Force Torrent Traffic through VPN Split Tunnel Debian 8 + Ubuntu 16.04
|
Posts: 3
Threads: 1
Joined: Aug 2016
Reputation:
0
[Not Solved]
Oct 29, 2016, 11:54 AM
Hi, I've successfully followed this guide to split tunnel my traffic through a PIA subscribed VPN on a Raspberry Pi 3 running a Jessie based custom distro.
However, when I try to do the same on a VPS I got from contabo running Ubuntu 16.04, even though the service is running without any errors, I still get the VPS's IP instead of the VPN's...
And yes, I've already tried running it manually and without split tunneling (commented out the up and down scripts in the openvpn.conf), and the result is still the same. Also, the tun0 interface is present in the output of ifconfig...
I've also disabled the static ip configuration set automatically by the VPS provider (Contabo) in my /etc/network/interfaces file and changed it to dhcp. I've managed to verify through the syslogs that the VPS is issuing DHCP REQUESTS every 240 seconds (this seems a bit short of a time span, but kind of irrelevant for now) It also had the following "routing line of code" in the end of the file:
Code:
# Set route to network
up route add -net 93.104.212.224/24 gw 93.104.212.225 dev eth0
I thought this could be the culprit, but disabled it and still no successful routing through the VPN. Also in syslog I found the following entry must must somehow be related, even though I commented out the code above in the interfaces file:
Code:
ovpn-openvpn[3664]: ROUTE_GATEWAY 93.104.212.225/255.255.255.224 IFACE=eth0 HWADDR=00:50:56:3c:a6:fa
Weirdly enough, when I tried to get the output of the iptables, I found out that iptables wasn't installed. I'm going to reinstall everything from scratch and try to get more info on the problem.
Appreciate your thoughts and great work with all your guides guys. Let me know if I can provide any additional information to help solve this situation.
Posts: 244
Threads: 1
Joined: Jul 2016
Reputation:
12
[Not Solved]
Nov 02, 2016, 06:01 PM
I think that the problem is indeed the route vps is using. As you say, non split tunnel vpn isn't working either. I'm not sure how your vps provider is managing the network interfaces, you will need to get in contact with them to get more support on this.
It is strange iptables is not installed, on Ubuntu default install iptables is present by default. Maybe they are using a very minimal Ubuntu Server install, in that case you need to install iptables too. Let us know how is it working after you reinstalled everything. Then we will see how to proceed.
Posts: 3
Threads: 1
Joined: Aug 2016
Reputation:
0
[Not Solved]
Nov 02, 2016, 07:57 PM
(Nov 02, 2016, 06:01 PM)drake Wrote: I think that the problem is indeed the route vps is using. As you say, non split tunnel vpn isn't working either. I'm not sure how your vps provider is managing the network interfaces, you will need to get in contact with them to get more support on this.
It is strange iptables is not installed, on Ubuntu default install iptables is present by default. Maybe they are using a very minimal Ubuntu Server install, in that case you need to install iptables too. Let us know how is it working after you reinstalled everything. Then we will see how to proceed.
The problem seemed to be the iptables not being installed. After reinstalling the OS and installing iptables prior to following the guide to force split tunneling it worked took me a while to get to that conclusion, but thankfully I have been building scripts to configure my whole systems, so it didn't take much effort other than installing the minial packages needed for the system to run properly. So yeah, if you're planning on reting a VPS from Contabo (great prices and so far so good, but there seem to be some mixed feelings regarding customers experience), beware that their version of Ubuntu 16.04 seems to be stripped down to the bare minimum.
Once again, thank you and excellent work with all those guides!! You have become THE reference for me, regarding HTPC material
Posts: 244
Threads: 1
Joined: Jul 2016
Reputation:
12
[Not Solved]
Nov 02, 2016, 08:20 PM
(This post was last modified: Nov 02, 2016, 08:21 PM by drake.)
Excellent TMiC, I'm glad you managed to resolve this, good work! They are probably using a minimal Ubuntu install indeed, which is actually very good (I like minimal installs a lot). Since there are many different versions of even the same Linux distribution, we need to support the most popular ones, which are Ubuntu and Debian, but most of these things work on other distributions too, but some things might need to be adjusted.
Contabo prices do look interesting, let us know how satisfied are you with their services after using their VPS for a while!
You are welcome, your feedback is very much appreciated, and helps us to try to deliver many more exciting guides!
Posts: 3
Threads: 1
Joined: Aug 2016
Reputation:
0
[Not Solved]
Nov 02, 2016, 08:50 PM
(Nov 02, 2016, 08:20 PM)drake Wrote: Excellent TMiC, I'm glad you managed to resolve this, good work! They are probably using a minimal Ubuntu install indeed, which is actually very good (I like minimal installs a lot). Since there are many different versions of even the same Linux distribution, we need to support the most popular ones, which are Ubuntu and Debian, but most of these things work on other distributions too, but some things might need to be adjusted.
Contabo prices do look interesting, let us know how satisfied are you with their services after using their VPS for a while!
You are welcome, your feedback is very much appreciated, and helps us to try to deliver many more exciting guides!
I don't know if you have ever thought about it, but maybe it was interesting to publish some scripts to automate these installations that you show step by step in your guides I know that we don't get to understand as much as if we'¶e doing it step by step, but for some users it might be interesting.
Posts: 5
Threads: 0
Joined: Dec 2016
Reputation:
0
[Not Solved]
Dec 13, 2016, 12:21 AM
Attempting to go through this guide, I've hit the same roadblock as a mother user in the comment section.
Quote:This guide works to a certain point, when I arrived at one of the last steps, I couldn't get results.
sudo -u vpn -i -- curl ipinfo.io
This doesn't return anything. It can't resolve anything, no ip's, no dns.
As requested there:
Code:
chaz@brand:/tmp$ cat /etc/openvpn/update-resolv-conf
#!/bin/bash
#
# Parses DHCP options from openvpn to update resolv.conf
# To use set as 'up' and 'down' script in your openvpn *.conf:
# up /etc/openvpn/update-resolv-conf
# down /etc/openvpn/update-resolv-conf
#
# Used snippets of resolvconf script by Thomas Hood and Chris Hanson.
# Licensed under the GNU GPL. See /usr/share/common-licenses/GPL.
#
# Example envs set from openvpn:
#
foreign_option_1='dhcp-option DNS 208.67.220.220'
foreign_option_2='dhcp-option DNS 208.67.222.222'
foreign_option_3='dhcp-option DNS 8.8.8.8'
#
[ -x /sbin/resolvconf ] || exit 0
[ "$script_type" ] || exit 0
[ "$dev" ] || exit 0
split_into_parts()
{
part1="$1"
part2="$2"
part3="$3"
}
case "$script_type" in
up)
NMSRVRS=""
SRCHS=""
for optionvarname in ${!foreign_option_*} ; do
option="${!optionvarname}"
echo "$option"
split_into_parts $option
if [ "$part1" = "dhcp-option" ] ; then
if [ "$part2" = "DNS" ] ; then
NMSRVRS="${NMSRVRS:+$NMSRVRS }$part3"
elif [ "$part2" = "DOMAIN" ] ; then
SRCHS="${SRCHS:+$SRCHS }$part3"
fi
fi
done
R=""
[ "$SRCHS" ] && R="search $SRCHS
"
for NS in $NMSRVRS ; do
R="${R}nameserver $NS
"
done
echo -n "$R" | /sbin/resolvconf -a "${dev}.openvpn"
;;
down)
/sbin/resolvconf -d "${dev}.openvpn"
;;
esac
chaz@brand:/tmp$ cat /etc/resolv.conf
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 208.67.220.220
nameserver 208.67.222.222
nameserver 8.8.8.8
chaz@brand:/tmp$ curl ipinfo.io
{
"ip": "##.##.###.###",
"hostname": "##-##-###-###.xxxx.xxxxxxxxxx.com",
"city": "Xxxxxxxxxx",
"region": "Xxxxxxxxx",
"country": "US",
"loc": "##.####,-##.####",
"org": "Internet Corp",
"postal": "#####"
}chaz@brand:/tmp$sudo -u vpn -- curl ipinfo.io
^C
chaz@brand:/tmp$
I control-c'd out of the last line after waiting for about 20 seconds.
Suggestions?
Thanks!
Posts: 244
Threads: 1
Joined: Jul 2016
Reputation:
12
[Not Solved]
Dec 13, 2016, 07:47 AM
Hi chazlarson,
are you using a clean install of Ubuntu Server 16.04?
Do you have UFW configured (or any other firewall)?
Posts: 5
Threads: 0
Joined: Dec 2016
Reputation:
0
[Not Solved]
Dec 13, 2016, 03:40 PM
(This post was last modified: Dec 13, 2016, 03:55 PM by chazlarson.)
Brand new install. This was the first thing I tried to set up on it.
Since then, I have installed various other tools using your how-tos [NZBGet, Sonarr, CouchPotato, Mylar, HTPCManager, Transmission]. Aside from that I've done nothing to it, so the only firewall config has been whatever these how-tos have specifically instructed me to do.
If need be, I can wipe it with a new install and start again, keeping records of everything that happens.
Posts: 244
Threads: 1
Joined: Jul 2016
Reputation:
12
[Not Solved]
Dec 13, 2016, 03:54 PM
Ok, we will resolve this. Is it a VPS or your own hw, running Ubuntu Server 16.04?
Sent from my Xperia Z3 Compact using Tapatalk
Posts: 5
Threads: 0
Joined: Dec 2016
Reputation:
0
[Not Solved]
Dec 13, 2016, 03:57 PM
(This post was last modified: Dec 13, 2016, 04:14 PM by chazlarson.)
My own hardware, an old Dell server.
Just to be sure I didn't break anything inadvertently, it's now back to a fresh 16.04 install.
|
|
Recent Posts
|
Split Tunnel Docker Containers
jonesPhedra Mar 27, 2024, 03:10 AM
|
Plex server not powerful enough, but only with s...
jonesPhedra Mar 27, 2024, 03:02 AM
|
About Swap
jonescelinaa Mar 18, 2024, 02:11 AM
|
game Geometry Dash Scratch
jonescelinaa Jan 31, 2024, 04:21 AM
|
Find My IP Address - Kodi - Updated
jonesPhedra Jan 29, 2024, 02:56 AM
|
Latest unread posts | Unanswered posts |
|