Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Sun 18 Aug 2019, 05:42
All times are UTC - 4
 Forum index » House Training » HOWTO ( Solutions )
A Simple VPN Implementation
Moderators: Flash, Ian, JohnMurga
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 5 [65 Posts]   Goto page: 1, 2, 3, 4, 5 Next
Author Message
OscarTalks


Joined: 05 Feb 2012
Posts: 1986
Location: London, England

PostPosted: Tue 27 Mar 2018, 10:27    Post subject:  

As an alternative to VPNbook, folks may wish to take a look at another free VPN provider.
I have been conducting a few tests with it and it seems to be working well.
They claim "no logging", torrents are allowed and the speed seems satisfactory.

There are 6 domains:-
https://freevpn.me
https://freevpn.se
https://freevpn.im
https://freevpn.it
https://freevpn.be
https://freevpn.co.uk

They have 6 servers to choose from. These show as being located in France, UK, Russia and Ukraine.
The config file bundle gives a choice of 2 TCP ports and 2 UDP ports for each server.
I have used TCP port 80 in all my tests so far.
I made a few changes to each of the config files:-
auth-user-pass /etc/vpnpass (I added the path to my passfile)
auth-nocache (added to stop any cache of passwords)
comp-lzo no (add this if it is missing)
ns-cert-type server (delete this line - deprecated)

Using my simple VPN implementation I put the 6 config files (one for each of the 6 servers) in /etc
To select the server I delete the symlink /etc/vpnconfig and create a new symlink with that same name (linking to the desired config file).

Then I grab the corresponding username and password for the selected server from the website and paste those into the first and second lines of /etc/vpnpass
The password seems to be changed once or twice per month.

The system then should activate and deactivate from the Menu "Buttons".

If ever you want to run a bit of a diagnostic, once all files are in place, open a terminal and enter:-
openvpn --config /etc/vpnconfig
Study the output.
Hopefully you will get to the line "Initialization Sequence Completed".
Any errors should point you towards the problem.
Any warnings may assist in further editing of the config file but this is probably optional.

_________________
Oscar in England


Last edited by OscarTalks on Fri 18 May 2018, 11:03; edited 1 time in total
Back to top
View user's profile Send private message 
OscarTalks


Joined: 05 Feb 2012
Posts: 1986
Location: London, England

PostPosted: Sat 31 Mar 2018, 11:13    Post subject:  

Using a few steps I have added a tray notification icon plus a splash message on start-up.

1) The start-up process does take 20 to 30 seconds so I added a "Please Wait" message using gtkdialog-splash which times out after 15 seconds. I put this in the VPN-Start script before the step which starts openvpn:-
Code:
gtkdialog-splash -timeout "15" -text "Please Wait up to 30 Seconds" -icon "/usr/share/pixmaps/network-vpn.png" &

2) I made a version of the icon scaled down to 16 x 16 and named network-vpn16.png in /usr/share/pixmaps. This is used to keep the tray icon right-click pop-up from being too big. If you prefer a bigger one you can use the 48 x 48 icon.

3) Use yad --notification to create the tray icon.
Many Puppies have a rather old version of yad (0.12.x). Some Puppies don't have it at all. I used version 0.40.0 compiled from source with ./configure --prefix=/usr make make install.
Then I renamed the executable to yad-vpn
This allows me to start and kill this yad independently of any other instance of yad that may be running. (The newly created yad-vpn executable is in /usr/bin alongside the standard yad executable which may be the old version or a copy of the new version with the name unchanged).

4) Then I added a launch of yad-vpn as a tray applet to the VPN-Start script (after the step which launches the browser).
The initial browser launch is effectively a notification and it can be closed once you have observed it. I prefer to use NetSurf or Dillo for this rather than a big browser actually. The tray icon is in fact an indication that the VPN-Start script has been run. It does not guarantee that the VPN has been activated.
Mouse-over and the tooltip says "VPN Active?".
Left-click opens the browser again to check IP address and server location.
Right-click offers a pop-up button for VPN-Stop (alternative to using the Menu Entry Button).
Code:
yad-vpn --notification --no-middle --image="/usr/share/pixmaps/network-vpn.png" --icon-size="48" --text="VPN Active?" --command="defaultbrowser http://my-ip-address.co" --menu="VPN-Stop!vpn-stop!/usr/share/pixmaps/network-vpn16.png" &

5) The step killall yad-vpn is added to the VPN-Stop script after the step to killall openvpn. This removes the tray notification but avoids killing any other yad.

Maybe not the most sophisticated solution, but for someone who just likes to click in and out of VPN from time to time it is nice to have the notification icon there as a reminder with a bit of basic functionality too.
vpn-start-splash.jpg
 Description   Splash message to "Please Wait" while VPN tries to start.
 Filesize   14.39 KB
 Viewed   3392 Time(s)

vpn-start-splash.jpg

vpn-tray-tooltip.jpg
 Description   Mouse-over tooltip says "VPN Active?" (question mark). Left click opens browser to check IP address and server location
 Filesize   13.92 KB
 Viewed   3392 Time(s)

vpn-tray-tooltip.jpg

vpn-tray-rightclick.jpg
 Description   Right-click pop-up offers VPN-Stop
 Filesize   19.73 KB
 Viewed   3360 Time(s)

vpn-tray-rightclick.jpg


_________________
Oscar in England

Back to top
View user's profile Send private message 
Devonian

Joined: 30 Mar 2017
Posts: 11
Location: U.K.

PostPosted: Wed 16 May 2018, 06:18    Post subject: using ipvanish  

Can anyone please explain how to use ipvanish with this program, I am not sure where to edit in the user and password and how to access the opvn and profile files which I have placed in etc.
Thanks.
Back to top
View user's profile Send private message 
OscarTalks


Joined: 05 Feb 2012
Posts: 1986
Location: London, England

PostPosted: Wed 16 May 2018, 10:42    Post subject:  

Hello Devonian,

I have never tested ipvanish specifically.

As a general rule the username and password go in the first and second lines (respectively) of /etc/vpnpass

Your .ovpn file is your config file.
To use it, delete the existing symlink /etc/vpnconfig
Right-click your .ovpn file in /etc and create a new symlink to it, but give the new symlink the name vpnconfig (in /etc replacing the one just deleted).

Those should be the two fairly simple steps.
Not really sure what you mean by profile files. Is this a bundle of .ovpn files?
The provider may be giving you stuff which is surplus to requirements.

_________________
Oscar in England

Back to top
View user's profile Send private message 
Devonian

Joined: 30 Mar 2017
Posts: 11
Location: U.K.

PostPosted: Wed 16 May 2018, 14:12    Post subject:  

Thanks Oscar.
I have re-loaded the program and downloaded fresh ovpn files from ipvanish but when I run the START the computer freezes apart from the cursor movement and I have to force a stop by holding the cpu off buton.
The ipvanish opvn format is very different to the vpnbook one. Instead of two 20 line data blocks which I assume is the encoding parameter, there is a single line of data. I wonder if the program is not compatible with this.
You are correct in guessing that the configuration file contains all the opvn files compressed.
Back to top
View user's profile Send private message 
Devonian

Joined: 30 Mar 2017
Posts: 11
Location: U.K.

PostPosted: Wed 16 May 2018, 16:10    Post subject:  

For the present I will go back to using ipvanish in the Windows environment. This does have a very useful additional feature in that there is a graphical presentation of the download speed so that you can abort if the server speed is unacceptably low.

Thanks again for your help,
Back to top
View user's profile Send private message 
OscarTalks


Joined: 05 Feb 2012
Posts: 1986
Location: London, England

PostPosted: Fri 18 May 2018, 10:48    Post subject:  

If ever you decide you want to look at it again I am willing to try to help, but of course it can be rather difficult without seeing exactly what you have in front of you and what steps you are taking. The VPN provider may be expecting you to use some sort of GUI to connect and switch between their servers. If so, you would need to ignore all that and probably lots of other stuff besides.

With the bundle of .ovpn files, I would expect that each one will relate to a specific combination of server IP, protocol (tcp or udp), and port number. With my simple system it is a case of choosing the one you want to use, plucking it out and using it to configure your openvpn. To change any (or all) of those 3 parameters you would switch the symlink to a different .ovpn file and restart. Not sure if the thing you were trying to START was the script or something else.
This thread was really a bit of "thinking out loud" but my system is working well for me so I thought others might find it helpful.

_________________
Oscar in England

Back to top
View user's profile Send private message 
OscarTalks


Joined: 05 Feb 2012
Posts: 1986
Location: London, England

PostPosted: Fri 18 May 2018, 11:14    Post subject:  

The Free VPN dot me people have added 2 more servers
https://freevpn.be
https://freevpn.co.uk

For me, these work equally as well as vpnbook if not better.
Use at your own risk though.
I have edited my earlier post which talks a little more about these services.
http://murga-linux.com/puppy/viewtopic.php?t=113004&start=3

_________________
Oscar in England

Back to top
View user's profile Send private message 
paulh177


Joined: 22 Aug 2006
Posts: 935
Location: ST862228

PostPosted: Sun 20 May 2018, 06:55    Post subject:  

I note that freevpn.co.uk has implemented privacy over its whois entry, but their latest IP address for a vpn endpoint is given as 77.73.68.13.

A whois on this gives a registrant of Fishnet Communications in Leningrad/St.Petersburg, just round the corner from the notorious "Internet Research Agency trollfarm.

I'm not going to get all tinfoil-hat on your ass, but I think it's prudent to be careful when signing up to free services with no real public face.

It might all too easily turn out that "no logging" and "private browsing" means no such thing.
Back to top
View user's profile Send private message 
ortloffa

Joined: 18 Aug 2006
Posts: 33
Location: Metairie, Louisiana, USA

PostPosted: Sun 10 Jun 2018, 15:34    Post subject: vpn-activator.pet
Subject description: where do I find vpn-activator pet?
 

I dont see it in http://smokey01.com/OscarTalks or in Puppy Package Manager....
Back to top
View user's profile Send private message 
OscarTalks


Joined: 05 Feb 2012
Posts: 1986
Location: London, England

PostPosted: Sun 10 Jun 2018, 16:38    Post subject:  

Hello ortloffa,
There are some early scripts and files available for download in the first post, but really this thread is more of a case of "thinking out loud" and I would suggest readers work through it and put together a package of their own for their own Puppy version. Packages really need to be compiled for the specific version so I would have to assemble and upload lots of different ones. I might try to produce a couple, maybe for Xenial since it is the most recent official Puppy. I am using this regularly in Stretch and Wheezy and it works very well for me.

Hello paulh177
You are wise to advise folks to be careful. Thanks for emphasising that. Maybe I should not have even mentioned the freevpn.me provider, but it has been apparently OK here so far. Perhaps anything sinister would be deliberately hidden from the user and therefore difficult to spot, but all I can say is that if anyone does report any confirmed issues I will edit my earlier posts. I have not come across any negative reports about vpnbook so users may want to stick with using that.

One thing I will mention is that I found and fixed an issue.
If the openvpn daemon failed to start or stopped at any time (maybe because of a password problem for example), running VPN-Stop would not remove the tray icon.
I just added a couple of lines of code
Now when I click the "OK" button in the gxmessage window
If yad-vpn (the tray icon) is running
Then killall yad-vpn
Now everything is working as it should in all scenarios.

I am also thinking that it might be good to have the configuration files in a sub-directory in /etc just to keep things more tidy.

_________________
Oscar in England

Back to top
View user's profile Send private message 
ortloffa

Joined: 18 Aug 2006
Posts: 33
Location: Metairie, Louisiana, USA

PostPosted: Sun 10 Jun 2018, 20:28    Post subject: Sorry right in front of me.
Subject description: oops
 

I am using Zenial and it works. thanks. Dont know how I missed the link.

thanks!
Back to top
View user's profile Send private message 
Mr.Spenalzo

Joined: 28 Sep 2017
Posts: 6

PostPosted: Wed 18 Jul 2018, 17:46    Post subject: A Simple VPN Implementation  

Hello OscarTalks. Thank you for this! Works great on 32 bit TahrPup.
Back to top
View user's profile Send private message 
freddieodom

Joined: 28 Jun 2018
Posts: 5
Location: Miami

PostPosted: Thu 02 Aug 2018, 10:34    Post subject:  

Very useful and in-depth post. I amazed to read it. Can you let me know that Astrill VPN can run with this program? Thanks
Back to top
View user's profile Send private message 
OscarTalks


Joined: 05 Feb 2012
Posts: 1986
Location: London, England

PostPosted: Thu 02 Aug 2018, 12:56    Post subject:  

Thanks for the comments.
It is difficult to give a definitive answer regarding Astrill VPN or any of the other paid-for VPN services unless I sign up for them, but generally speaking it should be possible to use this system to access their services. I took a brief look and it appears that they do support OpenVPN which is what my system uses. If you sign up, they should provide you with a bundle of .ovpn configuration files. These are just text files. Not sure if you may also need to grab certificates and add those in as well. Often they are already included in the .ovpn file. Their wiki had some information which you might need to study. Essentially though, you just pluck out the .ovpn file for the VPN server you want to access and use that.

_________________
Oscar in England

Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 1 of 5 [65 Posts]   Goto page: 1, 2, 3, 4, 5 Next
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » House Training » HOWTO ( Solutions )
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0723s ][ Queries: 12 (0.0062s) ][ GZIP on ]