The_Great_Sephiroth Veteran
Joined: 03 Oct 2014 Posts: 1602 Location: Fayetteville, NC, USA
|
Posted: Sat Oct 17, 2015 3:49 pm Post subject: PPTP and short reads... |
|
|
I do not know what is going on, but the past week I have had one heck of a time keeping my PPTP VPN connections working. They connect and within ten seconds drop with a short read error. Now, if I connect and instantly SSH into a box on the remote end, it stays up. After disconnecting the SSH connection, the tunnel dies. This just started and has me baffled. Nothing changed on the remote ends. I am assuming an update broke PPTP somehow on my laptop.
Log:
Code: |
Oct 17 11:44:29 laptop01 pptp[5545]: nm-pptp-service-5542 warn[decaps_gre:pptp_gre.c:347]: short read (-1): Message too long
Oct 17 11:44:29 laptop01 pptp[5555]: nm-pptp-service-5542 log[callmgr_main:pptp_callmgr.c:245]: Closing connection (unhandled)
Oct 17 11:44:29 laptop01 pptp[5555]: nm-pptp-service-5542 log[ctrlp_rep:pptp_ctrl.c:258]: Sent control packet type is 12 'Call-Clear-Request'
Oct 17 11:44:29 laptop01 pptp[5555]: nm-pptp-service-5542 log[call_callback:pptp_callmgr.c:84]: Closing connection (call state)
|
Firewall:
Code: |
~ $ sudo iptables -S
Password:
-P INPUT DROP
-P FORWARD DROP
-P OUTPUT ACCEPT
-A INPUT -p tcp -m tcp --dport 22 -m state --state NEW -m recent --set --name BLOCKED --mask 255.255.255.255 --rsource
-A INPUT -p tcp -m tcp --dport 22 -m state --state NEW -m recent --update --seconds 60 --hitcount 4 --name BLOCKED --mask 255.255.255.255 --rsource -j DROP
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 3 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 11 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 12 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 113 --tcp-flags FIN,SYN,RST,ACK SYN -j REJECT --reject-with tcp-reset
-A INPUT -p gre -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m multiport --dports 22,135,139,445,3389 -j ACCEPT
-A INPUT -p udp -m state --state NEW -m multiport --dports 137,138,5060,5353,7078,9078 -j ACCEPT
-A INPUT -i ppp+ -j ACCEPT
-A INPUT -i lo -j ACCEPT
|
As you can see, GRE is accepted and the firewall has not changed in months. So what is going on here? _________________ Ever picture systemd as what runs "The Borg"? |
|