Jump to content

FreeBSD 8.0 + mpd5

Wyclef
 Share

Recommended Posts

Wyclef

Wyclef

Posted
Posted

Есть сервер FreeBSD 8.0-RELEASE-p3 (шлюз) - две сетевые карты, внешний ip - "белый", внутренний - из 10.0.0.0/24 - локалка 10.0.0.0/8

 

установлен mpd5 из портов, работает, используется для выдачи "белых" ip-адресов клиентам

 

конфигурация:

 

mpd.conf

startup:
    set user admin xxxxxx
    set console self 127.0.0.1 5005
    set console open
    set web self 10.0.0.10 5006
    set web open

default:
    load pptp0

pptp0:
    set ippool add poolstat 95.xxx.xxx.xxx 95.xxx.xxx.xxx
    create bundle template B
    set iface disable proxy-arp
    set iface idle 0
    set iface enable tcpmssfix
    set ipcp yes vjcomp
    set ipcp ranges 10.0.0.10/32 ippool poolstat
    set ipcp dns 10.0.0.10
    set bundle enable compression
    set ccp yes mppc
    set mppc yes compress e40 e56 e128 stateless
    create link template L pptp
    set link disable multilink
    set link yes acfcomp protocomp
    set link action bundle B
    set link no pap chap
    set link enable chap
    set link enable chap-msv1
    set link enable chap-msv2
    set link keep-alive 10 75
    set link mtu 1460
    set pptp self 10.0.0.10
    load radius
    set link enable incoming

radius:
    set radius server localhost xxxxxx 1812 1813
    set radius retries 3
    set radius timeout 3
    set radius me 10.0.0.10
    set auth acct-update 300
    set auth enable radius-auth
    set auth enable radius-acct
    set radius enable message-authentic

 

log mpd при первом подключении клиента

Sep  1 10:43:51 srv1 mpd: [L-1] Accepting PPTP connection
Sep  1 10:43:51 srv1 mpd: [L-1] Link: OPEN event
Sep  1 10:43:51 srv1 mpd: [L-1] LCP: Open event
Sep  1 10:43:51 srv1 mpd: [L-1] LCP: state change Initial --> Starting
Sep  1 10:43:51 srv1 mpd: [L-1] LCP: LayerStart
Sep  1 10:43:51 srv1 mpd: [L-1] PPTP: attaching to peer's outgoing call
Sep  1 10:43:51 srv1 mpd: [L-1] Link: UP event
Sep  1 10:43:51 srv1 mpd: [L-1] LCP: Up event
Sep  1 10:43:51 srv1 mpd: [L-1] LCP: state change Starting --> Req-Sent
Sep  1 10:43:51 srv1 mpd: [L-1] LCP: SendConfigReq #1
Sep  1 10:43:51 srv1 mpd: [L-1]   ACFCOMP
Sep  1 10:43:51 srv1 mpd: [L-1]   PROTOCOMP
Sep  1 10:43:51 srv1 mpd: [L-1]   MRU 1500
Sep  1 10:43:51 srv1 mpd: [L-1]   MAGICNUM 3f383f58
Sep  1 10:43:51 srv1 mpd: [L-1]   AUTHPROTO CHAP MSOFTv2
Sep  1 10:43:51 srv1 mpd: [L-1]   MP MRRU 2048
Sep  1 10:43:51 srv1 mpd: [L-1]   MP SHORTSEQ
Sep  1 10:43:51 srv1 mpd: [L-1]   ENDPOINTDISC [802.1] 00 15 17 de 59 f8
Sep  1 10:43:51 srv1 mpd: [L-1] LCP: rec'd Configure Request #0 (Req-Sent)
Sep  1 10:43:51 srv1 mpd: [L-1]   MRU 1400
Sep  1 10:43:51 srv1 mpd: [L-1]   MAGICNUM 4ff910ae
Sep  1 10:43:51 srv1 mpd: [L-1]   PROTOCOMP
Sep  1 10:43:51 srv1 mpd: [L-1]   ACFCOMP
Sep  1 10:43:51 srv1 mpd: [L-1]   CALLBACK 6
Sep  1 10:43:51 srv1 mpd: [L-1] LCP: SendConfigRej #0
Sep  1 10:43:51 srv1 mpd: [L-1]   CALLBACK 6
Sep  1 10:43:51 srv1 mpd: [L-1] LCP: rec'd Configure Request #1 (Req-Sent)
Sep  1 10:43:51 srv1 mpd: [L-1]   MRU 1400
Sep  1 10:43:51 srv1 mpd: [L-1]   MAGICNUM 4ff910ae
Sep  1 10:43:51 srv1 mpd: [L-1]   PROTOCOMP
Sep  1 10:43:51 srv1 mpd: [L-1]   ACFCOMP
Sep  1 10:43:51 srv1 mpd: [L-1] LCP: SendConfigAck #1
Sep  1 10:43:51 srv1 mpd: [L-1]   MRU 1400
Sep  1 10:43:51 srv1 mpd: [L-1]   MAGICNUM 4ff910ae
Sep  1 10:43:51 srv1 mpd: [L-1]   PROTOCOMP
Sep  1 10:43:51 srv1 mpd: [L-1]   ACFCOMP
Sep  1 10:43:51 srv1 mpd: [L-1] LCP: state change Req-Sent --> Ack-Sent
Sep  1 10:43:53 srv1 mpd: [L-1] LCP: SendConfigReq #2
Sep  1 10:43:53 srv1 mpd: [L-1]   ACFCOMP
Sep  1 10:43:53 srv1 mpd: [L-1]   PROTOCOMP
Sep  1 10:43:53 srv1 mpd: [L-1]   MRU 1500
Sep  1 10:43:53 srv1 mpd: [L-1]   MAGICNUM 3f383f58
Sep  1 10:43:53 srv1 mpd: [L-1]   AUTHPROTO CHAP MSOFTv2
Sep  1 10:43:53 srv1 mpd: [L-1]   MP MRRU 2048
Sep  1 10:43:53 srv1 mpd: [L-1]   MP SHORTSEQ
Sep  1 10:43:53 srv1 mpd: [L-1]   ENDPOINTDISC [802.1] 00 15 17 de 59 f8
Sep  1 10:43:53 srv1 mpd: [L-1] LCP: rec'd Configure Reject #2 (Ack-Sent)
Sep  1 10:43:53 srv1 mpd: [L-1]   MP MRRU 2048
Sep  1 10:43:53 srv1 mpd: [L-1]   MP SHORTSEQ
Sep  1 10:43:53 srv1 mpd: [L-1]   ENDPOINTDISC [802.1] 00 15 17 de 59 f8
Sep  1 10:43:53 srv1 mpd: [L-1] LCP: SendConfigReq #3
Sep  1 10:43:53 srv1 mpd: [L-1]   ACFCOMP
Sep  1 10:43:53 srv1 mpd: [L-1]   PROTOCOMP
Sep  1 10:43:53 srv1 mpd: [L-1]   MRU 1500
Sep  1 10:43:53 srv1 mpd: [L-1]   MAGICNUM 3f383f58
Sep  1 10:43:53 srv1 mpd: [L-1]   AUTHPROTO CHAP MSOFTv2
Sep  1 10:43:53 srv1 mpd: [L-1] LCP: rec'd Configure Ack #3 (Ack-Sent)
Sep  1 10:43:53 srv1 mpd: [L-1]   ACFCOMP
Sep  1 10:43:53 srv1 mpd: [L-1]   PROTOCOMP
Sep  1 10:43:53 srv1 mpd: [L-1]   MRU 1500
Sep  1 10:43:53 srv1 mpd: [L-1]   MAGICNUM 3f383f58
Sep  1 10:43:53 srv1 mpd: [L-1]   AUTHPROTO CHAP MSOFTv2
Sep  1 10:43:53 srv1 mpd: [L-1] LCP: state change Ack-Sent --> Opened
Sep  1 10:43:53 srv1 mpd: [L-1] LCP: auth: peer wants nothing, I want CHAP
Sep  1 10:43:53 srv1 mpd: [L-1] CHAP: sending CHALLENGE #1 len: 21
Sep  1 10:43:53 srv1 mpd: [L-1] LCP: LayerUp
Sep  1 10:43:53 srv1 mpd: [L-1] LCP: rec'd Ident #2 (Opened)
Sep  1 10:43:53 srv1 mpd: [L-1]   MESG: MSRASV5.10
Sep  1 10:43:53 srv1 mpd: [L-1] LCP: rec'd Ident #3 (Opened)
Sep  1 10:43:53 srv1 mpd: [L-1]   MESG: MSRAS-0-LAPTOP
Sep  1 10:43:53 srv1 mpd: [L-1] CHAP: rec'd RESPONSE #1 len: 58
Sep  1 10:43:53 srv1 mpd: [L-1]   Name: "test"
Sep  1 10:43:53 srv1 mpd: [L-1] AUTH: Trying RADIUS
Sep  1 10:43:53 srv1 mpd: [L-1] RADIUS: Authenticating user 'test'
Sep  1 10:43:53 srv1 mpd: [L-1] RADIUS: Rec'd RAD_ACCESS_ACCEPT for user 'test'
Sep  1 10:43:53 srv1 mpd: [L-1] AUTH: RADIUS returned: authenticated
Sep  1 10:43:53 srv1 mpd: [L-1] CHAP: Auth return status: authenticated
Sep  1 10:43:53 srv1 mpd: [L-1] CHAP: Reply message: S=935A56F6DAB2802AD6675D979DB3067113EB0121
Sep  1 10:43:53 srv1 mpd: [L-1] CHAP: sending SUCCESS #1 len: 46
Sep  1 10:43:53 srv1 mpd: [L-1] LCP: authorization successful
Sep  1 10:43:53 srv1 mpd: [L-1] Link: Matched action 'bundle "B" ""'
Sep  1 10:43:53 srv1 mpd: [L-1] Creating new bundle using template "B".
Sep  1 10:43:53 srv1 mpd: [B-1] Bundle: Interface ng0 created
Sep  1 10:43:53 srv1 mpd: [L-1] Link: Join bundle "B-1"
Sep  1 10:43:53 srv1 mpd: [B-1] Bundle: Status update: up 1 link, total bandwidth 64000 bps
Sep  1 10:43:53 srv1 mpd: [B-1] IPCP: Open event
Sep  1 10:43:53 srv1 mpd: [B-1] IPCP: state change Initial --> Starting
Sep  1 10:43:53 srv1 mpd: [B-1] IPCP: LayerStart
Sep  1 10:43:53 srv1 mpd: [B-1] CCP: Open event
Sep  1 10:43:53 srv1 mpd: [B-1] CCP: state change Initial --> Starting
Sep  1 10:43:53 srv1 mpd: [B-1] CCP: LayerStart
Sep  1 10:43:53 srv1 mpd: [B-1] IPCP: Up event
Sep  1 10:43:53 srv1 mpd: [B-1] IPCP: state change Starting --> Req-Sent
Sep  1 10:43:53 srv1 mpd: [B-1] IPCP: SendConfigReq #1
Sep  1 10:43:53 srv1 mpd: [B-1]   IPADDR 10.0.0.10
Sep  1 10:43:53 srv1 mpd: [B-1]   COMPPROTO VJCOMP, 16 comp. channels, no comp-cid
Sep  1 10:43:53 srv1 mpd: [B-1] CCP: Up event
Sep  1 10:43:53 srv1 mpd: [B-1] CCP: state change Starting --> Req-Sent
Sep  1 10:43:53 srv1 mpd: [B-1] CCP: SendConfigReq #1
Sep  1 10:43:53 srv1 mpd: [B-1]   MPPC
Sep  1 10:43:53 srv1 mpd: [B-1]     0x010000e0:MPPE(40, 56, 128 bits), stateless
Sep  1 10:43:53 srv1 mpd: [L-1] RADIUS: Accounting user 'test' (Type: 1)
Sep  1 10:43:53 srv1 mpd: [B-1] CCP: rec'd Configure Request #4 (Req-Sent)
Sep  1 10:43:53 srv1 mpd: [B-1]   MPPC
Sep  1 10:43:53 srv1 mpd: [B-1]     0x010000e1:MPPC, MPPE(40, 56, 128 bits), stateless
Sep  1 10:43:53 srv1 mpd: [B-1] CCP: SendConfigNak #4
Sep  1 10:43:53 srv1 mpd: [B-1]   MPPC
Sep  1 10:43:53 srv1 mpd: [B-1]     0x01000040:MPPE(128 bits), stateless
Sep  1 10:43:53 srv1 mpd: [L-1] RADIUS: Rec'd RAD_ACCOUNTING_RESPONSE for user 'test'
Sep  1 10:43:53 srv1 mpd: [B-1] IPCP: rec'd Configure Request #5 (Req-Sent)
Sep  1 10:43:53 srv1 mpd: [B-1]   IPADDR 0.0.0.0
Sep  1 10:43:53 srv1 mpd: [B-1]     NAKing with 95.xxx.xxx.xxx
Sep  1 10:43:53 srv1 mpd: [B-1]   PRIDNS 0.0.0.0
Sep  1 10:43:53 srv1 mpd: [B-1]     NAKing with 10.0.0.10
Sep  1 10:43:53 srv1 mpd: [B-1]   PRINBNS 0.0.0.0
Sep  1 10:43:53 srv1 mpd: [B-1]   SECDNS 0.0.0.0
Sep  1 10:43:53 srv1 mpd: [B-1]   SECNBNS 0.0.0.0
Sep  1 10:43:53 srv1 mpd: [B-1] IPCP: SendConfigRej #5
Sep  1 10:43:53 srv1 mpd: [B-1]   PRINBNS 0.0.0.0
Sep  1 10:43:53 srv1 mpd: [B-1]   SECDNS 0.0.0.0
Sep  1 10:43:53 srv1 mpd: [B-1]   SECNBNS 0.0.0.0
Sep  1 10:43:53 srv1 mpd: [B-1] IPCP: rec'd Configure Reject #1 (Req-Sent)
Sep  1 10:43:53 srv1 mpd: [B-1]   COMPPROTO VJCOMP, 16 comp. channels, no comp-cid
Sep  1 10:43:53 srv1 mpd: [B-1] IPCP: SendConfigReq #2
Sep  1 10:43:53 srv1 mpd: [B-1]   IPADDR 10.0.0.10
Sep  1 10:43:53 srv1 mpd: [B-1] CCP: rec'd Configure Nak #1 (Req-Sent)
Sep  1 10:43:53 srv1 mpd: [B-1]   MPPC
Sep  1 10:43:53 srv1 mpd: [B-1]     0x01000040:MPPE(128 bits), stateless
Sep  1 10:43:53 srv1 mpd: [B-1] CCP: SendConfigReq #2
Sep  1 10:43:53 srv1 mpd: [B-1]   MPPC
Sep  1 10:43:53 srv1 mpd: [B-1]     0x01000040:MPPE(128 bits), stateless
Sep  1 10:43:53 srv1 mpd: [B-1] CCP: rec'd Configure Request #6 (Req-Sent)
Sep  1 10:43:53 srv1 mpd: [B-1]   MPPC
Sep  1 10:43:53 srv1 mpd: [B-1]     0x01000040:MPPE(128 bits), stateless
Sep  1 10:43:53 srv1 mpd: [B-1] CCP: SendConfigAck #6
Sep  1 10:43:53 srv1 mpd: [B-1]   MPPC
Sep  1 10:43:53 srv1 mpd: [B-1]     0x01000040:MPPE(128 bits), stateless
Sep  1 10:43:53 srv1 mpd: [B-1] CCP: state change Req-Sent --> Ack-Sent
Sep  1 10:43:53 srv1 mpd: [B-1] IPCP: rec'd Configure Request #7 (Req-Sent)
Sep  1 10:43:53 srv1 mpd: [B-1]   IPADDR 0.0.0.0
Sep  1 10:43:53 srv1 mpd: [B-1]     NAKing with 95.xxx.xxx.xxx
Sep  1 10:43:53 srv1 mpd: [B-1]   PRIDNS 0.0.0.0
Sep  1 10:43:53 srv1 mpd: [B-1]     NAKing with 10.0.0.10
Sep  1 10:43:53 srv1 mpd: [B-1] IPCP: SendConfigNak #7
Sep  1 10:43:53 srv1 mpd: [B-1]   IPADDR 95.xxx.xxx.xxx
Sep  1 10:43:53 srv1 mpd: [B-1]   PRIDNS 10.0.0.10
Sep  1 10:43:53 srv1 mpd: [B-1] IPCP: rec'd Configure Ack #2 (Req-Sent)
Sep  1 10:43:53 srv1 mpd: [B-1]   IPADDR 10.0.0.10
Sep  1 10:43:53 srv1 mpd: [B-1] IPCP: state change Req-Sent --> Ack-Rcvd
Sep  1 10:43:53 srv1 mpd: [B-1] CCP: rec'd Configure Ack #2 (Ack-Sent)
Sep  1 10:43:53 srv1 mpd: [B-1]   MPPC
Sep  1 10:43:53 srv1 mpd: [B-1]     0x01000040:MPPE(128 bits), stateless
Sep  1 10:43:53 srv1 mpd: [B-1] CCP: state change Ack-Sent --> Opened
Sep  1 10:43:53 srv1 mpd: [B-1] CCP: LayerUp
Sep  1 10:43:53 srv1 mpd: [B-1] CCP: Compress using: mppc (MPPE(128 bits), stateless)
Sep  1 10:43:53 srv1 mpd: [B-1] CCP: Decompress using: mppc (MPPE(128 bits), stateless)
Sep  1 10:43:53 srv1 mpd: [B-1] IPCP: rec'd Configure Request #8 (Ack-Rcvd)
Sep  1 10:43:53 srv1 mpd: [B-1]   IPADDR 95.xxx.xxx.xxx
Sep  1 10:43:53 srv1 mpd: [B-1]     95.xxx.xxx.xxx is OK
Sep  1 10:43:53 srv1 mpd: [B-1]   PRIDNS 10.0.0.10
Sep  1 10:43:53 srv1 mpd: [B-1] IPCP: SendConfigAck #8
Sep  1 10:43:53 srv1 mpd: [B-1]   IPADDR 95.xxx.xxx.xxx
Sep  1 10:43:53 srv1 mpd: [B-1]   PRIDNS 10.0.0.10
Sep  1 10:43:53 srv1 mpd: [B-1] IPCP: state change Ack-Rcvd --> Opened
Sep  1 10:43:53 srv1 mpd: [B-1] IPCP: LayerUp
Sep  1 10:43:53 srv1 mpd: [B-1]   10.0.0.10 -> 95.xxx.xxx.xxx
Sep  1 10:43:53 srv1 mpd: [B-1] IFACE: Adding IPv4 address to ng0 failed: File exists
Sep  1 10:43:53 srv1 mpd: [B-1] IFACE: IfaceChangeAddr() error, closing IPCP
Sep  1 10:43:53 srv1 mpd: [B-1] IPCP: parameter negotiation failed
Sep  1 10:43:53 srv1 mpd: [B-1] IPCP: state change Opened --> Stopping
Sep  1 10:43:53 srv1 mpd: [B-1] IPCP: SendTerminateReq #3
Sep  1 10:43:53 srv1 mpd: [B-1] IPCP: LayerDown
Sep  1 10:43:53 srv1 mpd: [B-1] rec'd unexpected protocol IP
Sep  1 10:43:53 srv1 mpd: [B-1] IPCP: rec'd Terminate Ack #3 (Stopping)
Sep  1 10:43:53 srv1 mpd: [B-1] IPCP: state change Stopping --> Stopped
Sep  1 10:43:53 srv1 mpd: [B-1] IPCP: LayerFinish
Sep  1 10:43:53 srv1 mpd: [B-1] Bundle: No NCPs left. Closing links...
Sep  1 10:43:53 srv1 mpd: [B-1] Bundle: closing link "L-1"...
Sep  1 10:43:53 srv1 mpd: [L-1] Link: CLOSE event
Sep  1 10:43:53 srv1 mpd: [L-1] LCP: Close event
Sep  1 10:43:53 srv1 mpd: [L-1] LCP: state change Opened --> Closing
Sep  1 10:43:53 srv1 mpd: [L-1] Link: Leave bundle "B-1"
Sep  1 10:43:53 srv1 mpd: [L-1] RADIUS: Accounting user 'test' (Type: 2)
Sep  1 10:43:53 srv1 mpd: [B-1] Bundle: Status update: up 0 links, total bandwidth 9600 bps
Sep  1 10:43:53 srv1 mpd: [B-1] IPCP: Close event
Sep  1 10:43:53 srv1 mpd: [B-1] IPCP: state change Stopped --> Closed
Sep  1 10:43:53 srv1 mpd: [B-1] CCP: Close event
Sep  1 10:43:53 srv1 mpd: [B-1] CCP: state change Opened --> Closing
Sep  1 10:43:53 srv1 mpd: [B-1] CCP: SendTerminateReq #3
Sep  1 10:43:53 srv1 mpd: [B-1] CCP: LayerDown
Sep  1 10:43:53 srv1 mpd: [B-1] IPCP: Down event
Sep  1 10:43:53 srv1 mpd: [B-1] IPCP: state change Closed --> Initial
Sep  1 10:43:53 srv1 mpd: [B-1] CCP: Down event
Sep  1 10:43:53 srv1 mpd: [B-1] CCP: LayerFinish
Sep  1 10:43:53 srv1 mpd: [B-1] CCP: state change Closing --> Initial
Sep  1 10:43:53 srv1 mpd: [B-1] Bundle: Shutdown
Sep  1 10:43:53 srv1 mpd: [L-1] RADIUS: Rec'd RAD_ACCOUNTING_RESPONSE for user 'test'
Sep  1 10:43:53 srv1 mpd: [L-1] LCP: SendTerminateReq #4
Sep  1 10:43:53 srv1 mpd: [L-1] LCP: LayerDown
Sep  1 10:43:54 srv1 mpd: [L-1] PPTP call terminated
Sep  1 10:43:54 srv1 mpd: [L-1] Link: DOWN event
Sep  1 10:43:54 srv1 mpd: [L-1] LCP: Down event
Sep  1 10:43:54 srv1 mpd: [L-1] LCP: LayerFinish
Sep  1 10:43:54 srv1 mpd: [L-1] LCP: state change Closing --> Initial
Sep  1 10:43:54 srv1 mpd: [L-1] Link: SHUTDOWN event
Sep  1 10:43:54 srv1 mpd: [L-1] Link: Shutdown

 

Вопросы:

1. При первом подключении пользователю всегда выдается ошибка 629 или окно подключения просто исчезает, при переподключении - все ок.

2. Сейчас ip-пул один, в будущем будет расширен или добавлен новый. Как прикрутить несколько ip-пулов?

3. При подключении клиента теряется связь с мультикастом (работает, пока не остановишь) - определил, что если удалить маршрут до 224.0.0.0 (созданный pptp на клиенте) то начинает работать - как реализовать, чтобы автоматом удалялся или не добавлялся?

terrible

terrible

Posted
Posted
Sep 1 10:43:53 srv1 mpd: [b-1] IFACE: Adding IPv4 address to ng0 failed: File exists

Sep 1 10:43:53 srv1 mpd: [b-1] IFACE: IfaceChangeAddr() error, closing IPCP

http://yandex.ru/yandsearch?clid=9582&...IPCP&lr=213

http://www.netup.ru/phpbb/viewtopic.php?t=6000

http://noted.org.ua/?p=984

 

Сами почему логи читать до сих пор не научились?

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...
На сайте используются файлы cookie и сервисы аналитики для корректной работы форума и улучшения качества обслуживания. Продолжая использовать сайт, вы соглашаетесь с использованием файлов cookie и с Политикой конфиденциальности.