Comments (7)
Ummm ... if there's no tun0
interface anymore, what is it called in the new version of Fedora?
from openvpn-update-resolv-conf.
Hello @Thomas-S,
First of all thank you and sorry for the delay on the response.
Strange that in interface is not tun0
. Can you paste a more full log, with verbose 7 on your config? Please mask the sensitive parts like IPs. If you are not sure, email me the log.
from openvpn-update-resolv-conf.
Hi thanks for the response :)
Ummm ... if there's no
tun0
interface anymore, what is it called in the new version of Fedora?
If I run ifconfig
the interface tun0
is still there (amongst many others).
Hello @Thomas-S,
First of all thank you and sorry for the delay on the response.
Strange that in interface is not
tun0
. Can you paste a more full log, with verbose 7 on your config? Please mask the sensitive parts like IPs. If you are not sure, email me the log.
I don't know what you mean by verbose 7
from openvpn-update-resolv-conf.
I don't know what you mean by
verbose 7
This is an option that you can set on your openvpn client config file. verb 7
from openvpn-update-resolv-conf.
Ah thanks. This is what comes up, verb 7
does not seem to give me more log info:
Mon Dec 3 09:54:25 2018 library versions: OpenSSL 1.1.1 FIPS 11 Sep 2018, LZO 2.08
Enter Auth Username: *******
Enter Auth Password: ****************
Mon Dec 3 09:54:38 2018 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Mon Dec 3 09:54:43 2018 TCP/UDP: Preserving recently used remote address: [AF_INET]*******
Mon Dec 3 09:54:43 2018 Socket Buffers: R=[87380->87380] S=[16384->16384]
Mon Dec 3 09:54:43 2018 Attempting to establish TCP connection with [AF_INET]******* [nonblock]
Mon Dec 3 09:54:44 2018 TCP connection established with [AF_INET]*******
Mon Dec 3 09:54:44 2018 TCP_CLIENT link local: (not bound)
Mon Dec 3 09:54:44 2018 TCP_CLIENT link remote: [AF_INET]*******
Mon Dec 3 09:54:44 2018 TLS: Initial packet from [AF_INET]*******, sid=*******
Mon Dec 3 09:54:44 2018 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Mon Dec 3 09:54:45 2018 VERIFY OK: *******
Mon Dec 3 09:54:45 2018 VERIFY X509NAME OK: *******
Mon Dec 3 09:54:45 2018 VERIFY OK: *******
Mon Dec 3 09:54:45 2018 Control Channel: TLSv1.2, cipher TLSv1.2 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Mon Dec 3 09:54:45 2018 [*******] Peer Connection Initiated with [AF_INET]*******
Mon Dec 3 09:54:46 2018 SENT CONTROL [*******]: 'PUSH_REQUEST' (status=1)
Mon Dec 3 09:54:52 2018 SENT CONTROL [*******]: 'PUSH_REQUEST' (status=1)
Mon Dec 3 09:54:52 2018 PUSH: Received control message: 'PUSH_REPLY,route-gateway *******,route-gateway *******,topology subnet,ping 10,ping-restart 120,route *******,route *******,route *******,route *******,route *******,route *******,route *******,dhcp-option DNS ****DNS_HERE***,dhcp-option DOMAIN *******,ifconfig *******'
Mon Dec 3 09:54:52 2018 OPTIONS IMPORT: timers and/or timeouts modified
Mon Dec 3 09:54:52 2018 OPTIONS IMPORT: --ifconfig/up options modified
Mon Dec 3 09:54:52 2018 OPTIONS IMPORT: route options modified
Mon Dec 3 09:54:52 2018 OPTIONS IMPORT: route-related options modified
Mon Dec 3 09:54:52 2018 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Mon Dec 3 09:54:52 2018 Outgoing Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
Mon Dec 3 09:54:52 2018 Outgoing Data Channel: Using 512 bit message hash 'SHA512' for HMAC authentication
Mon Dec 3 09:54:52 2018 Incoming Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
Mon Dec 3 09:54:52 2018 Incoming Data Channel: Using 512 bit message hash 'SHA512' for HMAC authentication
Mon Dec 3 09:54:52 2018 ROUTE_GATEWAY *******/******* IFACE=eno1 HWADDR=*******
Mon Dec 3 09:54:52 2018 TUN/TAP device tun0 opened
Mon Dec 3 09:54:52 2018 TUN/TAP TX queue length set to 100
Mon Dec 3 09:54:52 2018 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Mon Dec 3 09:54:52 2018 /sbin/ip link set dev tun0 up mtu 1500
Mon Dec 3 09:54:52 2018 /sbin/ip addr add dev tun0 *******/24 broadcast *******
Mon Dec 3 09:54:52 2018 /etc/openvpn/update-resolv-conf.sh tun0 1500 1604 ******* init
dhcp-option DOMAIN-SEARCH *******
dhcp-option DOMAIN-SEARCH *******
dhcp-option DNS *******
dhcp-option DOMAIN *******
Mon Dec 3 09:54:56 2018 /sbin/ip route add *******/32 via *******
[...]
Mon Dec 3 09:54:56 2018 /sbin/ip route add *******/16 via *******
Mon Dec 3 09:54:56 2018 Initialization Sequence Completed
# When I press Ctrl+C ...
^CMon Dec 3 09:55:30 2018 event_wait : Interrupted system call (code=4)
Mon Dec 3 09:55:30 2018 /sbin/ip route del *******/32
Mon Dec 3 09:55:30 2018 /sbin/ip route del *******/16
Mon Dec 3 09:55:30 2018 Closing TUN/TAP interface
Mon Dec 3 09:55:30 2018 /sbin/ip addr del dev tun0 *******/24
Mon Dec 3 09:55:30 2018 /etc/openvpn/update-resolv-conf.sh tun0 1500 1604 ******* init
Unknown interface 'tun0': No such device
Mon Dec 3 09:55:30 2018 SIGINT[hard,] received, process exiting```
from openvpn-update-resolv-conf.
So, the problem here is that the interface is taken down before the down script is executed, so the tun interface.
Can you post your openvpn version and config? Please mask the sensistive information.
from openvpn-update-resolv-conf.
I already posted the version in my initial message.
The config is as follows:
verb 7
client
dev tun
proto tcp
remote **** 8877
verify-x509-name "C=de, L=Frankfurt, O=****, CN=****, emailAddress=****"
route remote_host 255.255.255.255 net_gateway
resolv-retry infinite
nobind
persist-key
persist-tun
ca ****.ca.crt
cert ****.user.crt
key ****.user.key
auth-user-pass
cipher AES-256-CBC
auth SHA512
comp-lzo
route-delay 4
verb 3
reneg-sec 0
# Tom
# This updates the resolvconf with dns settings
dhcp-option DOMAIN-SEARCH ****
dhcp-option DOMAIN-SEARCH ******
script-security 2
up /etc/openvpn/update-resolv-conf.sh
down /etc/openvpn/update-resolv-conf.sh
from openvpn-update-resolv-conf.
Related Issues (17)
- Restoring DNS does not work with --user nobody --group nobody HOT 5
- Use systemd-resolved dbus interface instead of creating *.network files on-the-fly HOT 7
- DNS leaks still appear HOT 3
- Find resolvconf automatically does not always work HOT 4
- License needs clarification HOT 1
- exclusive flag is a very opiniated choice
- update-resolv-conf doesn't respect the /etc/resolvconf/interface-order on Ubuntu 14.04 HOT 2
- Command not recognized HOT 14
- Solves domain name resolution data leakage? HOT 3
- Too few Arguments HOT 2
- Doesn't Update resolv.conf on Gentoo HOT 4
- foreign_options in client.ovpn HOT 2
- What if I need and have systemd-resolved disabled? HOT 1
- No Colombia option
- DNS leaks HOT 2
- exclusive Flag problems / resolvconf location HOT 5
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from openvpn-update-resolv-conf.