Strongswan não pode enviar pacotes para um cliente 127.0.0.1 sobre TCP com Udptunnel

Question

Strongswan não pode enviar pacotes para um cliente 127.0.0.1 sobre TCP com Udptunnel

0

Eu configurei um udptunnel e consegui obter pacotes para acessar o servidor Strongswan no Ubuntu 16.04. Pacotes, no entanto, não podem alcançar de Strongswan de volta sobre o túnel.

No fim do servidor strongswan, os pacotes acabam ficando assim:

- > Nova conexão de entrada (1.2.3.4 porta TCP 10) - > UDPTunnel (1.2.3.4 TCP 10 para UDP 11 127.0.0.1) - > Iptables (127.0.01 UDP 11 para UDP 500) - > Strongswan (UDP 500 127.0.0.1)

No lado do strongswan, parecerá uma conexão de entrada de 127.0.0.1

Eu analisei os pacotes do Strongswan e não há tráfego na porta 500 do servidor Strongswan. Os pacotes que chegam são assim:

tcpdump -i lo -n -vvv porta 500

tcpdump: listening on lo, link-type EN10MB (Ethernet), capture size 262144 bytes
04:15:54.514001 IP (tos 0x0, ttl 64, id 30823, offset 0, flags [DF], proto UDP (17), length 244)
    127.0.0.1.46427 > 127.0.0.1.500: [bad udp cksum 0xfef3 -> 0x182e!] isakmp 1.0 msgid 00000000 cookie 42dbd2778888b4f1->0000000000000000: phase 1 I ident:
    (sa: doi=ipsec situation=identity
        (p: #0 protoid=isakmp transform=3
            (t: #1 id=ike (type=enc value=aes)(type=keylen value=0080)(type=hash value=md5)(type=group desc value=modp768)(type=auth value=preshared)(type=lifetype value=sec)(type=lifeduration value=0e10))
            (t: #2 id=ike (type=enc value=aes)(type=keylen value=0080)(type=hash value=md5)(type=group desc value=modp2048)(type=auth value=preshared)(type=lifetype value=sec)(type=lifeduration value=0e10))
            (t: #3 id=ike (type=group desc value=modp2048)(type=auth value=preshared)(type=lifetype value=sec)(type=lifeduration value=0e10))))
    (vid: len=8 09002689dfd6b712)
    (vid: len=16 afcad71368a1f1c96b8696fc77570100)
    (vid: len=16 4a131c81070358455c5728f20e95452f)
    (vid: len=16 90cb80913ebb696e086381b5ec427b1f)
^C
1 packet captured
2 packets received by filter
0 packets dropped by kernel

Strongswan no servidor (syslog)

Feb  1 04:15:07 strongswan-configured-as-backup-from-local-192 charon: 05[NET] received packet: from 127.0.0.1[46427] to 127.0.0.1[500] (216 bytes)
Feb  1 04:15:07 strongswan-configured-as-backup-from-local-192 charon: 05[ENC] parsed ID_PROT request 0 [ SA V V V V ]
Feb  1 04:15:07 strongswan-configured-as-backup-from-local-192 charon: 05[IKE] no IKE config found for 127.0.0.1...127.0.0.1, sending NO_PROPOSAL_CHOSEN
Feb  1 04:15:07 strongswan-configured-as-backup-from-local-192 charon: 05[ENC] generating INFORMATIONAL_V1 request 2504177458 [ N(NO_PROP) ]
Feb  1 04:15:07 strongswan-configured-as-backup-from-local-192 charon: 05[NET] sending packet: from 127.0.0.1[500] to 127.0.0.1[46427] (40 bytes)
Feb  1 04:15:11 strongswan-configured-as-backup-from-local-192 charon: 04[NET] received packet: from 127.0.0.1[46427] to 127.0.0.1[500] (216 bytes)
Feb  1 04:15:11 strongswan-configured-as-backup-from-local-192 charon: 04[ENC] parsed ID_PROT request 0 [ SA V V V V ]
Feb  1 04:15:11 strongswan-configured-as-backup-from-local-192 charon: 04[IKE] no IKE config found for 127.0.0.1...127.0.0.1, sending NO_PROPOSAL_CHOSEN
Feb  1 04:15:11 strongswan-configured-as-backup-from-local-192 charon: 04[ENC] generating INFORMATIONAL_V1 request 2275808008 [ N(NO_PROP) ]
Feb  1 04:15:11 strongswan-configured-as-backup-from-local-192 charon: 04[NET] sending packet: from 127.0.0.1[500] to 127.0.0.1[46427] (40 bytes)
Feb  1 04:15:18 strongswan-configured-as-backup-from-local-192 charon: 03[NET] received packet: from 127.0.0.1[46427] to 127.0.0.1[500] (216 bytes)
Feb  1 04:15:18 strongswan-configured-as-backup-from-local-192 charon: 03[ENC] parsed ID_PROT request 0 [ SA V V V V ]
Feb  1 04:15:18 strongswan-configured-as-backup-from-local-192 charon: 03[IKE] no IKE config found for 127.0.0.1...127.0.0.1, sending NO_PROPOSAL_CHOSEN
Feb  1 04:15:18 strongswan-configured-as-backup-from-local-192 charon: 03[ENC] generating INFORMATIONAL_V1 request 2859457760 [ N(NO_PROP) ]
Feb  1 04:15:18 strongswan-configured-as-backup-from-local-192 charon: 03[NET] sending packet: from 127.0.0.1[500] to 127.0.0.1[46427] (40 bytes)
Feb  1 04:15:31 strongswan-configured-as-backup-from-local-192 charon: 02[NET] received packet: from 127.0.0.1[46427] to 127.0.0.1[500] (216 bytes)
Feb  1 04:15:31 strongswan-configured-as-backup-from-local-192 charon: 02[ENC] parsed ID_PROT request 0 [ SA V V V V ]
Feb  1 04:15:31 strongswan-configured-as-backup-from-local-192 charon: 02[IKE] no IKE config found for 127.0.0.1...127.0.0.1, sending NO_PROPOSAL_CHOSEN
Feb  1 04:15:31 strongswan-configured-as-backup-from-local-192 charon: 02[ENC] generating INFORMATIONAL_V1 request 2840929552 [ N(NO_PROP) ]
Feb  1 04:15:31 strongswan-configured-as-backup-from-local-192 charon: 02[NET] sending packet: from 127.0.0.1[500] to 127.0.0.1[46427] (40 bytes)

por Atti 01.02.2017 / 05:40

0 respostas

como copiar arquivos do compartilhamento do Windows para o Linux e preservar conjuntos de caracteres disco rígido externo Seagate 1tb não funciona