Журнал лабораторных работ

17:51:45

#ping 10.0.35.100

PING 10.0.35.100 (10.0.35.100) 56(84) bytes of data.
64 bytes from 10.0.35.100: icmp_seq=1 ttl=62 time=0.238 ms
64 bytes from 10.0.35.100: icmp_seq=2 ttl=62 time=0.227 ms
^C
--- 10.0.35.100 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 999ms
rtt min/avg/max/mdev = 0.227/0.232/0.238/0.016 ms

17:51:51

#ping 10.0.35.100

PING 10.0.35.100 (10.0.35.100) 56(84) bytes of data.
^C
--- 10.0.35.100 ping statistics ---
2 packets transmitted, 0 received, 100% packet loss, time 1008ms

17:52:30

#cd /etc/open

bash: cd: /etc/open: Нет такого файла или каталога

/dev/pts/4

17:52:33

#screen -x

17:52:33

#traceroute 10.0.35.100

traceroute to 10.0.35.100 (10.0.35.100), 30 hops max, 60 byte packets^C

17:52:42

#netstat -rn

Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
192.168.106.0   0.0.0.0         255.255.255.0   U         0 0          0 eth0
0.0.0.0         192.168.106.1   0.0.0.0         UG        0 0          0 eth0

17:53:39

#cd /etc/open

openoffice/ openvpn/

17:53:39

#cd /etc/openvpn/

17:53:46

#openvpn --genkey --secret

17:54:37

#openvpn --genkey --secret linux11.key

17:55:54

#ls -l

итого 8
-rw------- 1 root root  636 Июн  3 17:55 linux11.key
-rwxr-xr-x 1 root root 1352 Май  1 15:25 update-resolv-conf

/dev/pts/17

17:56:01

#ssh 10.0.35.100

root@10.0.35.100's password:
Linux linux0 2.6.18-6-xen-686 #1 SMP Sun Feb 10 22:43:13 UTC 2008 i686
The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Wed Jun  3 18:08:08 2009 from linux1.unix.nt
l3-agent is already running: pid=4804; pidfile=/root/.lilalo/l3-agent.pid

17:56:06

#vi server.conf

--- /dev/null	2009-06-03 09:23:50.502835532 +0300
+++ server.conf	2009-06-03 17:58:47.000000000 +0300
@@ -0,0 +1,5 @@
+port 443
+proto tcp-server
+dev tun
+ifconfig 172.16.1.6 172.16.1.5
+secret linux11.key

17:58:47

#ls -l

итого 12
-rw------- 1 root root  636 Июн  3 17:55 linux11.key
-rw-r--r-- 1 root root   84 Июн  3 17:58 server.conf
-rwxr-xr-x 1 root root 1352 Май  1 15:25 update-resolv-conf

17:58:49

#cat server.conf

port 443
proto tcp-server
dev tun
ifconfig 172.16.1.6 172.16.1.5
secret linux11.key

17:58:57

#ls -l

итого 12
-rw------- 1 root root  636 Июн  3 17:55 linux11.key
-rw-r--r-- 1 root root   84 Июн  3 17:58 server.conf
-rwxr-xr-x 1 root root 1352 Май  1 15:25 update-resolv-conf

18:01:45

#ssh root@192.168.205.2

The authenticity of host '192.168.205.2 (192.168.205.2)' can't be established.
RSA key fingerprint is 34:6c:c2:da:38:7c:d7:17:e9:cd:17:8d:e7:cf:f1:a6.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.205.2' (RSA) to the list of known hosts.
Linux linux9 2.6.29-2-686 #1 SMP Sun May 17 17:56:29 UTC 2009 i686
The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Wed Jun  3 17:48:18 2009 from 192.168.105.2
l3-agent is already running: pid=17118; pidfile=/root/.lilalo/l3-agent.pid

18:01:48

#ls /etc/openvpn/

linux0.key  update-resolv-conf

18:01:59

#ls -l /etc/openvpn/

итого 8
-rw------- 1 root root  636 Июн  3 17:57 linux0.key
-rwxr-xr-x 1 root root 1352 Май  1 15:25 update-resolv-conf

18:02:08

#ls -l /etc/openvpn/

итого 12
-rw------- 1 root root  636 Июн  3 18:03 linux9.key
-rw-r--r-- 1 root root   84 Июн  3 18:02 server.conf
-rwxr-xr-x 1 root root 1352 Май  1 15:25 update-resolv-conf

18:03:27

#scp /etc/openvpn/linux9.key 192.168.206.2:/etc/openvpn/

The authenticity of host '192.168.206.2 (192.168.206.2)' can't be established.
RSA key fingerprint is 34:6c:c2:da:38:7c:d7:17:e9:cd:17:8d:e7:cf:f1:a6.
+--[ RSA 2048]----+
|                 |
|     . .     . ..|
|      o =   o ..o|
|   . + + o . + o.|
|    = o S . o o.o|
|     o .   .   o+|
|                =|
|               o |
|              E  |
+-----------------+
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.206.2' (RSA) to the list of known hosts.
root@192.168.206.2's password:
Agent pid 1695

18:04:12

#scp /etc/openvpn/linux9.key 192.168.206.2:/etc/openvpn

Host key fingerprint is 34:6c:c2:da:38:7c:d7:17:e9:cd:17:8d:e7:cf:f1:a6
+--[ RSA 2048]----+
|                 |
|     . .     . ..|
|      o =   o ..o|
|   . + + o . + o.|
|    = o S . o o.o|
|     o .   .   o+|
|                =|
|               o |
|              E  |
+-----------------+
root@192.168.206.2's password:
Permission denied, please try again.
root@192.168.206.2's password:
Agent pid 1695

18:04:21

#ls -l

итого 12
-rw------- 1 root root  636 Июн  3 17:55 linux11.key
-rw-r--r-- 1 root root   84 Июн  3 17:58 server.conf
-rwxr-xr-x 1 root root 1352 Май  1 15:25 update-resolv-conf

18:04:39

#rsync -au /etc/open

openoffice/ openvpn/

18:04:53

#ls -l

итого 12
-rw------- 1 root root  636 Июн  3 17:55 linux11.key
-rw-r--r-- 1 root root   84 Июн  3 17:58 server.conf
-rwxr-xr-x 1 root root 1352 Май  1 15:25 update-resolv-conf

18:05:13

#rsync 192.168.205.2:/etc/openvpn/ /etc/openvpn

Enter passphrase for key '/root/.ssh/id_dsa':
skipping directory .

18:08:00

#exit

exit
Connection to 192.168.205.2 closed.

18:08:11

#rsync 192.168.205.2:/etc/openvpn /etc/openvpn

Enter passphrase for key '/root/.ssh/id_dsa':
skipping directory openvpn

18:08:18

#ssh root@192.168.205.2

^C

18:08:31

#rsync au 192.168.205.2:/etc/openvpn/ /etc/openvpn

Unexpected remote arg: 192.168.205.2:/etc/openvpn/
rsync error: syntax or usage error (code 1) at main.c(1220) [sender=3.0.5]

18:08:42

#rsync au 192.168.205.2:/etc/openvpn /etc/openvpn

Unexpected remote arg: 192.168.205.2:/etc/openvpn
rsync error: syntax or usage error (code 1) at main.c(1220) [sender=3.0.5]

18:08:53

#rsync -au 192.168.205.2:/etc/openvpn /etc/openvpn

Enter passphrase for key '/root/.ssh/id_dsa':

18:09:04

#rsync -au 192.168.205.2:/etc/openvpn /etc/openvpn/

Enter passphrase for key '/root/.ssh/id_dsa':

18:09:15

#ls -l openvpn/

итого 12
-rw------- 1 root root  636 Июн  3 18:03 linux9.key
-rw-r--r-- 1 root root   84 Июн  3 18:05 server.conf
-rwxr-xr-x 1 root root 1352 Май  1 15:25 update-resolv-conf

18:09:26

#mv /etc/openvpn/openvpn/linux9.key /etc/openvpn/

/dev/pts/17

18:10:20

#screen -x

18:10:31

#vim client.conf

18:10:57

#~ +q436f+q6b75+q6b64+q6b72+q6b6c+q2332+q2334+q2569+q2a37+q6b31

18:12:08

#cat client.conf

port 443
proto tcp-client
dev tun
ifconfig 172.16.1.6 172.16.1.5
secret linux9.key

18:12:15

#vim client.conf

--- /tmp/l3-saved-4448.22975.30234	2009-06-03 18:12:28.000000000 +0300
+++ client.conf	2009-06-03 18:12:47.000000000 +0300
@@ -3,3 +3,4 @@
 dev tun
 ifconfig 172.16.1.6 172.16.1.5
 secret linux9.key
+remote 172.16.1.5

18:12:47

#/etc/init.d/openvpn start

Starting virtual private network daemon: client server.

18:13:20

#ifconfig

eth0      Link encap:Ethernet  HWaddr 00:1b:fc:7d:bc:f5
          inet addr:192.168.15.11  Bcast:192.168.15.255  Mask:255.255.255.0
          inet6 addr: fe80::21b:fcff:fe7d:bcf5/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:70309 errors:0 dropped:0 overruns:0 frame:0
          TX packets:58596 errors:0 dropped:0 overruns:0 carrier:2
          collisions:0 txqueuelen:1000
          RX bytes:29672837 (28.2 MiB)  TX bytes:7811042 (7.4 MiB)
eth0.106  Link encap:Ethernet  HWaddr 00:1b:fc:7d:bc:f5
          inet addr:192.168.106.1  Bcast:192.168.106.255  Mask:255.255.255.0
...
          TX packets:1020 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:62036 (60.5 KiB)  TX bytes:62036 (60.5 KiB)
tun0      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
          inet addr:172.16.1.6  P-t-P:172.16.1.5  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

18:13:27

#ping 172.16.1.5

PING 172.16.1.5 (172.16.1.5) 56(84) bytes of data.
^C
--- 172.16.1.5 ping statistics ---
3 packets transmitted, 0 received, 100% packet loss, time 2016ms

18:13:38

#ping 172.16.1.6

PING 172.16.1.6 (172.16.1.6) 56(84) bytes of data.
64 bytes from 172.16.1.6: icmp_seq=1 ttl=64 time=0.032 ms
^C
--- 172.16.1.6 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.032/0.032/0.032/0.000 ms

18:13:40

#ping 172.16.1.5

PING 172.16.1.5 (172.16.1.5) 56(84) bytes of data.
^C
--- 172.16.1.5 ping statistics ---
1 packets transmitted, 0 received, 100% packet loss, time 0ms

18:13:44

#ping 192.168.205.2

PING 192.168.205.2 (192.168.205.2) 56(84) bytes of data.
64 bytes from 192.168.205.2: icmp_seq=1 ttl=63 time=1.31 ms
64 bytes from 192.168.205.2: icmp_seq=2 ttl=63 time=2.58 ms
^C
--- 192.168.205.2 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 1.314/1.949/2.585/0.637 ms

18:13:58

#ping 192.168.105.2

PING 192.168.105.2 (192.168.105.2) 56(84) bytes of data.
From 10.0.35.1 icmp_seq=1 Time to live exceeded
From 10.0.35.1 icmp_seq=2 Time to live exceeded
^C
--- 192.168.105.2 ping statistics ---
2 packets transmitted, 0 received, +2 errors, 100% packet loss, time 1001ms

18:14:16

#ip route add 192.168.105.0/24 -via tun0

Error: either "to" is duplicate, or "-via" is a garbage.

18:14:47

#ip route add 192.168.105.0/24 via tun0

Error: an inet address is expected rather than "tun0".

18:15:20

#netstat -rn

Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
172.16.1.5      0.0.0.0         255.255.255.255 UH        0 0          0 tun0
192.168.15.0    0.0.0.0         255.255.255.0   U         0 0          0 eth0
192.168.106.0   0.0.0.0         255.255.255.0   U         0 0          0 eth0.106
192.168.206.0   0.0.0.0         255.255.255.0   U         0 0          0 eth0.206
0.0.0.0         192.168.206.1   0.0.0.0         UG        0 0          0 eth0.206
0.0.0.0         192.168.15.254  0.0.0.0         UG        0 0          0 eth0

18:16:16

#ifconfig

eth0      Link encap:Ethernet  HWaddr 00:1b:fc:7d:bc:f5
          inet addr:192.168.15.11  Bcast:192.168.15.255  Mask:255.255.255.0
          inet6 addr: fe80::21b:fcff:fe7d:bcf5/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:70553 errors:0 dropped:0 overruns:0 frame:0
          TX packets:59048 errors:0 dropped:0 overruns:0 carrier:2
          collisions:0 txqueuelen:1000
          RX bytes:29696504 (28.3 MiB)  TX bytes:7846039 (7.4 MiB)
eth0.106  Link encap:Ethernet  HWaddr 00:1b:fc:7d:bc:f5
          inet addr:192.168.106.1  Bcast:192.168.106.255  Mask:255.255.255.0
...
          TX packets:1028 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:62378 (60.9 KiB)  TX bytes:62378 (60.9 KiB)
tun0      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
          inet addr:172.16.1.6  P-t-P:172.16.1.5  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

18:16:19

#ping 172.16.1.6

PING 172.16.1.6 (172.16.1.6) 56(84) bytes of data.
64 bytes from 172.16.1.6: icmp_seq=1 ttl=64 time=0.031 ms
64 bytes from 172.16.1.6: icmp_seq=2 ttl=64 time=0.019 ms
64 bytes from 172.16.1.6: icmp_seq=3 ttl=64 time=0.014 ms
^C
--- 172.16.1.6 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1998ms
rtt min/avg/max/mdev = 0.014/0.021/0.031/0.008 ms

18:16:27

#ping 172.16.1.5

PING 172.16.1.5 (172.16.1.5) 56(84) bytes of data.
^C
--- 172.16.1.5 ping statistics ---
5 packets transmitted, 0 received, 100% packet loss, time 4032ms

18:16:34

#tail /var/log/daemon.log

Jun  3 17:21:05 linux11 monit[3279]: 'sshd' process PID changed to 15730
Jun  3 17:24:05 linux11 monit[3279]: 'sshd' PID has not changed
Jun  3 18:13:19 linux11 ovpn-client[20516]: Options error: --local and --remote addresses must be distinct from --ifconfig addresses
Jun  3 18:13:19 linux11 ovpn-client[20516]: Use --help for more information.
Jun  3 18:13:19 linux11 ovpn-server[20519]: OpenVPN 2.1_rc15 i486-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] built on May  1 2009
Jun  3 18:13:19 linux11 ovpn-server[20519]: NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Jun  3 18:13:19 linux11 ovpn-server[20519]: /usr/sbin/openvpn-vulnkey -q linux11.key
Jun  3 18:13:20 linux11 ovpn-server[20519]: TUN/TAP device tun0 opened
Jun  3 18:13:20 linux11 ovpn-server[20519]: /sbin/ifconfig tun0 172.16.1.6 pointopoint 172.16.1.5 mtu 1500
Jun  3 18:13:20 linux11 ovpn-server[20528]: Listening for incoming TCP connection on [undef]:443

18:16:52

#tail -f /var/log/daemon.log

Jun  3 17:21:05 linux11 monit[3279]: 'sshd' process PID changed to 15730
Jun  3 17:24:05 linux11 monit[3279]: 'sshd' PID has not changed
Jun  3 18:13:19 linux11 ovpn-client[20516]: Options error: --local and --remote addresses must be distinct from --ifconfig addresses
Jun  3 18:13:19 linux11 ovpn-client[20516]: Use --help for more information.
Jun  3 18:13:19 linux11 ovpn-server[20519]: OpenVPN 2.1_rc15 i486-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] built on May  1 2009
Jun  3 18:13:19 linux11 ovpn-server[20519]: NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Jun  3 18:13:19 linux11 ovpn-server[20519]: /usr/sbin/openvpn-vulnkey -q linux11.key
Jun  3 18:13:20 linux11 ovpn-server[20519]: TUN/TAP device tun0 opened
Jun  3 18:13:20 linux11 ovpn-server[20519]: /sbin/ifconfig tun0 172.16.1.6 pointopoint 172.16.1.5 mtu 1500
Jun  3 18:13:20 linux11 ovpn-server[20528]: Listening for incoming TCP connection on [undef]:443
Jun  3 18:17:24 linux11 ovpn-server[20528]: /sbin/ifconfig tun0 0.0.0.0
Jun  3 18:17:24 linux11 ovpn-server[20528]: SIGTERM[hard,init_instance] received, process exiting
Jun  3 18:17:25 linux11 ovpn-client[21451]: Options error: --local and --remote addresses must be distinct from --ifconfig addresses
Jun  3 18:17:25 linux11 ovpn-client[21451]: Use --help for more information.
Jun  3 18:17:25 linux11 ovpn-server[21454]: OpenVPN 2.1_rc15 i486-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] built on May  1 2009
Jun  3 18:17:25 linux11 ovpn-server[21454]: NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Jun  3 18:17:25 linux11 ovpn-server[21454]: /usr/sbin/openvpn-vulnkey -q linux11.key
Jun  3 18:17:25 linux11 ovpn-server[21454]: TUN/TAP device tun0 opened
Jun  3 18:17:25 linux11 ovpn-server[21454]: /sbin/ifconfig tun0 172.16.1.6 pointopoint 172.16.1.5 mtu 1500
Jun  3 18:17:25 linux11 ovpn-server[21458]: Listening for incoming TCP connection on [undef]:443
^C

18:17:08

#exit

exit
Connection to 192.168.106.2 closed.

18:17:09

#/etc/init.d/openvpn restart

Stopping virtual private network daemon: server.
Starting virtual private network daemon: client server.

18:17:25

#/etc/init.d/openvpn restart

Stopping virtual private network daemon: server.
Starting virtual private network daemon: client failed!

18:18:19

итого 24
-rw-r--r-- 1 root root  101 Июн  3 18:12 client.conf
-rw------- 1 root root  636 Июн  3 17:55 linux11.key
-rw------- 1 root root  636 Июн  3 18:03 linux9.key
drwxr-xr-x 2 root root 4096 Июн  3 18:10 openvpn
-rw-r--r-- 1 root root   84 Июн  3 17:58 server.conf
-rwxr-xr-x 1 root root 1352 Май  1 15:25 update-resolv-conf

18:18:24

#mkdir old

18:18:45

#mv server.conf /old

18:18:55

#ls -l

итого 24
-rw-r--r-- 1 root root  101 Июн  3 18:12 client.conf
-rw------- 1 root root  636 Июн  3 17:55 linux11.key
-rw------- 1 root root  636 Июн  3 18:03 linux9.key
drwxr-xr-x 2 root root 4096 Июн  3 18:18 old
drwxr-xr-x 2 root root 4096 Июн  3 18:10 openvpn
-rwxr-xr-x 1 root root 1352 Май  1 15:25 update-resolv-conf

18:19:08

#/etc/init.d/openvpn restart

Stopping virtual private network daemon:.
Starting virtual private network daemon: client failed!

18:19:26

#/etc/init.d/openvpn restart

Stopping virtual private network daemon:.
Starting virtual private network daemon: client.

18:20:07

#/etc/init.d/openvpn restart

Stopping virtual private network daemon: client.
Starting virtual private network daemon: client.

18:21:00

#tail -f /var/log/daemon.log

Jun  3 18:20:36 linux11 ovpn-client[21737]: OpenVPN 2.1_rc15 i486-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] built on May  1 2009
Jun  3 18:20:36 linux11 ovpn-client[21737]: NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Jun  3 18:20:36 linux11 ovpn-client[21737]: /usr/sbin/openvpn-vulnkey -q linux9.key
Jun  3 18:20:36 linux11 ovpn-client[21737]: TUN/TAP device tun0 opened
Jun  3 18:20:37 linux11 ovpn-client[21742]: Attempting to establish TCP connection with 192.168.205.1:443 [nonblock]
Jun  3 18:20:38 linux11 ovpn-client[21742]: TCP: connect to 192.168.205.1:443 failed, will try again in 5 seconds: Connection refused
Jun  3 18:20:44 linux11 ovpn-client[21742]: TCP: connect to 192.168.205.1:443 failed, will try again in 5 seconds: Connection refused
Jun  3 18:20:50 linux11 ovpn-client[21742]: TCP: connect to 192.168.205.1:443 failed, will try again in 5 seconds: Connection refused
Jun  3 18:20:56 linux11 ovpn-client[21742]: TCP: connect to 192.168.205.1:443 failed, will try again in 5 seconds: Connection refused
Jun  3 18:21:02 linux11 ovpn-client[21742]: TCP: connect to 192.168.205.1:443 failed, will try again in 5 seconds: Connection refused
...
Jun  3 18:21:06 linux11 ovpn-client[21807]: NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Jun  3 18:21:06 linux11 ovpn-client[21807]: /usr/sbin/openvpn-vulnkey -q linux9.key
Jun  3 18:21:06 linux11 ovpn-client[21807]: TUN/TAP device tun0 opened
Jun  3 18:21:06 linux11 ovpn-client[21809]: Attempting to establish TCP connection with 192.168.205.2:443 [nonblock]
Jun  3 18:21:07 linux11 ovpn-client[21809]: TCP connection established with 192.168.205.2:443
Jun  3 18:21:07 linux11 ovpn-client[21809]: TCPv4_CLIENT link local: [undef]
Jun  3 18:21:07 linux11 ovpn-client[21809]: TCPv4_CLIENT link remote: 192.168.205.2:443
Jun  3 18:21:07 linux11 ovpn-client[21809]: Peer Connection Initiated with 192.168.205.2:443
Jun  3 18:21:09 linux11 ovpn-client[21809]: Initialization Sequence Completed
^C

18:21:06

#/etc/init.d/openvpn restart

Stopping virtual private network daemon: client.
Starting virtual private network daemon: client.

18:21:11

#ping 172.168.1.5

PING 172.168.1.5 (172.168.1.5) 56(84) bytes of data.
^C
--- 172.168.1.5 ping statistics ---
1 packets transmitted, 0 received, 100% packet loss, time 0ms

18:21:23

#ping 172.168.1.6

PING 172.168.1.6 (172.168.1.6) 56(84) bytes of data.
^C
--- 172.168.1.6 ping statistics ---
1 packets transmitted, 0 received, 100% packet loss, time 0ms

18:21:25

#netstat -rn

Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
192.168.15.0    0.0.0.0         255.255.255.0   U         0 0          0 eth0
192.168.106.0   0.0.0.0         255.255.255.0   U         0 0          0 eth0.106
192.168.206.0   0.0.0.0         255.255.255.0   U         0 0          0 eth0.206
0.0.0.0         192.168.206.1   0.0.0.0         UG        0 0          0 eth0.206
0.0.0.0         192.168.15.254  0.0.0.0         UG        0 0          0 eth0

18:21:29

#ifconfig

eth0      Link encap:Ethernet  HWaddr 00:1b:fc:7d:bc:f5
          inet addr:192.168.15.11  Bcast:192.168.15.255  Mask:255.255.255.0
          inet6 addr: fe80::21b:fcff:fe7d:bcf5/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:70761 errors:0 dropped:0 overruns:0 frame:0
          TX packets:59941 errors:0 dropped:0 overruns:0 carrier:2
          collisions:0 txqueuelen:1000
          RX bytes:29719279 (28.3 MiB)  TX bytes:7915458 (7.5 MiB)
eth0.106  Link encap:Ethernet  HWaddr 00:1b:fc:7d:bc:f5
          inet addr:192.168.106.1  Bcast:192.168.106.255  Mask:255.255.255.0
...
          collisions:0 txqueuelen:0
          RX bytes:201468 (196.7 KiB)  TX bytes:424771 (414.8 KiB)
lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:1045 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1045 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:63201 (61.7 KiB)  TX bytes:63201 (61.7 KiB)

18:21:39

#ifconfig

eth0      Link encap:Ethernet  HWaddr 00:1b:fc:7d:bc:f5
          inet addr:192.168.15.11  Bcast:192.168.15.255  Mask:255.255.255.0
          inet6 addr: fe80::21b:fcff:fe7d:bcf5/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:70768 errors:0 dropped:0 overruns:0 frame:0
          TX packets:59971 errors:0 dropped:0 overruns:0 carrier:2
          collisions:0 txqueuelen:1000
          RX bytes:29719757 (28.3 MiB)  TX bytes:7917780 (7.5 MiB)
eth0.106  Link encap:Ethernet  HWaddr 00:1b:fc:7d:bc:f5
          inet addr:192.168.106.1  Bcast:192.168.106.255  Mask:255.255.255.0
...
          collisions:0 txqueuelen:0
          RX bytes:201514 (196.7 KiB)  TX bytes:426959 (416.9 KiB)
lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:1046 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1046 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:63230 (61.7 KiB)  TX bytes:63230 (61.7 KiB)

18:21:47

#ifconfig

eth0      Link encap:Ethernet  HWaddr 00:1b:fc:7d:bc:f5
          inet addr:192.168.15.11  Bcast:192.168.15.255  Mask:255.255.255.0
          inet6 addr: fe80::21b:fcff:fe7d:bcf5/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:70769 errors:0 dropped:0 overruns:0 frame:0
          TX packets:59972 errors:0 dropped:0 overruns:0 carrier:2
          collisions:0 txqueuelen:1000
          RX bytes:29719821 (28.3 MiB)  TX bytes:7917840 (7.5 MiB)
eth0.106  Link encap:Ethernet  HWaddr 00:1b:fc:7d:bc:f5
          inet addr:192.168.106.1  Bcast:192.168.106.255  Mask:255.255.255.0
...
          collisions:0 txqueuelen:0
          RX bytes:201514 (196.7 KiB)  TX bytes:426959 (416.9 KiB)
lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:1046 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1046 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:63230 (61.7 KiB)  TX bytes:63230 (61.7 KiB)

18:21:48

#ifconfig

eth0      Link encap:Ethernet  HWaddr 00:1b:fc:7d:bc:f5
          inet addr:192.168.15.11  Bcast:192.168.15.255  Mask:255.255.255.0
          inet6 addr: fe80::21b:fcff:fe7d:bcf5/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:70771 errors:0 dropped:0 overruns:0 frame:0
          TX packets:59989 errors:0 dropped:0 overruns:0 carrier:2
          collisions:0 txqueuelen:1000
          RX bytes:29719955 (28.3 MiB)  TX bytes:7919150 (7.5 MiB)
eth0.106  Link encap:Ethernet  HWaddr 00:1b:fc:7d:bc:f5
          inet addr:192.168.106.1  Bcast:192.168.106.255  Mask:255.255.255.0
...
          collisions:0 txqueuelen:0
          RX bytes:201612 (196.8 KiB)  TX bytes:428201 (418.1 KiB)
lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:1046 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1046 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:63230 (61.7 KiB)  TX bytes:63230 (61.7 KiB)

18:21:51

#/etc/init.d/openvpn restart

Stopping virtual private network daemon: client.
Starting virtual private network daemon: client.

18:21:53

#ifconfig

eth0      Link encap:Ethernet  HWaddr 00:1b:fc:7d:bc:f5
          inet addr:192.168.15.11  Bcast:192.168.15.255  Mask:255.255.255.0
          inet6 addr: fe80::21b:fcff:fe7d:bcf5/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:70771 errors:0 dropped:0 overruns:0 frame:0
          TX packets:59989 errors:0 dropped:0 overruns:0 carrier:2
          collisions:0 txqueuelen:1000
          RX bytes:29719955 (28.3 MiB)  TX bytes:7919150 (7.5 MiB)
eth0.106  Link encap:Ethernet  HWaddr 00:1b:fc:7d:bc:f5
          inet addr:192.168.106.1  Bcast:192.168.106.255  Mask:255.255.255.0
...
          collisions:0 txqueuelen:0
          RX bytes:201612 (196.8 KiB)  TX bytes:428201 (418.1 KiB)
lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:1046 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1046 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:63230 (61.7 KiB)  TX bytes:63230 (61.7 KiB)

18:21:54

#ifconfig -a

eth0      Link encap:Ethernet  HWaddr 00:1b:fc:7d:bc:f5
          inet addr:192.168.15.11  Bcast:192.168.15.255  Mask:255.255.255.0
          inet6 addr: fe80::21b:fcff:fe7d:bcf5/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:70771 errors:0 dropped:0 overruns:0 frame:0
          TX packets:59989 errors:0 dropped:0 overruns:0 carrier:2
          collisions:0 txqueuelen:1000
          RX bytes:29719955 (28.3 MiB)  TX bytes:7919150 (7.5 MiB)
eth0.106  Link encap:Ethernet  HWaddr 00:1b:fc:7d:bc:f5
          inet addr:192.168.106.1  Bcast:192.168.106.255  Mask:255.255.255.0
...
          RX packets:1046 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1046 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:63230 (61.7 KiB)  TX bytes:63230 (61.7 KiB)
tun0      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
          POINTOPOINT NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

18:21:55

#ifconfig

18:22:08

#vi client.conf

--- /tmp/l3-saved-4448.19651.26098	2009-06-03 18:22:14.000000000 +0300
+++ client.conf	2009-06-03 18:22:19.000000000 +0300
@@ -1,6 +1,6 @@
 port 443
 proto tcp-client
 dev tun
-#ifconfig 172.16.1.6 172.16.1.5
+ifconfig 172.16.1.6 172.16.1.5
 secret linux9.key
 remote 192.168.205.2

18:22:19

#ifconfig

18:22:24

#ifconfig

eth0      Link encap:Ethernet  HWaddr 00:1b:fc:7d:bc:f5
          inet addr:192.168.15.11  Bcast:192.168.15.255  Mask:255.255.255.0
          inet6 addr: fe80::21b:fcff:fe7d:bcf5/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:70792 errors:0 dropped:0 overruns:0 frame:0
          TX packets:60110 errors:0 dropped:0 overruns:0 carrier:2
          collisions:0 txqueuelen:1000
          RX bytes:29722536 (28.3 MiB)  TX bytes:7928662 (7.5 MiB)
eth0.106  Link encap:Ethernet  HWaddr 00:1b:fc:7d:bc:f5
          inet addr:192.168.106.1  Bcast:192.168.106.255  Mask:255.255.255.0
...
          TX packets:1047 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:63259 (61.7 KiB)  TX bytes:63259 (61.7 KiB)
tun0      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
          inet addr:172.16.1.6  P-t-P:172.16.1.5  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

18:22:27

#/etc/init.d/openvpn restart

Stopping virtual private network daemon: client.
Starting virtual private network daemon: client.

18:22:31

#ping 192.168.1.5

PING 192.168.1.5 (192.168.1.5) 56(84) bytes of data.
^C
--- 192.168.1.5 ping statistics ---
2 packets transmitted, 0 received, 100% packet loss, time 999ms

18:22:39

#ping 192.168.1.6

PING 192.168.1.6 (192.168.1.6) 56(84) bytes of data.
^C
--- 192.168.1.6 ping statistics ---
1 packets transmitted, 0 received, 100% packet loss, time 0ms

18:22:41

#ping 172.16.1.6

PING 172.16.1.6 (172.16.1.6) 56(84) bytes of data.
64 bytes from 172.16.1.6: icmp_seq=1 ttl=64 time=0.034 ms
^C
--- 172.16.1.6 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.034/0.034/0.034/0.000 ms

18:22:48

#ping 172.16.1.5

PING 172.16.1.5 (172.16.1.5) 56(84) bytes of data.
64 bytes from 172.16.1.5: icmp_seq=1 ttl=64 time=0.392 ms
^C
--- 172.16.1.5 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.392/0.392/0.392/0.000 ms

18:22:50

#netstat -rn

Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
172.16.1.5      0.0.0.0         255.255.255.255 UH        0 0          0 tun0
192.168.15.0    0.0.0.0         255.255.255.0   U         0 0          0 eth0
192.168.106.0   0.0.0.0         255.255.255.0   U         0 0          0 eth0.106
192.168.206.0   0.0.0.0         255.255.255.0   U         0 0          0 eth0.206
0.0.0.0         192.168.206.1   0.0.0.0         UG        0 0          0 eth0.206
0.0.0.0         192.168.15.254  0.0.0.0         UG        0 0          0 eth0

18:22:58

#ip route add 192.168.105.0/24 via tun0

Error: an inet address is expected rather than "tun0".

18:23:40

#ip route add 192.168.105.0/24 via /dev/tun0

Error: an inet address is expected rather than "/dev/tun0".

18:24:11

#ip route add 192.168.105.0/24 dev tun0

18:24:23

#ping 192.168.105.1

PING 192.168.105.1 (192.168.105.1) 56(84) bytes of data.
64 bytes from 192.168.105.1: icmp_seq=1 ttl=64 time=0.566 ms
^C
--- 192.168.105.1 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.566/0.566/0.566/0.000 ms

18:24:34

#ping 192.168.105.2

PING 192.168.105.2 (192.168.105.2) 56(84) bytes of data.
64 bytes from 192.168.105.2: icmp_seq=1 ttl=63 time=1.54 ms
64 bytes from 192.168.105.2: icmp_seq=2 ttl=63 time=1.43 ms
^C
--- 192.168.105.2 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 1.438/1.491/1.544/0.053 ms

18:24:37

#ping 192.168.105.2

PING 192.168.105.2 (192.168.105.2) 56(84) bytes of data.
64 bytes from 192.168.105.2: icmp_seq=1 ttl=63 time=1.62 ms
64 bytes from 192.168.105.2: icmp_seq=2 ttl=63 time=1.43 ms
64 bytes from 192.168.105.2: icmp_seq=3 ttl=63 time=1.45 ms
64 bytes from 192.168.105.2: icmp_seq=4 ttl=63 time=1.43 ms
64 bytes from 192.168.105.2: icmp_seq=5 ttl=63 time=1.45 ms
64 bytes from 192.168.105.2: icmp_seq=6 ttl=63 time=1.46 ms
64 bytes from 192.168.105.2: icmp_seq=7 ttl=63 time=1.43 ms
^C
--- 192.168.105.2 ping statistics ---
7 packets transmitted, 7 received, 0% packet loss, time 6008ms
rtt min/avg/max/mdev = 1.431/1.472/1.627/0.064 ms

18:26:44

#netstat -rn

Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
172.16.1.5      0.0.0.0         255.255.255.255 UH        0 0          0 tun0
192.168.105.0   172.16.1.5      255.255.255.255 UGH       0 0          0 tun0
192.168.15.0    0.0.0.0         255.255.255.0   U         0 0          0 eth0
192.168.106.0   0.0.0.0         255.255.255.0   U         0 0          0 eth0.106
192.168.206.0   0.0.0.0         255.255.255.0   U         0 0          0 eth0.206
0.0.0.0         192.168.206.1   0.0.0.0         UG        0 0          0 eth0.206
0.0.0.0         192.168.15.254  0.0.0.0         UG        0 0          0 eth0

18:26:50

#/etc/init.d/openvpn stop

Stopping virtual private network daemon: client.

18:26:53

#netstat -rn

Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
192.168.15.0    0.0.0.0         255.255.255.0   U         0 0          0 eth0
192.168.106.0   0.0.0.0         255.255.255.0   U         0 0          0 eth0.106
192.168.206.0   0.0.0.0         255.255.255.0   U         0 0          0 eth0.206
0.0.0.0         192.168.206.1   0.0.0.0         UG        0 0          0 eth0.206
0.0.0.0         192.168.15.254  0.0.0.0         UG        0 0          0 eth0

18:27:01

#/etc/init.d/openvpn restart

Stopping virtual private network daemon:.
Starting virtual private network daemon: client.

18:27:04

#netstat -rn

Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
172.16.1.5      0.0.0.0         255.255.255.255 UH        0 0          0 tun0
192.168.105.0   172.16.1.5      255.255.255.255 UGH       0 0          0 tun0
192.168.15.0    0.0.0.0         255.255.255.0   U         0 0          0 eth0
192.168.106.0   0.0.0.0         255.255.255.0   U         0 0          0 eth0.106
192.168.206.0   0.0.0.0         255.255.255.0   U         0 0          0 eth0.206
0.0.0.0         192.168.206.1   0.0.0.0         UG        0 0          0 eth0.206
0.0.0.0         192.168.15.254  0.0.0.0         UG        0 0          0 eth0

18:27:08

#/etc/init.d/openvpn stop

Stopping virtual private network daemon: client.