Disk Full: TLS Error: cannot locate HMAC in incoming packet from...

Need help configuring your VPN? Just post here and you'll get that help.
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
dsetis
OpenVpn Newbie
Posts: 7
Joined: Thu Jun 21, 2018 11:04 am

Disk Full: TLS Error: cannot locate HMAC in incoming packet from...

Post by dsetis » Thu Jun 21, 2018 11:14 am

Sometimes I have received attempts to connect to my server (not real connections I think), and each one of them, generating entries in my LOGFILE:
"TLS Error: cannot locate HMAC in incoming packet from...."
Result: 20G logfiles per day, that my rotate can't manage..
What is the best way to solve it?

- "verb 0" isn't a good option, i think...
- "disable the TLS security?" wrong way ...


Any ideas? :ugeek:

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 4421
Joined: Fri Jun 03, 2016 1:17 pm

Re: Disk Full: TLS Error: cannot locate HMAC in incoming packet from...

Post by TinCanTech » Thu Jun 21, 2018 8:01 pm

Try using the --mute option ..

dsetis
OpenVpn Newbie
Posts: 7
Joined: Thu Jun 21, 2018 11:04 am

Re: Disk Full: TLS Error: cannot locate HMAC in incoming packet from...

Post by dsetis » Wed Jun 27, 2018 10:02 pm

I'm trying indeed with mute 45.
But when I try to connect a client without the TLS option, i saw the LOG. If I try four times, I will see 4 lines in log file.
So, consecutive attempts (like a attack) ends up filling my disk...

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 4421
Joined: Fri Jun 03, 2016 1:17 pm

Re: Disk Full: TLS Error: cannot locate HMAC in incoming packet from...

Post by TinCanTech » Wed Jun 27, 2018 10:34 pm

dsetis wrote:
Thu Jun 21, 2018 11:14 am
Result: 20G logfiles per day,

<snip>

- "verb 0" isn't a good option,
What is your current --verb ?

dsetis
OpenVpn Newbie
Posts: 7
Joined: Thu Jun 21, 2018 11:04 am

Re: Disk Full: TLS Error: cannot locate HMAC in incoming packet from...

Post by dsetis » Mon Jul 02, 2018 7:00 pm

verb = 1

With "0", I think no LOGS will be generated and its not so good.
with 1, the LOG is usefull, the problem is about the TLS attack. With 1, its flooding openvpn.log file

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 4421
Joined: Fri Jun 03, 2016 1:17 pm

Re: Disk Full: TLS Error: cannot locate HMAC in incoming packet from...

Post by TinCanTech » Mon Jul 02, 2018 8:33 pm

Try a lower --mute value .. like 2

dsetis
OpenVpn Newbie
Posts: 7
Joined: Thu Jun 21, 2018 11:04 am

Re: Disk Full: TLS Error: cannot locate HMAC in incoming packet from...

Post by dsetis » Tue Jul 03, 2018 2:32 pm

I was really confused....
I'm so sorry

I reversed mute option... 2 = less equals logs.
Thanks!!! Its working!

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 4421
Joined: Fri Jun 03, 2016 1:17 pm

Re: Disk Full: TLS Error: cannot locate HMAC in incoming packet from...

Post by TinCanTech » Tue Jul 03, 2018 2:37 pm

Thanks for letting us know it works for you 8-)

dsetis
OpenVpn Newbie
Posts: 7
Joined: Thu Jun 21, 2018 11:04 am

Re: Disk Full: TLS Error: cannot locate HMAC in incoming packet from...

Post by dsetis » Tue Jul 03, 2018 3:13 pm

Now, again.. around 13k per second...
With verb 1 and mute 1

The Log:


Tue Jul 3 12:08:23 2018 TLS Error: incoming packet authentication failed from 152.240.255.85:35215
Tue Jul 3 12:08:23 2018 Authenticate/Decrypt packet error: packet HMAC authentication failed
Tue Jul 3 12:08:23 2018 TLS Error: incoming packet authentication failed from 177.56.233.73:58123
Tue Jul 3 12:08:23 2018 Authenticate/Decrypt packet error: packet HMAC authentication failed
Tue Jul 3 12:08:23 2018 TLS Error: incoming packet authentication failed from 189.93.133.108:37127
Tue Jul 3 12:08:23 2018 Authenticate/Decrypt packet error: packet HMAC authentication failed
Tue Jul 3 12:08:23 2018 TLS Error: incoming packet authentication failed from 152.240.129.127:48610
Tue Jul 3 12:08:23 2018 Authenticate/Decrypt packet error: packet HMAC authentication failed
Tue Jul 3 12:08:23 2018 TLS Error: incoming packet authentication failed from 152.240.114.76:44890
Tue Jul 3 12:08:24 2018 Authenticate/Decrypt packet error: packet HMAC authentication failed
Tue Jul 3 12:08:24 2018 TLS Error: incoming packet authentication failed from 152.240.107.107:44177
Tue Jul 3 12:08:24 2018 Authenticate/Decrypt packet error: packet HMAC authentication failed
Tue Jul 3 12:08:24 2018 TLS Error: incoming packet authentication failed from 187.69.219.44:34305
Tue Jul 3 12:08:24 2018 Authenticate/Decrypt packet error: packet HMAC authentication failed
Tue Jul 3 12:08:24 2018 TLS Error: incoming packet authentication failed from 152.240.224.88:55099
Tue Jul 3 12:08:24 2018 Authenticate/Decrypt packet error: packet HMAC authentication failed
Tue Jul 3 12:08:24 2018 TLS Error: incoming packet authentication failed from 152.245.135.126:46313
Tue Jul 3 12:08:24 2018 Authenticate/Decrypt packet error: packet HMAC authentication failed
Tue Jul 3 12:08:24 2018 TLS Error: incoming packet authentication failed from 179.86.133.247:53054
Tue Jul 3 12:08:24 2018 Authenticate/Decrypt packet error: packet HMAC authentication failed
Tue Jul 3 12:08:24 2018 TLS Error: incoming packet authentication failed from 152.245.160.189:33492

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 4421
Joined: Fri Jun 03, 2016 1:17 pm

Re: Disk Full: TLS Error: cannot locate HMAC in incoming packet from...

Post by TinCanTech » Tue Jul 03, 2018 3:24 pm

dsetis wrote:
Tue Jul 03, 2018 3:13 pm
Now, again.. around 13k per second...
With verb 1 and mute 1
So around 1GB per day
dsetis wrote:
Thu Jun 21, 2018 11:14 am
20G logfiles per day
down from 20GB per day ..

Is that not enough of an improvement ?

What do you use for --proto and --port ?

dsetis
OpenVpn Newbie
Posts: 7
Joined: Thu Jun 21, 2018 11:04 am

Re: Disk Full: TLS Error: cannot locate HMAC in incoming packet from...

Post by dsetis » Tue Jul 03, 2018 4:48 pm

Sometimes 13k, sometimes 20k, sometimes crazy 150k per second, and sometimes....5k.
The rate i used was an example... last friday I had 26GB

proto UDP and port 1194


Thank u.

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 4421
Joined: Fri Jun 03, 2016 1:17 pm

Re: Disk Full: TLS Error: cannot locate HMAC in incoming packet from...

Post by TinCanTech » Tue Jul 03, 2018 7:57 pm

I asked the developers about this but nobody has time to look into it .. it is too low a priority.

I may be able to help further, please contact me here : tincanteksup <at> gmail

dsetis
OpenVpn Newbie
Posts: 7
Joined: Thu Jun 21, 2018 11:04 am

Re: Disk Full: TLS Error: cannot locate HMAC in incoming packet from...

Post by dsetis » Tue Jul 10, 2018 12:11 pm

No problem.

I will disable the entire LOG with "verb 0" and pray to never need to use these "logs history"..
Thanks again.

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 4421
Joined: Fri Jun 03, 2016 1:17 pm

Re: Disk Full: TLS Error: cannot locate HMAC in incoming packet from...

Post by TinCanTech » Tue Jul 10, 2018 12:29 pm

I have a far more elegant solution .. but it is your decision.

Post Reply