Summary: | net-misc/openvpn-2.1_rc7-r1: ERROR: Linux route delete command failed: shell command exited with error status: 7 | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Martin Mokrejš <mmokrejs> |
Component: | [OLD] Core system | Assignee: | Alon Bar-Lev (RETIRED) <alonbl> |
Status: | RESOLVED WORKSFORME | ||
Severity: | normal | ||
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Martin Mokrejš
2008-04-20 13:15:13 UTC
Are you sure -r2 did not fix this? The patch clearly states: + IFCONFIG_PATH " %s 0.0.0.0", Note that the addr was removed. No, it is not fixed. But, there is a difference: hostname openvpn[6733] Linux ip addr del failed: shell command exited with error status: 255 So error 255 instead of 1. Please paste the command from the log. Also, can you please see how you can reset the address manually, while OpenVPN is up? on startup Apr 20 20:34:05 vrapenec openvpn[6356]: OpenVPN 2.1_rc7 i686-pc-linux-gnu [SSL] [LZO2] [EPOLL] built on Apr 20 2008 Apr 20 20:34:05 vrapenec openvpn[6356]: Control Channel Authentication: using 'keys/ta.key' as a OpenVPN static key file Apr 20 20:34:05 vrapenec openvpn[6356]: Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Apr 20 20:34:05 vrapenec openvpn[6356]: Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Apr 20 20:34:05 vrapenec openvpn[6356]: LZO compression initialized Apr 20 20:34:05 vrapenec openvpn[6356]: Control Channel MTU parms [ L:1544 D:168 EF:68 EB:0 ET:0 EL:0 ] Apr 20 20:34:05 vrapenec openvpn[6356]: Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ] Apr 20 20:34:05 vrapenec openvpn[6356]: Local Options hash (VER=V4): 'ee93268d' Apr 20 20:34:05 vrapenec openvpn[6356]: Expected Remote Options hash (VER=V4): 'bd577cd1' Apr 20 20:34:05 vrapenec openvpn[6357]: NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay Apr 20 20:34:05 vrapenec openvpn[6357]: Attempting to establish TCP connection with 195.113.57.20:1194 [nonblock] Apr 20 20:34:06 vrapenec sshd[6386]: Server listening on 0.0.0.0 port 22. Apr 20 20:34:06 vrapenec openvpn[6357]: TCP connection established with 195.113.57.20:1194 Apr 20 20:34:06 vrapenec openvpn[6357]: Socket Buffers: R=[87380->131072] S=[16384->131072] Apr 20 20:34:06 vrapenec openvpn[6357]: TCPv4_CLIENT link local: [undef] Apr 20 20:34:06 vrapenec openvpn[6357]: TCPv4_CLIENT link remote: 195.113.57.20:1194 Apr 20 20:34:06 vrapenec openvpn[6357]: TLS: Initial packet from 195.113.57.20:1194, sid=d2ff7ffb 81aa0fd3 Apr 20 20:34:06 vrapenec openvpn[6357]: VERIFY OK: depth=1, /C=CZ/ST=Czech_Republic/L=Prague/O=Faculty_of_Science__Charles_University/OU=Department_of_genetics_and_microbiology__RNA_laboratory/CN=www.iresite.org/emailAddress=mmok rejs@iresite.org Apr 20 20:34:06 vrapenec openvpn[6357]: VERIFY OK: nsCertType=SERVER Apr 20 20:34:06 vrapenec openvpn[6357]: VERIFY OK: depth=0, /C=CZ/ST=Czech_Republic/L=Prague/O=Faculty_of_Science__Charles_University/OU=Department_of_genetics_and_microbiology__RNA_laboratory/CN=server/emailAddress=mmokrejs@ires ite.org Apr 20 20:34:07 vrapenec openvpn[6357]: Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key Apr 20 20:34:07 vrapenec openvpn[6357]: Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Apr 20 20:34:07 vrapenec openvpn[6357]: Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key Apr 20 20:34:07 vrapenec openvpn[6357]: Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Apr 20 20:34:07 vrapenec openvpn[6357]: Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA Apr 20 20:34:07 vrapenec openvpn[6357]: [server] Peer Connection Initiated with 195.113.57.20:1194 Apr 20 20:34:08 vrapenec openvpn[6357]: SENT CONTROL [server]: 'PUSH_REQUEST' (status=1) Apr 20 20:34:08 vrapenec openvpn[6357]: PUSH: Received control message: 'PUSH_REPLY,route 10.8.0.0 255.255.255.0,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5' Apr 20 20:34:08 vrapenec openvpn[6357]: OPTIONS IMPORT: timers and/or timeouts modified Apr 20 20:34:08 vrapenec openvpn[6357]: OPTIONS IMPORT: --ifconfig/up options modified Apr 20 20:34:08 vrapenec openvpn[6357]: OPTIONS IMPORT: route options modified Apr 20 20:34:08 vrapenec openvpn[6357]: TUN/TAP device tun0 opened Apr 20 20:34:08 vrapenec openvpn[6357]: TUN/TAP TX queue length set to 100 Apr 20 20:34:08 vrapenec openvpn[6357]: /sbin/ifconfig tun0 10.8.0.6 pointopoint 10.8.0.5 mtu 1500 Apr 20 20:34:08 vrapenec openvpn[6357]: /sbin/route add -net 10.8.0.0 netmask 255.255.255.0 gw 10.8.0.5 Apr 20 20:34:08 vrapenec openvpn[6357]: GID set to openvpn Apr 20 20:34:08 vrapenec openvpn[6357]: UID set to openvpn Apr 20 20:34:08 vrapenec openvpn[6357]: Initialization Sequence Completed on shutdown Apr 20 21:17:49 vrapenec openvpn[6357]: event_wait : Interrupted system call (code=4) Apr 20 21:17:49 vrapenec openvpn[6357]: TCP/UDP: Closing socket Apr 20 21:17:49 vrapenec openvpn[6357]: /sbin/route del -net 10.8.0.0 netmask 255.255.255.0 Apr 20 21:17:49 vrapenec openvpn[6357]: ERROR: Linux route delete command failed: shell command exited with error status: 7 Apr 20 21:17:49 vrapenec openvpn[6357]: Closing TUN/TAP interface Apr 20 21:17:49 vrapenec openvpn[6357]: /sbin/ifconfig tun0 0.0.0.0 Apr 20 21:17:49 vrapenec openvpn[6357]: Linux ip addr del failed: shell command exited with error status: 255 Apr 20 21:17:49 vrapenec openvpn[6357]: Exiting OK, these two commands fails at your end: /sbin/route del -net 10.8.0.0 netmask 255.255.255.0 /sbin/ifconfig tun0 0.0.0.0 While OpenVPN is running, please find commands that does do to reverse of: /sbin/ifconfig tun0 10.8.0.6 pointopoint 10.8.0.5 mtu 1500 /sbin/route add -net 10.8.0.0 netmask 255.255.255.0 gw 10.8.0.5 Thanks! Answer to comment #5. You wanted wanted me to execute the two commands? Here they are: vrapenec ~ # ping 10.8.0.1 PING 10.8.0.1 (10.8.0.1) 56(84) bytes of data. 64 bytes from 10.8.0.1: icmp_seq=1 ttl=64 time=31.5 ms 64 bytes from 10.8.0.1: icmp_seq=2 ttl=64 time=33.6 ms 64 bytes from 10.8.0.1: icmp_seq=3 ttl=64 time=33.1 ms --- 10.8.0.1 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 1999ms rtt min/avg/max/mdev = 31.554/32.783/33.618/0.912 ms vrapenec ~ # /sbin/ifconfig tun0 10.8.0.6 pointopoint 10.8.0.5 mtu 1500 vrapenec ~ # ping 10.8.0.1 PING 10.8.0.1 (10.8.0.1) 56(84) bytes of data. 64 bytes from 10.8.0.1: icmp_seq=1 ttl=64 time=11.2 ms 64 bytes from 10.8.0.1: icmp_seq=2 ttl=64 time=11.0 ms --- 10.8.0.1 ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 999ms rtt min/avg/max/mdev = 11.069/11.176/11.284/0.150 ms vrapenec ~ # /sbin/route add -net 10.8.0.0 netmask 255.255.255.0 gw 10.8.0.5 SIOCADDRT: File exists vrapenec ~ # ping 10.8.0.1 PING 10.8.0.1 (10.8.0.1) 56(84) bytes of data. 64 bytes from 10.8.0.1: icmp_seq=1 ttl=64 time=12.8 ms 64 bytes from 10.8.0.1: icmp_seq=2 ttl=64 time=10.3 ms --- 10.8.0.1 ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1000ms rtt min/avg/max/mdev = 10.365/11.598/12.831/1.233 ms vrapenec ~ # No... :) OpenVPN execute these commands at startup. Our problem is during termination. So if OpenVPN is up and tun interface is opened, we have a chance to see what wrong with the command which does not work. Can you please execute the commands that does not work? /sbin/route del -net 10.8.0.0 netmask 255.255.255.0 /sbin/ifconfig tun0 0.0.0.0 Yes, I just got the idea: # route del -net 10.8.0.0 netmask 255.255.255.0 gw 10.8.0.5 # /sbin/ifconfig tun0 0.0.0.0 down # Or alternatively as you have said: vrapenec ~ # ping 10.8.0.1 PING 10.8.0.1 (10.8.0.1) 56(84) bytes of data. 64 bytes from 10.8.0.1: icmp_seq=1 ttl=64 time=31.3 ms --- 10.8.0.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 31.316/31.316/31.316/0.000 ms vrapenec ~ # /sbin/route del -net 10.8.0.0 netmask 255.255.255.0 vrapenec ~ # /sbin/ifconfig tun0 0.0.0.0 vrapenec ~ # ping 10.8.0.1 PING 10.8.0.1 (10.8.0.1) 56(84) bytes of data. --- 10.8.0.1 ping statistics --- 2 packets transmitted, 0 received, 100% packet loss, time 999ms vrapenec ~ # > vrapenec ~ # /sbin/route del -net 10.8.0.0 netmask 255.255.255.0
> vrapenec ~ # /sbin/ifconfig tun0 0.0.0.0
> vrapenec ~ # ping 10.8.0.1
> PING 10.8.0.1 (10.8.0.1) 56(84) bytes of data.
So what is the difference between these commands and the ones that failed? As far as I can see they are the same.
I had a look into the console and in the console log (and /var/log/messages) there are still the errors. Just into my xterm/bash I did not see them. How does the start-stop-deamon handler STDIN/STDOUT/STDERR? Could that be the cause? You can simply execute OpenVPN manualy /usr/sbin/openvpn --cd /etc/openvpn --config <whatever> --verb 7 But I don't understand what you want to do... :) Maybe the commands are correct, and they just return none zero return code? Can you please echo $? after each command? vrapenec ~ # cp /dev/null /var/log/messages vrapenec ~ # vim /etc/init.d/openvpn.iresite vrapenec ~ # /etc/init.d/openvpn.iresite stop * Caching service dependencies ... [ ok ] * Stopping openvpn.iresite ... 0 [ ok ] vrapenec ~ # cat /var/log/messages Apr 21 10:57:34 vrapenec openvpn[3004]: event_wait : Interrupted system call (code=4) Apr 21 10:57:34 vrapenec openvpn[3004]: TCP/UDP: Closing socket Apr 21 10:57:34 vrapenec openvpn[3004]: /sbin/route del -net 10.8.0.0 netmask 255.255.255.0 Apr 21 10:57:34 vrapenec openvpn[3004]: ERROR: Linux route delete command failed: shell command exited with error status: 7 Apr 21 10:57:34 vrapenec openvpn[3004]: Closing TUN/TAP interface Apr 21 10:57:34 vrapenec openvpn[3004]: /sbin/ifconfig tun0 0.0.0.0 Apr 21 10:57:34 vrapenec openvpn[3004]: Linux ip addr del failed: shell command exited with error status: 255 Apr 21 10:57:34 vrapenec openvpn[3004]: Exiting vrapenec ~ # ifconfig -a eth0 Link encap:Ethernet HWaddr 00:e0:18:b6:9d:31 inet addr:192.168.0.2 Bcast:192.168.0.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:2184 errors:0 dropped:0 overruns:0 frame:0 TX packets:2289 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:503247 (491.4 KiB) TX bytes:304014 (296.8 KiB) Interrupt:11 Base address:0x2000 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:2 errors:0 dropped:0 overruns:0 frame:0 TX packets:2 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:356 (356.0 B) TX bytes:356 (356.0 B) vrapenec ~ # So it fine. The interface is unavailable the commands fail, no harm here. These commands are helpful if you create a persistant tun/tap interface using baselayout. |