check to see if /etc/localtime linked to your correct zone/region/city
───
On 12 July 2017 at 08:43, newsboost <newsbo...@gmail.com> wrote:
> Hi,
>
> I've been a very happy user of fwknopd for a while. However recently I
> lost my router settings (running fwknopd on Asus-Merlin firmware through
> entware) so I cannot remember what I did to make it work. Maybe this is a
> quick question, any ideas/comments are greatly appreciated. My problem is
> that now, it seems like the fwknop-daemon does not run in "local time" as
> my router does and I don't know what to do about this problem. Here's a few
> lines from my syslog file:
>
>
> *Jul 12 06:06:06 dropbear[6233]: Password auth succeeded for 'wrt54g' from
> 192.168.1.100:44072
> <http://192.168.1.100:44072>
> *
> *Jul 12 04:25:32 fwknopd[30727]: Got SIGTERM.
> Exiting...
> *
> *Jul 12 04:25:41 fwknopd[8766]: Using Digest Cache:
> '/opt/var/fwknop/digest.cache' (entry count =
> 7)
> *
> *Jul 12 04:42:49 fwknopd[8766]: [212.27.20.5] (stanza #1) Error creating
> fko context: Args contain invalid data:
> FKO_ERROR_INVALID_DATA_HMAC_COMPAREFAIL *
> *Jul 12 04:42:49 fwknopd[8766]: [212.27.20.5] (stanza #2) SPA data time
> difference is too great (7215
> seconds).
> *
> *Jul 12 04:44:16 fwknopd[8766]: [212.27.20.5] (stanza #1) Error creating
> fko context: Args contain invalid data:
> FKO_ERROR_INVALID_DATA_HMAC_COMPAREFAIL *
>
>
> Notice that on July 12th (today) I log in a 06:06 in the morning. Then I
> kill fwknopd (because several "SPA data time difference is too great (7215
> seconds)"-messages). You'll notice that the next line is 2 hours ahead - so
> the actual time when I killed fwknopd was likely 06:25 hours, but fwknopd
> logs this as 04:25 hours... I don't remember I've had this problem earlier,
> but I've been very please with fwknopd before and have had the
> time-difference check to something as low as 5 minutes, with great success.
>
> Also, about this line: "Jul 12 04:42:49 fwknopd[8766]: [212.27.20.5]
> (stanza #1) Error creating fko context: Args contain invalid data:
> FKO_ERROR_INVALID_DATA_HMAC_COMPAREFAIL" I think the reason was that I
> had a very long comment line (with preceding "#") and I think I've solved
> the problem by making the 1 long comment-line into several shorter lines.
> At least this is what I get now:
>
>
> *Jul 12 07:24:59 dnsmasq-dhcp[504]: not giving name localhost to the DHCP
> lease of 192.168.1.201 because the name exists in /etc/hosts with address
> 127.0.0.1*
> *Jul 12 05:27:52 fwknopd[8766]: Got SIGTERM. Exiting...*
> *Jul 12 07:30:35 dropbear[17010]: Password auth succeeded for 'wrt54g'
> from 192.168.1.100:46050 <http://192.168.1.100:46050>*
> *wrt54g@router:/tmp# date*
> *Wed Jul 12 07:30:47 DST 2017*
>
> Again, notice the time is actually 07:24 - but fwknopd thinks the time is
> 05:27 - and I logged in at 07:30... Now, I believe I didn't change my
> config-settings - is it possible to get a few clues/ideas about the cause
> (or the solution) of this problem? I can also show my complete config
> files, but I'm thinking that maybe (hopefully) this description is enough
> for someone to tell me where I should take a closer look...
>
> I hope for a few helpful comments - I'm a very big fan of this fwknopd
> project (in comparison to e.g. port knocking), thanks for any
> hints/comments/suggestions/ideas!
>
>
> Sincerely,
>
> Martin
>
>
>
> ------------------------------------------------------------
> ------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> Fwknop-discuss mailing list
> Fwknop-discuss@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/fwknop-discuss
>
>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Fwknop-discuss mailing list
Fwknop-discuss@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fwknop-discuss
