Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Improve error printing, add warning for ProtonVPN DNS settings in Ope… #250

Merged
merged 1 commit into from
Feb 29, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
19 changes: 17 additions & 2 deletions USERGUIDE.md
Original file line number Diff line number Diff line change
Expand Up @@ -251,14 +251,20 @@ $ vopono -v exec --custom ~/custom_wireguard.conf --protocol wireguard "firefox"
```bash
$ vopono -v exec --custom ./custom_openvpn.ovpn --protocol openvpn "firefox"
```
> To use a custom provider which requires a username and password, supply an authentication file with the username and password.
> Reference the authentication file in the ovpn configuration file with `auth-user-pass auth.txt` appended to the top of the file.
To use a custom provider which requires a username and password, supply an authentication file with the username and password.
Reference the authentication file in the ovpn configuration file with `auth-user-pass auth.txt` appended to the top of the file.

Note that in the OpenVPN case the vopono will execute OpenVPN from the same
directory as the config file itself. So any accompanying files (CA certificates, authentication
files, etc.) must be in the same directory with the file if using
relative paths in the config file.

For OpenVPN be careful to remove any DNS update scripts from the OpenVPN config file e.g. for ProtonVPN OpenVPN configs, remove the following lines:

```
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf
```


### OpenFortiVPN
Expand Down Expand Up @@ -482,6 +488,15 @@ Note that there may be multiple `AUTH-xxx=yyy` cookies - the specific one we nee

![AUTH cookie example](protonvpn_header.png)

If using a downloaded OpenVPN config file directly as a `--custom` custom config file in vopono, then be sure to remove the following lines:

```
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf
```

Also remember to append `+pmp` to the OpenVPN username if using port forwarding in this case too.

#### Wireguard servers

Due to the way Wireguard configuration generation is handled, this should be
Expand Down
39 changes: 24 additions & 15 deletions src/exec.rs
Original file line number Diff line number Diff line change
Expand Up @@ -225,12 +225,14 @@ pub fn exec(command: ExecCommand, uiclient: &dyn UiClient) -> anyhow::Result<()>
.get("provider")
.map_err(|_e| anyhow!("Failed to read config file"))
.ok()
})
.expect(
"Enter a VPN provider as a command-line argument or in the vopono config.toml file",
);
}).ok_or_else(|| {
let msg = "Enter a VPN provider as a command-line argument or in the vopono config.toml file";
error!("{}", msg); anyhow!(msg)})?;

if provider == VpnProvider::Custom {
bail!("Must provide config file if using custom VPN Provider");
let msg = "Must provide config file if using custom VPN Provider";
error!("{}", msg);
bail!(msg);
}

server_name = command
Expand All @@ -243,10 +245,9 @@ pub fn exec(command: ExecCommand, uiclient: &dyn UiClient) -> anyhow::Result<()>
anyhow!("Failed to read config file")
})
.ok()
})
.expect(
"Enter a VPN server prefix as a command-line argument or in the vopono config.toml file",
);
}).ok_or_else(|| {
let msg = "VPN server prefix must be provided as a command-line argument or in the vopono config.toml file";
error!("{}", msg); anyhow!(msg)})?;

// Check protocol is valid for provider
protocol = command
Expand Down Expand Up @@ -432,17 +433,21 @@ pub fn exec(command: ExecCommand, uiclient: &dyn UiClient) -> anyhow::Result<()>
// TODO: DNS suffixes?
ns.dns_config(&dns, &[], command.hosts_entries.as_ref())?;
// Check if using Shadowsocks
if let Some((ss_host, ss_lport)) =
uses_shadowsocks(config_file.as_ref().expect("No config file provided"))?
{
if let Some((ss_host, ss_lport)) = uses_shadowsocks(
config_file
.as_ref()
.expect("No OpenVPN config file provided"),
)? {
if provider == VpnProvider::Custom {
warn!("Custom provider specifies socks-proxy, if this is local you must run it yourself (e.g. shadowsocks)");
} else {
let dyn_ss_provider = provider.get_dyn_shadowsocks_provider()?;
let password = dyn_ss_provider.password();
let encrypt_method = dyn_ss_provider.encrypt_method();
ns.run_shadowsocks(
config_file.as_ref().expect("No config file provided"),
config_file
.as_ref()
.expect("No OpenVPN config file provided"),
ss_host,
ss_lport,
&password,
Expand All @@ -452,7 +457,9 @@ pub fn exec(command: ExecCommand, uiclient: &dyn UiClient) -> anyhow::Result<()>
}

ns.run_openvpn(
config_file.clone().expect("No config file provided"),
config_file
.clone()
.expect("No OpenVPN config file provided"),
auth_file,
&dns,
!command.no_killswitch,
Expand Down Expand Up @@ -487,7 +494,9 @@ pub fn exec(command: ExecCommand, uiclient: &dyn UiClient) -> anyhow::Result<()>
}
Protocol::Wireguard => {
ns.run_wireguard(
config_file.clone().expect("No config file provided"),
config_file
.clone()
.expect("No Wireguard config file provided"),
!command.no_killswitch,
command.open_ports.as_ref(),
command.forward_ports.as_ref(),
Expand Down
Loading