search

jamesmcm / vopono

Run applications through VPN tunnels with temporary network namespaces
GNU General Public License v3.0
888 stars 46 forks source link

Question about --allow-host-access #284

Open for-coursera opened 3 weeks ago

for-coursera commented 3 weeks ago

With --allow-host-access option, vopono tries to resolve localhost after connecting and seems to fail with this message (I used it together with --protocol openvpn --custom):

sudo: unable to resolve host MyHostname: Name or service not known

Can this be avoided or probably suppressed somehow? AFAIR, it wasn't like that in some previous versions :)

jamesmcm commented 3 weeks ago

It just sets this firewall rule - https://github.com/jamesmcm/vopono/blob/62b6026be02a2fe9db421bfe2874376bd51fa1af/vopono_core/src/util/open_hosts.rs#L5

And adds it to the network namespace hosts file as vopono.host

I don't see this error myself (although I normally use Wireguard) - could you post the full command and log with --verbose ?

for-coursera commented 3 weeks ago

Thanks for your comments!

Here goes the command:

vopono --verbose exec --custom ~/.config/vpn/vpn.udp.ovpn --allow-host-access --protocol openvpn xterm

And the log: https://pastebin.com/raw/FDH4RJdL

jamesmcm commented 2 weeks ago

I can't replicate this myself is your hostname set in /etc/hostname ?

Also don't run xterm like this - as it's just the Terminal Emulator, you should run the shell itself in vopono (e.g. bash) to ensure it is spawned inside the network namespace.

jamesmcm commented 2 weeks ago

Oh and what does the OpenVPN .ovpn file look like? As maybe it is coming from there? As vopono doesn't use the host machine's hostname anyway as far as I can tell.

for-coursera commented 2 weeks ago

@jamesmcm

Again, thanks for replying!

As per your questions:

is your hostname set in /etc/hostname

Yes.

what does the OpenVPN .ovpn file look like?

It has no up / down scripts if that's what you asking. Besides, it doesn't happen with vopono v.0.10.9 :)

jamesmcm commented 2 weeks ago

And does the hosts file in /etc/netns/{ns_name}/hosts look like when it's running?

The only difference was to add the host IP (from the netns perspective) there, but that should use the IP address of the host from the netns, and shouldn't trigger a DNS lookup.

for-coursera commented 2 weeks ago

the hosts file in /etc/netns/{ns_name}/hosts look like when it's running?

Like this:

10.200.1.1 vopono.host