-
-
Save Demon-tk/c6d840328d1ac0989ee723ab50ac04be to your computer and use it in GitHub Desktop.
Error log for openvpn client docker image
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
nate@mendeshomeserver:~/docker/openvpn$ sudo docker-compose up | |
WARNING: Found orphan containers (openvpn) for this project. If you removed or renamed this service in your compose file, you can run this command with the --remove-orphans flag to clean it up. | |
openvpn-client is up-to-date | |
Attaching to openvpn-client | |
openvpn-client | + update_user_gid root openvpn | |
openvpn-client | + _USERNAME=root | |
openvpn-client | + _GROUPNAME=openvpn | |
openvpn-client | + _GID= | |
openvpn-client | + '[' -n '' ']' | |
openvpn-client | + update_user_uid root | |
openvpn-client | + _USERNAME=root | |
openvpn-client | + _UID= | |
openvpn-client | + '[' -n '' ']' | |
openvpn-client | + '[' vpnc-app = vpnc-app ']' | |
openvpn-client | + shift | |
openvpn-client | + /app/firewall.sh | |
openvpn-client | + set -e | |
openvpn-client | + awk '-F: ' '$0 !~ "lo|wg|tun|tap|^[^0-9]"{print $2;getline}' | |
openvpn-client | + read interface | |
openvpn-client | + cut -d@ -f1 | |
openvpn-client | + ip link | |
openvpn-client | + + awk '$3 == "inet" {print $4}' | |
openvpn-client | ip -o addr show dev eth0 | |
openvpn-client | + network=172.18.0.2/16 | |
openvpn-client | + '[' -z ] | |
openvpn-client | + result=172.18.0.2/16 | |
openvpn-client | + read interface | |
openvpn-client | + echo 172.18.0.2/16 | |
openvpn-client | + docker_networks=172.18.0.2/16 | |
openvpn-client | + '[' -z 172.18.0.2/16 ] | |
openvpn-client | + iptables -F | |
openvpn-client | + iptables -X | |
openvpn-client | + iptables -P INPUT DROP | |
openvpn-client | + iptables -P FORWARD DROP | |
openvpn-client | + iptables -P OUTPUT DROP | |
openvpn-client | + iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT | |
openvpn-client | + iptables -A INPUT -i lo -j ACCEPT | |
openvpn-client | + iptables -A INPUT -s 172.18.0.2/16 -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPTopenvpn-client | + iptables -A OUTPUT -o lo -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -d 172.18.0.2/16 -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -o tap+ -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -o tun+ -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -p udp -m udp --dport 53 -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -p tcp -m owner --gid-owner openvpn -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -p udp -m owner --gid-owner openvpn -j ACCEPT | |
openvpn-client | + iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT | |
openvpn-client | + iptables -A FORWARD -i lo -j ACCEPT | |
openvpn-client | + iptables -A FORWARD -d 172.18.0.2/16 -j ACCEPT | |
openvpn-client | + iptables -A FORWARD -s 172.18.0.2/16 -j ACCEPT | |
openvpn-client | + iptables -t nat -A POSTROUTING -o tap+ -j MASQUERADE | |
openvpn-client | + iptables -t nat -A POSTROUTING -o tun+ -j MASQUERADE | |
openvpn-client | + '[' -n ] | |
openvpn-client | + /app/firewall6.sh | |
openvpn-client | + set -e | |
openvpn-client | + ip link | |
openvpn-client | + + + cut -d@ -f1 | |
openvpn-client | read interface | |
openvpn-client | awk '-F: ' '$0 !~ "lo|wg|tun|tap|^[^0-9]"{print $2;getline}' | |
openvpn-client | + ip -o addr show dev eth0 | |
openvpn-client | + awk '$3 == "inet6" {print $4; exit}' | |
openvpn-client | + network= | |
openvpn-client | + '[' -z ] | |
openvpn-client | + result= | |
openvpn-client | + read interface | |
openvpn-client | + echo | |
openvpn-client | + docker_networks= | |
openvpn-client | + '[' -z ] | |
openvpn-client | + echo 'No inet6 network' | |
openvpn-client | No inet6 network | |
openvpn-client | + exit | |
openvpn-client | + /app/routing.sh | |
openvpn-client | + set -e | |
openvpn-client | + '[' -n ] | |
openvpn-client | + /app/routing6.sh | |
openvpn-client | + set -e | |
openvpn-client | + '[' -n ] | |
openvpn-client | + exec /scripts/app-entrypoint.sh /usr/sbin/openvpn --config /config/client.ovpn | |
openvpn-client | + set -e | |
openvpn-client | + : root | |
openvpn-client | ++ id -u | |
openvpn-client | ++ id -u root | |
openvpn-client | + [[ 0 != \0 ]] | |
openvpn-client | + [[ -n openvpn ]] | |
openvpn-client | ++ id -g | |
openvpn-client | ++ cut -d: ++ getent group openvpn | |
openvpn-client | -f3 | |
openvpn-client | + [[ 0 != \1\0\1 ]] | |
openvpn-client | + '[' -n openvpn ']' | |
openvpn-client | + exec su-exec root:openvpn /scripts/app-entrypoint.sh /usr/sbin/openvpn --config /config/client.ovpn | |
openvpn-client | + set -e | |
openvpn-client | + : root | |
openvpn-client | ++ id -u | |
openvpn-client | ++ id -u root | |
openvpn-client | + [[ 0 != \0 ]] | |
openvpn-client | + [[ -n openvpn ]] | |
openvpn-client | ++ id -g | |
openvpn-client | ++ ++ getent group openvpn | |
openvpn-client | cut -d: -f3 | |
openvpn-client | + [[ 101 != \1\0\1 ]] | |
openvpn-client | + exec /usr/sbin/openvpn --config /config/client.ovpn | |
openvpn-client | 2021-03-08 19:29:20 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning. | |
openvpn-client | 2021-03-08 19:29:20 OpenVPN 2.5.0 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Dec 26 2020 | |
openvpn-client | 2021-03-08 19:29:20 library versions: OpenSSL 1.1.1i 8 Dec 2020, LZO 2.10 | |
openvpn-client | 2021-03-08 19:29:20 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication | |
openvpn-client | 2021-03-08 19:29:20 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication | |
openvpn-client | 2021-03-08 19:29:21 TCP/UDP: Preserving recently used remote address: [AF_INET]104.254.90.250:443 | |
openvpn-client | 2021-03-08 19:29:21 Socket Buffers: R=[212992->212992] S=[212992->212992]openvpn-client | 2021-03-08 19:29:21 UDP link local: (not bound) | |
openvpn-client | 2021-03-08 19:29:21 UDP link remote: [AF_INET]104.254.90.250:443 | |
openvpn-client | 2021-03-08 19:29:21 TLS: Initial packet from [AF_INET]104.254.90.250:443, sid=76f3e975 d720824b | |
openvpn-client | 2021-03-08 19:29:21 VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org | |
openvpn-client | 2021-03-08 19:29:21 VERIFY KU OK | |
openvpn-client | 2021-03-08 19:29:21 Validating certificate extended key usage | |
openvpn-client | 2021-03-08 19:29:21 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication | |
openvpn-client | 2021-03-08 19:29:21 VERIFY EKU OK | |
openvpn-client | 2021-03-08 19:29:21 VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=Gorgonea, emailAddress=info@airvpn.org | |
openvpn-client | 2021-03-08 19:29:21 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_CHACHA20_POLY1305_SHA256, 4096 bit RSA | |
openvpn-client | 2021-03-08 19:29:21 [Gorgonea] Peer Connection Initiated with [AF_INET]104.254.90.250:443 | |
openvpn-client | 2021-03-08 19:29:21 PUSH: Received control message: 'PUSH_REPLY,comp-lzo no,redirect-gateway ipv6 def1 bypass-dhcp,dhcp-option DNS 10.18.20.1,dhcp-option DNS6 fde6:7a:7d20:e14::1,tun-ipv6,route-gateway 10.18.20.1,topology subnet,ping 10,ping-restart 60,ifconfig-ipv6 fde6:7a:7d20:e14::1024/64 fde6:7a:7d20:e14::1,ifconfig 10.18.20.38 255.255.255.0,peer-id 8,cipher AES-256-GCM' | |
openvpn-client | 2021-03-08 19:29:21 OPTIONS IMPORT: timers and/or timeouts modified | |
openvpn-client | 2021-03-08 19:29:21 OPTIONS IMPORT: compression parms modified | |
openvpn-client | 2021-03-08 19:29:21 OPTIONS IMPORT: --ifconfig/up options modified | |
openvpn-client | 2021-03-08 19:29:21 OPTIONS IMPORT: route options modified | |
openvpn-client | 2021-03-08 19:29:21 OPTIONS IMPORT: route-related options modified | |
openvpn-client | 2021-03-08 19:29:21 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified | |
openvpn-client | 2021-03-08 19:29:21 OPTIONS IMPORT: peer-id set | |
openvpn-client | 2021-03-08 19:29:21 OPTIONS IMPORT: adjusting link_mtu to 1625 | |
openvpn-client | 2021-03-08 19:29:21 OPTIONS IMPORT: data channel crypto options modified | |
openvpn-client | 2021-03-08 19:29:21 Data Channel: using negotiated cipher 'AES-256-GCM' | |
openvpn-client | 2021-03-08 19:29:21 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key | |
openvpn-client | 2021-03-08 19:29:21 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key | |
openvpn-client | 2021-03-08 19:29:21 ROUTE_GATEWAY 172.18.0.1/255.255.0.0 IFACE=eth0 HWADDR=02:42:ac:12:00:02 | |
openvpn-client | 2021-03-08 19:29:21 GDG6: remote_host_ipv6=n/a | |
openvpn-client | 2021-03-08 19:29:21 net_route_v6_best_gw query: dst :: | |
openvpn-client | 2021-03-08 19:29:21 sitnl_send: rtnl: generic error (-101): Network unreachable | |
openvpn-client | 2021-03-08 19:29:21 ROUTE6: default_gateway=UNDEF | |
openvpn-client | 2021-03-08 19:29:21 TUN/TAP device tun0 opened | |
openvpn-client | 2021-03-08 19:29:21 /sbin/ip link set dev tun0 up mtu 1500 | |
openvpn-client | 2021-03-08 19:29:21 /sbin/ip link set dev tun0 up | |
openvpn-client | 2021-03-08 19:29:21 /sbin/ip addr add dev tun0 10.18.20.38/24 | |
openvpn-client | 2021-03-08 19:29:21 /sbin/ip link set dev tun0 up mtu 1500 | |
openvpn-client | 2021-03-08 19:29:21 /sbin/ip link set dev tun0 up | |
openvpn-client | 2021-03-08 19:29:21 /sbin/ip -6 addr add fde6:7a:7d20:e14::1024/64 dev tun0 | |
openvpn-client | RTNETLINK answers: Permission denied | |
openvpn-client | 2021-03-08 19:29:21 Linux ip -6 addr add failed: external program exited with error status: 2 | |
openvpn-client | 2021-03-08 19:29:21 Exiting due to fatal error | |
openvpn-client | + update_user_gid root openvpn | |
openvpn-client | + _USERNAME=root | |
openvpn-client | + _GROUPNAME=openvpn | |
openvpn-client | + _GID= | |
openvpn-client | + '[' -n '' ']' | |
openvpn-client | + update_user_uid root | |
openvpn-client | + _USERNAME=root | |
openvpn-client | + _UID= | |
openvpn-client | + '[' -n '' ']' | |
openvpn-client | + '[' vpnc-app = vpnc-app ']' | |
openvpn-client | + shift | |
openvpn-client | + /app/firewall.sh | |
openvpn-client | + set -e | |
openvpn-client | + read interface | |
openvpn-client | + awk '-F: ' '$0 !~ "lo|wg|tun|tap|^[^0-9]"{print $2;getline}' | |
openvpn-client | + cut -d@ -f1 | |
openvpn-client | + ip link | |
openvpn-client | + awk '$3 == "inet" {print $4}' | |
openvpn-client | + ip -o addr show dev eth0 | |
openvpn-client | + network=172.18.0.2/16 | |
openvpn-client | + '[' -z ] | |
openvpn-client | + result=172.18.0.2/16 | |
openvpn-client | + read interface | |
openvpn-client | + echo 172.18.0.2/16 | |
openvpn-client | + docker_networks=172.18.0.2/16 | |
openvpn-client | + '[' -z 172.18.0.2/16 ] | |
openvpn-client | + iptables -F | |
openvpn-client | + iptables -X | |
openvpn-client | + iptables -P INPUT DROP | |
openvpn-client | + iptables -P FORWARD DROP | |
openvpn-client | + iptables -P OUTPUT DROP | |
openvpn-client | + iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT | |
openvpn-client | + iptables -A INPUT -i lo -j ACCEPT | |
openvpn-client | + iptables -A INPUT -s 172.18.0.2/16 -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPTopenvpn-client | + iptables -A OUTPUT -o lo -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -d 172.18.0.2/16 -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -o tap+ -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -o tun+ -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -p udp -m udp --dport 53 -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -p tcp -m owner --gid-owner openvpn -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -p udp -m owner --gid-owner openvpn -j ACCEPT | |
openvpn-client | + iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT | |
openvpn-client | + iptables -A FORWARD -i lo -j ACCEPT | |
openvpn-client | + iptables -A FORWARD -d 172.18.0.2/16 -j ACCEPT | |
openvpn-client | + iptables -A FORWARD -s 172.18.0.2/16 -j ACCEPT | |
openvpn-client | + iptables -t nat -A POSTROUTING -o tap+ -j MASQUERADE | |
openvpn-client | + iptables -t nat -A POSTROUTING -o tun+ -j MASQUERADE | |
openvpn-client | + '[' -n ] | |
openvpn-client | + /app/firewall6.sh | |
openvpn-client | + set -e | |
openvpn-client | + ip link | |
openvpn-client | + read interface | |
openvpn-client | + cut -d@ -f1 | |
openvpn-client | + awk '-F: ' '$0 !~ "lo|wg|tun|tap|^[^0-9]"{print $2;getline}' | |
openvpn-client | + ip -o addr show dev eth0 | |
openvpn-client | + awk '$3 == "inet6" {print $4; exit}' | |
openvpn-client | + network= | |
openvpn-client | + '[' -z ] | |
openvpn-client | + result= | |
openvpn-client | + read interface | |
openvpn-client | + echo | |
openvpn-client | + docker_networks= | |
openvpn-client | + '[' -z ] | |
openvpn-client | + echo 'No inet6 network' | |
openvpn-client | No inet6 network | |
openvpn-client | + exit | |
openvpn-client | + /app/routing.sh | |
openvpn-client | + set -e | |
openvpn-client | + '[' -n ] | |
openvpn-client | + /app/routing6.sh | |
openvpn-client | + set -e | |
openvpn-client | + '[' -n ] | |
openvpn-client | + exec /scripts/app-entrypoint.sh /usr/sbin/openvpn --config /config/client.ovpn | |
openvpn-client | + set -e | |
openvpn-client | + : root | |
openvpn-client | ++ id -u | |
openvpn-client | ++ id -u root | |
openvpn-client | + [[ 0 != \0 ]] | |
openvpn-client | + [[ -n openvpn ]] | |
openvpn-client | ++ id -g | |
openvpn-client | ++ getent group openvpn | |
openvpn-client | ++ cut -d: -f3 | |
openvpn-client | + [[ 0 != \1\0\1 ]] | |
openvpn-client | + '[' -n openvpn ']' | |
openvpn-client | + exec su-exec root:openvpn /scripts/app-entrypoint.sh /usr/sbin/openvpn --config /config/client.ovpn | |
openvpn-client | + set -e | |
openvpn-client | + : root | |
openvpn-client | ++ id -u | |
openvpn-client | ++ id -u root | |
openvpn-client | + [[ 0 != \0 ]] | |
openvpn-client | + [[ -n openvpn ]] | |
openvpn-client | ++ id -g | |
openvpn-client | ++ cut -d: -f3 | |
openvpn-client | ++ getent group openvpn | |
openvpn-client | + [[ 101 != \1\0\1 ]] | |
openvpn-client | + exec /usr/sbin/openvpn --config /config/client.ovpn | |
openvpn-client | 2021-03-08 19:29:24 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning. | |
openvpn-client | 2021-03-08 19:29:24 OpenVPN 2.5.0 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Dec 26 2020 | |
openvpn-client | 2021-03-08 19:29:24 library versions: OpenSSL 1.1.1i 8 Dec 2020, LZO 2.10 | |
openvpn-client | 2021-03-08 19:29:24 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication | |
openvpn-client | 2021-03-08 19:29:24 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication | |
openvpn-client | 2021-03-08 19:29:24 TCP/UDP: Preserving recently used remote address: [AF_INET]104.254.90.250:443 | |
openvpn-client | 2021-03-08 19:29:24 Socket Buffers: R=[212992->212992] S=[212992->212992]openvpn-client | 2021-03-08 19:29:24 UDP link local: (not bound) | |
openvpn-client | 2021-03-08 19:29:24 UDP link remote: [AF_INET]104.254.90.250:443 | |
openvpn-client | 2021-03-08 19:29:24 TLS: Initial packet from [AF_INET]104.254.90.250:443, sid=e1f6bba9 d6b4877c | |
openvpn-client | 2021-03-08 19:29:24 VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org | |
openvpn-client | 2021-03-08 19:29:24 VERIFY KU OK | |
openvpn-client | 2021-03-08 19:29:24 Validating certificate extended key usage | |
openvpn-client | 2021-03-08 19:29:24 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication | |
openvpn-client | 2021-03-08 19:29:24 VERIFY EKU OK | |
openvpn-client | 2021-03-08 19:29:24 VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=Gorgonea, emailAddress=info@airvpn.org | |
openvpn-client | 2021-03-08 19:29:24 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_CHACHA20_POLY1305_SHA256, 4096 bit RSA | |
openvpn-client | 2021-03-08 19:29:24 [Gorgonea] Peer Connection Initiated with [AF_INET]104.254.90.250:443 | |
openvpn-client | 2021-03-08 19:29:25 SENT CONTROL [Gorgonea]: 'PUSH_REQUEST' (status=1) | |
openvpn-client | 2021-03-08 19:29:25 PUSH: Received control message: 'PUSH_REPLY,comp-lzo no,redirect-gateway ipv6 def1 bypass-dhcp,dhcp-option DNS 10.18.20.1,dhcp-option DNS6 fde6:7a:7d20:e14::1,tun-ipv6,route-gateway 10.18.20.1,topology subnet,ping 10,ping-restart 60,ifconfig-ipv6 fde6:7a:7d20:e14::1024/64 fde6:7a:7d20:e14::1,ifconfig 10.18.20.38 255.255.255.0,peer-id 9,cipher AES-256-GCM' | |
openvpn-client | 2021-03-08 19:29:25 OPTIONS IMPORT: timers and/or timeouts modified | |
openvpn-client | 2021-03-08 19:29:25 OPTIONS IMPORT: compression parms modified | |
openvpn-client | 2021-03-08 19:29:25 OPTIONS IMPORT: --ifconfig/up options modified | |
openvpn-client | 2021-03-08 19:29:25 OPTIONS IMPORT: route options modified | |
openvpn-client | 2021-03-08 19:29:25 OPTIONS IMPORT: route-related options modified | |
openvpn-client | 2021-03-08 19:29:25 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified | |
openvpn-client | 2021-03-08 19:29:25 OPTIONS IMPORT: peer-id set | |
openvpn-client | 2021-03-08 19:29:25 OPTIONS IMPORT: adjusting link_mtu to 1625 | |
openvpn-client | 2021-03-08 19:29:25 OPTIONS IMPORT: data channel crypto options modified | |
openvpn-client | 2021-03-08 19:29:25 Data Channel: using negotiated cipher 'AES-256-GCM' | |
openvpn-client | 2021-03-08 19:29:25 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key | |
openvpn-client | 2021-03-08 19:29:25 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key | |
openvpn-client | 2021-03-08 19:29:25 ROUTE_GATEWAY 172.18.0.1/255.255.0.0 IFACE=eth0 HWADDR=02:42:ac:12:00:02 | |
openvpn-client | 2021-03-08 19:29:25 GDG6: remote_host_ipv6=n/a | |
openvpn-client | 2021-03-08 19:29:25 net_route_v6_best_gw query: dst :: | |
openvpn-client | 2021-03-08 19:29:25 sitnl_send: rtnl: generic error (-101): Network unreachable | |
openvpn-client | 2021-03-08 19:29:25 ROUTE6: default_gateway=UNDEF | |
openvpn-client | 2021-03-08 19:29:25 TUN/TAP device tun0 opened | |
openvpn-client | 2021-03-08 19:29:25 /sbin/ip link set dev tun0 up mtu 1500 | |
openvpn-client | 2021-03-08 19:29:25 /sbin/ip link set dev tun0 up | |
openvpn-client | 2021-03-08 19:29:25 /sbin/ip addr add dev tun0 10.18.20.38/24 | |
openvpn-client | 2021-03-08 19:29:25 /sbin/ip link set dev tun0 up mtu 1500 | |
openvpn-client | 2021-03-08 19:29:25 /sbin/ip link set dev tun0 up | |
openvpn-client | 2021-03-08 19:29:25 /sbin/ip -6 addr add fde6:7a:7d20:e14::1024/64 dev tun0 | |
openvpn-client | RTNETLINK answers: Permission denied | |
openvpn-client | 2021-03-08 19:29:25 Linux ip -6 addr add failed: external program exited with error status: 2 | |
openvpn-client | 2021-03-08 19:29:25 Exiting due to fatal error | |
openvpn-client | + update_user_gid root openvpn | |
openvpn-client | + _USERNAME=root | |
openvpn-client | + _GROUPNAME=openvpn | |
openvpn-client | + _GID= | |
openvpn-client | + '[' -n '' ']' | |
openvpn-client | + update_user_uid root | |
openvpn-client | + _USERNAME=root | |
openvpn-client | + _UID= | |
openvpn-client | + '[' -n '' ']' | |
openvpn-client | + '[' vpnc-app = vpnc-app ']' | |
openvpn-client | + shift | |
openvpn-client | + /app/firewall.sh | |
openvpn-client | + set -e | |
openvpn-client | + cut -d@ -f1 | |
openvpn-client | + read interface | |
openvpn-client | + ip link | |
openvpn-client | + awk '-F: ' '$0 !~ "lo|wg|tun|tap|^[^0-9]"{print $2;getline}' | |
openvpn-client | + ip -o addr show dev eth0 | |
openvpn-client | + awk '$3 == "inet" {print $4}' | |
openvpn-client | + network=172.18.0.2/16 | |
openvpn-client | + '[' -z ] | |
openvpn-client | + result=172.18.0.2/16 | |
openvpn-client | + read interface | |
openvpn-client | + echo 172.18.0.2/16 | |
openvpn-client | + docker_networks=172.18.0.2/16 | |
openvpn-client | + '[' -z 172.18.0.2/16 ] | |
openvpn-client | + iptables -F | |
openvpn-client | + iptables -X | |
openvpn-client | + iptables -P INPUT DROP | |
openvpn-client | + iptables -P FORWARD DROP | |
openvpn-client | + iptables -P OUTPUT DROP | |
openvpn-client | + iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT | |
openvpn-client | + iptables -A INPUT -i lo -j ACCEPT | |
openvpn-client | + iptables -A INPUT -s 172.18.0.2/16 -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPTopenvpn-client | + iptables -A OUTPUT -o lo -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -d 172.18.0.2/16 -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -o tap+ -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -o tun+ -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -p udp -m udp --dport 53 -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -p tcp -m owner --gid-owner openvpn -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -p udp -m owner --gid-owner openvpn -j ACCEPT | |
openvpn-client | + iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT | |
openvpn-client | + iptables -A FORWARD -i lo -j ACCEPT | |
openvpn-client | + iptables -A FORWARD -d 172.18.0.2/16 -j ACCEPT | |
openvpn-client | + iptables -A FORWARD -s 172.18.0.2/16 -j ACCEPT | |
openvpn-client | + iptables -t nat -A POSTROUTING -o tap+ -j MASQUERADE | |
openvpn-client | + iptables -t nat -A POSTROUTING -o tun+ -j MASQUERADE | |
openvpn-client | + '[' -n ] | |
openvpn-client | + /app/firewall6.sh | |
openvpn-client | + set -e | |
openvpn-client | + ip link+ read interface | |
openvpn-client | + awk '-F: ' '$0 !~ "lo|wg|tun|tap|^[^0-9]"{print $2;getline}' | |
openvpn-client | | |
openvpn-client | + cut -d@ -f1 | |
openvpn-client | + ip -o addr show+ dev eth0 | |
openvpn-client | awk '$3 == "inet6" {print $4; exit}' | |
openvpn-client | + network= | |
openvpn-client | + '[' -z ] | |
openvpn-client | + result= | |
openvpn-client | + read interface | |
openvpn-client | + echo | |
openvpn-client | + docker_networks= | |
openvpn-client | + '[' -z ] | |
openvpn-client | + echo 'No inet6 network' | |
openvpn-client | No inet6 network | |
openvpn-client | + exit | |
openvpn-client | + /app/routing.sh | |
openvpn-client | + set -e | |
openvpn-client | + '[' -n ] | |
openvpn-client | + /app/routing6.sh | |
openvpn-client | + set -e | |
openvpn-client | + '[' -n ] | |
openvpn-client | + exec /scripts/app-entrypoint.sh /usr/sbin/openvpn --config /config/client.ovpn | |
openvpn-client | + set -e | |
openvpn-client | + : root | |
openvpn-client | ++ id -u | |
openvpn-client | ++ id -u root | |
openvpn-client | + [[ 0 != \0 ]] | |
openvpn-client | + [[ -n openvpn ]] | |
openvpn-client | ++ id -g | |
openvpn-client | ++ getent group ++ cut -d: -f3 | |
openvpn-client | openvpn | |
openvpn-client | + [[ 0 != \1\0\1 ]] | |
openvpn-client | + '[' -n openvpn ']' | |
openvpn-client | + exec su-exec root:openvpn /scripts/app-entrypoint.sh /usr/sbin/openvpn --config /config/client.ovpn | |
openvpn-client | + set -e | |
openvpn-client | + : root | |
openvpn-client | ++ id -u | |
openvpn-client | ++ id -u root | |
openvpn-client | + [[ 0 != \0 ]] | |
openvpn-client | + [[ -n openvpn ]] | |
openvpn-client | ++ id -g | |
openvpn-client | ++ cut -d: -f3 | |
openvpn-client | ++ getent group openvpn | |
openvpn-client | + [[ 101 != \1\0\1 ]] | |
openvpn-client | + exec /usr/sbin/openvpn --config /config/client.ovpn | |
openvpn-client | 2021-03-08 19:29:29 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning. | |
openvpn-client | 2021-03-08 19:29:29 OpenVPN 2.5.0 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Dec 26 2020 | |
openvpn-client | 2021-03-08 19:29:29 library versions: OpenSSL 1.1.1i 8 Dec 2020, LZO 2.10 | |
openvpn-client | 2021-03-08 19:29:29 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication | |
openvpn-client | 2021-03-08 19:29:29 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication | |
openvpn-client | 2021-03-08 19:29:29 TCP/UDP: Preserving recently used remote address: [AF_INET]104.254.90.250:443 | |
openvpn-client | 2021-03-08 19:29:29 Socket Buffers: R=[212992->212992] S=[212992->212992]openvpn-client | 2021-03-08 19:29:29 UDP link local: (not bound) | |
openvpn-client | 2021-03-08 19:29:29 UDP link remote: [AF_INET]104.254.90.250:443 | |
openvpn-client | 2021-03-08 19:29:29 TLS: Initial packet from [AF_INET]104.254.90.250:443, sid=9bfffc7e 1f012327 | |
openvpn-client | 2021-03-08 19:29:29 VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org | |
openvpn-client | 2021-03-08 19:29:29 VERIFY KU OK | |
openvpn-client | 2021-03-08 19:29:29 Validating certificate extended key usage | |
openvpn-client | 2021-03-08 19:29:29 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication | |
openvpn-client | 2021-03-08 19:29:29 VERIFY EKU OK | |
openvpn-client | 2021-03-08 19:29:29 VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=Gorgonea, emailAddress=info@airvpn.org | |
openvpn-client | 2021-03-08 19:29:29 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_CHACHA20_POLY1305_SHA256, 4096 bit RSA | |
openvpn-client | 2021-03-08 19:29:29 [Gorgonea] Peer Connection Initiated with [AF_INET]104.254.90.250:443 | |
openvpn-client | 2021-03-08 19:29:30 SENT CONTROL [Gorgonea]: 'PUSH_REQUEST' (status=1) | |
openvpn-client | 2021-03-08 19:29:30 PUSH: Received control message: 'PUSH_REPLY,comp-lzo no,redirect-gateway ipv6 def1 bypass-dhcp,dhcp-option DNS 10.18.20.1,dhcp-option DNS6 fde6:7a:7d20:e14::1,tun-ipv6,route-gateway 10.18.20.1,topology subnet,ping 10,ping-restart 60,ifconfig-ipv6 fde6:7a:7d20:e14::1024/64 fde6:7a:7d20:e14::1,ifconfig 10.18.20.38 255.255.255.0,peer-id 7,cipher AES-256-GCM' | |
openvpn-client | 2021-03-08 19:29:30 OPTIONS IMPORT: timers and/or timeouts modified | |
openvpn-client | 2021-03-08 19:29:30 OPTIONS IMPORT: compression parms modified | |
openvpn-client | 2021-03-08 19:29:30 OPTIONS IMPORT: --ifconfig/up options modified | |
openvpn-client | 2021-03-08 19:29:30 OPTIONS IMPORT: route options modified | |
openvpn-client | 2021-03-08 19:29:30 OPTIONS IMPORT: route-related options modified | |
openvpn-client | 2021-03-08 19:29:30 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified | |
openvpn-client | 2021-03-08 19:29:30 OPTIONS IMPORT: peer-id set | |
openvpn-client | 2021-03-08 19:29:30 OPTIONS IMPORT: adjusting link_mtu to 1625 | |
openvpn-client | 2021-03-08 19:29:30 OPTIONS IMPORT: data channel crypto options modified | |
openvpn-client | 2021-03-08 19:29:30 Data Channel: using negotiated cipher 'AES-256-GCM' | |
openvpn-client | 2021-03-08 19:29:30 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key | |
openvpn-client | 2021-03-08 19:29:30 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key | |
openvpn-client | 2021-03-08 19:29:30 ROUTE_GATEWAY 172.18.0.1/255.255.0.0 IFACE=eth0 HWADDR=02:42:ac:12:00:02 | |
openvpn-client | 2021-03-08 19:29:30 GDG6: remote_host_ipv6=n/a | |
openvpn-client | 2021-03-08 19:29:30 net_route_v6_best_gw query: dst :: | |
openvpn-client | 2021-03-08 19:29:30 sitnl_send: rtnl: generic error (-101): Network unreachable | |
openvpn-client | 2021-03-08 19:29:30 ROUTE6: default_gateway=UNDEF | |
openvpn-client | 2021-03-08 19:29:30 TUN/TAP device tun0 opened | |
openvpn-client | 2021-03-08 19:29:30 /sbin/ip link set dev tun0 up mtu 1500 | |
openvpn-client | 2021-03-08 19:29:30 /sbin/ip link set dev tun0 up | |
openvpn-client | 2021-03-08 19:29:30 /sbin/ip addr add dev tun0 10.18.20.38/24 | |
openvpn-client | 2021-03-08 19:29:30 /sbin/ip link set dev tun0 up mtu 1500 | |
openvpn-client | 2021-03-08 19:29:30 /sbin/ip link set dev tun0 up | |
openvpn-client | 2021-03-08 19:29:30 /sbin/ip -6 addr add fde6:7a:7d20:e14::1024/64 dev tun0 | |
openvpn-client | RTNETLINK answers: Permission denied | |
openvpn-client | 2021-03-08 19:29:30 Linux ip -6 addr add failed: external program exited with error status: 2 | |
openvpn-client | 2021-03-08 19:29:30 Exiting due to fatal error | |
openvpn-client | + update_user_gid root openvpn | |
openvpn-client | + _USERNAME=root | |
openvpn-client | + _GROUPNAME=openvpn | |
openvpn-client | + _GID= | |
openvpn-client | + '[' -n '' ']' | |
openvpn-client | + update_user_uid root | |
openvpn-client | + _USERNAME=root | |
openvpn-client | + _UID= | |
openvpn-client | + '[' -n '' ']' | |
openvpn-client | + '[' vpnc-app = vpnc-app ']' | |
openvpn-client | + shift | |
openvpn-client | + /app/firewall.sh | |
openvpn-client | + set -e | |
openvpn-client | + ip link | |
openvpn-client | + read interface | |
openvpn-client | + cut -d@ -f1 | |
openvpn-client | + awk '-F: ' '$0 !~ "lo|wg|tun|tap|^[^0-9]"{print $2;getline}' | |
openvpn-client | + awk '$3 == "inet" {print $4}' | |
openvpn-client | + ip -o addr show dev eth0 | |
openvpn-client | + network=172.18.0.2/16 | |
openvpn-client | + '[' -z ] | |
openvpn-client | + result=172.18.0.2/16 | |
openvpn-client | + read interface | |
openvpn-client | + echo 172.18.0.2/16 | |
openvpn-client | + docker_networks=172.18.0.2/16 | |
openvpn-client | + '[' -z 172.18.0.2/16 ] | |
openvpn-client | + iptables -F | |
openvpn-client | + iptables -X | |
openvpn-client | + iptables -P INPUT DROP | |
openvpn-client | + iptables -P FORWARD DROP | |
openvpn-client | + iptables -P OUTPUT DROP | |
openvpn-client | + iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT | |
openvpn-client | + iptables -A INPUT -i lo -j ACCEPT | |
openvpn-client | + iptables -A INPUT -s 172.18.0.2/16 -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPTopenvpn-client | + iptables -A OUTPUT -o lo -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -d 172.18.0.2/16 -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -o tap+ -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -o tun+ -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -p udp -m udp --dport 53 -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -p tcp -m owner --gid-owner openvpn -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -p udp -m owner --gid-owner openvpn -j ACCEPT | |
openvpn-client | + iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT | |
openvpn-client | + iptables -A FORWARD -i lo -j ACCEPT | |
openvpn-client | + iptables -A FORWARD -d 172.18.0.2/16 -j ACCEPT | |
openvpn-client | + iptables -A FORWARD -s 172.18.0.2/16 -j ACCEPT | |
openvpn-client | + iptables -t nat -A POSTROUTING -o tap+ -j MASQUERADE | |
openvpn-client | + iptables -t nat -A POSTROUTING -o tun+ -j MASQUERADE | |
openvpn-client | + '[' -n ] | |
openvpn-client | + /app/firewall6.sh | |
openvpn-client | + set -e | |
openvpn-client | + ip link | |
openvpn-client | + read interface | |
openvpn-client | + + cut -d@ -f1 | |
openvpn-client | awk '-F: ' '$0 !~ "lo|wg|tun|tap|^[^0-9]"{print $2;getline}' | |
openvpn-client | + ip -o addr show dev eth0 | |
openvpn-client | + awk '$3 == "inet6" {print $4; exit}' | |
openvpn-client | + network= | |
openvpn-client | + '[' -z ] | |
openvpn-client | + result= | |
openvpn-client | + read interface | |
openvpn-client | + echo | |
openvpn-client | + docker_networks= | |
openvpn-client | + '[' -z ] | |
openvpn-client | + echo 'No inet6 network' | |
openvpn-client | No inet6 network | |
openvpn-client | + exit | |
openvpn-client | + /app/routing.sh | |
openvpn-client | + set -e | |
openvpn-client | + '[' -n ] | |
openvpn-client | + /app/routing6.sh | |
openvpn-client | + set -e | |
openvpn-client | + '[' -n ] | |
openvpn-client | + exec /scripts/app-entrypoint.sh /usr/sbin/openvpn --config /config/client.ovpn | |
openvpn-client | + set -e | |
openvpn-client | + : root | |
openvpn-client | ++ id -u | |
openvpn-client | ++ id -u root | |
openvpn-client | + [[ 0 != \0 ]] | |
openvpn-client | + [[ -n openvpn ]] | |
openvpn-client | ++ id -g | |
openvpn-client | ++ getent ++ cut -d: -f3 | |
openvpn-client | group openvpn | |
openvpn-client | + [[ 0 != \1\0\1 ]] | |
openvpn-client | + '[' -n openvpn ']' | |
openvpn-client | + exec su-exec root:openvpn /scripts/app-entrypoint.sh /usr/sbin/openvpn --config /config/client.ovpn | |
openvpn-client | + set -e | |
openvpn-client | + : root | |
openvpn-client | ++ id -u | |
openvpn-client | ++ id -u root | |
openvpn-client | + [[ 0 != \0 ]] | |
openvpn-client | + [[ -n openvpn ]] | |
openvpn-client | ++ id -g | |
openvpn-client | ++ ++ cut getent group -d: -f3openvpn | |
openvpn-client | | |
openvpn-client | + [[ 101 != \1\0\1 ]] | |
openvpn-client | + exec /usr/sbin/openvpn --config /config/client.ovpn | |
openvpn-client | 2021-03-08 19:29:33 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning. | |
openvpn-client | 2021-03-08 19:29:33 OpenVPN 2.5.0 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Dec 26 2020 | |
openvpn-client | 2021-03-08 19:29:33 library versions: OpenSSL 1.1.1i 8 Dec 2020, LZO 2.10 | |
openvpn-client | 2021-03-08 19:29:33 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication | |
openvpn-client | 2021-03-08 19:29:33 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication | |
openvpn-client | 2021-03-08 19:29:33 TCP/UDP: Preserving recently used remote address: [AF_INET]104.254.90.250:443 | |
openvpn-client | 2021-03-08 19:29:33 Socket Buffers: R=[212992->212992] S=[212992->212992]openvpn-client | 2021-03-08 19:29:33 UDP link local: (not bound) | |
openvpn-client | 2021-03-08 19:29:33 UDP link remote: [AF_INET]104.254.90.250:443 | |
openvpn-client | 2021-03-08 19:29:33 TLS: Initial packet from [AF_INET]104.254.90.250:443, sid=008cc616 66c692f5 | |
openvpn-client | 2021-03-08 19:29:33 VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org | |
openvpn-client | 2021-03-08 19:29:33 VERIFY KU OK | |
openvpn-client | 2021-03-08 19:29:33 Validating certificate extended key usage | |
openvpn-client | 2021-03-08 19:29:33 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication | |
openvpn-client | 2021-03-08 19:29:33 VERIFY EKU OK | |
openvpn-client | 2021-03-08 19:29:33 VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=Gorgonea, emailAddress=info@airvpn.org | |
openvpn-client | 2021-03-08 19:29:33 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_CHACHA20_POLY1305_SHA256, 4096 bit RSA | |
openvpn-client | 2021-03-08 19:29:33 [Gorgonea] Peer Connection Initiated with [AF_INET]104.254.90.250:443 | |
openvpn-client | 2021-03-08 19:29:34 SENT CONTROL [Gorgonea]: 'PUSH_REQUEST' (status=1) | |
openvpn-client | 2021-03-08 19:29:34 PUSH: Received control message: 'PUSH_REPLY,comp-lzo no,redirect-gateway ipv6 def1 bypass-dhcp,dhcp-option DNS 10.18.20.1,dhcp-option DNS6 fde6:7a:7d20:e14::1,tun-ipv6,route-gateway 10.18.20.1,topology subnet,ping 10,ping-restart 60,ifconfig-ipv6 fde6:7a:7d20:e14::1024/64 fde6:7a:7d20:e14::1,ifconfig 10.18.20.38 255.255.255.0,peer-id 9,cipher AES-256-GCM' | |
openvpn-client | 2021-03-08 19:29:34 OPTIONS IMPORT: timers and/or timeouts modified | |
openvpn-client | 2021-03-08 19:29:34 OPTIONS IMPORT: compression parms modified | |
openvpn-client | 2021-03-08 19:29:34 OPTIONS IMPORT: --ifconfig/up options modified | |
openvpn-client | 2021-03-08 19:29:34 OPTIONS IMPORT: route options modified | |
openvpn-client | 2021-03-08 19:29:34 OPTIONS IMPORT: route-related options modified | |
openvpn-client | 2021-03-08 19:29:34 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified | |
openvpn-client | 2021-03-08 19:29:34 OPTIONS IMPORT: peer-id set | |
openvpn-client | 2021-03-08 19:29:34 OPTIONS IMPORT: adjusting link_mtu to 1625 | |
openvpn-client | 2021-03-08 19:29:34 OPTIONS IMPORT: data channel crypto options modified | |
openvpn-client | 2021-03-08 19:29:34 Data Channel: using negotiated cipher 'AES-256-GCM' | |
openvpn-client | 2021-03-08 19:29:34 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key | |
openvpn-client | 2021-03-08 19:29:34 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key | |
openvpn-client | 2021-03-08 19:29:34 ROUTE_GATEWAY 172.18.0.1/255.255.0.0 IFACE=eth0 HWADDR=02:42:ac:12:00:02 | |
openvpn-client | 2021-03-08 19:29:34 GDG6: remote_host_ipv6=n/a | |
openvpn-client | 2021-03-08 19:29:34 net_route_v6_best_gw query: dst :: | |
openvpn-client | 2021-03-08 19:29:34 sitnl_send: rtnl: generic error (-101): Network unreachable | |
openvpn-client | 2021-03-08 19:29:34 ROUTE6: default_gateway=UNDEF | |
openvpn-client | 2021-03-08 19:29:34 TUN/TAP device tun0 opened | |
openvpn-client | 2021-03-08 19:29:34 /sbin/ip link set dev tun0 up mtu 1500 | |
openvpn-client | 2021-03-08 19:29:34 /sbin/ip link set dev tun0 up | |
openvpn-client | 2021-03-08 19:29:34 /sbin/ip addr add dev tun0 10.18.20.38/24 | |
openvpn-client | 2021-03-08 19:29:34 /sbin/ip link set dev tun0 up mtu 1500 | |
openvpn-client | 2021-03-08 19:29:34 /sbin/ip link set dev tun0 up | |
openvpn-client | 2021-03-08 19:29:34 /sbin/ip -6 addr add fde6:7a:7d20:e14::1024/64 dev tun0 | |
openvpn-client | RTNETLINK answers: Permission denied | |
openvpn-client | 2021-03-08 19:29:34 Linux ip -6 addr add failed: external program exited with error status: 2 | |
openvpn-client | 2021-03-08 19:29:34 Exiting due to fatal error | |
openvpn-client | + update_user_gid root openvpn | |
openvpn-client | + _USERNAME=root | |
openvpn-client | + _GROUPNAME=openvpn | |
openvpn-client | + _GID= | |
openvpn-client | + '[' -n '' ']' | |
openvpn-client | + update_user_uid root | |
openvpn-client | + _USERNAME=root | |
openvpn-client | + _UID= | |
openvpn-client | + '[' -n '' ']' | |
openvpn-client | + '[' vpnc-app = vpnc-app ']' | |
openvpn-client | + shift | |
openvpn-client | + /app/firewall.sh | |
openvpn-client | + set -e | |
openvpn-client | + awk '-F: ' '$0 !~ "lo|wg|tun|tap|^[^0-9]"{print $2;getline}' | |
openvpn-client | + ip link | |
openvpn-client | + cut -d@ -f1 | |
openvpn-client | + read interface | |
openvpn-client | + awk '$3 == "inet" {print $4}' | |
openvpn-client | + ip -o addr show dev eth0 | |
openvpn-client | + network=172.18.0.2/16 | |
openvpn-client | + '[' -z ] | |
openvpn-client | + result=172.18.0.2/16 | |
openvpn-client | + read interface | |
openvpn-client | + echo 172.18.0.2/16 | |
openvpn-client | + docker_networks=172.18.0.2/16 | |
openvpn-client | + '[' -z 172.18.0.2/16 ] | |
openvpn-client | + iptables -F | |
openvpn-client | + iptables -X | |
openvpn-client | + iptables -P INPUT DROP | |
openvpn-client | + iptables -P FORWARD DROP | |
openvpn-client | + iptables -P OUTPUT DROP | |
openvpn-client | + iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT | |
openvpn-client | + iptables -A INPUT -i lo -j ACCEPT | |
openvpn-client | + iptables -A INPUT -s 172.18.0.2/16 -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPTopenvpn-client | + iptables -A OUTPUT -o lo -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -d 172.18.0.2/16 -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -o tap+ -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -o tun+ -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -p udp -m udp --dport 53 -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -p tcp -m owner --gid-owner openvpn -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -p udp -m owner --gid-owner openvpn -j ACCEPT | |
openvpn-client | + iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT | |
openvpn-client | + iptables -A FORWARD -i lo -j ACCEPT | |
openvpn-client | + iptables -A FORWARD -d 172.18.0.2/16 -j ACCEPT | |
openvpn-client | + iptables -A FORWARD -s 172.18.0.2/16 -j ACCEPT | |
openvpn-client | + iptables -t nat -A POSTROUTING -o tap+ -j MASQUERADE | |
openvpn-client | + iptables -t nat -A POSTROUTING -o tun+ -j MASQUERADE | |
openvpn-client | + '[' -n ] | |
openvpn-client | + /app/firewall6.sh | |
openvpn-client | + set -e | |
openvpn-client | + ip link | |
openvpn-client | + read interface | |
openvpn-client | + awk '-F: ' '$0 !~ "lo|wg|tun|tap|^[^0-9]"{print $2;getline}'+ cut -d@ -f1 | |
openvpn-client | | |
openvpn-client | + ip -o addr show dev eth0 | |
openvpn-client | + awk '$3 == "inet6" {print $4; exit}' | |
openvpn-client | + network= | |
openvpn-client | + '[' -z ] | |
openvpn-client | + result= | |
openvpn-client | + read interface | |
openvpn-client | + echo | |
openvpn-client | + docker_networks= | |
openvpn-client | + '[' -z ] | |
openvpn-client | + echo 'No inet6 network' | |
openvpn-client | No inet6 network | |
openvpn-client | + exit | |
openvpn-client | + /app/routing.sh | |
openvpn-client | + set -e | |
openvpn-client | + '[' -n ] | |
openvpn-client | + /app/routing6.sh | |
openvpn-client | + set -e | |
openvpn-client | + '[' -n ] | |
openvpn-client | + exec /scripts/app-entrypoint.sh /usr/sbin/openvpn --config /config/client.ovpn | |
openvpn-client | + set -e | |
openvpn-client | + : root | |
openvpn-client | ++ id -u | |
openvpn-client | ++ id -u root | |
openvpn-client | + [[ 0 != \0 ]] | |
openvpn-client | + [[ -n openvpn ]] | |
openvpn-client | ++ id -g | |
openvpn-client | ++ getent group openvpn | |
openvpn-client | ++ cut -d: -f3 | |
openvpn-client | + [[ 0 != \1\0\1 ]] | |
openvpn-client | + '[' -n openvpn ']' | |
openvpn-client | + exec su-exec root:openvpn /scripts/app-entrypoint.sh /usr/sbin/openvpn --config /config/client.ovpn | |
openvpn-client | + set -e | |
openvpn-client | + : root | |
openvpn-client | ++ id -u | |
openvpn-client | ++ id -u root | |
openvpn-client | + [[ 0 != \0 ]] | |
openvpn-client | + [[ -n openvpn ]] | |
openvpn-client | ++ id -g | |
openvpn-client | ++ getent ++ cut -d: -f3 | |
openvpn-client | group openvpn | |
openvpn-client | + [[ 101 != \1\0\1 ]] | |
openvpn-client | + exec /usr/sbin/openvpn --config /config/client.ovpn | |
openvpn-client | 2021-03-08 19:29:37 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning. | |
openvpn-client | 2021-03-08 19:29:37 OpenVPN 2.5.0 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Dec 26 2020 | |
openvpn-client | 2021-03-08 19:29:37 library versions: OpenSSL 1.1.1i 8 Dec 2020, LZO 2.10 | |
openvpn-client | 2021-03-08 19:29:37 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication | |
openvpn-client | 2021-03-08 19:29:37 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication | |
openvpn-client | 2021-03-08 19:29:37 TCP/UDP: Preserving recently used remote address: [AF_INET]104.254.90.250:443 | |
openvpn-client | 2021-03-08 19:29:37 Socket Buffers: R=[212992->212992] S=[212992->212992]openvpn-client | 2021-03-08 19:29:37 UDP link local: (not bound) | |
openvpn-client | 2021-03-08 19:29:37 UDP link remote: [AF_INET]104.254.90.250:443 | |
openvpn-client | 2021-03-08 19:29:37 TLS: Initial packet from [AF_INET]104.254.90.250:443, sid=77a2b870 26a04189 | |
openvpn-client | 2021-03-08 19:29:37 VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org | |
openvpn-client | 2021-03-08 19:29:37 VERIFY KU OK | |
openvpn-client | 2021-03-08 19:29:37 Validating certificate extended key usage | |
openvpn-client | 2021-03-08 19:29:37 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication | |
openvpn-client | 2021-03-08 19:29:37 VERIFY EKU OK | |
openvpn-client | 2021-03-08 19:29:37 VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=Gorgonea, emailAddress=info@airvpn.org | |
openvpn-client | 2021-03-08 19:29:37 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_CHACHA20_POLY1305_SHA256, 4096 bit RSA | |
openvpn-client | 2021-03-08 19:29:37 [Gorgonea] Peer Connection Initiated with [AF_INET]104.254.90.250:443 | |
openvpn-client | 2021-03-08 19:29:38 SENT CONTROL [Gorgonea]: 'PUSH_REQUEST' (status=1) | |
openvpn-client | 2021-03-08 19:29:38 PUSH: Received control message: 'PUSH_REPLY,comp-lzo no,redirect-gateway ipv6 def1 bypass-dhcp,dhcp-option DNS 10.18.20.1,dhcp-option DNS6 fde6:7a:7d20:e14::1,tun-ipv6,route-gateway 10.18.20.1,topology subnet,ping 10,ping-restart 60,ifconfig-ipv6 fde6:7a:7d20:e14::1024/64 fde6:7a:7d20:e14::1,ifconfig 10.18.20.38 255.255.255.0,peer-id 7,cipher AES-256-GCM' | |
openvpn-client | 2021-03-08 19:29:38 OPTIONS IMPORT: timers and/or timeouts modified | |
openvpn-client | 2021-03-08 19:29:38 OPTIONS IMPORT: compression parms modified | |
openvpn-client | 2021-03-08 19:29:38 OPTIONS IMPORT: --ifconfig/up options modified | |
openvpn-client | 2021-03-08 19:29:38 OPTIONS IMPORT: route options modified | |
openvpn-client | 2021-03-08 19:29:38 OPTIONS IMPORT: route-related options modified | |
openvpn-client | 2021-03-08 19:29:38 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified | |
openvpn-client | 2021-03-08 19:29:38 OPTIONS IMPORT: peer-id set | |
openvpn-client | 2021-03-08 19:29:38 OPTIONS IMPORT: adjusting link_mtu to 1625 | |
openvpn-client | 2021-03-08 19:29:38 OPTIONS IMPORT: data channel crypto options modified | |
openvpn-client | 2021-03-08 19:29:38 Data Channel: using negotiated cipher 'AES-256-GCM' | |
openvpn-client | 2021-03-08 19:29:38 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key | |
openvpn-client | 2021-03-08 19:29:38 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key | |
openvpn-client | 2021-03-08 19:29:38 ROUTE_GATEWAY 172.18.0.1/255.255.0.0 IFACE=eth0 HWADDR=02:42:ac:12:00:02 | |
openvpn-client | 2021-03-08 19:29:38 GDG6: remote_host_ipv6=n/a | |
openvpn-client | 2021-03-08 19:29:38 net_route_v6_best_gw query: dst :: | |
openvpn-client | 2021-03-08 19:29:38 sitnl_send: rtnl: generic error (-101): Network unreachable | |
openvpn-client | 2021-03-08 19:29:38 ROUTE6: default_gateway=UNDEF | |
openvpn-client | 2021-03-08 19:29:38 TUN/TAP device tun0 opened | |
openvpn-client | 2021-03-08 19:29:38 /sbin/ip link set dev tun0 up mtu 1500 | |
openvpn-client | 2021-03-08 19:29:38 /sbin/ip link set dev tun0 up | |
openvpn-client | 2021-03-08 19:29:38 /sbin/ip addr add dev tun0 10.18.20.38/24 | |
openvpn-client | 2021-03-08 19:29:38 /sbin/ip link set dev tun0 up mtu 1500 | |
openvpn-client | 2021-03-08 19:29:38 /sbin/ip link set dev tun0 up | |
openvpn-client | 2021-03-08 19:29:38 /sbin/ip -6 addr add fde6:7a:7d20:e14::1024/64 dev tun0 | |
openvpn-client | RTNETLINK answers: Permission denied | |
openvpn-client | 2021-03-08 19:29:38 Linux ip -6 addr add failed: external program exited with error status: 2 | |
openvpn-client | 2021-03-08 19:29:38 Exiting due to fatal error | |
openvpn-client | + update_user_gid root openvpn | |
openvpn-client | + _USERNAME=root | |
openvpn-client | + _GROUPNAME=openvpn | |
openvpn-client | + _GID= | |
openvpn-client | + '[' -n '' ']' | |
openvpn-client | + update_user_uid root | |
openvpn-client | + _USERNAME=root | |
openvpn-client | + _UID= | |
openvpn-client | + '[' -n '' ']' | |
openvpn-client | + '[' vpnc-app = vpnc-app ']' | |
openvpn-client | + shift | |
openvpn-client | + /app/firewall.sh | |
openvpn-client | + set -e | |
openvpn-client | + ip link | |
openvpn-client | + awk '-F: ' '$0 !~ "lo|wg|tun|tap|^[^0-9]"{print $2;getline}' | |
openvpn-client | + cut -d@ -f1 | |
openvpn-client | + read interface | |
openvpn-client | + ip -o addr show dev eth0 | |
openvpn-client | + awk '$3 == "inet" {print $4}' | |
openvpn-client | + network=172.18.0.2/16 | |
openvpn-client | + '[' -z ] | |
openvpn-client | + result=172.18.0.2/16 | |
openvpn-client | + read interface | |
openvpn-client | + echo 172.18.0.2/16 | |
openvpn-client | + docker_networks=172.18.0.2/16 | |
openvpn-client | + '[' -z 172.18.0.2/16 ] | |
openvpn-client | + iptables -F | |
openvpn-client | + iptables -X | |
openvpn-client | + iptables -P INPUT DROP | |
openvpn-client | + iptables -P FORWARD DROP | |
openvpn-client | + iptables -P OUTPUT DROP | |
openvpn-client | + iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT | |
openvpn-client | + iptables -A INPUT -i lo -j ACCEPT | |
openvpn-client | + iptables -A INPUT -s 172.18.0.2/16 -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPTopenvpn-client | + iptables -A OUTPUT -o lo -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -d 172.18.0.2/16 -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -o tap+ -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -o tun+ -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -p udp -m udp --dport 53 -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -p tcp -m owner --gid-owner openvpn -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -p udp -m owner --gid-owner openvpn -j ACCEPT | |
openvpn-client | + iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT | |
openvpn-client | + iptables -A FORWARD -i lo -j ACCEPT | |
openvpn-client | + iptables -A FORWARD -d 172.18.0.2/16 -j ACCEPT | |
openvpn-client | + iptables -A FORWARD -s 172.18.0.2/16 -j ACCEPT | |
openvpn-client | + iptables -t nat -A POSTROUTING -o tap+ -j MASQUERADE | |
openvpn-client | + iptables -t nat -A POSTROUTING -o tun+ -j MASQUERADE | |
openvpn-client | + '[' -n ] | |
openvpn-client | + /app/firewall6.sh | |
openvpn-client | + set -e | |
openvpn-client | + ip link | |
openvpn-client | + read interface | |
openvpn-client | + awk '-F: ' '$0 !~ "lo|wg|tun|tap|^[^0-9]"{print $2;getline}' | |
openvpn-client | + cut -d@ -f1 | |
openvpn-client | + ip -o addr show dev eth0 | |
openvpn-client | + awk '$3 == "inet6" {print $4; exit}' | |
openvpn-client | + network= | |
openvpn-client | + '[' -z ] | |
openvpn-client | + result= | |
openvpn-client | + read interface | |
openvpn-client | + echo | |
openvpn-client | + docker_networks= | |
openvpn-client | + '[' -z ] | |
openvpn-client | + echo 'No inet6 network' | |
openvpn-client | No inet6 network | |
openvpn-client | + exit | |
openvpn-client | + /app/routing.sh | |
openvpn-client | + set -e | |
openvpn-client | + '[' -n ] | |
openvpn-client | + /app/routing6.sh | |
openvpn-client | + set -e | |
openvpn-client | + '[' -n ] | |
openvpn-client | + exec /scripts/app-entrypoint.sh /usr/sbin/openvpn --config /config/client.ovpn | |
openvpn-client | + set -e | |
openvpn-client | + : root | |
openvpn-client | ++ id -u | |
openvpn-client | ++ id -u root | |
openvpn-client | + [[ 0 != \0 ]] | |
openvpn-client | + [[ -n openvpn ]] | |
openvpn-client | ++ id -g | |
openvpn-client | ++ getent ++ cut -d: -f3 | |
openvpn-client | group openvpn | |
openvpn-client | + [[ 0 != \1\0\1 ]] | |
openvpn-client | + '[' -n openvpn ']' | |
openvpn-client | + exec su-exec root:openvpn /scripts/app-entrypoint.sh /usr/sbin/openvpn --config /config/client.ovpn | |
openvpn-client | + set -e | |
openvpn-client | + : root | |
openvpn-client | ++ id -u | |
openvpn-client | ++ id -u root | |
openvpn-client | + [[ 0 != \0 ]] | |
openvpn-client | + [[ -n openvpn ]] | |
openvpn-client | ++ id -g | |
openvpn-client | ++ ++ getent group openvpn | |
openvpn-client | cut -d: -f3 | |
openvpn-client | + [[ 101 != \1\0\1 ]] | |
openvpn-client | + exec /usr/sbin/openvpn --config /config/client.ovpn | |
openvpn-client | 2021-03-08 19:29:41 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning. | |
openvpn-client | 2021-03-08 19:29:41 OpenVPN 2.5.0 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Dec 26 2020 | |
openvpn-client | 2021-03-08 19:29:41 library versions: OpenSSL 1.1.1i 8 Dec 2020, LZO 2.10 | |
openvpn-client | 2021-03-08 19:29:41 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication | |
openvpn-client | 2021-03-08 19:29:41 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication | |
openvpn-client | 2021-03-08 19:29:41 TCP/UDP: Preserving recently used remote address: [AF_INET]104.254.90.250:443 | |
openvpn-client | 2021-03-08 19:29:41 Socket Buffers: R=[212992->212992] S=[212992->212992]openvpn-client | 2021-03-08 19:29:41 UDP link local: (not bound) | |
openvpn-client | 2021-03-08 19:29:41 UDP link remote: [AF_INET]104.254.90.250:443 | |
openvpn-client | 2021-03-08 19:29:41 TLS: Initial packet from [AF_INET]104.254.90.250:443, sid=99b0547e e8a2588b | |
openvpn-client | 2021-03-08 19:29:41 VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org | |
openvpn-client | 2021-03-08 19:29:41 VERIFY KU OK | |
openvpn-client | 2021-03-08 19:29:41 Validating certificate extended key usage | |
openvpn-client | 2021-03-08 19:29:41 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication | |
openvpn-client | 2021-03-08 19:29:41 VERIFY EKU OK | |
openvpn-client | 2021-03-08 19:29:41 VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=Gorgonea, emailAddress=info@airvpn.org | |
openvpn-client | 2021-03-08 19:29:42 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_CHACHA20_POLY1305_SHA256, 4096 bit RSA | |
openvpn-client | 2021-03-08 19:29:42 [Gorgonea] Peer Connection Initiated with [AF_INET]104.254.90.250:443 | |
openvpn-client | 2021-03-08 19:29:42 PUSH: Received control message: 'PUSH_REPLY,comp-lzo no,redirect-gateway ipv6 def1 bypass-dhcp,dhcp-option DNS 10.18.20.1,dhcp-option DNS6 fde6:7a:7d20:e14::1,tun-ipv6,route-gateway 10.18.20.1,topology subnet,ping 10,ping-restart 60,ifconfig-ipv6 fde6:7a:7d20:e14::1024/64 fde6:7a:7d20:e14::1,ifconfig 10.18.20.38 255.255.255.0,peer-id 8,cipher AES-256-GCM' | |
openvpn-client | 2021-03-08 19:29:42 OPTIONS IMPORT: timers and/or timeouts modified | |
openvpn-client | 2021-03-08 19:29:42 OPTIONS IMPORT: compression parms modified | |
openvpn-client | 2021-03-08 19:29:42 OPTIONS IMPORT: --ifconfig/up options modified | |
openvpn-client | 2021-03-08 19:29:42 OPTIONS IMPORT: route options modified | |
openvpn-client | 2021-03-08 19:29:42 OPTIONS IMPORT: route-related options modified | |
openvpn-client | 2021-03-08 19:29:42 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified | |
openvpn-client | 2021-03-08 19:29:42 OPTIONS IMPORT: peer-id set | |
openvpn-client | 2021-03-08 19:29:42 OPTIONS IMPORT: adjusting link_mtu to 1625 | |
openvpn-client | 2021-03-08 19:29:42 OPTIONS IMPORT: data channel crypto options modified | |
openvpn-client | 2021-03-08 19:29:42 Data Channel: using negotiated cipher 'AES-256-GCM' | |
openvpn-client | 2021-03-08 19:29:42 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key | |
openvpn-client | 2021-03-08 19:29:42 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key | |
openvpn-client | 2021-03-08 19:29:42 ROUTE_GATEWAY 172.18.0.1/255.255.0.0 IFACE=eth0 HWADDR=02:42:ac:12:00:02 | |
openvpn-client | 2021-03-08 19:29:42 GDG6: remote_host_ipv6=n/a | |
openvpn-client | 2021-03-08 19:29:42 net_route_v6_best_gw query: dst :: | |
openvpn-client | 2021-03-08 19:29:42 sitnl_send: rtnl: generic error (-101): Network unreachable | |
openvpn-client | 2021-03-08 19:29:42 ROUTE6: default_gateway=UNDEF | |
openvpn-client | 2021-03-08 19:29:42 TUN/TAP device tun0 opened | |
openvpn-client | 2021-03-08 19:29:42 /sbin/ip link set dev tun0 up mtu 1500 | |
openvpn-client | 2021-03-08 19:29:42 /sbin/ip link set dev tun0 up | |
openvpn-client | 2021-03-08 19:29:42 /sbin/ip addr add dev tun0 10.18.20.38/24 | |
openvpn-client | 2021-03-08 19:29:42 /sbin/ip link set dev tun0 up mtu 1500 | |
openvpn-client | 2021-03-08 19:29:42 /sbin/ip link set dev tun0 up | |
openvpn-client | 2021-03-08 19:29:42 /sbin/ip -6 addr add fde6:7a:7d20:e14::1024/64 dev tun0 | |
openvpn-client | RTNETLINK answers: Permission denied | |
openvpn-client | 2021-03-08 19:29:42 Linux ip -6 addr add failed: external program exited with error status: 2 | |
openvpn-client | 2021-03-08 19:29:42 Exiting due to fatal error | |
openvpn-client | + update_user_gid root openvpn | |
openvpn-client | + _USERNAME=root | |
openvpn-client | + _GROUPNAME=openvpn | |
openvpn-client | + _GID= | |
openvpn-client | + '[' -n '' ']' | |
openvpn-client | + update_user_uid root | |
openvpn-client | + _USERNAME=root | |
openvpn-client | + _UID= | |
openvpn-client | + '[' -n '' ']' | |
openvpn-client | + '[' vpnc-app = vpnc-app ']' | |
openvpn-client | + shift | |
openvpn-client | + /app/firewall.sh | |
openvpn-client | + set -e | |
openvpn-client | + ip link | |
openvpn-client | + awk '-F: ' '$0 !~ "lo|wg|tun|tap|^[^0-9]"{print $2;getline}' | |
openvpn-client | + cut -d@ -f1 | |
openvpn-client | + read interface | |
openvpn-client | + ip -o addr show dev eth0 | |
openvpn-client | + awk '$3 == "inet" {print $4}' | |
openvpn-client | + network=172.18.0.2/16 | |
openvpn-client | + '[' -z ] | |
openvpn-client | + result=172.18.0.2/16 | |
openvpn-client | + read interface | |
openvpn-client | + echo 172.18.0.2/16 | |
openvpn-client | + docker_networks=172.18.0.2/16 | |
openvpn-client | + '[' -z 172.18.0.2/16 ] | |
openvpn-client | + iptables -F | |
openvpn-client | + iptables -X | |
openvpn-client | + iptables -P INPUT DROP | |
openvpn-client | + iptables -P FORWARD DROP | |
openvpn-client | + iptables -P OUTPUT DROP | |
openvpn-client | + iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT | |
openvpn-client | + iptables -A INPUT -i lo -j ACCEPT | |
openvpn-client | + iptables -A INPUT -s 172.18.0.2/16 -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPTopenvpn-client | + iptables -A OUTPUT -o lo -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -d 172.18.0.2/16 -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -o tap+ -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -o tun+ -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -p udp -m udp --dport 53 -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -p tcp -m owner --gid-owner openvpn -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -p udp -m owner --gid-owner openvpn -j ACCEPT | |
openvpn-client | + iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT | |
openvpn-client | + iptables -A FORWARD -i lo -j ACCEPT | |
openvpn-client | + iptables -A FORWARD -d 172.18.0.2/16 -j ACCEPT | |
openvpn-client | + iptables -A FORWARD -s 172.18.0.2/16 -j ACCEPT | |
openvpn-client | + iptables -t nat -A POSTROUTING -o tap+ -j MASQUERADE | |
openvpn-client | + iptables -t nat -A POSTROUTING -o tun+ -j MASQUERADE | |
openvpn-client | + '[' -n ] | |
openvpn-client | + /app/firewall6.sh | |
openvpn-client | + set -e | |
openvpn-client | + ip link | |
openvpn-client | + read interface | |
openvpn-client | + awk '-F: ' '$0 !~ "lo|wg|tun|tap|^[^0-9]"{print $2;getline}' | |
openvpn-client | + cut -d@ -f1 | |
openvpn-client | + ip -o addr show dev eth0 | |
openvpn-client | + awk '$3 == "inet6" {print $4; exit}' | |
openvpn-client | + network= | |
openvpn-client | + '[' -z ] | |
openvpn-client | + result= | |
openvpn-client | + read interface | |
openvpn-client | + echo | |
openvpn-client | + docker_networks= | |
openvpn-client | + '[' -z ] | |
openvpn-client | + echo 'No inet6 network' | |
openvpn-client | No inet6 network | |
openvpn-client | + exit | |
openvpn-client | + /app/routing.sh | |
openvpn-client | + set -e | |
openvpn-client | + '[' -n ] | |
openvpn-client | + /app/routing6.sh | |
openvpn-client | + set -e | |
openvpn-client | + '[' -n ] | |
openvpn-client | + exec /scripts/app-entrypoint.sh /usr/sbin/openvpn --config /config/client.ovpn | |
openvpn-client | + set -e | |
openvpn-client | + : root | |
openvpn-client | ++ id -u | |
openvpn-client | ++ id -u root | |
openvpn-client | + [[ 0 != \0 ]] | |
openvpn-client | + [[ -n openvpn ]] | |
openvpn-client | ++ id -g | |
openvpn-client | ++ getent group ++ cut -d: -f3 | |
openvpn-client | openvpn | |
openvpn-client | + [[ 0 != \1\0\1 ]] | |
openvpn-client | + '[' -n openvpn ']' | |
openvpn-client | + exec su-exec root:openvpn /scripts/app-entrypoint.sh /usr/sbin/openvpn --config /config/client.ovpn | |
openvpn-client | + set -e | |
openvpn-client | + : root | |
openvpn-client | ++ id -u | |
openvpn-client | ++ id -u root | |
openvpn-client | + [[ 0 != \0 ]] | |
openvpn-client | + [[ -n openvpn ]] | |
openvpn-client | ++ id -g | |
openvpn-client | ++ getent group openvpn | |
openvpn-client | ++ cut -d: -f3 | |
openvpn-client | + [[ 101 != \1\0\1 ]] | |
openvpn-client | + exec /usr/sbin/openvpn --config /config/client.ovpn | |
openvpn-client | 2021-03-08 19:29:47 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning. | |
openvpn-client | 2021-03-08 19:29:47 OpenVPN 2.5.0 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Dec 26 2020 | |
openvpn-client | 2021-03-08 19:29:47 library versions: OpenSSL 1.1.1i 8 Dec 2020, LZO 2.10 | |
openvpn-client | 2021-03-08 19:29:47 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication | |
openvpn-client | 2021-03-08 19:29:47 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication | |
openvpn-client | 2021-03-08 19:29:47 TCP/UDP: Preserving recently used remote address: [AF_INET]104.254.90.250:443 | |
openvpn-client | 2021-03-08 19:29:47 Socket Buffers: R=[212992->212992] S=[212992->212992]openvpn-client | 2021-03-08 19:29:47 UDP link local: (not bound) | |
openvpn-client | 2021-03-08 19:29:47 UDP link remote: [AF_INET]104.254.90.250:443 | |
openvpn-client | 2021-03-08 19:29:47 TLS: Initial packet from [AF_INET]104.254.90.250:443, sid=05604980 b1e15548 | |
openvpn-client | 2021-03-08 19:29:47 VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org | |
openvpn-client | 2021-03-08 19:29:47 VERIFY KU OK | |
openvpn-client | 2021-03-08 19:29:47 Validating certificate extended key usage | |
openvpn-client | 2021-03-08 19:29:47 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication | |
openvpn-client | 2021-03-08 19:29:47 VERIFY EKU OK | |
openvpn-client | 2021-03-08 19:29:47 VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=Gorgonea, emailAddress=info@airvpn.org | |
openvpn-client | 2021-03-08 19:29:47 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_CHACHA20_POLY1305_SHA256, 4096 bit RSA | |
openvpn-client | 2021-03-08 19:29:47 [Gorgonea] Peer Connection Initiated with [AF_INET]104.254.90.250:443 | |
openvpn-client | 2021-03-08 19:29:48 SENT CONTROL [Gorgonea]: 'PUSH_REQUEST' (status=1) | |
openvpn-client | 2021-03-08 19:29:48 PUSH: Received control message: 'PUSH_REPLY,comp-lzo no,redirect-gateway ipv6 def1 bypass-dhcp,dhcp-option DNS 10.18.20.1,dhcp-option DNS6 fde6:7a:7d20:e14::1,tun-ipv6,route-gateway 10.18.20.1,topology subnet,ping 10,ping-restart 60,ifconfig-ipv6 fde6:7a:7d20:e14::1024/64 fde6:7a:7d20:e14::1,ifconfig 10.18.20.38 255.255.255.0,peer-id 9,cipher AES-256-GCM' | |
openvpn-client | 2021-03-08 19:29:48 OPTIONS IMPORT: timers and/or timeouts modified | |
openvpn-client | 2021-03-08 19:29:48 OPTIONS IMPORT: compression parms modified | |
openvpn-client | 2021-03-08 19:29:48 OPTIONS IMPORT: --ifconfig/up options modified | |
openvpn-client | 2021-03-08 19:29:48 OPTIONS IMPORT: route options modified | |
openvpn-client | 2021-03-08 19:29:48 OPTIONS IMPORT: route-related options modified | |
openvpn-client | 2021-03-08 19:29:48 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified | |
openvpn-client | 2021-03-08 19:29:48 OPTIONS IMPORT: peer-id set | |
openvpn-client | 2021-03-08 19:29:48 OPTIONS IMPORT: adjusting link_mtu to 1625 | |
openvpn-client | 2021-03-08 19:29:48 OPTIONS IMPORT: data channel crypto options modified | |
openvpn-client | 2021-03-08 19:29:48 Data Channel: using negotiated cipher 'AES-256-GCM' | |
openvpn-client | 2021-03-08 19:29:48 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key | |
openvpn-client | 2021-03-08 19:29:48 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key | |
openvpn-client | 2021-03-08 19:29:48 ROUTE_GATEWAY 172.18.0.1/255.255.0.0 IFACE=eth0 HWADDR=02:42:ac:12:00:02 | |
openvpn-client | 2021-03-08 19:29:48 GDG6: remote_host_ipv6=n/a | |
openvpn-client | 2021-03-08 19:29:48 net_route_v6_best_gw query: dst :: | |
openvpn-client | 2021-03-08 19:29:48 sitnl_send: rtnl: generic error (-101): Network unreachable | |
openvpn-client | 2021-03-08 19:29:48 ROUTE6: default_gateway=UNDEF | |
openvpn-client | 2021-03-08 19:29:48 TUN/TAP device tun0 opened | |
openvpn-client | 2021-03-08 19:29:48 /sbin/ip link set dev tun0 up mtu 1500 | |
openvpn-client | 2021-03-08 19:29:48 /sbin/ip link set dev tun0 up | |
openvpn-client | 2021-03-08 19:29:48 /sbin/ip addr add dev tun0 10.18.20.38/24 | |
openvpn-client | 2021-03-08 19:29:48 /sbin/ip link set dev tun0 up mtu 1500 | |
openvpn-client | 2021-03-08 19:29:48 /sbin/ip link set dev tun0 up | |
openvpn-client | 2021-03-08 19:29:48 /sbin/ip -6 addr add fde6:7a:7d20:e14::1024/64 dev tun0 | |
openvpn-client | RTNETLINK answers: Permission denied | |
openvpn-client | 2021-03-08 19:29:48 Linux ip -6 addr add failed: external program exited with error status: 2 | |
openvpn-client | 2021-03-08 19:29:48 Exiting due to fatal error | |
openvpn-client | + update_user_gid root openvpn | |
openvpn-client | + _USERNAME=root | |
openvpn-client | + _GROUPNAME=openvpn | |
openvpn-client | + _GID= | |
openvpn-client | + '[' -n '' ']' | |
openvpn-client | + update_user_uid root | |
openvpn-client | + _USERNAME=root | |
openvpn-client | + _UID= | |
openvpn-client | + '[' -n '' ']' | |
openvpn-client | + '[' vpnc-app = vpnc-app ']' | |
openvpn-client | + shift | |
openvpn-client | + /app/firewall.sh | |
openvpn-client | + set -e | |
openvpn-client | + ip link | |
openvpn-client | + awk '-F: ' '$0 !~ "lo|wg|tun|tap|^[^0-9]"{print $2;getline}' | |
openvpn-client | + cut -d@ -f1 | |
openvpn-client | + read interface | |
openvpn-client | + ip -o+ addr show devawk eth0 '$3 == "inet" {print $4}' | |
openvpn-client | | |
openvpn-client | + network=172.18.0.2/16 | |
openvpn-client | + '[' -z ] | |
openvpn-client | + result=172.18.0.2/16 | |
openvpn-client | + read interface | |
openvpn-client | + echo 172.18.0.2/16 | |
openvpn-client | + docker_networks=172.18.0.2/16 | |
openvpn-client | + '[' -z 172.18.0.2/16 ] | |
openvpn-client | + iptables -F | |
openvpn-client | + iptables -X | |
openvpn-client | + iptables -P INPUT DROP | |
openvpn-client | + iptables -P FORWARD DROP | |
openvpn-client | + iptables -P OUTPUT DROP | |
openvpn-client | + iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT | |
openvpn-client | + iptables -A INPUT -i lo -j ACCEPT | |
openvpn-client | + iptables -A INPUT -s 172.18.0.2/16 -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPTopenvpn-client | + iptables -A OUTPUT -o lo -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -d 172.18.0.2/16 -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -o tap+ -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -o tun+ -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -p udp -m udp --dport 53 -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -p tcp -m owner --gid-owner openvpn -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -p udp -m owner --gid-owner openvpn -j ACCEPT | |
openvpn-client | + iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT | |
openvpn-client | + iptables -A FORWARD -i lo -j ACCEPT | |
openvpn-client | + iptables -A FORWARD -d 172.18.0.2/16 -j ACCEPT | |
openvpn-client | + iptables -A FORWARD -s 172.18.0.2/16 -j ACCEPT | |
openvpn-client | + iptables -t nat -A POSTROUTING -o tap+ -j MASQUERADE | |
openvpn-client | + iptables -t nat -A POSTROUTING -o tun+ -j MASQUERADE | |
openvpn-client | + '[' -n ] | |
openvpn-client | + /app/firewall6.sh | |
openvpn-client | + set -e | |
openvpn-client | + ip link | |
openvpn-client | + read interface | |
openvpn-client | + awk '-F: ' '$0 !~ "lo|wg|tun|tap|^[^0-9]"{print $2;getline}' | |
openvpn-client | + cut -d@ -f1 | |
openvpn-client | + ip -o addr show dev eth0 | |
openvpn-client | + awk '$3 == "inet6" {print $4; exit}' | |
openvpn-client | + network= | |
openvpn-client | + '[' -z ] | |
openvpn-client | + result= | |
openvpn-client | + read interface | |
openvpn-client | + echo | |
openvpn-client | + docker_networks= | |
openvpn-client | + '[' -z ] | |
openvpn-client | + echo 'No inet6 network' | |
openvpn-client | No inet6 network | |
openvpn-client | + exit | |
openvpn-client | + /app/routing.sh | |
openvpn-client | + set -e | |
openvpn-client | + '[' -n ] | |
openvpn-client | + /app/routing6.sh | |
openvpn-client | + set -e | |
openvpn-client | + '[' -n ] | |
openvpn-client | + exec /scripts/app-entrypoint.sh /usr/sbin/openvpn --config /config/client.ovpn | |
openvpn-client | + set -e | |
openvpn-client | + : root | |
openvpn-client | ++ id -u | |
openvpn-client | ++ id -u root | |
openvpn-client | + [[ 0 != \0 ]] | |
openvpn-client | + [[ -n openvpn ]] | |
openvpn-client | ++ id -g | |
openvpn-client | ++ getent group openvpn | |
openvpn-client | ++ cut -d: -f3 | |
openvpn-client | + [[ 0 != \1\0\1 ]] | |
openvpn-client | + '[' -n openvpn ']' | |
openvpn-client | + exec su-exec root:openvpn /scripts/app-entrypoint.sh /usr/sbin/openvpn --config /config/client.ovpn | |
openvpn-client | + set -e | |
openvpn-client | + : root | |
openvpn-client | ++ id -u | |
openvpn-client | ++ id -u root | |
openvpn-client | + [[ 0 != \0 ]] | |
openvpn-client | + [[ -n openvpn ]] | |
openvpn-client | ++ id -g | |
openvpn-client | ++ getent ++ group cut -d: -f3 | |
openvpn-client | openvpn | |
openvpn-client | + [[ 101 != \1\0\1 ]] | |
openvpn-client | + exec /usr/sbin/openvpn --config /config/client.ovpn | |
openvpn-client | 2021-03-08 19:29:57 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning. | |
openvpn-client | 2021-03-08 19:29:57 OpenVPN 2.5.0 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Dec 26 2020 | |
openvpn-client | 2021-03-08 19:29:57 library versions: OpenSSL 1.1.1i 8 Dec 2020, LZO 2.10 | |
openvpn-client | 2021-03-08 19:29:57 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication | |
openvpn-client | 2021-03-08 19:29:57 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication | |
openvpn-client | 2021-03-08 19:29:57 TCP/UDP: Preserving recently used remote address: [AF_INET]104.254.90.250:443 | |
openvpn-client | 2021-03-08 19:29:57 Socket Buffers: R=[212992->212992] S=[212992->212992]openvpn-client | 2021-03-08 19:29:57 UDP link local: (not bound) | |
openvpn-client | 2021-03-08 19:29:57 UDP link remote: [AF_INET]104.254.90.250:443 | |
openvpn-client | 2021-03-08 19:29:57 TLS: Initial packet from [AF_INET]104.254.90.250:443, sid=605bee1f 89e421eb | |
openvpn-client | 2021-03-08 19:29:57 VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org | |
openvpn-client | 2021-03-08 19:29:57 VERIFY KU OK | |
openvpn-client | 2021-03-08 19:29:57 Validating certificate extended key usage | |
openvpn-client | 2021-03-08 19:29:57 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication | |
openvpn-client | 2021-03-08 19:29:57 VERIFY EKU OK | |
openvpn-client | 2021-03-08 19:29:57 VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=Gorgonea, emailAddress=info@airvpn.org | |
openvpn-client | 2021-03-08 19:29:57 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_CHACHA20_POLY1305_SHA256, 4096 bit RSA | |
openvpn-client | 2021-03-08 19:29:57 [Gorgonea] Peer Connection Initiated with [AF_INET]104.254.90.250:443 | |
openvpn-client | 2021-03-08 19:29:58 SENT CONTROL [Gorgonea]: 'PUSH_REQUEST' (status=1) | |
openvpn-client | 2021-03-08 19:29:58 PUSH: Received control message: 'PUSH_REPLY,comp-lzo no,redirect-gateway ipv6 def1 bypass-dhcp,dhcp-option DNS 10.18.20.1,dhcp-option DNS6 fde6:7a:7d20:e14::1,tun-ipv6,route-gateway 10.18.20.1,topology subnet,ping 10,ping-restart 60,ifconfig-ipv6 fde6:7a:7d20:e14::1024/64 fde6:7a:7d20:e14::1,ifconfig 10.18.20.38 255.255.255.0,peer-id 7,cipher AES-256-GCM' | |
openvpn-client | 2021-03-08 19:29:58 OPTIONS IMPORT: timers and/or timeouts modified | |
openvpn-client | 2021-03-08 19:29:58 OPTIONS IMPORT: compression parms modified | |
openvpn-client | 2021-03-08 19:29:58 OPTIONS IMPORT: --ifconfig/up options modified | |
openvpn-client | 2021-03-08 19:29:58 OPTIONS IMPORT: route options modified | |
openvpn-client | 2021-03-08 19:29:58 OPTIONS IMPORT: route-related options modified | |
openvpn-client | 2021-03-08 19:29:58 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified | |
openvpn-client | 2021-03-08 19:29:58 OPTIONS IMPORT: peer-id set | |
openvpn-client | 2021-03-08 19:29:58 OPTIONS IMPORT: adjusting link_mtu to 1625 | |
openvpn-client | 2021-03-08 19:29:58 OPTIONS IMPORT: data channel crypto options modified | |
openvpn-client | 2021-03-08 19:29:58 Data Channel: using negotiated cipher 'AES-256-GCM' | |
openvpn-client | 2021-03-08 19:29:58 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key | |
openvpn-client | 2021-03-08 19:29:58 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key | |
openvpn-client | 2021-03-08 19:29:58 ROUTE_GATEWAY 172.18.0.1/255.255.0.0 IFACE=eth0 HWADDR=02:42:ac:12:00:02 | |
openvpn-client | 2021-03-08 19:29:58 GDG6: remote_host_ipv6=n/a | |
openvpn-client | 2021-03-08 19:29:58 net_route_v6_best_gw query: dst :: | |
openvpn-client | 2021-03-08 19:29:58 sitnl_send: rtnl: generic error (-101): Network unreachable | |
openvpn-client | 2021-03-08 19:29:58 ROUTE6: default_gateway=UNDEF | |
openvpn-client | 2021-03-08 19:29:58 TUN/TAP device tun0 opened | |
openvpn-client | 2021-03-08 19:29:58 /sbin/ip link set dev tun0 up mtu 1500 | |
openvpn-client | 2021-03-08 19:29:58 /sbin/ip link set dev tun0 up | |
openvpn-client | 2021-03-08 19:29:58 /sbin/ip addr add dev tun0 10.18.20.38/24 | |
openvpn-client | 2021-03-08 19:29:58 /sbin/ip link set dev tun0 up mtu 1500 | |
openvpn-client | 2021-03-08 19:29:58 /sbin/ip link set dev tun0 up | |
openvpn-client | 2021-03-08 19:29:58 /sbin/ip -6 addr add fde6:7a:7d20:e14::1024/64 dev tun0 | |
openvpn-client | RTNETLINK answers: Permission denied | |
openvpn-client | 2021-03-08 19:29:58 Linux ip -6 addr add failed: external program exited with error status: 2 | |
openvpn-client | 2021-03-08 19:29:58 Exiting due to fatal error | |
openvpn-client | + update_user_gid root openvpn | |
openvpn-client | + _USERNAME=root | |
openvpn-client | + _GROUPNAME=openvpn | |
openvpn-client | + _GID= | |
openvpn-client | + '[' -n '' ']' | |
openvpn-client | + update_user_uid root | |
openvpn-client | + _USERNAME=root | |
openvpn-client | + _UID= | |
openvpn-client | + '[' -n '' ']' | |
openvpn-client | + '[' vpnc-app = vpnc-app ']' | |
openvpn-client | + shift | |
openvpn-client | + /app/firewall.sh | |
openvpn-client | + set -e | |
openvpn-client | + read interface | |
openvpn-client | + cut -d@ -f1 | |
openvpn-client | + awk '-F: ' '$0 !~ "lo|wg|tun|tap|^[^0-9]"{print $2;getline}' | |
openvpn-client | + ip link | |
openvpn-client | + ip -o addr show dev eth0 | |
openvpn-client | + awk '$3 == "inet" {print $4}' | |
openvpn-client | + network=172.18.0.2/16 | |
openvpn-client | + '[' -z ] | |
openvpn-client | + result=172.18.0.2/16 | |
openvpn-client | + read interface | |
openvpn-client | + echo 172.18.0.2/16 | |
openvpn-client | + docker_networks=172.18.0.2/16 | |
openvpn-client | + '[' -z 172.18.0.2/16 ] | |
openvpn-client | + iptables -F | |
openvpn-client | + iptables -X | |
openvpn-client | + iptables -P INPUT DROP | |
openvpn-client | + iptables -P FORWARD DROP | |
openvpn-client | + iptables -P OUTPUT DROP | |
openvpn-client | + iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT | |
openvpn-client | + iptables -A INPUT -i lo -j ACCEPT | |
openvpn-client | + iptables -A INPUT -s 172.18.0.2/16 -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPTopenvpn-client | + iptables -A OUTPUT -o lo -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -d 172.18.0.2/16 -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -o tap+ -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -o tun+ -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -p udp -m udp --dport 53 -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -p tcp -m owner --gid-owner openvpn -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -p udp -m owner --gid-owner openvpn -j ACCEPT | |
openvpn-client | + iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT | |
openvpn-client | + iptables -A FORWARD -i lo -j ACCEPT | |
openvpn-client | + iptables -A FORWARD -d 172.18.0.2/16 -j ACCEPT | |
openvpn-client | + iptables -A FORWARD -s 172.18.0.2/16 -j ACCEPT | |
openvpn-client | + iptables -t nat -A POSTROUTING -o tap+ -j MASQUERADE | |
openvpn-client | + iptables -t nat -A POSTROUTING -o tun+ -j MASQUERADE | |
openvpn-client | + '[' -n ] | |
openvpn-client | + /app/firewall6.sh | |
openvpn-client | + set -e | |
openvpn-client | + ip link | |
openvpn-client | + awk '-F: ' '$0 !~ "lo|wg|tun|tap|^[^0-9]"{print $2;getline}' | |
openvpn-client | + + read interfacecut | |
openvpn-client | -d@ -f1 | |
openvpn-client | + + awk '$3 == "inet6" {print $4; exit}' | |
openvpn-client | ip -o addr show dev eth0 | |
openvpn-client | + network= | |
openvpn-client | + '[' -z ] | |
openvpn-client | + result= | |
openvpn-client | + read interface | |
openvpn-client | + echo | |
openvpn-client | + docker_networks= | |
openvpn-client | + '[' -z ] | |
openvpn-client | + echo 'No inet6 network' | |
openvpn-client | No inet6 network | |
openvpn-client | + exit | |
openvpn-client | + /app/routing.sh | |
openvpn-client | + set -e | |
openvpn-client | + '[' -n ] | |
openvpn-client | + /app/routing6.sh | |
openvpn-client | + set -e | |
openvpn-client | + '[' -n ] | |
openvpn-client | + exec /scripts/app-entrypoint.sh /usr/sbin/openvpn --config /config/client.ovpn | |
openvpn-client | + set -e | |
openvpn-client | + : root | |
openvpn-client | ++ id -u | |
openvpn-client | ++ id -u root | |
openvpn-client | + [[ 0 != \0 ]] | |
openvpn-client | + [[ -n openvpn ]] | |
openvpn-client | ++ id -g | |
openvpn-client | ++ getent group openvpn | |
openvpn-client | ++ cut -d: -f3 | |
openvpn-client | + [[ 0 != \1\0\1 ]] | |
openvpn-client | + '[' -n openvpn ']' | |
openvpn-client | + exec su-exec root:openvpn /scripts/app-entrypoint.sh /usr/sbin/openvpn --config /config/client.ovpn | |
openvpn-client | + set -e | |
openvpn-client | + : root | |
openvpn-client | ++ id -u | |
openvpn-client | ++ id -u root | |
openvpn-client | + [[ 0 != \0 ]] | |
openvpn-client | + [[ -n openvpn ]] | |
openvpn-client | ++ id -g | |
openvpn-client | ++ getent group ++ cut -d: -f3 | |
openvpn-client | openvpn | |
openvpn-client | + [[ 101 != \1\0\1 ]] | |
openvpn-client | + exec /usr/sbin/openvpn --config /config/client.ovpn | |
openvpn-client | 2021-03-08 19:30:12 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning. | |
openvpn-client | 2021-03-08 19:30:12 OpenVPN 2.5.0 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Dec 26 2020 | |
openvpn-client | 2021-03-08 19:30:12 library versions: OpenSSL 1.1.1i 8 Dec 2020, LZO 2.10 | |
openvpn-client | 2021-03-08 19:30:12 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication | |
openvpn-client | 2021-03-08 19:30:12 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication | |
openvpn-client | 2021-03-08 19:30:12 TCP/UDP: Preserving recently used remote address: [AF_INET]104.254.90.250:443 | |
openvpn-client | 2021-03-08 19:30:12 Socket Buffers: R=[212992->212992] S=[212992->212992]openvpn-client | 2021-03-08 19:30:12 UDP link local: (not bound) | |
openvpn-client | 2021-03-08 19:30:12 UDP link remote: [AF_INET]104.254.90.250:443 | |
openvpn-client | 2021-03-08 19:30:12 TLS: Initial packet from [AF_INET]104.254.90.250:443, sid=b781b373 23cc5b6a | |
openvpn-client | 2021-03-08 19:30:12 VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org | |
openvpn-client | 2021-03-08 19:30:12 VERIFY KU OK | |
openvpn-client | 2021-03-08 19:30:12 Validating certificate extended key usage | |
openvpn-client | 2021-03-08 19:30:12 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication | |
openvpn-client | 2021-03-08 19:30:12 VERIFY EKU OK | |
openvpn-client | 2021-03-08 19:30:12 VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=Gorgonea, emailAddress=info@airvpn.org | |
openvpn-client | 2021-03-08 19:30:12 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_CHACHA20_POLY1305_SHA256, 4096 bit RSA | |
openvpn-client | 2021-03-08 19:30:12 [Gorgonea] Peer Connection Initiated with [AF_INET]104.254.90.250:443 | |
openvpn-client | 2021-03-08 19:30:13 SENT CONTROL [Gorgonea]: 'PUSH_REQUEST' (status=1) | |
openvpn-client | 2021-03-08 19:30:13 PUSH: Received control message: 'PUSH_REPLY,comp-lzo no,redirect-gateway ipv6 def1 bypass-dhcp,dhcp-option DNS 10.18.20.1,dhcp-option DNS6 fde6:7a:7d20:e14::1,tun-ipv6,route-gateway 10.18.20.1,topology subnet,ping 10,ping-restart 60,ifconfig-ipv6 fde6:7a:7d20:e14::1024/64 fde6:7a:7d20:e14::1,ifconfig 10.18.20.38 255.255.255.0,peer-id 9,cipher AES-256-GCM' | |
openvpn-client | 2021-03-08 19:30:13 OPTIONS IMPORT: timers and/or timeouts modified | |
openvpn-client | 2021-03-08 19:30:13 OPTIONS IMPORT: compression parms modified | |
openvpn-client | 2021-03-08 19:30:13 OPTIONS IMPORT: --ifconfig/up options modified | |
openvpn-client | 2021-03-08 19:30:13 OPTIONS IMPORT: route options modified | |
openvpn-client | 2021-03-08 19:30:13 OPTIONS IMPORT: route-related options modified | |
openvpn-client | 2021-03-08 19:30:13 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified | |
openvpn-client | 2021-03-08 19:30:13 OPTIONS IMPORT: peer-id set | |
openvpn-client | 2021-03-08 19:30:13 OPTIONS IMPORT: adjusting link_mtu to 1625 | |
openvpn-client | 2021-03-08 19:30:13 OPTIONS IMPORT: data channel crypto options modified | |
openvpn-client | 2021-03-08 19:30:13 Data Channel: using negotiated cipher 'AES-256-GCM' | |
openvpn-client | 2021-03-08 19:30:13 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key | |
openvpn-client | 2021-03-08 19:30:13 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key | |
openvpn-client | 2021-03-08 19:30:13 ROUTE_GATEWAY 172.18.0.1/255.255.0.0 IFACE=eth0 HWADDR=02:42:ac:12:00:02 | |
openvpn-client | 2021-03-08 19:30:13 GDG6: remote_host_ipv6=n/a | |
openvpn-client | 2021-03-08 19:30:13 net_route_v6_best_gw query: dst :: | |
openvpn-client | 2021-03-08 19:30:13 sitnl_send: rtnl: generic error (-101): Network unreachable | |
openvpn-client | 2021-03-08 19:30:13 ROUTE6: default_gateway=UNDEF | |
openvpn-client | 2021-03-08 19:30:13 TUN/TAP device tun0 opened | |
openvpn-client | 2021-03-08 19:30:13 /sbin/ip link set dev tun0 up mtu 1500 | |
openvpn-client | 2021-03-08 19:30:13 /sbin/ip link set dev tun0 up | |
openvpn-client | 2021-03-08 19:30:13 /sbin/ip addr add dev tun0 10.18.20.38/24 | |
openvpn-client | 2021-03-08 19:30:13 /sbin/ip link set dev tun0 up mtu 1500 | |
openvpn-client | 2021-03-08 19:30:13 /sbin/ip link set dev tun0 up | |
openvpn-client | 2021-03-08 19:30:13 /sbin/ip -6 addr add fde6:7a:7d20:e14::1024/64 dev tun0 | |
openvpn-client | RTNETLINK answers: Permission denied | |
openvpn-client | 2021-03-08 19:30:13 Linux ip -6 addr add failed: external program exited with error status: 2 | |
openvpn-client | 2021-03-08 19:30:13 Exiting due to fatal error | |
openvpn-client | + update_user_gid root openvpn | |
openvpn-client | + _USERNAME=root | |
openvpn-client | + _GROUPNAME=openvpn | |
openvpn-client | + _GID= | |
openvpn-client | + '[' -n '' ']' | |
openvpn-client | + update_user_uid root | |
openvpn-client | + _USERNAME=root | |
openvpn-client | + _UID= | |
openvpn-client | + '[' -n '' ']' | |
openvpn-client | + '[' vpnc-app = vpnc-app ']' | |
openvpn-client | + shift | |
openvpn-client | + /app/firewall.sh | |
openvpn-client | + set -e | |
openvpn-client | + ip link | |
openvpn-client | + read interface | |
openvpn-client | + cut -d@ -f1 | |
openvpn-client | + awk '-F: ' '$0 !~ "lo|wg|tun|tap|^[^0-9]"{print $2;getline}' | |
openvpn-client | + ip -o addr show dev eth0 | |
openvpn-client | + awk '$3 == "inet" {print $4}' | |
openvpn-client | + network=172.18.0.2/16 | |
openvpn-client | + '[' -z ] | |
openvpn-client | + result=172.18.0.2/16 | |
openvpn-client | + read interface | |
openvpn-client | + echo 172.18.0.2/16 | |
openvpn-client | + docker_networks=172.18.0.2/16 | |
openvpn-client | + '[' -z 172.18.0.2/16 ] | |
openvpn-client | + iptables -F | |
openvpn-client | + iptables -X | |
openvpn-client | + iptables -P INPUT DROP | |
openvpn-client | + iptables -P FORWARD DROP | |
openvpn-client | + iptables -P OUTPUT DROP | |
openvpn-client | + iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT | |
openvpn-client | + iptables -A INPUT -i lo -j ACCEPT | |
openvpn-client | + iptables -A INPUT -s 172.18.0.2/16 -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPTopenvpn-client | + iptables -A OUTPUT -o lo -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -d 172.18.0.2/16 -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -o tap+ -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -o tun+ -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -p udp -m udp --dport 53 -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -p tcp -m owner --gid-owner openvpn -j ACCEPT | |
openvpn-client | + iptables -A OUTPUT -p udp -m owner --gid-owner openvpn -j ACCEPT | |
openvpn-client | + iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT | |
openvpn-client | + iptables -A FORWARD -i lo -j ACCEPT | |
openvpn-client | + iptables -A FORWARD -d 172.18.0.2/16 -j ACCEPT | |
openvpn-client | + iptables -A FORWARD -s 172.18.0.2/16 -j ACCEPT | |
openvpn-client | + iptables -t nat -A POSTROUTING -o tap+ -j MASQUERADE | |
openvpn-client | + iptables -t nat -A POSTROUTING -o tun+ -j MASQUERADE | |
openvpn-client | + '[' -n ] | |
openvpn-client | + /app/firewall6.sh | |
openvpn-client | + set -e | |
openvpn-client | + ip link | |
openvpn-client | + read interface | |
openvpn-client | + cut -d@ -f1 | |
openvpn-client | + awk '-F: ' '$0 !~ "lo|wg|tun|tap|^[^0-9]"{print $2;getline}' | |
openvpn-client | + ip+ awk '$3 == "inet6" {print $4; exit}' | |
openvpn-client | -o addr show dev eth0 | |
openvpn-client | + network= | |
openvpn-client | + '[' -z ] | |
openvpn-client | + result= | |
openvpn-client | + read interface | |
openvpn-client | + echo | |
openvpn-client | + docker_networks= | |
openvpn-client | + '[' -z ] | |
openvpn-client | + echo 'No inet6 network' | |
openvpn-client | No inet6 network | |
openvpn-client | + exit | |
openvpn-client | + /app/routing.sh | |
openvpn-client | + set -e | |
openvpn-client | + '[' -n ] | |
openvpn-client | + /app/routing6.sh | |
openvpn-client | + set -e | |
openvpn-client | + '[' -n ] | |
openvpn-client | + exec /scripts/app-entrypoint.sh /usr/sbin/openvpn --config /config/client.ovpn | |
openvpn-client | + set -e | |
openvpn-client | + : root | |
openvpn-client | ++ id -u | |
openvpn-client | ++ id -u root | |
openvpn-client | + [[ 0 != \0 ]] | |
openvpn-client | + [[ -n openvpn ]] | |
openvpn-client | ++ id -g | |
openvpn-client | ++ getent group ++ cut -d: -f3 | |
openvpn-client | openvpn | |
openvpn-client | + [[ 0 != \1\0\1 ]] | |
openvpn-client | + '[' -n openvpn ']' | |
openvpn-client | + exec su-exec root:openvpn /scripts/app-entrypoint.sh /usr/sbin/openvpn --config /config/client.ovpn | |
openvpn-client | + set -e | |
openvpn-client | + : root | |
openvpn-client | ++ id -u | |
openvpn-client | ++ id -u root | |
openvpn-client | + [[ 0 != \0 ]] | |
openvpn-client | + [[ -n openvpn ]] | |
openvpn-client | ++ id -g | |
openvpn-client | ++ getent group openvpn++ cut -d: -f3 | |
openvpn-client | | |
openvpn-client | + [[ 101 != \1\0\1 ]] | |
openvpn-client | + exec /usr/sbin/openvpn --config /config/client.ovpn | |
openvpn-client | 2021-03-08 19:30:41 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning. | |
openvpn-client | 2021-03-08 19:30:41 OpenVPN 2.5.0 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Dec 26 2020 | |
openvpn-client | 2021-03-08 19:30:41 library versions: OpenSSL 1.1.1i 8 Dec 2020, LZO 2.10 | |
openvpn-client | 2021-03-08 19:30:41 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication | |
openvpn-client | 2021-03-08 19:30:41 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication | |
openvpn-client | 2021-03-08 19:30:41 TCP/UDP: Preserving recently used remote address: [AF_INET]104.254.90.250:443 | |
openvpn-client | 2021-03-08 19:30:41 Socket Buffers: R=[212992->212992] S=[212992->212992]openvpn-client | 2021-03-08 19:30:41 UDP link local: (not bound) | |
openvpn-client | 2021-03-08 19:30:41 UDP link remote: [AF_INET]104.254.90.250:443 | |
openvpn-client | 2021-03-08 19:30:41 TLS: Initial packet from [AF_INET]104.254.90.250:443, sid=e6cf0704 0d484139 | |
openvpn-client | 2021-03-08 19:30:41 VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org | |
openvpn-client | 2021-03-08 19:30:41 VERIFY KU OK | |
openvpn-client | 2021-03-08 19:30:41 Validating certificate extended key usage | |
openvpn-client | 2021-03-08 19:30:41 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication | |
openvpn-client | 2021-03-08 19:30:41 VERIFY EKU OK | |
openvpn-client | 2021-03-08 19:30:41 VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=Gorgonea, emailAddress=info@airvpn.org | |
openvpn-client | 2021-03-08 19:30:41 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_CHACHA20_POLY1305_SHA256, 4096 bit RSA | |
openvpn-client | 2021-03-08 19:30:41 [Gorgonea] Peer Connection Initiated with [AF_INET]104.254.90.250:443 | |
openvpn-client | 2021-03-08 19:30:42 SENT CONTROL [Gorgonea]: 'PUSH_REQUEST' (status=1) | |
openvpn-client | 2021-03-08 19:30:42 PUSH: Received control message: 'PUSH_REPLY,comp-lzo no,redirect-gateway ipv6 def1 bypass-dhcp,dhcp-option DNS 10.18.20.1,dhcp-option DNS6 fde6:7a:7d20:e14::1,tun-ipv6,route-gateway 10.18.20.1,topology subnet,ping 10,ping-restart 60,ifconfig-ipv6 fde6:7a:7d20:e14::1024/64 fde6:7a:7d20:e14::1,ifconfig 10.18.20.38 255.255.255.0,peer-id 7,cipher AES-256-GCM' | |
openvpn-client | 2021-03-08 19:30:42 OPTIONS IMPORT: timers and/or timeouts modified | |
openvpn-client | 2021-03-08 19:30:42 OPTIONS IMPORT: compression parms modified | |
openvpn-client | 2021-03-08 19:30:42 OPTIONS IMPORT: --ifconfig/up options modified | |
openvpn-client | 2021-03-08 19:30:42 OPTIONS IMPORT: route options modified | |
openvpn-client | 2021-03-08 19:30:42 OPTIONS IMPORT: route-related options modified | |
openvpn-client | 2021-03-08 19:30:42 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified | |
openvpn-client | 2021-03-08 19:30:42 OPTIONS IMPORT: peer-id set | |
openvpn-client | 2021-03-08 19:30:42 OPTIONS IMPORT: adjusting link_mtu to 1625 | |
openvpn-client | 2021-03-08 19:30:42 OPTIONS IMPORT: data channel crypto options modified | |
openvpn-client | 2021-03-08 19:30:42 Data Channel: using negotiated cipher 'AES-256-GCM' | |
openvpn-client | 2021-03-08 19:30:42 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key | |
openvpn-client | 2021-03-08 19:30:42 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key | |
openvpn-client | 2021-03-08 19:30:42 ROUTE_GATEWAY 172.18.0.1/255.255.0.0 IFACE=eth0 HWADDR=02:42:ac:12:00:02 | |
openvpn-client | 2021-03-08 19:30:42 GDG6: remote_host_ipv6=n/a | |
openvpn-client | 2021-03-08 19:30:42 net_route_v6_best_gw query: dst :: | |
openvpn-client | 2021-03-08 19:30:42 sitnl_send: rtnl: generic error (-101): Network unreachable | |
openvpn-client | 2021-03-08 19:30:42 ROUTE6: default_gateway=UNDEF | |
openvpn-client | 2021-03-08 19:30:42 TUN/TAP device tun0 opened | |
openvpn-client | 2021-03-08 19:30:42 /sbin/ip link set dev tun0 up mtu 1500 | |
openvpn-client | 2021-03-08 19:30:42 /sbin/ip link set dev tun0 up | |
openvpn-client | 2021-03-08 19:30:42 /sbin/ip addr add dev tun0 10.18.20.38/24 | |
openvpn-client | 2021-03-08 19:30:42 /sbin/ip link set dev tun0 up mtu 1500 | |
openvpn-client | 2021-03-08 19:30:42 /sbin/ip link set dev tun0 up | |
openvpn-client | 2021-03-08 19:30:42 /sbin/ip -6 addr add fde6:7a:7d20:e14::1024/64 dev tun0 | |
openvpn-client | RTNETLINK answers: Permission denied | |
openvpn-client | 2021-03-08 19:30:42 Linux ip -6 addr add failed: external program exited with error status: 2 | |
openvpn-client | 2021-03-08 19:30:42 Exiting due to fatal error | |
openvpn-client exited with code 1 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment