#3050 closed defect (fixed)
encrypted newcamd-client rejected (login failure)
Reported by: | thatfellow | Owned by: | |
---|---|---|---|
Priority: | minor | Component: | Protocol - Newcamd |
Severity: | medium | Keywords: | newcamd cache-EX anonymous disconnected rejectedlogin failure |
Cc: | Sensitive: | no |
Description
Revision
8085 (This bug could be earlier than 8085,I know it was not present in 8077 or earlier)
Issue Description
I Updated 100% Working Stable Setup from 8077 to 8085 but my Newcamd connections are showing as rejected (login failure)
When the issue occurs
Within minutes of starting up & reoccurs if I remove from failban.
How the issue is reproducable
If a Remote Server has a Newcamd connection to Local Cardreader & Cacheex connection to Local cacheex client, the following occurs. As mentioned above, this never happened before updating to 8085. I can attach more detailed logs if required..
2013/01/11 08:01:21 16A7220 c client connected to 9999 port
2013/01/11 08:01:21 16A7220 c encrypted newcamd:9999-client ... granted (user1-vps, au=on (1 reader))
2013/01/11 08:01:21 16A7220 c user user1-vps authenticated successfully (OSCam)
2013/01/11 08:01:21 16A7220 c init for reader user2-cacheex not finished -> reject client
2013/01/11 08:01:21 16A7220 c encrypted newcamd-client ... rejected (login failure)
2013/01/11 08:01:21 16A7220 c anonymous disconnected from ...
Attachments (1)
Change History (14)
comment:1 by , 11 years ago
Resolution: | → invalid |
---|---|
Status: | new → closed |
comment:2 by , 11 years ago
Resolution: | invalid |
---|---|
Status: | closed → reopened |
There is still no solution this problem.. Since the original ticket, I just changed protocols to cs378x which worked perfectly fine for me. But I now want to use newcamd protocol to connect CSP but the same issue is arising...
This problem Is not config related as I have reverted back to old settings for original ticket & I have Setup this server from scratch...
2013/01/31 02:21:23 2198BB0 c client connected to [myportno] port
2013/01/31 02:21:23 2198BB0 c encrypted newcamd:[myportno]-client [CSP IP Address] granted (csp, au=off)
2013/01/31 02:21:23 2198BB0 c user csp authenticated successfully (generic)
2013/01/31 02:21:23 2198BB0 c init for reader slyuk not finished -> reject client
2013/01/31 02:21:23 2198BB0 c encrypted newcamd-client [CSP IP Address] rejected (login failure)
2013/01/31 02:21:23 2198BB0 c anonymous disconnected from [CSP IP Address]
2013/01/31 02:21:43 219C4C0 c encrypted cccam-client [cacheex IP Address] granted (local-oscam2-cacheex, au=off)
2013/01/31 02:21:43 219C4C0 c account 'local-oscam2-cacheex' has cccmaxhops = -1: user will not see any card!
2013/01/31 02:22:25 21970A0 c starting thread housekeeping lb stats
2013/01/31 02:22:25 21970A0 c housekeeping lb stats thread started
If I Stop the cacheex Reader, newcamd connects no problem
2013/01/31 02:31:53 2377C10 c client connected to [myportno] port
2013/01/31 02:31:53 2377C10 c encrypted newcamd:[myportno]-client [CSP IP Address] granted (csp, au=off)
2013/01/31 02:31:53 2377C10 c user csp authenticated successfully (generic)
2013/01/31 02:31:53 2377C10 c AU disabled for user csp
This is a very real bug that has crept into SVN, Please have a look at it in more detail, I will provide full debug logs if and when required...
comment:3 by , 11 years ago
This is the problem:
init for reader user2-cacheex not finished -> reject client
However, this should happen only if your newcamd server line is defined with the same caid as this reader AND this reader is somehow down. Normally, a cacheex reader (sounds to be so from the name) is not defined with a caid so it should not happen?
Attach your COMPLETE config (don't leave anything away except passwords/IPs/keys) as a zip file. Furthermore, check that the two revisions were compiled the same way as there were no changes between 8077 and 8085 that could cause this (the changes were done to completely different code parts like DVBApi and the single newcamd change was only an exception for a DiabloWifi).
by , 11 years ago
Attachment: | oscam debug Log.txt added |
---|
oscam debug - Line 524 is where the problem starts
comment:4 by , 11 years ago
OK m8, To reproduce this problem, I basically have to restart oscam while newcamd client & cacheex client/reader are connected simultaneously..
When oscam restarts, newcamd connection gets failbanned. After the newcamd client gets failbanned, I can remove it from failban & all works 100% again.. the problem just occurs when both try to connect at startup..
If you want I can attach configs, but as I mentioned earlier, I have used backup configs from months ago and the problem is still present.. Thanks for your time..
Also m8, I have tested with precompiled oscams & countless combinations I compiled myself with components disabled/enabled
comment:5 by , 11 years ago
Update: I cannot always just delete newcamd connection from failban & have it working 100%... Sometimes I get this!
2013/01/31 12:39:35 A89700 c data from add_job action=26 client c anonymous
2013/01/31 12:39:35 A89700 c client connected to #### port
2013/01/31 12:39:35 A89700 c nmr(): len=2, errno=0
2013/01/31 12:39:35 A89700 c nmr: autodetect: newcamd525 used
2013/01/31 12:39:35 A89700 c received 44 bytes from client
2013/01/31 12:39:35 A89700 00 00 E0 00 27 63 73 70 00 24 31 24 61 62 63 64
2013/01/31 12:39:35 A89700 65 66 67 68 24 47 2F 2F 34 6B 65 74 65 76 65 4A
2013/01/31 12:39:35 A89700 70 30 71 62 38 7A 32 44 78 47 2F 00
2013/01/31 12:39:35 A89700 c account->usr=csp
2013/01/31 12:39:35 A89700 c account->pwd=$1$abcdefgh$G4keteveJp0qb8z2DxG/
2013/01/31 12:39:35 A89700 c encrypted newcamd:####-client 192.168.###.### granted (csp, au=off)
2013/01/31 12:39:35 A89700 c user csp authenticated successfully (generic)
2013/01/31 12:39:35 A89700 c init for reader vps-oscam2-cacheex not finished -> reject client
2013/01/31 12:39:35 A89700 c send 15 bytes to client
2013/01/31 12:39:35 A89700 00 0D 00 00 00 00 00 00 00 00 00 00 E2 00 00
2013/01/31 12:39:35 A89700 c failban: ban ip 192.168.###.###:#### with timestamp 1359635975
2013/01/31 12:39:35 A89700 c encrypted newcamd-client 192.168.###.### rejected (login failure)
2013/01/31 12:39:35 A89700 c anonymous disconnected from 192.168.###.###
2013/01/31 12:39:35 A89700 c thread 7FB344BAC700 ended!
comment:6 by , 11 years ago
Sorry Admin, Read your last post wrong, Here is my complete config:
[global]
logfile = /var/oscamlog/oscam.log
clienttimeout = 1400
fallbacktimeout = 800
clientmaxidle = 0
nice = -1
serialreadertimeout = 700
maxlogsize = 99999
waitforcards = 0
preferlocalcards = 1
cacheexwaittime = 0
block_same_ip = 0
block_same_name = 0
emmlogdir = /var/oscamlog/
lb_mode = 1
lb_save = 250
lb_max_ecmcount = 350
lb_reopen_seconds = 21600
lb_retrylimit = 900
lb_reopen_mode = 1
lb_auto_betatunnel = 0
failbantime = 1440
failbancount = 50
max_cache_time = 20
max_cache_count = 20000
[csp]
port = ####
serverip = 127.0.0.1
wait_time = 250
[cs378x]
port = ####
serverip = 192.168.*.*
[newcamd]
port = ####@0963:000000
key = ########################
serverip = 192.168.*.*
keepalive = 1
[cccam]
port = ####
nodeid = ##############
version = 2.3.0
reshare = 1
updateinterval = 120
[webif]
httpport = ####
httpuser = user
httppwd = password
httptpl = /usr/local/etc/picon/
httpcss = /usr/local/etc/skins/thatfellow.css
httprefresh = 20
httpshowpicons = 1
httpallowed = 0.0.0.0-254.254.254.254
hideclient_to = 10
appendchaninfo = 1
comment:7 by , 11 years ago
Update to comment 4 above, If I disable the cacheex reader & remove newcamd form failban It connects no problem, Then I can enable the cacheex reader & all is working 100% Very strange indeed...
comment:8 by , 11 years ago
This is NOT your complete config (where are readers/users?) and NOT a zip file.
comment:9 by , 11 years ago
OK, here are the Reader/Users
##########oscam.server##########
[reader]
label = vps-oscam2-cacheex
protocol = cccam
device = my-cacheex-dns,####
user = local-oscam1-cacheex
password = password
inactivitytimeout = 30
reconnecttimeout = 2
cacheex = 3
caid = 0963
ident = 0963:000000
group = 1,10,11
lb_weight = 500
dropbadcws = 1
cccversion = 2.3.0
cccmaxhops = 0
ccckeepalive = 1
cccreconnect = 0
audisabled = 1
[reader]
label = skyuk1
protocol = pcsc
device = 0
services = !racing_uk,!premier_sports,!boxnation,!primtime_ppv,!chelsea_tv,!mutv,!setanta_ireland,!setanta_sports1,!zeetv,!viewasia,!geo,!nollywood,!ait_international,!cinemoi,!zeetvpack,!box office,!adult_entertainment,!adult_pack
caid = 0963
ecmwhitelist = 0963:16,27,2B,2E,34,36,3B,3D,3E,41,42,44,45,47,4B,4E,4F,50,51,53,54,56,57,58,59,5D,5E,5F,60,61,62,63,64,65,66,67,68,69,6A,6B,6C,6D,6E,6F,70,71,72,73,74,75,76,77,78,79,7A,7B,7C,7D,7E,7F,80,82,84,85,89,8B,8F,99,9B,9C,9F,A2,A8,AC,AD,AE,B0,B4,B7
detect = cd
ident = 0963:000000
group = 1
emmcache = 1,3,2
blockemm-unknown = 1
blockemm-g = 1
saveemm-u = 1
saveemm-s = 1
lb_weight = 500
##########oscam.user##########
[account]
user = csp
pwd = password
description = csp
caid = 0963
group = 1
cccreshare = 5
cccignorereshare = 0
[account]
user = local-oscam2-cacheex
pwd = password
group = 60
cacheex = 3
cacheex_ecm_filter = 0963
cccmaxhops = -1
follow-up: 12 comment:10 by , 11 years ago
Set waitforcards=1 and remove the caid definition from your cccam reader and it should work. Caid should be redundant with ident but probably you need neither of those two.
comment:11 by , 11 years ago
Resolution: | → fixed |
---|---|
Status: | reopened → closed |
no update for 3 months => closed...
comment:12 by , 10 years ago
Replying to Admin:
Set waitforcards=1 and remove the caid definition from your cccam reader and it should work. Caid should be redundant with ident but probably you need neither of those two.
I have tried that to, but its not working, still the problem that de newcamd users get in the failban when cacheex reader is enabled when oscam is starting up
friend u seem to have a config issue. 2 servers working fine newcamd & cccam + 1 dvbapi no issues with 8085 newcamd connections or newcamd cacheex