search

jedisct1 / dsvpn

A Dead Simple VPN.
MIT License
5.16k stars 393 forks source link

Client still checking routes even with: OPTFLAGS=-DNO_DEFAULT_ROUTES #88

Closed scarduck closed 2 years ago

scarduck commented 2 years ago

$ date Sun May 22 16:47:33 -03 2022

$ uname -r 5.14.0-70.13.1.el9_0.x86_64

$ cat /etc/redhat-release Red Hat Enterprise Linux release 9.0 (Plow)

$ wget https://github.com/jedisct1/dsvpn/archive/refs/heads/master.zip $ unzip master.zip $ env OPTFLAGS=-DNO_DEFAULT_ROUTES make -C dsvpn-master $ cd dsvpn-master --generate vpn.key-- $ ./dsvpn client vpn.key 1.1.1.1 443 Command [ip route show default 2>/dev/null|awk '/default/{print $3}'] failed] Unable to automatically determine the gateway IP

edit: added date/kernel/os

jedisct1 commented 2 years ago

-DNO_DEFAULT_ROUTES doesn't change the default routes. What is more concerning is why the command failed.

What does

ip route show default 2>/dev/null|awk '/default/{print $3}'

print on your system?

scarduck commented 2 years ago

Since I'm using -DNO_DEFAULT_ROUTES I have to manually change my routes after connected.

Here's exactly what I'm doing before and after:

1) Before connect to my 'dsvpn' server:

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.0.1     0.0.0.0         UG    100    0        0 enp3s0
192.168.0.0     0.0.0.0         255.255.255.0   U     100    0        0 enp3s0

2) After connected my route stays the same because -DNO_DEFAULT_ROUTES did in fact work:

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.0.1     0.0.0.0         UG    100    0        0 enp3s0
192.168.0.0     0.0.0.0         255.255.255.0   U     100    0        0 enp3s0

3) Since I want to use my dsvpn server as my default gw I have to manually do that:

ip route add 1.1.1.1 via 192.168.0.1 
route del default gw 192.168.0.1
route add default gw 192.168.192.254

4) Everything is working and my dsvpn is my default gw. 'route -n' shows:

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.192.254 0.0.0.0         UG    0      0        0 tun0
1.1.1.1         192.168.0.1     255.255.255.255 UGH   0      0        0 enp3s0
192.168.0.0     0.0.0.0         255.255.255.0   U     100    0        0 enp3s0
192.168.192.254 0.0.0.0         255.255.255.255 UH    0      0        0 tun0

5) Now if for whatever reason I need to close and run dsvpn (client) again, the error will happen: $ ./dsvpn client vpn.key 1.1.1.1 443

Command [ip route show default 2>/dev/null|awk '/default/{print $3}'] failed]
Unable to automatically determine the gateway IP
scarduck commented 2 years ago

Answering your question:

$ ip route show default 2>/dev/null|awk '/default/{print $3}' 192.168.192.254

scarduck commented 2 years ago

Since tun0 was my default gw and after I close dsvpn tun0 will obviously vanish the system will in fact have no gw.

route -n after I close dsvpn:

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
1.1.1.1    192.168.0.1     255.255.255.255 UGH   0      0        0 enp3s0
192.168.0.0     0.0.0.0         255.255.255.0   U     100    0        0 enp3s0

$ ip route show default 2>/dev/null|awk '/default/{print $3}'

jedisct1 commented 2 years ago

Got it. That's an unusual situation, but the ip command is available and works as expected.

68cefaf5db56acca5bb375a283bcb3a3a4433fd3 should remove the gateway check, but this is untested.

hdid commented 1 year ago

Got it. That's an unusual situation, but the ip command is available and works as expected.

68cefaf should remove the gateway check, but this is untested.

Does not work, Same error occured.