HowTo!!! Verify that your VPN is hooking you up correctly
HowTo!!! Verify that your VPN is hooking you up correctly
The good folks at Ubuntu have always run a geo-location server for the purposes of facilitating Ubuntu/Mint Linux installations.
HERE IS HOW we can use this to verify our VPN configurations. It uses wget to pull down a quick xml packet with all the GeoLocate info for the web-facing network connection.
It will display your lan IP, public IP, geolocation, and VPN type using yad.
Linky on ur desktop, and Robert is your mother's brother ..
HERE IS HOW we can use this to verify our VPN configurations. It uses wget to pull down a quick xml packet with all the GeoLocate info for the web-facing network connection.
It will display your lan IP, public IP, geolocation, and VPN type using yad.
Linky on ur desktop, and Robert is your mother's brother ..
- Attachments
-
- netinfo.yad.tar.gz
- (900 Bytes) Downloaded 205 times
Last edited by jafadmin on Sat 28 Dec 2019, 22:02, edited 3 times in total.
IT DEPENDS ENTIRELY ON YOUR GATEWAY SETTING!Flash wrote:Thanks, jafadmin. I have a question: is either one of the IP addresses the Netinfo shell script returns, the one that should be used to make a P2P PuppyPhone call? I have so many IP addresses to choose from that it's confusing.
More about "gateways" on VPN, some other time ...
I am no expert so please use this as a guide not as the correct answer.
1-Need to be sure you have all app needed if not install. In Puppy use PPM. In debian distros us apt.
a-This one you may have: wget bash printf grep tar
b-This ones you may not: yad zenity
2-Lets make a workspace to PLAY in your home folder or ~.
Open a terminal. In my case the prompt look like this root@live:~#. But I will not write this.
3-Copy "netinfo.yad.tar.gz" & extract the file to your new folder inside HOME ~\netinfo To extract you can do
4-Now you have a file name called ~/netinfo/netinfo.yad
5-Lets look at what it contains.
scroll back and see 1rts line it looks like #! /bin/bash. This means it is a BASH SCRIPT FILE. Lets make sure it is executable
Now you can execute it by
or just
Then you should see your VPN info if you have openvpn running. Something like this:
Edit:
Answer for "Flash" moved to Please sugest: Internet Phone SIP
I assume you are a newbie, please forgive me if you are not. So I give explicit solution.gabtech wrote:...How do I execute the script?...
1-Need to be sure you have all app needed if not install. In Puppy use PPM. In debian distros us apt.
a-This one you may have: wget bash printf grep tar
b-This ones you may not: yad zenity
2-Lets make a workspace to PLAY in your home folder or ~.
Open a terminal. In my case the prompt look like this root@live:~#. But I will not write this.
Code: Select all
cd ~
mkdir netinfo
cd netinfo
Code: Select all
tar -xf netinfo.yad.tar.gz
5-Lets look at what it contains.
Code: Select all
cat ~/netinfo/netinfo.yad
Code: Select all
chmod +x ~/netinfo/netinfo.yad
Code: Select all
~/netinfo/netinfo.yad
Code: Select all
./netinfo.yad
Edit:
Answer for "Flash" moved to Please sugest: Internet Phone SIP
Last edited by enrique on Sun 29 Dec 2019, 19:42, edited 4 times in total.
Wow, that deserves to be its own How-To. Thanks, enrique.
Rox simplifies making a script executable: right-click on the script and choose Permissions, which automatically offers to make the script executable. All you have to do is click on Yes. Then the script will run when you click on it.
If that's too much work, you can open the script in Geany (just clicking on a script will usually open it in Geany), highlight and copy the entire script, then paste it into a console.
Rox simplifies making a script executable: right-click on the script and choose Permissions, which automatically offers to make the script executable. All you have to do is click on Yes. Then the script will run when you click on it.
If that's too much work, you can open the script in Geany (just clicking on a script will usually open it in Geany), highlight and copy the entire script, then paste it into a console.
@Flash I know Rox and JVM are powerfull. That is the reason to be the standard for Puppy. In my case I come from hated Widows, so I personally prefer LXDE, pcmanfm & lxterminal. I am pretty sure ROX have a lot to offer.
I did posted explicit answers to be consider with our friend gabtech. As he was stuck in "How do I execute the script?". I hope I help him too.
I did posted explicit answers to be consider with our friend gabtech. As he was stuck in "How do I execute the script?". I hope I help him too.
All kidding aside, the "link IP" adapter is your Layer 2 connection. This is probably what you need for voice. If you use it while running VPN, you may need to add a static route.Flash wrote:Thanks, jafadmin. I have a question: is either one of the IP addresses the Netinfo shell script returns, the one that should be used to make a P2P PuppyPhone call? I have so many IP addresses to choose from that it's confusing.
The Problem: Some VPN solutions connect and leave you running with multiple "default" gateways and static routes. Use the 'route' command before and after making an OpenVPN connection, and you will see what I mean. This is what leads to "VPN leaking".
"VPN leaking" is when your VPN tunnel fails, but your tcpip traffic continues anyway over the level 2 (real) gateway, exposing your real IP address to those sites you are connected to, without your knowledge.
It is not my intention to start a controversial dialog. Just keep in mind that.jafadmin wrote:..."VPN leaking"...
This is what VPN was invented. And in fact on early days we use VPN just to connect to our Official Jobs. Accessing the WWW was absolutely impossible as computers where block from www.A virtual private network (VPN) extends a private network across a public network, and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. ...To ensure security, the private network connection is established using an encrypted layered tunneling protocol, and...
Then some realize it was versatile tool to use on Public Host Spot as connection is encrypted.
Finally Nexflix age came, Now netflix users around the world wrongly think what the purpose of VPN. They think VPN are proxy .
So yes many companies offer VPN services for the only purpose of a supposed anonymity. And yes for some time it most likely did the job. BUT People that is not the case today.An anonymous open proxy allows users to conceal the IP address of their device while browsing the Web or using other Internet services.
Today we live in the era of Cookies, HTTPS and Java Script, etc, etc etc. There are servers in the net that only purpose is to track all the places we been and go. Now ignore all but https. https ONLY defines who you are. It does not only do encryption but it signins all what leaves our PC. So no maters how hard you try to hide your unique signature will expose you. You can use tor, many other black/underground web or even VPN. As soon as you reach the web page you are looking your https will inform that page your uniqueness in the web. Listen I am not even mentioning your IPV6 unique address assigned to you.
So yes try as hard as you can if your intention is to hide. But realize that we got to a time in history that it is impossible to achieve.
Now to the important. My current PC has a wlan0 adapter. I think ( I maybe wrong) I recall in old time that Openvpn will remove wlan0 and all other adapters leaving ONLY the tab0 adapter available. Preventing any leaks. But at the moment I still see wla0 even with openvpn running. I will try to find out how to test this adapter for leaks. But I am pretty sure this comes with systemd era changes.
In my case I leave in America and I do not have to try to change my location. I use VPN for encryption over public networks/hotspot and just a little as to hide who I am.
- OscarTalks
- Posts: 2196
- Joined: Mon 06 Feb 2012, 00:58
- Location: London, England
Hello jafa,
Thanks for this. I have been testing it a bit.
Should it be
if [ -z "$UpLink" ];
in order for the No Network message to appear ( "$" is missing ) ?
The bit about | grep "state UP" -A2 finds nothing so returns no output for me here.
I can grep for something else ( eg MULTICAST ) and get eth0 or wlan0 or tun1 reported plus LAN IP
Personally I prefer CountryName over CountryCode and I increase the widths a bit accordingly.
Thanks for this. I have been testing it a bit.
Should it be
if [ -z "$UpLink" ];
in order for the No Network message to appear ( "$" is missing ) ?
The bit about | grep "state UP" -A2 finds nothing so returns no output for me here.
I can grep for something else ( eg MULTICAST ) and get eth0 or wlan0 or tun1 reported plus LAN IP
Personally I prefer CountryName over CountryCode and I increase the widths a bit accordingly.
Oscar in England
Good catch Oscar. I fixed and uploaded a new one.OscarTalks wrote:Hello jafa,
Thanks for this. I have been testing it a bit.
Should it be
if [ -z "$UpLink" ];
in order for the No Network message to appear ( "$" is missing ) ?
The bit about | grep "state UP" -A2 finds nothing so returns no output for me here.
I can grep for something else ( eg MULTICAST ) and get eth0 or wlan0 or tun1 reported plus LAN IP
Personally I prefer CountryName over CountryCode and I increase the widths a bit accordingly.
You may have a version of 'ip' that responds differently than the version I have. Try running just the "ip address show" command and posting results here so we can compare?
Mine:
Code: Select all
root# ip address show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 78:2b:cb:8c:64:2f brd ff:ff:ff:ff:ff:ff
inet 192.168.100.110/24 brd 192.168.100.255 scope global eth0
valid_lft forever preferred_lft forever
3: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN group default qlen 100
link/none
inet 10.19.11.6 peer 10.19.11.5/32 scope global tun0
valid_lft forever preferred_lft forever
root#
.
@OscarTalks nice catch. I been busy to little time to work, I should have seen it did not show "NO Network". Funny I did test yours and found it did not work for me. That is why I made some changes. And now I also realize I did not say anything. Sorry. I need to be more alert in the future.
For the record grep "state UP" -A2 does work for me.
I am using BusterDog64. Ip Vesion
With network I get
Without Network I get
So after the correction if [ -z "$UpLink" ]; All work fine with me.
Let me see if I had time today for the rotate ovpn script. See I am using you guys jafadmin & OscarTalks as an excuse to learn bash. I do write in C but bash is for the most part new to me. Do not get me wrong I can follow a program. Writing one from of my own is another story. HEHEHEHE
For the record grep "state UP" -A2 does work for me.
I am using BusterDog64. Ip Vesion
Code: Select all
root@live:~# ip -V
ip utility, iproute2-ss190107
Code: Select all
root@live:~# ip address show | grep "state UP" -A2 | grep inet | echo $?
127
Code: Select all
root@live:~# ip address show | grep "state UP" -A2 | grep inet | echo $?
0
Let me see if I had time today for the rotate ovpn script. See I am using you guys jafadmin & OscarTalks as an excuse to learn bash. I do write in C but bash is for the most part new to me. Do not get me wrong I can follow a program. Writing one from of my own is another story. HEHEHEHE
- OscarTalks
- Posts: 2196
- Joined: Mon 06 Feb 2012, 00:58
- Location: London, England
The string "state UP" is present in BionicPup32 so it works.
Unfortunately not so in Stretch and not in Wheezy either.
The executable ip is a symlink to busybox in all cases
Stretch with no VPN
Stretch with OpenVPN connected
Wheezy with no VPN
Wheezy with OpenVPN connected
Unfortunately not so in Stretch and not in Wheezy either.
The executable ip is a symlink to busybox in all cases
Stretch with no VPN
Code: Select all
# ip address show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq qlen 1000
link/ether 84:2b:2b:95:6f:95 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.14/24 brd 192.168.1.255 scope global eth0
valid_lft forever preferred_lft forever
#
Code: Select all
# ip address show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq qlen 1000
link/ether 84:2b:2b:95:6f:95 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.14/24 brd 192.168.1.255 scope global eth0
valid_lft forever preferred_lft forever
3: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 100
link/[65534]
inet 10.211.1.177 peer 10.211.1.178/32 scope global tun0
valid_lft forever preferred_lft forever
#
Code: Select all
# ip address show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq qlen 1000
link/ether 84:2b:2b:95:6f:95 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.12/24 brd 192.168.1.255 scope global eth0
#
Code: Select all
# ip address show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq qlen 1000
link/ether 84:2b:2b:95:6f:95 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.12/24 brd 192.168.1.255 scope global eth0
3: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 100
link/[65534]
inet 10.211.1.197 peer 10.211.1.198/32 scope global tun0
#
Oscar in England
... should be used to make a P2P PuppyPhone call?...
@enrique very nice instructions for puppyphone with IP!!
Any idea what this means?
I don't use VPN.
When I try this I get 2 ports, 5060 and 5061:enrique wrote:Now you need to know the Port PuppyPhone is using:Code: Select all
netstat -peanut | grep psip
Code: Select all
root# netstat -peanut | grep psip
tcp 0 0 0.0.0.0:5060 0.0.0.0:* LISTEN 0 91578 29175/./psip64
tcp 0 0 0.0.0.0:5061 0.0.0.0:* LISTEN 0 91582 29175/./psip64
udp 0 0 0.0.0.0:5060 0.0.0.0:* 0 91575 29175/./psip64
I don't use VPN.
To prevent hijack I answer you here Please sugest: Internet Phone SIP