Re: [Openvpn-users] (no subject)
Hi, On Fri, Dec 03, 2021 at 08:41:41AM +0100, Gert Doering wrote: > You're right - this is a documentation bug, and we need to fix this. FTR, a patch has been submitted, and will be merged to master and 2.5 soonish. We won't backport it to 2.4 as the format of these files has changed and we're unlikely to do any further 2.4 release. https://patchwork.openvpn.net/patch/2120/ gert -- "If was one thing all people took for granted, was conviction that if you feed honest figures into a computer, honest figures come out. Never doubted it myself till I met a computer with a sense of humor." Robert A. Heinlein, The Moon is a Harsh Mistress Gert Doering - Munich, Germany g...@greenie.muc.de signature.asc Description: PGP signature ___ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: [Openvpn-users] (no subject)
Hi, On Thu, Dec 02, 2021 at 11:44:03PM +0100, Stella Ashburne wrote: > OK. I surfed to https://build.openvpn.net/man/openvpn-2.5/openvpn.8.html > which I guess is the latest version of man page of OpenVPN 2.5, > right? According to it, "push-peer-info" is a server option. Mmmh, indeed. You're right - this is a documentation bug, and we need to fix this. The section heading is so far above the --push-peer-info section that I really missed that (I know where and how the option is used, and how it is implemented, so I tend to only look at the particular option to see if it's correctly documented, not at the overall context). gert -- "If was one thing all people took for granted, was conviction that if you feed honest figures into a computer, honest figures come out. Never doubted it myself till I met a computer with a sense of humor." Robert A. Heinlein, The Moon is a Harsh Mistress Gert Doering - Munich, Germany g...@greenie.muc.de signature.asc Description: PGP signature ___ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: [Openvpn-users] (no subject)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hi, ‐‐‐ Original Message ‐‐‐ On Friday, December 3rd, 2021 at 05:49, Nathan Stratton Treadway wrote: > On Thu, Dec 02, 2021 at 23:42:04 +, tincantech via Openvpn-users wrote: > > > On Thursday, December 2nd, 2021 at 22:44, Stella Ashburne rewe...@gmx.com > > wrote: > > > > > OK. I surfed to > > > > > > https://build.openvpn.net/man/openvpn-2.5/openvpn.8.html which I > > > > > > guess is the latest version of man page of OpenVPN 2.5, right? > > > > > > According to it, "push-peer-info" is a server option. > > > > That is the latest. > > > > What it say is: --push-peer-info > > > > - Push additional information about the client to server. The > > > > following data is always pushed to the server.. > > > > It clearly states "Push additional information about the client to server". > > I believe that what Stella is commenting on is the fact that > > --push-peer-info is listed in the "Server Options" section of the man > > page rather than the "Client Options" section > I do concur, the option may be oddly placed.. but it's description is unambiguous. Maintaining Openvpn-CE documentation is a not a trivial undertaking, help is always appreciated. R -BEGIN PGP SIGNATURE- Version: ProtonMail wsBzBAEBCAAGBQJhqbv3ACEJEE+XnPZrkLidFiEECbw9RGejjXJ5xVVVT5ec 9muQuJ10qQf/TMoHOKAdZnSjtVpNGyZiw0/7r1WxBqgy3KSB5psPwpf05dq+ V+FdXOy7+n6p+3ugvnX8lyeOmu9TWf1c3qwHUcZAp7R/zh3Bnk6Xrbw85hbR DPQ4jhHJQa+jkQM8GhmHOZ4GsN1slcVdpUZ0hf2JieGsBgTHSKtyxmXqfxD3 8L+22apIp+I6TOJ6+XSJg8Upgot5jQxEFNyVIPI6TN4ACCOrV/ISHcoDSx9M 0g5/3vMJh0uc0ZTatflv62SeTqhvMbBJC64v2zdvnnm46AKeKpOI8neFxBX+ FhXhaoEzO12CXuKvWa1u1V8cjnD1vb0nuTI9TS1fjxhnA97BItVphw== =xN5w -END PGP SIGNATURE- publickey - tincantech@protonmail.com - 0x09BC3D44.asc Description: application/pgp-keys publickey - tincantech@protonmail.com - 0x09BC3D44.asc.sig Description: PGP signature ___ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: [Openvpn-users] (no subject)
On Thu, Dec 02, 2021 at 23:42:04 +, tincantech via Openvpn-users wrote: > > On Thursday, December 2nd, 2021 at 22:44, Stella Ashburne > wrote: > > OK. I surfed to > > https://build.openvpn.net/man/openvpn-2.5/openvpn.8.html which I > > guess is the latest version of man page of OpenVPN 2.5, right? > > According to it, "push-peer-info" is a server option. > > That is the latest. > > What it say is: --push-peer-info > * Push additional information about the client to server. The >following data is always pushed to the server.. > > It clearly states "Push *additional* information about the client to server". I believe that what Stella is commenting on is the fact that --push-peer-info is listed in the "Server Options" section of the man page rather than the "Client Options" section Nathan Nathan Stratton Treadway - natha...@ontko.com - Mid-Atlantic region Ray Ontko & Co. - Software consulting services - http://www.ontko.com/ GPG Key: http://www.ontko.com/~nathanst/gpg_key.txt ID: 1023D/ECFB6239 Key fingerprint = 6AD8 485E 20B9 5C71 231C 0C32 15F3 ADCD ECFB 6239 ___ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: [Openvpn-users] (no subject)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hi, ‐‐‐ Original Message ‐‐‐ On Thursday, December 2nd, 2021 at 22:44, Stella Ashburne wrote: > Hi Gert > > Thanks for your reply. > > > OK. I surfed to https://build.openvpn.net/man/openvpn-2.5/openvpn.8.html > which I guess is the latest version of man page of OpenVPN 2.5, right? > According to it, "push-peer-info" is a server option. That is the latest. What it say is: --push-peer-info * Push additional information about the client to server. The following data is always pushed to the server.. It clearly states "Push *additional* information about the client to server". The client will send even more data about itself, to the server, if you use --push-peer-info There is nothing about this being a "server option". If you do not use --push-peer-info then only the normal data, which openvpn always pushes, is pushed. Don't be worried about a harmless MAC , they know who you are anyway ... meh-meh-meh. hth R -BEGIN PGP SIGNATURE- Version: ProtonMail wsBzBAEBCAAGBQJhqVm5ACEJEE+XnPZrkLidFiEECbw9RGejjXJ5xVVVT5ec 9muQuJ2F/ggAm4frSR2VnJyi3juandQA080X1lJZGAvd1dGybnUuNBGBVLt9 MFX89B2SeWOouuQuny//Z3DUTI6bAUWJOrT2iTFEH0m0T4jd4Q4DTp5moRjx ony6lY+w1LeXjFS7QN8AsyCg3OoN/ZB6nMOn+3rfhC6Q4Vi+FOpq8jtW0v2g JNU03Jnw6yMjGRdDR6U74rgK9qwIgGNApoR8F4RcAsodQoNKgnmW/udr+Fbl 3wIlBn27cx3kjaEQDpIzNHVFfQZ20ExS6oQAVlsA3UNnnXPgGfOSAQNt2E9r AFNT7K0WZDiBhdK/0B30aou88HZTchT98kYh2C6LUkjpMZoiMoiC8A== =86dr -END PGP SIGNATURE- publickey - tincantech@protonmail.com - 0x09BC3D44.asc Description: application/pgp-keys publickey - tincantech@protonmail.com - 0x09BC3D44.asc.sig Description: PGP signature ___ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: [Openvpn-users] (no subject)
Hi Gert Thanks for your reply. > Sent: Friday, December 03, 2021 at 2:14 AM > From: "Gert Doering" > To: "Stella Ashburne" > Cc: openvpn-users@lists.sourceforge.net > Subject: Re: [Openvpn-users] (no subject) > > (I think we have a patch somewhere to clarify that - it might even be > in the current man page. You looked at the 2.4 man page, which is OLD) > > gert > -- OK. I surfed to https://build.openvpn.net/man/openvpn-2.5/openvpn.8.html which I guess is the latest version of man page of OpenVPN 2.5, right? According to it, "push-peer-info" is a server option. Regards. Stella ___ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: [Openvpn-users] (no subject)
Hi, On Thu, Dec 02, 2021 at 05:33:32PM +0100, Stella Ashburne wrote: > > (It will only be sent if you have "push-peer-info" in your client config, > > see "man openvpn" for what is always sent and what needs to be enabled) > About "push-peer-info": > > I surfed to > https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage?__cf_chl_jschl_tk__=JSUulbKidOapkzFKpsRhInXslT2sBquL7BK.lhuMS1s-1638461653-0-gaNycGzNCOU > and learned that "push-peer-info" is an option in the server's > configuration file and not in the client's. It is not. Most of the time it is used in client configs (do not confuse with regular "push ", which *is* a server option). It can be used on the server, making the server send *its* versions to the client - which is rarely useful. > If that's the case, can > we specify an option in the client's configuration file to refuse > to give to the server such details such as IFACE and HWADDR? By not having push-peer-info in the client's config. > And since we are on the subject of "push-peer-info", I would appreciate it if > you could clarify the following that is written in man openvpn: > > IV_HWADDR= -- the MAC address of clients default gateway > > By "default gateway", does the author of the man page refer to the router's > MAC address or to the MAC address of the network interface card in my machine? The MAC address of the network card used to reach the default gateway. (I think we have a patch somewhere to clarify that - it might even be in the current man page. You looked at the 2.4 man page, which is OLD) gert -- "If was one thing all people took for granted, was conviction that if you feed honest figures into a computer, honest figures come out. Never doubted it myself till I met a computer with a sense of humor." Robert A. Heinlein, The Moon is a Harsh Mistress Gert Doering - Munich, Germany g...@greenie.muc.de signature.asc Description: PGP signature ___ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: [Openvpn-users] (no subject)
Hi Gert Thanks for your reply. > Sent: Friday, December 03, 2021 at 12:09 AM > From: "Gert Doering" > To: "Stella Ashburne" > Cc: openvpn-users@lists.sourceforge.net > Subject: Re: [Openvpn-users] (no subject) > > > It is not sent by default, so nothing to do here. > Thanks for your clarification, Gert. > (It will only be sent if you have "push-peer-info" in your client config, > see "man openvpn" for what is always sent and what needs to be enabled) > > About "push-peer-info": I surfed to https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage?__cf_chl_jschl_tk__=JSUulbKidOapkzFKpsRhInXslT2sBquL7BK.lhuMS1s-1638461653-0-gaNycGzNCOU and learned that "push-peer-info" is an option in the server's configuration file and not in the client's. If that's the case, can we specify an option in the client's configuration file to refuse to give to the server such details such as IFACE and HWADDR? And since we are on the subject of "push-peer-info", I would appreciate it if you could clarify the following that is written in man openvpn: IV_HWADDR= -- the MAC address of clients default gateway By "default gateway", does the author of the man page refer to the router's MAC address or to the MAC address of the network interface card in my machine? > > Thus: DO NOT USE A VPN PROVIDER THAT YOU DO NOT TRUST. > Thanks for your warning, Gert. Regards. Stella ___ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: [Openvpn-users] (no subject)
Hi, On Thu, Dec 02, 2021 at 04:23:23PM +0100, Stella Ashburne wrote: > To mitigate the fingerprinting, is it possible to prevent the details of > IFACE and HWADDR from being transmitted to my VPN provider? It is not sent by default, so nothing to do here. (It will only be sent if you have "push-peer-info" in your client config, see "man openvpn" for what is always sent and what needs to be enabled) Also, the whole question is a bit weird. Your VPN provider can identify you by means of the account information you use to connect to them... and also, they can see where you surf, what DNS queries you do, etc. Thus: DO NOT USE A VPN PROVIDER THAT YOU DO NOT TRUST. gert -- "If was one thing all people took for granted, was conviction that if you feed honest figures into a computer, honest figures come out. Never doubted it myself till I met a computer with a sense of humor." Robert A. Heinlein, The Moon is a Harsh Mistress Gert Doering - Munich, Germany g...@greenie.muc.de signature.asc Description: PGP signature ___ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: [Openvpn-users] (no subject)
pls check the below error i can't understand SIGTERM[soft,init_instance] received, process exiting what is this pls tell me Fri May 29 00:23:21 2015 NMDVPN 2.1.4 i686-pc-mingw32 [SSL] [LZO2] [PKCS11] built on Apr 25 2011 Fri May 29 00:23:21 2015 NOTE: NMDVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables Fri May 29 00:23:21 2015 LZO compression initialized Fri May 29 00:23:21 2015 Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ] Fri May 29 00:23:21 2015 Socket Buffers: R=[8192-8192] S=[8192-8192] Fri May 29 00:23:21 2015 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ] Fri May 29 00:23:21 2015 Local Options hash (VER=V4): '69109d17' Fri May 29 00:23:21 2015 Expected Remote Options hash (VER=V4): 'c0103fa8' Fri May 29 00:23:21 2015 Attempting to establish TCP connection with 188.165.216.161:3128 Fri May 29 00:23:22 2015 TCP connection established with 188.165.216.161:3128 Fri May 29 00:23:22 2015 Send to HTTP proxy: 'CONNECT 65.111.164.118:443 HTTP/1.0' Fri May 29 00:23:22 2015 Host:buddies.airtelmoney.in/ Fri May 29 00:23:22 2015 X-Online-Host:buddies.aitelmoney.in/ Fri May 29 00:23:27 2015 recv_line: TCP port read timeout expired Fri May 29 00:23:27 2015 TCP/UDP: Closing socket Fri May 29 00:23:27 2015 SIGTERM[soft,init_instance] received, process exiting the 'interesting' line in the log file is actually this one Fri May 29 00:23:27 2015 recv_line: TCP port read timeout expired it means the proxy did not allow you to connect to host 65.111.164.118:443 check your HTTP proxy settings and verify that the host you want to connect to is actually up. JJK -- ___ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: [Openvpn-users] (no subject)
hi your freedom is one of the vpn service pls visit www.your-freedom.net u can understanding thanks... On Sat, Jan 25, 2014 at 3:41 PM, Krishna Murthy kmurthy@gmail.comwrote: hi my isp dns give only 3 free sites surfing downloading for other sites surfing i'm using your freedom tunnel when i dns change to sites are not open, when i tunnel 10-12 times isp as block free surfing sites how to solve this problem pls help me -- CenturyLink Cloud: The Leader in Enterprise Cloud Services. Learn Why More Businesses Are Choosing CenturyLink Cloud For Critical Workloads, Development Environments Everything In Between. Get a Quote or Start a Free Trial Today. http://pubads.g.doubleclick.net/gampad/clk?id=119420431iu=/4140/ostg.clktrk ___ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users -- CenturyLink Cloud: The Leader in Enterprise Cloud Services. Learn Why More Businesses Are Choosing CenturyLink Cloud For Critical Workloads, Development Environments Everything In Between. Get a Quote or Start a Free Trial Today. http://pubads.g.doubleclick.net/gampad/clk?id=119420431iu=/4140/ostg.clktrk___ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: [Openvpn-users] (no subject)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 01. nov. 2013 13:32, Krishna Murthy wrote: hi our location high speed internet airtel 3g only no other 3g network service as per ur advise below my isp open ports scanning by nmap i don't know how to connect vpnbook, few months back vpnbook connecting good but today not connect without balance, if vpnbook not connect can u suggest me who is better openvpn provider unlimited bandwith unlimited usage over tcp443 or how to connect vpnbook over tcp443 once again thanking u Starting Nmap 4.11 ( http://www.insecure.org/nmap ) at 2013-11-02 14:22 India Standard Time Skipping OS Scan against 106.200.30.239 because it doesn't work against your own machine (localhost) Interesting ports on 106.200.30.239: (CLIENT IP) ^^ This is NOT the IP address you have in your VPN log. You simply scanned your own computer. You need to run: nmap -sT -p 443 109.201.154.146 Where 109.201.154.146 is the IP address you tried to connect to. If this turns out to be blocked, then you need at different ISP. For the record, I tried that scan on my own computer and got that 443/tcp is open. If you continue to have problems with VPNbook, I suggest you contact them directly as that's your VPN provider in this case. - -- kind regards, David Sommerseth -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.15 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEUEARECAAYFAlJztg8ACgkQDC186MBRfrqLTgCgmKMjrGRhEBvxzsuVe2MvZAR9 PdcAl371avY8sB17632B9wBH4XrYt+w= =Sna6 -END PGP SIGNATURE- -- Android is increasing in popularity, but the open development platform that developers love is also attractive to malware creators. Download this white paper to learn more about secure code signing practices that can help keep Android apps secure. http://pubads.g.doubleclick.net/gampad/clk?id=65839951iu=/4140/ostg.clktrk ___ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: [Openvpn-users] (no subject)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 31. okt. 2013 04:31, Krishna Murthy wrote: Your VPN client is not able to connect to the OpenVPN server. If this is due to your ISP blocking it, you need a different ISP. Otherwise check all your firewalls. This isn't somthing we can help you with, as this problem is outside OpenVPN. If your firewalls are fine, all you can do is to try to use another port or try UDP instead of TCP. To test your firewalls, to see what is open and blocked, I find nmap [1] quite usefull. [1] http://nmap.org/ - -- kind regards, David Sommerseth -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.15 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlJyHw4ACgkQDC186MBRfrokxACgq4o5ZigdQV/ntu8owbcV2gEU 9DUAoIIbQfQ20jyWFUTbSxBWe/eBoctT =8XT9 -END PGP SIGNATURE- -- Android is increasing in popularity, but the open development platform that developers love is also attractive to malware creators. Download this white paper to learn more about secure code signing practices that can help keep Android apps secure. http://pubads.g.doubleclick.net/gampad/clk?id=65839951iu=/4140/ostg.clktrk ___ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: [Openvpn-users] (no subject)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 31. okt. 2013 04:31, Krishna Murthy wrote: Mon Oct 28 23:20:53 2013 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) Mon Oct 28 23:20:53 2013 TLS Error: TLS handshake failed Your VPN client is not able to connect to the OpenVPN server. If this is due to your ISP blocking it, you need a different ISP. Otherwise check all your firewalls. This isn't somthing we can help you with, as this problem is outside OpenVPN. If your firewalls are fine, all you can do is to try to use another port or try UDP instead of TCP. To test your firewalls, to see what is open and blocked, I find nmap [1] quite usefull. [1] http://nmap.org/ - -- kind regards, David Sommerseth -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.15 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlJyHxAACgkQDC186MBRfrr3egCgoiHVrdfZwl/zFwNwPdfipbsT cUIAn0ulp2Y0F1eAs91ez2jTtsdRq7K2 =57Sh -END PGP SIGNATURE- -- Android is increasing in popularity, but the open development platform that developers love is also attractive to malware creators. Download this white paper to learn more about secure code signing practices that can help keep Android apps secure. http://pubads.g.doubleclick.net/gampad/clk?id=65839951iu=/4140/ostg.clktrk ___ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: [Openvpn-users] (no subject)
On 9 Oct 2013, at 20:15 , Krishna Murthy wrote: Hi isp wraping openvpn data How to fix this How to fix an ISP? Use a better one. --maarten signature.asc Description: Message signed with OpenPGP using GPGMail -- October Webinars: Code for Performance Free Intel webinars can help you accelerate application performance. Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from the latest Intel processors and coprocessors. See abstracts and register http://pubads.g.doubleclick.net/gampad/clk?id=60134071iu=/4140/ostg.clktrk___ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
