1 | Tue Aug 15 17:07:31 2017 OpenVPN 2.4.3 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Jun 20 2017 |
---|
2 | Tue Aug 15 17:07:31 2017 library versions: OpenSSL 1.0.2g 1 Mar 2016, LZO 2.08 |
---|
3 | Tue Aug 15 17:07:31 2017 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts |
---|
4 | Tue Aug 15 17:07:31 2017 Outgoing Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication |
---|
5 | Tue Aug 15 17:07:31 2017 Incoming Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication |
---|
6 | Tue Aug 15 17:07:31 2017 nice 5 succeeded |
---|
7 | Tue Aug 15 17:07:31 2017 TCP/UDP: Preserving recently used remote address: [AF_INET]SERVER_IP_HERE:443 |
---|
8 | Tue Aug 15 17:07:31 2017 Socket Buffers: R=[212992->212992] S=[212992->212992] |
---|
9 | Tue Aug 15 17:07:31 2017 UDPv4 link local: (not bound) |
---|
10 | Tue Aug 15 17:07:31 2017 UDPv4 link remote: [AF_INET]SERVER_IP_HERE:443 |
---|
11 | Tue Aug 15 17:07:31 2017 TLS: Initial packet from [AF_INET]SERVER_IP_HERE:443, sid=4660fc3a fd328279 |
---|
12 | Tue Aug 15 17:07:31 2017 VERIFY OK: depth=1, CN=Easy-RSA CA |
---|
13 | Tue Aug 15 17:07:31 2017 VERIFY KU OK |
---|
14 | Tue Aug 15 17:07:31 2017 Validating certificate extended key usage |
---|
15 | Tue Aug 15 17:07:31 2017 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication |
---|
16 | Tue Aug 15 17:07:31 2017 VERIFY EKU OK |
---|
17 | Tue Aug 15 17:07:31 2017 VERIFY OK: depth=0, CN=server |
---|
18 | Tue Aug 15 17:07:32 2017 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA |
---|
19 | Tue Aug 15 17:07:32 2017 [server] Peer Connection Initiated with [AF_INET]SERVER_IP_HERE:443 |
---|
20 | Tue Aug 15 17:07:33 2017 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1) |
---|
21 | Tue Aug 15 17:07:33 2017 PUSH: Received control message: 'PUSH_REPLY,comp-lzo adaptive,route-gateway 172.16.16.1,topology subnet,ping 10,ping-restart 40,redirect-gateway def1,dhcp-option DNS 8.8.8.8,dhcp-option DNS 208.67.222.222,ifconfig 172.16.16.2 255.255.255.0,peer-id 1,cipher AES-256-GCM' |
---|
22 | Tue Aug 15 17:07:33 2017 OPTIONS IMPORT: timers and/or timeouts modified |
---|
23 | Tue Aug 15 17:07:33 2017 OPTIONS IMPORT: compression parms modified |
---|
24 | Tue Aug 15 17:07:33 2017 OPTIONS IMPORT: --ifconfig/up options modified |
---|
25 | Tue Aug 15 17:07:33 2017 OPTIONS IMPORT: route options modified |
---|
26 | Tue Aug 15 17:07:33 2017 OPTIONS IMPORT: route-related options modified |
---|
27 | Tue Aug 15 17:07:33 2017 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified |
---|
28 | Tue Aug 15 17:07:33 2017 OPTIONS IMPORT: peer-id set |
---|
29 | Tue Aug 15 17:07:33 2017 OPTIONS IMPORT: WARNING: peer-id set, but link-mtu fixed by config - reducing tun-mtu to 1295, expect MTU problems |
---|
30 | Tue Aug 15 17:07:33 2017 OPTIONS IMPORT: data channel crypto options modified |
---|
31 | Tue Aug 15 17:07:33 2017 Data Channel Encrypt: Cipher 'AES-256-GCM' initialized with 256 bit key |
---|
32 | Tue Aug 15 17:07:33 2017 Data Channel Decrypt: Cipher 'AES-256-GCM' initialized with 256 bit key |
---|
33 | Tue Aug 15 17:07:33 2017 ROUTE_GATEWAY 192.168.0.1/255.255.255.0 IFACE=eth0 HWADDR=34:23:87:96:6d:cf |
---|
34 | Tue Aug 15 17:07:33 2017 TUN/TAP device tun0 opened |
---|
35 | Tue Aug 15 17:07:33 2017 TUN/TAP TX queue length set to 100 |
---|
36 | Tue Aug 15 17:07:33 2017 do_ifconfig, tt->did_ifconfig_ipv6_setup=0 |
---|
37 | Tue Aug 15 17:07:33 2017 /sbin/ip link set dev tun0 up mtu 1367 |
---|
38 | Tue Aug 15 17:07:33 2017 /sbin/ip addr add dev tun0 172.16.16.2/24 broadcast 172.16.16.255 |
---|
39 | Tue Aug 15 17:07:33 2017 up.sh tun0 1367 1420 172.16.16.2 255.255.255.0 init |
---|
40 | BASH=/bin/bash |
---|
41 | BASHOPTS=cmdhist:complete_fullquote:extquote:force_fignore:hostcomplete:interactive_comments:progcomp:promptvars:sourcepath |
---|
42 | BASH_ALIASES=() |
---|
43 | BASH_ARGC=([0]="6") |
---|
44 | BASH_ARGV=([0]="init" [1]="255.255.255.0" [2]="172.16.16.2" [3]="1420" [4]="1367" [5]="tun0") |
---|
45 | BASH_CMDS=() |
---|
46 | BASH_LINENO=([0]="0") |
---|
47 | BASH_SOURCE=([0]="up.sh") |
---|
48 | BASH_VERSINFO=([0]="4" [1]="3" [2]="48" [3]="1" [4]="release" [5]="x86_64-pc-linux-gnu") |
---|
49 | BASH_VERSION='4.3.48(1)-release' |
---|
50 | DIRSTACK=() |
---|
51 | EUID=0 |
---|
52 | GROUPS=() |
---|
53 | HOSTNAME=SOMEHOST |
---|
54 | HOSTTYPE=x86_64 |
---|
55 | IFS=' |
---|
56 | ' |
---|
57 | MACHTYPE=x86_64-pc-linux-gnu |
---|
58 | OPTERR=1 |
---|
59 | OPTIND=1 |
---|
60 | OSTYPE=linux-gnu |
---|
61 | PATH=/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin:/bin:/sbin:. |
---|
62 | PIPESTATUS=([0]="0") |
---|
63 | POSIXLY_CORRECT=y |
---|
64 | PPID=16131 |
---|
65 | PS4='+ ' |
---|
66 | PWD=/some/path |
---|
67 | SHELL=/bin/bash |
---|
68 | SHELLOPTS=braceexpand:hashall:interactive-comments:posix |
---|
69 | SHLVL=1 |
---|
70 | TERM=dumb |
---|
71 | UID=0 |
---|
72 | X509_0_CN=server |
---|
73 | X509_1_CN='Easy-RSA CA' |
---|
74 | _=posix |
---|
75 | common_name=server |
---|
76 | config=client.conf |
---|
77 | daemon=0 |
---|
78 | daemon_log_redirect=0 |
---|
79 | daemon_pid=16131 |
---|
80 | daemon_start_time=1502791651 |
---|
81 | dev=tun0 |
---|
82 | dev_type=tun |
---|
83 | foreign_option_1='dhcp-option DNS 8.8.8.8' |
---|
84 | foreign_option_2='dhcp-option DNS 208.67.222.222' |
---|
85 | ifconfig_broadcast=172.16.16.255 |
---|
86 | ifconfig_local=172.16.16.2 |
---|
87 | ifconfig_netmask=255.255.255.0 |
---|
88 | link_mtu=1420 |
---|
89 | proto_1=udp4 |
---|
90 | proto_2=tcp4-client |
---|
91 | remote_1=SERVER_IP_HERE |
---|
92 | remote_2=SERVER_IP_HERE |
---|
93 | remote_port_1=443 |
---|
94 | remote_port_2=443 |
---|
95 | route_net_gateway=192.168.0.1 |
---|
96 | route_vpn_gateway=172.16.16.1 |
---|
97 | script_context=init |
---|
98 | script_type=up |
---|
99 | tls_digest_0=4a:f3:c3:b1:a6:6f:90:a0:29:f0:ec:cd:f6:17:87:2c:ab:04:ce:a6 |
---|
100 | tls_digest_1=0b:73:36:b4:3e:b6:af:e8:a8:81:b0:de:ae:1a:8a:76:c1:5b:25:b4 |
---|
101 | tls_digest_sha256_0=1f:d1:21:ee:1b:2e:8e:fa:76:75:d2:d7:3d:d3:d7:d4:34:8d:c8:ca:c1:65:6b:83:87:39:5b:b9:c1:00:cf:7a |
---|
102 | tls_digest_sha256_1=fa:2c:1e:da:f6:80:ee:88:97:88:1d:e0:1d:ad:74:8c:80:5b:57:c8:a0:df:4c:d6:99:75:4d:b7:3b:93:03:47 |
---|
103 | tls_id_0=CN=server |
---|
104 | tls_id_1='CN=Easy-RSA CA' |
---|
105 | tls_serial_0=1 |
---|
106 | tls_serial_1=14638174323727231863 |
---|
107 | tls_serial_hex_0=01 |
---|
108 | tls_serial_hex_1=cb:25:3d:fd:b6:01:6b:77 |
---|
109 | trusted_ip=SERVER_IP_HERE |
---|
110 | trusted_port=443 |
---|
111 | tun_mtu=1367 |
---|
112 | untrusted_ip=SERVER_IP_HERE |
---|
113 | untrusted_port=443 |
---|
114 | verb=3 |
---|
115 | Tue Aug 15 17:07:33 2017 /sbin/ip route add SERVER_IP_HERE/32 via 192.168.0.1 |
---|
116 | Tue Aug 15 17:07:33 2017 /sbin/ip route add 0.0.0.0/1 via 172.16.16.1 |
---|
117 | Tue Aug 15 17:07:33 2017 /sbin/ip route add 128.0.0.0/1 via 172.16.16.1 |
---|
118 | Tue Aug 15 17:07:33 2017 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this |
---|
119 | Tue Aug 15 17:07:33 2017 Initialization Sequence Completed |
---|