These scripts will configure Transmission (the BitTorrent client) to launch and run only through OpenVPN. They are designed to be run on top of the Transmission jail for FreeNAS.
pkg: No packages available to install matching 'openvpn' have been found in the repositories
Hello,
Love the work, so thank you! However, I'm having an issue getting OpenVPN to successfully start (error from jail /var/log/messages below) and I was hoping someone here may be able to help point me in the right direction. Any ideas what might be going on?
Also, OpenVPN fails earlier unless I create the "tun" interface (using 'ifconfig tun create') on the host. I doubt this is expected as I don't see it mentioned in the instructions.
Sat Jul 23 18:18:17 2016 OpenVPN 2.3.11 amd64-portbld-freebsd9.3 [SSL (OpenSSL)] [LZO] [MH] [IPv6] built on Jun 6 2016
Sat Jul 23 18:18:17 2016 library versions: OpenSSL 0.9.8za-freebsd 5 Jun 2014, LZO 2.09
Sat Jul 23 18:18:17 2016 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Sat Jul 23 18:18:17 2016 Control Channel Authentication: tls-auth using INLINE static key file
Sat Jul 23 18:18:17 2016 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Sat Jul 23 18:18:17 2016 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Sat Jul 23 18:18:17 2016 Socket Buffers: R=[42080->524288] S=[9216->524288]
Sat Jul 23 18:18:17 2016 UDPv4 link local: [undef]
Sat Jul 23 18:18:17 2016 UDPv4 link remote: [AF_INET]XX.XX.XX.XX:1195
Sat Jul 23 18:18:17 2016 TLS: Initial packet from [AF_INET]XX.XX.XX.XX:1195, sid=1fd8b08c 3c11b001
Sat Jul 23 18:18:18 2016 VERIFY OK: depth=1, C=VG, ST=BVI, O=ExpressVPN, OU=ExpressVPN, CN=ExpressVPN CA, emailAddress=[email protected]
Sat Jul 23 18:18:18 2016 VERIFY OK: nsCertType=SERVER
Sat Jul 23 18:18:18 2016 VERIFY X509NAME OK: C=VG, ST=BVI, O=ExpressVPN, OU=ExpressVPN, CN=Server, emailAddress=[email protected]
Sat Jul 23 18:18:18 2016 VERIFY OK: depth=0, C=VG, ST=BVI, O=ExpressVPN, OU=ExpressVPN, CN=Server, emailAddress=[email protected]
Sat Jul 23 18:18:18 2016 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Sat Jul 23 18:18:18 2016 Data Channel Encrypt: Using 512 bit message hash 'SHA512' for HMAC authentication
Sat Jul 23 18:18:18 2016 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Sat Jul 23 18:18:18 2016 Data Channel Decrypt: Using 512 bit message hash 'SHA512' for HMAC authentication
Sat Jul 23 18:18:18 2016 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Sat Jul 23 18:18:18 2016 [Server] Peer Connection Initiated with [AF_INET]XX.XX.XX.XX:1195
Sat Jul 23 18:18:20 2016 SENT CONTROL [Server]: 'PUSH_REQUEST' (status=1)
Sat Jul 23 18:18:20 2016 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.13.0.1,route 10.13.0.1,topology net30,ping 10,ping-restart 60,ifconfig 10.13.3.138 10.13.3.137'
Sat Jul 23 18:18:20 2016 OPTIONS IMPORT: timers and/or timeouts modified
Sat Jul 23 18:18:20 2016 OPTIONS IMPORT: --ifconfig/up options modified
Sat Jul 23 18:18:20 2016 OPTIONS IMPORT: route options modified
Sat Jul 23 18:18:20 2016 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Sat Jul 23 18:18:20 2016 Could not retrieve default gateway from route socket:: No such process (errno=3)
Sat Jul 23 18:18:20 2016 ROUTE: default_gateway=UNDEF
Sat Jul 23 18:18:20 2016 Cannot allocate TUN/TAP dev dynamically
Sat Jul 23 18:18:20 2016 Exiting due to fatal error
Problem resolved...
Hey there, thanks for this project! Very easy to setup!
I have but one question: how do I verify that my VPN-connection works and all traffic gets routed through there? There is no way to see something like the external IP in the transmission web interface. The only indication I have is that my listening port is now shown as closed.
Kind regards
Hey, thank you for your work!
From time to time i have the problem that the VPN connection fails, what is pretty bad.
The lasttime the transmission jail went to an off state.
It is possible to only allow the connection via VPN?
i am a bit out of my depth here with unix -related things even, but here goes:
i followed your guide to the word until the config part. Nordvpn offers .ovpn file that has a bit different certificate from airvpn.
when running the script i get an error:
`
root@transmission:/tmp/openvpn # /etc/rc.d/transmissionvpn start
spawn /usr/local/sbin/openvpn --cd /FreeNAS-Transmission-OpenVPN/openvpn --config /FreeNAS-Transmission-OpenVPN/openvpn/openvpn.conf --up /FreeNAS-Transmission-OpenVPN/scripts/start_transmission.sh --script-security 2 --down /FreeNAS-Transmission-OpenVPN/scripts/stop_transmission.sh --daemon openvpn --log-append /FreeNAS-Transmission-OpenVPN/openvpn-running.log --writepid /FreeNAS-Transmission-OpenVPN/openvpn.pid
expect: spawn id exp4 not open
while executing
"expect "Enter Auth Password:" {
send "passwordPassword\n"
}"
(file "/FreeNAS-Transmission-OpenVPN/run.sh" line 16)
`
this is how my .ovpn file looks like:
`client
dev tun
proto udp
remote 196.196.203.69 1194
resolv-retry infinite
remote-random
nobind
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
persist-key
persist-tun
ping 15
ping-restart 0
ping-timer-rem
reneg-sec 0
comp-lzo no
remote-cert-tls server
auth-user-pass
verb 3
pull
fast-io
cipher AES-256-CBC
auth SHA512
I found that the repository is incorrectly set for an older version of FreeBSD, in order for the code to run well it needs to be updated to url: "pkg+http://pkg.FreeBSD.org/${ABI}/latest". I'm not experienced with Linux or FreeBSD so I'm not sure where the problem is, just that this might help people having trouble.
Sorry for bothering you again.
I got an Error when the jail had a bit of traffic.
found a few threads and edited the sysctl config file via ssh.
I have done the changes on my sysctl in the root directory, but then i couldn't boot anymore.
there is another way but all the things i found where for the old FreeNAS build or plain BSD:
net.inet.tcp.recvbuf_max
net.inet.tcp.sendbuf_max
Do you know how to get rid of it?
Thanks as always for your great work. Maybe i will contribute a few lines of code for stability and the ipfw feature in the next month when there is time.
Hi, first off thanks for the work just what i was searching for.
Now my Problem is this, if i follow your instructions and disable my transmission plugin i first lose connection to the remote interface, okay fine.
When i then get to the end of your script the Plugin is still disabled because of this i get no connection.
If i then turn the plugin ON again i feel like its killing your transmission session and OpenVPN still does not open up any connection.
Any idear what this could be? I'm also on 9.3
Everything went well up until the configuration are. Got the config file downloaded and it unzipped fine but when applying the line mv Sweden.ovpn openvpn.conf (I use mv US Texas.ovpn openvpn.conf) I get the error mv: openvpn.conf is not a directory. I am pretty new to this process, I imagine it is an easy fix but could you walk me through it?
Here are the exact lines I get:
root@transmission_1:/FreeNAS-Transmission-OpenVPN/openvpn # mv US Texas.ovpn ope
nvpn.conf
mv: openvpn.conf is not a directory
root@transmission_1:/FreeNAS-Transmission-OpenVPN/openvpn #
The start command "/etc/rc.d/transmissionvpn start" does not start Transmission.
So for whatever reason this jail was reachable but now I cannot access the transmission URL if the VPN is up. Is there some type of firewall setting to enable traffic to that jail once the VPN is up?
transmissionvpn start is failing during the expect script. I'm receiving the error "expect: spawn id exp6 not open". After doing quite a bit of research I believe this is occurring because openvpn is closing stdin. If I remove the --daemon arg from the spawn command, the error goes away, and the script works when manually run from the shell. However, it fails to run correctly as a service.
Any assistance you can provide to help get past this issue?
Thanks!
The descriptions reads:
This guide and the associated scripts will help you secure your Transmission client so it only sends traffic through a VPN.
HOW does it do this?
I see the usage of /etc/rc.d/transmissionvpn start / stop
what does that script do? I see it sets some IP, can you elaborate?
What is different here from simply setting up OpenVPn and transmission without this script?
Can you include the step for the following in your readMe please:
Thanks so much.
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google โค๏ธ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.
