Jump to content
Not connected, Your IP: 3.229.122.219
corrado

Alternative AirVPN client with provider-independent double-hop support (GNU/Linux)

Recommended Posts

 

Trying to add another provider I get this in the terminal after I start qomui-gui in the terminal.  This is after an install on a mint 18.3 xfce vm with the deb package version 0.60.

Am I doing something wrong?

No you are doing nothing wrong, this is a bug with the new release (should not happen in older releases). When importing config files manually, qomui tries to resolve the host (ca.windscribe.com in your case) - when resolving the host fails it will leave the line unchanged (this is where the bug occurs) and issue a warning in the log as this will lead to conflicts with the firewall and doublehop feature that rely on resolved hosts - for that reason I might change qomui's behavior in the future to not import such config files as this breaks other features.

 

The question is why resolving the host failed in your case - on my system it works fine. One reason could be that your VM did not have a working internet connection when you added the config files. If that's not the case please try to deactivate the qomui's firewall. If it still fails, check manually if your system can resolve the host with the following command (insert $host, ca.windscribe for example) and post the output:

dig $host +short

Additional note: You might notice that running the command above returns multiple ip addresses. Currently, qomui will only use one of them as it does not support multiple remote hosts (or Openvpn's remote-random feature) at the moment.

 

Thanks for your feedback!

 

 

I should have mentioned this because I did notice it myself - my system does resolve ca.windscribe.com just fine, before qomui attempts to load the config, and after I close the crashed qomui. 

 

After I read your reply above I edited the configs to use IP address not domain.  Then they were loaded into qomui just fine.

 

However, when I connected it seemed there were some routing problems or something openvpn didn't like so it would immediately disconnect and try to connect again.

Share this post


Link to post

However, when I connected it seemed there were some routing problems or something openvpn didn't like so it would immediately disconnect and try to connect again.

 

Ok, this is strange - was the second connection attempt successful? Could be something in their config files - I will have a look at it as I'm in the process of adding support for ProtonVPN and Windscribe to Qomui.

Share this post


Link to post

 

However, when I connected it seemed there were some routing problems or something openvpn didn't like so it would immediately disconnect and try to connect again.

 

Ok, this is strange - was the second connection attempt successful? Could be something in their config files - I will have a look at it as I'm in the process of adding support for ProtonVPN and Windscribe to Qomui.

 

 

No, it would just try and try to connect.  I upped the log verbiage and saw some unroutable packet errors and some errors like the server tried to push over and over but something was wrong.

 

If you're working to add windscribe then I'm sure you'll figure it out.

Share this post


Link to post

I just tested Windscribe with their Hungary config (unchanged, just as downloaded from their config generator) and it connected perfectly on first attempt. One thing is important, though - you need to use the credentials you can generate just below the config generator otherwise it won't work. Additionally, "verb" has to be set to "3" at minimum but usually qomui changes that automatically (worked on my test run). Would be interesting to see the part of the log where the fail messages/unroutable packet errors occur.

Share this post


Link to post

I just tested Windscribe with their Hungary config (unchanged, just as downloaded from their config generator) and it connected perfectly on first attempt. One thing is important, though - you need to use the credentials you can generate just below the config generator otherwise it won't work. Additionally, "verb" has to be set to "3" at minimum but usually qomui changes that automatically (worked on my test run). Would be interesting to see the part of the log where the fail messages/unroutable packet errors occur.

 

 

Really odd that you could connect right up.  Yes, I use the proper credentials.  It connects for a split second, confirmed in log, then disconnects.  I upped verb to 5 in the config to see more info. That's how I saw the errors that I did.

 

What openvpn version are you using?

Share this post


Link to post

Openvpn 2.4.6 - maybe it's the manual editing of the ip address in the config file that causes the issue? Can you try again with the unchanged one - in my case qomui resolved it automatically without any issue? 

Share this post


Link to post

I just tested Windscribe with their Hungary config (unchanged, just as downloaded from their config generator) and it connected perfectly on first attempt. One thing is important, though - you need to use the credentials you can generate just below the config generator otherwise it won't work. Additionally, "verb" has to be set to "3" at minimum but usually qomui changes that automatically (worked on my test run). Would be interesting to see the part of the log where the fail messages/unroutable packet errors occur.

 

 

Nevermind.  It's working now.  I had used the proper credentials but I hadn't input them in the GUI.  Instead I edited the file that's supposed to contain them.  I guess something went wrong there.

 

This time I added the configs with my creds in the GUI and it's working well!

Share this post


Link to post

I just released another update - version 0.6.1

 

Changelog:

- [new] support for Windscribe
- [new] support for ProtonVPN
- [change] missing flags for Windscribe added
- [change] autocompletion for "c" and "v" options in cli
- [change] most cli commands are not case-sensitive anymore
- [bugfix] alternative dns servers not parsed correctly
- [bugfix] crashes when loading default configuration
- [bugfix] configs are not imported if url cannot be resolved
- [bugfix] old connection not killed after network change detected (in rare cases)

 

Deb-Package:

qomui.0.6.1-amd64.deb

 

Rpm-Package:

qomui-0.6.1-1.x86_64.rpm

 

Share this post


Link to post

I figured out the problem with domain resolving I had yesterday.  I block DNS except that which I specify in my pfsense box.  I didn't realize it but qomui insists on using whatever is in the DNS options.  I thought that was only used if I tick the box.  Since it was trying to use those DNS servers, it failed.  I switched those to ones not blocked by pfsense and all is well.

Share this post


Link to post

I've added AirVPN and Windscribe.

 

I'm seeing a problem with server selection.  If I choose anything other than the default all countries and all providers the list of servers goes blank and doesn't come back when I go back to all countries and all providers.

Share this post


Link to post

I'm seeing a problem with server selection.  If I choose anything other than the default all countries and all providers the list of servers goes blank and doesn't come back when I go back to all countries and all providers.

 

F***, you are right. But I have an idea why this happens. I actually tested with fresh installs on three systems, don't know how I could have missed that. Expect a fix soon!

Share this post


Link to post

I figured out the problem with domain resolving I had yesterday.  I block DNS except that which I specify in my pfsense box.  I didn't realize it but qomui insists on using whatever is in the DNS options.  I thought that was only used if I tick the box.  Since it was trying to use those DNS servers, it failed.  I switched those to ones not blocked by pfsense and all is well.

 

Yes, qomui needs a DNS server when adding a provider in case firewall is activated to fetch data from airvpn.org or resolving host names for example. I didn't think about a scenario where DNS requests are blocked by pfsense.Your solution is the one I'd have suggested.

Share this post


Link to post

 

Are these all AirVPN servers?

 

Yes, I only use AirVPN servers.

 

 

>Unfortunately, in the current version I have no debug information on whether the latency check is actually performed or not. If it is, all servers should be updated with either the latency or "N.A." if the ping timed out/server is not reachable or the ping command failed for any other reason.

 

Well, I guess the latency check sometimes partially fails then, since I have servers with latencies, some with "N.A." and some without anything. It's clearly random, for instance right now I have about 15 servers with latencies and all the others have "N.A.". I don't have any server with blank latency right now.

 

That some servers that are located very far from your actual location have high latencies is normal and to be expected.

 

Of course. However, there are some servers on other continents which have -high- latency displayed, yet some servers which are closer to my actual location have "N.A." or even no latency sometimes.

 

I suppose you can generally connect to servers that are labelled "N.A." or have no latency displayed, can you?

 

Yes, I can connect to any server with "N.A." latency just fine.

 

What distribution are you currently using?

 

Arch Linux x86_64 and Qomui 0.6.1 from AUR as I'm writing this.

 

 

Can you try re-initiating the latency check by either saving any changes in the option tab or by simply disconnecting/reconnecting your internet connection and see if the result is different?

 

It's not, unfortunately. I had already tried to see whether it would make any difference but it doesn't.

 

 

Also, can you try to ping servers (particularly those that have no latency displayed) with the following command (substitute $interface with the actual network interface you are using) and post the output here:

 

ping -c1 -W1 -I $interface $server
 

Thanks for your feedback!

 

 

I'm sorry but I have trouble getting a proper output, I always get the same error.

 

I can't find any relevant info with:

ping --help

or

qomui-cli --help

 

How am I supposed to put the $server part?

 

~ $ ping -c1 -W1 -I eno1 Subra                                              
ping: subra: Name or service not known
~ $ ping -c1 -W1 -I eno1 Algorab                                       
ping: Algorab: Name or service not known
~ $ ping -c1 -W1 -I enp7s0 columba
ping: columba: Name or service not known

 

Thank you in advance for your answer.

Share this post


Link to post

 

I'm seeing a problem with server selection.  If I choose anything other than the default all countries and all providers the list of servers goes blank and doesn't come back when I go back to all countries and all providers.

 

F***, you are right. But I have an idea why this happens. I actually tested with fresh installs on three systems, don't know how I could have missed that. Expect a fix soon!

 

I'm not seeing this issue but although I upgraded from 0.6.0 to 0.6.1 using .deb files, I don't see the extra providers, just air, pia and mullvad.  'About' says 0.6.1 but something doesn't look quit right.

Share this post


Link to post

@go558a83nk: the problem should be fixed - you might have to reinstall qomui unfortunately. Just reinstalling over the existing installation should be fine.

 

I'm not seeing this issue but although I upgraded from 0.6.0 to 0.6.1 using .deb files, I don't see the extra providers, just air, pia and mullvad.  'About' says 0.6.1 but something doesn't look quit right.

 

New providers should appear in the dropdown menu in the provider tab. If they are not there something went wrong. I changed the update mechanism in v0.6.0 for deb installations - this requires a reinstallation, though. Maybe that's the issue. Otherwise upgrade might have been done via pip (python packet manager): Normally this should work, too, but I can't guarantee. I just tried using the update mechanism from 0.6.0 to 0.6.1 with a deb-package and it worked flawlessly.

 

How am I supposed to put the $server part?

 

With the ping command you should use the ip-address of a server. For Columba the command would be (using "eth0" as network interface - check yours with "ip link"):

ping -c1 -W1 -I eth0 194.187.251.114

I tried to replicate your issue but on 3 different systems and 4 VMs it never occurred. Only thing I can think of is that the ping command fails but even then qomui should display "N.A.". I currently have about 700-800 servers, only 15-20 are N.A. and most of those are either far away or actually don't work.

Share this post


Link to post

With the ping command you should use the ip-address of a server. For Columba the command would be (using "eth0" as network interface - check yours with "ip link"):

ping -c1 -W1 -I eth0 194.187.251.114

I tried to replicate your issue but on 3 different systems and 4 VMs it never occurred. Only thing I can think of is that the ping command fails but even then qomui should display "N.A.". I currently have about 700-800 servers, only 15-20 are N.A. and most of those are either far away or actually don't work.

 

Here's the output for two servers which are relatively close to my actual location and yet showing "N.A" in qomui-gui:

~ $ ping -c1 -W1 -I enp5s0u1u4 91.207.102.162                               
PING 91.207.102.162 (91.207.102.162) from xxx.xxx.xxx.xxx enp5s0u1u4: 56(84) bytes of data.
64 bytes from 91.207.102.162: icmp_seq=1 ttl=51 time=75.9 ms

--- 91.207.102.162 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 75.972/75.972/75.972/0.000 ms
~ $  ping -c1 -W1 -I enp5s0u1u4 185.206.225.58      
PING 185.206.225.58 (185.206.225.58) from xxx.xxx.xxx.xxx enp5s0u1u4: 56(84) bytes of data.
64 bytes from 185.206.225.58: icmp_seq=1 ttl=51 time=67.8 ms

--- 185.206.225.58 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 67.898/67.898/67.898/0.000 ms

I can connect to both fine and I'm getting a latency number with the ping command. Weird.

 

In regards to servers not displaying anything, even "N.A.", I noticed that the problem doesn't occur when I use my LTE with USB tethering, which is much faster than my home internet. Note that I also had the problem with Eddie so I guess that's something on my end.

 

Here are two screenshots of AirVPN Canadian servers. As you can see, some have latencies, some don't.

On average, I'm getting about 90% "N.A" and only 10% with actual latencies in ms if we consider the whole servers list, regardless of the connection I'm using.

 

Share this post


Link to post

In regards to servers not displaying anything, even "N.A.", I noticed that the problem doesn't occur when I use my LTE with USB tethering, which is much faster than my home internet. Note that I also had the problem with Eddie so I guess that's something on my end.

 

Unfortunately, there is not much I can do in that case, I guess. My implementation of the latency checks is rather slow as it is - it checks the servers one by one. Initially, I wanted to make it a lot faster but it messed up the gui.

Share this post


Link to post

After the botched update yesterday, I hope v0.6.2 fares better! Main reason for that quick update is a problem with the ProtonVPN autodownload feature - I used an outdated API that would download a very old server list. Full changelog:

 

- [change] api-url for ProtonVPN updated - the one introduced in last update was out of date
- [change] added support for Windscribe's stealth feature (OpenVPN over SSL)
- [change] postrm functions added to deb/rpm/aur packages
- [change] automatic reconnections for double hop if first hop fails/disconnects
- [change] adjusted OpenVPN configs of Mullvad and Windscribe to match official ones
- [bugfix] tray icon not always updated after establishing double hop connection
- [bugfix] qomui crashes while performing latency checks when server(s) are deleted

Share this post


Link to post

Hi corrado,

 

Regarding the DropDown Add/update provider on my v0.6.2 only showing Air, Mullvad and PIA, I compared the local and github qomui_service.py files and noticed that my local file only showed the three Supported providers mentioned above so I deleted the /usr/local/lib/python3.6/dist-packages/qomui and /usr/local/lib/python3.6/dist-packages/qomui-0.5.1.egg-info directories, since I thought /usr/local/lib/python3.6/dist-packages/qomui-0.5.1.egg-info should be updated too.  Then tried installing over-top and removing via symantic qomui completely and re-installing v0.6.2  (.deb) but those directories were not created with the install.

 

I also tried v0.5.1 and 0.6.1 (didn't bother trying v0.6.0) since I have the .deb files but nothing created the /usr/local/lib/python3.6/dist-packages/ directories. I had to run the github source installation 

before the two directories were created.

 

git clone https://github.com/corrad1nho/qomui.git

cd ./qomui
sudo python3 setup.py install

 

So it looks like installing the .deb either over-top or as a fresh install doesn't update/create the /usr/local/lib/python3.6/dist-packages/ directories.

 

Now all is good with the extra three providers listed, I just thought you'd like to know.

 

Cheers

Share this post


Link to post

So it looks like installing the .deb either over-top or as a fresh install doesn't update/create the /usr/local/lib/python3.6/dist-packages/ directories.

 

It took me a while to figure that out: If you install python-packages with pip or via "setup.py install", the python files will be installed to /usr/local/lib/python3.6/dist-packages/. BUT: Installations via deb go into /usr/lib/python3/dist-packages/. So if you want to use the deb-package you must purge qomui first from /usr/local/lib/python3.6/dist-packages/. Between v0.5.1 and v0.6.0 my upgrade mechanism did not update properly via dpkg (but pip) when initially installed via deb. In that case you must remove qomui first and make a clean reinstall. I'm sorry for the confusion.

Share this post


Link to post

Uploaded version 0.6.3 - this update mainly adresses instabilities of the bypass feature particularly in conjunction with WireGuard:

 

Changelog:

  • [change] bypass mode supports ipv6 now
  • [change] WireGuard is now written correctly (pull request from zx2c4) - requires all WireGuard configs to be readded
  • [change] exit dialog has a 5 sec timeout now
  • [change] umask set before chmod to avoid race conditions (pull request from zx2c4)
  • [bugfix] bypass should now work properly with WireGuard connections

 

Deb-Package:

qomui.0.6.3-amd64.deb

 

Rpm-Package:

qomui-0.6.3-1.x86_64.rpm

Share this post


Link to post

Hi Corrado,

 

I'd really love to use your software but after installing it using the deb Package on my Linux Mint 19 machine

it wont run.

 

I can see the Qomui menu item but when I click it the gui wont happen. in fact

nothing happens at all.

 

I've removed and reinstalled again and get the same result.

 

Could you please help?

 

Thanks a mil!

Share this post


Link to post

I'd really love to use your software but after installing it using the deb Package on my Linux Mint 19 machine

it wont run.

 

I can see the Qomui menu item but when I click it the gui wont happen. in fact

nothing happens at all.

 

Can you start qomui from a terminal (do not use sudo) by typing the command below and post the output here?

qomui-gui

 

Share this post


Link to post

Hi all, I've reinstalled my system... now running Manjaro KDE, installed Qomui from the aur.

I have the firewall and latency check options active and Qomui is running flawlessly.

Connection to KDE Connect works perfectly.

Also fits with the Plasma desktop seemlessly.

Share this post


Link to post

Hi All,

 

Thank you CORRADO for answering, and forgive me for the late reply.

 

I used the command qomui-gui and a window popped up saying

the service wasnt started and whether I wanted to start or enable it,

so I clicked on start. Then the GUI popped up successgully and I 

was able to add servers manually.

 

However, when I attempt to connect to one of the servers i get this

message in the log:

 

2018-08-14 14:33:54,838 - INFO - OpenVPN: ERROR: username from Auth

authfile '/usr/share/qomui/certs/IPVanish-auth.txt' is empty

 

2018-08-14 14:33:54,839 - INFO - OpenVPN: Exiting due to fatal error

 

It looks like my username and password of my vpn service are not passed

along and I have specified them in the setting when adding the servers.

 

Can you help please?

 

Thank you!

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...