Jump to content
Not connected, Your IP: 3.95.131.208

Search the Community

Showing results for tags 'cli'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • AirVPN
    • News and Announcement
    • How-To
    • Frequently asked questions
    • Databases
  • Community
    • General & Suggestions
    • Troubleshooting and Problems
    • Blocked websites warning
    • Eddie - AirVPN Client
    • Reviews
    • Other VPN competitors or features
    • Nonprofit
    • Off-Topic
  • Other Projects
    • IP Leak
    • XMPP
    • Mirrors

Product Groups

  • AirVPN Access
  • Coupons
  • Misc

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Website URL


Twitter


Mastodon


AIM


MSN


ICQ


Yahoo


XMPP / Jabber


Skype


Location


Interests

Found 11 results

  1. I've set up a SystemD Service (See below), which works a treat, but are there other options that I should consider adding/using? [Unit] Wants=network-online.target After=network-online.target [Service] Type=simple ExecStart=eddie-ui --cli --netlock -login=NotMyUserName -password=NotMyPassword123 -connect --batch path=/etc/airvpn/ Restart=always RestartSec=10s [Install] WantedBy=default.target
  2. Hello, after I posted some suggestions for Eddie's CLI version in this thread and received some helpful information there, I set out to write my own little interface in bash for it to implement the suggestions. Being no programmer it turned out to be quite a project for me, and I would like to share it here in case anybody else prefers to run Eddie in the terminal rather than as a full GUI application. This script still uses Eddie itself, it's just a wrapper to make it as easy to use in the command line as it is as a desktop application. Screenshots are attached. Some features and advantages: uses less resources (top shows usually 0.3% CPU usage compared to 4-5% for the desktop version)can be exited without disconnectinginteractive, sortable server listoption to connect to another VPN with openconnect (since I need to do that from time to time, but it should be easy to add other connection methods as well)option to lock down the system's network traffic by default, so even without Eddie running with its own network lock there will be no leaksWhat to watch out for: The default network lock works with direct rules in firewalld because I'm using Fedora. It should be easy to change it to use iptables directly on other distributions since firewalld's direct rules are just a way to directly manipulate iptables. Once activated, the lock will stay in place until manually deactivated (also surviving reboots), so no internet connection will be possible unless connected to AirVPN or other whitelisted VPNs. AirVPN's network lock overwrites the default network lock, so there will be no interference.Check your /etc/resolv.conf file while not running Eddie (because Eddie's network lock replaces that file temporarily) to make sure your router is not set as a nameserver (so no 192.168... address). Some routers will push themselves on that list by DHCP whenever you connect to their network. Since communication with the router is allowed in the lock rules, DNS requests will be handled by the router and sent to whatever DNS server is configured there even when network traffic should be blocked. There are ways to prevent that file from being changed by DHCP, best configure network manager for that if you use it.To connect to other VPNs, their IPs must be whitelisted and DNS requests for their domains must be allowed in the default network lock rules. The rules for airvpn.org can be copied and adjusted.I haven't yet included an option to pass command line arguments to Eddie. So if you need to set more advanced options like black-/whitelists, use of certain protocols etc., you need to set them manually in the connect_server function. All the possible options can be found in 'man eddie-ui'.You need to insert your own API key in line 5. It can be found in your account under Client Area -> API. Without this, connections will still work, but user info and connection status in the main window will not be properly updated.I tried to only use basic system tools. The script relies mostly on dialog, awk and curl (and firewalld as described and openconnect if needed), so it should work on most systems, but I'm not sure.And, lastly, VERY IMPORTANT: As I said, I'm no programmer and new to this, so even though I tried my best to make this script secure and error free, there might very well be some bad practice, never-ever-do-this mistakes or other hiccups in there. It works well for me, but better check it yourself.Feel free to use this as you wish, I hope someone can benefit from this. I'm happy about any improvements and corrections and will update this if I find the time. #!/bin/bash # an interactive shell script to control the command line version of the AirVPN Eddie client and openconnect more comfortably PROFILE_PATH="$HOME/.airvpn/default.xml" API_KEY="<your api key>" DIALOG_OK=0 DIALOG_CANCEL=1 DIALOG_EXTRA=3 DIALOG_ESC=255 HEIGHT=0 WIDTH=0 BACKTITLE="VPN Control" FORMAT="text" URL="https://airvpn.org/api/" PID=$$ function check_sudo { # check if user has sudo privileges sudo -vn &> /dev/null # gain sudo privileges for commands that need it (better than running everything with sudo) if [ $? = "1" ] then unset EXIT_STATUS_SUDO PASS_PROMPT="Establishing VPN connections and changing network traffic rules requires root privileges. Please enter your password:" until [ "$EXIT_STATUS_SUDO" = "0" ] do dialog \ --backtitle "$BACKTITLE" \ --title "Password Needed" \ --output-fd 1 \ --insecure \ --passwordbox "$PASS_PROMPT" 11 35 | xargs printf '%s\n' | sudo -Svp '' &> /dev/null EXIT_STATUS_PIPE=( "${PIPESTATUS[@]}" ) EXIT_STATUS_DIALOG="${EXIT_STATUS_PIPE[0]}" EXIT_STATUS_SUDO="${EXIT_STATUS_PIPE[2]}" EXIT_SUDO_TEST="${EXIT_STATUS_PIPE[2]}" PASS_PROMPT="The password you entered is incorrect. Please try again:" case $EXIT_STATUS_DIALOG in $DIALOG_CANCEL|$DIALOG_ESC) return 1 ;; esac done # keep sudo permission until script exits or permissions are revoked (e.g. when computer goes to sleep) while [ "$EXIT_SUDO_TEST" = "0" ]; do sudo -vn; EXIT_SUDO_TEST=$?; sleep 60; kill -0 "$PID" || exit; done &> /dev/null & fi return 0 } function get_list { SERVICE_NAME="status" ARGS="{ \"format\":\"$FORMAT\", \"service\":\"$SERVICE_NAME\" }" timeout --signal=SIGINT 10 curl -s -d "$ARGS" -X POST "$URL" > "/tmp/.eddie_server_list.txt" } function sort_list { # pipe server status list to awk, filter out unnecessary stuff, # combine lines that relate to same server into single lines which are saved as array, # loop through array to format info, # print array and sort according to options, # add numbers to list for menu LIST=$(awk -F '[.]' \ 'BEGIN{OFS=";"} \ /^servers/ && !/ip_/ && !/country_code/ {c=$2; \ if (c in servers) servers[c]=servers[c] OFS $3; \ else servers[c]=$3; \ for (k in servers) gsub(/;bw=/, " :", servers[k]); \ for (k in servers) gsub(/;bw_max=/, "/", servers[k]); \ for (k in servers) gsub(/;currentload=/, " :", servers[k]); \ for (k in servers) gsub(/;health=/, "%:", servers[k]); \ for (k in servers) gsub(/;.*=/, ":", servers[k]); \ for (k in servers) gsub(/^.*=/, "", servers[k])} \ END{ \ for (c in servers) print servers[c]}' "/tmp/.eddie_server_list.txt" | sort -t ":" $1 | awk -F '[;]' 'BEGIN{OFS=":"} {print v++";"$1}') } function get_userinfo { SERVICE_NAME="userinfo" ARGS="{ \"format\":\"$FORMAT\", \"service\":\"$SERVICE_NAME\", \"key\":\"$API_KEY\" }" # filter specific lines, save values to variables after protecting whitespace read U_LOGIN U_EXP U_CONNECTED U_DEVICE U_SERVER_NAME U_SERVER_COUNTRY U_SERVER_LOCATION U_TIME <<< $( \ timeout --signal=SIGINT 10 curl -s -d "$ARGS" -X POST "$URL" | \ awk -F '[=]' \ 'BEGIN{ORS=";"} \ /^user.login|^user.expiration_days|^user.connected|^sessions.*device_name|^connection.server_name|^connection.server_country=|^connection.server_location|^connection.connected_since_date/ \ {print $2}' | \ sed 's/\ /\\\ /g' | sed 's/;/\ /g' \ ) if [ "$U_CONNECTED" = "1" ] then U_CONNECTED="connected" U_SERVER_FULL="$U_SERVER_NAME ($U_SERVER_LOCATION, $U_SERVER_COUNTRY)" U_TIME=$(date -d "$U_TIME UTC" +"%m/%d/%Y %H:%M:%S") else U_CONNECTED="not connected" U_SERVER_FULL="--" U_TIME="--" fi } function connect_server { if [ "$KILLED" = "true" ] then # create pipes to process status of client if [ ! -p "/tmp/.eddie_fifo1" ] then mkfifo "/tmp/.eddie_fifo1" fi if [ ! -p "/tmp/.eddie_fifo2" ] then mkfifo "/tmp/.eddie_fifo2" fi # run eddie in background and detached from current window, pipe output to named pipe (sudo eddie-ui --cli --netlock --connect --server="$1" --profile="$PROFILE_PATH" | tee "/tmp/.eddie_fifo2" &> "/tmp/.eddie_fifo1" &) cat "/tmp/.eddie_fifo2" | dialog --backtitle "$BACKTITLE" --title "Connecting to AirVPN..." --progressbox 20 80 & timeout --signal=SIGINT 60 grep -q -m 1 "Initialization Sequence Completed" "/tmp/.eddie_fifo1" INIT_EXIT=$? pkill -f cat.*eddie_fifo2 if [ $INIT_EXIT = "0" ] then get_userinfo else U_CONNECTED="error during connection attempt" U_SERVER_FULL="--" U_TIME="--" fi else U_CONNECTED="error during disconnection" U_SERVER_FULL="--" U_TIME="--" fi } function disconnect_server { # check for running instance of eddie pgrep -f mono.*eddie-ui &> /dev/null if [ $? = 0 ] then # kill process and wait for confirmation from process output if [ -p "/tmp/.eddie_fifo1" -a -p "/tmp/.eddie_fifo2" ] then sudo pkill -2 -f mono.*eddie-ui & cat "/tmp/.eddie_fifo1" | dialog --backtitle "$BACKTITLE" --title "Disconnecting AirVPN..." --progressbox 20 80 & timeout --signal=SIGINT 10 grep -q -m 1 "Shutdown complete" "/tmp/.eddie_fifo2" else # in case connection was started without this script sudo pkill -2 -f mono.*eddie-ui sleep 5 fi # give some time to completely close process, without sleep it's too early for new connection sleep 3 pgrep -f mono.*eddie-ui &> /dev/null if [ $? = 1 ] then KILLED1="true" else KILLED1="false" fi else KILLED1="true" fi # check for running instance of openconnect pgrep -f "openconnect.*--" &> /dev/null if [ $? = 0 ] then sudo pkill -2 -f "openconnect.*--" sleep 1 pgrep -f "openconnect.*--" &> /dev/null if [ $? = 1 ] then KILLED2="true" # somehow openconnect doesn't receive SIGINT and shuts down improperly, # so vpnc can't restore resolv.conf by itself sudo cp "/var/run/vpnc/resolv.conf-backup" "/etc/resolv.conf" else KILLED2="false" fi else KILLED2="true" fi if [ "$KILLED1" = "true" -a "$KILLED2" = "true" ] then KILLED="true" else KILLED="false" fi } function define_lock { if [ "$1" = "activate" ] then GAUGE_TITLE="Activating Network Lock" RULE_ACTION="add-rule" elif [ "$1" = "deactivate" ] then GAUGE_TITLE="Deactivating Network Lock" RULE_ACTION="remove-rule" else return 1 fi GAUGE_BODY="$1" IPRULES=(\ #allow loopback "sudo firewall-cmd --direct --permanent --$RULE_ACTION ipv4 filter INPUT 0 -i lo -j ACCEPT" \ "sudo firewall-cmd --direct --permanent --$RULE_ACTION ipv4 filter OUTPUT 0 -o lo -j ACCEPT" \ #allow lan (out) and broadcasting/dhcp "sudo firewall-cmd --direct --permanent --$RULE_ACTION ipv4 filter OUTPUT 0 -s 192.168.0.0/16 -d 192.168.0.0/16 -j ACCEPT" \ "sudo firewall-cmd --direct --permanent --$RULE_ACTION ipv4 filter INPUT 0 -s 255.255.255.255 -j ACCEPT" \ "sudo firewall-cmd --direct --permanent --$RULE_ACTION ipv4 filter OUTPUT 0 -d 255.255.255.255 -j ACCEPT" \ # allow tun device to communicate (so any VPN connection should be possible, also without Air, but respective DNS requests must be allowed) "sudo firewall-cmd --direct --permanent --$RULE_ACTION ipv4 filter FORWARD 0 -o tun+ -j ACCEPT" \ "sudo firewall-cmd --direct --permanent --$RULE_ACTION ipv4 filter FORWARD 0 -i tun+ -j ACCEPT" \ "sudo firewall-cmd --direct --permanent --$RULE_ACTION ipv4 filter OUTPUT 998 -o tun+ -j ACCEPT" \ # optional masquerade rule (NAT/ports) "sudo firewall-cmd --direct --permanent --$RULE_ACTION ipv4 nat POSTROUTING 0 -o tun+ -j MASQUERADE" \ # allow ipv4 only to airvpn.org for status update # allow DNS query to resolve hostname (hex string reads "06 airvpn 03 org" - numbers are counting bits), # restrict packet length to length of this specific request package (might change?) to avoid hijacking # of query (very unlikely I guess, but who cares if we're already being paranoid for the fun of it), # whitelist destination IP for TCP handshake "sudo firewall-cmd --direct --permanent --$RULE_ACTION ipv4 filter OUTPUT 1 -p udp --dport 53 -m string --hex-string '|06 61697276706e 03 6f7267|' --algo bm -m length --length 0:126 -m recent --set -j ACCEPT" \ "sudo firewall-cmd --direct --permanent --$RULE_ACTION ipv4 filter OUTPUT 1 -p tcp --dport 53 -m string --hex-string '|06 61697276706e 03 6f7267|' --algo bm -m length --length 0:126 -m recent --set -j ACCEPT" \ # add rules for other domains you wish to allow DNS requests to here (packet length can be determined with e.g. wireshark) and adjust array index # # allow SYN request to whitelisted IP to initiate handshake, remove IP from whitelist "sudo firewall-cmd --direct --permanent --$RULE_ACTION ipv4 filter OUTPUT 1 -p tcp --syn --dport 53 -m recent --remove -j ACCEPT" \ # allow outgoing connection to Air's IP "sudo firewall-cmd --direct --permanent --$RULE_ACTION ipv4 filter OUTPUT 1 -d 5.196.64.52 -j ACCEPT" \ # add rules for other IPs you wish to allow connections to here # # allow communication "sudo firewall-cmd --direct --permanent --$RULE_ACTION ipv4 filter INPUT 1 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT" \ # drop outgoing ipv4 (if not specifically allowed by other rules) "sudo firewall-cmd --direct --permanent --$RULE_ACTION ipv4 filter OUTPUT 999 -j DROP" \ # block incoming ipv4 "sudo firewall-cmd --direct --permanent --$RULE_ACTION ipv4 filter INPUT 999 -j DROP" \ # drop all ipv6 "sudo firewall-cmd --direct --permanent --$RULE_ACTION ipv6 filter OUTPUT 0 -j DROP" \ "sudo firewall-cmd --direct --permanent --$RULE_ACTION ipv6 filter INPUT 0 -j DROP" \ # reload and restart firewalld to activate permanent rule changes "sudo firewall-cmd --reload" \ "sudo systemctl restart firewalld"\ ) toggle_lock } function toggle_lock { PERCENTAGE_STEP=$(awk -v rules="${#IPRULES[@]}" 'BEGIN {print 100/rules}') PERCENTAGE=0 COUNTER=0 # initial window dialog --backtitle "$BACKTITLE" \ --title "$GAUGE_TITLE" \ --mixedgauge "Applying iptable rules to $GAUGE_BODY the default network lock..." 35 80 "$(awk -v per="$PERCENTAGE" 'BEGIN {printf "%.0f", per}')" \ "Allow Loopback IN" "${RESULT[0]}" \ "Allow Loopback OUT" "${RESULT[1]}" \ "Allow LAN OUT" "${RESULT[2]}" \ "Allow DHCP IN" "${RESULT[3]}" \ "Allow DHCP OUT" "${RESULT[4]}" \ "Allow tun out FORWARD" "${RESULT[5]}" \ "Allow tun in FORWARD" "${RESULT[6]}" \ "Allow tun out OUT" "${RESULT[7]}" \ "tun masquerade" "${RESULT[8]}" \ "Allow DNS via UDP to airvpn.org" "${RESULT[9]}" \ "Allow DNS via TCP to airvpn.org" "${RESULT[10]}" \ "Allow connection initiation" "${RESULT[11]}" \ "Allow traffic to airvpn.org" "${RESULT[12]}" \ "Allow established connections" "${RESULT[13]}" \ "Block IPv4 OUT" "${RESULT[14]}" \ "Block IPv4 IN" "${RESULT[15]}" \ "Block IPv6 OUT" "${RESULT[16]}" \ "Block IPv6 IN" "${RESULT[17]}" \ "activate changes" "${RESULT[18]}" \ "restart firewalld" "${RESULT[19]}" for i in "${IPRULES[@]}" do RESULT["$COUNTER"]=$(eval $i) (( COUNTER++ )) PERCENTAGE=$(awk -v per="$PERCENTAGE" -v per_step="$PERCENTAGE_STEP" 'BEGIN {print per+per_step}') # progress window dialog --backtitle "$BACKTITLE" \ --title "$GAUGE_TITLE" \ --mixedgauge "Applying iptable rules to $GAUGE_BODY the default network lock..." 35 80 "$(awk -v per="$PERCENTAGE" 'BEGIN {printf "%.0f", per}')" \ "Allow Loopback IN" "${RESULT[0]}" \ "Allow Loopback OUT" "${RESULT[1]}" \ "Allow LAN OUT" "${RESULT[2]}" \ "Allow DHCP IN" "${RESULT[3]}" \ "Allow DHCP OUT" "${RESULT[4]}" \ "Allow tun out FORWARD" "${RESULT[5]}" \ "Allow tun in FORWARD" "${RESULT[6]}" \ "Allow tun out OUT" "${RESULT[7]}" \ "tun masquerade" "${RESULT[8]}" \ "Allow DNS via UDP to airvpn.org" "${RESULT[9]}" \ "Allow DNS via TCP to airvpn.org" "${RESULT[10]}" \ "Allow connection initiation" "${RESULT[11]}" \ "Allow traffic to airvpn.org" "${RESULT[12]}" \ "Allow established connections" "${RESULT[13]}" \ "Block IPv4 OUT" "${RESULT[14]}" \ "Block IPv4 IN" "${RESULT[15]}" \ "Block IPv6 OUT" "${RESULT[16]}" \ "Block IPv6 IN" "${RESULT[17]}" \ "activate changes" "${RESULT[18]}" \ "restart firewalld" "${RESULT[19]}" done # final window to show results dialog --backtitle "$BACKTITLE" \ --title "$GAUGE_TITLE" \ --mixedgauge "Applying iptable rules to $GAUGE_BODY the default network lock..." 35 80 "$(awk -v per="$PERCENTAGE" 'BEGIN {printf "%.0f", per}')" \ "Allow Loopback IN" "${RESULT[0]}" \ "Allow Loopback OUT" "${RESULT[1]}" \ "Allow LAN OUT" "${RESULT[2]}" \ "Allow DHCP IN" "${RESULT[3]}" \ "Allow DHCP OUT" "${RESULT[4]}" \ "Allow tun out FORWARD" "${RESULT[5]}" \ "Allow tun in FORWARD" "${RESULT[6]}" \ "Allow tun out OUT" "${RESULT[7]}" \ "tun masquerade" "${RESULT[8]}" \ "Allow DNS via UDP to airvpn.org" "${RESULT[9]}" \ "Allow DNS via TCP to airvpn.org" "${RESULT[10]}" \ "Allow connection initiation" "${RESULT[11]}" \ "Allow traffic to airvpn.org" "${RESULT[12]}" \ "Allow established connections" "${RESULT[13]}" \ "Block IPv4 OUT" "${RESULT[14]}" \ "Block IPv4 IN" "${RESULT[15]}" \ "Block IPv6 OUT" "${RESULT[16]}" \ "Block IPv6 IN" "${RESULT[17]}" \ "activate changes" "${RESULT[18]}" \ "restart firewalld" "${RESULT[19]}" sleep 2 unset RESULT check_lock } function check_lock { # check for success (not really though, needs improvement) LOCK_RULES=$( sudo firewall-cmd --direct --permanent --get-all-rules | wc -l ) if [ "$LOCK_RULES" -gt 16 ] then LOCK_ACTIVE="active" else LOCK_ACTIVE="inactive" fi } function yesno { dialog \ --backtitle "$BACKTITLE" \ --title "$1" \ --clear \ --yesno "$2" \ $HEIGHT $WIDTH EXIT_STATUS=$? } check_sudo if [ $? = "1" ] then clear exit fi get_userinfo # if currently connected by openconnect, set status to unknown (connection could have been established outside of this script) pgrep openconnect &> /dev/null if [ $? = 0 ] then U_CONNECTED="connected (openconnect)" U_SERVER_FULL="unknown" U_TIME="unknown" fi check_lock while true; do exec 3>&1 selection=$(dialog \ --cr-wrap \ --backtitle "$BACKTITLE" \ --title "Main Menu" \ --clear \ --cancel-label "Quit" \ --menu "This is a control script for VPN connections, primarily for Eddie, the AirVPN client.\nThis script can be exited and re-entered without affecting a running connection.\n\nUser: $U_LOGIN\nDays Until Expiration: $U_EXP\n\nDefault Network Lock: $LOCK_ACTIVE\n\nStatus: $U_CONNECTED\nServer: $U_SERVER_FULL\nConnected Since: $U_TIME\n\nPlease select one of the following options:" $HEIGHT $WIDTH 6 \ "0" "Connect to Recommended Server" \ "1" "Connect to Specific Server" \ "2" "Connect via openconnect" \ "3" "Disconnect" \ "4" "Refresh User Info" \ "5" "Toggle Default Network Lock" \ 2>&1 1>&3) EXIT_STATUS=$? exec 3>&- case $EXIT_STATUS in $DIALOG_CANCEL|$DIALOG_ESC) yesno "Quit" "Exit Script?" case $EXIT_STATUS in $DIALOG_CANCEL|$DIALOG_ESC) ;; $DIALOG_OK) break ;; esac ;; esac case $selection in 0 ) check_sudo if [ $? = "0" ] then disconnect_server connect_server "" fi ;; 1 ) while true; do exec 3>&1 SERVER_SORT=$(dialog \ --backtitle "$BACKTITLE" \ --title "Sort Server List" \ --no-collapse \ --ok-label "sort ascending" \ --extra-button \ --extra-label "sort descending" \ --menu "Please choose how you want to sort the server list." \ 14 0 7 \ "1" "Name" \ "2" "Country" \ "3" "Location" \ "4" "Continent" \ "5" "Bandwidth" \ "6" "Users" \ "7" "Load" \ 2>&1 1>&3) EXIT_STATUS=$? exec 3>&- case $EXIT_STATUS in $DIALOG_CANCEL|$DIALOG_ESC) break ;; $DIALOG_EXTRA) SERVER_SORT_OPTION="r" ;; $DIALOG_OK) SERVER_SORT_OPTION="" ;; esac if [ "$SERVER_SORT" = "5" -o "$SERVER_SORT" = "6" -o "$SERVER_SORT" = "7" ] then SERVER_NUM_OPTION="n" else SERVER_NUM_OPTION="" fi if [ ! -f "/tmp/.eddie_server_list.txt" ] then get_list fi while true do sort_list "-k$SERVER_SORT,$SERVER_SORT$SERVER_SORT_OPTION$SERVER_NUM_OPTION" IFS=$';\n' exec 3>&1 SERVER_NMBR=$(dialog \ --backtitle "$BACKTITLE" \ --title "Server List" \ --colors \ --no-collapse \ --extra-button \ --extra-label "Refresh List" \ --column-separator ":" \ --menu "Choose a server from the list to connect to it. (Press ESC to go back.)\n\n\Zb # Name Country Location Continent Bandwidth Users Load Health\ZB" \ 40 102 31 $LIST 2>&1 1>&3) EXIT_STATUS=$? exec 3>&- IFS=$' \t\n' case $EXIT_STATUS in $DIALOG_CANCEL) break 2 ;; $DIALOG_ESC) break ;; $DIALOG_EXTRA) get_list ;; $DIALOG_OK) check_sudo if [ $? = "0" ] then SELECTED_SERVER=$(printf -- '%s\n' "${LIST[@]}" | grep "^$SERVER_NMBR;" | cut -d ";" -f 2 | cut -d ":" -f 1) disconnect_server connect_server "$SELECTED_SERVER" break 2 fi ;; esac done done ;; 2 ) exec 3>&1 # adjust field lengths if necessary CONNECT_INFO=$(dialog \ --backtitle "$BACKTITLE" \ --title "VPN via openconnect" \ --insecure \ --mixedform "Please provide your login credentials to connect to a VPN via openconnect:\n(Leave unneeded fields blank and type options as in command line, separated by space.)" $HEIGHT $WIDTH 6 \ "Server:" 1 1 "" 1 21 25 0 0 \ "Group:" 2 1 "" 2 21 25 0 0 \ "User:" 3 1 "" 3 21 25 0 0 \ "Password:" 4 1 "" 4 21 25 0 1 \ "Additional Options:" 5 1 "" 5 21 25 0 0 \ 2>&1 1>&3) EXIT_STATUS=$? exec 3>&- case $EXIT_STATUS in $DIALOG_CANCEL|$DIALOG_ESC) ;; $DIALOG_OK) check_sudo if [ $? = "0" ] then disconnect_server if [ "$KILLED" = "true" ] then if [ ! -p "/tmp/.eddie_fifo1" ] then mkfifo "/tmp/.eddie_fifo1" fi ALT_SERVER=$(echo -n "$CONNECT_INFO" | cut -d$'\n' -f 1) ALT_GROUP=$(echo -n "$CONNECT_INFO" | cut -d$'\n' -f 2) ALT_USER=$(echo -n "$CONNECT_INFO" | cut -d$'\n' -f 3) ALT_PASS=$(echo -n "$CONNECT_INFO" | cut -d$'\n' -f 4) ALT_OPTS=$(echo -n "$CONNECT_INFO" | cut -d$'\n' -f 5) echo "$ALT_PASS" | (sudo openconnect $ALT_OPTS --authgroup=$ALT_GROUP --user=$ALT_USER --passwd-on-stdin $ALT_SERVER &> "/tmp/.eddie_fifo1" &) timeout --signal=SIGINT 3 cat "/tmp/.eddie_fifo1" | dialog --backtitle "$BACKTITLE" --title "Connecting via openconnect..." --timeout 5 --programbox 20 80 U_CONNECTED="connected" U_SERVER_FULL="$ALT_SERVER" U_TIME=$(date +"%m/%d/%Y %H:%M:%S") else U_CONNECTED="error during disconnection" U_SERVER_FULL="--" U_TIME="--" fi fi ;; esac ;; 3 ) check_sudo if [ $? = "0" ] then disconnect_server if [ "$KILLED" = "true" ] then get_userinfo else U_CONNECTED="error during disconnection" U_SERVER_FULL="--" U_TIME="--" fi if [ -p "/tmp/.eddie_fifo1" ] then rm "/tmp/.eddie_fifo1" fi if [ -p "/tmp/.eddie_fifo2" ] then rm "/tmp/.eddie_fifo2" fi fi ;; 4 ) get_userinfo ;; 5 ) pgrep -f mono.*eddie-ui &> /dev/null if [ $? = 0 ] then dialog --backtitle "$BACKTITLE" --title "Toggle Network Lock" --timeout 3 --msgbox "You need to be disconnected to change network traffic rules." 10 35 else if [ "$LOCK_ACTIVE" = "inactive" ] then yesno "Toggle Network Lock" "Are you sure you want to activate the default network lock and block all connections while not connected to (any) VPN?" case $EXIT_STATUS in $DIALOG_CANCEL|$DIALOG_ESC) ;; $DIALOG_OK) check_sudo if [ $? = "0" ] then define_lock "activate" fi ;; esac else yesno "Toggle Network Lock" "Are you sure you want to deactivate the default network lock and allow all connections, even when not connected to a VPN?" case $EXIT_STATUS in $DIALOG_CANCEL|$DIALOG_ESC) ;; $DIALOG_OK) check_sudo if [ $? = "0" ] then define_lock "deactivate" fi ;; esac fi fi ;; esac done clear
  3. Hello. I've been very happy with Air so far, thank you for the great service! I have some improvement suggestions/requests for the CLI version of the Eddie client though. I prefer to not run the GUI version for everyday use since it uses up more resources (not crazy much, but mono has 4-5% CPU usage while the CLI version always uses <1%). But what keeps me from using it is that there seems to be no way to disconnect from a server or reconnect to another without exiting Eddie and thus disabling the network lock. It would be great to make the client more interactive as in being able to disconnect from a server and have Eddie be in "idle" with still having the network lock enabled and, as another suggestion, be able to connect to a specific server from there again (rather than the recommended one). Maybe even implement a possibility to request an interactive server list like the ProtonVPN CLI client has it. Also as a minor improvement I would suggest that the CLI client defaults to loading the default profile from ~/.airvpn and not the one in the root folder since the first one is where the login data is stored. Thank you!
  4. Hi, as i've write in other topic, seems we can't launch eddie-ui GUI client in tails 3.7.1 without crash of app. (seems permission-related question, i've tried some change and the use of torsocks but none works) So i've to use command line interface; it's necessary to add specific option to connect to airvpn over tor ? I think i should add something to command line.. i cant use only : "airvpn -cli -login=mynick -password=mypassword" Could someone gently post the simple base command line to obtain vpn over tor connection ? i'm sure it would be very useful have a simple working command line for start the ball rolling.
  5. Hello, I can successfully run the Eddie CLI and connect by issuing sudo ~/airvpn -cli -connect However, I want to put this line into a shell script "vpn.sh" so that I con't have to type all this every time I connect, but instead just issue "vpn.sh". When I do this, the program doesn't connect but instead I get a small graphical window with the title "Eddie" and the content "Lib.Platform.Linux.Native.so". This also happens when I set an alias for the long command in my .bashrc. Does anyone know why that happens, and how to avoid it? If there's another, better solution to my problem, I'm also happy to hear about it. Thanks in advance. /Edit: Okay, this is mighty weird: *Sometimes*, this command throws the same error: sudo /home/beefcake/files/Software/eddie-ui_2.13.6_linux_x64_portable/airvpn -cli -connect I've had two bash windows open where it worked in one, and failed in the other. If I issue these commands, it works: cd /home/beefcake/files/Software/eddie-ui_2.13.6_linux_x64_portable/ sudo ./airvpn -cli -connect
  6. setup: headless ubuntu 14.01 command: sudo /usr/bin/airvpn -cli -login='xxxx' -password='xxxxx' -connect -netlock problem: my subscription lapsed and when disconnected the netlock didn't work. got about 10 torrent dmca warnings. lol i have also seen this problem one other time. I noticed that when i had no download limit set on my torrent app and it reached a certain limit my connection would die. Im guessing on the server side. I set a limit of 9mb down and that fixed it. When it would disconnect again the netlock didn't work. I know the root of the problem is my procrastination but it would be cool if the netlock still protected me.
  7. Last week I built Eddie 2.11.x from your DEB file on Ubuntu Xenial, with no problems. Over the weekend I began testing but soon ran into a bug whereby the client would try one server after another but fail with TAP/TUN problems. I sent you the logfile appended to support request 66876, but have not heard back so far. See appended file airvpn-linux-client-OUT for more information. The graphic interface is nice but I would like to build a CLI version without the overhead of the GUI. I have cloned the sources from Github. I need a way to toggle the build process into producing a cli only version. In a conventional linux build system there would be a flag in the toplevel Makefile to do this. However that will not work in this case as the build process here is completely opaque. Can you please provide me with a means to do this, or as a last resort, provide me with the source code for src/Deploy/bin/Release/Deploy.exe? Perhaps you have already produced a CLI only version of Eddie 2.11 somewhere? airvpn-linux-client-OUT.txt
  8. Two different topics in the same post since I can only make a single post a day. Sorry. First, what is the proper way to set the.ovpn configuration file in order to enable VPN through Tor? I have attempted using 127.0.0.1 as the SOCKS proxy but that has not worked. Maybe it has something to do with the control port? Second, I have been able to get Eddie started on CentOS 7, but for some reason, Eddie does not connect to any server. I used all default settings once, and then disabled DNS check. Posting relevant log below: I 2016.09.30 12:22:37 - Session starting. I 2016.09.30 12:22:38 - Checking authorization ... ! 2016.09.30 12:22:38 - Connecting to Gemma (Canada, Vancouver) . 2016.09.30 12:22:38 - OpenVPN > OpenVPN 2.3.12 x86_64-redhat-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Aug 23 2016 . 2016.09.30 12:22:38 - OpenVPN > library versions: OpenSSL 1.0.1e-fips 11 Feb 2013, LZO 2.06 . 2016.09.30 12:22:38 - OpenVPN > MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:3100 . 2016.09.30 12:22:38 - OpenVPN > Control Channel Authentication: tls-auth using INLINE static key file . 2016.09.30 12:22:38 - OpenVPN > Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication . 2016.09.30 12:22:38 - OpenVPN > Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication . 2016.09.30 12:22:38 - OpenVPN > Socket Buffers: R=[212992->262144] S=[212992->262144] . 2016.09.30 12:22:38 - OpenVPN > UDPv4 link local: [undef] . 2016.09.30 12:22:38 - OpenVPN > UDPv4 link remote: [AF_INET]##.##.###.###:443 . 2016.09.30 12:23:10 - OpenVPN > [UNDEF] Inactivity timeout (--ping-exit), exiting . 2016.09.30 12:23:10 - OpenVPN > SIGTERM received, sending exit notification to peer . 2016.09.30 12:23:15 - OpenVPN > SIGTERM[soft,exit-with-notification] received, process exiting ! 2016.09.30 12:23:15 - Disconnecting . 2016.09.30 12:23:15 - Connection terminated. I 2016.09.30 12:23:16 - Cancel requested. ! 2016.09.30 12:23:16 - Session terminated. If any advancements have been made in either issues, I would greatly appreciate any news - even if it's bad news.
  9. I've downloaded the mono version of the AirVPN client to run on my Raspberry Pi, but I seem to be having an issue getting it up and running on my Arch Linux Arm installation. The problem appears to be that the AirVPN client passes a bad parameter or parameters to my local OpenVPN binary. Unfortunately, I cannot use the OpenVPN binary distriuted with the mono client, as it is not suitable for the ARM architecture. The client also straingely appears to refuse to read certain configuration parameters from my profile, but that is a secondary concern for the time being. The command line invocation, application startup, and profile options are included below. Please note that although the application appears to be using the binaries with which it was distributed, these have been replaced with symlinks to my system's binaries. I'd be happy to provide any additional information, and thanks in advance for any assistance! /usr/local/etc/airvpn/system.xml <options> <option name="areas.blacklist" value="de,us" /> <option name="executables.openvpn" value="/usr/bin/openvpn" /> <option name="executables.ssh" value="/usr/bin/ssh" /> <option name="executables.ssl" value="/usr/bin/stunnel" /> <option name="openvpn.custom" value="/usr/bin/openvpn" /> </options> /usr/bin/mono /opt/airvpn_linux_x86_mono/AirVPN.exe -cli -profile=/usr/local/etc/airvpn/system.xml Oct 29 00:46:57 lanvpn mono[19286]: I 2014.10.29 00:46:57 - AirVPN client version: 2.7, System: Linux, Architecture: Unknown Oct 29 00:46:58 lanvpn mono[19286]: . 2014.10.29 00:46:58 - Reading options from /usr/local/etc/airvpn/system.xml Oct 29 00:46:59 lanvpn mono[19286]: I 2014.10.29 00:46:59 - Press 'X' to Cancel, 'B' to reconnect to the best available server. Oct 29 00:46:59 lanvpn mono[19286]: . 2014.10.29 00:46:59 - Data Path: /usr/local/etc/airvpn Oct 29 00:46:59 lanvpn mono[19286]: . 2014.10.29 00:46:59 - App Path: /opt/airvpn_linux_x86_mono Oct 29 00:46:59 lanvpn mono[19286]: . 2014.10.29 00:46:59 - Executable Path: /opt/airvpn_linux_x86_mono/AirVPN.exe Oct 29 00:46:59 lanvpn mono[19286]: . 2014.10.29 00:46:59 - Command line arguments: cli="True" profile="system" path="/usr/local/var/airvpn" Oct 29 00:46:59 lanvpn mono[19286]: . 2014.10.29 00:46:59 - Profile: system Oct 29 00:47:02 lanvpn mono[19286]: . 2014.10.29 00:47:02 - Updating systems & servers data ... Oct 29 00:47:02 lanvpn mono[19286]: . 2014.10.29 00:47:02 - Operating System: Unix 3.12.29.1 - Linux lanvpn 3.12.29-1-ARCH #1 PREEMPT Tue Oct 7 07:03:53 MDT 2014 armv6l GNU/Linu Oct 29 00:47:02 lanvpn mono[19286]: I 2014.10.29 00:47:02 - OpenVPN Driver - Found Oct 29 00:47:02 lanvpn mono[19286]: I 2014.10.29 00:47:02 - OpenVPN - Version: OpenVPN 2.3.4 (/opt/airvpn_linux_x86_mono/openvpn) Oct 29 00:47:02 lanvpn mono[19286]: I 2014.10.29 00:47:02 - SSH - Version: OpenSSH_6.6.1p1, OpenSSL 1.0.1j 15 Oct 2014 (/usr/bin/ssh) Oct 29 00:47:02 lanvpn mono[19286]: I 2014.10.29 00:47:02 - SSL - Version: stunnel 5.06 (/opt/airvpn_linux_x86_mono/stunnel) Oct 29 00:47:02 lanvpn mono[19286]: I 2014.10.29 00:47:02 - IPV6: Not available Oct 29 00:47:02 lanvpn mono[19286]: E 2014.10.29 00:47:02 - update-resolv-conf Not found Oct 29 00:47:02 lanvpn mono[19286]: ! 2014.10.29 00:47:02 - Checking login ... Oct 29 00:47:07 lanvpn mono[19286]: ! 2014.10.29 00:47:07 - Logged in. Oct 29 00:47:07 lanvpn mono[19286]: I 2014.10.29 00:47:07 - Session starting. Oct 29 00:47:07 lanvpn mono[19286]: ! 2014.10.29 00:47:07 - Checking environment Oct 29 00:47:07 lanvpn mono[19286]: ! 2014.10.29 00:47:07 - Retrieving manifest Oct 29 00:47:08 lanvpn mono[19286]: . 2014.10.29 00:47:08 - Systems & servers data update completed Oct 29 00:47:08 lanvpn mono[19286]: ! 2014.10.29 00:47:08 - Waiting for latency tests (60 to go) Oct 29 00:47:09 lanvpn mono[19286]: ! 2014.10.29 00:47:09 - Waiting for latency tests (58 to go) Oct 29 00:47:09 lanvpn mono[19286]: ! 2014.10.29 00:47:09 - Waiting for latency tests (56 to go) Oct 29 00:47:09 lanvpn mono[19286]: ! 2014.10.29 00:47:09 - Waiting for latency tests (55 to go) Oct 29 00:47:09 lanvpn mono[19286]: ! 2014.10.29 00:47:09 - Waiting for latency tests (54 to go) Oct 29 00:47:09 lanvpn mono[19286]: ! 2014.10.29 00:47:09 - Waiting for latency tests (53 to go) Oct 29 00:47:09 lanvpn mono[19286]: ! 2014.10.29 00:47:09 - Waiting for latency tests (51 to go) Oct 29 00:47:09 lanvpn mono[19286]: ! 2014.10.29 00:47:09 - Waiting for latency tests (50 to go) Oct 29 00:47:10 lanvpn mono[19286]: ! 2014.10.29 00:47:10 - Waiting for latency tests (48 to go) Oct 29 00:47:10 lanvpn mono[19286]: ! 2014.10.29 00:47:10 - Waiting for latency tests (45 to go) Oct 29 00:47:10 lanvpn mono[19286]: ! 2014.10.29 00:47:10 - Waiting for latency tests (44 to go) Oct 29 00:47:10 lanvpn mono[19286]: ! 2014.10.29 00:47:10 - Waiting for latency tests (42 to go) Oct 29 00:47:10 lanvpn mono[19286]: ! 2014.10.29 00:47:10 - Waiting for latency tests (39 to go) Oct 29 00:47:10 lanvpn mono[19286]: ! 2014.10.29 00:47:10 - Waiting for latency tests (38 to go) Oct 29 00:47:10 lanvpn mono[19286]: ! 2014.10.29 00:47:10 - Waiting for latency tests (35 to go) Oct 29 00:47:10 lanvpn mono[19286]: ! 2014.10.29 00:47:10 - Waiting for latency tests (32 to go) Oct 29 00:47:10 lanvpn mono[19286]: ! 2014.10.29 00:47:10 - Waiting for latency tests (29 to go) Oct 29 00:47:11 lanvpn mono[19286]: ! 2014.10.29 00:47:11 - Waiting for latency tests (26 to go) Oct 29 00:47:11 lanvpn mono[19286]: ! 2014.10.29 00:47:11 - Waiting for latency tests (24 to go) Oct 29 00:47:11 lanvpn mono[19286]: ! 2014.10.29 00:47:11 - Waiting for latency tests (20 to go) Oct 29 00:47:11 lanvpn mono[19286]: ! 2014.10.29 00:47:11 - Waiting for latency tests (18 to go) Oct 29 00:47:11 lanvpn mono[19286]: ! 2014.10.29 00:47:11 - Waiting for latency tests (16 to go) Oct 29 00:47:11 lanvpn mono[19286]: ! 2014.10.29 00:47:11 - Waiting for latency tests (11 to go) Oct 29 00:47:11 lanvpn mono[19286]: ! 2014.10.29 00:47:11 - Waiting for latency tests (5 to go) Oct 29 00:47:11 lanvpn mono[19286]: ! 2014.10.29 00:47:11 - Checking authorization ... Oct 29 00:47:12 lanvpn mono[19286]: ! 2014.10.29 00:47:12 - Connecting to Grumium (Canada, Toronto, Ontario) Oct 29 00:47:13 lanvpn mono[19286]: ! 2014.10.29 00:47:13 - Disconnecting Oct 29 00:47:13 lanvpn mono[19286]: . 2014.10.29 00:47:13 - Connection terminated. Oct 29 00:47:13 lanvpn mono[19286]: . 2014.10.29 00:47:13 - OpenVPN > Options error: Unrecognized option or missing parameter(s) in /usr/local/etc/airvpn/fb49d9d32fb966785cf1aee Oct 29 00:47:13 lanvpn mono[19286]: . 2014.10.29 00:47:13 - OpenVPN > Use --help for more information. Oct 29 00:47:16 lanvpn mono[19286]: ! 2014.10.29 00:47:16 - Checking authorization ... Oct 29 00:47:17 lanvpn mono[19286]: ! 2014.10.29 00:47:17 - Connecting to Grumium (Canada, Toronto, Ontario) Oct 29 00:47:17 lanvpn mono[19286]: . 2014.10.29 00:47:17 - OpenVPN > Options error: Unrecognized option or missing parameter(s) in /usr/local/etc/airvpn/889cbe22dba3d679d7af794 Oct 29 00:47:17 lanvpn mono[19286]: . 2014.10.29 00:47:17 - OpenVPN > Use --help for more information. Oct 29 00:47:17 lanvpn mono[19286]: ! 2014.10.29 00:47:17 - Disconnecting
  10. Hi, I would like to access AirVPN through the command line on my Mac (OSX). Is this possible? Is there a command line interface (CLI)? Do I need to install OpenVPN first? Thank you.
  11. I'm not sure if anyone else would find this useful, but I threw together a simple script the other day for speeding up the process of configuring and managing my VPN connections on my desktop (Linux Mint). Note that this is far from comprehensive--I made it with my use cases in mind. https://github.com/mindcruzer/airvpn-cli ex. ~$ airvpn setup pavonis --connect Would prompt you for your username and password, generate the configuration, save it and set the appropriate permissions, then start the openvpn daemon. There are a few other useful commands as well.
×
×
  • Create New...