Posts by forlotto

forlotto

Hardware:

Raspberry Pi 3 and 1byone bluetooth keyboard

Software:

Libreelec 8.x

Bug:

Trust and Pair not working

Issue:

When trusted and paired upon reboot or sleep of the device it does not reconnect as it should. Instead there is a duplicate entry which shows up under bluetooth which you need to dig out the wired keyboard and dust that off to pair your keyboard again.

Importance:

Moderate (In need of binary update.)

Reason for level of Importance:

We are dealing with a media center OS as with any media center OS the ability to turn on the media center sit on the chair across the room while you wait for it to boot so you can control it wireless with IR or Bluetooth without issue is extremely important. This particular Media Center requires a lot of keystrokes so it just makes since that people are going to want to use a bluetooth keyboard. However if they have to go to their closet and rifle through it to find a wired keyboard or if they have to leave the wired keyboard attached (A huge eyesore imho) It ruins the entire experience. Call me lazy but hey that is what I am trying to be on the rare occasion I fire this thing up and try to stream some content. Libreelec should just work with my bluetooth keyboard. I currently type this from a PC and a logitech unifying device as well which I wish there was support for.

Possible Causes:

User Error, Lack of Knowledge on my part, Libreelec needs to be updated to fix this functionality.

Questions:

Anyone else having this issue with Trust and Pair functionality? I talked to one mod and he claimed he has the issue as well he suggested the temporary solution called kore but from what I read their are mixed results with functionality of kore as well. Would like to see some discussion maybe a solution will come of it.

GET IT TO WORK AS IT SHOULD!!!! Workaround:

Make sure bluetooth is turned on under the libreelec services menu

Next Put Your Keyboard Into Discovery Mode

Once you see your keyboard use Pair instead of Trust And Pair

Once paired click on the keyboard again and select enable standby.

Now it works 100% as it should with trust and pair option.

You will still see duplicate entries haven't noticed any conflict yet but has the potential for conflict I suppose so keep an eye on that may have to remove an entry or something but for now it works.

forlotto · RPi3 Bluetooth keyboard support forlotto November 5, 2017 at 5:12 PM

This is a bug one of the moderators confirmed that it is indeed a bug. The problem was solved in OSMC from my reading on google but the development team from libreelec don't seem to be aware of the bug or haven't taken the time to look at it or are having problems coming up with a solution it would be nice to hear from development if there will be a fix or if I should scrap LibreElec in search of other possibilities instead.

Once connected and trusted the keyboard should by all rights pair automatically while restarting the device. This is normal operation for bluetooth on nearly every other system trust and pair means it will pair even after a restart or after sleeping etc... But in the case of libreelec there is another keyboard that pops up with the same MAC ID a duplicate entry and you have to dig your old wired keyboard out and dust it off again just to connect the keyboard once again.

It would be nice to see logitech unifying devices able to work on libreelec I really dig my solar keyboard that charges off of my house lighting just had to tear it apart the other day though after a few years of use it needed a new battery but never had to plug it into a charger once my lights kept it charged and working it does take an expensive specialized battery that they make difficult to replace but I am guessing I have another couple of years with the new one at least beats plugging it in all the time or purchasing and replacing batteries every month.

forlotto · Bluetooth reconnect forlotto November 5, 2017 at 12:48 AM

So it is a bug that needs fixing would be excellent if the DEV's could work this one out and push out an update....

In the mean time I will have to investigate kore I guess. I seen there was enable standby option maybe this has something to do with it? IDK

Will have to keep searching there must be a solution somewhere somehow someway.... The impossible only takes longer I guess.

By the way most excellent thank you for the quick and insightful response.

forlotto · Bluetooth reconnect forlotto November 5, 2017 at 12:35 AM

Bump it appears that google turns up no useful results on the solution to auto connect either it just adds another keyboard and you have to reconnect to that one very annoying.

So each time I boot I need to dig the wired keyboard out of the closet in the storage container on the bottom or in the middle of the pile just to use libreelec quite the headache...

I would like for libreelec to just stay paired to the keyboard a real simple thing that should happen by default after trust and pair is assumed.

I am using a 1byone keyboard with mousepad.

Libre Elec 8.x Rpi3

Any help on this one or if anyone has figured it out please do share as I am not finding much on this issue other than people talking about it with zero solutions.

forlotto · VPN Manager for OpenVPN forlotto September 26, 2017 at 10:26 PM

Quote

Ricardob15 said:

Hi, Can someone help me. I installed the latest zip from zomboided and after I install it the OpenVPN manager is under services but it never comes up on programs add-ons so I can use the display status, disconnect or change, etc. Would you know why?

Ricardob15

You have unknown sources enabled in the settings menu?

If you do then you must go to addons zomboided repository then install openvpn from there.

If you did this you may want to try and uninstall and reinstall it can be a bit flaky at times but it will show up. Once you run it once or twice it may show up as well after a reboot or something I forget the exact specific reason this happened but doing one of those things fixed the issue for me.

forlotto · OpenVPN DNS problem with NordVPN forlotto September 25, 2017 at 5:30 AM

Quote

You're so missing the point (which is your prerogative entirely) and spreading mis-information (which bothers me).

Most (all?) VPN providers push their DNS settings on connect and change it back on disconnect. The way this is done is documented in the openvpn manual. I think you should google exactly what happens when you connect a VPN, what the dns leak issues were and how they were solved. If you don't want to google, don't...makes no difference to me, I understand this stuff.

If you want to change what the VPN provider has done, you can modify it using up/down scripts. And you can change the DNS server used outside of the VPN using the existing LE interface. I've told you this already. How to use up/down scripts with the add-on is documented on the wiki. How to use up/down scripts is documented in the openvpn manual. There are many examples of up/down scripts out there if you google for some.

Personally, I use my ISPs DNS settings, and my VPN provider (being competent) automatically changes this for me on a system by system basis. If I'm on a Windows machine, the add-on takes advantage of a particular parameter to avoid the particular DNS leak issue that was an issue on that platform. I absolutely disagree with you that I have a DNS leak.

Of course, you're free to continue to argue that this add-on should manipulate DNS servers, and you're free to change it - I really am not interested what you do. But please stop making incorrect and misleading statements about the way VPNs work.

jahutchi likes this.

Display More

Will the up/down scripts allow for automation of using DNS servers during the update on nordvpn ovpn files?

This is what started things off I wanted to automate changing DNS during this process.

So while I am "misinforming" about DNS Leaks or not I still would like to do this in an automated fashion.

I personally don't care if it is a permanent fork or you accept a pull for it.

I have googled DNS Leaks to be honest there are so many people claiming to be experts but yet they and many of them still claim you should set your DNS servers manually and clear any other DNS servers for safety.

As far as windows goes I tested it with IPLeak and DNSLeak.

In order to get a leak proof machine one of the things I had to change was a browser setting, another thing I had to change was a IPV4 on windows and on my router and finally the last thing I had to change was my DNS servers! And would you know it I had no leaks after that point so I mean if something changed since I ran into that issue about 6 months ago I guess I haven't really kept up to date.

On one hand I have NordVPN being pretty flamboyant about changing your DNS servers and in the correspondence with them through email over the last week they also mentioned the fact that you can push any DNS server using OPENVPN the open source version as well as their software so I don't doubt for the most part you are right. Like I said before it is not a matter of me being right here I appreciate the input.

Is it misinformation though that leaks may still be possible and it is good practice to change your DNS servers manually? I really do not know for sure this is where the jury is still out for me I suppose you seem to be certain but how do I know that LE is not going to add something to make media playing easier that will possibly cause a leak in the future.

There are a number of things with this whole OPENVPN that I do not find right that deserve attention and discussion.

This is one of them.

The other is pairing with providers of content.

The other is how people post logs to pastebin which contain way too much personal information if people are unaware and don't actually read through them and scrub the data there is a lot of information that is given away. I wouldn't doubt if this is how people snatch up IPTV subs at times.

You have your concerns that I am being overly cautious and I have my concerns that the lack of awareness and the lack of informing people to do things like scrub their logs before posting them, set their DNS as an extra safety precaution, and not to use things like pairing for media providers is hardly every mentioned if at all. When malicious websites adopt the policy of delaying website response to the user computer thus resulting in the browser switching to an unsecured DNS. Meanwhile, the newer Windows OS has a few in-built features which increase its susceptibility to DNS leaks. Smart Multi-Homed Name Resolution featured in windows 8.1 and windows 10 was one of them if memory serves me right...

I will note I will upgrade my last post to include the word potentially to put things into perspective.

I am most positive I do not know everything about everything and this is where we should all remain and I may say something wrong that needs correction at times and I thank you for it you are always welcome to correct me and educate me and the public all at the same time I believe I learned a bit more about OpenVPN just by reading a bit.

You have your concerns about me misinforming I have my concerns about things not being cautious enough do to the mass amounts of conflicting information on this issue.

Update: I will likely just solve the DNS issue with a quick cheap switch during the download process from what I can see many of these providers on the list do NOT share the information as public and have "smartdns" or whatever they wish to call it if you ask me it is all somewhat sketchy as these providers likely host their DNS on a 3rd party server on a non physical server like a VPS or something of that nature. So that brings me to question sure your providers logging policy is "WE DONT LOG" but what about the people hosting the VPS server?

One possibly interesting alternative OpenNIC Project

Personally I like the pirate bays founders current initiative of being the man in the middle for Domain Name Registration you can register a Domain with their service and they will keep your information private at all costs they will refuse to give away your information and will assume all liabilities incurred by the domain itself from my understanding. Njalla — A privacy aware domain registration service

It is pretty wild I am glad there are a lot of privacy advocates out their protecting the freedoms that the internet was founded on the ability to share information is constantly being attacked we need all the people we can to build up every possible avenue of encapsulating measures to keep things private i would love to see things reach a point where privacy can not be legislated away on the client side of things and things thus far are moving in that direction I'd like to see https replaced with something a bit more intuitive on this front as well as processing power has become a bit stronger and maybe functional with something like DNS crypt to really ensure privacy as it stands right now DNSCrypt is not a replacement for a VPN, as it only authenticates DNS traffic, and doesn't prevent third-party DNS resolvers from logging your activity. By design, the TLS protocol, as used in HTTPS and HTTP/2, leaks websites host names in plain text, so DNSCrypt is not enough to hide this information but it would be nice if their were a protocol developed with it that does aside from VPN that works in conjunction with DNSCrypt.

Not to get too crazy but at this point I'm feeling a lot like you I believe due to all these factors I think it is quite possibly a non issue although I am not aware if DNScrypt is used if supported by default with OpenVPN I haven't done enough reading but it seems to me that the design of DNScrypt would be an advantage for providers to use implicitly. The local network is usually weak against attacks like DNS spoofing. The DNSCrypt server can run on your router (I know tomato,and DDWRT support it), along with the typical DNS resolver. Devices can then run the client code of DNSCrypt, leveraging the router DNS resolver.

So to sum everything up YOU ARE CORRECT and I believe that people should set their router DNS as something other than their ISP's initially for optimal safety. Just as you said it is hard to say what VPN providers come along and what they do and how technically adept they may be initially. I kind of side with setting the DNS of your router than something other than just your ISP's heck use openDNS or opennic.org even after reading about googles new policies I likely will not be using googles DNS servers.

forlotto · OpenVPN DNS problem with NordVPN forlotto September 24, 2017 at 8:06 PM

So I am thinking best way is to use the DNS for the provider to close up a potential hole for people in their DNS at the same time while doing this I still need to figure out the values and if the syntax is right not used to python or programming but seems pretty cool thus far.

Syntax I am unsure of has to do with "" and the use of them for strings

if vpn_provider == "NordVPN": DNSIP == "1.2.2.2 3.4.5.6"

or is it?

if vpn_provider == NordVPN: DNSIP == "1.2.2.2 3.4.5.6"

Which would be correct I think the first one I may also need a space on both sides of the " : " not sure...

But anyways this is what I have thus far... A work in progress as I will need to get all the DNS servers for each provider then integrate it into the batch file as well as find all appropriate places to place this function. If not the batch file then I guess it will have to be used for dnspython or however it has got to be done. A molasses in the winter time upgrade I don't forsee this coming very fast but it will improve the program I believe quite a bit for people who are unaware of what a DNSLEAK is. And also not aware the the program does not currently set any DNS at all so I would assume most people using the program without a clue are just using it with default ISP DNS potentially leaking all of their information as it stands.

There is so much out there with kodi you should be careful of this is one of them and also pairing with content providers whoever thought this was some good idea is totally wrong.

Code

#Determine and set providers DNS NordVPN's DNS will be used for UserDefined

def SetProvDNS(DNSIP)
if vpn_provider == "NordVPN": DNSIP == "162.242.211.137 78.46.223.24"
elif vpn_provider == "PIA": DNSIP == "209.222.18.222 209.222.18.218"
elif vpn_provider == "IPVanish": DNSIP == "
elif vpn_provider == "VyprVPN": DNSIP == "
elif vpn_provider == "ibVPN": DNSIP == "
elif vpn_provider == "tigerVPN": DNSIP == "
elif vpn_provider == "HMA": DNSIP == "
elif vpn_provider == "PureVPN": DNSIP == "
elif vpn_provider == "LiquidVPN": DNSIP == "
elif vpn_provider == "AirVPN": DNSIP == "
elif vpn_provider == "CyberGhost": DNSIP == "
elif vpn_provider == "PerfectPrivacy": DNSIP == "
elif vpn_provider == "TorGuard": DNSIP == "
elif vpn_provider == "UserDefined": DNSIP == "162.242.211.137 78.46.223.24"
elif vpn_provider == "LimeVPN": DNSIP == "
elif vpn_provider == "HideIPVPN": DNSIP == "
elif vpn_provider == "VPNUnlimited": DNSIP == "
elif vpn_provider == "HideME": DNSIP == "
elif vpn_provider == "BTGuard": DNSIP == "
elif vpn_provider == "ExpressVPN": DNSIP == "
elif vpn_provider == "SaferVPN": DNSIP == "
elif vpn_provider == "Celo": DNSIP == "
elif vpn_provider == "VPN.ht": DNSIP == "
elif vpn_provider == "TotalVPN": DNSIP == "
elif vpn_provider == "WiTopia": DNSIP == "
elif vpn_provider == "proXPN": DNSIP == "
elif vpn_provider == "IVPN": DNSIP == "
elif vpn_provider == "SecureVPN": DNSIP == "
elif vpn_provider == "VPNSecure": DNSIP == "
elif vpn_provider == "RA4WVPN": DNSIP == "
elif vpn_provider == "Windscribe": DNSIP == "
elif vpn_provider == "SmartDNSProxy": DNSIP == "
elif vpn_provider == "VPN.ac": DNSIP == "
elif vpn_provider == "VPNArea": DNSIP == "
elif vpn_provider == "VanishedVPN": DNSIP == "
elif vpn_provider == "PrivateVPN": DNSIP == "
elif vpn_provider == "blackbox": DNSIP == "
elif vpn_provider == "BulletVPN": DNSIP == "

Display More

forlotto · OpenVPN DNS problem with NordVPN forlotto September 23, 2017 at 11:18 PM

So looking at the file I see some code that could be of use not knowing python I assume that DEF means define and it appears to be that they are defining a function.

Quote

def writeDefaultUpFile():

p = getPlatform()

if p == platforms.LINUX or p == platforms.RPI:

infoTrace("vpnproviders.py", "Writing default up script")

up = open(getAddonPath(True, "up.sh"), 'w')

up.write("#!/bin/bash\n")

up.write("iptables -F\n")

up.write("iptables -A INPUT -i tun0 -m state --state ESTABLISHED,RELATED -j ACCEPT\n")

up.write("iptables -A INPUT -i tun0 -j DROP\n")

up.close()

command = "chmod +x " + getAddonPath(True, "up.sh")

if useSudo(): command = "sudo " + command

infoTrace("vpnproviders.py", "Fixing default up.sh " + command)

os.system(command)

Display More

So if I modify this code above to setup a googledns file like the code below maybe it will work:

Code

def writeGoogleDNSFile():
p = getPlatform()
if p == platforms.LINUX or p == platforms.RPI:
infoTrace("vpnproviders.py", "Writing Google DNS")
googledns = open(getAddonPath(True, googledns.sh"), 'w')
googledns.write("#!/bin/bash\n")
googledns.write("interface eth0\n")
googledns.write("static domain_name_servers=8.8.8.8 8.8.4.4\n")
googledns.write("interface wlan0\n")
googledns.write("static domain_name_servers=8.8.8.8 8.8.4.4\n")
up.close()
gdnscmd = "chmod +x " + getAddonPath(True, "googledns.sh")
if useSudo(): gdnscmd = "sudo " + gdnscmd
infoTrace("vpnproviders.py" , "Fixing Default googledns.sh " + gdnscmd)
os.system(gdnscmd)

Display More

Add norddns.sh as well

Code

def writeNordDNSFile():
p = getPlatform()
if p == platforms.LINUX or p == platforms.RPI:
infoTrace("vpnproviders.py", "Writing Nord DNS")
norddns = open(getAddonPath(True, googledns.sh"), 'w')
norddns.write("#!/bin/bash\n")
norddns.write("interface eth0\n")
norddns.write("static domain_name_servers=162.242.211.137 78.46.223.24\n")
norddns.write("interface wlan0\n")
norddns.write("static domain_name_servers=162.242.211.137 78.46.223.24\n")
up.close()
ndnscmd = "chmod +x " + getAddonPath(True, "norddns.sh")
if useSudo(): ndnscmd  = "sudo " + ndnscmd
infoTrace("vpnproviders.py" , "Fixing  Default norddns.sh " + ndnscmd)
os.system(ndnscmd)

Display More

This may or may not do the trick but I will have to do some more reading as I know nothing of python nor have I looked into it at all I am just sitting here reading through code to try and make heads or tails of it. I don't know if os.system(command) invokes it or if I have to invoke it later to execute it after I write it or if variables are locally or globally recognized or if the variable command is built in or users specified etc not sure on the syntax but this is where I am at for now I know this must be painful to someone reading this that knows already but at the same time my lack of knowledge will possible help some of the other know nothings like myself be unafraid of taking a stab at something they do not understand there is a lot of learning to be had in sharing thought process.

Thinking out loud below to keep track of every thing:

Q: Will I need to use nDNScmd and gDNScmd as a variable in place of command?

A: It can be any command so why not change it to something different to be on the safe side I believe.

Will I need to run the file somewhere else or does os.system(variable) run the file?

A: According to what the code is saying it looks like it and according to documentation I assume so. 15.1. os — Miscellaneous operating system interfaces — Python 2.7.14 documentation

Q: Will I need to reset the connection once the DNS will change?

A: Don't know yet need to test this to see if it is even a workable solution.

Q: Is there a better way to handle DNS settings like for instance integration of DNS settings?

A: dnspython seems to have everything to aptly handle DNS but take it with a grain of salt as I said this is all new to me I could be wrong maybe it is not possible to do so not sure how dependancies work technically either but if I recall right the license for this program is similar to Zomboided's license free to use and distribute as long as you share the source of the work (and the modifications you make I believe?)

forlotto · OpenVPN DNS problem with NordVPN forlotto September 23, 2017 at 3:17 PM

Quote

Wow isn't that the solution I told you to use 3 days ago....at least you made a lot of self entitled noise though. Well done

This has nothing to do with self how much more clear can I be it is more so for the next guy that uses your software and to make you aware as well as others aware so you do not have to waste as much time on support and others do not have to waste as much time coming to this conclusion.

The problem is able to be solved easily through your software is it not?

The software also has the intrinsic problem of not handling DNS which is an important part to the security of VPN connections isn't it so?

The idea is to improve things.

Some other suggestions is maybe to include things and not be so vague in your wiki about the importance of the user setting their DNS outside of the program for now.

Possibly state that they may experience problems if using DNS servers that have IP security features enabled.

As I said if you were not interested in solving this problem you did not have to I don't expect you to work for free that was your choice I even offered you money!

Just assuming that everyone is up to speed or expecting them to be because they have google is not the greatest at least from what I have found and luckily other people have found this to be the case as well this is why we have this forum.

I see this cop out all the time just google it. Why even post such a silly thing you are on a help forum help others out or don't it is your choice a comment is better left ignored then telling someone to google it you defeat the whole purpose of a help forum. Every time i see this response on a help forum there is the immediate face palm that happens! It it is creepy to me but somehow this has become socially acceptable for a comment often people look up to people who make this comment looking down on others and they shouldn't but at the same time I am greatful for free speech and realize that I am far removed from perfection as well.

But I appreciate all your work and your comments and remarks and I thank you for not totally ignoring this thread as well very respectable. And I wish you could see through all of this crap that you think is bad or that I am out to get you or prove anything I assure you this has nothing to do with any of it. Nor do I care to make noise. Or do I feel any entitlement that I should be owed anything. Don't believe me use your thinker for a minute and not google for once. Ask yourself these questions? Is he or she selling anything? Is he or she trying to sell his or herself? (is there a picture or a real name? is there a link to an about me page.) I am just under educated in this field and do not have the hands on experience and I thought I could possibly enlist your help you implicitly stated you did not want to help and that the issue didn't exist then it was a 1 in 40 issue lacking importance but now it was an issue and you solved it... But the problem still exists for the next person and it can be solved with lines of code. You know it as well as I do people should not have to disable using NordVPN's DNS nor their IPSEC and potentially unwillingly expose themselves and make their VPN connection essentially as useless as tits on a bull but it will happen. I do not expect you to solve it or help me at all but your help is still welcomed if you have a change of heart or spare time etc... We all lead busy lives. I get it really. And we are constantly trying to be the best versions of ourselves but can we be that without being self aware? You could argue that I am self entilted but I not only offered you a tip but offered to pay you as well to fix the issue. Does that seem like someone who is self entitled by definition?

These are all things that a self aware person would think of I guess that is the take home from all of this. If I just attack you back and start name calling what good is that. There is nothing useful that comes from such an exchange. I can only forgive what was said and apologize for any action or inaction you feel I am guilty of and move on and enlist the help of google and people who are not so hard pressed that is what I have been doing really. And raise awareness to save other people from suffering through these little nuances. Feel free to respond and do as you need everything said or believe has value no matter what my opinion or thought process is. Sometimes I need to hear things and understand ideals and ideas weather they are what I want to hear or not. Thanks again for everything.

forlotto · OpenVPN DNS problem with NordVPN forlotto September 23, 2017 at 12:55 PM

Quote from zomboided

You're wrong, period. You can google why that is because I'm not going to explain. I will say that the configs are based on those provided by the VPN providers. Some have submitted their own to the repo. None of them agree with you, but maybe you should email them all and let them know what they're doing wrong.

If you think I'm wrong, that's fine. I provide free software for free. You can choose not to use it, I'm good with this. Enjoy your journey, I won't be engaging with you anymore.

Stop and listen to yourself for a moment you are so worried and hell bent on being wrong or right and making a wrong or right war out of this I assume this is how you go through life constantly trying to prove your identity through feedback instead of being at peace with who you are.

I may be wrong I may be right it is of no difference to me either way just like a moment of life this is for experience and to be honest in the long run it is to help you out!

If you would be kind as to actually read the issue and understand it it has nothing to do with your provider files it is a connection issue the issue is already understood!

I have already gotten an email back from NordVPN...

The issue is their DNS server and it may also be related to IPSEC being enabled on my account.

But either way I can use my ISP's or another DNS and it works just fine so that tells me that the IPSEC is done through blacklisting and filtering rules similar to that of OpenDNS where you can setup rules to filter out certain content and block certain things from happening in this manner there is no true firewall almost all ports are open it all makes since to me I understand the issue it is you who do not understand the issue!

So the issue at hand has nothing to do with the config files as the config files are on the server and they are fine!

The issue has to do with DNS NordVPN's Domain Name Servers "with ipsec enabled".

THE SOLUTION: temporarily set the DNS to something else before the download phase, then they download the files, then once completed they set the DNS to the VPN providers DNS.

The issue is downloads fail when using nordvpns DNS and having IPSEC enabled I did not disable IPSEC and test because I don't feel I need to because if I simply change DNS servers it works downloading the files ahhh there in lies the solution!

I know this may all be hard for you to take in but the seed is planted and maybe someday you will realize that people in the free world using your free software are also free to speak and heavens forbid think without google. Oh no he didn't use google hang him!

One thing with your software is that it does not address DNS at all! This is critical as stated by VPN providers as well as security experts.

DNS provides you with the ability to translate information from an IP to a readable name in place of those numbers.

You do not take criticism very well and this is fine I forgive you for all of your misconceptions and the idea of this is not to prove your wrong or right or say anything negative here the objective is to reach an end goal that will be useful for you, me and everyone really it is not all about me or all about you. You can attempt to silence me over and over either on github or elsewhere it don't really make no difference to me I am pesty as you said on the github comment but I am also many other things and so are you you are just to wrapped up in your identity and not self aware enough to realize it.

forlotto · OpenVPN DNS problem with NordVPN forlotto September 23, 2017 at 6:09 AM

To be specific though starting at line 1058 in vpnproviders.py I think this is the code that I should likely shoot to modify right before the download starts I should check provider then if it is NordVPN then I should change DNS

Code

# Download and store the updated files        
    error_count = 0
    file_count = 0
    progress_count = float(1)
    progress_inc = float(99/float(total_files))
    for file in file_list:
        try:
            #debugTrace("Downloading " + file)
            if progress is not None:
                progress_count += progress_inc
                if progress.iscanceled(): return False
                progress_message = "Downloading " + file
                progress.update(int(progress_count), progress_title, progress_message)
            download_url = "https://raw.githubusercontent.com/Zomboided/service.vpn.manager.providers/master/" + vpn_provider + "/" + file
            download_url = download_url.replace(" ", "%20")
            git_file = urllib2.urlopen(download_url)
            file = file.strip(' \n')
            output = open(getUserDataPath("Downloads" + "/" + vpn_provider + "/" + file), 'w')
            for line in git_file:
                output.write(line)
            output.close()
        except Exception as e:
            errorTrace("vpnproviders.py", "Can't download " + file)
            errorTrace("vpnproviders.py", str(e))
            error_count += 1
            # Bail after 5 failures as it's likely something bad is happening.  Don't fail
            # immediately because it could just be an error with one or two locations
            if error_count > 5: return False
        # Uncomment the next line to make testing NordVPN download easier....
        # if file_count == 20: break
        file_count += 1
    debugTrace("Processed " + str(file_count) + " files for " + vpn_provider)
                
    # Write the update timestamp
    debugTrace("Updated VPN provider " + vpn_provider + " new timestamp is " + timestamp)
    output = open(getUserDataPath("Downloads" + "/" + vpn_provider + "/METADATA.txt"), 'w')
    output.write(timestamp + "\n")
    output.close()
    if progress is not None:
        progress_message = "VPN provider files updated, removing old ones"
        progress.update(10, progress_title, progress_message)
        # Delete any generated files and reset the connection
        removeGeneratedFiles()
        # Adjust 11 below if changing number of conn_max
        i = 1
        while i < 11:
            addon.setSetting(str(i) + "_vpn_validated", "")
            addon.setSetting(str(i) + "_vpn_validated_friendly", "")
            i = i + 1
        xbmc.sleep(500)
    return True

Display More

The above code is critical to the whole operation of downloading .ovpn files I believe if I am reading and understanding things correctly.

So time to think on modification. These are my notes thus far very little accomplished in a day of reading through code I understand as I said this is likely going to be a slow process for me alone with some help maybe a bit faster.

It would be a tad bit cooler if the program set the DNS for the provider automatically after downloading the files before trying to connect anyways I feel and from a safety standpoint according to everything I have read it is important that you use the DNS of the provider to ensure your safety anyways which is why I don't get why autoDNS is not implemented according to provider.

I would be willing to bet my right toenail clippings that many people running a VPN are using their ISP's DNS servers because they are unaware they believe that the program just works and does it for you or it doesn't matter!

DNS leaks are critical when it comes to protection of your activity online think about this a second if you were to constantly visit a website that was involved in something Taboo just the fact that you were served a domain through your provider cold add to evidence that you were involved in something Taboo. For instance lets say that you used thepiratebay to check out what the top downloaded stuff was out of curiosity to see what is really worth buying the very fact that you were resolving that website through their domain name servers adds evidence to a case built against you it is a slippery slope really all DNS should be resolved by a trusted 3rd party such as you VPN provider to keep you safe.

This program lacks this and also lacks appropriate warnings.

Funny thing how none of this is mentioned in the wiki along with the security warnings...

forlotto · OpenVPN DNS problem with NordVPN forlotto September 23, 2017 at 5:59 AM

Ok so minor update I've forked the code and been reading over the code to try and understand it all day.

I came across the following in vpnproviders.py

Code

1086: # Uncomment the next line to make test for NordVPN download easier...
1087:  # if file_count == 20: break

I am curious if he breaks at 20 for his testing purposes or if other users could break at 20 to make the downloading process easier somehow.

I must say interesting little bit of code which makes me think that tests being run for NordVPN are not as thorough as other providers but maybe thorough enough IDK no expert heck it all might as well be egyptian or greek to me I have a small understanding of code in general I know enough to be dangerous.

What I am looking for is where to implement code to switch DNS I believe it is going to be in this general area where I will need to execute scripts to change code but it may be best to have this as a debug option instead of forcing it upon every downloader or possibly I can say if provider is NordVPN then run bash script to set DNS to google.

I am really trying to think what the best avenue would be I need to see how files are installed and copied over to the disk I really wish I had a better understanding of all of this already unfortuneately I do not all I can do is keep reading and try to decipher everything should likely be an easy task to fix this for most but it is like climbing mount Everest to me at current. I don't even understand what is possible or file permissions or what is required to do what I have to do 100%

forlotto · OpenVPN DNS problem with NordVPN forlotto September 22, 2017 at 8:06 AM

There is an issue that keeps NordVPN from functioning smoothly during update while this could be fixed by changing the DNS on your router to something other than NordVPN's DNS while updating .ovpn files I find it to be kind of obnoxious when software's main reason for development in my mind is to automate things and make other things possible this software currently fails at both objectives.

- It does not allow changing DNS from within the program

- It does not automatically change DNS while updating to fix the issue either

The author is not interested in fixing the issue because to him it is a non issue and not worth changing code and I totally understand this which is why I am trying to take my own little journey into the unknown. I surely cannot expect someone to always do my bidding but if you care to join in this is excellent and welcomed.

So basically I want the program to do the changing or possibly run scripts but there are a number of things I must first figure out not knowing all too much about any of it.

This is kind of what I want to add before and after the updates in plain english:

Code

If UpdateRequired = NordVPN
then run googledns.sh

If Download = Complete
then run norddns.sh

Was actually looking how to do the scripting I believe something like this may work:

Below would be norddns.sh

Code

#/bin/sh
interface eth0
static domain_name_servers=162.242.211.137 78.46.223.24
interface wlan0
static domain_name_servers=162.242.211.137 78.46.223.24

Then googledns.sh

Code

#/bin/sh
interface eth0
static domain_name_servers=8.8.8.8 8.8.4.4
interface wlan0
static domain_name_servers=8.8.8.8 8.8.4.4

Other things I need to figure out: Notes to self and thinking process for all to see.

Who knows I may need to specify everything as static maybe it does not allow for only static DNS?

Will root be required for the software to properly invoke the script?

Will the settings take hold automatically or will I need to somehow disable and enable the eth0 and wlan0 to get things going?

Need to figure out where to invoke the scripts exactly?

Created a github account now I need to figure out how to use it properly... Clone or fork etc but first figure out the next question?

Maybe .py script would be better to use or just integrating the code into the existing .py code IDK?

X DONE X need to figure out if I have permission to use the code I never did look at the license to see what the requirements are of zomboided so I may possibly have to keep my build private if there is any type of requirements? Ahh it is GNU GPL Answered Yes Perfectly Fine If I keep code open source!

Anyone not interested feel free to ignore my journey. I am trying to gather all the info needed to put the plan into action now that I have one. I don't expect anyone to be interested in this but if you are reply's are most welcome thanks in advance for your reply.

forlotto · VPN Manager for OpenVPN forlotto September 22, 2017 at 7:49 AM

Yes of course my apologies didn't know if etiquette was to post here or open a new thread. But thanks for the direction.

forlotto · VPN Manager for OpenVPN forlotto September 22, 2017 at 6:52 AM

Removed to stop clutter within the thread.

forlotto · VPN Manager for OpenVPN forlotto September 22, 2017 at 4:26 AM

Removed to not clog up thread started new thread.

forlotto · VPN Manager for OpenVPN forlotto September 20, 2017 at 11:21 PM

jahutchi

Mighty fine point but if that is the case then NordVPN's DNS servers are the issue then errr bummer I've been using their DNS servers though since before it was a problem that's pretty lame though if this is the case cause that means they were essentially the cause of all of this ...

zomboided

Thank you for attempting this for me today much appreciated I will have to roll my DNS servers to something else then I suppose while I update the script then roll them back interesting if it pans out to be this. As I said it worked like gold not that long ago.

Hrmmm maybe a debug option to change DNS while downloading config files would be cool or the ability to change DNS in the program would be beneficial to all I believe.

The only reason I am doing things this way is simple it is because I didn't want to run a second router loaded with tomato or have to log into my router and setup an openvpn every time I want to watch something on Kodi in case it may be questionable as far as copyright hard telling what people host these days for all we know we could be watching material we shouldn't be on a totally legit plugin. Then who's problem is that yours kind of lame the way things are setup legally it just all makes since to me. I may just have to consider getting an openvpn access point and just periodically update that. There are plenty of solutions and I guess my point is software is made to create solutions. Rolling DNS would be a great addition for all I have seen that question pop up a few times reading through postings and I don't believe I am the one in 40 on this issue.

So there is my request a simple solution that will solve the nordvpn issue and make others happy in the process.

P.S. Either way this goes I thank all that have helped I knew I was missing one small detail that slipped my mind to check thank the lord for forums and other people sharing their experience. And thank you jahutchi ! As soon as you said it I thought maybe just maybe you hit the nail on the head with this and you did.

forlotto · VPN Manager for OpenVPN forlotto September 20, 2017 at 1:07 AM

Quote from zomboided

@fotlotto, here's my issue : On my crappy connection in the location I'm at currently, it takes ~5 minutes to download the Nord files. I can just about do low quality streaming on that connection. On my home connection which far more suitable for streaming, download would be much quicker. I agree using a zip would be better, and restarting would be good too, but this is a problem unique to NordVPN and their insistence on having 1000s of ovpn files. As you can imagine, my interest in writing a load of code to solve a problem for 1 out of ~40 providers is pretty low.

You're also suggesting fixes when the problem of Nord failing to download has not been understood. If there's something in your environment that's causing it to crap out, then that's what needs fixing. I'd like to see a debug log of it failing before I do anything more.

huey could you do me a favor and just try to reset everything maybe even uninstall and reinstall and try the latest version to see if you have the error as well? Whats killing me is this is a brand spanking new image with almost nothing but zomboided on it and everything is new and fully capable of functioning as fast as any residential person could 1GB/1GB fiber is a huge pipe. Everything is new and functions fine microsd is a rather speedy little microsd 90mb/s 32GB samsung evo. Errr not to sure about the bluetooth dongle possibly I should remove that as I have yet to really give it a test it is for my bluetooth keyboard/mousepad combo using the plugin usb keyboard for now until I figure all this out I am trying to eliminate any existing elements to be sure it is the software and as far as I can tell I have but this is why I am here at this discussion board sometimes it is the little thing you miss and no one has pointed it out to me yet except enabling default up/down scripts which I should try for kickers as well but I thought that had to do with something all together different looking at the code I will give it a try now actually and post back in case you are on to something there! EDIT: No go did not help a bit.

What version of LibreElec are you using?

zomboided

Alright I posted the area where your program failed for me the first time if you want say a full log from boot I would be glad to provide that but I find it rather pointless as you say it is a problem for one of 40 so not worth the time to write code I totally get that and appreciate your honesty.

Log Provided : cDSN

Alternative1: Paste.ee - Zomboided Log

Yeah was looking at the code it appears that your github is hosting all of the files and you actually change the names of the files as well from the originals to new ones. Seems to me like a lot of crap that could be cut out if you did the zip thing as suggested but I'm no programmer I am kind of curious though I I could change or modify the code to fit my needs being the 1 in 40.

I have already purchased NordVPN so I am going to be with them for some time it seems as I have a plan that lasts at least a few more months prepaid so I am stuck unless I want to shell out more for yet another VPN... Which is why I'd rather pay you to update the code to make it a single file download so we don't trigger anything maybe github has limitations on the number of get requests for a time frame on a project to prevent DDOS type stuff from happening lets say 100 people want to use NordVPN that is a ton of requests. Its weird to me because the files are not repeating as far as failure goes.

Who knows surely not me if I did I wouldn't be here badgering the guy that gave the community a great program for nothing I hate doing this as much as you hate hearing about it.

Maybe the log will shed some light and provide a simple fix but I don't see nothing in there other than an odd warning about updating something in future versions. I also see that update monitor seems to be invoking rather frequently maybe I should try an older version of LibreElec as well IDK.

I am open to suggestions if you are interested in fixing the 1 out of 40 but if not just verify that with me and I'll have to take another approach possibly as I said looking further into things to see if there is a way I can modify your code while I know nothing about it other than what is readable maybe between stack exchange or other resources I could figure a method of doing the single zip file IDK.

Thank You!