Opened 9 years ago

Closed 9 years ago

Last modified 8 years ago

#3050 closed defect (fixed)

encrypted newcamd-client rejected (login failure)

Reported by: thatfellow Owned by:
Priority: minor Component: Protocol - Newcamd
Severity: medium Keywords: newcamd cache-EX anonymous disconnected rejectedlogin failure
Cc: Sensitive: no

Description

Revision

8085 (This bug could be earlier than 8085,I know it was not present in 8077 or earlier)

Issue Description

I Updated 100% Working Stable Setup from 8077 to 8085 but my Newcamd connections are showing as rejected (login failure)

When the issue occurs

Within minutes of starting up & reoccurs if I remove from failban.

How the issue is reproducable

If a Remote Server has a Newcamd connection to Local Cardreader & Cacheex connection to Local cacheex client, the following occurs. As mentioned above, this never happened before updating to 8085. I can attach more detailed logs if required..

2013/01/11 08:01:21 16A7220 c client connected to 9999 port
2013/01/11 08:01:21 16A7220 c encrypted newcamd:9999-client ... granted (user1-vps, au=on (1 reader))
2013/01/11 08:01:21 16A7220 c user user1-vps authenticated successfully (OSCam)
2013/01/11 08:01:21 16A7220 c init for reader user2-cacheex not finished -> reject client
2013/01/11 08:01:21 16A7220 c encrypted newcamd-client ... rejected (login failure)
2013/01/11 08:01:21 16A7220 c anonymous disconnected from ...

Attachments (1)

oscam debug Log.txt (46.1 KB ) - added by thatfellow 9 years ago.
oscam debug - Line 524 is where the problem starts

Download all attachments as: .zip

Change History (14)

comment:1 by irishmist, 9 years ago

Resolution: invalid
Status: newclosed

friend u seem to have a config issue. 2 servers working fine newcamd & cccam + 1 dvbapi no issues with 8085 newcamd connections or newcamd cacheex

comment:2 by thatfellow, 9 years ago

Resolution: invalid
Status: closedreopened

There is still no solution this problem.. Since the original ticket, I just changed protocols to cs378x which worked perfectly fine for me. But I now want to use newcamd protocol to connect CSP but the same issue is arising...

This problem Is not config related as I have reverted back to old settings for original ticket & I have Setup this server from scratch...

2013/01/31 02:21:23 2198BB0 c client connected to [myportno] port
2013/01/31 02:21:23 2198BB0 c encrypted newcamd:[myportno]-client [CSP IP Address] granted (csp, au=off)
2013/01/31 02:21:23 2198BB0 c user csp authenticated successfully (generic)
2013/01/31 02:21:23 2198BB0 c init for reader slyuk not finished -> reject client
2013/01/31 02:21:23 2198BB0 c encrypted newcamd-client [CSP IP Address] rejected (login failure)
2013/01/31 02:21:23 2198BB0 c anonymous disconnected from [CSP IP Address]
2013/01/31 02:21:43 219C4C0 c encrypted cccam-client [cacheex IP Address] granted (local-oscam2-cacheex, au=off)
2013/01/31 02:21:43 219C4C0 c account 'local-oscam2-cacheex' has cccmaxhops = -1: user will not see any card!
2013/01/31 02:22:25 21970A0 c starting thread housekeeping lb stats
2013/01/31 02:22:25 21970A0 c housekeeping lb stats thread started

If I Stop the cacheex Reader, newcamd connects no problem

2013/01/31 02:31:53 2377C10 c client connected to [myportno] port
2013/01/31 02:31:53 2377C10 c encrypted newcamd:[myportno]-client [CSP IP Address] granted (csp, au=off)
2013/01/31 02:31:53 2377C10 c user csp authenticated successfully (generic)
2013/01/31 02:31:53 2377C10 c AU disabled for user csp

This is a very real bug that has crept into SVN, Please have a look at it in more detail, I will provide full debug logs if and when required...

Last edited 9 years ago by thatfellow (previous) (diff)

comment:3 by Admin, 9 years ago

This is the problem:

init for reader user2-cacheex not finished -> reject client

However, this should happen only if your newcamd server line is defined with the same caid as this reader AND this reader is somehow down. Normally, a cacheex reader (sounds to be so from the name) is not defined with a caid so it should not happen?

Attach your COMPLETE config (don't leave anything away except passwords/IPs/keys) as a zip file. Furthermore, check that the two revisions were compiled the same way as there were no changes between 8077 and 8085 that could cause this (the changes were done to completely different code parts like DVBApi and the single newcamd change was only an exception for a DiabloWifi).

by thatfellow, 9 years ago

Attachment: oscam debug Log.txt added

oscam debug - Line 524 is where the problem starts

comment:4 by thatfellow, 9 years ago

OK m8, To reproduce this problem, I basically have to restart oscam while newcamd client & cacheex client/reader are connected simultaneously..

When oscam restarts, newcamd connection gets failbanned. After the newcamd client gets failbanned, I can remove it from failban & all works 100% again.. the problem just occurs when both try to connect at startup..
If you want I can attach configs, but as I mentioned earlier, I have used backup configs from months ago and the problem is still present.. Thanks for your time..

Also m8, I have tested with precompiled oscams & countless combinations I compiled myself with components disabled/enabled

Last edited 9 years ago by thatfellow (previous) (diff)

comment:5 by thatfellow, 9 years ago

Update: I cannot always just delete newcamd connection from failban & have it working 100%... Sometimes I get this!

2013/01/31 12:39:35 A89700 c data from add_job action=26 client c anonymous
2013/01/31 12:39:35 A89700 c client connected to #### port
2013/01/31 12:39:35 A89700 c nmr(): len=2, errno=0
2013/01/31 12:39:35 A89700 c nmr: autodetect: newcamd525 used
2013/01/31 12:39:35 A89700 c received 44 bytes from client
2013/01/31 12:39:35 A89700 00 00 E0 00 27 63 73 70 00 24 31 24 61 62 63 64
2013/01/31 12:39:35 A89700 65 66 67 68 24 47 2F 2F 34 6B 65 74 65 76 65 4A
2013/01/31 12:39:35 A89700 70 30 71 62 38 7A 32 44 78 47 2F 00
2013/01/31 12:39:35 A89700 c account->usr=csp
2013/01/31 12:39:35 A89700 c account->pwd=#####
2013/01/31 12:39:35 A89700 c encrypted newcamd:####-client 192.168.###.### granted (csp, au=off)
2013/01/31 12:39:35 A89700 c user csp authenticated successfully (generic)
2013/01/31 12:39:35 A89700 c init for reader vps-oscam2-cacheex not finished -> reject client
2013/01/31 12:39:35 A89700 c send 15 bytes to client
2013/01/31 12:39:35 A89700 00 0D 00 00 00 00 00 00 00 00 00 00 E2 00 00
2013/01/31 12:39:35 A89700 c failban: ban ip 192.168.###.###:#### with timestamp 1359635975
2013/01/31 12:39:35 A89700 c encrypted newcamd-client 192.168.###.### rejected (login failure)
2013/01/31 12:39:35 A89700 c anonymous disconnected from 192.168.###.###
2013/01/31 12:39:35 A89700 c thread 7FB344BAC700 ended!

Last edited 8 years ago by thatfellow (previous) (diff)

comment:6 by thatfellow, 9 years ago

Sorry Admin, Read your last post wrong, Here is my complete config:

[global]
logfile = /var/oscamlog/oscam.log
clienttimeout = 1400
fallbacktimeout = 800
clientmaxidle = 0
nice = -1
serialreadertimeout = 700
maxlogsize = 99999
waitforcards = 0
preferlocalcards = 1
cacheexwaittime = 0
block_same_ip = 0
block_same_name = 0
emmlogdir = /var/oscamlog/
lb_mode = 1
lb_save = 250
lb_max_ecmcount = 350
lb_reopen_seconds = 21600
lb_retrylimit = 900
lb_reopen_mode = 1
lb_auto_betatunnel = 0
failbantime = 1440
failbancount = 50
max_cache_time = 20
max_cache_count = 20000

[csp]
port = ####
serverip = 127.0.0.1
wait_time = 250

[cs378x]
port = ####
serverip = 192.168.*.*

[newcamd]
port = ####@0963:000000
key = ########################
serverip = 192.168.*.*
keepalive = 1

[cccam]
port = ####
nodeid = ##############
version = 2.3.0
reshare = 1
updateinterval = 120

[webif]
httpport = ####
httpuser = user
httppwd = password
httptpl = /usr/local/etc/picon/
httpcss = /usr/local/etc/skins/thatfellow.css
httprefresh = 20
httpshowpicons = 1
httpallowed = 0.0.0.0-254.254.254.254
hideclient_to = 10
appendchaninfo = 1

comment:7 by thatfellow, 9 years ago

Update to comment 4 above, If I disable the cacheex reader & remove newcamd form failban It connects no problem, Then I can enable the cacheex reader & all is working 100% Very strange indeed...

comment:8 by Admin, 9 years ago

This is NOT your complete config (where are readers/users?) and NOT a zip file.

comment:9 by thatfellow, 9 years ago

OK, here are the Reader/Users

##########oscam.server##########

[reader]
label = vps-oscam2-cacheex
protocol = cccam
device = my-cacheex-dns,####
user = local-oscam1-cacheex
password = password
inactivitytimeout = 30
reconnecttimeout = 2
cacheex = 3
caid = 0963
ident = 0963:000000
group = 1,10,11
lb_weight = 500
dropbadcws = 1
cccversion = 2.3.0
cccmaxhops = 0
ccckeepalive = 1
cccreconnect = 0
audisabled = 1

[reader]
label = skyuk1
protocol = pcsc
device = 0
services = !racing_uk,!premier_sports,!boxnation,!primtime_ppv,!chelsea_tv,!mutv,!setanta_ireland,!setanta_sports1,!zeetv,!viewasia,!geo,!nollywood,!ait_international,!cinemoi,!zeetvpack,!box office,!adult_entertainment,!adult_pack
caid = 0963
ecmwhitelist = 0963:16,27,2B,2E,34,36,3B,3D,3E,41,42,44,45,47,4B,4E,4F,50,51,53,54,56,57,58,59,5D,5E,5F,60,61,62,63,64,65,66,67,68,69,6A,6B,6C,6D,6E,6F,70,71,72,73,74,75,76,77,78,79,7A,7B,7C,7D,7E,7F,80,82,84,85,89,8B,8F,99,9B,9C,9F,A2,A8,AC,AD,AE,B0,B4,B7
detect = cd
ident = 0963:000000
group = 1
emmcache = 1,3,2
blockemm-unknown = 1
blockemm-g = 1
saveemm-u = 1
saveemm-s = 1
lb_weight = 500

##########oscam.user##########

[account]
user = csp
pwd = password
description = csp
caid = 0963
group = 1
cccreshare = 5
cccignorereshare = 0

[account]
user = local-oscam2-cacheex
pwd = password
group = 60
cacheex = 3
cacheex_ecm_filter = 0963
cccmaxhops = -1

comment:10 by Admin, 9 years ago

Set waitforcards=1 and remove the caid definition from your cccam reader and it should work. Caid should be redundant with ident but probably you need neither of those two.

comment:11 by Deas, 9 years ago

Resolution: fixed
Status: reopenedclosed

no update for 3 months => closed...

in reply to:  10 comment:12 by davequattro, 8 years ago

Replying to Admin:

Set waitforcards=1 and remove the caid definition from your cccam reader and it should work. Caid should be redundant with ident but probably you need neither of those two.

I have tried that to, but its not working, still the problem that de newcamd users get in the failban when cacheex reader is enabled when oscam is starting up

comment:13 by davequattro, 8 years ago

Yesss, it works now.

I didn't read well...

Note: See TracTickets for help on using tickets.