ALT Linux Bugzilla
– Attachment 16285 Details for
Bug 50674
Отвалился IPsec при обновлении до 5.9.14
New bug
|
Search
|
[?]
|
Help
Register
|
Log In
[x]
|
Forgot Password
Login:
[x]
|
EN
|
RU
Лог соединения после обновления до 5.9.14
strongswan-5.9.14-failed.txt (text/plain), 16.21 KB, created by
Sergei Naumov
on 2024-06-18 09:41:22 MSK
(
hide
)
Description:
Лог соединения после обновления до 5.9.14
Filename:
MIME Type:
Creator:
Sergei Naumov
Created:
2024-06-18 09:41:22 MSK
Size:
16.21 KB
patch
obsolete
>иÑн 18 09:24:58 yarilo NetworkManager[1274]: <info> [1718691898.0837] audit: op="statistics" interface="eth2" ifindex=3 args="2000" pid=21518 uid=500 result="success" >иÑн 18 09:24:58 yarilo NetworkManager[1274]: <info> [1718691898.0932] audit: op="statistics" interface="wlan0" ifindex=2 args="2000" pid=21518 uid=500 result="success" >иÑн 18 09:25:01 yarilo plasmashell[21518]: QDBusObjectPath: invalid path "" >иÑн 18 09:25:01 yarilo NetworkManager[1274]: <info> [1718691901.0310] vpn[0x55a9faa3eca0,f2bc4893-9323-419a-9405-7e1fb0d4b86e,"СаÑÑÑново"]: starting l2tp >иÑн 18 09:25:01 yarilo NetworkManager[1274]: <info> [1718691901.0316] audit: op="connection-activate" uuid="f2bc4893-9323-419a-9405-7e1fb0d4b86e" name="СаÑÑÑново" pid=21518 uid=500 result="success" >иÑн 18 09:25:01 yarilo kded5[21470]: org.kde.plasma.nm.kded: Unhandled VPN connection state change: NetworkManager::VpnConnection::NeedAuth >иÑн 18 09:25:01 yarilo kded5[21470]: kf.networkmanagerqt: void NetworkManager::ConnectionPrivate::onPropertiesChanged(const QVariantMap&) Unhandled property "VersionId" >иÑн 18 09:25:01 yarilo kded5[21470]: org.kde.plasma.nm.kded: Unhandled VPN connection state change: NetworkManager::VpnConnection::Connecting >иÑн 18 09:25:01 yarilo plasmashell[21518]: kf.networkmanagerqt: void NetworkManager::ConnectionPrivate::onPropertiesChanged(const QVariantMap&) Unhandled property "VersionId" >иÑн 18 09:25:01 yarilo nm-l2tp-service[23034]: Check port 1701 >иÑн 18 09:25:01 yarilo NetworkManager[23048]: Stopping strongSwan IPsec failed: starter is not running >иÑн 18 09:25:03 yarilo NetworkManager[23045]: Starting strongSwan 5.9.14 IPsec [starter]... >иÑн 18 09:25:03 yarilo NetworkManager[23045]: Loading config setup >иÑн 18 09:25:03 yarilo NetworkManager[23045]: Loading conn 'f2bc4893-9323-419a-9405-7e1fb0d4b86e' >иÑн 18 09:25:03 yarilo ipsec_starter[23045]: Starting strongSwan 5.9.14 IPsec [starter]... >иÑн 18 09:25:03 yarilo ipsec_starter[23045]: Loading config setup >иÑн 18 09:25:03 yarilo ipsec_starter[23045]: Loading conn 'f2bc4893-9323-419a-9405-7e1fb0d4b86e' >иÑн 18 09:25:03 yarilo ipsec_starter[23064]: Attempting to start charon... >иÑн 18 09:25:03 yarilo charon[23066]: 00[DMN] Starting IKE charon daemon (strongSwan 5.9.14, Linux 6.6.33-un-def-alt1, x86_64) >иÑн 18 09:25:03 yarilo charon[23066]: 00[CFG] PKCS11 module '<name>' lacks library path >иÑн 18 09:25:03 yarilo charon[23066]: 00[LIB] providers loaded by OpenSSL: legacy default >иÑн 18 09:25:03 yarilo charon[23066]: 00[LIB] plugin 'sqlite': failed to load - sqlite_plugin_create not found and no plugin file available >иÑн 18 09:25:03 yarilo charon[23066]: 00[LIB] created TUN device: ipsec0 >иÑн 18 09:25:03 yarilo charon[23066]: 00[CFG] using '/sbin/resolvconf' to install DNS servers >иÑн 18 09:25:03 yarilo NetworkManager[1274]: <info> [1718691903.1019] manager: (ipsec0): new Tun device (/org/freedesktop/NetworkManager/Devices/6) >иÑн 18 09:25:03 yarilo avahi-daemon[1141]: Joining mDNS multicast group on interface ipsec0.IPv6 with address fe80::a19c:1983:1a34:65af. >иÑн 18 09:25:03 yarilo avahi-daemon[1141]: New relevant interface ipsec0.IPv6 for mDNS. >иÑн 18 09:25:03 yarilo avahi-daemon[1141]: Registering new address record for fe80::a19c:1983:1a34:65af on ipsec0.*. >иÑн 18 09:25:03 yarilo charon[23066]: 00[LIB] plugin 'eap-tnc': failed to load - eap_tnc_plugin_create not found and no plugin file available >иÑн 18 09:25:03 yarilo charon[23066]: 00[LIB] plugin 'tnc-ifmap': failed to load - tnc_ifmap_plugin_create not found and no plugin file available >иÑн 18 09:25:03 yarilo charon[23066]: 00[LIB] plugin 'tnc-pdp': failed to load - tnc_pdp_plugin_create not found and no plugin file available >иÑн 18 09:25:03 yarilo charon[23066]: 00[LIB] plugin 'tnc-imc': failed to load - tnc_imc_plugin_create not found and no plugin file available >иÑн 18 09:25:03 yarilo charon[23066]: 00[LIB] plugin 'tnc-imv': failed to load - tnc_imv_plugin_create not found and no plugin file available >иÑн 18 09:25:03 yarilo charon[23066]: 00[LIB] plugin 'tnc-tnccs': failed to load - tnc_tnccs_plugin_create not found and no plugin file available >иÑн 18 09:25:03 yarilo charon[23066]: 00[LIB] plugin 'tnccs-20': failed to load - tnccs_20_plugin_create not found and no plugin file available >иÑн 18 09:25:03 yarilo charon[23066]: 00[LIB] plugin 'tnccs-11': failed to load - tnccs_11_plugin_create not found and no plugin file available >иÑн 18 09:25:03 yarilo charon[23066]: 00[LIB] plugin 'tnccs-dynamic': failed to load - tnccs_dynamic_plugin_create not found and no plugin file available >иÑн 18 09:25:03 yarilo charon[23066]: 00[CFG] loading ca certificates from '/etc/strongswan/ipsec.d/cacerts' >иÑн 18 09:25:03 yarilo charon[23066]: 00[CFG] loading aa certificates from '/etc/strongswan/ipsec.d/aacerts' >иÑн 18 09:25:03 yarilo charon[23066]: 00[CFG] loading ocsp signer certificates from '/etc/strongswan/ipsec.d/ocspcerts' >иÑн 18 09:25:03 yarilo charon[23066]: 00[CFG] loading attribute certificates from '/etc/strongswan/ipsec.d/acerts' >иÑн 18 09:25:03 yarilo charon[23066]: 00[CFG] loading crls from '/etc/strongswan/ipsec.d/crls' >иÑн 18 09:25:03 yarilo charon[23066]: 00[CFG] loading secrets from '/etc/strongswan/ipsec.secrets' >иÑн 18 09:25:03 yarilo charon[23066]: 00[CFG] loading secrets from '/etc/strongswan/ipsec.d/ipsec.nm-l2tp.secrets' >иÑн 18 09:25:03 yarilo charon[23066]: 00[CFG] loaded IKE secret for %any >иÑн 18 09:25:03 yarilo charon[23066]: 00[CFG] opening triplet file /etc/strongswan/ipsec.d/triplets.dat failed: No such file or directory >иÑн 18 09:25:03 yarilo charon[23066]: 00[CFG] loaded 0 RADIUS server configurations >иÑн 18 09:25:03 yarilo charon[23066]: 00[CFG] HA config misses local/remote address >иÑн 18 09:25:03 yarilo charon[23066]: 00[CFG] no script for ext-auth script defined, disabled >иÑн 18 09:25:03 yarilo charon[23066]: 00[LIB] loaded plugins: charon ldap pkcs11 tpm aesni aes des rc2 sha2 sha1 md5 mgf1 random nonce x509 revocation constraints acert pubkey pkcs1 pkcs7 pkcs12 pgp dnskey sshkey pem openssl gcrypt pkcs8 fips-prf gmp curve25519 agent chapoly xcbc cmac hmac kdf ctr ccm gcm ntru drbg newhope curl attr kernel-libipsec kernel-netlink resolve socket-default farp stroke vici smp updown eap-identity eap-sim eap-sim-pcsc eap-aka eap-aka-3gpp eap-aka-3gpp2 eap-md5 eap-gtc eap-mschapv2 eap-dynamic eap-radius eap-tls eap-ttls eap-peap xauth-generic xauth-eap xauth-pam xauth-noauth dhcp led duplicheck addrblock unity counters >иÑн 18 09:25:03 yarilo charon[23066]: 00[LIB] dropped capabilities, running as uid 0, gid 0 >иÑн 18 09:25:03 yarilo charon[23066]: 00[JOB] spawning 16 worker threads >иÑн 18 09:25:03 yarilo ipsec_starter[23064]: charon (23066) started after 40 ms >иÑн 18 09:25:03 yarilo charon[23066]: 11[CFG] received stroke: add connection 'f2bc4893-9323-419a-9405-7e1fb0d4b86e' >иÑн 18 09:25:03 yarilo charon[23066]: 11[CFG] added configuration 'f2bc4893-9323-419a-9405-7e1fb0d4b86e' >иÑн 18 09:25:04 yarilo charon[23066]: 12[CFG] rereading secrets >иÑн 18 09:25:04 yarilo charon[23066]: 12[CFG] loading secrets from '/etc/strongswan/ipsec.secrets' >иÑн 18 09:25:04 yarilo charon[23066]: 12[CFG] loading secrets from '/etc/strongswan/ipsec.d/ipsec.nm-l2tp.secrets' >иÑн 18 09:25:04 yarilo charon[23066]: 12[CFG] loaded IKE secret for %any >иÑн 18 09:25:04 yarilo charon[23066]: 14[CFG] received stroke: initiate 'f2bc4893-9323-419a-9405-7e1fb0d4b86e' >иÑн 18 09:25:04 yarilo charon[23066]: 01[IKE] initiating Main Mode IKE_SA f2bc4893-9323-419a-9405-7e1fb0d4b86e[1] to xx.xxx.xx.xxx >иÑн 18 09:25:04 yarilo charon[23066]: 01[IKE] initiating Main Mode IKE_SA f2bc4893-9323-419a-9405-7e1fb0d4b86e[1] to xx.xxx.xx.xxx >иÑн 18 09:25:04 yarilo charon[23066]: 01[ENC] generating ID_PROT request 0 [ SA V V V V V ] >иÑн 18 09:25:04 yarilo charon[23066]: 01[NET] sending packet: from 172.17.192.38[500] to xx.xxx.xx.xxx[500] (216 bytes) >иÑн 18 09:25:04 yarilo charon[23066]: 11[NET] received packet: from xx.xxx.xx.xxx[500] to 172.17.192.38[500] (160 bytes) >иÑн 18 09:25:04 yarilo charon[23066]: 11[ENC] parsed ID_PROT response 0 [ SA V V V V ] >иÑн 18 09:25:04 yarilo charon[23066]: 11[IKE] received NAT-T (RFC 3947) vendor ID >иÑн 18 09:25:04 yarilo charon[23066]: 11[IKE] received XAuth vendor ID >иÑн 18 09:25:04 yarilo charon[23066]: 11[IKE] received DPD vendor ID >иÑн 18 09:25:04 yarilo charon[23066]: 11[IKE] received FRAGMENTATION vendor ID >иÑн 18 09:25:04 yarilo charon[23066]: 11[CFG] selected proposal: IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024 >иÑн 18 09:25:04 yarilo charon[23066]: 11[ENC] generating ID_PROT request 0 [ KE No NAT-D NAT-D ] >иÑн 18 09:25:04 yarilo charon[23066]: 11[NET] sending packet: from 172.17.192.38[500] to xx.xxx.xx.xxx[500] (244 bytes) >иÑн 18 09:25:04 yarilo charon[23066]: 13[NET] received packet: from xx.xxx.xx.xxx[500] to 172.17.192.38[500] (236 bytes) >иÑн 18 09:25:04 yarilo charon[23066]: 13[ENC] parsed ID_PROT response 0 [ KE No NAT-D NAT-D ] >иÑн 18 09:25:04 yarilo charon[23066]: 13[IKE] local host is behind NAT, sending keep alives >иÑн 18 09:25:04 yarilo charon[23066]: 13[ENC] generating ID_PROT request 0 [ ID HASH ] >иÑн 18 09:25:04 yarilo charon[23066]: 13[NET] sending packet: from 172.17.192.38[4500] to xx.xxx.xx.xxx[4500] (76 bytes) >иÑн 18 09:25:04 yarilo charon[23066]: 12[NET] received packet: from xx.xxx.xx.xxx[4500] to 172.17.192.38[4500] (76 bytes) >иÑн 18 09:25:04 yarilo charon[23066]: 12[ENC] parsed ID_PROT response 0 [ ID HASH ] >иÑн 18 09:25:04 yarilo charon[23066]: 12[IKE] IKE_SA f2bc4893-9323-419a-9405-7e1fb0d4b86e[1] established between 172.17.192.38[172.17.192.38]...xx.xxx.xx.xxx[xx.xxx.xx.xxx] >иÑн 18 09:25:04 yarilo charon[23066]: 12[IKE] IKE_SA f2bc4893-9323-419a-9405-7e1fb0d4b86e[1] established between 172.17.192.38[172.17.192.38]...xx.xxx.xx.xxx[xx.xxx.xx.xxx] >иÑн 18 09:25:04 yarilo charon[23066]: 12[IKE] scheduling reauthentication in 10119s >иÑн 18 09:25:04 yarilo charon[23066]: 12[IKE] maximum IKE_SA lifetime 10659s >иÑн 18 09:25:04 yarilo charon[23066]: 12[ENC] generating QUICK_MODE request 851041177 [ HASH SA No ID ID NAT-OA NAT-OA ] >иÑн 18 09:25:04 yarilo charon[23066]: 12[NET] sending packet: from 172.17.192.38[4500] to xx.xxx.xx.xxx[4500] (204 bytes) >иÑн 18 09:25:04 yarilo charon[23066]: 15[NET] received packet: from xx.xxx.xx.xxx[4500] to 172.17.192.38[4500] (188 bytes) >иÑн 18 09:25:04 yarilo charon[23066]: 15[ENC] parsed QUICK_MODE response 851041177 [ HASH SA No ID ID NAT-OA NAT-OA ] >иÑн 18 09:25:04 yarilo charon[23066]: 15[CFG] selected proposal: ESP:AES_CBC_128/HMAC_SHA1_96/NO_EXT_SEQ >иÑн 18 09:25:04 yarilo charon[23066]: 15[ESP] IPsec SA: unsupported mode >иÑн 18 09:25:04 yarilo charon[23066]: 15[ESP] failed to create SAD entry >иÑн 18 09:25:04 yarilo NetworkManager[23101]: initiating Main Mode IKE_SA f2bc4893-9323-419a-9405-7e1fb0d4b86e[1] to xx.xxx.xx.xxx >иÑн 18 09:25:04 yarilo NetworkManager[23101]: generating ID_PROT request 0 [ SA V V V V V ] >иÑн 18 09:25:04 yarilo NetworkManager[23101]: sending packet: from 172.17.192.38[500] to xx.xxx.xx.xxx[500] (216 bytes) >иÑн 18 09:25:04 yarilo NetworkManager[23101]: received packet: from xx.xxx.xx.xxx[500] to 172.17.192.38[500] (160 bytes) >иÑн 18 09:25:04 yarilo NetworkManager[23101]: parsed ID_PROT response 0 [ SA V V V V ] >иÑн 18 09:25:04 yarilo NetworkManager[23101]: received NAT-T (RFC 3947) vendor ID >иÑн 18 09:25:04 yarilo NetworkManager[23101]: received XAuth vendor ID >иÑн 18 09:25:04 yarilo NetworkManager[23101]: received DPD vendor ID >иÑн 18 09:25:04 yarilo NetworkManager[23101]: received FRAGMENTATION vendor ID >иÑн 18 09:25:04 yarilo NetworkManager[23101]: selected proposal: IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024 >иÑн 18 09:25:04 yarilo NetworkManager[23101]: generating ID_PROT request 0 [ KE No NAT-D NAT-D ] >иÑн 18 09:25:04 yarilo NetworkManager[23101]: sending packet: from 172.17.192.38[500] to xx.xxx.xx.xxx[500] (244 bytes) >иÑн 18 09:25:04 yarilo NetworkManager[23101]: received packet: from xx.xxx.xx.xxx[500] to 172.17.192.38[500] (236 bytes) >иÑн 18 09:25:04 yarilo NetworkManager[23101]: parsed ID_PROT response 0 [ KE No NAT-D NAT-D ] >иÑн 18 09:25:04 yarilo NetworkManager[23101]: local host is behind NAT, sending keep alives >иÑн 18 09:25:04 yarilo NetworkManager[23101]: generating ID_PROT request 0 [ ID HASH ] >иÑн 18 09:25:04 yarilo NetworkManager[23101]: sending packet: from 172.17.192.38[4500] to xx.xxx.xx.xxx[4500] (76 bytes) >иÑн 18 09:25:04 yarilo NetworkManager[23101]: received packet: from xx.xxx.xx.xxx[4500] to 172.17.192.38[4500] (76 bytes) >иÑн 18 09:25:04 yarilo NetworkManager[23101]: parsed ID_PROT response 0 [ ID HASH ] >иÑн 18 09:25:04 yarilo NetworkManager[23101]: IKE_SA f2bc4893-9323-419a-9405-7e1fb0d4b86e[1] established between 172.17.192.38[172.17.192.38]...xx.xxx.xx.xxx[xx.xxx.xx.xxx] >иÑн 18 09:25:04 yarilo NetworkManager[23101]: scheduling reauthentication in 10119s >иÑн 18 09:25:04 yarilo NetworkManager[23101]: maximum IKE_SA lifetime 10659s >иÑн 18 09:25:04 yarilo NetworkManager[23101]: generating QUICK_MODE request 851041177 [ HASH SA No ID ID NAT-OA NAT-OA ] >иÑн 18 09:25:04 yarilo NetworkManager[23101]: sending packet: from 172.17.192.38[4500] to xx.xxx.xx.xxx[4500] (204 bytes) >иÑн 18 09:25:04 yarilo NetworkManager[23101]: received packet: from xx.xxx.xx.xxx[4500] to 172.17.192.38[4500] (188 bytes) >иÑн 18 09:25:04 yarilo NetworkManager[23101]: parsed QUICK_MODE response 851041177 [ HASH SA No ID ID NAT-OA NAT-OA ] >иÑн 18 09:25:04 yarilo NetworkManager[23101]: selected proposal: ESP:AES_CBC_128/HMAC_SHA1_96/NO_EXT_SEQ >иÑн 18 09:25:04 yarilo NetworkManager[23101]: IPsec SA: unsupported mode >иÑн 18 09:25:04 yarilo NetworkManager[23101]: failed to create SAD entry >иÑн 18 09:25:04 yarilo NetworkManager[23101]: IPsec SA: unsupported mode >иÑн 18 09:25:04 yarilo NetworkManager[23101]: failed to create SAD entry >иÑн 18 09:25:04 yarilo NetworkManager[23101]: unable to install inbound and outbound IPsec SA (SAD) in kernel >иÑн 18 09:25:04 yarilo NetworkManager[23101]: establishing connection 'f2bc4893-9323-419a-9405-7e1fb0d4b86e' failed >иÑн 18 09:25:04 yarilo charon[23066]: 15[ESP] IPsec SA: unsupported mode >иÑн 18 09:25:04 yarilo charon[23066]: 15[ESP] failed to create SAD entry >иÑн 18 09:25:04 yarilo charon[23066]: 15[IKE] unable to install inbound and outbound IPsec SA (SAD) in kernel >иÑн 18 09:25:04 yarilo charon[23066]: 15[ENC] generating INFORMATIONAL_V1 request 2509606500 [ HASH N(NO_PROP) ] >иÑн 18 09:25:04 yarilo charon[23066]: 15[NET] sending packet: from 172.17.192.38[4500] to xx.xxx.xx.xxx[4500] (76 bytes) >иÑн 18 09:25:04 yarilo NetworkManager[23108]: Stopping strongSwan IPsec... >иÑн 18 09:25:04 yarilo charon[23066]: 00[DMN] SIGINT received, shutting down >иÑн 18 09:25:04 yarilo charon[23066]: 00[IKE] deleting IKE_SA f2bc4893-9323-419a-9405-7e1fb0d4b86e[1] between 172.17.192.38[172.17.192.38]...xx.xxx.xx.xxx[xx.xxx.xx.xxx] >иÑн 18 09:25:04 yarilo charon[23066]: 00[IKE] deleting IKE_SA f2bc4893-9323-419a-9405-7e1fb0d4b86e[1] between 172.17.192.38[172.17.192.38]...xx.xxx.xx.xxx[xx.xxx.xx.xxx] >иÑн 18 09:25:04 yarilo charon[23066]: 00[IKE] sending DELETE for IKE_SA f2bc4893-9323-419a-9405-7e1fb0d4b86e[1] >иÑн 18 09:25:04 yarilo charon[23066]: 00[ENC] generating INFORMATIONAL_V1 request 3512585917 [ HASH D ] >иÑн 18 09:25:04 yarilo charon[23066]: 00[NET] sending packet: from 172.17.192.38[4500] to xx.xxx.xx.xxx[4500] (92 bytes) >иÑн 18 09:25:04 yarilo avahi-daemon[1141]: Interface ipsec0.IPv6 no longer relevant for mDNS. >иÑн 18 09:25:04 yarilo avahi-daemon[1141]: Leaving mDNS multicast group on interface ipsec0.IPv6 with address fe80::a19c:1983:1a34:65af. >иÑн 18 09:25:04 yarilo avahi-daemon[1141]: Withdrawing address record for fe80::a19c:1983:1a34:65af on ipsec0. >иÑн 18 09:25:04 yarilo ipsec_starter[23064]: child 23066 (charon) has quit (exit code 0) >иÑн 18 09:25:04 yarilo ipsec_starter[23064]: >иÑн 18 09:25:04 yarilo ipsec_starter[23064]: charon stopped after 200 ms >иÑн 18 09:25:04 yarilo ipsec_starter[23064]: ipsec starter stopped >иÑн 18 09:25:04 yarilo nm-l2tp-service[23034]: Could not establish IPsec connection. >иÑн 18 09:25:04 yarilo nm-l2tp-service[23034]: g_dbus_method_invocation_take_error: assertion 'error != NULL' failed
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Actions:
View
Attachments on
bug 50674
: 16285