oscserv error: "could not determine the owner of received UDP packet"

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, 2014-11-13 at 11:23 +0200, ?smail D?nmez wrote:
> Hi,
> 
> On Wed, Nov 12, 2014 at 11:41 PM, Nikos Mavrogiannopoulos
> <nmav at gnutls.org> wrote:
> > On Wed, 2014-11-12 at 16:08 +0200, ?smail D?nmez wrote:
> >
> >> Nov 12 14:04:25 i10z ocserv[54495]: main: 212.156.31.134:3351[ismail]
> >> received UDP connection too soon from 212.156.31.134:37353
> >> Nov 12 14:04:25 i10z ocserv[54495]: main: 212.156.31.134:37353: too short packet
> >> Nov 12 14:04:25 i10z ocserv[54495]: main: new DTLS session from
> >> 212.156.31.134:37353 (record v254.253, hello v0.1)
> >> Nov 12 14:04:25 i10z ocserv[54495]: main: 212.156.31.134:37353:
> >> unexpected DTLS content type: 23; a firewall disassociated a UDP
> >> session
> >> Now the last 4 lines are repeated forever and connection never
> >> recovers. Using openconnect.git didn't help.
> >> Using ocserv.git atm.

>From your full log I realize that your case is different, and you'll be
able to figure the issue. There are two clients connecting. The first
disconnects the TCP session, but then from the same IP you seem to start
receiving UDP packets which are not associated with a session. That's
why ocserv tries to forward the packets to the only other existing
session from the same IP. Because that session is active already it
rejects that forward.

So the issue is to figure who is sending the UDP packets without an
associated TCP session.

regards,
Nikos

Nov 13 09:18:44 i10z ocserv[1164]: worker: 212.156.31.134:35277
User-agent: 'Open AnyConnect VPN Agent v6.00-214-g17a18f1'
Nov 13 09:04:04 i10z ocserv[697]: worker: 212.156.31.134:42709[ismail]
User-agent: 'Open AnyConnect VPN Agent v6.00-214-g17a18f1'

Nov 13 09:18:44 i10z ocserv[1164]: worker: 212.156.31.134:35277[ismail]
suggesting DPD of 440 secs

Nov 13 09:18:44 i10z ocserv[54495]: main: 212.156.31.134:42709[ismail]
main-misc.c:425: command socket closed
Nov 13 09:18:44 i10z ocserv[54495]: main: 212.156.31.134:42709[ismail]
removing client 'ismail' with id '697'

Nov 13 09:18:48 i10z ocserv[54495]: main: 212.156.31.134:22839:
unexpected DTLS content type: 23; a firewall disassociated a UDP session


Nov 13 09:18:48 i10z ocserv[1164]: worker: 212.156.31.134:35277[ismail]
received UDP fd message but our session is active!





[Index of Archives]     [Linux Samsung SoC]     [Linux Rockchip SoC]     [Linux Actions SoC]     [Linux for Synopsys ARC Processors]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]


  Powered by Linux