search

bendikro / deluge-vpn

78 stars 13 forks source link

OpenVPN setup issue #4

Closed william00179 closed 4 years ago

william00179 commented 8 years ago

Hi bendikro,

Just the script I am after! However I am having problems getting it to run.

Error Log: 

Tue Apr 12 17:17:34 2016 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Tue Apr 12 17:17:34 2016 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Tue Apr 12 17:17:34 2016 NOTE: --fast-io is disabled since we are not using UDP
Tue Apr 12 17:17:34 2016 Socket Buffers: R=[87380->131072] S=[16384->131072]
Tue Apr 12 17:17:34 2016 Attempting to establish TCP connection with [AF_INET]176.126.237.217:443 [nonblock]
Tue Apr 12 17:17:35 2016 TCP connection established with [AF_INET]176.126.237.217:443
Tue Apr 12 17:17:35 2016 TCPv4_CLIENT link local: [undef]
Tue Apr 12 17:17:35 2016 TCPv4_CLIENT link remote: [AF_INET]176.126.237.217:443
Tue Apr 12 17:17:35 2016 TLS: Initial packet from [AF_INET]176.126.237.217:443, sid=10afe8c8 d2286941
Tue Apr 12 17:17:35 2016 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Tue Apr 12 17:17:41 2016 VERIFY OK: depth=1, C=CH, ST=Zurich, L=Zurich, O=vpnbook.com, OU=IT, CN=vpnbook.com, name=vpnbook.com, emailAddress=admin@vpnbook.com
Tue Apr 12 17:17:41 2016 VERIFY OK: depth=0, C=CH, ST=Zurich, L=Zurich, O=vpnbook.com, OU=IT, CN=vpnbook.com, name=vpnbook.com, emailAddress=admin@vpnbook.com
Tue Apr 12 17:17:44 2016 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Tue Apr 12 17:17:44 2016 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Apr 12 17:17:44 2016 Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Tue Apr 12 17:17:44 2016 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Apr 12 17:17:44 2016 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Tue Apr 12 17:17:44 2016 [vpnbook.com] Peer Connection Initiated with [AF_INET]176.126.237.217:443
Tue Apr 12 17:17:46 2016 SENT CONTROL [vpnbook.com]: 'PUSH_REQUEST' (status=1)
Tue Apr 12 17:17:47 2016 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS  89.233.43.71,dhcp-option DNS  91.239.100.100,route 10.9.0.1,topology net30,ping 5,ping-restart 30,ifconfig 10.9.2.114 10.9.2.113'
Tue Apr 12 17:17:47 2016 OPTIONS IMPORT: timers and/or timeouts modified
Tue Apr 12 17:17:47 2016 OPTIONS IMPORT: --ifconfig/up options modified
Tue Apr 12 17:17:47 2016 OPTIONS IMPORT: route options modified
Tue Apr 12 17:17:47 2016 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Tue Apr 12 17:17:47 2016 ROUTE_GATEWAY 192.168.1.254/255.255.255.0 IFACE=eth0 HWADDR=00:1b:78:9e:b5:45
Tue Apr 12 17:17:47 2016 TUN/TAP device tun1 opened
Tue Apr 12 17:17:47 2016 TUN/TAP TX queue length set to 100
Tue Apr 12 17:17:47 2016 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Tue Apr 12 17:17:47 2016 /sbin/ip link set dev tun1 up mtu 1500
Tue Apr 12 17:17:47 2016 /sbin/ip addr add dev tun1 local 10.9.2.114 peer 10.9.2.113
Tue Apr 12 17:17:47 2016 /home/ben/scripts/link_up_user_filter.sh tun1 1500 1560 10.9.2.114 10.9.2.113 init
net.ipv4.conf.all.rp_filter = 2
net.ipv4.conf.default.rp_filter = 2
net.ipv4.conf.tun1.rp_filter = 2
/home/ben/scripts/user_filter/vpn_base.sh: line 13: [: 192.168.1.4: integer expression expected
/home/ben/scripts/user_filter/vpn_base.sh: line 13: [: 192.168.1.4: integer expression expected
/home/ben/scripts/user_filter/vpn_base.sh: line 13: [: 192.168.1.4: integer expression expected
/home/ben/scripts/user_filter/vpn_base.sh: line 13: [: 192.168.1.4: integer expression expected
/home/ben/scripts/user_filter/vpn_base.sh: line 13: [: 192.168.1.4: integer expression expected
/home/ben/scripts/user_filter/vpn_base.sh: line 13: [: 192.168.1.4: integer expression expected
/home/ben/scripts/user_filter/vpn_base.sh: line 13: [: 192.168.1.4: integer expression expected
/home/ben/scripts/user_filter/vpn_base.sh: line 13: [: 192.168.1.4: integer expression expected
/home/ben/scripts/user_filter/vpn_base.sh: line 13: [: 192.168.1.4: integer expression expected
/home/ben/scripts/user_filter/vpn_base.sh: line 13: [: 192.168.1.4: integer expression expected
/home/ben/scripts/user_filter/vpn_base.sh: line 13: [: 192.168.1.4: integer expression expected
/home/ben/scripts/user_filter/vpn_base.sh: line 13: [: 192.168.1.4: integer expression expected
/home/ben/scripts/user_filter/vpn_base.sh: line 13: [: 192.168.1.4: integer expression expected
/home/ben/scripts/user_filter/vpn_base.sh: line 13: [: 192.168.1.4: integer expression expected
/home/ben/scripts/user_filter/vpn_base.sh: line 13: [: 192.168.1.4: integer expression expected
/home/ben/scripts/user_filter/vpn_base.sh: line 13: [: 192.168.1.4: integer expression expected
/home/ben/scripts/user_filter/vpn_base.sh: line 13: [: 192.168.1.4: integer expression expected
/home/ben/scripts/user_filter/vpn_base.sh: line 13: [: 192.168.1.4: integer expression expected
/home/ben/scripts/user_filter/vpn_base.sh: line 13: [: 192.168.1.4: integer expression expected
/home/ben/scripts/user_filter/vpn_base.sh: line 13: [: 192.168.1.4: integer expression expected
/home/ben/scripts/user_filter/vpn_base.sh: line 13: [: 192.168.1.4: integer expression expected
/home/ben/scripts/user_filter/vpn_base.sh: line 13: [: 192.168.1.4: integer expression expected
/home/ben/scripts/user_filter/vpn_base.sh: line 13: [: 192.168.1.4: integer expression expected
/home/ben/scripts/user_filter/vpn_base.sh: line 13: [: 192.168.1.4: integer expression expected
/home/ben/scripts/user_filter/vpn_base.sh: line 13: [: 192.168.1.4: integer expression expected
/home/ben/scripts/user_filter/vpn_base.sh: line 13: [: 192.168.1.4: integer expression expected
/home/ben/scripts/user_filter/vpn_base.sh: line 13: [: 192.168.1.4: integer expression expected
/home/ben/scripts/user_filter/vpn_base.sh: line 13: [: 192.168.1.4: integer expression expected
/home/ben/scripts/user_filter/vpn_base.sh: line 13: [: 192.168.1.4: integer expression expected
/home/ben/scripts/user_filter/vpn_base.sh: line 13: [: 192.168.1.4: integer expression expected
/home/ben/scripts/user_filter/vpn_base.sh: line 13: [: 192.168.1.4: integer expression expected
/home/ben/scripts/user_filter/vpn_base.sh: line 13: [: 192.168.1.4: integer expression expected
Bad argument `24'
Try `iptables -h' or 'iptables --help' for more information.
Bad argument `24'
Try `iptables -h' or 'iptables --help' for more information.
Bad argument `24'
Try `iptables -h' or 'iptables --help' for more information.
Bad argument `24'
Try `iptables -h' or 'iptables --help' for more information.
Bad argument `24'
Try `iptables -h' or 'iptables --help' for more information.
Bad argument `24'
Try `iptables -h' or 'iptables --help' for more information.
Bad argument `24'
Try `iptables -h' or 'iptables --help' for more information.
Tue Apr 12 17:17:47 2016 WARNING: Failed running command (--up/--down): external program exited with error status: 2
Tue Apr 12 17:17:47 2016 Exiting due to fatal error

and my client config

client
dev tun1
proto tcp
remote 176.126.237.217 443
remote euro217.vpnbook.com 443
resolv-retry infinite
nobind
persist-key
persist-tun
auth-user-pass
comp-lzo
verb 3
cipher AES-128-CBC
fast-io
pull
route-delay 2
redirect-gateway
script-security 2
up "/home/ben/scripts/link_up_user_filter.sh"

Would you please be able to assist as to why I might be getting this error?

IamC8 commented 8 years ago

You have copied and pasted visible lines and not the raw code line 13 in /home/ben/scripts/user_filter/vpn_base.sh should be IFS=. read -r xx m1 m2 m3 m4 <<< $(for a in $(seq 1 32); do if [ $(((a - 1) % 8)) -eq 0 ]; then echo -n .; fi; if [ $a -le $PREFIX ]; then echo -n 1; else echo -n 0; fi; done)

Asura198 commented 4 years ago

Hey, I want to know the difference between these two lines in my config and others. 1) tls-client tls-version-min 1.2 tls-cipher TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256

2) fast-io pull route-delay 2 redirect-gateway

I know that 1 is Transport layer security. What is option 2?

bendikro commented 4 years ago

@Asura198 Search for the options here: https://openvpn.net/community-resources/reference-manual-for-openvpn-2-4/