Followup-For: Bug #839937
Package: ocserv
Version: 0.11.4-1+b2
Dear Maintainer,
*** Reporter, please consider answering these questions, where appropriate ***
* What led up to the situation?
* What exactly did you do (or not do) that was effective (or
ineffective)?
* What was the outcome of this action?
* What outcome did you expect instead?
*** End of the template - remove these template lines ***
-- System Information:
Debian Release: stretch/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 4.8.0-1-686-pae (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages ocserv depends on:
ii dbus 1.10.14-1
ii init-system-helpers 1.46
ii libc6 2.24-7
ii libev4 1:4.22-1
ii libgnutls30 3.5.6-7
ii libgssapi-krb5-2 1.15~beta1-1
ii libhttp-parser2.1 2.1-2
ii liblz4-1 0.0~r131-2
ii libnettle6 3.3-1
ii libnl-3-200 3.2.27-1
ii libnl-route-3-200 3.2.27-1
ii liboath0 2.6.1-1
ii libopts25 1:5.18.12-3
ii libpam0g 1.1.8-3.3
ii libpcl1 1.6-1.1
ii libprotobuf-c1 1.2.1-2
ii libradcli4 1.2.6-4
ii libreadline7 7.0-1
ii libseccomp2 2.3.1-2.1
ii libsystemd0 232-7
ii libtalloc2 2.1.8-1
ii libtasn1-6 4.9-4
ii libwrap0 7.6.q-25
ii ssl-cert 1.0.38
Versions of packages ocserv recommends:
ii ca-certificates 20161102
ocserv suggests no packages.
-- Configuration Files:
/etc/ocserv/ocserv.conf changed:
auth = "pam[gid-min=1000]"
listen-host = 91.217.8.105
tcp-port = 443
udp-port = 443
run-as-user = nobody
run-as-group = daemon
socket-file = /var/run/ocserv-socket
server-cert = /etc/ssl/certs/ssl-cert-snakeoil.pem
server-key = /etc/ssl/private/ssl-cert-snakeoil.key
ca-cert = /etc/ssl/certs/ssl-cert-snakeoil.pem
isolate-workers = true
max-clients = 100
max-same-clients = 2
keepalive = 32400
dpd = 90
mobile-dpd = 1800
try-mtu-discovery = false
cert-user-oid = 0.9.2342.19200300.100.1.1
tls-priorities = "NORMAL:%SERVER_PRECEDENCE:%COMPAT:-VERS-SSL3.0"
auth-timeout = 40
min-reauth-time = 3
max-ban-score = 50
ban-reset-time = 300
cookie-timeout = 300
cookie-rekey-time = 14400
deny-roaming = false
rekey-time = 172800
rekey-method = ssl
use-utmp = true
use-occtl = true
pid-file = /var/run/ocserv.pid
device = vpns
predictable-ips = true
default-domain = ivoin.ru
ipv4-network = 192.168.1.0
ipv4-netmask = 255.255.255.0
dns = 192.168.1.2
ping-leases = false
route = 10.0.0.0/255.0.0.0
route = 172.16.0.0/255.240.0.0
route = 192.168.0.0/255.255.0.0
cisco-client-compat = true
-- no debconf information
