Raah: write UDPv4: Operation not permitted (code=1) and other crap
-
:-[ :'( :-\
( >:( )
G'day all :)
Once again, I am wresting for hours with the stupid OpenVPN client.
[list]
- Problem: connection constantly drops, for months. It works for a couple of minutes, then it drops again.
- Test: bought another provider's one month package to see if it happened there too. It did.
- Setup both new from scratch to see if that helped: nope.
- Disabled one and kept only the other running and vice versa to see if that would help: nope.
- Changed their servers to see if the problem was there: nope.
- I basically did the steps detailed here: https://forum.pfsense.org/index.php?topic=76015.0
- I added, to this tuto above, the settings from the conf. files from both providers to the 'advanced settings' in the VPN-client.
- Looking in the logs I see that 'Write UDPv4 not permitted' many times, and from what I can tell just before the client goes down.
- I also saw some new errors I hadn't seen before: I will attach the logs as text (the DELETED text in it is scrubbing my IP), as they are rather large.
As you can see in the logs, two errors strike me immediately:
Jan 2 12:37:00 openvpn[20550]: PID_ERR replay-window backtrack occurred [4] [SSL-0] [0000_00000000000000000000000000000000000000000000000000000000000] 0:4536 0:4532 t=1420198620[0] r=[0,64,15,4,1] sl=[8,64,64,528]
Jan 2 12:36:52 openvpn[20550]: PID_ERR replay-window backtrack occurred [2] [SSL-0] [00_0000000000000000000000000000000000000000000000000000000000000] 0:2723 0:2721 t=1420198612[0] r=[-2,64,15,2,1] sl=[29,64,64,528]
Jan 2 12:36:47 openvpn[20550]: PID_ERR replay-window backtrack occurred [1] [SSL-0] [0_00000000000000000000000000000000000000000000000000000000000000] 0:1572 0:1571 t=1420198607[0] r=[-2,64,15,1,1] sl=[28,64,64,528]And:
Jan 2 12:35:33 openvpn[20550]: write UDPv4: Operation not permitted (code=1)
Jan 2 12:35:33 openvpn[20550]: write UDPv4: Operation not permitted (code=1)
Jan 2 12:35:33 openvpn[20550]: write UDPv4: Operation not permitted (code=1)
Jan 2 12:35:33 openvpn[20550]: write UDPv4: Operation not permitted (code=1)
Jan 2 12:35:33 openvpn[20550]: write UDPv4: Operation not permitted (code=1)
Jan 2 12:35:33 openvpn[20550]: write UDPv4: Operation not permitted (code=1)
Jan 2 12:35:33 openvpn[20550]: write UDPv4: Operation not permitted (code=1)
Jan 2 12:35:33 openvpn[20550]: write UDPv4: Operation not permitted (code=1)
Jan 2 12:35:33 openvpn[20550]: write UDPv4: Operation not permitted (code=1)
Jan 2 12:35:33 openvpn[20550]: write UDPv4: Operation not permitted (code=1)However, I also note this:
Jan 2 12:35:33 openvpn[20550]: write UDPv4: Operation not permitted (code=1)
Jan 2 12:35:33 openvpn[20550]: write UDPv4: Operation not permitted (code=1)
Jan 2 12:35:33 openvpn[20550]: write UDPv4: Operation not permitted (code=1)
Jan 2 12:35:33 openvpn[20550]: write UDPv4: Operation not permitted (code=1) Jan 2 12:35:33 openvpn[20550]: Authenticate/Decrypt packet error: packet HMAC authentication failed Jan 2 12:35:08 openvpn[20550]: PID_ERR replay-window backtrack occurred [6] [SSL-0] [0_0_0__000000000000000000000000000000000000000000000000000000000] 0:258234 0:258228 t=1420198508[0] r=[-1,64,15,6,1] sl=[53,64,64,528]
Jan 2 12:35:07 openvpn[20550]: PID_ERR replay-window backtrack occurred [5] [SSL-0] [0_0_0_0000000000000000000000000000000000000000000000000000000000] 0:255076 0:255071 t=1420198507[0] r=[0,64,15,5,1] sl=[11,64,64,528]
Jan 2 12:31:49 openvpn[20550]: PID_ERR replay-window backtrack occurred [4] [SSL-0] [00_0_00000000000000000000000000000000000000000000000000000000000] 0:35620 0:35616 t=1420198309[0] r=[-2,64,15,4,1] sl=[28,64,64,528]
Jan 2 12:31:32 openvpn[20550]: PID_ERR replay-window backtrack occurred [3] [SSL-0] [000_000000000000000000000000000000000000000000000000000000000000] 0:20460 0:20457 t=1420198292[0] r=[0,64,15,3,1] sl=[20,64,64,528]
Jan 2 12:31:24 openvpn[20550]: PID_ERR replay-window backtrack occurred [2] [SSL-0] [00_0000000000000000000000000000000000000000000000000000000000000] 0:12103 0:12101 t=1420198284[0] r=[-2,64,15,2,1] sl=[57,64,64,528]It concerns:
- PrivateInternetAccess (PIA)
- Mullvad
Would anybody happen to know how I solve this crap and help me out of my misery? Because I am getting deep-ly depressed about this instability :-[
Thank you in advance for any help very [u]very very much :-*
PIA.txt
mullvad.txt
mullvad_linux.conf.txt
PIA_Netherlands.ovpn.txt -
Sigh (and raaaahhh >:( ) :-[ :'( :-\
I did a fresh reboot, and bam, within minutes it goes down again: and stays down, even restarting the service doesn't help. I have attached a new log.
[img]https://forum.pfsense.org/data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAb0AAACJCAIAAAA30HEcAAAO4UlEQVR4nO2cvW7bOhhA9SSZM8coYCCvEOQVDA0ZsgR+hFsE8JSpQAcjKIoOnopO3Tq4W6YCF8jUIUGndL5v0DvIkkiKH0VRtPW5OQcdbP2QH1nyhCIpFz8AFPACcDwUTcNdAwBABK03nwGm4w/A8YA3QQVTdwSAAeBNUMHUHQFgAHgTVDB1RwAYAN4EFUzdEQAGgDdBBVIDnTougB14E9SBN0E5eBPUgTdBOXgT1IE3QTl4E9SBN0E5eBPUgTdBOXgT1IE3QTl4E9SBN0E5eBPUkcGb31ezoihmq+97CxJeM3gT1HGU3qxyRNWvA7wJ6jhKb8JrAm+COtK9uSkLk9nq+24YWG7MC5rjs7Kc7a7dXWGn4Nw2My5uLrSvsb85l8DfAt4EdSR60xxjtp8tcbZuMx+rzRs3ZT1IbRTbfDZvND7vbjC8aSn0+2qGN/828CaoI82brqwc6ZUb6xJJef4Euw51PSxkA38neBPUkdmbzRnzCtmbzrP+cG8yt/r3gzdBHbm9aaqwPuT3pvBQjzfBBm+COhLnN7sSa9xVT0q6R/zeNKdIU57Tmd/868GboI5Eb5rjymrpux3zdXZXSs/pjWHr1fMUbz47T/t4828Db4I6kr0p4uxGAhgH3gR1ZPemsY0IIAN4E9SRf7wJkBW8CerAm6AcvAnqwJugHLwJ6sCboJwx3my3bNhb456fOy9dtBf4Tni3azQXxmwgblP1p2G+h2xdZB+qv3Wy9J+ok+876o/Oqb7oskbkK9a+HU0bTvvSdWyZrAJkXnCRvPkDQAep3qw7kvV6hqdzuu+uScaS0o90ic8F3URye9OrE6fkdhhmdG6a4QrxFlfKN1j7Zjhu3sbv/ITLZGv/QN788OHDGkABad709CPHAu4VXSmENGGNlwZ4czabGeltyvaXv/bjzcDY0q9NX9ZGmmL+UgUJ+QZr3xeP+SM/MWVyBssH8ubHjx9//folndXJy8uL0830oDk2tXQrLdqbvuGHY6Ax3ty9eLGKlUib3Wy1Kq1RVlmaEsjvzY5kRG02Bu9UgJlmsjjtfAd4064Z6/9OLlP9ss3K1xDGIzVZvJkXzbGpJd2b/ikw+7DUcztvvnU6nfsbC8O8uVnNjN7vTNftwZtOZcjabCcd5SqR61YssT/fYFZ2XRXmr/s62hXK1L6i6P0DOh6pyeLNvGiOTS0H9WboSc+zkhOWmBxSbYDdNJ07W7cPb1o5hLTZPyccqFu5yN58g7VvhNScWFneDKbd/WVLvBlAs5s0x6aWw3jTwLnc503PT4EN9WZ1W1mWnsm6vXjTONd9bDW16WpmpDdD+QZr34zJXdPvDlBXPtnLT/BZkJos3syL5tjUctj5zS4eiQX2KPX0TN+wrvtlP94U5SMXSMxsyN+KiHxDWxUclzs3CGn79k4VRg3nQWqyeDMvmmNTywhvJqynd+nddpM43vT96Jf8XGlP7KV5U1xcFmYGd0cC6+mR4zdxUXuAN6VtUlEL5ow3e9HsJs2xqWWMNwfv3/SwP2/64nSeLIWvid4U9jL2TOom1FlcvgO9aaYi7DSSIsKbvWh2k+bY1DLOm8/Pce8LafNmN2x5V6JxgXiic2PPw7JR6vT3hTzJ+VbXYr3pfS0h6nUgvNmLZjfFxPbfP/9M/u8wtRHJeG8C7AWpyeLNvODNBI7Km4EVo6wrEnp4fSVukZos3sxLXm9+nVeNc/7V+Hw9L64XeBNg/0hNNuTNp/vz9u/K+f2TcWq7rI4ut333FYELE4ny5tP9eSdTf9R1uGYJ6yvtYm+XveVI8ubiuq2ok3c39fGby/nJ5b+dz1933lxcF+kC7am9w4I3QSlSkw15c7tsLPF0f97o5un+vNaJ8VHGvDcLPW5qtW1mKkS9XTaXtR+bT1b5nu7P+0sx3JuL66KYX97svi7mrToX82K+aI/Xn78y3gQ4DFKTjX1Ob+VnmKbzzcd2WY/atsuiWN7XVju/f2oVZ8qpd5AaNd50AvNHbXu//mYcbW97uj/v/QsRGZvpr38vT4pmUNk8m88X/91czutqmM/n7efLm9qbN+9OKsMurov5u8uT6oJWqW0KxhgWbwLEIzXZWG829nOGmH0jTndsZwqp6NjJstt2KSSc4E0har9cfd6MeESPjs2ZwWwHm83QsjJpz3jT9GadyM3lvJh/rYaxvmd8vAkwAKnJRnrTHjTGe9MRYfvFfQJ2B3ohErzpj9qdQajv6Tyn7wab/hmAwbEZ/rp5d9J56F7Mq4WgId6sXNke/PfyxNBxcyXeBBiC1GRjvPl0f15Yg8ZYbzone70ZIyZvN/MwxpvOupBhzeasVOaJxpseb9rrcngTYDhSk+335nZZRDzxSnea/uv3ZvMt9/zmoOf0bkr1o3r/cli2+c2c403WhQCSkJpsjzcdadaHYtaFunKJ9GZvyvteF3KL0c515vfmiPX0kDf/u7mct2PMm3cnzQV4EyAaqcmG9yG52zb//PkT3NETFmrM/Ka18ynfutCwfUh2MmbI2Z/TG3U2C+at4MZ4k/V0gPFITTbgzWaOz7MxyLOD3PKmV7n9400ry9S1F2fbvTPB2k3Zt++9vcF1b951ocn+hSM8MHgTlCI1Wd6zzAveTABvglKkJos384I3E8CboBSpyeLNvGiOTS14E5QiNVm8mRfNsakFb4JSpCaLN/OiOTa14E1QitRk8WZeNMemFrwJSpGaLN7Mi+bY1II3QSlSk8WbedEcm1rwJihFarJ4My+aY1ML3gSlSE12vV4/Pj6+HBWPj4/r9XrqKPxojk0tVaXhTVBHwJsAGsCboI7URyiACcCboIKpOwLAAPAmqGDqjgAwALwJKpi6IwAMoPUmwIRMvWQKMIDWm1OvVgEAHAc8p4MKpn7wAhgA3gQVTN0RAAaAN0EFU3cEgAHgTVDB1B0BYAB4E1QwdUcAGADeBBVIDXTquAB24E1QB94E5eBNUAfeBOXgTVAH3gTl4E1QB94E5eBNUAfeBOXgTVAH3gTl4E1QB94E5eBNUAfeBOXgTVAH3gTl4E1QB94E5eBNUEe6N7+vZkVRFEUxW31vD5SbPQcMrw28CepI9WZjzVadm7LAm5AdvAnqSPXmptzZ0hYo2oTc4E1QR6I3rWfyRp1YE/KDN0Ed6fObAAcBb4I68CYoB2+COvAmKAdvgjrwJigHb4I68CYoB2+COvAmKAdvgjrwJigHb4I68CYoZ4w37bcymleCn5+fd++3ObQvvglYW5SbC610BdpU/Wk4r5G0F9mH6m+dLP0n6uT7jvqjc6ovuqwR+Yq1b0fThlPHUm5iy7TPV3LwJign1Zt1R9p1mI5XnPNNX5WMJaUf6RKfC7qJ5PamV2BOye0wzOjcNAe84dKXb7D2zXDcvMtNTJm6RcyL5M0fADpI86an4zgWcK/oSiGkCWu8NMCbs5n56zebsjqwP28GxpZ+bfqyNtIU85cqSMg3WPu+eAxv9papruuooXESkjc/fPiwBlBAkje94w3bQGO8Wd1brmIl8mz05VVpjYrK0pRAfm92JCNqszF4pwLMNJPF6VVbjDftmrH+77xpR0c4AsmbHz9+/PXrl3R2Wl5eXpzupA39ER4F3WqM9aZ/Csw+LPVczwSZ482dNTeDemjjzU3z2w6bsjNdtwdvOpUha7OddJSrRK5bscT+fINZ2XVVHbW8GUy7OVf/HdiDQ6UmizfHoD/Co+Cg3gw82PtWcgaPbFo71T+KU2nzee/etHIIabN/TjhQt3KRvfkGa98IqTmxsrwZStsJMD7eAUhNFm+OQX+ER8FhvGngXO7zpmHNVG/ufk2sLD2TdXvxpnFuFdSm66+R3gzlG6x9MyZ3Tb87QHXTjho1j0RqsnhzDPojPArSvZkyv9nFI7HAHqWepVvfsK77ZT/eFOUjF0jMbJCF+vMNbVVwXO7cIKaNN/3ot5L+CI+CEd5MWE/v0rvtJnG8WX+xJ+ek6Ud7Yi/Nm+Jexk52VpkD6+mRG3zEPZQDvCltk+pLW14IG4/UZPHmGPRHeBSM8ebg/Zse9udNX5xONxe+JnrTkkxw1GcWOqHO4vId6E0zFV+objq+tfe8K0NSk8WbY9Af4VEwzptuz3L7jlZvdsOWXGFdIJ7o3NjzsGyUOv19IU9yvtW1WG+6G+PDads3hP+PE5GaLN4cg/4Ij4Lx3gTYC1KTxZtjiInwy8/fx/XvMFVnclTeDKwY7XcL9mS8vhK3SE0Wb44Bb2bhqLwJrwmpyeLNMezZmw/XZ2+uv+FNgImQmizeHMNwb36+KEwVPlyfFRef8CbeBJVITRZvjgFvZgFvglKkJos3x5DPmw/XZ2+ub6+qufbT2wfHm28XRVFcvf35++2iuLi9O62uW3w2kt1RWfj97Zs6kc8X9cEv3+5Oz+7e+/PCmwAdpCaby5tP9+dFcX7/ZB4wv6aQ1Zv7CDCvNxsPNtfsvPn+9k1xdvf+Zy3Q3efmXtuM1b2frnapfbs7reVYy9SbF94E6CA12SzerBW0XbZq2i4LPd7cU4C5x5v18bcLexBaS9M4ZQwqP7kXnN4+fPn5+aK4evvz9/vbNxe31TDTTtbNC28CdJCabA5vGiO3RkzbZbHcjks2nzf3FeABvFkURZHkzSrBh+uzq7ftZ2sYizcBepCabA5v2iO3p/vzohg/lPuT0Zv7CjDBm85Sj/tI7hlvVs/p9VRmtDers3cXZ3fvq8+Lq9P2AR9vAkQgNVnWhcaQsH/TnKw0Poe8WQ08Kxt6vOmd3/z5+8unq3bZ59vdabuOhDcB4pCaLN4cQ+K+92+7BXFjLTvszd3iz+ntg8+bbYLNerrrUNOteBMgEqnJ4s0x8J5lFvAmKEVqsnhzDHgzC3gTlCI1Wbw5BryZBbwJSpGaLN4cg/4IjwK8CUqRmizeHIP+CI8CvAlKkZos3hyD/giPArwJSpGaLN4cg/4IjwK8CUqRmizeHIP+CI8CvAlKkZos3hyD/giPArwJSpGa7Hq9fnx8fFHJ4+Pjer2eOooQ+iM8CqpqxJugjoA3ATSAN0EdqY9QABOAN0EFU3cEgAHgTVDB1B0BYAB4E1QwdUcAGMD//DUB1+iwv34AAAAASUVORK5CYII=
-
Mmmh, does it make sense that a VPN provider gets blocked by Snort?
-
I had that in the past with both IPsec as well as OpenVPN tunnels when there was some load on the tunnel that snort freaked out, iirc, but hasn't happen for quite some time to me :-D
-
@chemlud:
I had that in the past with both IPsec as well as OpenVPN tunnels when there was some load on the tunnel that snort freaked out, iirc, but hasn't happen for quite some time to me :-D
Snort isn't running on the VPN client interface (that Snort block was on my WAN) :o
-
I think I am getting a little bit further :P
(Not that I know what it means or how to solve it :-[ ).
I decided to let both OpenVPN-clients/interfaces run, [b]but not use them: they stayed up for hours, nothing to see in the logs.
Then I decided to route myself over them, to simply go to speedtest.net, et voila:
| Jan 2 16:52:16 | openvpn[80159]: write UDPv4: Operation not permitted (code=1) |
| Jan 2 16:52:16 | openvpn[80159]: Authenticate/Decrypt packet error: packet HMAC authentication failed |
| Jan 2 16:52:13 | openvpn[80159]: PID_ERR replay-window backtrack occurred [3] [SSL-0] [0_0_000000000000000000000000000000000000000000000000000000000000] 0:6029 0:6026 t=1420213933[0] r=[-1,64,15,3,1] sl=[51,64,64,528] |
| Jan 2 16:52:10 | openvpn[80159]: PID_ERR replay-window backtrack occurred [1] [SSL-0] [0_00000000000000000000000000000000000000000000000000000000000000] 0:2149 0:2148 t=1420213930[0] r=[-3,64,15,1,1] sl=[27,64,64,528] |So the solution is: pay for them, but don't use them ;D
No, seriously, would anybody have any idea?
-
:( >:( >:( >:( >:( >:( >:( >:( >:( >:( >:( >:( >:( >:( >:( >:( >:( >:( >:( >:( >:(
Ok, I deleted everything: all OpenVPN interfaces, all clients, all certificates, firewall rules, routing, etc etc etc.
Started all over again.
Rebooted the box first, and set up a new PrivateInternetAccess.
Here we go, after all that hard work:
Jan 2 20:34:31 openvpn[63003]: PID_ERR replay-window backtrack occurred [15] [SSL-0] [0__0000__000000_000000000000000000000001111111111111111111111111] 0:58727 0:58712 t=1420227271[0] r=[0,64,15,15,1] sl=[25,64,64,528]
Jan 2 20:34:27 openvpn[63003]: PID_ERR replay-window backtrack occurred [13] [SSL-0] [00_0000000000_00000000000000000000000000000000000000000000000000] 0:53838 0:53825 t=1420227267[0] r=[-1,64,15,13,1] sl=[50,64,64,528]
Jan 2 20:34:12 openvpn[63003]: PID_ERR replay-window backtrack occurred [8] [SSL-0] [00000000_0000000000000000000000000000000000000000000000000000000] 0:27929 0:27921 t=1420227252[0] r=[-1,64,15,8,1] sl=[39,64,64,528]
Jan 2 20:34:10 openvpn[63003]: PID_ERR replay-window backtrack occurred [6] [SSL-0] [000000_000000000000000000000000000000000000000000000000000000000] 0:24066 0:24060 t=1420227250[0] r=[-4,64,15,6,1] sl=[62,64,64,528]
Jan 2 20:34:09 openvpn[63003]: PID_ERR replay-window backtrack occurred [5] [SSL-0] [00000_0000000000000000000000000000000000000000000000000000000000] 0:21386 0:21381 t=1420227249[0] r=[-3,64,15,5,1] sl=[54,64,64,528]
Jan 2 20:34:08 openvpn[63003]: PID_ERR replay-window backtrack occurred [3] [SSL-0] [00__000000000000000000000000000000000000000000000000000000000000] 0:20765 0:20762 t=1420227248[0] r=[-2,64,15,3,1] sl=[35,64,64,528]
Jan 2 20:34:08 openvpn[63003]: PID_ERR replay-window backtrack occurred [2] [SSL-0] [0__0000000000000000000000000000000000000000000000000000000000000] 0:20677 0:20675 t=1420227248[0] r=[-2,64,15,2,1] sl=[59,64,64,528]
Jan 2 20:34:07 openvpn[63003]: PID_ERR replay-window backtrack occurred [1] [SSL-0] [0_00000000000000000000000001111111111111111111111111111111111111] 0:20455 0:20454 t=1420227247[0] r=[-1,64,15,1,1] sl=[25,64,64,528]
Jan 2 19:44:04 openvpn[63003]: Initialization Sequence Completed
Jan 2 19:44:04 openvpn[63003]: /sbin/route add -net 10.155.30.1 10.155.30.5 255.255.255.255And BAM, it's down again.
What is this CRAP?
:'( :'( :'( :'( :'( :'( :'( :'( :'( :'( :'( :'( :'( :'(
-
Can't somebody please help? Mods/Admins: is this a bug or?
Tried to fix this in the log:
WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1537', remote='link-mtu 1542'
So I set MTU 1542 and MSS 1400 (don't know why the latter, read it somewhere on the internets) in the PIA-interface, and added it to the options of the client too:
auth-user-pass /etc/openvpn-password.txt; verb 5; remote-cert-tls server; comp-lzo; link-mtu 1542;
Restart service, use the VPN: BAM:
| Jan 3 10:47:42 | openvpn[52285]: write UDPv4: Operation not permitted (code=1) |
| Jan 3 10:47:42 | openvpn[52285]: write UDPv4: Operation not permitted (code=1) |
| Jan 3 10:47:41 | openvpn[52285]: write UDPv4: Operation not permitted (code=1) |
| Jan 3 10:47:36 | openvpn[52285]: PID_ERR replay-window backtrack occurred [3] [SSL-0] [00__000000000000000000000000000000000000000000000000000000000000] 0:6863 0:6860 t=1420278456[0] r=[-1,64,15,3,1] sl=[49,64,64,528] |
| Jan 3 10:47:33 | openvpn[52285]: PID_ERR replay-window backtrack occurred [2] [SSL-0] [00_0000000000000000011111111111111111111111111111111111111111111] 0:5840 0:5838 t=1420278453[0] r=[-3,64,15,2,1] sl=[48,64,64,528] |
| Jan 3 10:47:26 | openvpn[52285]: PID_ERR replay-window backtrack occurred [1] [SSL-0] [0_00000000000000000000000000000000000000000000000000000000000000] 0:4484 0:4483 t=1420278446[0] r=[-1,64,15,1,1] sl=[60,64,64,528] | -
Ok, exactly the same settings on my second box, the Dell: everything works.
This is not a VPN-provider problem, but some bug in pfSense.
Probably an upgrade from 2.1.x to 2.1.x that went wrong again.
-
More crap on this completely fresh reinstall of pfSense 2.1.5 (and even more crap new messages, which I have in a word document and will post later): attached pic.
I can not assess if this is related to this:
https://redmine.pfsense.org/issues/3894
https://forum.pfsense.org/index.php?topic=75502.0I'm way to noob for that.