I have a home router with TomatoVPN as CLIENT, set up to connect through to my VPS and reroute all internet traffic through the tunnel. (Using TUN, UDP, port 1194).
All is working well , except for lines in my server log file as follows:
Code: Select all
Sun Jan 30 13:02:36 2011 client1/88.88.88.88:1024 MULTI: bad source address from client [88.88.88.88], packet dropped
My server conf file is as follows:
Code: Select all
mode server
tls-server
local 95.95.95.95
port 1194
#proto tcp
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh1024.pem
max-clients 10
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1"
push "dhcp-option DNS 95.154.254.254"
push "dhcp-option DNS 208.67.220.222"
push "dhcp-option DNS 208.67.220.220"
keepalive 5 30
comp-lzo
persist-key
persist-tun
status openvpn-status.log
verb 3
user nobody
group nogroup
Code: Select all
Sun Jan 30 13:01:52 2011 OpenVPN 2.1_rc11 x86_64-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] built on Mar 9 2009
Sun Jan 30 13:01:52 2011 Diffie-Hellman initialized with 1024 bit key
Sun Jan 30 13:01:52 2011 /usr/bin/openssl-vulnkey -q -b 1024 -m <modulus omitted>
Sun Jan 30 13:01:52 2011 TLS-Auth MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Sun Jan 30 13:01:52 2011 ROUTE default_gateway=95.154.254.2
Sun Jan 30 13:01:52 2011 TUN/TAP device tun0 opened
Sun Jan 30 13:01:52 2011 TUN/TAP TX queue length set to 100
Sun Jan 30 13:01:52 2011 /sbin/ifconfig tun0 10.8.0.1 pointopoint 10.8.0.2 mtu 1500
Sun Jan 30 13:01:52 2011 /sbin/route add -net 10.8.0.0 netmask 255.255.255.0 gw 10.8.0.2
Sun Jan 30 13:01:52 2011 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Sun Jan 30 13:01:52 2011 GID set to nogroup
Sun Jan 30 13:01:52 2011 UID set to nobody
Sun Jan 30 13:01:52 2011 Socket Buffers: R=[129024->131072] S=[129024->131072]
Sun Jan 30 13:01:52 2011 UDPv4 link local (bound): 95.95.95.95:1194
Sun Jan 30 13:01:52 2011 UDPv4 link remote: [undef]
Sun Jan 30 13:01:52 2011 MULTI: multi_init called, r=256 v=256
Sun Jan 30 13:01:52 2011 IFCONFIG POOL: base=10.8.0.4 size=62
Sun Jan 30 13:01:52 2011 IFCONFIG POOL LIST
Sun Jan 30 13:01:52 2011 client1,10.8.0.4
Sun Jan 30 13:01:52 2011 Initialization Sequence Completed
Sun Jan 30 13:02:03 2011 MULTI: multi_create_instance called
Sun Jan 30 13:02:03 2011 88.88.88.88:1024 Re-using SSL/TLS context
Sun Jan 30 13:02:03 2011 88.88.88.88:1024 LZO compression initialized
Sun Jan 30 13:02:03 2011 88.88.88.88:1024 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Sun Jan 30 13:02:03 2011 88.88.88.88:1024 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Sun Jan 30 13:02:03 2011 88.88.88.88:1024 Local Options hash (VER=V4): '530fdded'
Sun Jan 30 13:02:03 2011 88.88.88.88:1024 Expected Remote Options hash (VER=V4): '41690919'
Sun Jan 30 13:02:03 2011 88.88.88.88:1024 TLS: Initial packet from 88.88.88.88:1024, sid=e83fc63f 10dc4723
Sun Jan 30 13:02:04 2011 88.88.88.88:1024 VERIFY OK: depth=1, /C=GB/ST=GB/L=Liverpool/O=mydomain.co.uk/CN=mydomain.co.uk_CA/emailAddress=postmaster@mydomain.co.uk
Sun Jan 30 13:02:04 2011 88.88.88.88:1024 VERIFY OK: depth=0, /C=GB/ST=GB/L=Liverpool/O=mydomain.co.uk/CN=client1/emailAddress=postmaster@mydomain.co.uk
Sun Jan 30 13:02:04 2011 88.88.88.88:1024 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sun Jan 30 13:02:04 2011 88.88.88.88:1024 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sun Jan 30 13:02:04 2011 88.88.88.88:1024 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sun Jan 30 13:02:04 2011 88.88.88.88:1024 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sun Jan 30 13:02:04 2011 88.88.88.88:1024 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Sun Jan 30 13:02:04 2011 88.88.88.88:1024 [client1] Peer Connection Initiated with 88.88.88.88:1024
Sun Jan 30 13:02:04 2011 client1/88.88.88.88:1024 MULTI: Learn: 10.8.0.6 -> client1/88.88.88.88:1024
Sun Jan 30 13:02:04 2011 client1/88.88.88.88:1024 MULTI: primary virtual IP for client1/88.88.88.88:1024: 10.8.0.6
Sun Jan 30 13:02:07 2011 client1/88.88.88.88:1024 PUSH: Received control message: 'PUSH_REQUEST'
Sun Jan 30 13:02:07 2011 client1/88.88.88.88:1024 SENT CONTROL [client1]: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 95.154.254.254,dhcp-option DNS 208.67.220.222,dhcp-option DNS 208.67.220.220,route 10.8.0.1,topology net30,ping 5,ping-restart 30,ifconfig 10.8.0.6 10.8.0.5' (status=1)
Sun Jan 30 13:02:12 2011 client1/88.88.88.88:1024 MULTI: bad source address from client [88.88.88.88], packet dropped
Sun Jan 30 13:02:13 2011 client1/88.88.88.88:1024 MULTI: bad source address from client [88.88.88.88], packet dropped
Sun Jan 30 13:02:23 2011 client1/88.88.88.88:1024 Replay-window backtrack occurred [1]
Sun Jan 30 13:02:23 2011 client1/88.88.88.88:1024 MULTI: bad source address from client [88.88.88.88], packet dropped
Sun Jan 30 13:02:23 2011 client1/88.88.88.88:1024 MULTI: bad source address from client [88.88.88.88], packet dropped
Sun Jan 30 13:02:35 2011 client1/88.88.88.88:1024 MULTI: bad source address from client [88.88.88.88], packet dropped
Sun Jan 30 13:02:35 2011 client1/88.88.88.88:1024 MULTI: bad source address from client [88.88.88.88], packet dropped
Sun Jan 30 13:02:36 2011 client1/88.88.88.88:1024 MULTI: bad source address from client [88.88.88.88], packet dropped
Sun Jan 30 13:02:36 2011 client1/88.88.88.88:1024 MULTI: bad source address from client [88.88.88.88], packet dropped
Sun Jan 30 13:02:36 2011 client1/88.88.88.88:1024 MULTI: bad source address from client [88.88.88.88], packet dropped
Sun Jan 30 13:02:37 2011 client1/88.88.88.88:1024 MULTI: bad source address from client [88.88.88.88], packet dropped
Sun Jan 30 13:02:38 2011 client1/88.88.88.88:1024 MULTI: bad source address from client [88.88.88.88], packet dropped
Sun Jan 30 13:02:39 2011 client1/88.88.88.88:1024 MULTI: bad source address from client [88.88.88.88], packet dropped
Sun Jan 30 13:02:42 2011 client1/88.88.88.88:1024 MULTI: bad source address from client [88.88.88.88], packet dropped