On Sun, Jun 8, 2014 at 11:46 AM, Rabin Yasharzadehe <[email protected]>
wrote:
> On Sun, Jun 8, 2014 at 6:22 PM, Michael Rash <[email protected]>
> wrote:
>
>> now when i run the knock from the Android app i can unlock the port,
>> but i see this error message in the log file,
>>
>> (stanza #1) Error creating fko context: Args contain invalid data:
>>> FKO_ERROR_INVALID_DATA_HMAC_COMPAREFAIL
>>>
>>
>>
>>
>>
>> Do you now have two stanzas in access.conf? I.e. one with base64 keys
>> and the other without?
>>
>
> yes, as you recommended (&
> http://www.cipherdyne.org/fwknop/docs/fwknop-tutorial.html#multiple-users
> ).
>
>
>
>> That HMAC error would mean that the port should not be opened unless you
>> are gaining access via a second stanza
>>
>
> yes i see now, i created more rules/keys and test it again, fwknop will
> log each stanza check until it find a match,
> so if i have 20 users, i can have up to 19 error messages like the above.
>
> Maybe you should consider to write these messages at a lower error level
> (like debug maybe?)
>
>
Sure, good point, and easily done.
Thanks,
--Mike
>
>
> Thank you again for your help,
>
> --
> Rabin
>
--
Michael Rash | Founder
http://www.cipherdyne.org/
Key fingerprint = 53EA 13EA 472E 3771 894F AC69 95D8 5D6B A742 839F
------------------------------------------------------------------------------
Learn Graph Databases - Download FREE O'Reilly Book
"Graph Databases" is the definitive new guide to graph databases and their
applications. Written by three acclaimed leaders in the field,
this first edition is now available. Download your free book today!
http://p.sf.net/sfu/NeoTech
_______________________________________________
Fwknop-discuss mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fwknop-discuss
