search

harleylg / autoddvpn

Automatically exported from code.google.com/p/autoddvpn
0 stars 0 forks source link

用最新版本的DD-WRT后,AutoDDVPN失效 #79

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago 
請描述一下您進行怎樣的操作之後碰到了問題
A: 
1.更新到最新的DD-WRT v24-sp2 (06/14/11) mega - build 
17201,无论怎么清空nvram和重新设置,AutoDDVPN就是工作不起来�
��
2.重新刷回15962就正常。
3.查看http://svn.dd-wrt.com/timeline,好像15962到17201之间DD-WRT的OpenV
PN有过更新版本,不知道是不是这个影响到。其实在17201的前�
��个版本就发现问题了,当时没有报告。

你期待是怎樣的結果,然而卻出現了什麼情形?
A: 
我期待AutoDDVPN能够跟上最新的DD-WRT,呵呵。很喜欢AutoDDVPN,��
�望在DD-WRT新版本上也能用到。

請提供以下資訊:

1. 您的路由器型號:asus RT-N16
2. DD-WRT版本:DD-WRT v24-sp2 (06/14/11) mega - build 17201 K26核心
3. 您的作業系統:Windows 7 32bit
4. 您的瀏覽器版本:IE8
5. autoddvpn的連線模式(pptp+wget, pptp+jffs, 
openvpn+jffs等):openvpn+jffs
6. autoddvpn的運行模式,傳統模式(classicMode)還是優雅模式(g
raceMode):優雅模式(graceMode)用得多,但傳統模式(classicMode)好��
�也失效了。
7. DD-WRT WAN口連線模式是 pptp or dhcp or static :PPPoE
8. 運行autoddvpn之後DD-WRT 的命令輸出 # route -n  | tail -n 20 :
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
218.1.0.249     0.0.0.0         255.255.255.255 UH    0      0        0 ppp0
218.1.0.249     0.0.0.0         255.255.255.255 UH    0      0        0 ppp0
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 br0
169.254.0.0     0.0.0.0         255.255.0.0     U     0      0        0 br0
127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
0.0.0.0         218.1.0.249     0.0.0.0         UG    0      0        0 ppp0
(以上1-8點必填,否則可能沒辦法即時協助你解決問題)

如果方便的話,請參考這裡的說明,貼上autoddvpn.log內容
(說明:http://code.google.com/p/autoddvpn/wiki/DEBUG)
Mon Jun 20 21:37:38 2011 OpenVPN 2.2.0 mipsel-linux [SSL] [LZO2] built on Jun 
14 2011
Mon Jun 20 21:37:38 2011 WARNING: file '/jffs/openvpn/password.txt' is group or 
others accessible
Mon Jun 20 21:37:38 2011 NOTE: OpenVPN 2.1 requires '--script-security 2' or 
higher to call user-defined scripts or executables
Mon Jun 20 21:37:38 2011 LZO compression initialized
Mon Jun 20 21:37:38 2011 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 
ET:0 EL:0 ]
Mon Jun 20 21:37:38 2011 Socket Buffers: R=[114688->131072] S=[114688->131072]
Mon Jun 20 21:37:39 2011 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 
ET:0 EL:0 AF:3/1 ]
Mon Jun 20 21:37:39 2011 Local Options hash (VER=V4): '41690919'
Mon Jun 20 21:37:39 2011 Expected Remote Options hash (VER=V4): '530fdded'
Mon Jun 20 21:37:39 2011 UDPv4 link local: [undef]
Mon Jun 20 21:37:39 2011 UDPv4 link remote: 216.24.199.164:53
Mon Jun 20 21:37:39 2011 TLS: Initial packet from 216.24.199.164:53, 
sid=06317549 d1ec76a6
Mon Jun 20 21:37:40 2011 VERIFY OK: depth=1, 
/C=CN/ST=GUANGDONG/L=SHENZHEN/O=VPNCUP.COM/CN=VPNCUP.COM_CA/emailAddress=admin@v
pncup.com
Mon Jun 20 21:37:40 2011 VERIFY OK: nsCertType=SERVER
Mon Jun 20 21:37:40 2011 Validating certificate key usage
Mon Jun 20 21:37:40 2011 ++ Certificate has key usage  00a0, expects 00a0
Mon Jun 20 21:37:40 2011 VERIFY KU OK
Mon Jun 20 21:37:40 2011 Validating certificate extended key usage
Mon Jun 20 21:37:40 2011 ++ Certificate has EKU (str) TLS Web Server 
Authentication, expects TLS Web Server Authentication
Mon Jun 20 21:37:40 2011 VERIFY EKU OK
Mon Jun 20 21:37:40 2011 VERIFY OK: depth=0, 
/C=CN/ST=GUANGDONG/L=SHENZHEN/O=VPNCUP.COM/CN=server/emailAddress=admin@vpncup.c
om
Mon Jun 20 21:37:41 2011 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 
128 bit key
Mon Jun 20 21:37:41 2011 Data Channel Encrypt: Using 160 bit message hash 
'SHA1' for HMAC authentication
Mon Jun 20 21:37:41 2011 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 
128 bit key
Mon Jun 20 21:37:41 2011 Data Channel Decrypt: Using 160 bit message hash 
'SHA1' for HMAC authentication
Mon Jun 20 21:37:41 2011 Control Channel: TLSv1, cipher TLSv1/SSLv3 
DHE-RSA-AES256-SHA, 1024 bit RSA
Mon Jun 20 21:37:41 2011 [server] Peer Connection Initiated with 
216.24.199.164:53
Mon Jun 20 21:37:44 2011 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Mon Jun 20 21:37:44 2011 PUSH: Received control message: 
'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 
8.8.8.8,dhcp-option DNS 8.8.4.4,route 192.168.8.1,topology net30,ping 
10,ping-restart 40,ifconfig 192.168.8.6 192.168.8.5'
Mon Jun 20 21:37:44 2011 Options error: option 'redirect-gateway' cannot be 
used in this context
Mon Jun 20 21:37:44 2011 Options error: option 'route' cannot be used in this 
context
Mon Jun 20 21:37:44 2011 OPTIONS IMPORT: timers and/or timeouts modified
Mon Jun 20 21:37:44 2011 OPTIONS IMPORT: --ifconfig/up options modified
Mon Jun 20 21:37:44 2011 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option 
options modified
Mon Jun 20 21:37:44 2011 TUN/TAP device tun0 opened
Mon Jun 20 21:37:44 2011 TUN/TAP TX queue length set to 100
Mon Jun 20 21:37:44 2011 /sbin/ifconfig tun0 192.168.8.6 pointopoint 
192.168.8.5 mtu 1500
Mon Jun 20 21:37:44 2011 iptables -A POSTROUTING -t nat -o tun0 -j MASQUERADE; 
/jffs/openvpn/vpnup.sh openvpn tun0 1500 1542 192.168.8.6 192.168.8.5 init
Mon Jun 20 21:37:44 2011 WARNING: External program may not be called unless 
'--script-security 2' or higher is enabled.  Use '--script-security 3 system' 
for backward compatibility with 2.1_rc8 and earlier.  See --help text or man 
page for detailed info.
Mon Jun 20 21:37:44 2011 WARNING: Failed running command (--up/--down): 
external program fork failed
Mon Jun 20 21:37:44 2011 Exiting

最後如果可能的話,請附上截屏或任何可能有幫助的夾檔

Original issue reported on code.google.com by youngli...@gmail.com on 20 Jun 2011 at 9:42

GoogleCodeExporter commented 9 years ago 
如果你的DDWRT是svn 17xxx版本的,openvpn.conf 加上 script-security 3 
system 否則會無法連上

Original comment by pahud...@gmail.com on 21 Jun 2011 at 1:10

GoogleCodeExporter commented 9 years ago 
哈,真的哦,openvpn.conf 加上 script-security 3 system 
就可以了呢。谢谢!

Original comment by youngli...@gmail.com on 21 Jun 2011 at 6:19