On 08/18/2014 04:57 AM, Peter Eisentraut wrote: > Do you have a reproducible test case for that?
Yes, just created one: root@qnap:/etc/openvpn# cat test.conf local 192.168.242.215 port 1194 proto udp dev tun ca ca.crt cert qnap.crt key qnap.key dh dh1024.pem server 192.168.54.0 255.255.255.0 ifconfig-pool-persist ipp.txt push "route 192.168.242.0 255.255.255.0" keepalive 10 120 comp-lzo user nobody group nogroup persist-key persist-tun status openvpn-status.log verb 3 root@qnap:/etc/openvpn# openvpn --cd /etc/openvpn --config /etc/openvpn/test.conf Mon Aug 18 13:15:35 2014 OpenVPN 2.3.2 arm-unknown-linux-gnueabi [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [eurephia] [MH] [IPv6] built on Mar 18 2014 Mon Aug 18 13:15:35 2014 Diffie-Hellman initialized with 1024 bit key Mon Aug 18 13:15:35 2014 Socket Buffers: R=[163840->131072] S=[163840->131072] Mon Aug 18 13:15:35 2014 ROUTE_GATEWAY 192.168.242.1/255.255.255.0 IFACE=eth0 HWADDR=00:08:9b:c6:12:56 Mon Aug 18 13:15:35 2014 TUN/TAP device tun0 opened Mon Aug 18 13:15:35 2014 TUN/TAP TX queue length set to 100 Mon Aug 18 13:15:35 2014 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0 Mon Aug 18 13:15:35 2014 /sbin/ip link set dev tun0 up mtu 1500 Mon Aug 18 13:15:35 2014 /sbin/ip addr add dev tun0 local 192.168.54.1 peer 192.168.54.2 Mon Aug 18 13:15:35 2014 /sbin/ip route add 192.168.54.0/24 via 192.168.54.2 Mon Aug 18 13:15:35 2014 GID set to nogroup Mon Aug 18 13:15:35 2014 UID set to nobody Mon Aug 18 13:15:35 2014 UDPv4 link local (bound): [AF_INET]192.168.242.215:1194 Mon Aug 18 13:15:35 2014 UDPv4 link remote: [undef] Mon Aug 18 13:15:35 2014 MULTI: multi_init called, r=256 v=256 Mon Aug 18 13:15:35 2014 IFCONFIG POOL: base=192.168.54.4 size=62, ipv6=0 Mon Aug 18 13:15:35 2014 IFCONFIG POOL LIST Mon Aug 18 13:15:35 2014 Initialization Sequence Completed Mon Aug 18 13:15:35 2014 109.91.169.175:38150 Cannot initialize LZO compression library Mon Aug 18 13:15:35 2014 109.91.169.175:38150 Exiting due to fatal error Downgrade to 2.06: root@qnap:/etc/openvpn# dpkg -i ~/liblzo2-2_2.06-1+deb7u1_armel.deb dpkg: warning: downgrading liblzo2-2:armel from 2.08-1 to 2.06-1+deb7u1 (Reading database ... 99277 files and directories currently installed.) Preparing to unpack .../liblzo2-2_2.06-1+deb7u1_armel.deb ... Unpacking liblzo2-2:armel (2.06-1+deb7u1) over (2.08-1) ... Setting up liblzo2-2:armel (2.06-1+deb7u1) ... Processing triggers for libc-bin (2.19-7) ... root@qnap:/etc/openvpn# openvpn --cd /etc/openvpn --config /etc/openvpn/test.conf Mon Aug 18 13:16:26 2014 OpenVPN 2.3.2 arm-unknown-linux-gnueabi [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [eurephia] [MH] [IPv6] built on Mar 18 2014 Mon Aug 18 13:16:26 2014 Diffie-Hellman initialized with 1024 bit key Mon Aug 18 13:16:26 2014 Socket Buffers: R=[163840->131072] S=[163840->131072] Mon Aug 18 13:16:26 2014 ROUTE_GATEWAY 192.168.242.1/255.255.255.0 IFACE=eth0 HWADDR=00:08:9b:c6:12:56 Mon Aug 18 13:16:26 2014 TUN/TAP device tun0 opened Mon Aug 18 13:16:26 2014 TUN/TAP TX queue length set to 100 Mon Aug 18 13:16:26 2014 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0 Mon Aug 18 13:16:26 2014 /sbin/ip link set dev tun0 up mtu 1500 Mon Aug 18 13:16:26 2014 /sbin/ip addr add dev tun0 local 192.168.54.1 peer 192.168.54.2 Mon Aug 18 13:16:26 2014 /sbin/ip route add 192.168.54.0/24 via 192.168.54.2 Mon Aug 18 13:16:26 2014 GID set to nogroup Mon Aug 18 13:16:26 2014 UID set to nobody Mon Aug 18 13:16:26 2014 UDPv4 link local (bound): [AF_INET]192.168.242.215:1194 Mon Aug 18 13:16:26 2014 UDPv4 link remote: [undef] Mon Aug 18 13:16:26 2014 MULTI: multi_init called, r=256 v=256 Mon Aug 18 13:16:26 2014 IFCONFIG POOL: base=192.168.54.4 size=62, ipv6=0 Mon Aug 18 13:16:26 2014 IFCONFIG POOL LIST Mon Aug 18 13:16:26 2014 Initialization Sequence Completed Mon Aug 18 13:16:31 2014 109.91.169.175:59973 TLS: Initial packet from [AF_INET]109.91.169.175:59973, sid=265834d9 280eeafc Mon Aug 18 13:16:31 2014 109.91.169.175:59973 VERIFY OK: depth=1, C=DE, ST=XX, L=XX, O=Home, OU=None, CN=Home CA, emailAddress=XX Mon Aug 18 13:16:31 2014 109.91.169.175:59973 VERIFY OK: depth=0, C=DE, ST=XX, L=XX, O=Home, OU=None, CN=XX, emailAddress=XX I have just realized that the problem only occurrs, when a client connects. So to reproduce the problem a fully working openvpn setup (including keys an certificates) is necessary, including a client. Regards Thomas -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
