Automatic connection on the boot time about vpngate-with-proxy HOT 16 OPEN

Trying to automate this process requires a lot more work to be done.

1. Autoconnect: Which server in the list should the program connect to? what to do next if it can't connect or tunnel broken? Will it stop trying when the server list is run out or fail to get?
2. Parsing cmdline arguments: definitely the code need to be rewritten to parse multiple arguments and check their correctness.
3. The current state:
   • Indicator: currently on Ubuntu, the state is sent to indicator at localhost:8088. User can view the last message by VPN Status button.
   • OpenVPN Management interface: You can telnet the management server to get the current state of vpn tunnel.
   • pid: if you see openvpn in top or ps aux| grep openvpn or pgrep -f openvpn, then of course it connected to certain server.

But in a manner of speaking, making the program auto run and get it current status from somewhere else is the same as making it become a service, a daemon. Then things could be accessed through a simple socket server.

First thing first: we need decide a control flow for 1.

from vpngate-with-proxy.

1. Try to connect to the first server by the default sort order or by the order from --sort option. If it's not available try the next one. In the case, when tunnel broken and automatic mode is enabled, maybe refresh the list and try again from first entry at the list. If the server list is run out then (maybe) refresh the list and try again. (Default VPNgate client have also options infinite connections which setup how much attempts to do) But it's to hard to start from.

If the tunnel broken trying to reconnect is important only if there is no "anti leak" features. If "anti leak" setup is working, then it is not so important to reconnect, because user will loss access to the network and at such case user can manually reconnect.

The first goal of auto connect feature: save user from unnecessary actions day by day after each reboot. Maybe it's a good point to start from and nothing more about re-connection and "tunnel broken". Just exit if we can not connect after some attempts.

To protect user in the case of tunnel broken we already have user_script.sh. User can setup notification about broken tunnel or switch off his network at all if user wont to prevent leaks.

2. There are a lot of code and example to do that. I think that at such case just do not need to reinvent the wheel.

• Or by user_script in cli mode. At GUI mode indicator can check for current state file. See below.

• Maybe it is possible to do without complications. You can start openvpn with --writepid file option. And send SIGTERM to the pid from this file. (maybe some more checks need, "is it really openvpn process" or pid is old)

Yes. The control flow is the most important.

Standalone "daemon" which is controlled by client will complicate support and debugging very much. Better to avoid it and keep the script as simple.

Maybe better to run current script at the background and write current state to the file:

• connected country
• connected ip
• openvpn pid
• openvpn last log
• vpngate_with_proxy pid

Then if the new instance of the script run need only to check the current state file. If the pid of openvpn exists, the pid of vpngate_with_proxy also exists = we are connected. Then we can show user openvpn log (as already you do, but from log file) + connected country and ip (also like you do now) and ask user to termination the current connection. Nothing more. If user choose to terminate it, kill first instane of vpngate_with_proxy and openvpn then give user default control to start new connection. Looks like it is the easiest way.

from vpngate-with-proxy.

Got the simple idea about autoconnect. Option "reconnect on start" / "auto connect to last success server". If option enable, then try to connect to last openvpn.config (last success server) on script start. If it's not possible, show default screen (maybe ping, before trying to connect).

from vpngate-with-proxy.

@evadogstar hope your system has the latest python 3

You can check out this branch for auto connection
https://github.com/Dragon2fly/vpngate-with-proxy/tree/vpnwp_v2

The status of the vpn is written to logs/manager.log.

0/1: not/connecting
pid:
host:localhost
port:
vpn: connected vpn server's description

I'll try to add command line arguments later. Right now it is quite limited to status, stop.

from vpngate-with-proxy.

Hi @evadogstar, @phd21

Can you guy test and give opinion on the new version at https://github.com/Dragon2fly/vpngate-with-proxy/tree/vpnwp_v2 . The automation function is working fine now. You can save your favorite servers, too.

@phd21 how is your progress with pyQT, can you make a pyQT for this new version?

update

Please backup your current config.ini file and delete the original one before running the new version. The structure of config.ini is different now.

from vpngate-with-proxy.

Nice job! Thanks. Daily using the old version. I investigate new version code. Unfortunately, I can not test it right now, because I have only 3.5 python and worry about the system. Need to backup etc.

I found that at the new version you add the server to vpngate with proxy. Can you also add some option to start server from specific user name at the system?

It is my original previous version editing from ./run script command line to start it from qvpn username:
sudo sg qvpn -c "python vpnproxy_cli.py $arg"

Maybe some argument at run file? Or from command line?

Thanks

from vpngate-with-proxy.

p.s. really need python3.6 vs python3.5 for cli version?

from vpngate-with-proxy.

Python3.6 is the future! It has a new straightforward way to format string.

f”I received {number} dollar from {whom}{time}”

Instead of

”I received {} dollar from {}{}”.format(number, whom, time)

Python3.6 also has tons of optimization that makes it run faster than 3.5, 2.7
So, yes. 3.6 is needed. Otherwise, nasty error will show up.

Installing python3.6 won’t mess up your system. In fact, many python version can co-exist in the same system. If you need many different versions of the same library for the same version of python, ‘Virtualenv’ is good. But since python3.6 is different from 3.5, the library will be installed to 3.6 location and won’t mess up the current one of 3.5

Have a nice day.

from vpngate-with-proxy.

Hi Dragon2fly, evadogstar, and Anyone else regarding this,

I hope you and yours are doing well. Thank you for continuing to maintain and update this wonderful application.

I already had Python3.6 installed, and I followed your instructions

Can you guys test and give opinion on the new version at https://github.com/Dragon2fly/vpngate-with-proxy/tree/vpnwp_v2 .

This is what I get on my Linux Mint KDE 18.2 based on Ubuntu 16.04 when I try to run "./run". The folder does not exist? And, I cannot create it either, even with "sudo"

cat: /proc/sys/net/ipv6/conf/all/disable_ipv6: No such file or directory
Traceback (most recent call last):
File "vpn_manager.py", line 500, in
my_vpn_manager = VpnManager()
File "vpn_manager.py", line 48, in init
self.ipv6_status = int(run('cat /proc/sys/net/ipv6/conf/all/disable_ipv6'.split(), stdout=PIPE).stdout.strip())
ValueError: invalid literal for int() with base 10: b''
Traceback (most recent call last):
File "UI.py", line 450, in
tui = CommandLineInterface(my_conf)
File "UI.py", line 189, in init
super().init(my_config)
File "UI.py", line 42, in init
self.log_open()
File "UI.py", line 121, in log_open
last_log = sorted(all_logs)[-1]
IndexError: list index out of range

Hope this helps ...

from vpngate-with-proxy.

Hi @phd21

So how Mint18 handles Ipv6? I thought Mint18 is base on Ubuntu so it should act the same. If your network doesn’t has ipv6, you can disable the check as following. I’ll look into this problem later.

Can you change this line of File "vpn_manager.py", line 48, in init

self.ipv6_status = int(run('cat /proc/sys/net/ipv6/conf/all/disable_ipv6'.split(), stdout=PIPE).stdout.strip())

To

self.ipv6_status = 0;

And in config.ini, set disable_ipv6 to no.

Thanks for testing it.
Have a good day.

from vpngate-with-proxy.

@Dragon2fly Much better :) At 3.6 it's something like as php.
What is about issue with starting server from other non default user?
sudo sg qvpn -c "python vpnproxy_cli.py $arg"

from vpngate-with-proxy.

Hi Dragon2fly,

Ok, with "vpnwp_v2", I made those changes, and it did not work, no errors though. It does not show a menu, just shows and connects to the first available server from "KR".

Yes, Linux Mint's main 4 editions are based upon Ubuntu. My Linux Mint KDE 18.2 is based on Ubuntu 16.04. I have disabled IPv6 on my system as my ISP provider does not yet use IPv6.

I appreciate that you are helping me with this.

If you want, and you have a USB flash drive stick of 16gb or more, or Virtualbox, you can easily fully install Linux Mint 18.2 (Cinnamon, Mate, KDE, or Xfce) to that in 16 minutes or less. Going through the Mint updates, installing the various Python 3 packages will add to that time, of course.

Not sure if this matters, but I do have OpenVPN 2.4.4 client software installed.

Best regards to you and yours,
Phil
phd21

from vpngate-with-proxy.

And I can not start testing because it does not support to start demon from defined usergroup(

from vpngate-with-proxy.

Hi @phd21,

It does not show a menu, just shows and connects to the first available server from "KR".

Just type ls or list to show the available servers list. It is based on cli version and is And it is fully automatic, so there is no menu at the moment, just command line.

Thanks for the tip with linux Mint. I’ll try it later.

Hi @evadogstar ,

And I can not start testing because it does not support to start demon from defined usergroup(

What is the symtom? Do you mean that the program failed to fork itself into the background?

Root user should start the server process. Other user can communicate with the server process through tcp socket, which is the purpose of the cli.

Wish you guy all have a wonderful year :)

from vpngate-with-proxy.

@Dragon2fly Happy New Year :)
No, at my system I need to run the script like this:

sudo sg qvpn -c "python vpnproxy_cli.py $arg"
This string is from previous version at it's my rewrite at run script.

I'm not totally sure how to run the same current version.

Can you add it as settings to the command line? I will do ./run qvpn and then demon will run from the group qvpn

It's not possible as I remember to run sudo sg qvpn ./run, because it do not then inherent when run deamon.

p.s. I'm still stay at old version now. Works perfect :) Thanks

from vpngate-with-proxy.

@evadogstar

If you read the run file, you will see that it launches vpn_manager.py with sudo and then launches the client as normal user. So, I guess on your system it can be something like below:

sudo sg qvpn -c "python3.6 vpn_manager.py $arg"

where $arg can be $HOME or any where that contains .config/vpngate-with-proxy directory.

With automation enabled, just only that is enough to get you on the VPN connection after a few seconds.
You can launch the command-line client to interact with the vpn_manager as follow:

python3.6 UI.py $arg

then, ls to show the available VPN servers, next to connect to the next server on the list and so on ...

Happy testing :)

from vpngate-with-proxy.