<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
Paul,<br>
<br>
This is a variation on a theme:<br>
<br>
<blockquote><tt>Nov 12 17:51:21 server pluto[2041]: "PaulIn"[1]
88.104.20.228 #1: the peer proposed: 172.17.2.0/24:0/0 ->
192.168.30.0/24:0/0</tt><tt><br>
</tt><tt>Nov 12 17:51:21 server pluto[2041]: "PaulIn"[1]
88.104.20.228 #13: responding to Quick Mode proposal
{msgid:95acdb39}</tt><tt><br>
</tt><tt>Nov 12 17:51:21 server pluto[2041]: "PaulIn"[1]
88.104.20.228 #13: us:
172.17.2.0/24===82.19.147.85<82.19.147.85>[@Nick]</tt><tt><br>
</tt><tt>Nov 12 17:51:21 server pluto[2041]: "PaulIn"[1]
88.104.20.228 #13: them: 88.104.20.228===192.168.30.0/24</tt><tt><br>
</tt><tt>Nov 12 17:51:21 server pluto[2041]: "PaulIn"[1]
88.104.20.228 #13: keeping refhim=4294901761 during rekey</tt><tt><br>
</tt><tt>Nov 12 17:51:21 server pluto[2041]: "PaulIn"[1]
88.104.20.228 #13: transition from state STATE_QUICK_R0 to state
STATE_QUICK_R1</tt><tt><br>
</tt><tt>Nov 12 17:51:21 server pluto[2041]: "PaulIn"[1]
88.104.20.228 #13: STATE_QUICK_R1: sent QR1, inbound IPsec SA
installed, expecting QI2</tt><tt><br>
</tt><tt>Nov 12 17:51:22 server pluto[2041]: "PaulIn"[1]
88.104.20.228 #13: Dead Peer Detection (RFC 3706): enabled</tt><tt><br>
</tt><tt>Nov 12 17:51:22 server pluto[2041]: "PaulIn"[1]
88.104.20.228 #13: transition from state STATE_QUICK_R1 to state
STATE_QUICK_R2</tt><tt><br>
</tt><tt>Nov 12 17:51:22 server pluto[2041]: "PaulIn"[1]
88.104.20.228 #13: STATE_QUICK_R2: IPsec SA established tunnel
mode {ESP=>0xf828c2ad <0x384834c7 xfrm=AES_256-HMAC_SHA1
NATOA=none NATD=none DPD=enabled}</tt><tt><br>
</tt><tt>Nov 12 17:51:23 server pluto[2041]: "MumIn" #2: the peer
proposed: 172.17.2.0/23:0/0 -> 192.168.10.0/24:0/0</tt><tt><br>
</tt><tt>Nov 12 17:51:23 server pluto[2041]: "MumIn" #14:
responding to Quick Mode proposal {msgid:9d7830a0}</tt><tt><br>
</tt><tt>Nov 12 17:51:23 server pluto[2041]: "MumIn" #14: us:
172.17.2.0/23===82.19.147.85[@Nick]---82.19.147.1</tt><tt><br>
</tt><tt>Nov 12 17:51:23 server pluto[2041]: "MumIn" #14: them:
82.30.103.217<82.30.103.217>===192.168.10.0/24</tt><tt><br>
</tt><tt>Nov 12 17:51:23 server pluto[2041]: "MumIn" #14: keeping
refhim=4294901761 during rekey</tt><tt><br>
</tt><tt>Nov 12 17:51:23 server pluto[2041]: "MumIn" #14:
transition from state STATE_QUICK_R0 to state STATE_QUICK_R1</tt><tt><br>
</tt><tt>Nov 12 17:51:23 server pluto[2041]: "MumIn" #14:
STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting
QI2</tt><tt><br>
</tt><tt>Nov 12 17:51:23 server pluto[2041]: "MumIn" #14: Dead
Peer Detection (RFC 3706): enabled</tt><tt><br>
</tt><tt>Nov 12 17:51:23 server pluto[2041]: "MumIn" #14:
transition from state STATE_QUICK_R1 to state STATE_QUICK_R2</tt><tt><br>
</tt><tt>Nov 12 17:51:23 server pluto[2041]: "MumIn" #14:
STATE_QUICK_R2: IPsec SA established tunnel mode
{ESP=>0x33658c4d <0xbaa241aa xfrm=AES_256-HMAC_SHA1
NATOA=none NATD=none DPD=enabled}</tt><tt><br>
</tt><tt>Nov 12 18:01:18 server pluto[2041]: "PaulIn"[1]
88.104.20.228 #11: ESP traffic information: in=0B out=3KB</tt><tt><br>
</tt><tt>Nov 12 18:01:19 server pluto[2041]: "MumIn" #12: ESP
traffic information: in=0B out=1KB</tt><tt><br>
</tt><tt>Nov 12 18:32:20 server pluto[2041]: packet from
62.122.68.153:60844: next payload type of ISAKMP Message has an
unknown value: 133</tt><tt><br>
</tt><tt>Nov 12 18:32:20 server pluto[2041]: packet from
62.122.68.153:60844: ASSERTION FAILED at
/home/build/rpmbuild/BUILD/libreswan-3.6/programs/pluto/demux.c:181:
case 0 unexpected</tt><tt><br>
</tt><tt>Nov 12 18:32:20 server pluto[2041]: packet from
62.122.68.153:60844: using kernel interface: netkey</tt><tt><br>
</tt></blockquote>
<br>
The only thing in this case is I have no idea who 62.122.68.153 is.
It is worrying than anyone can come knocking and crash pluto.<br>
<br>
Regards,<br>
<br>
Nick<br>
<div class="moz-cite-prefix">On 10/11/2013 21:12, Nick Howitt wrote:<br>
</div>
<blockquote cite="mid:527FF6B4.3090905@gmail.com" type="cite">
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
Paul,<br>
<br>
With my lack of understanding of gdb traces and compile flags, is
it worth giving me a code snippet to execute before the
"bad_case(maj);" line which dumps the offending information?<br>
<br>
Nick<br>
<br>
<div class="moz-cite-prefix">On 10/11/2013 14:16, Paul Wouters
wrote:<br>
</div>
<blockquote
cite="mid:alpine.LFD.2.10.1311100914280.12525@bofh.nohats.ca"
type="cite"> <br>
On Sun, 10 Nov 2013, Nick Howitt wrote: <br>
<br>
<blockquote type="cite">This is now happening on 3.6. It again
appears to be happening when the remote device changes IP
address. <br>
</blockquote>
<br>
<blockquote type="cite"> Nov 9 08:26:21 server
pluto[10996]: packet from 62.122.68.153:53489: next payload
type of ISAKMP Message has an unknown <br>
value: 133 <br>
Nov 9 08:26:21 server pluto[10996]: packet from
62.122.68.153:53489: ASSERTION FAILED at <br>
/home/build/rpmbuild/BUILD/libreswan-3.6/programs/pluto/demux.c:18
<br>
</blockquote>
<br>
Line 18 is a comment? I guess it is around line 18x which is the
<br>
bad_case() <br>
<br>
<blockquote type="cite"> The code block here is: <br>
<br>
switch (maj) { <br>
case ISAKMP_MAJOR_VERSION: <br>
process_v1_packet(mdp); <br>
break; <br>
<br>
case IKEv2_MAJOR_VERSION: <br>
process_v2_packet(mdp); <br>
break; <br>
<br>
default: <br>
bad_case(maj); <br>
} <br>
<br>
Line 196 is "bad_case(maj);" <br>
</blockquote>
<br>
It's strange. We looked at this before and it seemed that case
could <br>
actually never be reached. Could you try compiling without -O ?
Perhaps <br>
give us a full gdb strack trace? <br>
<br>
Paul <br>
</blockquote>
<br>
</blockquote>
<br>
</body>
</html>