VPN Manager for OpenVPN

  • Hi Zomboided,


    Thanks so much for making such a great addon. I just had a question regarding the server lists for both expressvpn and bulletvpn. The addon doesn't seem to be fetching the most recent server list compared to what is available using the vpn providers app on Android. The reason I bring this up is because another app within kodi has blocked the use of certain vpn servers which have since been updated by both expressvpn and bulletvpn however the server lists within the app don't include the new unblocked servers which are available on the standalone apps. Appreciate any help you may offer.

  • Hello all, new member (had LibreElec/Kodi for only a couple months now).


    First, thank you Zomboided, for your work. So, I have a problem I'm sure there's an easy solution to that's been explained by an annoyed responder many a time now that I can't seem to find. In exchange, I'll provide a solution I found to a common problem. Hopefully my obscure solution is worth soliciting an obvious one.


    This all concerns using VPNManager/OpenVPN with NordVPN.


    My solution to common problem: I had the same problems getting to be able to log-in/authenticate as I see other people are having, and even burned an hour searching for a solution and another hour with customer support, before finding the solution. I later found out that the problem solely was that I was using special characters in my password. Once I switched to numbers and letters, it worked. If you have special characters in your password (as far as I can tell), the add-on cannot connect to NordVPN.


    Now to help me:

    I can connect fine and it runs okay, but if I try to use any media (in my case, locally hosted video or playing a game that was downloaded), when i click back I get a notification that VPN Manager needs to reconnect (and almost always does). What can I do for a persistent connection?


    Thank you!

  • You've either set up filtering to cause this explicit behaviour, or something is causing a disconnect to happen. I can't guess at what that might be.

  • Hi Zomboided. Thanks for your previous reply regarding updated server lists. I am now using bulletVPN, but seem to be having issues with DNS leaks. I have ran the addon 'DNS Leak-Test' within Kodi and it returns the IP as being my chosen overseas address however my DNS server is listed as my home country. This is the same while using ExpressVPN also and restricts me from having access to geoblocked content.


    I have tried the 'Potential DNS fix' option within VPN Manager for OpenVPN but it returns 'A DNS fix was not possible because the required DNS resolution scripts are not available. Refer to the kodi log and the Trouble Shooting page found on the GitHub service.vpn.manager wiki." I have looked here but cant seem to find anything specific to the issue I'm having.


    I am running LibreELEC 9.2.6 on a RaspberryPi 4 - 4GB model which is running Kodi 18.9.


    Any help you or anyone else could with a similar configuration could offer would be hugely appreciated.

  • Thanks Zomboided. Excuse my lack of knowledge but I'm a bit unfamiliar with firstly adding the script you mentioned to Libreelec and secondly allowing it to run. I have access to the openvpn directory within libreelec but thats about as technical as I have gotten so far.


    Forgive me but would it be possible to get a step by step list of instructions for adding this function?


    Appreciate all the help so far.

  • I don't have the time or energy to do that. This is a commonly used script, the information is out there with a little searching and reading.

  • Thanks Zomboided. I managed to add the script and run the 'Potential DNS fix' successfully but after 'Resetting VPN provider' and setting the 'VPN Connection' it no longer connects to the selected server and times out. Again thanks for all your help with this. You have really dug me out of a hole.


    Below is the log and any help would be much appreciated.


    2021-05-29 16:41:49.362 T:2320638832 NOTICE: VPN Mgr : (vpnplatform.py) VPN log file start >>>

    2021-05-29 16:41:49.362 T:2320638832 NOTICE: Sat May 29 16:40:29 2021 WARNING: --keysize is DEPRECATED and will be removed in OpenVPN 2.6

    2021-05-29 16:41:49.362 T:2320638832 NOTICE: Sat May 29 16:40:29 2021 WARNING: file '/storage/.kodi/userdata/addon_data/service.vpn.manager/ExpressVPN/user.key' is group or others accessible

    2021-05-29 16:41:49.362 T:2320638832 NOTICE: Sat May 29 16:40:29 2021 WARNING: file '/storage/.kodi/addons/service.vpn.manager/ExpressVPN/ta.key' is group or others accessible

    2021-05-29 16:41:49.362 T:2320638832 NOTICE: Sat May 29 16:40:29 2021 WARNING: file '/storage/.kodi/addons/service.vpn.manager/ExpressVPN/pass.txt' is group or others accessible

    2021-05-29 16:41:49.362 T:2320638832 NOTICE: Sat May 29 16:40:29 2021 OpenVPN 2.4.7 armv8a-libreelec-linux-gnueabi [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [AEAD] built on Oct 24 2020

    2021-05-29 16:41:49.362 T:2320638832 NOTICE: Sat May 29 16:40:29 2021 library versions: OpenSSL 1.1.1d 10 Sep 2019, LZO 2.10

    2021-05-29 16:41:49.362 T:2320638832 NOTICE: Sat May 29 16:40:29 2021 WARNING: --ns-cert-type is DEPRECATED. Use --remote-cert-tls instead.

    2021-05-29 16:41:49.362 T:2320638832 NOTICE: Sat May 29 16:40:29 2021 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

    2021-05-29 16:41:49.362 T:2320638832 NOTICE: Sat May 29 16:40:29 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]45.133.4.5:1195

    2021-05-29 16:41:49.362 T:2320638832 NOTICE: Sat May 29 16:40:29 2021 UDP link local: (not bound)

    2021-05-29 16:41:49.362 T:2320638832 NOTICE: Sat May 29 16:40:29 2021 UDP link remote: [AF_INET]45.133.4.5:1195

    2021-05-29 16:41:49.362 T:2320638832 NOTICE: Sat May 29 16:40:29 2021 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this

    2021-05-29 16:41:49.362 T:2320638832 NOTICE: Sat May 29 16:40:30 2021 [Server-7696-0a] Peer Connection Initiated with [AF_INET]45.133.4.5:1195

    2021-05-29 16:41:49.362 T:2320638832 NOTICE: Sat May 29 16:40:31 2021 TUN/TAP device tun0 opened

    2021-05-29 16:41:49.362 T:2320638832 NOTICE: Sat May 29 16:40:31 2021 /sbin/ip link set dev tun0 up mtu 1500

    2021-05-29 16:41:49.362 T:2320638832 NOTICE: Sat May 29 16:40:31 2021 /sbin/ip addr add dev tun0 local 10.74.1.166 peer 10.74.1.165

    2021-05-29 16:41:49.362 T:2320638832 NOTICE: Sat May 29 16:40:31 2021 /storage/.kodi/userdata/addon_data/service.vpn.manager/update-resolv-conf.sh tun0 1500 1557 10.74.1.166 10.74.1.165 init

    2021-05-29 16:41:49.362 T:2320638832 NOTICE: /storage/.kodi/userdata/addon_data/service.vpn.manager/update-resolv-conf.sh: line 66: syntax error: bad substitution

    2021-05-29 16:41:49.362 T:2320638832 NOTICE: Sat May 29 16:40:31 2021 WARNING: Failed running command (--up/--down): external program exited with error status: 2

    2021-05-29 16:41:49.362 T:2320638832 NOTICE: Sat May 29 16:40:31 2021 Exiting due to fatal error

    2021-05-29 16:41:49.362 T:2320638832 NOTICE: VPN Mgr : (vpnplatform.py) <<< VPN log file end

  • I don't use VPN so I don't have personal experience and I did not have to struggle with DNS settings. But when I quickly look at your log & resolv configuration in my LE 10 Nightly, at first I would check the /storage/.kodi/userdata/addon_data/service.vpn.manager/update-resolv-conf.sh file, especially line 66 which needs to be modified somehow to fix the syntax error reported above in the log.

    I suppose this script should perhaps modify the /run/connman/resolv.conf file, generated by Connection Manager by default, which contains a current DNS server's IP address. So you should update the script to do what is expected.

  • Thank you for the reply. I'm now out of my depth I think. Looking at the update-resolv-conf.sh file there is nothing on line 66 and also surely there would be a problem for everyone using that particular script if that was the case? Attached is the update-resolv-conf.sh code and in particular line 66 as mentioned in the log. Cheers for all the help.


    63 $RESOLVCONF ‐d "${dev}.inet"

    64 ;;

    65 esac

    66

    67 # Workaround / [email protected]

    68 # force exit with no errors. Due to an apparent conflict with the Network Manager

    69 # $RESOLVCONF sometimes exits with error code 6 even though it has performed the

    70 # action correctly and OpenVPN shuts down.

  • OK, it's a bit complex for me to understand what's wrong with the script. But you may try to edit the update-resolv-conf.sh to this simplified form below and give it a try.


    Edited once, last by ghtester ().

  • Thanks so much for your response. I've edited the script as you mentioned but it hasn't changed unfortunately. Attached is the log. Thanks again.


  • OK, so it looks that OpenVPN does not set the variables as expected by the update-resolv-conf.sh script or the script does not see the enviroment's variables. So you need to check the OpenVPN documentantion if the expected variables are still valid and set:

    foreign_option_1

    foreign_option_2

    foreign_option_3

    foreign_option_4

    script_type


    I suppose if you put at start of the update-resolv-conf.sh script something like that:

    echo $foreign_option_1 > /tmp/testfile.txt

    echo $foreign_option_2 > /tmp/testfile.txt

    echo $script_type >> /tmp/testfile.txt


    Then try to connect VPN and then check the /tmp/testfile.txt, it will be perhaps empty and you need to discover why.

    Maybe the first line of script should be #!/usr/bin/env sh instead of #!/usr/bin/env bash ?

    As I don't use OpenVPN and don't have installed that Add-on, I can't test nor say more...


    Also check this thread, maybe the solution is there: Creating "update-resolv-conf.sh" equivalent to plug openvpn DNS leaks

    Edited 3 times, last by ghtester ().