Disk Full: TLS Error: cannot locate HMAC in incoming packet from...
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
-
- OpenVpn Newbie
- Posts: 7
- Joined: Thu Jun 21, 2018 11:04 am
Disk Full: TLS Error: cannot locate HMAC in incoming packet from...
Sometimes I have received attempts to connect to my server (not real connections I think), and each one of them, generating entries in my LOGFILE:
"TLS Error: cannot locate HMAC in incoming packet from...."
Result: 20G logfiles per day, that my rotate can't manage..
What is the best way to solve it?
- "verb 0" isn't a good option, i think...
- "disable the TLS security?" wrong way ...
Any ideas?
"TLS Error: cannot locate HMAC in incoming packet from...."
Result: 20G logfiles per day, that my rotate can't manage..
What is the best way to solve it?
- "verb 0" isn't a good option, i think...
- "disable the TLS security?" wrong way ...
Any ideas?
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Re: Disk Full: TLS Error: cannot locate HMAC in incoming packet from...
Try using the --mute option ..
-
- OpenVpn Newbie
- Posts: 7
- Joined: Thu Jun 21, 2018 11:04 am
Re: Disk Full: TLS Error: cannot locate HMAC in incoming packet from...
I'm trying indeed with mute 45.
But when I try to connect a client without the TLS option, i saw the LOG. If I try four times, I will see 4 lines in log file.
So, consecutive attempts (like a attack) ends up filling my disk...
But when I try to connect a client without the TLS option, i saw the LOG. If I try four times, I will see 4 lines in log file.
So, consecutive attempts (like a attack) ends up filling my disk...
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
-
- OpenVpn Newbie
- Posts: 7
- Joined: Thu Jun 21, 2018 11:04 am
Re: Disk Full: TLS Error: cannot locate HMAC in incoming packet from...
verb = 1
With "0", I think no LOGS will be generated and its not so good.
with 1, the LOG is usefull, the problem is about the TLS attack. With 1, its flooding openvpn.log file
With "0", I think no LOGS will be generated and its not so good.
with 1, the LOG is usefull, the problem is about the TLS attack. With 1, its flooding openvpn.log file
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Re: Disk Full: TLS Error: cannot locate HMAC in incoming packet from...
Try a lower --mute value .. like 2
-
- OpenVpn Newbie
- Posts: 7
- Joined: Thu Jun 21, 2018 11:04 am
Re: Disk Full: TLS Error: cannot locate HMAC in incoming packet from...
I was really confused....
I'm so sorry
I reversed mute option... 2 = less equals logs.
Thanks!!! Its working!
I'm so sorry
I reversed mute option... 2 = less equals logs.
Thanks!!! Its working!
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Re: Disk Full: TLS Error: cannot locate HMAC in incoming packet from...
Thanks for letting us know it works for you
-
- OpenVpn Newbie
- Posts: 7
- Joined: Thu Jun 21, 2018 11:04 am
Re: Disk Full: TLS Error: cannot locate HMAC in incoming packet from...
Now, again.. around 13k per second...
With verb 1 and mute 1
The Log:
Tue Jul 3 12:08:23 2018 TLS Error: incoming packet authentication failed from 152.240.255.85:35215
Tue Jul 3 12:08:23 2018 Authenticate/Decrypt packet error: packet HMAC authentication failed
Tue Jul 3 12:08:23 2018 TLS Error: incoming packet authentication failed from 177.56.233.73:58123
Tue Jul 3 12:08:23 2018 Authenticate/Decrypt packet error: packet HMAC authentication failed
Tue Jul 3 12:08:23 2018 TLS Error: incoming packet authentication failed from 189.93.133.108:37127
Tue Jul 3 12:08:23 2018 Authenticate/Decrypt packet error: packet HMAC authentication failed
Tue Jul 3 12:08:23 2018 TLS Error: incoming packet authentication failed from 152.240.129.127:48610
Tue Jul 3 12:08:23 2018 Authenticate/Decrypt packet error: packet HMAC authentication failed
Tue Jul 3 12:08:23 2018 TLS Error: incoming packet authentication failed from 152.240.114.76:44890
Tue Jul 3 12:08:24 2018 Authenticate/Decrypt packet error: packet HMAC authentication failed
Tue Jul 3 12:08:24 2018 TLS Error: incoming packet authentication failed from 152.240.107.107:44177
Tue Jul 3 12:08:24 2018 Authenticate/Decrypt packet error: packet HMAC authentication failed
Tue Jul 3 12:08:24 2018 TLS Error: incoming packet authentication failed from 187.69.219.44:34305
Tue Jul 3 12:08:24 2018 Authenticate/Decrypt packet error: packet HMAC authentication failed
Tue Jul 3 12:08:24 2018 TLS Error: incoming packet authentication failed from 152.240.224.88:55099
Tue Jul 3 12:08:24 2018 Authenticate/Decrypt packet error: packet HMAC authentication failed
Tue Jul 3 12:08:24 2018 TLS Error: incoming packet authentication failed from 152.245.135.126:46313
Tue Jul 3 12:08:24 2018 Authenticate/Decrypt packet error: packet HMAC authentication failed
Tue Jul 3 12:08:24 2018 TLS Error: incoming packet authentication failed from 179.86.133.247:53054
Tue Jul 3 12:08:24 2018 Authenticate/Decrypt packet error: packet HMAC authentication failed
Tue Jul 3 12:08:24 2018 TLS Error: incoming packet authentication failed from 152.245.160.189:33492
With verb 1 and mute 1
The Log:
Tue Jul 3 12:08:23 2018 TLS Error: incoming packet authentication failed from 152.240.255.85:35215
Tue Jul 3 12:08:23 2018 Authenticate/Decrypt packet error: packet HMAC authentication failed
Tue Jul 3 12:08:23 2018 TLS Error: incoming packet authentication failed from 177.56.233.73:58123
Tue Jul 3 12:08:23 2018 Authenticate/Decrypt packet error: packet HMAC authentication failed
Tue Jul 3 12:08:23 2018 TLS Error: incoming packet authentication failed from 189.93.133.108:37127
Tue Jul 3 12:08:23 2018 Authenticate/Decrypt packet error: packet HMAC authentication failed
Tue Jul 3 12:08:23 2018 TLS Error: incoming packet authentication failed from 152.240.129.127:48610
Tue Jul 3 12:08:23 2018 Authenticate/Decrypt packet error: packet HMAC authentication failed
Tue Jul 3 12:08:23 2018 TLS Error: incoming packet authentication failed from 152.240.114.76:44890
Tue Jul 3 12:08:24 2018 Authenticate/Decrypt packet error: packet HMAC authentication failed
Tue Jul 3 12:08:24 2018 TLS Error: incoming packet authentication failed from 152.240.107.107:44177
Tue Jul 3 12:08:24 2018 Authenticate/Decrypt packet error: packet HMAC authentication failed
Tue Jul 3 12:08:24 2018 TLS Error: incoming packet authentication failed from 187.69.219.44:34305
Tue Jul 3 12:08:24 2018 Authenticate/Decrypt packet error: packet HMAC authentication failed
Tue Jul 3 12:08:24 2018 TLS Error: incoming packet authentication failed from 152.240.224.88:55099
Tue Jul 3 12:08:24 2018 Authenticate/Decrypt packet error: packet HMAC authentication failed
Tue Jul 3 12:08:24 2018 TLS Error: incoming packet authentication failed from 152.245.135.126:46313
Tue Jul 3 12:08:24 2018 Authenticate/Decrypt packet error: packet HMAC authentication failed
Tue Jul 3 12:08:24 2018 TLS Error: incoming packet authentication failed from 179.86.133.247:53054
Tue Jul 3 12:08:24 2018 Authenticate/Decrypt packet error: packet HMAC authentication failed
Tue Jul 3 12:08:24 2018 TLS Error: incoming packet authentication failed from 152.245.160.189:33492
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
-
- OpenVpn Newbie
- Posts: 7
- Joined: Thu Jun 21, 2018 11:04 am
Re: Disk Full: TLS Error: cannot locate HMAC in incoming packet from...
Sometimes 13k, sometimes 20k, sometimes crazy 150k per second, and sometimes....5k.
The rate i used was an example... last friday I had 26GB
proto UDP and port 1194
Thank u.
The rate i used was an example... last friday I had 26GB
proto UDP and port 1194
Thank u.
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Re: Disk Full: TLS Error: cannot locate HMAC in incoming packet from...
I asked the developers about this but nobody has time to look into it .. it is too low a priority.
I may be able to help further, please contact me here : tincanteksup <at> gmail
I may be able to help further, please contact me here : tincanteksup <at> gmail
-
- OpenVpn Newbie
- Posts: 7
- Joined: Thu Jun 21, 2018 11:04 am
Re: Disk Full: TLS Error: cannot locate HMAC in incoming packet from...
No problem.
I will disable the entire LOG with "verb 0" and pray to never need to use these "logs history"..
Thanks again.
I will disable the entire LOG with "verb 0" and pray to never need to use these "logs history"..
Thanks again.
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Re: Disk Full: TLS Error: cannot locate HMAC in incoming packet from...
I have a far more elegant solution .. but it is your decision.