abclinuxu.cz AbcLinuxu.cz itbiz.cz ITBiz.cz HDmag.cz HDmag.cz abcprace.cz AbcPráce.cz
AbcLinuxu hledá autory!
Inzerujte na AbcPráce.cz od 950 Kč
Rozšířené hledání
×

dnes 13:33 | Pozvánky

Byly stanoveny termíny konferencí LinuxDays 2017 a OpenAlt 2017. Letošní LinuxDays proběhne o víkendu 7. a 8. října v Praze v Dejvicích v prostorách FIT ČVUT. Letošní OpenAlt proběhne o víkendu 4. a 5. listopadu na FIT VUT v Brně.

Ladislav Hagara | Komentářů: 0
dnes 11:11 | Komunita

Jiří Eischmann z desktopového týmu Red Hatu se v příspěvku Linuxový desktop: Co vám chybí na svém blogu ptá, co uživatele na Fedora Workstation a na linuxovém desktopu obecně trápí a co by desktopový tým mohl zlepšit. Pokud máte nějaké podněty, napište mu je do komentářů.

Ladislav Hagara | Komentářů: 36
dnes 03:33 | Nová verze

Byla vydána nová verze 0.25.0 multimediálního přehrávače mpv (Wikipedie) vycházejícího z přehrávačů MPlayer a mplayer2. Z novinek lze zmínit například podporu DVB-T2. Další části mpv byly přelicencovány z GPLv2 nebo novější na LGPLv2.1 nebo novější (#2033).

Ladislav Hagara | Komentářů: 0
dnes 02:22 | Zajímavý projekt

Na Bundle Stars byla spuštěna akce Dollar Forever Bundle. Za 1 dolar lze získat 24 počítačových her bežících na platformě Steam také v Linuxu.

Ladislav Hagara | Komentářů: 1
včera 23:44 | Zajímavý software

Lychee je jedním z open source softwarů pro tvorbu webových fotoalb. Vyžadováno je PHP 5.5 nebo novější a MySQL. Ukázka na stránkách projektu. Zdrojové kódy jsou k dispozici na GitHubu pod open source licencí MIT [reddit].

Ladislav Hagara | Komentářů: 5
včera 22:22 | Zajímavý software

Společnosti Haivision a Wowza společně oznámily vznik SRT Alliance a otevření protokolu pro streamování videa SRT. Podrobnosti v FAQ. Zdrojové kódy SRT jsou k dispozici na GitHubu pod open source licencí LGPLv2.1.

Ladislav Hagara | Komentářů: 0
včera 12:33 | Humor

Byl vydán remake filmu Ghost in the Shell. Tentokrát v Bashi. Zhlédnout lze online na "ssh ghost@theshell.xyz" [Hacker News].

Ladislav Hagara | Komentářů: 16
23.4. 20:40 | Zajímavý článek

Lukáš Růžička v článku S Hydrogenem za lepší rytmus aneb bubeníkem snadno a rychle na MojeFedora.cz představuje automatického bubeníka s názvem Hydrogen (Wikipedie): Hydrogen je velmi vydařený program, který rozhodně nesmí chybět ve výbavě žádného linuxového muzikanta. Umožňuje nejen vytváření jednoduchých bicích doprovodů, ale také sofistikované programování bicích a perkusí, jehož výsledek se naprosto vyrovná drahým

… více »
Ladislav Hagara | Komentářů: 17
23.4. 13:55 | Zajímavý projekt

UPSat (Twitter) je první open source nanodružice (CubeSat). Jedná se o společný projekt nadace Libre Space Foundation a University of Patras. Repozitáře projektu jsou k dispozici na GitHubu. Pod Libre Space Foundation patří také projekt SatNOGS (zprávička), projekt globální sítě open source pozemních satelitních stanic, vítězný projekt soutěže The Hackaday Prize 2014. UPSat je součástí mise QB50 (Twitter). ID UPSatu je GR02. GPS přijímač na UPSatu je od české společnosti SkyFox Labs. Součástí mise QB50 je i česká nanodružice VZLUSAT-1 s ID CZ02.

Ladislav Hagara | Komentářů: 5
21.4. 15:00 | Komunita

V diskusním listu Thunderbird planning vývojáři poštovního klienta Thunderbird řeší, zda by nebylo možné budoucí Thunderbird postavit nad webovými technologiemi, tj. nad Electronem, stejně jako například Nylas Mail. Gecko, nad kterým je Thunderbird postaven, se má hodně změnit. V plánu je odstranění vlastností, které Firefox už nepotřebuje, ale Thunderbird je na nich závislý [Hacker News, reddit].

Ladislav Hagara | Komentářů: 102
Chystáte se pořídit CPU AMD Ryzen?
 (4%)
 (34%)
 (0%)
 (7%)
 (45%)
 (9%)
Celkem 298 hlasů
 Komentářů: 32, poslední včera 12:24
    Rozcestník

    Dotaz: Nefunkční openVPN

    svido avatar 20.1.2015 20:41 svido | skóre: 28
    Nefunkční openVPN
    Přečteno: 315×
    Ahoj, mám problém s OpenVPN. Podle správce sítě by mělo VPN fungovat, ale me prostě nefunguje. V logu je nějaký error, ale nepřišel jsem na to, co ho generuje. Dostal jsem samozřejmě certifikáty a heslo, včetně konfigurace.
    spejbl openVPN # openvpn --config work.ovpn --verb 1
    Tue Jan 20 19:25:26 2015 OpenVPN 2.3.6 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Jan 13 2015
    Tue Jan 20 19:25:26 2015 library versions: OpenSSL 1.0.1l 15 Jan 2015, LZO 2.08
    Enter Private Key Password:
    Tue Jan 20 19:25:29 2015 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
    Tue Jan 20 19:25:29 2015 WARNING: file '/home/hurvajs/certificates/prog92.key' is group or others accessible
    Tue Jan 20 19:25:29 2015 UDPv4 link local: [undef]
    Tue Jan 20 19:25:29 2015 UDPv4 link remote: [AF_INET]176.62.234.2:21194
    Tue Jan 20 19:25:31 2015 [praha.xxxxx.cz] Peer Connection Initiated with [AF_INET]176.62.234.2:21194
    Tue Jan 20 19:25:34 2015 TUN/TAP device tap0 opened
    Tue Jan 20 19:25:34 2015 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
    Tue Jan 20 19:25:34 2015 /bin/ifconfig tap0 192.168.12.59 netmask 255.255.255.0 mtu 1500 broadcast 192.168.12.255
    SIOCADDRT: File exists
    Tue Jan 20 19:25:36 2015 ERROR: Linux route add command failed: external program exited with error status: 7
    Tue Jan 20 19:25:36 2015 Initialization Sequence Completed
    Kolegovi, který používá Ubuntu to také vrací ERROR, ale s kódem 2 a VPN mu údajně funguje.

    Konfigurace, co jsem dostal, zkoušel jsem ji měnit ale ani nic nezabralo. Připojení kk internetu funguje dál, ale na servery uvnitř VPN nevidím.
    client
    #ve win bez cisla, v unixu s cislem(tap0)
    dev tap
    
    proto udp
    
    #adresa serveru
    remote vpn.xxxxx.cz 21194
    
    #dulezite, dovoluje stahnout nastaveni od serveru
    #pull
    
    #route-metric 10
    
    route-delay 2
    
    tls-client # SSL klient
    ca /home/hurvajs/certificates/ca.crt
    cert /home/hurvajs/certificates/prog92.crt
    key /home/hurvajs/certificates/prog92.key
    ns-cert-type server
    auth SHA1
    cipher aes-256-cbc
    nobind
    comp-lzo
    persist-key
    #persist-tun
    verb 5
    Neporadil by jste někdo, prosím? Děkuji

    Odpovědi

    20.1.2015 21:09 GeorgeWH | skóre: 35
    Rozbalit Rozbalit vše Re: Nefunkční openVPN
    tap je pouzite schvalne?

    pouzivam len tun, kde prakticky netreba nic konfigurovat, co sa podla tohto o bridgovani povedat neda...
    svido avatar 20.1.2015 22:08 svido | skóre: 28
    Rozbalit Rozbalit vše Re: Nefunkční openVPN
    Tak mi to poslal správce sítě. Zkoušel jsem dát i tun a nefungovalo to stejně.
    svido avatar 20.1.2015 22:29 svido | skóre: 28
    Rozbalit Rozbalit vše Re: Nefunkční openVPN
    teď jsem ještě zkoušel tun - tak už to padá na hubu rovnou...
    spejbl openVPN # openvpn --config xxxxx.ovpn --verb 2
    Tue Jan 20 21:21:36 2015 OpenVPN 2.3.6 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Jan 13 2015
    Tue Jan 20 21:21:36 2015 library versions: OpenSSL 1.0.1l 15 Jan 2015, LZO 2.08
    Enter Private Key Password:
    Tue Jan 20 21:21:43 2015 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
    Tue Jan 20 21:21:43 2015 WARNING: file '/home/hurvajs/certificates/xxxxx/prog92.key' is group or others accessible
    Tue Jan 20 21:21:43 2015 UDPv4 link local: [undef]
    Tue Jan 20 21:21:43 2015 UDPv4 link remote: [AF_INET]176.62.234.2:21194
    Tue Jan 20 21:21:43 2015 VERIFY OK: depth=1, C=CZ, ST=Czech Republic, L=Prague, O=xxxxx, CN=xxxxx, emailAddress=xxxxx@xxxxx.cz
    Tue Jan 20 21:21:43 2015 VERIFY OK: nsCertType=SERVER
    Tue Jan 20 21:21:43 2015 VERIFY OK: depth=0, C=CZ, ST=Czech Republic, L=Prague, O=xxxxx, CN=xxxxx, emailAddress=xxxxx@xxxxx.cz
    Tue Jan 20 21:21:44 2015 WARNING: 'dev-type' is used inconsistently, local='dev-type tun', remote='dev-type tap'
    Tue Jan 20 21:21:44 2015 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1558', remote='link-mtu 1590'
    Tue Jan 20 21:21:44 2015 WARNING: 'tun-mtu' is used inconsistently, local='tun-mtu 1500', remote='tun-mtu 1532'
    Tue Jan 20 21:21:44 2015 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
    Tue Jan 20 21:21:44 2015 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Tue Jan 20 21:21:44 2015 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
    Tue Jan 20 21:21:44 2015 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Tue Jan 20 21:21:44 2015 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
    Tue Jan 20 21:21:44 2015 [praha.xxxxx.cz] Peer Connection Initiated with [AF_INET]176.62.234.2:21194
    Tue Jan 20 21:21:47 2015 WARNING: Since you are using --dev tun with a point-to-point topology, the second argument to --ifconfig must be an IP address.  You are using something (255.255.255.0) that looks more like a netmask. (silence this warning with --ifconfig-nowarn)
    Tue Jan 20 21:21:47 2015 TUN/TAP device tun0 opened
    Tue Jan 20 21:21:47 2015 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
    Tue Jan 20 21:21:47 2015 /bin/ifconfig tun0 192.168.12.59 pointopoint 255.255.255.0 mtu 1500
    SIOCSIFDSTADDR: Invalid argument
    Tue Jan 20 21:21:47 2015 Linux ifconfig failed: external program exited with error status: 1
    Tue Jan 20 21:21:47 2015 Exiting due to fatal error
    
    Podle mne se to ale bridguje samo, detailní log...
    spejbl openVPN # openvpn --config xxxxx.ovpn --verb 5
    Tue Jan 20 21:26:47 2015 us=614205 Current Parameter Settings:
    Tue Jan 20 21:26:47 2015 us=614241   config = 'xxxxx.ovpn'
    Tue Jan 20 21:26:47 2015 us=614250   mode = 0
    Tue Jan 20 21:26:47 2015 us=614257   persist_config = DISABLED
    Tue Jan 20 21:26:47 2015 us=614264   persist_mode = 1
    Tue Jan 20 21:26:47 2015 us=614270   show_ciphers = DISABLED
    Tue Jan 20 21:26:47 2015 us=614277   show_digests = DISABLED
    Tue Jan 20 21:26:47 2015 us=614284   show_engines = DISABLED
    Tue Jan 20 21:26:47 2015 us=614291   genkey = DISABLED
    Tue Jan 20 21:26:47 2015 us=614298   key_pass_file = '[UNDEF]'
    Tue Jan 20 21:26:47 2015 us=614305   show_tls_ciphers = DISABLED
    Tue Jan 20 21:26:47 2015 us=614312 Connection profiles [default]:
    Tue Jan 20 21:26:47 2015 us=614318   proto = udp
    Tue Jan 20 21:26:47 2015 us=614325   local = '[UNDEF]'
    Tue Jan 20 21:26:47 2015 us=614331   local_port = 0
    Tue Jan 20 21:26:47 2015 us=614338   remote = 'vpn.xxxxx.cz'
    Tue Jan 20 21:26:47 2015 us=614345   remote_port = 21194
    Tue Jan 20 21:26:47 2015 us=614351   remote_float = DISABLED
    Tue Jan 20 21:26:47 2015 us=614357   bind_defined = DISABLED
    Tue Jan 20 21:26:47 2015 us=614363   bind_local = DISABLED
    Tue Jan 20 21:26:47 2015 us=614370   connect_retry_seconds = 5
    Tue Jan 20 21:26:47 2015 us=614377   connect_timeout = 10
    Tue Jan 20 21:26:47 2015 us=614383   connect_retry_max = 0
    Tue Jan 20 21:26:47 2015 us=614390   socks_proxy_server = '[UNDEF]'
    Tue Jan 20 21:26:47 2015 us=614397   socks_proxy_port = 0
    Tue Jan 20 21:26:47 2015 us=614403   socks_proxy_retry = DISABLED
    Tue Jan 20 21:26:47 2015 us=614410   tun_mtu = 1500
    Tue Jan 20 21:26:47 2015 us=614416   tun_mtu_defined = ENABLED
    Tue Jan 20 21:26:47 2015 us=614422   link_mtu = 1500
    Tue Jan 20 21:26:47 2015 us=614429   link_mtu_defined = DISABLED
    Tue Jan 20 21:26:47 2015 us=614435   tun_mtu_extra = 32
    Tue Jan 20 21:26:47 2015 us=614442   tun_mtu_extra_defined = ENABLED
    Tue Jan 20 21:26:47 2015 us=614449   mtu_discover_type = -1
    Tue Jan 20 21:26:47 2015 us=614455   fragment = 0
    Tue Jan 20 21:26:47 2015 us=614461   mssfix = 1450
    Tue Jan 20 21:26:47 2015 us=614468   explicit_exit_notification = 0
    Tue Jan 20 21:26:47 2015 us=614474 Connection profiles END
    Tue Jan 20 21:26:47 2015 us=614480   remote_random = DISABLED
    Tue Jan 20 21:26:47 2015 us=614486   ipchange = '[UNDEF]'
    Tue Jan 20 21:26:47 2015 us=614493   dev = 'tap'
    Tue Jan 20 21:26:47 2015 us=614499   dev_type = '[UNDEF]'
    Tue Jan 20 21:26:47 2015 us=614505   dev_node = '[UNDEF]'
    Tue Jan 20 21:26:47 2015 us=614511   lladdr = '[UNDEF]'
    Tue Jan 20 21:26:47 2015 us=614518   topology = 1
    Tue Jan 20 21:26:47 2015 us=614524   tun_ipv6 = DISABLED
    Tue Jan 20 21:26:47 2015 us=614530   ifconfig_local = '[UNDEF]'
    Tue Jan 20 21:26:47 2015 us=614537   ifconfig_remote_netmask = '[UNDEF]'
    Tue Jan 20 21:26:47 2015 us=614544   ifconfig_noexec = DISABLED
    Tue Jan 20 21:26:47 2015 us=614550   ifconfig_nowarn = DISABLED
    Tue Jan 20 21:26:47 2015 us=614557   ifconfig_ipv6_local = '[UNDEF]'
    Tue Jan 20 21:26:47 2015 us=614568   ifconfig_ipv6_netbits = 0
    Tue Jan 20 21:26:47 2015 us=614575   ifconfig_ipv6_remote = '[UNDEF]'
    Tue Jan 20 21:26:47 2015 us=614582   shaper = 0
    Tue Jan 20 21:26:47 2015 us=614588   mtu_test = 0
    Tue Jan 20 21:26:47 2015 us=614594   mlock = DISABLED
    Tue Jan 20 21:26:47 2015 us=614601   keepalive_ping = 0
    Tue Jan 20 21:26:47 2015 us=614609   keepalive_timeout = 0
    Tue Jan 20 21:26:47 2015 us=614617   inactivity_timeout = 0
    Tue Jan 20 21:26:47 2015 us=614623   ping_send_timeout = 0
    Tue Jan 20 21:26:47 2015 us=614629   ping_rec_timeout = 0
    Tue Jan 20 21:26:47 2015 us=614636   ping_rec_timeout_action = 0
    Tue Jan 20 21:26:47 2015 us=614642   ping_timer_remote = DISABLED
    Tue Jan 20 21:26:47 2015 us=614649   remap_sigusr1 = 0
    Tue Jan 20 21:26:47 2015 us=614655   persist_tun = DISABLED
    Tue Jan 20 21:26:47 2015 us=614661   persist_local_ip = DISABLED
    Tue Jan 20 21:26:47 2015 us=614668   persist_remote_ip = DISABLED
    Tue Jan 20 21:26:47 2015 us=614675   persist_key = ENABLED
    Tue Jan 20 21:26:47 2015 us=614681   passtos = DISABLED
    Tue Jan 20 21:26:47 2015 us=614688   resolve_retry_seconds = 1000000000
    Tue Jan 20 21:26:47 2015 us=614694   username = '[UNDEF]'
    Tue Jan 20 21:26:47 2015 us=614700   groupname = '[UNDEF]'
    Tue Jan 20 21:26:47 2015 us=614707   chroot_dir = '[UNDEF]'
    Tue Jan 20 21:26:47 2015 us=614713   cd_dir = '[UNDEF]'
    Tue Jan 20 21:26:47 2015 us=614719   writepid = '[UNDEF]'
    Tue Jan 20 21:26:47 2015 us=614725   up_script = '[UNDEF]'
    Tue Jan 20 21:26:47 2015 us=614732   down_script = '[UNDEF]'
    Tue Jan 20 21:26:47 2015 us=614738   down_pre = DISABLED
    Tue Jan 20 21:26:47 2015 us=614745   up_restart = DISABLED
    Tue Jan 20 21:26:47 2015 us=614751   up_delay = DISABLED
    Tue Jan 20 21:26:47 2015 us=614758   daemon = DISABLED
    Tue Jan 20 21:26:47 2015 us=614764   inetd = 0
    Tue Jan 20 21:26:47 2015 us=614770   log = DISABLED
    Tue Jan 20 21:26:47 2015 us=614777   suppress_timestamps = DISABLED
    Tue Jan 20 21:26:47 2015 us=614783   nice = 0
    Tue Jan 20 21:26:47 2015 us=614790   verbosity = 5
    Tue Jan 20 21:26:47 2015 us=614796   mute = 0
    Tue Jan 20 21:26:47 2015 us=614803   gremlin = 0
    Tue Jan 20 21:26:47 2015 us=614809   status_file = '[UNDEF]'
    Tue Jan 20 21:26:47 2015 us=614815   status_file_version = 1
    Tue Jan 20 21:26:47 2015 us=614822   status_file_update_freq = 60
    Tue Jan 20 21:26:47 2015 us=614832   occ = ENABLED
    Tue Jan 20 21:26:47 2015 us=614838   rcvbuf = 65536
    Tue Jan 20 21:26:47 2015 us=614845   sndbuf = 65536
    Tue Jan 20 21:26:47 2015 us=614851   mark = 0
    Tue Jan 20 21:26:47 2015 us=614857   sockflags = 0
    Tue Jan 20 21:26:47 2015 us=614863   fast_io = DISABLED
    Tue Jan 20 21:26:47 2015 us=614870   lzo = 7
    Tue Jan 20 21:26:47 2015 us=614876   route_script = '[UNDEF]'
    Tue Jan 20 21:26:47 2015 us=614882   route_default_gateway = '[UNDEF]'
    Tue Jan 20 21:26:47 2015 us=614889   route_default_metric = 0
    Tue Jan 20 21:26:47 2015 us=614896   route_noexec = DISABLED
    Tue Jan 20 21:26:47 2015 us=614904   route_delay = 10
    Tue Jan 20 21:26:47 2015 us=614911   route_delay_window = 30
    Tue Jan 20 21:26:47 2015 us=614918   route_delay_defined = ENABLED
    Tue Jan 20 21:26:47 2015 us=614932   route_nopull = DISABLED
    Tue Jan 20 21:26:47 2015 us=614944   route_gateway_via_dhcp = DISABLED
    Tue Jan 20 21:26:47 2015 us=614953   max_routes = 100
    Tue Jan 20 21:26:47 2015 us=614960   allow_pull_fqdn = DISABLED
    Tue Jan 20 21:26:47 2015 us=614967   management_addr = '[UNDEF]'
    Tue Jan 20 21:26:47 2015 us=614974   management_port = 0
    Tue Jan 20 21:26:47 2015 us=614980   management_user_pass = '[UNDEF]'
    Tue Jan 20 21:26:47 2015 us=614987   management_log_history_cache = 250
    Tue Jan 20 21:26:47 2015 us=614993   management_echo_buffer_size = 100
    Tue Jan 20 21:26:47 2015 us=615000   management_write_peer_info_file = '[UNDEF]'
    Tue Jan 20 21:26:47 2015 us=615007   management_client_user = '[UNDEF]'
    Tue Jan 20 21:26:47 2015 us=615014   management_client_group = '[UNDEF]'
    Tue Jan 20 21:26:47 2015 us=615020   management_flags = 0
    Tue Jan 20 21:26:47 2015 us=615027   shared_secret_file = '[UNDEF]'
    Tue Jan 20 21:26:47 2015 us=615033   key_direction = 0
    Tue Jan 20 21:26:47 2015 us=615040   ciphername_defined = ENABLED
    Tue Jan 20 21:26:47 2015 us=615047   ciphername = 'aes-256-cbc'
    Tue Jan 20 21:26:47 2015 us=615053   authname_defined = ENABLED
    Tue Jan 20 21:26:47 2015 us=615060   authname = 'SHA1'
    Tue Jan 20 21:26:47 2015 us=615066   prng_hash = 'SHA1'
    Tue Jan 20 21:26:47 2015 us=615073   prng_nonce_secret_len = 16
    Tue Jan 20 21:26:47 2015 us=615079   keysize = 0
    Tue Jan 20 21:26:47 2015 us=615086   engine = DISABLED
    Tue Jan 20 21:26:47 2015 us=615093   replay = ENABLED
    Tue Jan 20 21:26:47 2015 us=615099   mute_replay_warnings = DISABLED
    Tue Jan 20 21:26:47 2015 us=615106   replay_window = 64
    Tue Jan 20 21:26:47 2015 us=615112   replay_time = 15
    Tue Jan 20 21:26:47 2015 us=615119   packet_id_file = '[UNDEF]'
    Tue Jan 20 21:26:47 2015 us=615126   use_iv = ENABLED
    Tue Jan 20 21:26:47 2015 us=615132   test_crypto = DISABLED
    Tue Jan 20 21:26:47 2015 us=615138   tls_server = DISABLED
    Tue Jan 20 21:26:47 2015 us=615145   tls_client = ENABLED
    Tue Jan 20 21:26:47 2015 us=615151   key_method = 2
    Tue Jan 20 21:26:47 2015 us=615158   ca_file = '/home/hurvajs/certificates/xxxxx/ca.crt'
    Tue Jan 20 21:26:47 2015 us=615164   ca_path = '[UNDEF]'
    Tue Jan 20 21:26:47 2015 us=615171   dh_file = '[UNDEF]'
    Tue Jan 20 21:26:47 2015 us=615182   cert_file = '/home/hurvajs/certificates/xxxxx/prog92.crt'
    Tue Jan 20 21:26:47 2015 us=615189   priv_key_file = '/home/hurvajs/certificates/xxxxx/prog92.key'
    Tue Jan 20 21:26:47 2015 us=615195   pkcs12_file = '[UNDEF]'
    Tue Jan 20 21:26:47 2015 us=615202   cipher_list = '[UNDEF]'
    Tue Jan 20 21:26:47 2015 us=615218   tls_verify = '[UNDEF]'
    Tue Jan 20 21:26:47 2015 us=615223   tls_export_cert = '[UNDEF]'
    Tue Jan 20 21:26:47 2015 us=615229   verify_x509_type = 0
    Tue Jan 20 21:26:47 2015 us=615235   verify_x509_name = '[UNDEF]'
    Tue Jan 20 21:26:47 2015 us=615240   crl_file = '[UNDEF]'
    Tue Jan 20 21:26:47 2015 us=615246   ns_cert_type = 1
    Tue Jan 20 21:26:47 2015 us=615251   remote_cert_ku[i] = 0
    Tue Jan 20 21:26:47 2015 us=615257   remote_cert_ku[i] = 0
    Tue Jan 20 21:26:47 2015 us=615262   remote_cert_ku[i] = 0
    Tue Jan 20 21:26:47 2015 us=615268   remote_cert_ku[i] = 0
    Tue Jan 20 21:26:47 2015 us=615273   remote_cert_ku[i] = 0
    Tue Jan 20 21:26:47 2015 us=615278   remote_cert_ku[i] = 0
    Tue Jan 20 21:26:47 2015 us=615284   remote_cert_ku[i] = 0
    Tue Jan 20 21:26:47 2015 us=615289   remote_cert_ku[i] = 0
    Tue Jan 20 21:26:47 2015 us=615295   remote_cert_ku[i] = 0
    Tue Jan 20 21:26:47 2015 us=615300   remote_cert_ku[i] = 0
    Tue Jan 20 21:26:47 2015 us=615305   remote_cert_ku[i] = 0
    Tue Jan 20 21:26:47 2015 us=615311   remote_cert_ku[i] = 0
    Tue Jan 20 21:26:47 2015 us=615316   remote_cert_ku[i] = 0
    Tue Jan 20 21:26:47 2015 us=615321   remote_cert_ku[i] = 0
    Tue Jan 20 21:26:47 2015 us=615327   remote_cert_ku[i] = 0
    Tue Jan 20 21:26:47 2015 us=615332   remote_cert_ku[i] = 0
    Tue Jan 20 21:26:47 2015 us=615338   remote_cert_eku = '[UNDEF]'
    Tue Jan 20 21:26:47 2015 us=615343   ssl_flags = 0
    Tue Jan 20 21:26:47 2015 us=615348   tls_timeout = 2
    Tue Jan 20 21:26:47 2015 us=615354   renegotiate_bytes = 0
    Tue Jan 20 21:26:47 2015 us=615359   renegotiate_packets = 0
    Tue Jan 20 21:26:47 2015 us=615365   renegotiate_seconds = 3600
    Tue Jan 20 21:26:47 2015 us=615370   handshake_window = 60
    Tue Jan 20 21:26:47 2015 us=615376   transition_window = 3600
    Tue Jan 20 21:26:47 2015 us=615381   single_session = DISABLED
    Tue Jan 20 21:26:47 2015 us=615387   push_peer_info = DISABLED
    Tue Jan 20 21:26:47 2015 us=615392   tls_exit = DISABLED
    Tue Jan 20 21:26:47 2015 us=615398   tls_auth_file = '[UNDEF]'
    Tue Jan 20 21:26:47 2015 us=615405   server_network = 0.0.0.0
    Tue Jan 20 21:26:47 2015 us=615411   server_netmask = 0.0.0.0
    Tue Jan 20 21:26:47 2015 us=615421   server_network_ipv6 = ::
    Tue Jan 20 21:26:47 2015 us=615427   server_netbits_ipv6 = 0
    Tue Jan 20 21:26:47 2015 us=615433   server_bridge_ip = 0.0.0.0
    Tue Jan 20 21:26:47 2015 us=615440   server_bridge_netmask = 0.0.0.0
    Tue Jan 20 21:26:47 2015 us=615445   server_bridge_pool_start = 0.0.0.0
    Tue Jan 20 21:26:47 2015 us=615451   server_bridge_pool_end = 0.0.0.0
    Tue Jan 20 21:26:47 2015 us=615457   ifconfig_pool_defined = DISABLED
    Tue Jan 20 21:26:47 2015 us=615463   ifconfig_pool_start = 0.0.0.0
    Tue Jan 20 21:26:47 2015 us=615469   ifconfig_pool_end = 0.0.0.0
    Tue Jan 20 21:26:47 2015 us=615475   ifconfig_pool_netmask = 0.0.0.0
    Tue Jan 20 21:26:47 2015 us=615481   ifconfig_pool_persist_filename = '[UNDEF]'
    Tue Jan 20 21:26:47 2015 us=615487   ifconfig_pool_persist_refresh_freq = 600
    Tue Jan 20 21:26:47 2015 us=615493   ifconfig_ipv6_pool_defined = DISABLED
    Tue Jan 20 21:26:47 2015 us=615499   ifconfig_ipv6_pool_base = ::
    Tue Jan 20 21:26:47 2015 us=615504   ifconfig_ipv6_pool_netbits = 0
    Tue Jan 20 21:26:47 2015 us=615510   n_bcast_buf = 256
    Tue Jan 20 21:26:47 2015 us=615515   tcp_queue_limit = 64
    Tue Jan 20 21:26:47 2015 us=615521   real_hash_size = 256
    Tue Jan 20 21:26:47 2015 us=615526   virtual_hash_size = 256
    Tue Jan 20 21:26:47 2015 us=615532   client_connect_script = '[UNDEF]'
    Tue Jan 20 21:26:47 2015 us=615537   learn_address_script = '[UNDEF]'
    Tue Jan 20 21:26:47 2015 us=615543   client_disconnect_script = '[UNDEF]'
    Tue Jan 20 21:26:47 2015 us=615548   client_config_dir = '[UNDEF]'
    Tue Jan 20 21:26:47 2015 us=615554   ccd_exclusive = DISABLED
    Tue Jan 20 21:26:47 2015 us=615559   tmp_dir = '/tmp'
    Tue Jan 20 21:26:47 2015 us=615565   push_ifconfig_defined = DISABLED
    Tue Jan 20 21:26:47 2015 us=615571   push_ifconfig_local = 0.0.0.0
    Tue Jan 20 21:26:47 2015 us=615577   push_ifconfig_remote_netmask = 0.0.0.0
    Tue Jan 20 21:26:47 2015 us=615582   push_ifconfig_ipv6_defined = DISABLED
    Tue Jan 20 21:26:47 2015 us=615588   push_ifconfig_ipv6_local = ::/0
    Tue Jan 20 21:26:47 2015 us=615594   push_ifconfig_ipv6_remote = ::
    Tue Jan 20 21:26:47 2015 us=615600   enable_c2c = DISABLED
    Tue Jan 20 21:26:47 2015 us=615606   duplicate_cn = DISABLED
    Tue Jan 20 21:26:47 2015 us=615611   cf_max = 0
    Tue Jan 20 21:26:47 2015 us=615616   cf_per = 0
    Tue Jan 20 21:26:47 2015 us=615622   max_clients = 1024
    Tue Jan 20 21:26:47 2015 us=615627   max_routes_per_client = 256
    Tue Jan 20 21:26:47 2015 us=615633   auth_user_pass_verify_script = '[UNDEF]'
    Tue Jan 20 21:26:47 2015 us=615639   auth_user_pass_verify_script_via_file = DISABLED
    Tue Jan 20 21:26:47 2015 us=615645   port_share_host = '[UNDEF]'
    Tue Jan 20 21:26:47 2015 us=615651   port_share_port = 0
    Tue Jan 20 21:26:47 2015 us=615657   client = ENABLED
    Tue Jan 20 21:26:47 2015 us=615662   pull = ENABLED
    Tue Jan 20 21:26:47 2015 us=615669   auth_user_pass_file = '[UNDEF]'
    Tue Jan 20 21:26:47 2015 us=615675 OpenVPN 2.3.6 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Jan 13 2015
    Tue Jan 20 21:26:47 2015 us=615685 library versions: OpenSSL 1.0.1l 15 Jan 2015, LZO 2.08
    Enter Private Key Password:
    Tue Jan 20 21:26:49 2015 us=571480 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
    Tue Jan 20 21:26:49 2015 us=571687 WARNING: file '/home/hurvajs/certificates/xxxxx/prog92.key' is group or others accessible
    Tue Jan 20 21:26:49 2015 us=572081 LZO compression initialized
    Tue Jan 20 21:26:49 2015 us=572216 Control Channel MTU parms [ L:1590 D:138 EF:38 EB:0 ET:0 EL:0 ]
    Tue Jan 20 21:26:49 2015 us=572275 Socket Buffers: R=[212992->131072] S=[212992->131072]
    Tue Jan 20 21:26:49 2015 us=624119 Data Channel MTU parms [ L:1590 D:1450 EF:58 EB:135 ET:32 EL:0 AF:3/1 ]
    Tue Jan 20 21:26:49 2015 us=624167 Local Options String: 'V4,dev-type tap,link-mtu 1590,tun-mtu 1532,proto UDPv4,comp-lzo,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-client'
    Tue Jan 20 21:26:49 2015 us=624175 Expected Remote Options String: 'V4,dev-type tap,link-mtu 1590,tun-mtu 1532,proto UDPv4,comp-lzo,cipher AES-256-CBC,auth SHA1,keysize 256,key-method 2,tls-server'
    Tue Jan 20 21:26:49 2015 us=624192 Local Options hash (VER=V4): 'c6c7c21a'
    Tue Jan 20 21:26:49 2015 us=624202 Expected Remote Options hash (VER=V4): '1a6d5c5d'
    Tue Jan 20 21:26:49 2015 us=624213 UDPv4 link local: [undef]
    Tue Jan 20 21:26:49 2015 us=624222 UDPv4 link remote: [AF_INET]176.62.234.2:21194
    WRTue Jan 20 21:26:49 2015 us=671547 TLS: Initial packet from [AF_INET]176.62.234.2:21194, sid=1ae9aec5 ba101435
    WWWRRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRWRTue Jan 20 21:26:49 2015 us=968866 VERIFY OK: depth=1, C=CZ, ST=Czech Republic, L=Prague, O=xxxxx, CN=xxxxx, emailAddress=xxxxx@xxxxx.cz
    Tue Jan 20 21:26:49 2015 us=969145 VERIFY OK: nsCertType=SERVER
    Tue Jan 20 21:26:49 2015 us=969162 VERIFY OK: depth=0, C=CZ, ST=Czech Republic, L=Prague, O=xxxxx, CN=praha.xxxxx.cz, emailAddress=xxxxx@xxxxx.cz
    WRWRWRWRWRWRWWWWRRRWWRWWRRRRWWWWRRRRWWWWRRRRWWWWRWRRRWWWRRRWRWWWRRRRWRWRTue Jan 20 21:26:50 2015 us=428105 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
    Tue Jan 20 21:26:50 2015 us=428125 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Tue Jan 20 21:26:50 2015 us=428131 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
    Tue Jan 20 21:26:50 2015 us=428136 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    WTue Jan 20 21:26:50 2015 us=428173 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
    Tue Jan 20 21:26:50 2015 us=428191 [praha.xxxxx.cz] Peer Connection Initiated with [AF_INET]176.62.234.2:21194
    Tue Jan 20 21:26:52 2015 us=781808 SENT CONTROL [praha.xxxxx.cz]: 'PUSH_REQUEST' (status=1)
    WRRWRWRWRWRWRWRRRWRWRWRWRTue Jan 20 21:26:56 2015 us=901120 PUSH: Received control message: 'PUSH_REPLY,route 192.168.3.0 255.255.255.0,route 192.168.5.0 255.255.255.0,route 192.168.100.0 255.255.255.0,route 192.168.101.0 255.255.255.0,route 192.168.102.0 255.255.255.0,route 176.62.234.14 255.255.255.255,route 195.250.149.128 255.255.255.192,route 77.93.217.64 255.255.255.192,route 178.238.38.128 255.255.255.192,route 77.93.222.8 255.255.255.252,route 195.122.208.0 255.255.255.240,route 195.122.208.128 255.255.255.224,route 188.120.192.44 255.255.255.255,route 188.120.196.48 255.255.255.240,route 64.14.225.0 255.255.255.0,route 64.14.236.228 255.255.255.255,route 216.33.74.9 255.255.255.255,route 216.64.211.84 255.255.255.255,route 216.64.211.196 255.255.255.255,route 216.35.168.0 255.255.255.0,route 216.35.169.215 255.255.255.255,route 216.64.208.119 255.255.255.255,route 216.64.208.196 255.255.255.255,route 216.64.209.4 255.255.255.255,route 216.64.209.51 255.255.255.255,route 216.64.209.52 255.255.255.255,push-continuation 2'
    WRWRWRWRWRWRWRWRWRWRTue Jan 20 21:26:57 2015 us=224128 PUSH: Received control message: 'PUSH_REPLY,route 212.41.251.141 255.255.255.255,route 216.64.211.4 255.255.255.255,route 93.185.101.130 255.255.255.255,route 92.62.231.50 255.255.255.255,route 82.208.49.228 255.255.255.255,route 82.208.14.140 255.255.255.255,route 194.228.175.203 255.255.255.255,route 194.228.175.218 255.255.255.255,route 194.228.175.223 255.255.255.255,route 194.228.175.242 255.255.255.255,route 5.79.12.121 255.255.255.255,route 5.79.61.226 255.255.255.255,route 5.79.9.110 255.255.255.255,route 5.79.9.111 255.255.255.255,route 176.62.234.6 255.255.255.255,route 90.176.150.210 255.255.255.255,route 90.176.150.211 255.255.255.255,route 81.0.231.81 255.255.255.255,route 81.0.231.82 255.255.255.255,route 81.0.231.83 255.255.255.255,route 81.0.231.84 255.255.255.255,route 217.11.236.225 255.255.255.255,route 77.93.219.184 255.255.255.255,route 77.93.219.185 255.255.255.255,route 62.77.114.18 255.255.255.255,route 90.182.205.232 255.255.255.255,push-continuation 2'
    WRWRWRWRWRWRWRWRTue Jan 20 21:26:57 2015 us=353850 PUSH: Received control message: 'PUSH_REPLY,route 90.182.205.243 255.255.255.255,route 54.194.15.77 255.255.255.255,route 54.194.150.200 255.255.255.255,route 54.194.189.101 255.255.255.255,route 54.229.184.75 255.255.255.255,route 72.21.203.197 255.255.255.255,route 176.34.147.136 255.255.255.255,route 176.34.149.93 255.255.255.255,route 176.34.149.183 255.255.255.255,route 176.34.150.14 255.255.255.255,route 176.34.155.53 255.255.255.255,route 194.203.40.19 255.255.255.255,route 194.203.40.142 255.255.255.255,route 54.229.184.75 255.255.255.255,route 88.86.101.58 255.255.255.255,route 77.78.101.2 255.255.255.255,route-gateway 192.168.12.1,ping 10,ping-restart 120,ifconfig 192.168.12.59 255.255.255.0,push-continuation 1'
    Tue Jan 20 21:26:57 2015 us=354120 OPTIONS IMPORT: timers and/or timeouts modified
    Tue Jan 20 21:26:57 2015 us=354147 OPTIONS IMPORT: --ifconfig/up options modified
    Tue Jan 20 21:26:57 2015 us=354160 OPTIONS IMPORT: route options modified
    Tue Jan 20 21:26:57 2015 us=354171 OPTIONS IMPORT: route-related options modified
    Tue Jan 20 21:26:57 2015 us=354425 ROUTE_GATEWAY 192.168.2.1/255.255.255.0 IFACE=enp3s0 HWADDR=28:d2:44:cc:92:44
    Tue Jan 20 21:26:57 2015 us=357137 TUN/TAP device tap0 opened
    Tue Jan 20 21:26:57 2015 us=357324 TUN/TAP TX queue length set to 100
    Tue Jan 20 21:26:57 2015 us=357441 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
    Tue Jan 20 21:26:57 2015 us=357582 /bin/ifconfig tap0 192.168.12.59 netmask 255.255.255.0 mtu 1500 broadcast 192.168.12.255
    WrWrWrWrWrWrWrWRwrWRwRwRwRTue Jan 20 21:26:59 2015 us=762690 PID_ERR replay-window backtrack occurred [1] [SSL-0] [0_0__0044] 0:9 0:8 t=1421789219[0] r=[-4,64,15,1,1] sl=[55,9,64,528]
    wRwRTue Jan 20 21:26:59 2015 us=762733 PID_ERR replay-window backtrack occurred [6] [SSL-0] [0_000__0044] 0:11 0:5 t=1421789219[0] r=[-4,64,15,6,1] sl=[53,11,64,528]
    wRwRwRwRwRwRwRwrWRwRwrWTue Jan 20 21:27:07 2015 us=648205 /bin/route add -net 192.168.3.0 netmask 255.255.255.0 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=648981 /bin/route add -net 192.168.5.0 netmask 255.255.255.0 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=649612 /bin/route add -net 192.168.100.0 netmask 255.255.255.0 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=650644 /bin/route add -net 192.168.101.0 netmask 255.255.255.0 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=651359 /bin/route add -net 192.168.102.0 netmask 255.255.255.0 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=652509 /bin/route add -net 176.62.234.14 netmask 255.255.255.255 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=653297 /bin/route add -net 195.250.149.128 netmask 255.255.255.192 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=654158 /bin/route add -net 77.93.217.64 netmask 255.255.255.192 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=654939 /bin/route add -net 178.238.38.128 netmask 255.255.255.192 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=655680 /bin/route add -net 77.93.222.8 netmask 255.255.255.252 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=656429 /bin/route add -net 195.122.208.0 netmask 255.255.255.240 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=657129 /bin/route add -net 195.122.208.128 netmask 255.255.255.224 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=657812 /bin/route add -net 188.120.192.44 netmask 255.255.255.255 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=658493 /bin/route add -net 188.120.196.48 netmask 255.255.255.240 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=659166 /bin/route add -net 64.14.225.0 netmask 255.255.255.0 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=659841 /bin/route add -net 64.14.236.228 netmask 255.255.255.255 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=660369 /bin/route add -net 216.33.74.9 netmask 255.255.255.255 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=661095 /bin/route add -net 216.64.211.84 netmask 255.255.255.255 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=661815 /bin/route add -net 216.64.211.196 netmask 255.255.255.255 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=662559 /bin/route add -net 216.35.168.0 netmask 255.255.255.0 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=663348 /bin/route add -net 216.35.169.215 netmask 255.255.255.255 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=664226 /bin/route add -net 216.64.208.119 netmask 255.255.255.255 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=665204 /bin/route add -net 216.64.208.196 netmask 255.255.255.255 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=665959 /bin/route add -net 216.64.209.4 netmask 255.255.255.255 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=666644 /bin/route add -net 216.64.209.51 netmask 255.255.255.255 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=667336 /bin/route add -net 216.64.209.52 netmask 255.255.255.255 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=668154 /bin/route add -net 212.41.251.141 netmask 255.255.255.255 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=669373 /bin/route add -net 216.64.211.4 netmask 255.255.255.255 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=670393 /bin/route add -net 93.185.101.130 netmask 255.255.255.255 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=671129 /bin/route add -net 92.62.231.50 netmask 255.255.255.255 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=671809 /bin/route add -net 82.208.49.228 netmask 255.255.255.255 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=672458 /bin/route add -net 82.208.14.140 netmask 255.255.255.255 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=673147 /bin/route add -net 194.228.175.203 netmask 255.255.255.255 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=673841 /bin/route add -net 194.228.175.218 netmask 255.255.255.255 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=674526 /bin/route add -net 194.228.175.223 netmask 255.255.255.255 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=675199 /bin/route add -net 194.228.175.242 netmask 255.255.255.255 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=675862 /bin/route add -net 5.79.12.121 netmask 255.255.255.255 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=676582 /bin/route add -net 5.79.61.226 netmask 255.255.255.255 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=677290 /bin/route add -net 5.79.9.110 netmask 255.255.255.255 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=678025 /bin/route add -net 5.79.9.111 netmask 255.255.255.255 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=678655 /bin/route add -net 176.62.234.6 netmask 255.255.255.255 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=679328 /bin/route add -net 90.176.150.210 netmask 255.255.255.255 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=679974 /bin/route add -net 90.176.150.211 netmask 255.255.255.255 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=680824 /bin/route add -net 81.0.231.81 netmask 255.255.255.255 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=681550 /bin/route add -net 81.0.231.82 netmask 255.255.255.255 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=682254 /bin/route add -net 81.0.231.83 netmask 255.255.255.255 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=682958 /bin/route add -net 81.0.231.84 netmask 255.255.255.255 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=684191 /bin/route add -net 217.11.236.225 netmask 255.255.255.255 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=684819 /bin/route add -net 77.93.219.184 netmask 255.255.255.255 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=685477 /bin/route add -net 77.93.219.185 netmask 255.255.255.255 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=686146 /bin/route add -net 62.77.114.18 netmask 255.255.255.255 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=686771 /bin/route add -net 90.182.205.232 netmask 255.255.255.255 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=687397 /bin/route add -net 90.182.205.243 netmask 255.255.255.255 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=688068 /bin/route add -net 54.194.15.77 netmask 255.255.255.255 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=688753 /bin/route add -net 54.194.150.200 netmask 255.255.255.255 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=689389 /bin/route add -net 54.194.189.101 netmask 255.255.255.255 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=690039 /bin/route add -net 54.229.184.75 netmask 255.255.255.255 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=690700 /bin/route add -net 72.21.203.197 netmask 255.255.255.255 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=691579 /bin/route add -net 176.34.147.136 netmask 255.255.255.255 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=692289 /bin/route add -net 176.34.149.93 netmask 255.255.255.255 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=693005 /bin/route add -net 176.34.149.183 netmask 255.255.255.255 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=693698 /bin/route add -net 176.34.150.14 netmask 255.255.255.255 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=694438 /bin/route add -net 176.34.155.53 netmask 255.255.255.255 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=695128 /bin/route add -net 194.203.40.19 netmask 255.255.255.255 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=695794 /bin/route add -net 194.203.40.142 netmask 255.255.255.255 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=696457 /bin/route add -net 54.229.184.75 netmask 255.255.255.255 gw 192.168.12.1
    SIOCADDRT: File exists
    Tue Jan 20 21:27:07 2015 us=697141 ERROR: Linux route add command failed: external program exited with error status: 7
    Tue Jan 20 21:27:07 2015 us=697176 /bin/route add -net 88.86.101.58 netmask 255.255.255.255 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=697835 /bin/route add -net 77.78.101.2 netmask 255.255.255.255 gw 192.168.12.1
    Tue Jan 20 21:27:07 2015 us=698430 Initialization Sequence Completed
    
    20.1.2015 21:25 creon | skóre: 18 | blog: creonsnotes
    Rozbalit Rozbalit vše Re: Nefunkční openVPN
    pod kterym uzivatelem se spousti VPN?
    svido avatar 20.1.2015 22:09 svido | skóre: 28
    Rozbalit Rozbalit vše Re: Nefunkční openVPN
    Pod rootem. Zkoušel jsem Ing konfigu přidat nobody, nepomohlo to
    20.1.2015 22:26 Matlák
    Rozbalit Rozbalit vše Re: Nefunkční openVPN
    ....
    Tue Jan 20 19:25:34 2015 /bin/ifconfig tap0 192.168.12.59 netmask 255.255.255.0 mtu 1500 broadcast 192.168.12.255
    SIOCADDRT: File exists
    Tue Jan 20 19:25:36 2015 ERROR: Linux route add command failed: external program exited with error status: 7
    ....
    
    Podle toho výpisu jste připojen... Možná by to chtělo po spuštění openvpn jen zkontrolovat, jestli se jde dostat do té sítě 192.168.12.0/24. A routy vypíšete třeba příkazem
    ip r show
    20.1.2015 22:29 Matlák
    Rozbalit Rozbalit vše Re: Nefunkční openVPN
    Připojení kk internetu funguje dál, ale na servery uvnitř VPN nevidím.

    Jaké to jsou servery? Mají taky adresy z rozsahu 192.168.12.0/24 ? Nebo jsou úplně někde jinde, a v té síti je jen nějaká brána k nim?
    20.1.2015 22:33 Matlák
    Rozbalit Rozbalit vše Re: Nefunkční openVPN
    Aha tak podle přiloženého výpisu to vypadá že brána je 192.168.12.1 a ty servery by tam měly být (měly by jít pingnout podle IP adresy). Zkusil bych nejdřív zkusit tu bránu a pak některý z těch serverů...
    svido avatar 20.1.2015 22:42 svido | skóre: 28
    Rozbalit Rozbalit vše Re: Nefunkční openVPN
    jasně, to je můj domácí switch. Z něj to přes Wi-Fi router leze providerovi. Moje domácí sít je 192.168.2.0/24 a brána je: 192.168.2.1

    Sít funguje. Nejde jen vlastní VPN, resp. servery co bych měl vidět díky VPN nevidím.
    21.1.2015 06:19 Matlák
    Rozbalit Rozbalit vše Re: Nefunkční openVPN
    Myslel jsem síť 192.168.12.0/24. Že je VPN připojená do této sítě je vidět ve výpisu logu:
    Tue Jan 20 19:25:34 2015 /bin/ifconfig tap0 192.168.12.59 netmask 255.255.255.0 mtu 1500 broadcast 192.168.12.255
    
    Je logické, že ta síť je v privátním rozsahu, přeci jen je to virtuální privátní síť...
    svido avatar 20.1.2015 22:39 svido | skóre: 28
    Rozbalit Rozbalit vše Re: Nefunkční openVPN
    tohle je development server, který by měl být v naší interní síti. Možná je jen chybná konfigurace na serveru, zkoušel jsem trace a po čase skončím...
    spejbl ~ # tracepath 46.28.107.243
     1?: [LOCALHOST]                                         pmtu 1500
     1:  192.168.2.1                                           0.506ms
     1:  192.168.2.1                                           0.397ms
     2:  10.19.17.49                                           2.215ms
     3:  10.19.17.1                                            7.597ms
     4:  10.19.0.33                                          477.296ms
     5:  10.1.0.1                                             91.885ms
     6:  10.0.90.14                                           46.560ms
     7:  2.144.230.94.awnet.cz                                21.168ms
     8:  gw-78-24-8-201.vshosting.cz                          79.700ms asymm  9
     9:  gw-vshsitpeer.kaora.cz                               23.657ms asymm 10
    10:  wedos-sitel.kaora.cz                                 50.223ms asymm 11
    11:  r12-a.wedos.net                                      45.235ms asymm 12
    12:  no reply
    13:  no reply
    14:  no reply
    15:  no reply
    Toto je stage server, který je i mimo naší firemní sít (spravuje ho třetí strana), ale z práce na něj vidím...
    spejbl ~ # tracepath 212.100.246.25
     1?: [LOCALHOST]                                         pmtu 1500
     1:  192.168.2.1                                           0.531ms
     1:  192.168.2.1                                           0.497ms
     2:  10.19.17.49                                           2.250ms
     3:  10.19.17.1                                           14.123ms
     4:  10.19.0.33                                           76.885ms
     5:  10.1.0.1                                             17.781ms
     6:  10.0.90.14                                           35.234ms
     7:  1.144.230.94.awnet.cz                                47.213ms
     8:  unassigned-ip.vshosting.cz                           42.303ms
     9:  backbone-sitel-mx.vshosting.cz                       36.551ms
    10:  78.152.46.37                                         37.957ms
    11:  eth1-3.r1.vie1.at.as5580.net                         48.053ms
    12:  eth1-6.r1.fra1.de.as5580.net                         58.032ms asymm 11
    13:  eth13-1.core1.par2.fr.as5580.net                     45.877ms asymm 12
    14:  eth7-1.core1.lon2.uk.as5580.net                      82.960ms asymm 15
    15:  eth7-2.r1.lon1.uk.as5580.net                         72.726ms
    16:  94.31.31.17                                          48.989ms
    17:  ae5.mpr2.lhr2.uk.zip.zayo.com                        55.336ms
    18:  ae6.mpr1.lhr23.uk.zip.zayo.com                       97.621ms
    19:  94.31.42.254.IPYX-076520-ZYO.above.net               81.987ms
    20:  coreb-edge4.lon3.rackspace.net                      104.708ms
    21:  core3-corea.lon3.rackspace.net                       54.273ms
    22:  aggr331a-2-core3.lon3.rackspace.net                  97.227ms
    23:  no reply
    24:  no reply
    21.1.2015 06:24 Matlák
    Rozbalit Rozbalit vše Re: Nefunkční openVPN
    Toto je stage server, který je i mimo naší firemní sít (spravuje ho třetí strana), ale z práce na něj vidím...
    spejbl ~ # tracepath 212.100.246.25
    


    Tak zkuste zadat routu ručně, přes síť která je na tap0 - třeba takhle:
    ip r add 212.100.246.25 via 192.168.12.1
    
    BTW. asi bylo vhodné, po tom co VPN najede (objeví se "Initialization sequence completed") kouknout jestli jsou všechny interfacy správně nastavené
    ip a show
    
    je možné i to že tam něco koliduje...
    21.1.2015 09:28 pet
    Rozbalit Rozbalit vše Re: Nefunkční openVPN
    Ani 46.28.107.243 ani 212.100.246.25 není podle toho dlouhého výpisu routované do VPN, proto traceroute jde přímo do internetu. Co takhle zkusit něco z toho, co je přes VPN routované? Těch mašin je v tom výpisu dost, všechny co mají netmask 255.255.255.255 jsou jednotlivé stroje.
    20.1.2015 22:30 NN
    Rozbalit Rozbalit vše Re: Nefunkční openVPN
    /bin/ifconfig tap0 192.168.12.59 netmask 255.255.255.0 mtu 1500 broadcast 192.168.12.255
    SIOCADDRT: File exists
    To vypada, ze uz na tom tapu neco visi..

    Založit nové vláknoNahoru

    Tiskni Sdílej: Linkuj Jaggni to Vybrali.sme.sk Google Del.icio.us Facebook

    ISSN 1214-1267   www.czech-server.cz
    © 1999-2015 Nitemedia s. r. o. Všechna práva vyhrazena.