:16:59 icbm kernel: martian source 92.122.212.11 from 10.10.10.11, on dev ppp0 Mar 31 05:16:59 icbm kernel: ll header: 45:00:02:81 Mar 31 05:17:25 icbm kernel: martian source 65.55.149.122 from 10.10.10.11, on dev ppp0 Mar 31 05:17:25 icbm kernel: ll header: 45:00:00:28 Mar 31 05:17:25 icbm kernel: martian source 92.122.212.33 from 10.10.10.11, on dev ppp0 Mar 31 05:17:25 icbm kernel: ll header: 45:00:00:28 Mar 31 05:19:09 icbm pptpd[25141]: MGR: Maximum of 100 connections reduced to 42, not enough IP addresses given Mar 31 05:19:09 icbm pptpd[25142]: MGR: Manager process started Mar 31 05:19:09 icbm pptpd[25142]: MGR: Maximum of 42 connections available Mar 31 05:19:15 icbm pppd[25047]: LCP terminated by peer (3M--SM-{^@<M-Mt^@^@^@^@) Mar 31 05:19:15 icbm pppd[25047]: Connect time 2.9 minutes. Mar 31 05:19:15 icbm pppd[25047]: Sent 0 bytes, received 9553 bytes. Mar 31 05:19:15 icbm pppd[25047]: Modem hangup Mar 31 05:19:15 icbm pppd[25047]: Connection terminated. Mar 31 05:19:15 icbm pppd[25047]: Exit. --------------------------------------------------- Проблема беше че нещо тунела не сработи т.е. нямаше НАТ за ппп0 Тук пуснах един tcpdump за малко и изпълних "великата команда" (виж по-долу): --------------------------------------------------- Mar 31 05:35:12 icbm pptpd[344]: MGR: Maximum of 100 connections reduced to 42, not enough IP addresses given Mar 31 05:35:12 icbm pptpd[345]: MGR: Manager process started Mar 31 05:35:12 icbm pptpd[345]: MGR: Maximum of 42 connections available Mar 31 05:35:21 icbm pptpd[350]: CTRL: Client 77.78.2.5 control connection started Mar 31 05:35:21 icbm pptpd[350]: CTRL: Starting call (launching pppd, opening GRE) Mar 31 05:35:21 icbm pppd[351]: Plugin /usr/lib/pptpd/pptpd-logwtmp.so loaded. Mar 31 05:35:21 icbm pppd[351]: pppd 2.4.4 started by root, uid 0 Mar 31 05:35:21 icbm pppd[351]: Using interface ppp0 Mar 31 05:35:21 icbm pppd[351]: Connect: ppp0 <--> /dev/pts/2 Mar 31 05:35:25 icbm pptpd[350]: CTRL: Ignored a SET LINK INFO packet with real ACCMs! Mar 31 05:35:25 icbm pppd[351]: MPPE 128-bit stateless compression enabled Mar 31 05:35:27 icbm pppd[351]: Cannot determine ethernet address for proxy ARP Mar 31 05:35:27 icbm pppd[351]: local IP address 192.168.0.1 Mar 31 05:35:27 icbm pppd[351]: remote IP address 192.168.0.200 Mar 31 05:39:07 icbm kernel: device eth0 entered promiscuous mode Mar 31 05:39:07 icbm kernel: audit(1238492347.481:3): dev=eth0 prom=256 old_prom=0 auid=4294967295 Mar 31 05:39:37 icbm kernel: device eth0 left promiscuous mode Mar 31 05:39:37 icbm kernel: audit(1238492377.104:4): dev=eth0 prom=0 old_prom=256 auid=4294967295 Mar 31 05:39:54 icbm kernel: Netfilter messages via NETLINK v0.30. Mar 31 05:39:55 icbm kernel: ip_conntrack version 2.4 (8190 buckets, 65520 max) - 228 bytes per conntrack Mar 31 05:42:24 icbm pppd[351]: LCP terminated by peer (X^O^U^B^@<M-Mt^@^@^@^@) Mar 31 05:42:24 icbm pppd[351]: Connect time 7.0 minutes. Mar 31 05:42:24 icbm pppd[351]: Sent 35284 bytes, received 16665 bytes. Mar 31 05:42:25 icbm pppd[351]: Modem hangup Mar 31 05:42:25 icbm pppd[351]: Connection terminated. Mar 31 05:42:25 icbm pppd[351]: Exit. Mar 31 05:42:25 icbm pptpd[350]: CTRL: Client 77.78.2.5 control connection finished --------------------------------------------------- "iptables --table nat --append POSTROUTING \ --out-interface eth0 --jump MASQUERADE" Всичко си работеше, но до тогава и еднократно. Сега лога е следния: --------------------------------------------------- Mar 31 06:08:29 icbm pptpd[11773]: CTRL: Client 77.78.2.5 control connection finished Mar 31 06:08:32 icbm pptpd[11792]: CTRL: Client 77.78.2.5 control connection started Mar 31 06:08:32 icbm pptpd[11792]: CTRL: Starting call (launching pppd, opening GRE) Mar 31 06:08:32 icbm pppd[11793]: Plugin /usr/lib/pptpd/pptpd-logwtmp.so loaded. Mar 31 06:08:32 icbm pppd[11793]: pppd 2.4.4 started by root, uid 0 Mar 31 06:08:32 icbm pppd[11793]: Using interface ppp0 Mar 31 06:08:32 icbm pppd[11793]: Connect: ppp0 <--> /dev/pts/1 Mar 31 06:08:33 icbm pptpd[11792]: GRE: read(fd=7,buffer=80515e0,len=8260) from network failed: status = -1 error = Protocol not available Mar 31 06:08:33 icbm pptpd[11792]: CTRL: GRE read or PTY write failed (gre,pty)=(7,6) Mar 31 06:08:33 icbm pppd[11793]: Modem hangup Mar 31 06:08:33 icbm pppd[11793]: Connection terminated. Mar 31 06:08:33 icbm pppd[11793]: Exit. Mar 31 06:08:33 icbm pptpd[11792]: CTRL: Client 77.78.2.5 control connection finished Mar 31 06:09:34 icbm pptpd[11840]: CTRL: Client 77.78.2.5 control connection started Mar 31 06:09:34 icbm pptpd[11840]: CTRL: Starting call (launching pppd, opening GRE) --------------------------------------------------- И повече не мога да набирам VPN. Дайте ми идея какво да направя... Титла: Re: PopTop Публикувано от: n00b в Mar 31, 2009, 18:38 ето и списък с lsmod:
Module Size Used by iptable_mangle 7105 0 iptable_raw 6337 0 ip_nat_pptp 10437 0 ip_conntrack_pptp 16209 1 ip_nat_pptp iptable_nat 11845 0 ip_nat 22253 2 ip_nat_pptp,iptable_nat ip_conntrack 56993 4 ip_nat_pptp,ip_conntrack_pptp,iptable_nat,ip_nat nfnetlink 11353 2 ip_nat,ip_conntrack ppp_async 16577 0 crc_ccitt 6337 1 ppp_async arc4 6337 0 ppp_mppe 10949 0 ppp_generic 32725 2 ppp_async,ppp_mppe slhc 10817 1 ppp_generic iptable_filter 7233 1 ip_tables 17669 4 iptable_mangle,iptable_raw,iptable_nat,iptable_filter ipv6 267617 37 xt_multiport 7617 0 xt_limit 6977 0 ipt_TOS 6465 0 xt_tcpudp 7361 0 ipt_REJECT 9665 0 ipt_LOG 10561 0 x_tables 18501 8 iptable_nat,ip_tables,xt_multiport,xt_limit,ipt_TOS,xt_tcpudp,ipt_REJECT,ipt_LOG freq_table 9793 0 loop 20297 3 dm_mirror 32913 0 dm_multipath 22601 0 dm_mod 61529 2 dm_mirror,dm_multipath video 21061 0 sbs 20225 0 i2c_ec 9281 1 sbs button 10961 0 battery 14405 0 ac 9541 0 parport_pc 31205 0 lp 17033 0 parport 40841 2 parport_pc,lp sg 38493 0 scb2_flash 8781 0 mtdcore 10373 1 scb2_flash chipreg 7617 1 scb2_flash map_funcs 6081 1 scb2_flash i2c_piix4 12621 0 ide_cd 42337 2 tg3 105413 0 floppy 61285 1 cdrom 38625 1 ide_cd i2c_core 25537 2 i2c_ec,i2c_piix4 serio_raw 11205 0 pcspkr 7361 0 mptspi 21321 3 mptscsih 27329 1 mptspi mptbase 56289 2 mptspi,mptscsih scsi_transport_spi 28993 1 mptspi sd_mod 24897 16 scsi_mod 138601 5 sg,mptspi,mptscsih,scsi_transport_spi,sd_mod ext3 135497 2 jbd 63081 1 ext3 ehci_hcd 35533 0 ohci_hcd 25181 0 uhci_hcd 27725 0 Титла: Re: PopTop Публикувано от: n00b в Mar 31, 2009, 18:44 # Generated by iptables-save v1.3.5 on Tue Mar 31 11:39:49 2009
*mangle :PREROUTING ACCEPT [1831416:195138145] :INPUT ACCEPT [1831416:195138145] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [1538709:94097038] :POSTROUTING ACCEPT [1538583:94083474] COMMIT # Completed on Tue Mar 31 11:39:49 2009 # Generated by iptables-save v1.3.5 on Tue Mar 31 11:39:49 2009 *raw :PREROUTING ACCEPT [1831616:195156040] :OUTPUT ACCEPT [1538890:94108605] COMMIT # Completed on Tue Mar 31 11:39:49 2009 # Generated by iptables-save v1.3.5 on Tue Mar 31 11:39:49 2009 *nat :PREROUTING ACCEPT [406947:24441489] :POSTROUTING ACCEPT [1252:68519] :OUTPUT ACCEPT [1379:74905] COMMIT # Completed on Tue Mar 31 11:39:49 2009 # Generated by iptables-save v1.3.5 on Tue Mar 31 11:39:49 2009 *filter :INPUT ACCEPT [2158444146:230173009648] :FORWARD ACCEPT [371:54974] :OUTPUT ACCEPT [1806808855:109818114107] -A INPUT -s 118.85.105.34 -i eth0 -j DROP -A INPUT -s 66.192.113.98 -i eth0 -j DROP -A INPUT -s 63.246.12.177 -i eth0 -j DROP -A INPUT -p gre -j ACCEPT -A OUTPUT -d 118.85.105.34 -o eth0 -j DROP -A OUTPUT -d 66.192.113.98 -o eth0 -j DROP -A OUTPUT -d 63.246.12.177 -o eth0 -j DROP Титла: Re: PopTop Публикувано от: Neoromantic в Apr 02, 2009, 09:47 Виж това дали ще ти помогне:
http://poptop.sourceforge.net/dox/gre-protocol-unavailable.phtml ($2) Титла: Re: PopTop Публикувано от: n00b в Apr 02, 2009, 17:36 Еми аз оттам идвам.
Значи проблема в крайна сметка се реши с рестарт на целия сървър. Не помогна рестарт на мрежата (/etc/init.d/networking restart) не помогна и премахването на модулите, нито спирането на всякакви правила от iptables. След рестарт-а всичко се закачи и си проработи перфектно. |