Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Thu 16 Aug 2018, 03:05
All times are UTC - 4
 Forum index » House Training » HOWTO ( Solutions )
A Simple VPN Implementation
Moderators: Flash, Ian, JohnMurga
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 2 [22 Posts]   Goto page: 1, 2 Next
Author Message
OscarTalks


Joined: 05 Feb 2012
Posts: 1792
Location: London, England

PostPosted: Fri 23 Mar 2018, 14:20    Post subject:  A Simple VPN Implementation  

This method uses openvpn and the free service provided by VPNbook.

1) Install openvpn.
Best to compile from source. There are some I compiled here if you prefer:-
http://smokey01.com/OscarTalks
Use the command which openvpn and/or openvpn --version to verify that it is installed.
Installing via PPM may or may not work and often offers older versions.

2) Install the vpn-activator .pet package. This contains the config files for vpnbook (in /etc), scripts to start and stop VPN (in /usr/bin), the 2 .desktop files and the icon. This gives 2 menu entries "VPN-Start" and "VPN-Stop" in the Network section.

3) If /dev/net/tun does not exist in your system, use boot manager to add the kernel module named tun and reboot (or enter "modprobe tun" in terminal if running without save). LATER:- I have added code for this to the VPN-Start script so there is more chance of it working without the need for this step now.

4) Go to http://vpnbook.com and grab the Open VPN password. Paste this into the second line of /etc/vpnpass (replace the word "password"). Save and close.

5) Click the VPN-Start menu entry and wait for around 20 seconds
Your default browser should open and connect to http://my-ip-address.co in order to show that you are connected via the VPNbook server.

5) To deactivate the VPN, click the VPN-Stop menu entry and wait a few seconds.
Your default browser should open and show your normal IP address.

NOTES

1) If you try to start it when it is already running, or stop it when it is not running, you should just get a simple notification telling you.

2) The VPNbook password changes a couple of times a month. When this happens you will need to grab the new one and paste it in (which is a simple step). If your browser opens showing that the VPN has not activated this is usually the cause.

3) The available VPNbook servers are Canada, Germany, Europe1, Europe2, France, USA1 and USA2. The package is configured for Europe1 which allows p2p as well as surfing. To switch to a different server, delete the symlink /etc/vpnconfig, right-click the desired vpnbook* config file in /etc and create a new symlink with the name vpnconfig (to replace the one you deleted) and then restart openvpn.

4) This method can easily be adapted for other VPN providers.

5) Obviously this is just a simple yet effective system that works for me. There is scope for further development such as a tray notification (EDIT:- See a few posts down) and a gtkdialog GUI. Ideas are welcome. Other VPN systems are available.
vpn-menu-entries.jpg
 Description   Menu entry "buttons" to activate and deactivate the VPN once the password has been set. Just click and wait. Starting can take 20 to 30 seconds.
 Filesize   96.5 KB
 Viewed   1152 Time(s)

vpn-menu-entries.jpg

vpn-already-running.jpg
 Description   Clicking VPN-Start when it is already running should give you this notification
 Filesize   16.59 KB
 Viewed   1162 Time(s)

vpn-already-running.jpg

vpn-not-running.jpg
 Description   Clicking VPN-Stop if it is not running should give you this
 Filesize   15.28 KB
 Viewed   1159 Time(s)

vpn-not-running.jpg

vpn-activator-0.1.pet
Description  Ideas and suggestions welcome.
pet

 Download 
Filename  vpn-activator-0.1.pet 
Filesize  8.51 KB 
Downloaded  208 Time(s) 

_________________
Oscar in England


Last edited by OscarTalks on Sat 31 Mar 2018, 11:35; edited 3 times in total
Back to top
View user's profile Send private message 
trapster


Joined: 28 Nov 2005
Posts: 2111
Location: Maine, USA

PostPosted: Sat 24 Mar 2018, 08:27    Post subject:  

Any chance you have OpenVPN for puppy 410 ?
It's been my media server ever since it came out. Too many customizations to upgrade.

_________________
trapster
Maine, USA

Asus eeepc 1005HA PU1X-BK
Frugal install: Slacko
Currently using full install: DebianDog
Back to top
View user's profile Send private message Visit poster's website 
OscarTalks


Joined: 05 Feb 2012
Posts: 1792
Location: London, England

PostPosted: Sat 24 Mar 2018, 09:49    Post subject:  

Hello trapster,

Sorry, but I'm afraid I don't have anything that old. I usually only tinker with Wary5 or later.

_________________
Oscar in England

Back to top
View user's profile Send private message 
OscarTalks


Joined: 05 Feb 2012
Posts: 1792
Location: London, England

PostPosted: Tue 27 Mar 2018, 10:27    Post subject:  

As an alternative to VPNbook, folks may wish to take a look at another free VPN provider.
I have been conducting a few tests with it and it seems to be working well.
They claim "no logging", torrents are allowed and the speed seems satisfactory.

There are 6 domains:-
https://freevpn.me
https://freevpn.se
https://freevpn.im
https://freevpn.it
https://freevpn.be
https://freevpn.co.uk

They have 6 servers to choose from. These show as being located in France, UK, Russia and Ukraine.
The config file bundle gives a choice of 2 TCP ports and 2 UDP ports for each server.
I have used TCP port 80 in all my tests so far.
I made a few changes to each of the config files:-
auth-user-pass /etc/vpnpass (I added the path to my passfile)
auth-nocache (added to stop any cache of passwords)
comp-lzo no (add this if it is missing)
ns-cert-type server (delete this line - deprecated)

Using my simple VPN implementation I put the 6 config files (one for each of the 6 servers) in /etc
To select the server I delete the symlink /etc/vpnconfig and create a new symlink with that same name (linking to the desired config file).

Then I grab the corresponding username and password for the selected server from the website and paste those into the first and second lines of /etc/vpnpass
The password seems to be changed once or twice per month.

The system then should activate and deactivate from the Menu "Buttons".

If ever you want to run a bit of a diagnostic, once all files are in place, open a terminal and enter:-
openvpn --config /etc/vpnconfig
Study the output.
Hopefully you will get to the line "Initialization Sequence Completed".
Any errors should point you towards the problem.
Any warnings may assist in further editing of the config file but this is probably optional.

_________________
Oscar in England


Last edited by OscarTalks on Fri 18 May 2018, 11:03; edited 1 time in total
Back to top
View user's profile Send private message 
OscarTalks


Joined: 05 Feb 2012
Posts: 1792
Location: London, England

PostPosted: Sat 31 Mar 2018, 11:13    Post subject:  

Using a few steps I have added a tray notification icon plus a splash message on start-up.

1) The start-up process does take 20 to 30 seconds so I added a "Please Wait" message using gtkdialog-splash which times out after 15 seconds. I put this in the VPN-Start script before the step which starts openvpn:-
Code:
gtkdialog-splash -timeout "15" -text "Please Wait up to 30 Seconds" -icon "/usr/share/pixmaps/network-vpn.png" &

2) I made a version of the icon scaled down to 16 x 16 and named network-vpn16.png in /usr/share/pixmaps. This is used to keep the tray icon right-click pop-up from being too big. If you prefer a bigger one you can use the 48 x 48 icon.

3) Use yad --notification to create the tray icon.
Many Puppies have a rather old version of yad (0.12.x). Some Puppies don't have it at all. I used version 0.40.0 compiled from source with ./configure --prefix=/usr make make install.
Then I renamed the executable to yad-vpn
This allows me to start and kill this yad independently of any other instance of yad that may be running. (The newly created yad-vpn executable is in /usr/bin alongside the standard yad executable which may be the old version or a copy of the new version with the name unchanged).

4) Then I added a launch of yad-vpn as a tray applet to the VPN-Start script (after the step which launches the browser).
The initial browser launch is effectively a notification and it can be closed once you have observed it. I prefer to use NetSurf or Dillo for this rather than a big browser actually. The tray icon is in fact an indication that the VPN-Start script has been run. It does not guarantee that the VPN has been activated.
Mouse-over and the tooltip says "VPN Active?".
Left-click opens the browser again to check IP address and server location.
Right-click offers a pop-up button for VPN-Stop (alternative to using the Menu Entry Button).
Code:
yad-vpn --notification --no-middle --image="/usr/share/pixmaps/network-vpn.png" --icon-size="48" --text="VPN Active?" --command="defaultbrowser http://my-ip-address.co" --menu="VPN-Stop!vpn-stop!/usr/share/pixmaps/network-vpn16.png" &

5) The step killall yad-vpn is added to the VPN-Stop script after the step to killall openvpn. This removes the tray notification but avoids killing any other yad.

Maybe not the most sophisticated solution, but for someone who just likes to click in and out of VPN from time to time it is nice to have the notification icon there as a reminder with a bit of basic functionality too.
vpn-start-splash.jpg
 Description   Splash message to "Please Wait" while VPN tries to start.
 Filesize   14.39 KB
 Viewed   1070 Time(s)

vpn-start-splash.jpg

vpn-tray-tooltip.jpg
 Description   Mouse-over tooltip says "VPN Active?" (question mark). Left click opens browser to check IP address and server location
 Filesize   13.92 KB
 Viewed   1072 Time(s)

vpn-tray-tooltip.jpg

vpn-tray-rightclick.jpg
 Description   Right-click pop-up offers VPN-Stop
 Filesize   19.73 KB
 Viewed   1076 Time(s)

vpn-tray-rightclick.jpg


_________________
Oscar in England

Back to top
View user's profile Send private message 
Devonian

Joined: 30 Mar 2017
Posts: 11
Location: U.K.

PostPosted: Wed 16 May 2018, 06:18    Post subject: using ipvanish  

Can anyone please explain how to use ipvanish with this program, I am not sure where to edit in the user and password and how to access the opvn and profile files which I have placed in etc.
Thanks.
Back to top
View user's profile Send private message 
OscarTalks


Joined: 05 Feb 2012
Posts: 1792
Location: London, England

PostPosted: Wed 16 May 2018, 10:42    Post subject:  

Hello Devonian,

I have never tested ipvanish specifically.

As a general rule the username and password go in the first and second lines (respectively) of /etc/vpnpass

Your .ovpn file is your config file.
To use it, delete the existing symlink /etc/vpnconfig
Right-click your .ovpn file in /etc and create a new symlink to it, but give the new symlink the name vpnconfig (in /etc replacing the one just deleted).

Those should be the two fairly simple steps.
Not really sure what you mean by profile files. Is this a bundle of .ovpn files?
The provider may be giving you stuff which is surplus to requirements.

_________________
Oscar in England

Back to top
View user's profile Send private message 
Devonian

Joined: 30 Mar 2017
Posts: 11
Location: U.K.

PostPosted: Wed 16 May 2018, 14:12    Post subject:  

Thanks Oscar.
I have re-loaded the program and downloaded fresh ovpn files from ipvanish but when I run the START the computer freezes apart from the cursor movement and I have to force a stop by holding the cpu off buton.
The ipvanish opvn format is very different to the vpnbook one. Instead of two 20 line data blocks which I assume is the encoding parameter, there is a single line of data. I wonder if the program is not compatible with this.
You are correct in guessing that the configuration file contains all the opvn files compressed.
Back to top
View user's profile Send private message 
Devonian

Joined: 30 Mar 2017
Posts: 11
Location: U.K.

PostPosted: Wed 16 May 2018, 16:10    Post subject:  

For the present I will go back to using ipvanish in the Windows environment. This does have a very useful additional feature in that there is a graphical presentation of the download speed so that you can abort if the server speed is unacceptably low.

Thanks again for your help,
Back to top
View user's profile Send private message 
OscarTalks


Joined: 05 Feb 2012
Posts: 1792
Location: London, England

PostPosted: Fri 18 May 2018, 10:48    Post subject:  

If ever you decide you want to look at it again I am willing to try to help, but of course it can be rather difficult without seeing exactly what you have in front of you and what steps you are taking. The VPN provider may be expecting you to use some sort of GUI to connect and switch between their servers. If so, you would need to ignore all that and probably lots of other stuff besides.

With the bundle of .ovpn files, I would expect that each one will relate to a specific combination of server IP, protocol (tcp or udp), and port number. With my simple system it is a case of choosing the one you want to use, plucking it out and using it to configure your openvpn. To change any (or all) of those 3 parameters you would switch the symlink to a different .ovpn file and restart. Not sure if the thing you were trying to START was the script or something else.
This thread was really a bit of "thinking out loud" but my system is working well for me so I thought others might find it helpful.

_________________
Oscar in England

Back to top
View user's profile Send private message 
OscarTalks


Joined: 05 Feb 2012
Posts: 1792
Location: London, England

PostPosted: Fri 18 May 2018, 11:14    Post subject:  

The Free VPN dot me people have added 2 more servers
https://freevpn.be
https://freevpn.co.uk

For me, these work equally as well as vpnbook if not better.
Use at your own risk though.
I have edited my earlier post which talks a little more about these services.
http://murga-linux.com/puppy/viewtopic.php?t=113004&start=3

_________________
Oscar in England

Back to top
View user's profile Send private message 
paulh177


Joined: 22 Aug 2006
Posts: 915
Location: ST862228

PostPosted: Sun 20 May 2018, 06:55    Post subject:  

I note that freevpn.co.uk has implemented privacy over its whois entry, but their latest IP address for a vpn endpoint is given as 77.73.68.13.

A whois on this gives a registrant of Fishnet Communications in Leningrad/St.Petersburg, just round the corner from the notorious "Internet Research Agency trollfarm.

I'm not going to get all tinfoil-hat on your ass, but I think it's prudent to be careful when signing up to free services with no real public face.

It might all too easily turn out that "no logging" and "private browsing" means no such thing.
Back to top
View user's profile Send private message 
ortloffa

Joined: 18 Aug 2006
Posts: 33
Location: Metairie, Louisiana, USA

PostPosted: Sun 10 Jun 2018, 15:34    Post subject: vpn-activator.pet
Subject description: where do I find vpn-activator pet?
 

I dont see it in http://smokey01.com/OscarTalks or in Puppy Package Manager....
Back to top
View user's profile Send private message 
OscarTalks


Joined: 05 Feb 2012
Posts: 1792
Location: London, England

PostPosted: Sun 10 Jun 2018, 16:38    Post subject:  

Hello ortloffa,
There are some early scripts and files available for download in the first post, but really this thread is more of a case of "thinking out loud" and I would suggest readers work through it and put together a package of their own for their own Puppy version. Packages really need to be compiled for the specific version so I would have to assemble and upload lots of different ones. I might try to produce a couple, maybe for Xenial since it is the most recent official Puppy. I am using this regularly in Stretch and Wheezy and it works very well for me.

Hello paulh177
You are wise to advise folks to be careful. Thanks for emphasising that. Maybe I should not have even mentioned the freevpn.me provider, but it has been apparently OK here so far. Perhaps anything sinister would be deliberately hidden from the user and therefore difficult to spot, but all I can say is that if anyone does report any confirmed issues I will edit my earlier posts. I have not come across any negative reports about vpnbook so users may want to stick with using that.

One thing I will mention is that I found and fixed an issue.
If the openvpn daemon failed to start or stopped at any time (maybe because of a password problem for example), running VPN-Stop would not remove the tray icon.
I just added a couple of lines of code
Now when I click the "OK" button in the gxmessage window
If yad-vpn (the tray icon) is running
Then killall yad-vpn
Now everything is working as it should in all scenarios.

I am also thinking that it might be good to have the configuration files in a sub-directory in /etc just to keep things more tidy.

_________________
Oscar in England

Back to top
View user's profile Send private message 
ortloffa

Joined: 18 Aug 2006
Posts: 33
Location: Metairie, Louisiana, USA

PostPosted: Sun 10 Jun 2018, 20:28    Post subject: Sorry right in front of me.
Subject description: oops
 

I am using Zenial and it works. thanks. Dont know how I missed the link.

thanks!
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 1 of 2 [22 Posts]   Goto page: 1, 2 Next
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » House Training » HOWTO ( Solutions )
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0607s ][ Queries: 13 (0.0037s) ][ GZIP on ]