Re: [Fwknop-discuss] Could not properly decode IP header
Brought to you by:
mbr
From: Michael R. <mb...@ci...> - 2009-01-11 22:05:45
|
On Jan 11, 2009, Micha Holzmann wrote: > Hello, > > after migration to fwknop-1.9.9 i am not longer able to login to my > system. After having direct access to the system i stopped the daemons > and started fwknopd with "fwknopd --debug --verbose" and tried to > knocking... > > Sun Jan 11 14:56:37 2009 [+] imported access directives (1 SOURCE definitions). > Sun Jan 11 14:56:37 2009 [+] Executing: /usr/sbin/knoptm -c /etc/fwknop/fwknop.conf > Sun Jan 11 14:56:37 2009 [+] imported previous tracking digests from disk cache: /var/log/fwknop/digest.cache > Sun Jan 11 14:56:37 2009 [+] Set SIGCHLD handler to: CODE(0x8ff11f8) > Sun Jan 11 14:56:37 2009 [+] Set __WARN__ handler to: CODE(0x9156b68) > Sun Jan 11 14:56:37 2009 [+] Set __DIE__ handler to: CODE(0x9156af8) > [+] Net::Pcap::VERSION 0.05 > Sun Jan 11 14:56:37 2009 [+] Sniffing (promisc) packet data from interface: ppp0 > Sun Jan 11 14:56:37 2009 [+] pcap_loop() > Sun Jan 11 14:56:45 2009 [+] Received packet ***[Sun Jan 11 14:56:45 2009]*** > Sun Jan 11 14:56:45 2009 Complete raw packet data (hex dump, including packet headers): > > The hex dump was deleted due security issues > > [-] Could not properly decode IP header. The above looks like fwknopd did not detect the "cooked" interface type that I suspect ppp0 is associated with. Can you try running the same test with "fwknopd --debug --verbose --Linux-cooked-intf"? If that fails, then could you send me the hex dump, but change the security-sensitive data to something not meanginful? You could just mark over the src/dst MAC and src/dst IP addresses with NN or something, and cut the dump off at the application layer data. What I need to see is the structure of the data link and IP headers. Thanks, -- Michael Rash http://www.cipherdyne.org/ Key fingerprint: E2EF 0C8A 5AA9 654C 4763 B50F 37AC E946 7F51 8271 > Before installing the new version i stopped all daemons and deleted > completely /usr/lib/fwknop and then ./install.pl > > Distro is Ubuntu 8.10, Kernel is 2.6.27-9-generic. > > > > What have i (may) done wrong here? > > > > -- > My software never has bugs. It just develops random features. > > ------------------------------------------------------------------------------ > Check out the new SourceForge.net Marketplace. > It is the best place to buy or sell services for > just about anything Open Source. > http://p.sf.net/sfu/Xq1LFB > _______________________________________________ > Fwknop-discuss mailing list > Fwk...@li... > https://lists.sourceforge.net/lists/listinfo/fwknop-discuss |