What's new

Fatal error RT AC86U

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Zardoc

New Around Here
Hi,

I got an error on my router.

Not to good with that. Please can you help?

an 23 18:14:00 ovpn-server1[9651]: /bin/sh /jffs/etc/profile tun21 1500 1621 10.8.0.1 255.255.255.0 init
Jan 23 18:14:00 ovpn-server1[9651]: WARNING: Failed running command (--up/--down): external program exited with error status: 2
Jan 23 18:14:00 ovpn-server1[9651]: Exiting due to fatal error


Thanks
 
386.4?

Normally when the OpenVPN server is started, it runs a route-up script. If that route-up script returns a non-zero return code, OpenVPN reports the error and exits. But the route-up script is known and well-defined. It normally appears as follows in the syslog.

Code:
Jan 23 15:42:58 ovpn-server1[10493]: ovpn-up 1 server tun21 1500 1621 10.8.0.1 255.255.255.0 init

Notice the script is called 'ovpn-up' and takes two arguments, '1' and 'server'. Yours is different. It's calling a bash script called /jffs/etc/profile. I have no clue what that is or where it came from. Did you perhaps override the custom config field on the OpenVPN server w/ your own route-up directive and script? Or perhaps using a third-party script that may have done so?
 
Last edited:
We've seen this before. It's believed to come from a malware infection.

 
Most common reason is if you open your web interface to the Internet.
 
The GUI is certainly a common vector. It's probably the worst thing you could do when it comes to the router. But other vectors exist as well that users don't even consider, such as AiCloud. There's NO WAY anyone could get me to enable those services on the WAN. AFAIC, *everything* remotely accessible should be done over a VPN, period.

But these days, it could be almost anything, including a browser that visits a website targeting your internal network (in that regard, I've noticed that ASUS does NOT enable DNS rebind protection by default, something you might want to consider doing).

The OpenVPN clients can be a vector too if you don't set the Inbound Firewall to Block (the default). That was added some time ago to prevent unsolicited inbound traffic over the OpenVPN clients, esp. important if the provider doesn't offer a firewall (or does but it fails). Even if they do, you still risk rogue elements *inside* the VPN provider's network (malware, disgruntled employees, etc.) from gaining access to your router if you don't keep this feature enabled.
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top