nordsecurity / libtelio Goto Github PK

View Code? Open in Web Editor NEW

119.0 119.0 17.0 7.08 MB

A library providing networking utilities for NordVPN VPN and meshnet functionality

Home Page: https://meshnet.nordvpn.com

License: GNU General Public License v3.0

Rust 70.11% C 0.11% Go 0.96% Shell 0.69% PowerShell 0.05% Python 27.90% Dockerfile 0.02% Swift 0.04% HTML 0.12%

libtelio's People

Contributors

Stargazers

Watchers

Forkers

lukaspukenis kp666 lgx95 valdas cyberguard541 wuchirat jjanowsk esavier gytsto ghztomash wcc-analytics haliucinas edvyno1 savolro aisha131996 devzbysiu ptruong88

libtelio's Issues

raspberry pi - 6.1.19-

nordvpnd[500]: 2023/03/16 17:12:32 [Error] TELIO: libtelio-build/libtelio/crates/telio-wg/src/adapter/linux_native_wg.rs:102 LinuxNativeWg: [GET01] Unable to get interface from WireGuard. Make sure it exists and you have permissions to access it.

ssh and sshfs connection via meshnet not working

I have set up an OpenSSH server on my home PC (Ubuntu 22.04 LTS) and am trying to connect to it using ssh and sshfs from my Laptop (Ubuntu 20.04 LTS).

The server seems to be running smoothly and I can easily access it, while in the same network.
As I can't configure a port forwarding (the router I got from my ISP doesn't allow it), I am trying to use NordVPN's Meshnet to establish a connection.

Using the NordVPN hostname or IP, I can connect as well, while in the same network.
The problem arises, when trying to connect from a different network:

While the first ssh connection is working properly, if I exit this connection and try connecting again, the connection fails with "Connection closed by port 22"
When I try to establish an sshfs connection, I have the same problem. Curiously, if I add the sshfs command to my startup applications, it works at first (I can access the directory via Files, open files, etc.), but disconnects after roughly half a minute.
purging and reinstalling nordvpn enables one connection to be made again, same if I run iptables -F and sudo systemctl restart NetworkManager
when running service ssh status on the PC it shows "fatal: Timeout before authentication for port 47176" (this port changes each time)

Things I have tried so far:

Ran sudo ufw allow ssh on both devices
Added sshd: <Client meshnet IP> to "/etc/hosts.allow" on the host
Flushed all iptables rules and set the default policy to ACCEPT
removed all NordVPN settings and config files
ran nordvpn whitelist add port 22on both devices

The last few were recommended by the NordVPN support (which gave up).
I'm not ready to let this idea go yet, as it would allow me to leave my external drives at home and access them remotely, instead of taking them everywhere and wearing them down.

Moved this over from askubuntu.com at the request of one of your engineers

Edit (2023-04-05): I also tried using meshnet to connect to another PC, which runs an ssh server I used frequently and confirmed, that I had the same connectivity issues over meshnet, while connecting through the regular address worked perfectly, therefore I doubt that the problem lies in my installation of openssh-server on the original PC I am trying to connect to.

add new route to make docker containers connect to each other

In addition to set up the ip address as mentioned in README, I also have to add a new route with the following command to make t1 and t2 connect to each other:

ip route add 100.64.0.0/10 via <IP_ADDRESS> dev <NAME>

"libtelio" errors cleared w/o explanation; now network interface errors w/ Nordlynx only;openvpn forcing tcp only.

Using two different Archlinux PCs on two separate ISPs, persistent Nordlynx libtelio errors disappeared and are now replaced with Nordlynx unable to see an active network interface. Nordvpn using openvpn technology is unaffected by these errors.
Ongoing discussion/troubleshooting in Arch forum here:
https://bbs.archlinux.org/viewtopic.php?id=285071

Unable to get interface from WireGuard. Make sure it exists and you have permissions to access it.

On a Raspberry Pi, I'm having issues enabling meshnet with NordVPN. I have a fresh install, of which I can only use openvpn as the underlying technology to connect. When I try and run nordvpn set meshnet on I get the following error in syslog:

Apr 19 19:14:49 raspberrypi nordvpnd[642]: 2023/04/19 19:14:49 quic transport needs reconnect, err: Application error 0x100 (remote)
Apr 19 19:14:50 raspberrypi connmand[415]: nordlynx {update} flags 16 <DOWN>
Apr 19 19:14:50 raspberrypi connmand[415]: nordlynx {newlink} index 4 address 00:00:00:00:00:00 mtu 1420
Apr 19 19:14:50 raspberrypi connmand[415]: nordlynx {newlink} index 4 operstate 2 <DOWN>
Apr 19 19:14:50 raspberrypi connmand[415]: (null) {del} address 100.88.173.42/32 label nordlynx
Apr 19 19:14:50 raspberrypi connmand[415]: nordlynx {dellink} index 4 operstate 2 <DOWN>
Apr 19 19:14:50 raspberrypi connmand[415]: (null) {remove} index 4
Apr 19 19:14:50 raspberrypi nordvpnd[642]: 2023/04/19 19:14:50 [Error] TELIO: telio_start_named: Err(AlreadyStarted)
Apr 19 19:14:50 raspberrypi nordvpnd[642]: 2023/04/19 19:14:50 [Error] TELIO: telio_start_named: Err(AlreadyStarted)
Apr 19 19:14:50 raspberrypi nordvpnd[642]: 2023/04/19 19:14:50 [Error] enabling libtelio: opening the tunnel: starting libtelio on retry with boring-tun: 6
Apr 19 19:14:51 raspberrypi nordvpnd[642]: 2023/04/19 19:14:51 [Error] TELIO: libtelio-build/libtelio/crates/telio-wg/src/adapter/linux_native_wg.rs:102 LinuxNativeWg: [GET01] Unable to get interface from WireGuard. Make sure it exists and you have permissions to access it.
Apr 19 19:14:52 raspberrypi nordvpnd[642]: 2023/04/19 19:14:52 [Error] TELIO: libtelio-build/libtelio/crates/telio-wg/src/adapter/linux_native_wg.rs:102 LinuxNativeWg: [GET01] Unable to get interface from WireGuard. Make sure it exists and you have permissions to access it.
Apr 19 19:14:53 raspberrypi nordvpnd[642]: 2023/04/19 19:14:53 [Error] TELIO: libtelio-build/libtelio/crates/telio-wg/src/adapter/linux_native_wg.rs:102 LinuxNativeWg: [GET01] Unable to get interface from WireGuard. Make sure it exists and you have permissions to access it.
Apr 19 19:14:54 raspberrypi nordvpnd[642]: 2023/04/19 19:14:54 [Error] TELIO: libtelio-build/libtelio/crates/telio-wg/src/adapter/linux_native_wg.rs:102 LinuxNativeWg: [GET01] Unable to get interface from WireGuard. Make sure it exists and you have permissions to access it.
Apr 19 19:14:55 raspberrypi nordvpnd[642]: 2023/04/19 19:14:55 [Error] TELIO: libtelio-build/libtelio/crates/telio-wg/src/adapter/linux_native_wg.rs:102 LinuxNativeWg: [GET01] Unable to get interface from WireGuard. Make sure it exists and you have permissions to access it.
Apr 19 19:14:56 raspberrypi nordvpnd[642]: 2023/04/19 19:14:56 [Error] TELIO: libtelio-build/libtelio/crates/telio-wg/src/adapter/linux_native_wg.rs:102 LinuxNativeWg: [GET01] Unable to get interface from WireGuard. Make sure it exists and you have permissions to access it.
Apr 19 19:14:57 raspberrypi nordvpnd[642]: 2023/04/19 19:14:57 [Error] TELIO: libtelio-build/libtelio/crates/telio-wg/src/adapter/linux_native_wg.rs:102 LinuxNativeWg: [GET01] Unable to get interface from WireGuard. Make sure it exists and you have permissions to access it.
Apr 19 19:14:58 raspberrypi nordvpnd[642]: 2023/04/19 19:14:58 [Error] TELIO: libtelio-build/libtelio/crates/telio-wg/src/adapter/linux_native_wg.rs:102 LinuxNativeWg: [GET01] Unable to get interface from WireGuard. Make sure it exists and you have permissions to access it.
Apr 19 19:14:59 raspberrypi nordvpnd[642]: 2023/04/19 19:14:59 [Error] TELIO: libtelio-build/libtelio/crates/telio-wg/src/adapter/linux_native_wg.rs:102 LinuxNativeWg: [GET01] Unable to get interface from WireGuard. Make sure it exists and you have permissions to access it.
Apr 19 19:15:00 raspberrypi nordvpnd[642]: 2023/04/19 19:15:00 [Error] TELIO: libtelio-build/libtelio/crates/telio-wg/src/adapter/linux_native_wg.rs:102 LinuxNativeWg: [GET01] Unable to get interface from WireGuard. Make sure it exists and you have permissions to access it.
Apr 19 19:15:01 raspberrypi nordvpnd[642]: 2023/04/19 19:15:01 [Error] TELIO: libtelio-build/libtelio/crates/telio-wg/src/adapter/linux_native_wg.rs:102 LinuxNativeWg: [GET01] Unable to get interface from WireGuard. Make sure it exists and you have permissions to access it.

I'm not sure if it's relevant to this project, but I get the following error from nordvpn:

Whoops! Connection failed. Please try again. If the problem persists, contact our customer support.

The interfaces I can see from running ip a are as follows:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether dc:a6:32:4b:45:7c brd ff:ff:ff:ff:ff:ff
    inet 172.16.37.97/16 brd 172.16.255.255 scope global dynamic eth0
       valid_lft 85274sec preferred_lft 74474sec
    inet6 2a00:23c6:f80:3801:25d9:8721:258c:16a4/64 scope global dynamic mngtmpaddr noprefixroute
       valid_lft 274sec preferred_lft 94sec
    inet6 fe80::bbc:5875:ced1:f249/64 scope link
       valid_lft forever preferred_lft forever
3: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether dc:a6:32:4b:45:7d brd ff:ff:ff:ff:ff:ff
    inet 172.16.37.98/16 brd 172.16.255.255 scope global dynamic noprefixroute wlan0
       valid_lft 85282sec preferred_lft 74482sec
    inet6 2a00:23c6:f80:3801:fd48:3253:6a12:2a31/64 scope global dynamic mngtmpaddr noprefixroute
       valid_lft 274sec preferred_lft 94sec
    inet6 fe80::64ca:67e0:d42:3391/64 scope link
       valid_lft forever preferred_lft forever

I saw issue #2 which had a comment suggesting to install wireguard directly, which I have, however that didn't seem to make any difference.

The output of uname -a is as follows:

Linux raspberrypi 6.1.24-v8+ #1645 SMP PREEMPT Tue Apr 18 11:58:14 BST 2023 aarch64 GNU/Linux

Appreciate any help on this. I'm not sure what else to provide, but if you need more information, just let me know and I'll pass it along.

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.