DSM-G600, DNS-3xx and NSA-220 Hack Forum

Unfortunately no one can be told what fun_plug is - you have to see it for yourself.

You are not logged in.

Announcement

#51 2009-05-05 06:37:39

metal450
Member
Registered: 2009-05-02
Posts: 29

Re: Compiled & Working: OpenVPN

...Er, but now the tun kernel module isn't working; i presume i'll have to compile this myself as well (the error is "insmod: cannot insert 'tun.ko': invalid module format").

Here's how far I've come:

1) Download the linux kernel from linux.org
2) Copy to device and extract
3) "make menuconfig", select "Enable loadable module support" and "Device Drivers -> Network Device Support -> Universal TUN/TAP" to <M> (module)
5) make

Once it's done, I get tun.ko in drivers/net/tun.ko

...But the tun.ko file STILL generates the "invalid module format" when using insmod!

Anyone? I've been really stumped by this one all day...

Last edited by metal450 (2009-05-05 07:35:53)

Offline

 

#52 2009-05-05 13:43:42

Electrocut
Member
From: France
Registered: 2009-04-05
Posts: 195

Re: Compiled & Working: OpenVPN


DNS-313

Offline

 

#53 2009-05-28 03:10:08

krimb1
Member
Registered: 2008-01-05
Posts: 65

Re: Compiled & Working: OpenVPN

Sinobato wrote:

Andrey,

I have another box with Ubuntu x86 installed. Can I use it and install OpenVPN and generate the keys there, and just copy the keys to my DNS-323 OpenVPN folder? That way, I don't have to install Debian on the NAS?

First of all many thanks to Haydn and all the contributers to the OpenVPN port.

Just wondering if there was any conclusion reached on alternative ways of generating the necessary keys for OpenVPN without installing Debian on the NAS? I've got a static key at the moment, but as Andrey said, there isn't much point to having a VPN setup without proper security. smile

Offline

 

#54 2009-05-28 13:41:39

Electrocut
Member
From: France
Registered: 2009-04-05
Posts: 195

Re: Compiled & Working: OpenVPN

krimb1 wrote:

Sinobato wrote:

Andrey,

I have another box with Ubuntu x86 installed. Can I use it and install OpenVPN and generate the keys there, and just copy the keys to my DNS-323 OpenVPN folder? That way, I don't have to install Debian on the NAS?

First of all many thanks to Haydn and all the contributers to the OpenVPN port.

Just wondering if there was any conclusion reached on alternative ways of generating the necessary keys for OpenVPN without installing Debian on the NAS? I've got a static key at the moment, but as Andrey said, there isn't much point to having a VPN setup without proper security. smile

I think you can either build the necessary keys (following Open VPN Howto) on a different device (with "easy-rsa" tools provided by the original openvpn package), or even build your keys on the DNS-323 itself, with "easy-rsa" scripts (see attachment)

To my mind, there is no need to install Debian for that, at all.

Last edited by Electrocut (2009-05-28 13:42:07)


Attachments:
Attachment Icon easy-rsa.tar.gz, Size: 7,435 bytes, Downloads: 750

DNS-313

Offline

 

#55 2009-05-28 17:51:16

krimb1
Member
Registered: 2008-01-05
Posts: 65

Re: Compiled & Working: OpenVPN

Great, thanks very much Electrocut. The easy-rsa tools you referenced worked beautifully. Now I have full SSL working with the extra TLS key for robustness. You guys are awesome.

Just for reference, for some reason though I configured my 'vars' file properly, each time I executed it none of the variables would stick; running 'env' afterward showed no changes. Not a big deal, entered them in manually but just FYI for anyone else.

EDIT:

By the way, would anyone know the default log directory of openVPN as it's running? I'd like to move it to a USB drive so as to prevent spinups when no one is connected and wanted to know if I should move/symlink the log as well. Many thanks. wink

Last edited by krimb1 (2009-05-28 17:56:44)

Offline

 

#56 2009-05-28 20:02:00

Electrocut
Member
From: France
Registered: 2009-04-05
Posts: 195

Re: Compiled & Working: OpenVPN

Thanks wink

By default, I think Openvpn writes its log to syslog.


DNS-313

Offline

 

#57 2009-05-28 21:04:25

krimb1
Member
Registered: 2008-01-05
Posts: 65

Re: Compiled & Working: OpenVPN

Is it safe to assume that if /ffp/start/syslogd.sh isn't run at startup (i.e. if the execute bit isn't set), then logging for openVPN will be disabled?

Offline

 

#58 2009-05-28 22:14:17

Electrocut
Member
From: France
Registered: 2009-04-05
Posts: 195

Re: Compiled & Working: OpenVPN

I don't really know. (I assume ?)

But to prevent syslogd from writing on the disc, I enabled the "ram buffer" feature on my NAS :
with the following entry:
# Log to memory buffer, size 100 KB
syslogd_flags="-C100"

in /ffp/start/syslogd.sh

Then, the syslog can be read with the "logread" command.

Last edited by Electrocut (2009-05-29 01:15:20)


DNS-313

Offline

 

#59 2009-05-29 07:11:05

krimb1
Member
Registered: 2008-01-05
Posts: 65

Re: Compiled & Working: OpenVPN

You're the man electrocut! Worked like a charm.

Hope I'm not pushing my luck but I have one more question. Is there anyway to configure the syslogd_flags so that it will both (a) log to the ram buffer and (b) log to a text file (i.e. stored on a USB)? It'd be nice to keep it in memory but save the log files across multiple sessions/reboots.

I've tried setting it to

syslogd_flags="-C100 -O /mnt/USB/syslogd.log"

but the second parameter is simply ignored.

Many thanks again!

Last edited by krimb1 (2009-05-29 07:12:24)

Offline

 

#60 2010-07-21 22:23:38

kenlau
Member
Registered: 2010-07-21
Posts: 7

Re: Compiled & Working: OpenVPN

Anybody have a startup script that I can put in my /ffp/start directory.

I been trying to get openvpn to start automatically, but so far no luck, in that I am a complete linux noob.

Offline

 

#61 2010-07-21 22:29:28

Electrocut
Member
From: France
Registered: 2009-04-05
Posts: 195

Re: Compiled & Working: OpenVPN

Here is the file I'm using on my DNS-313 device.

You may need to edit the script, according to your device. (path to tun.ko ...)


Attachments:
Attachment Icon openvpn.sh, Size: 844 bytes, Downloads: 715

DNS-313

Offline

 

#62 2010-07-22 14:16:31

kenlau
Member
Registered: 2010-07-21
Posts: 7

Re: Compiled & Working: OpenVPN

Thanks

Offline

 

#63 2010-08-24 19:33:04

shiyou
New member
Registered: 2010-08-24
Posts: 1

Re: Compiled & Working: OpenVPN

I need help for the setup configuration for openvpn. Openvpn was installed in DNS-323. with ffp 0.5.

When I am in office, I used iphone openvpn client to connect to my home DNS-323 Openvpn server. I am able to browse my Transmission Bitorrent via local IP address, i.e. 192.168.1.88:9091

However, I am not able to connect to other local IP address, i.e 192.168.1.100 (IP camera) via VPN.

I am keeping it very simple and below is my network configuration:

DSL Modem - Default Gateway 192.168.1.1 Subnet 255.255.255.0

-----------------------------------------------------------------------------------------------
OpenVPN Server config

dev tun
proto udp
ifconfig 10.0.250.253 10.0.250.254

push "route-gateway 10.0.250.254"
route 10.0.250.0 255.255.255.0 192.168.1.1 gw

comp-lzo

keepalive 10 120
ping-timer-rem
persist-key

------------------------------------------------------------------------------------------------------------------
OpenVPN Iphone Client config

remote remoteipaddress 1194
dev tun
proto udp
ifconfig 10.0.250.254 10.0.250.253

comp-lzo

keepalive 10 120
ping-timer-rem
persist-key

route 192.168.1.0 255.255.255.0

-------------------------------------------------------------------------------------------------------

root@323:~# route -n
Kernel IP routing table
Destination       Gateway          Genmask                       Flags Metric Ref    Use Iface
10.0.250.254    0.0.0.0             255.255.255.255           UH    0      0        0       tun0
192.168.1.0      0.0.0.0             255.255.255.0               U      0      0        0       egiga0
10.0.250.0        192.168.1.1     255.255.255.0               UG    0      0        0       egiga0
224.0.0.0          0.0.0.0             255.0.0.0                       U      0      0        0       egiga0
0.0.0.0              192.168.1.1     0.0.0.0                           UG    0      0        0       egiga0
---------------------------------------------------------------------------------------------------------



What do I need to do or add in the config (server or client) file in order to view local IP address 192.168.1.100.?

Thank you.

Shiyou

Last edited by shiyou (2010-08-24 19:36:24)

Offline

 

#64 2010-08-26 01:30:25

rubber
New member
Registered: 2010-08-26
Posts: 3

Re: Compiled & Working: OpenVPN

Hello,

just found the whole stuff usefull to get openvpn running and wanted to give back results:

openvpn 2.1.2 for DNS-323 with predefined start/stop script bundled as fun_plug package (get it from http://www.condor-edv.com/~rubber/Downl … DNS323.tgz)
Just use "funpkg -i openvpn_2_1_2-DNS323.tgz" to install.
Then put your client.config in the folder /ffp/etc/openvpn/ (as you e.g. could retrieve from your running openvpn.net Access Server (http://openvpn.net/index.php/access-ser … pn-as.html).

Try out "/ffp/start/openvpn.sh".

Enjoy and keep smiling.

Maybe someone finds it usefull and will add it somwhere on http://www.inreto.de/dns323/fun-plug/.

Last edited by rubber (2010-08-26 01:35:04)

Offline

 

#65 2010-10-17 20:10:00

Unit106
Member
Registered: 2008-10-06
Posts: 7

Re: Compiled & Working: OpenVPN

rubber wrote:

Hello,
openvpn 2.1.2 for DNS-323 with predefined start/stop script bundled as fun_plug package (get it from http://www.condor-edv.com/~rubber/Downl … DNS323.tgz)

I'm interested but the file is empty! Is there an alternative download location?

Offline

 

#66 2010-10-17 20:28:31

rubber
New member
Registered: 2010-08-26
Posts: 3

Re: Compiled & Working: OpenVPN

Unit106 wrote:

rubber wrote:

Hello,
openvpn 2.1.2 for DNS-323 with predefined start/stop script bundled as fun_plug package (get it from http://www.condor-edv.com/~rubber/Downl … DNS323.tgz)

I'm interested but the file is empty! Is there an alternative download location?

Does not seem to be emtpy?!  But I attach a copy...

rubber@sokrates:~/tmp> wget http://www.condor-edv.com/~rubber/Downl … DNS323.tgz
--19:27:13--  http://www.condor-edv.com/~rubber/Downl … DNS323.tgz
           => `openvpn_2_1_2-DNS323.tgz'
Auflösen des Hostnamen »www.condor-edv.com«.... 213.240.128.129
Verbindungsaufbau zu www.condor-edv.com|213.240.128.129|:80... verbunden.
HTTP Anforderung gesendet, warte auf Antwort... 200 OK
Länge: 827.080 (808K) [application/x-tar]

100%[====================================>] 827.080       --.--K/s             

19:27:13 (70.29 MB/s) - »openvpn_2_1_2-DNS323.tgz« gespeichert [827080/827080]

rubber@sokrates:~/tmp> tar tzf openvpn_2_1_2-DNS323.tgz
ffp/
ffp/lib/
ffp/lib/openvpn/
ffp/lib/openvpn/tun.ko
ffp/sbin/
ffp/sbin/openvpn
ffp/etc/
ffp/etc/openvpn/
ffp/start/
ffp/start/openvpn.sh

Offline

 

#67 2010-10-17 20:30:33

rubber
New member
Registered: 2010-08-26
Posts: 3

Re: Compiled & Working: OpenVPN

...here the attachment.

Seems so, as if I am not able to attach the file here... but as I said... download should work.

Last edited by rubber (2010-10-17 20:31:24)

Offline

 

#68 2010-10-30 20:17:00

kenlau
Member
Registered: 2010-07-21
Posts: 7

Re: Compiled & Working: OpenVPN

rubber wrote:

Unit106 wrote:

rubber wrote:

Hello,
openvpn 2.1.2 for DNS-323 with predefined start/stop script bundled as fun_plug package (get it from http://www.condor-edv.com/~rubber/Downl … DNS323.tgz)

I'm interested but the file is empty! Is there an alternative download location?

Does not seem to be emtpy?!  But I attach a copy...

rubber@sokrates:~/tmp> wget http://www.condor-edv.com/~rubber/Downl … DNS323.tgz
--19:27:13--  http://www.condor-edv.com/~rubber/Downl … DNS323.tgz
           => `openvpn_2_1_2-DNS323.tgz'
Auflösen des Hostnamen »www.condor-edv.com«.... 213.240.128.129
Verbindungsaufbau zu www.condor-edv.com|213.240.128.129|:80... verbunden.
HTTP Anforderung gesendet, warte auf Antwort... 200 OK
Länge: 827.080 (808K) [application/x-tar]

100%[====================================>] 827.080       --.--K/s             

19:27:13 (70.29 MB/s) - »openvpn_2_1_2-DNS323.tgz« gespeichert [827080/827080]

rubber@sokrates:~/tmp> tar tzf openvpn_2_1_2-DNS323.tgz
ffp/
ffp/lib/
ffp/lib/openvpn/
ffp/lib/openvpn/tun.ko
ffp/sbin/
ffp/sbin/openvpn
ffp/etc/
ffp/etc/openvpn/
ffp/start/
ffp/start/openvpn.sh

I tried your version, but got the error /ffp/sbin/openvpn: can't load library 'liblzo2.so.2'

When I run "ldd /ffp/sbin/openvpn"  it give the message 'liblzo2.so.2 => Not Found' so obviously this is a required dependency.

Googling, I found that that this file is from http://www.inreto.de/dns323/fun-plug/0. … .03-1.tgz. Once this additional package is installed, everything runs fine.

Last edited by kenlau (2010-10-30 20:43:24)

Offline

 

#69 2011-03-15 01:26:15

riskeb
New member
Registered: 2011-02-23
Posts: 2

Re: Compiled & Working: OpenVPN

Anyone managed to write a sh which starts two openvpn tunnels simultaniosly?
I want to connect to two servers, I can do that one at a time, but when I try to start them at the same time I get :WARNING: openvpn: Already running for the second one...
A sample shell script would be appreciated...

Offline

 

#70 2011-04-12 12:51:07

riskeb
New member
Registered: 2011-02-23
Posts: 2

Re: Compiled & Working: OpenVPN

Still no one had luck in simultaniosly starting up two tunnels?

Offline

 

#71 2011-04-25 00:48:25

Electrocut
Member
From: France
Registered: 2009-04-05
Posts: 195

Re: Compiled & Working: OpenVPN

Have you followed "OpenVPN HowTo" advices, about running multiples openvpn clients on the same machine ?

OpenVPN HowTO wrote:

If you want to run multiple OpenVPN instances on the same machine, each using a different configuration file, it is possible if you:
- Use a different port number for each instance (the UDP and TCP protocols use different port spaces so you can run one daemon listening on UDP-1194 and another on TCP-1194).
- If you are using Windows, each OpenVPN configuration needs to have its own TAP-Win32 adapter. You can add additional adapters by going to Start Menu -> All Programs -> OpenVPN -> Add a new TAP-Win32 virtual ethernet adapter. > You shouldn't be concerned, lol
- If you are running multiple OpenVPN instances out of the same directory, make sure to edit directives which create output files so that multiple instances do not overwrite each other's output files. These directives include log, log-append, status, and ifconfig-pool-persist.

Note: it may be also necessary to create as many /dev/tunX devices as VPN clients.

Last edited by Electrocut (2011-04-25 00:49:11)


DNS-313

Offline

 

#72 2011-04-26 15:32:25

nannoid
New member
Registered: 2011-04-26
Posts: 1

Re: Compiled & Working: OpenVPN

Can someone repost the file on mediafire or as an attachment?

Offline

 

#73 2011-04-26 21:39:21

Electrocut
Member
From: France
Registered: 2009-04-05
Posts: 195

Re: Compiled & Working: OpenVPN

Which file are you talking about ? Openvpn 2.1.3 is available on http://ffp.wolf-u.li/additional/net-misc/


DNS-313

Offline

 

#74 2018-04-14 23:16:04

Iamd23
New member
Registered: 2018-04-14
Posts: 2

Re: Compiled & Working: OpenVPN

I am currently on openvpn-2.2.1-2.tgz

Not sure if there are any latest updates of the  openvvpn package for DNS-323 available?

it works but I am not able to get it working with auth via a  file.

Probably because of the way it was compiled it does not allow to read credentials from the file ?

I am adding this to config
auth-user-pass  auth.txt

And credentials in auth.txt

This is the error I get
Sorry, 'Auth' password cannot be read from a file

Any suggestion how to resolve it ?
Thanks

Offline

 

Board footer

Powered by PunBB
© Copyright 2002–2010 PunBB