Jump to content
Not connected, Your IP: 18.224.38.170

Recommended Posts

So I've been searching through these forums to try to find a solution to my problem. Until Ubuntu v 18.04 I was using the bind.so shim trick to make some services not use the VPN tunnel (my backup service and my dynamic DNS client, for instance). Something in 18.04 broke that solution and I'm trying to figure out how to duplicate it.

Qomui looked good but seems to be dead. Also, did not seem to have the ability to deal with services, only applications.

Running my VPN'd services in a VM adds another whole OS that would need to be kept up-to-date, etc., so I'm not keen on going down that road.

Using namespaces seems promising, but I'm not a Linux networking specialist and can't seem to get my head around it. Is there a how-or something that someone can point me to?

I am by no means a Linux expert, but I can follow a step by step guide.

Thanks for any suggestions.

Share this post


Link to post

Thanks, giganerd.

That link took me to a page that had 4 choices of article. I assume you meant this one: https://github.com/tool-maker/VPN_just_for_torrents/wiki/Running-OpenVPN-on-Linux-without-VPN-as-Default-Gateway

That was helpful, but I still feel dumb. Not sure I've got my head 100% around this. Can the script in the link be used as a systemctl startup script? If so, how do I pass arguments to it? It should live in /etc/openvpn or something rather than /bin then, right?  The script itself is Greek to me, although I can figure out where to plug in my VPN ip range thingy.

Share this post


Link to post
3 hours ago, DownTheRabbitHole said:

Can the script in the link be used as a systemctl startup script?


There are no startup scripts with systemd, only unit files defining a variety of things, be it a service, a socket, a target, etc. But you can execute a script with such a unit file which comes close to what you mean.

Anyway, it should be possible. Create a basic service file, something like the following, name it like "ovpn-selective.service" or so, then move it to /lib/systemd/system and trigger a daemon-reload::

[Unit]
Description=Selective OpenVPN connection
After=network-online.target
Wants=network-online.target

[Service]
ExecStart=/path/to/the/script.sh --with the --arguments +you -want to +use

[Install]
WantedBy=multi-user.target

$ sudo mv ovpn-selective.service /lib/systemd/system/
$ systemctl daemon-reload


Check that it works. If it does, mark it for startup:

$ systemctl start ovpn-selective.service
$ systemctl enable ovpn-selective.service


NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT.

LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Want to contact me directly? All relevant methods are on my About me page.

Share this post


Link to post
8 hours ago, DownTheRabbitHole said:

...
Can the script in the link be used as a systemctl startup script? If so, how do I pass arguments to it? It should live in /etc/openvpn or something rather than /bin then, right?  The script itself is Greek to me, although I can figure out where to plug in my VPN ip range thingy.


I just run it in "screen". And start it with "crontab"/"crond".

For screen you can use a command something like "screen -fa -dmS openvpn_client openvpn_exe ...". Then you don't have to keep an SSH session open for it. To disconnect in screen is "ctrl-a" followed by "d". To resume a session is "screen -r openvpn_client". To list sessions is "screen -ls". See "man screen".

To start it with cron, you could put "screen -fa -dmS openvpn_client openvpn_exe ..." into "~/bin/openvpn_client". Then run  "crontab -e" and add an entry like "@reboot /bin/bash -l $HOME/bin/openvpn_client". See "man crontab" and "man 5 crontab". "crontab -e" will ask what editor to use. I suggest "nano".  See the bottom line in nano for how to save and exit (ctrl-o and ctrl-x).

When you want to change the VPN configuration file being used you would edit "~/bin/openvpn_client"" to change the argument passed to "openvpn_exe".

I find this approach works in any Linux distro and is not broken during release upgrades.

My setup is a little more elaborate than what I described. Just trying to point out one approach.

EDIT:

I added a bit about using "screen" and "cron" to the github wiki page.
 

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...