VPN Manager for OpenVPN

  • Hi Zomboided,

    Last night (20/Mar) I realised that Kodi wasn't connected to the usual (first) VPN, so I went to the addon and I saw that all the settings were reset to default, and no vpn connection was configured (I use 'user defined').

    What could have caused this? I see that the addon updated on the 16th, but I'm sure I updated my first vpn configuration on the 19th, and everything was working fine at least on the 19th.

    Anyone experienced this somehow/sometime?

    I am suspicious of the "profile cleaner" addon, which allows to clean unused addons, but it reported nothing to clean when I run it on the 19th.
    I'll check it later on tonight.

  • Updates can cause this....I've seen it a couple times especially where the user does something mid update (which can easily take minutes). Cleaning out the userdata directory for an add-on will also wipe the cached settings. I'd say the latter was more likely. If it happens again check out /storage/.kodi/userdata/addon_data/service.vpn.manager and see if settings.xml exists


  • Just an update. Tried to obtain from ExpressVPN certicates with a validity before 2038 but no luck. So is not possible to use the plugin with Krypton. :(

    Well just to clarify, the problem is restricted to providers who decide to issue certificates that expire after 2038 (which is definitely not all of them) and I *think* the problem only occurs with LibreELEC on 32 bit hardware. And whether or not you use the add-on with Krypton is irrelevant, you'd hit the same problem trying using openvpn via the command line.

    Edited once, last by zomboided (March 21, 2017 at 9:14 PM).


  • Updates can cause this....I've seen it a couple times especially where the user does something mid update (which can easily take minutes). Cleaning out the userdata directory for an add-on will also wipe the cached settings. I'd say the latter was more likely. If it happens again check out /storage/.kodi/userdata/addon_data/service.vpn.manager and see if settings.xml exists

    Ok, thank you for the info, that is clear.

    For the time being, I'll disable this addon's auto-update. I'll update it manually, which will prevent me from doing something amid an update :)

  • Well just to clarify, the problem is restricted to providers who decide to issue certificates that expire after 2038 (which is definitely not all of them) and I *think* the problem only occurs with LibreELEC on 32 bit hardware. And whether or not you use the add-on with Krypton is irrelevant, you'd hit the same problem trying using openvpn via the command line.

    Yes sure, is not an add-on problem but a problem with Libreelec 32 due to a bug into OpenSSL 32. Not a zomboided fault.

  • 3.1.0 is released.

    Will terminate VPN connection during Kodi shutdown (not very interesting for dedicated systems, more relevant to those running Kodi on regular PCs).
    Tedious updates to NordVPN connections yet again
    Fixes to the Python API as part of pending integration with with TV Guide Fullscreen.
    GitHub - primaeval/script.tvguide.fullscreen: tv guide fullscreen
    TV Guide Fullscreen - possibly the most powerful TV Guide in the world. ;)

  • Hi Zomboided,
    Thanks for your wonderful addon. It was quite useful during the Rio Olympics last year, and I suspect it will be quite useful again this year for world championships.

    Most of the media a consume sits on a NAS here so i don't really use an external vpn service for that. However, when I am away from home I connect to my router to stream media, and for that I connect to the vpn server in my router. As it is now I just drop the .ovpn and pass.txt file in the config folder and I am off.

    VPN Manager is a bit much for such a simple requirement.

    Can you make a lite version of this addon, geared at a single connection, where the user enters the location of the config files and ip address. Or could you suggest the files from your addon that would be needed for such a setup. I took a look at the files in the addon folder and many of them appear to be necessary only for the management of multiple providers or multiple locations.

    I am thinking of a scenario similar to what existed in the openelec settings when connman was used to manage the vpn.

    Any help with this would be greatly appreciated.

    Cheers,
    Longman

  • Use the user defined setting with a single connection or use openvpn directly with systemd. I'm not gonna write a special add-on just for you...

    Edited once, last by zomboided (March 23, 2017 at 7:49 PM).

  • Well it was worth a try. Just kidding. I didn't expect you to write an addon just for me. Would be nice but I didn't expect that. However, I suspect that there are other people who would like something similar.

    I am just trying to follow the advice to security experts and not run more code than I need to do the job. I would appreciate your pointing out the modules from your addon that are necessary to obtain the minimum function that I require. I am using the systemd method suggested by LibreELEC, but this is an opportunity for me to learn something new. If you could point me in the right direction, I will try to expand my horizons.

    Cheers,
    LongMan

  • service.py is the main loop and deals with calling the relevant routines to do the connection. Depending on what you do, you need more or less of the things that it calls. The code is commented but there's far to much of it for me to explain how it all works (like thousands of lines of code). Plus respectfully, deconstructing it just doesn't interest me in the slightest.

    I still think your approach is wrong if you're just using a single location all the time though. Systemd is the right answer - it starts at boot and has the ability to restart when/if the process or connection dies in a more efficient way than any add-on. The whole point of having an add-on is to allow context sensitive switching of locations. If you don't need that, then take your advice about not running more code.

  • Thanks for taking the time to reply.

    After a bit of thought, I agree with you. systemd is the best route. Being able to change the ip address from the GUI instead of notepad++, via smb, would be nice. However, my suggestion above is not the smartest approach to solve that problem.

    Cheers,
    LongMan

  • Zomboided,
    First, thank you for the great program. The concern identified about potentially providing SSH access to other local LAN connections to third parties due to "real location" VPN practices spooked me.
          
    Couple questions, have the LE devs figured out a way to fix that issue? Is pushing a private SSH key, following fresh install, no connection to WAN, via Putty from a local host before connecting a bulletproof solution? If SSH is just turned off from outset, and your program is initiated, bulletproof?

    I love LE but that post/implication concerned me, you seemed to have the best answers. As a noob(ish), your advice would be really appreciated.

    Nooblibre

  • Hi zomboided, just updated 3 chromeboxes to krypton and it looks like the vpn is broken. It says connected then I get this message "Filtering VPN Manager for OpenVPN but no validated connection available" what does this mean. All addons have stopped working aswell. When I pause filtering everything works. What could be causing this problem??


    Edited once, last by NellyJelly (March 26, 2017 at 9:09 PM).

  • I could randomly guess, or you could read the first post which suggests what you need to do to get a log. Uninstall whatever is there, reboot and then install the latest version before you do that though.