Modify

Opened 4 years ago

Last modified 4 years ago

#14592 new defect

OPENVPN START PROBLEM after rev 38331 and rev 38632

Reported by: desigabri Owned by: developers
Priority: normal Milestone: Barrier Breaker 14.07
Component: other Version: Trunk
Keywords: management remote tcp-client tcp-server point to point openvp recipes openvpn-basic openvpn-advanced lua model Cc:

Description

Hi, until rev 38330 the Openvpn service started regulary, but after 38331 It started showing wrong page (on firefox) and anyway no working results on IE. I managed looking for which lines are generating that trouble and found into the openvpn "init" file the DELETED LINE:

EXTRA_COMMANDS="up down"

its deletion produces a wrong output html page pushing the START openvpn button command (it likes a HTML source, may be that firefox needs it to understand the webpage (????) I putted the output page as attachment so you can see it.

The deletion of this line produces the same effects olso if deleted onto a revision earlier of 38331;

So I tried inserting this line again, and then I can see the html page again; Anyway the openvpn service can't start and the log tells me that I have to add a --dev option that I regulary selected so I think that in some ways the new script is not able to pass this SELECTED options to openvpn. May be that it isn't able to pass others options but actually it stops there so I can't see more log results.

QUESTION: could it be possible to save into the log lines the real command line that the script PASS to openvpn command? this to understand IF some of the options selected aren't passed to the command line.

I have to say that I'm using a Point to Point VPN configuration (one server and one client) dev=tun and proto=tcp (proto tcp is needed to pass proxies so I need it)

notes:

  • for proto=tcp-client and tcp-server you need to edit the wrong openvpn-basic and openvpn-advanced lua model scripts (nobody will do it because openvpn isn't supported I heard it so mutch times)
  • You have to delete the "managementremote" from "openvpn_recipes" because it doesn't works (ALMOST in point to point configuration)

PLEASE DON'T STOP THIS TREATH IN A WHILE, I KNOW THAT I COULD LACK ANY IMPORTANT INFORMATIONS, I'LL BE HAPPY TO ADD INFORMATIONS AND PARTICULARS IF ANYONE CAN START HELPING ABOUT IT AND ASKING EXACTLY WHICH OTHER INFORMATION HE NEEDS FOR HELPING

thanks in advance

Attachments (4)

openwrt openvpn problem files.rar (20.1 KB) - added by desigabri 4 years ago.
Firefox wrong html output page.rar (2.8 KB) - added by desigabri 4 years ago.
the wrong firefox output page
working configuration.rar (428 bytes) - added by desigabri 4 years ago.
working config
edited scripts and defaults.rar (7.7 KB) - added by desigabri 4 years ago.
edited script files

Download all attachments as: .zip

Change History (9)

Changed 4 years ago by desigabri

comment:1 Changed 4 years ago by desigabri

:( I attached some wrong files.... need to send others please don't consider them wait for the new ones

comment:2 Changed 4 years ago by desigabri

Sorry, I need to rewrite the request:

I guessed some personal misunderstanding about this trouble, may be that I'm not right now too and I'll need to correct myself again, but anyway I try to explane it again:

There is a kind of incompatibility with firefox about the Openvpn luci page.

As I wrote if I try to start the service trought the "start" button, then I get an output that seems to be the html page source;
Internet Explorer doesn't show the same trouble, but ad only a little part of a message at the top page:

Available commands: start Start the service stop Stop the service restart Restart the service reload Reload configuration files (or restart if that fails) enable Enable service autostart disable Disable service autostart Status: 200 OK X-CBI-State: 1 Content-Type: text/html Cache-Control: no-cache Expires: 0     

What I think is appening is that it isn't anymore possible to start and stop the sigle openvpn configuration from this page.
I need to restart the service from the Startup luci page.

So I want to say that the troubles in my opinion are:

1) Incompatibility with firefox with the openvpn page or with the "start" button script

2) The need to delete the "START" buttons from the openvpn page, or the need to repair the script to let the button working again

3) Editing the openvpn-basic and openvpn-advanced script files to pass the right commands and the right scenarios of the command displayes in the configuration pages

4) An old problem about the configuration displayed at openvpn page, about the configuration names, and about the default configurations loaded for the different kind of VPN. About this last problem the developers just said that it won't be fixed.

I previously sent wrong files because I didn't understand that it was impossible to start/stop openvpn by the "Start" buttons, so just editing the init files I wasn't able to appreciate how it was working in the new edited configurations: I had to restart the service, so I used edited files and obtained wrong logs for reading and to show to you :( :( :(

At this time I can see which settings are passed to the openvpn command and so I was able to change others script parts.

Remember that I'm using only a Point to Point Server-Client VPN so I'm not sure about the right place for all the others parameters that I don't need in my configurations. So I attached my modified files that let the use of the configurations pages (Point to Point Client-Server PolarSSL TCP TUN behing Proxy) to have it working.

Changed 4 years ago by desigabri

the wrong firefox output page

Changed 4 years ago by desigabri

working config

Changed 4 years ago by desigabri

edited script files

comment:3 follow-up: Changed 4 years ago by desigabri

talking about the VPN client side, I get this log error:

daemon.err openvpn(Server_VPN170)[1874]: Options error: specify only one of --tls-server, --tls-client, or --secret
daemon.warn openvpn(Server_VPN170)[1874]: Use --help for more information.

I'm using only the --secret option and nothing tells me that I'm using olso --tls-server and --tls-client options... not the web pages, not the configs but only the log :(

Could it be possible that they are hard coded in other others scripts?

comment:4 in reply to: ↑ 3 Changed 4 years ago by desigabri

:( OK I was wrong olso about THIS problem: it's due to some openvpn "macro options" that are "client" and "server": these options sets in a while other default group of options and one of them is TSL...

Replying to desigabri:

talking about the VPN client side, I get this log error:

daemon.err openvpn(Server_VPN170)[1874]: Options error: specify only one of --tls-server, --tls-client, or --secret
daemon.warn openvpn(Server_VPN170)[1874]: Use --help for more information.

I'm using only the --secret option and nothing tells me that I'm using olso --tls-server and --tls-client options... not the web pages, not the configs but only the log :(

Could it be possible that they are hard coded in other others scripts?

comment:5 Changed 4 years ago by jow

  • Milestone changed from Attitude Adjustment 12.09 to Barrier Breaker 14.07

Milestone Attitude Adjustment 12.09 deleted

Add Comment

Modify Ticket

Action
as new .
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.