[723]angeldust:/usr/sbin # ipsec barf angeldust.underwares.org Mon Sep 6 01:51:18 EDT 2004 + _________________________ version + ipsec --version Linux Openswan U2.1.4/K2.6.8-gentoo-r3 (native) (native) See `ipsec --copyright' for copyright information. + _________________________ proc/version + cat /proc/version Linux version 2.6.8-gentoo-r3 (root@angeldust.underwares.org) (gcc version 3.3.4 20040623 (Gentoo Linux 3.3.4-r1, ssp-3.3.2-2, pie-8.7.6)) #1 Fri Aug 27 02:40:50 EDT 2004 + _________________________ proc/net/ipsec_eroute + test -r /proc/net/ipsec_eroute + _________________________ netstat-rn + netstat -nr Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 66.11.160.174 66.11.190.1 255.255.255.255 UGH 0 0 0 ppp0 66.11.190.1 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 192.168.0.0 66.11.190.1 255.255.255.0 UG 0 0 0 ppp0 127.0.0.0 127.0.0.1 255.0.0.0 UG 0 0 0 lo 0.0.0.0 66.11.190.1 0.0.0.0 UG 0 0 0 ppp0 + _________________________ proc/net/ipsec_spi + test -r proc/net/ipsec_spi + _________________________ proc/net/ipsec_spigrp + test -r /proc/net/ipsec_spigrp + _________________________ proc/net/ipsec_tncfg + test -r /proc/net/ipsec_tncfg + _________________________ proc/net/pfkey + test -r /proc/net/pfkey + cat /proc/net/pfkey sk RefCnt Rmem Wmem User Inode + _________________________ setkey-D + setkey -D 66.11.160.174 66.11.179.1 esp mode=tunnel spi=1224313607(0x48f98b07) reqid=16393(0x00004009) E: 3des-cbc c28b704b 3c6182a6 a6d648c7 3e4eb85e 32d8897b d96b2fd9 A: hmac-md5 d4322f7c 54818f10 8e4368e0 7c717306 seq=0x00000000 replay=64 flags=0x00000000 state=mature created: Sep 6 01:15:00 2004 current: Sep 6 01:51:18 2004 diff: 2178(s) hard: 0(s) soft: 0(s) last: hard: 0(s) soft: 0(s) current: 0(bytes) hard: 0(bytes) soft: 0(bytes) allocated: 0 hard: 0 soft: 0 sadb_seq=1 pid=31500 refcnt=0 66.11.179.1 66.11.160.174 esp mode=tunnel spi=2025577695(0x78bbdcdf) reqid=16393(0x00004009) E: 3des-cbc e9d8eeef 153f6d77 6926b7a5 0f4caab0 8062516a d6174911 A: hmac-md5 43065afe ced7e21c bf1e043c 7c3815ed seq=0x00000000 replay=64 flags=0x00000000 state=mature created: Sep 6 01:15:00 2004 current: Sep 6 01:51:18 2004 diff: 2178(s) hard: 0(s) soft: 0(s) last: hard: 0(s) soft: 0(s) current: 0(bytes) hard: 0(bytes) soft: 0(bytes) allocated: 0 hard: 0 soft: 0 sadb_seq=0 pid=31500 refcnt=0 + _________________________ setkey-D-P + setkey -D -P 192.168.0.0/24[any] 192.168.1.0/24[any] any in ipsec esp/tunnel/66.11.160.174-66.11.179.1/unique#16393 created: Sep 6 01:15:00 2004 lastused: lifetime: 0(s) validtime: 0(s) spid=1008 seq=10 pid=31501 refcnt=1 66.11.179.1[any] 192.168.0.0/24[any] any out ipsec esp/transport//require created: Sep 6 01:12:30 2004 lastused: lifetime: 0(s) validtime: 0(s) spid=993 seq=9 pid=31501 refcnt=1 192.168.1.0/24[any] 66.11.160.174[any] any out ipsec esp/transport//require created: Sep 6 01:12:30 2004 lastused: lifetime: 0(s) validtime: 0(s) spid=985 seq=8 pid=31501 refcnt=1 192.168.1.0/24[any] 192.168.0.0/24[any] any out ipsec esp/tunnel/66.11.179.1-66.11.160.174/unique#16393 created: Sep 6 01:15:00 2004 lastused: lifetime: 0(s) validtime: 0(s) spid=1001 seq=7 pid=31501 refcnt=1 192.168.0.0/24[any] 192.168.1.0/24[any] any fwd ipsec esp/tunnel/66.11.160.174-66.11.179.1/unique#16393 created: Sep 6 01:15:00 2004 lastused: lifetime: 0(s) validtime: 0(s) spid=1018 seq=6 pid=31501 refcnt=1 0.0.0.0/0[any] 0.0.0.0/0[any] any in none created: Sep 6 01:12:30 2004 lastused: lifetime: 0(s) validtime: 0(s) spid=971 seq=5 pid=31501 refcnt=1 0.0.0.0/0[any] 0.0.0.0/0[any] any in none created: Sep 6 01:12:30 2004 lastused: lifetime: 0(s) validtime: 0(s) spid=955 seq=4 pid=31501 refcnt=1 0.0.0.0/0[any] 0.0.0.0/0[any] any in none created: Sep 6 01:12:30 2004 lastused: Sep 6 01:15:00 2004 lifetime: 0(s) validtime: 0(s) spid=939 seq=3 pid=31501 refcnt=1 0.0.0.0/0[any] 0.0.0.0/0[any] any out none created: Sep 6 01:12:30 2004 lastused: lifetime: 0(s) validtime: 0(s) spid=980 seq=2 pid=31501 refcnt=1 0.0.0.0/0[any] 0.0.0.0/0[any] any out none created: Sep 6 01:12:30 2004 lastused: lifetime: 0(s) validtime: 0(s) spid=964 seq=1 pid=31501 refcnt=1 0.0.0.0/0[any] 0.0.0.0/0[any] any out none created: Sep 6 01:12:30 2004 lastused: Sep 6 01:51:00 2004 lifetime: 0(s) validtime: 0(s) spid=948 seq=0 pid=31501 refcnt=1 + _________________________ proc/sys/net/ipsec-star + test -d /proc/sys/net/ipsec + _________________________ ipsec/status + ipsec auto --status 000 interface lo/lo 127.0.0.1 000 interface eth1/eth1 192.168.1.1 000 interface ppp0/ppp0 66.11.179.1 000 %myid = @angeldust.underwares.org 000 debug none 000 000 "gateway-rightnet": 66.11.179.1[S=C]---66.11.190.1...66.11.190.1---66.11.160.174[S=C]===192.168.0.0/24; prospective erouted; eroute owner: #0 000 "gateway-rightnet": ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0 000 "gateway-rightnet": policy: RSASIG+ENCRYPT+TUNNEL+PFS+UP; prio: 32,24; interface: ppp0; 000 "gateway-rightnet": newest ISAKMP SA: #0; newest IPsec SA: #0; 000 "net-net": 192.168.1.0/24===66.11.179.1[S=C]---66.11.190.1...66.11.190.1---66.11.160.174[S=C]===192.168.0.0/24; erouted; eroute owner: #3 000 "net-net": ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0 000 "net-net": policy: RSASIG+ENCRYPT+TUNNEL+PFS+UP; prio: 24,24; interface: ppp0; 000 "net-net": newest ISAKMP SA: #0; newest IPsec SA: #3; 000 "rightnet-gateway": 192.168.1.0/24===66.11.179.1[S=C]---66.11.190.1...66.11.190.1---66.11.160.174[S=C]; prospective erouted; eroute owner: #0 000 "rightnet-gateway": ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0 000 "rightnet-gateway": policy: RSASIG+ENCRYPT+TUNNEL+PFS+UP; prio: 24,32; interface: ppp0; 000 "rightnet-gateway": newest ISAKMP SA: #2; newest IPsec SA: #0; 000 000 #3: "net-net" STATE_QUICK_R2 (IPsec SA established); EVENT_SA_REPLACE in 26352s; newest IPSEC; eroute owner 000 #3: "net-net" esp.78bbdcdf@66.11.160.174 esp.48f98b07@66.11.179.1 tun.0@66.11.160.174 tun.0@66.11.179.1 000 #8: "rightnet-gateway" STATE_MAIN_I1 (sent MI1, expecting MR1); EVENT_RETRANSMIT in 22s 000 #8: pending Phase 2 for "net-net" replacing #0 000 #8: pending Phase 2 for "gateway-rightnet" replacing #0 000 #8: pending Phase 2 for "rightnet-gateway" replacing #0 000 #2: "rightnet-gateway" STATE_MAIN_R3 (sent MR3, ISAKMP SA established); EVENT_SA_REPLACE in 1152s; newest ISAKMP 000 + _________________________ ifconfig-a + ifconfig -a eth0 Link encap:Ethernet HWaddr 00:20:78:07:5A:C0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:528174 errors:0 dropped:0 overruns:0 frame:0 TX packets:406516 errors:0 dropped:0 overruns:0 carrier:0 collisions:732 txqueuelen:1000 RX bytes:132638372 (126.4 Mb) TX bytes:62497214 (59.6 Mb) Interrupt:10 Base address:0xdc00 eth1 Link encap:Ethernet HWaddr 00:50:04:9A:C2:FF inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:430498 errors:0 dropped:0 overruns:0 frame:0 TX packets:289845 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:46480058 (44.3 Mb) TX bytes:91012871 (86.7 Mb) Interrupt:11 Base address:0xde00 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:7092 errors:0 dropped:0 overruns:0 frame:0 TX packets:7092 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:2472819 (2.3 Mb) TX bytes:2472819 (2.3 Mb) ppp0 Link encap:Point-to-Point Protocol inet addr:66.11.179.1 P-t-P:66.11.190.1 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1492 Metric:1 RX packets:47507 errors:0 dropped:0 overruns:0 frame:0 TX packets:41530 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:3 RX bytes:34148305 (32.5 Mb) TX bytes:5159431 (4.9 Mb) + _________________________ ipsec_verify + ipsec verify --nocolour Checking your system to see if IPsec got installed and started correctly: Version check and ipsec on-path [OK] Linux Openswan U2.1.4/K2.6.8-gentoo-r3 (native) (native) Checking for IPsec support in kernel [OK] Checking for RSA private key (/etc/ipsec/ipsec.secrets) [OK] Checking that pluto is running [OK] Two or more interfaces found, checking IP forwarding [OK] Checking NAT and MASQUERADEing Checking for 'ip' command [OK] Checking for 'iptables' command [OK] Checking for 'setkey' command for native IPsec stack support [OK] Opportunistic Encryption DNS checks: Looking for TXT in forward dns zone: angeldust.underwares.org [OK] Does the machine have at least one non-private address? [OK] Looking for TXT in reverse dns zone: 1.179.11.66.in-addr.arpa. [OK] + _________________________ mii-tool + '[' -x /sbin/mii-tool ']' + /sbin/mii-tool -v eth0: no autonegotiation, 10baseT-HD, link ok product info: vendor 00:08:95, model 1 rev 0 basic mode: autonegotiation enabled basic status: autonegotiation complete, link ok capabilities: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD advertising: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD link partner: 10baseT-HD eth1: negotiated 100baseTx-FD, link ok product info: vendor 00:10:18, model 18 rev 0 basic mode: autonegotiation enabled basic status: autonegotiation complete, link ok capabilities: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD advertising: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD link partner: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD flow-control + _________________________ ipsec/directory + ipsec --directory /usr/lib/ipsec + _________________________ hostname/fqdn + hostname --fqdn angeldust.underwares.org + _________________________ hostname/ipaddress + hostname --ip-address 66.11.179.1 + _________________________ uptime + uptime 01:51:19 up 1 day, 1:16, 1 user, load average: 0.00, 0.00, 0.00 + _________________________ ps + ps alxwf + egrep -i 'ppid|pluto|ipsec|klips' F UID PID PPID PRI NI VSZ RSS WCHAN STAT TTY TIME COMMAND 4 0 31477 10343 17 0 2000 1008 - R pts/4 0:00 \_ /bin/sh /usr/libexec/ipsec/barf 5 0 30884 1 23 0 1996 988 wait4 S pts/4 0:00 /bin/sh /usr/lib/ipsec/_plutorun --debug --uniqueids yes --nocrsend --strictcrlpolicy --nat_traversal --keep_alive --force_keepalive --disable_port_floating --virtual_private --crlcheckinterval 0 --dump --opts --stderrlog --wait no --pre --post --log daemon.error --pid /var/run/pluto.pid 5 0 30885 30884 23 0 1996 996 wait4 S pts/4 0:00 \_ /bin/sh /usr/lib/ipsec/_plutorun --debug --uniqueids yes --nocrsend --strictcrlpolicy --nat_traversal --keep_alive --force_keepalive --disable_port_floating --virtual_private --crlcheckinterval 0 --dump --opts --stderrlog --wait no --pre --post --log daemon.error --pid /var/run/pluto.pid 4 0 30886 30885 15 0 2128 1072 - S pts/4 0:00 | \_ /usr/libexec/ipsec/pluto --nofork --secretsfile /etc/ipsec/ipsec.secrets --ipsecdir /etc/ipsec/ipsec.d --uniqueids 4 0 30917 30886 23 0 1248 264 - S pts/4 0:00 | \_ _pluto_adns 4 0 30918 30884 19 0 2000 988 pipe_w S pts/4 0:00 \_ /bin/sh /usr/lib/ipsec/_plutoload --wait no --post 4 0 30920 1 15 0 1316 456 pipe_w S pts/4 0:00 logger -s -p daemon.error -t ipsec__plutorun + _________________________ ipsec/showdefaults + ipsec showdefaults routephys=ppp0 routevirt=ipsec0 routeaddr=66.11.179.1 routenexthop=66.11.190.1 + _________________________ ipsec/conf + ipsec _include /etc/ipsec/ipsec.conf + ipsec _keycensor #< /etc/ipsec/ipsec.conf 1 # /etc/ipsec.conf - FreeS/WAN IPsec configuration file # RCSID $Id: ipsec.conf.in,v 1.12 2004/01/20 19:37:13 sam Exp $ # This file: /usr/share/doc/openswan-2.1.4/ipsec.conf-sample # # Manual: ipsec.conf.5 # # Help: # http://www.freeswan.org/freeswan_trees/freeswan-2.1.4/doc/quickstart.html # http://www.freeswan.org/freeswan_trees/freeswan-2.1.4/doc/config.html # http://www.freeswan.org/freeswan_trees/freeswan-2.1.4/doc/adv_config.html # # Policy groups are enabled by default. See: # http://www.freeswan.org/freeswan_trees/freeswan-2.1.4/doc/policygroups.html # # Examples: # http://www.freeswan.org/freeswan_trees/freeswan-2.1.4/doc/examples version 2.0 # conforms to second version of ipsec.conf specification # basic configuration config setup myid=@angeldust.underwares.org #Debug-logging controls: "none" for (almost) none, "all" for lots. # klipsdebug=all # plutodebug=dns # Add connections here. # sample VPN connection conn net-net left=66.11.179.1 leftsubnet=192.168.1.0/24 leftnexthop=66.11.190.1 leftrsasigkey=[keyid AQOHO3oh9] right=66.11.160.174 rightsubnet=192.168.0.0/24 rightnexthop=66.11.190.1 rightrsasigkey=[keyid AQOOhhlca] auto=start conn gateway-rightnet left=66.11.179.1 leftnexthop=66.11.190.1 leftrsasigkey=[keyid AQOHO3oh9] right=66.11.160.174 rightnexthop=66.11.190.1 rightsubnet=192.168.0.0/24 rightfirewall=yes rightrsasigkey=[keyid AQOOhhlca] auto=start conn rightnet-gateway left=66.11.179.1 leftnexthop=66.11.190.1 leftsubnet=192.168.1.0/24 leftfirewall=yes leftrsasigkey=[keyid AQOHO3oh9] right=66.11.160.174 rightnexthop=66.11.190.1 rightrsasigkey=[keyid AQOOhhlca] auto=start #Disable Opportunistic Encryption #< /etc/ipsec/ipsec.d/examples/no_oe.conf 1 # 'include' this file to disable Opportunistic Encryption. # See /usr/share/doc/openswan-2.1.4/policygroups.html for details. # # RCSID $Id: no_oe.conf.in,v 1.1 2004/01/20 19:24:23 sam Exp $ conn block auto=ignore conn private auto=ignore conn private-or-clear auto=ignore conn clear-or-private auto=ignore conn clear auto=ignore conn packetdefault auto=ignore #> /etc/ipsec/ipsec.conf 69 + _________________________ ipsec/secrets + ipsec _include /etc/ipsec/ipsec.secrets + ipsec _secretcensor #< /etc/ipsec/ipsec.secrets 1 : RSA { # RSA 2192 bits angeldust Tue Aug 24 12:44:34 2004 # for signatures only, UNSAFE FOR ENCRYPTION #pubkey=[keyid AQOHO3oh9] Modulus: [...] PublicExponent: [...] # everything after this point is secret PrivateExponent: [...] Prime1: [...] Prime2: [...] Exponent1: [...] Exponent2: [...] Coefficient: [...] } # do not change the indenting of that "[sums to 7d9d...]" + '[' /etc/ipsec/ipsec.d/policies ']' ++ basename /etc/ipsec/ipsec.d/policies/block + base=block + _________________________ ipsec/policies/block + cat /etc/ipsec/ipsec.d/policies/block # This file defines the set of CIDRs (network/mask-length) to which # communication should never be allowed. # # See /usr/share/doc/openswan-2.1.4/policygroups.html for details. # # $Id: block.in,v 1.4 2003/02/17 02:22:15 mcr Exp $ # ++ basename /etc/ipsec/ipsec.d/policies/clear + base=clear + _________________________ ipsec/policies/clear + cat /etc/ipsec/ipsec.d/policies/clear # This file defines the set of CIDRs (network/mask-length) to which # communication should always be in the clear. # # See /usr/share/doc/openswan-2.1.4/policygroups.html for details. # # $Id: clear.in,v 1.4 2003/02/17 02:22:15 mcr Exp $ # 192.168.1.0/24 ++ basename /etc/ipsec/ipsec.d/policies/clear-or-private + base=clear-or-private + _________________________ ipsec/policies/clear-or-private + cat /etc/ipsec/ipsec.d/policies/clear-or-private # This file defines the set of CIDRs (network/mask-length) to which # we will communicate in the clear, or, if the other side initiates IPSEC, # using encryption. This behaviour is also called "Opportunistic Responder". # # See /usr/share/doc/openswan-2.1.4/policygroups.html for details. # # $Id: clear-or-private.in,v 1.4 2003/02/17 02:22:15 mcr Exp $ # ++ basename /etc/ipsec/ipsec.d/policies/private + base=private + _________________________ ipsec/policies/private + cat /etc/ipsec/ipsec.d/policies/private # This file defines the set of CIDRs (network/mask-length) to which # communication should always be private (i.e. encrypted). # See /usr/share/doc/openswan-2.1.4/policygroups.html for details. # # $Id: private.in,v 1.4 2003/02/17 02:22:15 mcr Exp $ # ++ basename /etc/ipsec/ipsec.d/policies/private-or-clear + base=private-or-clear + _________________________ ipsec/policies/private-or-clear + cat /etc/ipsec/ipsec.d/policies/private-or-clear # This file defines the set of CIDRs (network/mask-length) to which # communication should be private, if possible, but in the clear otherwise. # # If the target has a TXT (later IPSECKEY) record that specifies # authentication material, we will require private (i.e. encrypted) # communications. If no such record is found, communications will be # in the clear. # # See /usr/share/doc/openswan-2.1.4/policygroups.html for details. # # $Id: private-or-clear.in,v 1.5 2003/02/17 02:22:15 mcr Exp $ # 0.0.0.0/0 + _________________________ ipsec/ls-libdir + ls -l /usr/lib/ipsec total 96 -rwxr-xr-x 1 root root 15297 Aug 23 23:54 _confread -rwxr-xr-x 1 root root 5072 Aug 23 23:54 _copyright -rwxr-xr-x 1 root root 2391 Aug 23 23:54 _include -rwxr-xr-x 1 root root 1475 Aug 23 23:54 _keycensor -rwxr-xr-x 1 root root 3586 Aug 23 23:54 _plutoload -rwxr-xr-x 1 root root 6768 Aug 23 23:54 _plutorun -rwxr-xr-x 1 root root 10404 Aug 23 23:54 _realsetup -rwxr-xr-x 1 root root 1975 Aug 23 23:54 _secretcensor -rwxr-xr-x 1 root root 8427 Aug 23 23:54 _startklips -rwxr-xr-x 1 root root 11261 Aug 23 23:54 _updown -rwxr-xr-x 1 root root 7572 Aug 23 23:54 _updown_x509 -rwxr-xr-x 1 root root 1942 Aug 23 23:54 ipsec_pr.template + _________________________ ipsec/ls-execdir + ls -l /usr/libexec/ipsec total 1012 -rwxr-xr-x 1 root root 9068 Aug 23 23:54 _pluto_adns -rwxr-xr-x 1 root root 15691 Aug 23 23:54 auto -rwxr-xr-x 1 root root 10173 Aug 23 23:54 barf -rwxr-xr-x 1 root root 816 Aug 23 23:54 calcgoo -rwxr-xr-x 1 root root 75644 Aug 23 23:54 eroute -rwxr-xr-x 1 root root 16756 Aug 23 23:54 ikeping -rwxr-xr-x 1 root root 57624 Aug 23 23:54 klipsdebug -rwxr-xr-x 1 root root 2461 Aug 23 23:54 look -rwxr-xr-x 1 root root 7130 Aug 23 23:54 mailkey -rwxr-xr-x 1 root root 16188 Aug 23 23:54 manual -rwxr-xr-x 1 root root 1874 Aug 23 23:54 newhostkey -rwxr-xr-x 1 root root 50780 Aug 23 23:54 pf_key -rwxr-xr-x 1 root root 442296 Aug 23 23:54 pluto -rwxr-xr-x 1 root root 7308 Aug 23 23:54 ranbits -rwxr-xr-x 1 root root 19380 Aug 23 23:54 rsasigkey -rwxr-xr-x 1 root root 766 Aug 23 23:54 secrets -rwxr-xr-x 1 root root 17578 Aug 23 23:54 send-pr lrwxrwxrwx 1 root root 17 Aug 23 23:54 setup -> /etc/init.d/ipsec -rwxr-xr-x 1 root root 1048 Aug 23 23:54 showdefaults -rwxr-xr-x 1 root root 4327 Aug 23 23:54 showhostkey -rwxr-xr-x 1 root root 83408 Aug 23 23:54 spi -rwxr-xr-x 1 root root 65892 Aug 23 23:54 spigrp -rwxr-xr-x 1 root root 9844 Aug 23 23:54 tncfg -rwxr-xr-x 1 root root 10195 Aug 23 23:54 verify -rwxr-xr-x 1 root root 54104 Aug 23 23:54 whack + _________________________ ipsec/updowns ++ ls /usr/libexec/ipsec ++ egrep updown + _________________________ proc/net/dev + cat /proc/net/dev Inter-| Receive | Transmit face |bytes packets errs drop fifo frame compressed multicast|bytes packets errs drop fifo colls carrier compressed lo: 2472819 7092 0 0 0 0 0 0 2472819 7092 0 0 0 0 0 0 eth0:132643232 528209 0 0 0 0 0 0 62500441 406552 0 0 0 732 0 0 eth1:46480861 430510 0 0 0 0 0 0 91048573 289891 0 0 0 0 0 0 ppp0:34152395 47542 0 0 0 0 0 0 5161866 41566 0 0 0 0 0 0 + _________________________ proc/net/route + cat /proc/net/route Iface Destination Gateway Flags RefCnt Use Metric Mask MTU Window IRTT ppp0 AEA00B42 01BE0B42 0007 0 0 0 FFFFFFFF 0 0 0 ppp0 01BE0B42 00000000 0005 0 0 0 FFFFFFFF 0 0 0 eth1 0001A8C0 00000000 0001 0 0 0 00FFFFFF 0 0 0 ppp0 0000A8C0 01BE0B42 0003 0 0 0 00FFFFFF 0 0 0 lo 0000007F 0100007F 0003 0 0 0 000000FF 0 0 0 ppp0 00000000 01BE0B42 0003 0 0 0 00000000 0 0 0 + _________________________ proc/sys/net/ipv4/ip_forward + cat /proc/sys/net/ipv4/ip_forward 1 + _________________________ proc/sys/net/ipv4/conf/star-rp_filter + cd /proc/sys/net/ipv4/conf + egrep '^' all/rp_filter default/rp_filter eth1/rp_filter lo/rp_filter ppp0/rp_filter all/rp_filter:0 default/rp_filter:0 eth1/rp_filter:1 lo/rp_filter:0 ppp0/rp_filter:0 + _________________________ uname-a + uname -a Linux angeldust.underwares.org 2.6.8-gentoo-r3 #1 Fri Aug 27 02:40:50 EDT 2004 i686 AMD Athlon(tm) Processor AuthenticAMD GNU/Linux + _________________________ config-built-with + test -r /proc/config_built_with + _________________________ redhat-release + test -r /etc/redhat-release + test -r /etc/fedora-release + _________________________ proc/net/ipsec_version + test -r /proc/net/ipsec_version + test -r /proc/net/pfkey ++ uname -r + echo 'native PFKEY (2.6.8-gentoo-r3) support detected ' native PFKEY (2.6.8-gentoo-r3) support detected + _________________________ ipfwadm + test -r /sbin/ipfwadm + 'no old-style linux 1.x/2.0 ipfwadm firewall support' /usr/libexec/ipsec/barf: line 286: no old-style linux 1.x/2.0 ipfwadm firewall support: No such file or directory + _________________________ ipchains + test -r /sbin/ipchains + echo 'no old-style linux 2.0 ipchains firewall support' no old-style linux 2.0 ipchains firewall support + _________________________ iptables + test -r /sbin/iptables + iptables -L -v -n Chain INPUT (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 9 928 ACCEPT esp -- * * 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT ah -- * * 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT 47 -- * * 0.0.0.0/0 0.0.0.0/0 39804 29M INETIN all -- ppp0 * 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT all -- * * 192.168.0.0/24 0.0.0.0/0 26519 4046K ACCEPT all -- * * 192.168.1.0/24 0.0.0.0/0 3525 240K ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:67 Chain FORWARD (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 0 0 ACCEPT 47 -- * * 0.0.0.0/0 0.0.0.0/0 10551 9001K INETIN all -- ppp0 eth1 0.0.0.0/0 0.0.0.0/0 8853 1057K INETOUT all -- eth1 ppp0 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT tcp -- ppp0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:6881 0 0 ACCEPT udp -- ppp0 * 0.0.0.0/0 0.0.0.0/0 udp dpt:6881 0 0 ACCEPT tcp -- ppp0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:6882 0 0 ACCEPT udp -- ppp0 * 0.0.0.0/0 0.0.0.0/0 udp dpt:6882 Chain OUTPUT (policy ACCEPT 49386 packets, 12M bytes) pkts bytes target prot opt in out source destination 35535 4364K INETOUT all -- * ppp0 0.0.0.0/0 0.0.0.0/0 Chain DMZIN (0 references) pkts bytes target prot opt in out source destination Chain DMZOUT (0 references) pkts bytes target prot opt in out source destination Chain INETIN (2 references) pkts bytes target prot opt in out source destination 3 1090 TREJECT all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID 17 948 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 8 limit: avg 1/sec burst 5 0 0 TREJECT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 8 0 0 TREJECT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 5 0 0 TREJECT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 9 0 0 TREJECT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 10 0 0 TREJECT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 15 0 0 TREJECT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 16 0 0 TREJECT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 17 0 0 TREJECT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 18 215 40934 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp !type 8 0 0 TCPACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:21 120 10504 TCPACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 241 61693 TCPACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:25 0 0 TCPACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:53 1546 143K TCPACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 98 5250 TCPACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:113 0 0 TCPACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 76 5437 TCPACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:993 0 0 TCPACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:1723 18 888 TCPACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:6881 0 0 TCPACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:6882 0 0 TCPACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:10000 177 13396 UDPACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:53 204 43252 UDPACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:500 0 0 UDPACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:1701 13793 836K UDPACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:27960 32427 36M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state ESTABLISHED 54 3128 TCPACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpts:1024:65535 state RELATED 0 0 UDPACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpts:1024:65535 state RELATED 1366 69091 TREJECT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain INETOUT (2 references) pkts bytes target prot opt in out source destination 44388 5421K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain LDROP (0 references) pkts bytes target prot opt in out source destination 0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 5 LOG flags 0 level 6 prefix `TCP Dropped ' 0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 5 LOG flags 0 level 6 prefix `UDP Dropped ' 0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 5 LOG flags 0 level 6 prefix `ICMP Dropped ' 0 0 LOG all -f * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 5 LOG flags 0 level 4 prefix `FRAGMENT Dropped ' 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain LREJECT (0 references) pkts bytes target prot opt in out source destination 0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 5 LOG flags 0 level 6 prefix `TCP Rejected ' 0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 5 LOG flags 0 level 6 prefix `UDP Rejected ' 0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 5 LOG flags 0 level 6 prefix `ICMP Rejected ' 0 0 LOG all -f * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 5 LOG flags 0 level 4 prefix `FRAGMENT Rejected ' 0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable Chain LTREJECT (0 references) pkts bytes target prot opt in out source destination 0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 5 LOG flags 0 level 6 prefix `TCP Rejected ' 0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 5 LOG flags 0 level 6 prefix `UDP Rejected ' 0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 5 LOG flags 0 level 6 prefix `ICMP Rejected ' 0 0 LOG all -f * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 5 LOG flags 0 level 4 prefix `FRAGMENT Rejected ' 0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with tcp-reset 0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable 0 0 DROP icmp -- * * 0.0.0.0/0 0.0.0.0/0 0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable Chain TCPACCEPT (13 references) pkts bytes target prot opt in out source destination 287 14776 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x16/0x02 limit: avg 20/sec burst 5 0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x16/0x02 limit: avg 2/sec burst 5 LOG flags 0 level 4 prefix `Possible SynFlood ' 0 0 TREJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x16/0x02 1866 215K ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:!0x16/0x02 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 5 LOG flags 0 level 4 prefix `Mismatch in TCPACCEPT ' 0 0 TREJECT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain TREJECT (13 references) pkts bytes target prot opt in out source destination 1293 62064 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with tcp-reset 73 7027 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable 3 1090 DROP icmp -- * * 0.0.0.0/0 0.0.0.0/0 0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable Chain UDPACCEPT (5 references) pkts bytes target prot opt in out source destination 14174 892K ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 5 LOG flags 0 level 4 prefix `Mismatch on UDPACCEPT ' 0 0 TREJECT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain ULDROP (0 references) pkts bytes target prot opt in out source destination 0 0 ULOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 5 ULOG copy_range 0 nlgroup 1 prefix `LDROP_TCP' queue_threshold 1 0 0 ULOG udp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 5 ULOG copy_range 0 nlgroup 1 prefix `LDROP_UDP' queue_threshold 1 0 0 ULOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 5 ULOG copy_range 0 nlgroup 1 prefix `LDROP_ICMP' queue_threshold 1 0 0 ULOG all -f * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 5 ULOG copy_range 0 nlgroup 1 prefix `LDROP_FRAG' queue_threshold 1 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain ULREJECT (0 references) pkts bytes target prot opt in out source destination 0 0 ULOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 5 ULOG copy_range 0 nlgroup 1 prefix `LREJECT_TCP' queue_threshold 1 0 0 ULOG udp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 5 ULOG copy_range 0 nlgroup 1 prefix `LREJECT_UDP' queue_threshold 1 0 0 ULOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 5 ULOG copy_range 0 nlgroup 1 prefix `LREJECT_UDP' queue_threshold 1 0 0 ULOG all -f * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 5 ULOG copy_range 0 nlgroup 1 prefix `LREJECT_FRAG' queue_threshold 1 0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable Chain ULTREJECT (0 references) pkts bytes target prot opt in out source destination 0 0 ULOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 5 ULOG copy_range 0 nlgroup 1 prefix `LTREJECT_TCP' queue_threshold 1 0 0 ULOG udp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 5 ULOG copy_range 0 nlgroup 1 prefix `LTREJECT_UDP' queue_threshold 1 0 0 ULOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 5 ULOG copy_range 0 nlgroup 1 prefix `LTREJECT_ICMP' queue_threshold 1 0 0 ULOG all -f * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 5 ULOG copy_range 0 nlgroup 1 prefix `LTREJECT_FRAG' queue_threshold 1 0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with tcp-reset 0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable 0 0 DROP icmp -- * * 0.0.0.0/0 0.0.0.0/0 0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable + _________________________ + iptables -t nat -L -v -n Chain PREROUTING (policy ACCEPT 28194 packets, 1499K bytes) pkts bytes target prot opt in out source destination 0 0 DNAT 47 -- ppp0 * 0.0.0.0/0 0.0.0.0/0 to:192.168.1.103 0 0 DNAT tcp -- ppp0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:1723 to:192.168.1.103:1723 124 25296 DNAT udp -- ppp0 * 0.0.0.0/0 0.0.0.0/0 udp spt:500 dpt:500 to:192.168.1.103:500 0 0 DNAT udp -- ppp0 * 0.0.0.0/0 0.0.0.0/0 udp spt:1701 dpt:1701 to:192.168.1.103:1701 5 252 DNAT tcp -- ppp0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:6881 to:192.168.1.2 0 0 DNAT udp -- ppp0 * 0.0.0.0/0 0.0.0.0/0 udp dpt:6881 to:192.168.1.2 0 0 DNAT tcp -- ppp0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:6882 to:192.168.1.20 0 0 DNAT udp -- ppp0 * 0.0.0.0/0 0.0.0.0/0 udp dpt:6882 to:192.168.1.20 Chain POSTROUTING (policy ACCEPT 13511 packets, 896K bytes) pkts bytes target prot opt in out source destination 338 20602 MASQUERADE all -- * ppp0 192.168.1.0/24 0.0.0.0/0 Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination + _________________________ + iptables -t mangle -L -v -n Chain PREROUTING (policy ACCEPT 1007K packets, 168M bytes) pkts bytes target prot opt in out source destination Chain INPUT (policy ACCEPT 872K packets, 114M bytes) pkts bytes target prot opt in out source destination Chain FORWARD (policy ACCEPT 135K packets, 54M bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 561K packets, 87M bytes) pkts bytes target prot opt in out source destination 1 40 TOS tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:23 TOS set 0x10 1 40 TOS tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:3333 TOS set 0x10 2 80 TOS tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 TOS set 0x10 3253 173K TOS tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:20 TOS set 0x02 1275 74186 TOS tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:21 TOS set 0x10 335 65909 TOS udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpts:4000:8000 TOS set 0x10 Chain POSTROUTING (policy ACCEPT 696K packets, 143M bytes) pkts bytes target prot opt in out source destination + _________________________ proc/modules + test -f /proc/modules + cat /proc/modules rd 4928 0 - Live 0xd0dd0000 aes_i586 37876 0 - Live 0xd0dd6000 crypto_null 1984 0 - Live 0xd0db8000 xfrm_user 12740 0 - Live 0xd0dcb000 ipcomp 4992 0 - Live 0xd0dc3000 esp4 6656 2 - Live 0xd0db2000 ah4 5120 0 - Live 0xd0db5000 af_key 26704 0 - Live 0xd0dbb000 pppoe 10432 2 - Live 0xd0d92000 pppox 2696 1 pppoe, Live 0xd0bb4000 ppp_synctty 7872 0 - Live 0xd0d9a000 ppp_async 8960 0 - Live 0xd0d96000 crc_ccitt 1728 1 ppp_async, Live 0xd0d90000 rivafb 48868 0 - Live 0xd0d9e000 i2c_algo_bit 8392 1 rivafb, Live 0xd0d8a000 vgastate 9472 1 rivafb, Live 0xd0d86000 i2c_core 19024 2 rivafb,i2c_algo_bit, Live 0xd0d69000 3c59x 34408 0 - Live 0xd0d7c000 tulip 41952 0 - Live 0xd0d70000 + _________________________ proc/meminfo + cat /proc/meminfo MemTotal: 255248 kB MemFree: 8320 kB Buffers: 34956 kB Cached: 62896 kB SwapCached: 38668 kB Active: 177320 kB Inactive: 40480 kB HighTotal: 0 kB HighFree: 0 kB LowTotal: 255248 kB LowFree: 8320 kB SwapTotal: 506036 kB SwapFree: 437012 kB Dirty: 16 kB Writeback: 0 kB Mapped: 112068 kB Slab: 24672 kB Committed_AS: 345564 kB PageTables: 1368 kB VmallocTotal: 778200 kB VmallocUsed: 5964 kB VmallocChunk: 772152 kB + _________________________ proc/net/ipsec-ls + test -f /proc/net/ipsec_version + _________________________ usr/src/linux/.config + test -f /proc/config.gz + zcat /proc/config.gz + egrep 'CONFIG_NETLINK|CONFIG_IPSEC|CONFIG_NET_KEY|CONFIG_INET|CONFIG_IP' # CONFIG_NETLINK_DEV is not set CONFIG_NET_KEY=m CONFIG_INET=y CONFIG_IP_MULTICAST=y CONFIG_IP_ADVANCED_ROUTER=y CONFIG_IP_MULTIPLE_TABLES=y CONFIG_IP_ROUTE_FWMARK=y CONFIG_IP_ROUTE_NAT=y # CONFIG_IP_ROUTE_MULTIPATH is not set CONFIG_IP_ROUTE_TOS=y # CONFIG_IP_ROUTE_VERBOSE is not set # CONFIG_IP_PNP is not set # CONFIG_IP_MROUTE is not set CONFIG_INET_AH=m CONFIG_INET_ESP=m CONFIG_INET_IPCOMP=m # CONFIG_IP_VS is not set # CONFIG_IPV6 is not set CONFIG_IP_NF_CONNTRACK=y CONFIG_IP_NF_FTP=y CONFIG_IP_NF_IRC=y # CONFIG_IP_NF_TFTP is not set CONFIG_IP_NF_AMANDA=m CONFIG_IP_NF_QUEUE=y CONFIG_IP_NF_IPTABLES=y CONFIG_IP_NF_MATCH_LIMIT=y CONFIG_IP_NF_MATCH_IPRANGE=y CONFIG_IP_NF_MATCH_MAC=y CONFIG_IP_NF_MATCH_PKTTYPE=y CONFIG_IP_NF_MATCH_MARK=y CONFIG_IP_NF_MATCH_MULTIPORT=y CONFIG_IP_NF_MATCH_TOS=y CONFIG_IP_NF_MATCH_RECENT=y CONFIG_IP_NF_MATCH_ECN=y CONFIG_IP_NF_MATCH_DSCP=y CONFIG_IP_NF_MATCH_AH_ESP=y CONFIG_IP_NF_MATCH_LENGTH=y CONFIG_IP_NF_MATCH_TTL=y CONFIG_IP_NF_MATCH_TCPMSS=y CONFIG_IP_NF_MATCH_HELPER=y CONFIG_IP_NF_MATCH_STATE=y CONFIG_IP_NF_MATCH_CONNTRACK=y CONFIG_IP_NF_MATCH_OWNER=y CONFIG_IP_NF_FILTER=y CONFIG_IP_NF_TARGET_REJECT=y CONFIG_IP_NF_NAT=y CONFIG_IP_NF_NAT_NEEDED=y CONFIG_IP_NF_TARGET_MASQUERADE=y CONFIG_IP_NF_TARGET_REDIRECT=y CONFIG_IP_NF_TARGET_NETMAP=y CONFIG_IP_NF_TARGET_SAME=y # CONFIG_IP_NF_NAT_LOCAL is not set # CONFIG_IP_NF_NAT_SNMP_BASIC is not set CONFIG_IP_NF_NAT_IRC=y CONFIG_IP_NF_NAT_FTP=y CONFIG_IP_NF_NAT_AMANDA=m CONFIG_IP_NF_MANGLE=y CONFIG_IP_NF_TARGET_TOS=y CONFIG_IP_NF_TARGET_ECN=y CONFIG_IP_NF_TARGET_DSCP=y CONFIG_IP_NF_TARGET_MARK=y CONFIG_IP_NF_TARGET_CLASSIFY=y CONFIG_IP_NF_TARGET_LOG=y CONFIG_IP_NF_TARGET_ULOG=y CONFIG_IP_NF_TARGET_TCPMSS=y CONFIG_IP_NF_ARPTABLES=y CONFIG_IP_NF_ARPFILTER=y CONFIG_IP_NF_ARP_MANGLE=y CONFIG_IP_NF_TARGET_NOTRACK=m CONFIG_IP_NF_RAW=m CONFIG_IP_NF_MATCH_ADDRTYPE=y CONFIG_IP_NF_MATCH_REALM=y # CONFIG_IP_SCTP is not set # CONFIG_IPX is not set # CONFIG_IPMI_HANDLER is not set + _________________________ etc/syslog.conf + cat /etc/syslog.conf cat: /etc/syslog.conf: No such file or directory + _________________________ etc/resolv.conf + cat /etc/resolv.conf nameserver 66.11.167.161 nameserver 66.11.168.198 + _________________________ lib/modules-ls + ls -ltr /lib/modules total 0 drwxr-xr-x 3 root root 400 Jun 17 15:50 2.6.5-gentoo-r1 drwxr-xr-x 3 root root 400 Jun 23 12:04 2.6.7-gentoo-r5 drwxr-xr-x 3 root root 400 Jun 26 21:44 2.6.7-gentoo drwxr-xr-x 3 root root 400 Jul 3 01:25 2.6.7-gentoo-r6 drwxr-xr-x 3 root root 400 Jul 14 17:42 2.6.7-gentoo-r7 drwxr-xr-x 3 root root 400 Aug 6 15:34 2.6.7-gentoo-r11 drwxr-xr-x 3 root root 400 Aug 7 21:30 2.6.7-gentoo-r12 drwxr-xr-x 3 root root 400 Aug 13 02:36 2.6.7-gentoo-r13 drwxr-xr-x 3 root root 400 Aug 15 00:24 2.6.7-gentoo-r14 drwxr-xr-x 3 root root 424 Aug 23 10:29 2.6.8-gentoo drwxr-xr-x 3 root root 424 Aug 25 15:27 2.6.8-gentoo-r1 drwxr-xr-x 3 root root 424 Sep 5 00:35 2.6.8-gentoo-r3 + _________________________ proc/ksyms-netif_rx + test -r /proc/ksyms + test -r /proc/kallsyms + egrep netif_rx /proc/kallsyms c0321360 T netif_rx c0321360 U netif_rx [3c59x] c0321360 U netif_rx [tulip] + _________________________ lib/modules-netif_rx + modulegoo kernel/net/ipv4/ipip.o netif_rx + set +x 2.6.5-gentoo-r1: 2.6.7-gentoo: 2.6.7-gentoo-r11: 2.6.7-gentoo-r12: 2.6.7-gentoo-r13: 2.6.7-gentoo-r14: 2.6.7-gentoo-r5: 2.6.7-gentoo-r6: 2.6.7-gentoo-r7: 2.6.8-gentoo: 2.6.8-gentoo-r1: 2.6.8-gentoo-r3: + _________________________ kern.debug + test -f /var/log/kern.debug + _________________________ klog + sed -n '2998,$p' /var/log/messages + egrep -i 'ipsec|klips|pluto' + cat Sep 6 01:12:29 angeldust ipsec_setup: Starting Openswan IPsec U2.1.4/K2.6.8-gentoo-r3... Sep 6 01:12:29 angeldust ipsec_setup: KLIPS ipsec0 on ppp0 66.11.179.1/255.255.255.255 pointopoint 66.11.190.1 Sep 6 01:12:29 angeldust ipsec__plutorun: Starting Pluto subsystem... Sep 6 01:12:29 angeldust pluto[30886]: Starting Pluto (Openswan Version 2.1.4 X.509-1.4.8-1 PLUTO_USES_KEYRR) Sep 6 01:12:29 angeldust pluto[30886]: including NAT-Traversal patch (Version 0.6c) [disabled] Sep 6 01:12:29 angeldust pluto[30886]: Using Linux 2.6 IPsec interface code Sep 6 01:12:30 angeldust pluto[30886]: Changing to directory '/etc/ipsec/ipsec.d/cacerts' Sep 6 01:12:30 angeldust pluto[30886]: Warning: empty directory Sep 6 01:12:30 angeldust pluto[30886]: Changing to directory '/etc/ipsec/ipsec.d/crls' Sep 6 01:12:30 angeldust pluto[30886]: Warning: empty directory Sep 6 01:12:30 angeldust ipsec_setup: ...Openswan IPsec started Sep 6 01:12:30 angeldust pluto[30886]: added connection description "rightnet-gateway" Sep 6 01:12:30 angeldust pluto[30886]: added connection description "gateway-rightnet" Sep 6 01:12:30 angeldust pluto[30886]: added connection description "net-net" Sep 6 01:12:30 angeldust pluto[30886]: listening for IKE messages Sep 6 01:12:30 angeldust pluto[30886]: adding interface ppp0/ppp0 66.11.179.1 Sep 6 01:12:30 angeldust pluto[30886]: adding interface eth1/eth1 192.168.1.1 Sep 6 01:12:30 angeldust pluto[30886]: adding interface lo/lo 127.0.0.1 Sep 6 01:12:30 angeldust pluto[30886]: loading secrets from "/etc/ipsec/ipsec.secrets" Sep 6 01:12:30 angeldust pluto[30886]: "rightnet-gateway" #1: initiating Main Mode Sep 6 01:12:30 angeldust ipsec__plutorun: 104 "rightnet-gateway" #1: STATE_MAIN_I1: initiate Sep 6 01:12:30 angeldust ipsec__plutorun: ...could not start conn "rightnet-gateway" Sep 6 01:12:31 angeldust pluto[30886]: "rightnet-gateway" #1: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:12:40 angeldust pluto[30886]: "rightnet-gateway" #1: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:13:00 angeldust pluto[30886]: "rightnet-gateway" #1: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:13:40 angeldust pluto[30886]: "rightnet-gateway" #1: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:14:20 angeldust pluto[30886]: "rightnet-gateway" #1: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:14:59 angeldust pluto[30886]: "rightnet-gateway" #2: responding to Main Mode Sep 6 01:14:59 angeldust pluto[30886]: "rightnet-gateway" #2: transition from state (null) to state STATE_MAIN_R1 Sep 6 01:14:59 angeldust pluto[30886]: "rightnet-gateway" #2: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 Sep 6 01:15:00 angeldust pluto[30886]: "rightnet-gateway" #2: Peer ID is ID_IPV4_ADDR: '66.11.160.174' Sep 6 01:15:00 angeldust pluto[30886]: "rightnet-gateway" #2: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 Sep 6 01:15:00 angeldust pluto[30886]: "rightnet-gateway" #2: sent MR3, ISAKMP SA established Sep 6 01:15:00 angeldust pluto[30886]: "net-net" #3: responding to Quick Mode Sep 6 01:15:00 angeldust pluto[30886]: "net-net" #3: transition from state (null) to state STATE_QUICK_R1 Sep 6 01:15:00 angeldust pluto[30886]: "gateway-rightnet" #4: responding to Quick Mode Sep 6 01:15:00 angeldust pluto[30886]: "gateway-rightnet" #4: transition from state (null) to state STATE_QUICK_R1 Sep 6 01:15:00 angeldust pluto[30886]: "rightnet-gateway" #5: responding to Quick Mode Sep 6 01:15:00 angeldust pluto[30886]: "rightnet-gateway" #5: transition from state (null) to state STATE_QUICK_R1 Sep 6 01:15:00 angeldust pluto[30886]: "rightnet-gateway" #1: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2 Sep 6 01:15:00 angeldust pluto[30886]: "net-net" #3: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 Sep 6 01:15:00 angeldust pluto[30886]: "net-net" #3: IPsec SA established {ESP=>0x78bbdcdf <0x48f98b07} Sep 6 01:15:10 angeldust pluto[30886]: "rightnet-gateway" #1: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:15:10 angeldust pluto[30886]: "rightnet-gateway" #5: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:15:10 angeldust pluto[30886]: "gateway-rightnet" #4: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:15:31 angeldust pluto[30886]: "gateway-rightnet" #4: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:15:31 angeldust pluto[30886]: "rightnet-gateway" #5: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:15:31 angeldust pluto[30886]: "rightnet-gateway" #1: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:16:10 angeldust pluto[30886]: "rightnet-gateway" #1: max number of retransmissions (2) reached STATE_MAIN_I2 Sep 6 01:16:10 angeldust pluto[30886]: "rightnet-gateway" #1: starting keying attempt 2 of an unlimited number Sep 6 01:16:10 angeldust pluto[30886]: "rightnet-gateway" #6: initiating Main Mode to replace #1 Sep 6 01:16:10 angeldust pluto[30886]: "rightnet-gateway" #5: max number of retransmissions (2) reached STATE_QUICK_R1 Sep 6 01:16:10 angeldust pluto[30886]: "gateway-rightnet" #4: max number of retransmissions (2) reached STATE_QUICK_R1 Sep 6 01:16:10 angeldust pluto[30886]: "rightnet-gateway" #6: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:16:20 angeldust pluto[30886]: "rightnet-gateway" #6: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:16:40 angeldust pluto[30886]: "rightnet-gateway" #6: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:17:20 angeldust pluto[30886]: "rightnet-gateway" #6: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:18:00 angeldust pluto[30886]: "rightnet-gateway" #6: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:18:41 angeldust pluto[30886]: "rightnet-gateway" #6: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:19:20 angeldust pluto[30886]: "rightnet-gateway" #6: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:20:00 angeldust pluto[30886]: "rightnet-gateway" #6: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:20:40 angeldust pluto[30886]: "rightnet-gateway" #6: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:21:20 angeldust pluto[30886]: "rightnet-gateway" #6: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:22:00 angeldust pluto[30886]: "rightnet-gateway" #6: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:22:40 angeldust pluto[30886]: "rightnet-gateway" #6: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:23:21 angeldust pluto[30886]: "rightnet-gateway" #6: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:24:00 angeldust pluto[30886]: "rightnet-gateway" #6: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:24:40 angeldust pluto[30886]: "rightnet-gateway" #6: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:25:20 angeldust pluto[30886]: "rightnet-gateway" #6: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:26:00 angeldust pluto[30886]: "rightnet-gateway" #6: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:26:40 angeldust pluto[30886]: "rightnet-gateway" #6: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:27:20 angeldust pluto[30886]: "rightnet-gateway" #6: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:28:00 angeldust pluto[30886]: "rightnet-gateway" #6: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:28:41 angeldust pluto[30886]: "rightnet-gateway" #6: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:29:20 angeldust pluto[30886]: "rightnet-gateway" #6: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message Sep 6 01:29:20 angeldust pluto[30886]: "rightnet-gateway" #6: starting keying attempt 3 of an unlimited number Sep 6 01:29:20 angeldust pluto[30886]: "rightnet-gateway" #7: initiating Main Mode to replace #6 Sep 6 01:29:20 angeldust pluto[30886]: "rightnet-gateway" #7: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:29:30 angeldust pluto[30886]: "rightnet-gateway" #7: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:29:50 angeldust pluto[30886]: "rightnet-gateway" #7: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:30:30 angeldust pluto[30886]: "rightnet-gateway" #7: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:31:10 angeldust pluto[30886]: "rightnet-gateway" #7: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:31:51 angeldust pluto[30886]: "rightnet-gateway" #7: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:32:30 angeldust pluto[30886]: "rightnet-gateway" #7: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:33:10 angeldust pluto[30886]: "rightnet-gateway" #7: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:33:50 angeldust pluto[30886]: "rightnet-gateway" #7: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:34:30 angeldust pluto[30886]: "rightnet-gateway" #7: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:35:10 angeldust pluto[30886]: "rightnet-gateway" #7: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:35:51 angeldust pluto[30886]: "rightnet-gateway" #7: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:36:30 angeldust pluto[30886]: "rightnet-gateway" #7: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:37:10 angeldust pluto[30886]: "rightnet-gateway" #7: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:37:50 angeldust pluto[30886]: "rightnet-gateway" #7: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:38:30 angeldust pluto[30886]: "rightnet-gateway" #7: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:39:10 angeldust pluto[30886]: "rightnet-gateway" #7: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:39:51 angeldust pluto[30886]: "rightnet-gateway" #7: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:40:30 angeldust pluto[30886]: "rightnet-gateway" #7: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:41:10 angeldust pluto[30886]: "rightnet-gateway" #7: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:41:50 angeldust pluto[30886]: "rightnet-gateway" #7: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:42:30 angeldust pluto[30886]: "rightnet-gateway" #7: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message Sep 6 01:42:30 angeldust pluto[30886]: "rightnet-gateway" #7: starting keying attempt 4 of an unlimited number Sep 6 01:42:30 angeldust pluto[30886]: "rightnet-gateway" #8: initiating Main Mode to replace #7 Sep 6 01:42:30 angeldust pluto[30886]: "rightnet-gateway" #8: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:42:40 angeldust pluto[30886]: "rightnet-gateway" #8: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:43:01 angeldust pluto[30886]: "rightnet-gateway" #8: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:43:40 angeldust pluto[30886]: "rightnet-gateway" #8: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:44:20 angeldust pluto[30886]: "rightnet-gateway" #8: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:45:00 angeldust pluto[30886]: "rightnet-gateway" #8: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:45:40 angeldust pluto[30886]: "rightnet-gateway" #8: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:46:20 angeldust pluto[30886]: "rightnet-gateway" #8: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:47:00 angeldust pluto[30886]: "rightnet-gateway" #8: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:47:41 angeldust pluto[30886]: "rightnet-gateway" #8: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:48:20 angeldust pluto[30886]: "rightnet-gateway" #8: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:49:00 angeldust pluto[30886]: "rightnet-gateway" #8: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:49:40 angeldust pluto[30886]: "rightnet-gateway" #8: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:50:20 angeldust pluto[30886]: "rightnet-gateway" #8: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:51:00 angeldust pluto[30886]: "rightnet-gateway" #8: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] + _________________________ plog + sed -n '3000,$p' /var/log/messages + egrep -i pluto + cat Sep 6 01:12:29 angeldust ipsec__plutorun: Starting Pluto subsystem... Sep 6 01:12:29 angeldust pluto[30886]: Starting Pluto (Openswan Version 2.1.4 X.509-1.4.8-1 PLUTO_USES_KEYRR) Sep 6 01:12:29 angeldust pluto[30886]: including NAT-Traversal patch (Version 0.6c) [disabled] Sep 6 01:12:29 angeldust pluto[30886]: Using Linux 2.6 IPsec interface code Sep 6 01:12:30 angeldust pluto[30886]: Changing to directory '/etc/ipsec/ipsec.d/cacerts' Sep 6 01:12:30 angeldust pluto[30886]: Warning: empty directory Sep 6 01:12:30 angeldust pluto[30886]: Changing to directory '/etc/ipsec/ipsec.d/crls' Sep 6 01:12:30 angeldust pluto[30886]: Warning: empty directory Sep 6 01:12:30 angeldust pluto[30886]: added connection description "rightnet-gateway" Sep 6 01:12:30 angeldust pluto[30886]: added connection description "gateway-rightnet" Sep 6 01:12:30 angeldust pluto[30886]: added connection description "net-net" Sep 6 01:12:30 angeldust pluto[30886]: listening for IKE messages Sep 6 01:12:30 angeldust pluto[30886]: adding interface ppp0/ppp0 66.11.179.1 Sep 6 01:12:30 angeldust pluto[30886]: adding interface eth1/eth1 192.168.1.1 Sep 6 01:12:30 angeldust pluto[30886]: adding interface lo/lo 127.0.0.1 Sep 6 01:12:30 angeldust pluto[30886]: loading secrets from "/etc/ipsec/ipsec.secrets" Sep 6 01:12:30 angeldust pluto[30886]: "rightnet-gateway" #1: initiating Main Mode Sep 6 01:12:30 angeldust ipsec__plutorun: 104 "rightnet-gateway" #1: STATE_MAIN_I1: initiate Sep 6 01:12:30 angeldust ipsec__plutorun: ...could not start conn "rightnet-gateway" Sep 6 01:12:31 angeldust pluto[30886]: "rightnet-gateway" #1: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:12:40 angeldust pluto[30886]: "rightnet-gateway" #1: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:13:00 angeldust pluto[30886]: "rightnet-gateway" #1: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:13:40 angeldust pluto[30886]: "rightnet-gateway" #1: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:14:20 angeldust pluto[30886]: "rightnet-gateway" #1: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:14:59 angeldust pluto[30886]: "rightnet-gateway" #2: responding to Main Mode Sep 6 01:14:59 angeldust pluto[30886]: "rightnet-gateway" #2: transition from state (null) to state STATE_MAIN_R1 Sep 6 01:14:59 angeldust pluto[30886]: "rightnet-gateway" #2: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 Sep 6 01:15:00 angeldust pluto[30886]: "rightnet-gateway" #2: Peer ID is ID_IPV4_ADDR: '66.11.160.174' Sep 6 01:15:00 angeldust pluto[30886]: "rightnet-gateway" #2: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 Sep 6 01:15:00 angeldust pluto[30886]: "rightnet-gateway" #2: sent MR3, ISAKMP SA established Sep 6 01:15:00 angeldust pluto[30886]: "net-net" #3: responding to Quick Mode Sep 6 01:15:00 angeldust pluto[30886]: "net-net" #3: transition from state (null) to state STATE_QUICK_R1 Sep 6 01:15:00 angeldust pluto[30886]: "gateway-rightnet" #4: responding to Quick Mode Sep 6 01:15:00 angeldust pluto[30886]: "gateway-rightnet" #4: transition from state (null) to state STATE_QUICK_R1 Sep 6 01:15:00 angeldust pluto[30886]: "rightnet-gateway" #5: responding to Quick Mode Sep 6 01:15:00 angeldust pluto[30886]: "rightnet-gateway" #5: transition from state (null) to state STATE_QUICK_R1 Sep 6 01:15:00 angeldust pluto[30886]: "rightnet-gateway" #1: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2 Sep 6 01:15:00 angeldust pluto[30886]: "net-net" #3: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 Sep 6 01:15:00 angeldust pluto[30886]: "net-net" #3: IPsec SA established {ESP=>0x78bbdcdf <0x48f98b07} Sep 6 01:15:10 angeldust pluto[30886]: "rightnet-gateway" #1: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:15:10 angeldust pluto[30886]: "rightnet-gateway" #5: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:15:10 angeldust pluto[30886]: "gateway-rightnet" #4: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:15:31 angeldust pluto[30886]: "gateway-rightnet" #4: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:15:31 angeldust pluto[30886]: "rightnet-gateway" #5: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:15:31 angeldust pluto[30886]: "rightnet-gateway" #1: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:16:10 angeldust pluto[30886]: "rightnet-gateway" #1: max number of retransmissions (2) reached STATE_MAIN_I2 Sep 6 01:16:10 angeldust pluto[30886]: "rightnet-gateway" #1: starting keying attempt 2 of an unlimited number Sep 6 01:16:10 angeldust pluto[30886]: "rightnet-gateway" #6: initiating Main Mode to replace #1 Sep 6 01:16:10 angeldust pluto[30886]: "rightnet-gateway" #5: max number of retransmissions (2) reached STATE_QUICK_R1 Sep 6 01:16:10 angeldust pluto[30886]: "gateway-rightnet" #4: max number of retransmissions (2) reached STATE_QUICK_R1 Sep 6 01:16:10 angeldust pluto[30886]: "rightnet-gateway" #6: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:16:20 angeldust pluto[30886]: "rightnet-gateway" #6: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:16:40 angeldust pluto[30886]: "rightnet-gateway" #6: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:17:20 angeldust pluto[30886]: "rightnet-gateway" #6: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:18:00 angeldust pluto[30886]: "rightnet-gateway" #6: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:18:41 angeldust pluto[30886]: "rightnet-gateway" #6: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:19:20 angeldust pluto[30886]: "rightnet-gateway" #6: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:20:00 angeldust pluto[30886]: "rightnet-gateway" #6: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:20:40 angeldust pluto[30886]: "rightnet-gateway" #6: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:21:20 angeldust pluto[30886]: "rightnet-gateway" #6: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:22:00 angeldust pluto[30886]: "rightnet-gateway" #6: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:22:40 angeldust pluto[30886]: "rightnet-gateway" #6: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:23:21 angeldust pluto[30886]: "rightnet-gateway" #6: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:24:00 angeldust pluto[30886]: "rightnet-gateway" #6: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:24:40 angeldust pluto[30886]: "rightnet-gateway" #6: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:25:20 angeldust pluto[30886]: "rightnet-gateway" #6: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:26:00 angeldust pluto[30886]: "rightnet-gateway" #6: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:26:40 angeldust pluto[30886]: "rightnet-gateway" #6: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:27:20 angeldust pluto[30886]: "rightnet-gateway" #6: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:28:00 angeldust pluto[30886]: "rightnet-gateway" #6: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:28:41 angeldust pluto[30886]: "rightnet-gateway" #6: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:29:20 angeldust pluto[30886]: "rightnet-gateway" #6: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message Sep 6 01:29:20 angeldust pluto[30886]: "rightnet-gateway" #6: starting keying attempt 3 of an unlimited number Sep 6 01:29:20 angeldust pluto[30886]: "rightnet-gateway" #7: initiating Main Mode to replace #6 Sep 6 01:29:20 angeldust pluto[30886]: "rightnet-gateway" #7: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:29:30 angeldust pluto[30886]: "rightnet-gateway" #7: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:29:50 angeldust pluto[30886]: "rightnet-gateway" #7: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:30:30 angeldust pluto[30886]: "rightnet-gateway" #7: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:31:10 angeldust pluto[30886]: "rightnet-gateway" #7: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:31:51 angeldust pluto[30886]: "rightnet-gateway" #7: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:32:30 angeldust pluto[30886]: "rightnet-gateway" #7: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:33:10 angeldust pluto[30886]: "rightnet-gateway" #7: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:33:50 angeldust pluto[30886]: "rightnet-gateway" #7: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:34:30 angeldust pluto[30886]: "rightnet-gateway" #7: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:35:10 angeldust pluto[30886]: "rightnet-gateway" #7: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:35:51 angeldust pluto[30886]: "rightnet-gateway" #7: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:36:30 angeldust pluto[30886]: "rightnet-gateway" #7: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:37:10 angeldust pluto[30886]: "rightnet-gateway" #7: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:37:50 angeldust pluto[30886]: "rightnet-gateway" #7: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:38:30 angeldust pluto[30886]: "rightnet-gateway" #7: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:39:10 angeldust pluto[30886]: "rightnet-gateway" #7: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:39:51 angeldust pluto[30886]: "rightnet-gateway" #7: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:40:30 angeldust pluto[30886]: "rightnet-gateway" #7: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:41:10 angeldust pluto[30886]: "rightnet-gateway" #7: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:41:50 angeldust pluto[30886]: "rightnet-gateway" #7: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:42:30 angeldust pluto[30886]: "rightnet-gateway" #7: max number of retransmissions (20) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message Sep 6 01:42:30 angeldust pluto[30886]: "rightnet-gateway" #7: starting keying attempt 4 of an unlimited number Sep 6 01:42:30 angeldust pluto[30886]: "rightnet-gateway" #8: initiating Main Mode to replace #7 Sep 6 01:42:30 angeldust pluto[30886]: "rightnet-gateway" #8: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:42:40 angeldust pluto[30886]: "rightnet-gateway" #8: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:43:01 angeldust pluto[30886]: "rightnet-gateway" #8: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:43:40 angeldust pluto[30886]: "rightnet-gateway" #8: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:44:20 angeldust pluto[30886]: "rightnet-gateway" #8: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:45:00 angeldust pluto[30886]: "rightnet-gateway" #8: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:45:40 angeldust pluto[30886]: "rightnet-gateway" #8: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:46:20 angeldust pluto[30886]: "rightnet-gateway" #8: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:47:00 angeldust pluto[30886]: "rightnet-gateway" #8: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:47:41 angeldust pluto[30886]: "rightnet-gateway" #8: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:48:20 angeldust pluto[30886]: "rightnet-gateway" #8: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:49:00 angeldust pluto[30886]: "rightnet-gateway" #8: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:49:40 angeldust pluto[30886]: "rightnet-gateway" #8: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:50:20 angeldust pluto[30886]: "rightnet-gateway" #8: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Sep 6 01:51:00 angeldust pluto[30886]: "rightnet-gateway" #8: ERROR: asynchronous network error report on ppp0 for message to 66.11.160.174 port 500, complainant 66.11.160.174: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] + _________________________ date + date Mon Sep 6 01:51:20 EDT 2004 [724]angeldust:/usr/sbin #