Re: [Fwknop-discuss] Could not open digest cache

Fri, 07 Oct 2016 20:33:07 -0700 

On Fri, Oct 7, 2016 at 3:17 PM, Stephen Isard <xkyr47r...@snkmail.com>
wrote:

> Hello,
>
> I've recently installed fwknop, so am not an experienced user.  I'm
> testing the use of command packets over my local interface.  I have a
> very restricted user set up as the CMD_EXEC_USER.  When I start fwknopd
> and run fwknop -C with a command that the user is permitted to run, it
> works as expected.  And when I give a command that the user isn't
> allowed to execute, the command is rejected.  However, after a rejected
> command, permitted commands stop working and I get lines of the form
>
> fwknopd[4346]: (stanza #2) SPA Packet from IP: 127.0.0.1 received with
> access source match
> fwknopd[4346]: Could not open digest cache: /var/run/fwknop/digest.cache
> fwknopd[4346]: [127.0.0.1] (stanza #2) Could not add digest to replay cache
>
> in my log file.  If I restart fwknopd, the permitted commands start
> working again.
>
> I'm running fwknop 2.6.5-2.el6 on a Scientific Linux 6.8 system
> (equivalent to Centos 6.8, RHEL 6.8).
>

That is interesting - I will try to reproduce this tomorrow and report back.

Thanks,

--Mike



>
> I'd be grateful for any pointers.
>
> Stephen Isard
>
> ------------------------------------------------------------
> ------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, SlashDot.org! http://sdm.link/slashdot
> _______________________________________________
> Fwknop-discuss mailing list
> Fwknop-discuss@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/fwknop-discuss
>



-- 
Michael Rash | Founder
http://www.cipherdyne.org/
Key fingerprint = 53EA 13EA 472E 3771 894F  AC69 95D8 5D6B A742 839F

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most 
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Fwknop-discuss mailing list
Fwknop-discuss@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fwknop-discuss

Reply via email to