Last active
January 20, 2024 12:07
-
-
Save Schnouki/fd171bcb2d8c556e8fdf to your computer and use it in GitHub Desktop.
OpenVPN for a single application using network namespaces -- helper scripts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env zsh | |
# Initialize VPN | |
sudo vpnns up | |
sudo vpnns start_vpn | |
# Popcorn time! | |
sudo ip netns exec frootvpn sudo -u $USER popcorntime | |
# Cleanup | |
sudo ip netns pids frootvpn | xargs -rd'\n' sudo kill | |
sudo vpnns down |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env zsh | |
if [[ $UID != 0 ]]; then | |
echo "This must be run as root." | |
exit 1 | |
fi | |
function iface_up() { | |
ip netns add frootvpn | |
ip netns exec frootvpn ip addr add 127.0.0.1/8 dev lo | |
ip netns exec frootvpn ip link set lo up | |
ip link add vpn0 type veth peer name vpn1 | |
ip link set vpn0 up | |
ip link set vpn1 netns frootvpn up | |
ip addr add 10.200.200.1/24 dev vpn0 | |
ip netns exec frootvpn ip addr add 10.200.200.2/24 dev vpn1 | |
ip netns exec frootvpn ip route add default via 10.200.200.1 dev vpn1 | |
iptables -A INPUT \! -i vpn0 -s 10.200.200.0/24 -j DROP | |
iptables -t nat -A POSTROUTING -s 10.200.200.0/24 -o wl+ -j MASQUERADE | |
sysctl -q net.ipv4.ip_forward=1 | |
mkdir -p /etc/netns/frootvpn | |
echo 'nameserver 8.8.8.8' > /etc/netns/frootvpn/resolv.conf | |
ip netns exec frootvpn fping -q www.google.fr | |
} | |
function iface_down() { | |
rm -rf /etc/netns/frootvpn | |
sysctl -q net.ipv4.ip_forward=0 | |
iptables -D INPUT \! -i vpn0 -s 10.200.200.0/24 -j DROP | |
iptables -t nat -D POSTROUTING -s 10.200.200.0/24 -o wl+ -j MASQUERADE | |
ip netns delete frootvpn | |
} | |
function run() { | |
shift | |
exec sudo ip netns exec frootvpn "$@" | |
} | |
function start_vpn() { | |
sudo ip netns exec frootvpn openvpn --config /etc/openvpn/frootvpn.conf & | |
while ! sudo ip netns exec frootvpn ip a show dev tun0 up; do | |
sleep .5 | |
done | |
} | |
case "$1" in | |
up) | |
iface_up ;; | |
down) | |
iface_down ;; | |
run) | |
run "$@" ;; | |
start_vpn) | |
start_vpn ;; | |
*) | |
echo "Syntax: $0 up|down|run|start_vpn" | |
exit 1 | |
;; | |
esac |
yeah
sudo -i
export $(dbus-launch)
exit
doing this helped me
At the start you check that root runs this script so you can omit all sudo calls.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Thanks for your code :)
Here,
I am able to open 'google-chrome' with the vpn
but when i try to run a torrent application like
ktorrent or deluge i get some dbus session error
deluge:
`(deluge:6925): GConf-WARNING **: Client failed to connect to the D-BUS daemon:
Failed to connect to socket /tmp/dbus-r2khLwNbU3: Connection refused
(deluge:6925): GConf-WARNING **: Client failed to connect to the D-BUS daemon:
Failed to connect to socket /tmp/dbus-p0CCQmuJyW: Connection refused
Traceback (most recent call last):
File "/usr/bin/deluge", line 9, in
load_entry_point('deluge==1.3.13', 'gui_scripts', 'deluge')()
File "/usr/lib/python2.7/dist-packages/deluge/main.py", line 135, in start_ui
UI(options, args, options.args)
File "/usr/lib/python2.7/dist-packages/deluge/ui/ui.py", line 153, in init
ui = GtkUI(args)
File "/usr/lib/python2.7/dist-packages/deluge/ui/gtkui/gtkui.py", line 233, in init
common.associate_magnet_links(False)
File "/usr/lib/python2.7/dist-packages/deluge/ui/gtkui/common.py", line 255, in associate_magnet_links
if (gconf_client.get(key) and overwrite) or not gconf_client.get(key):
glib.GError: No D-BUS daemon running
`
ktorrent
`QDBusConnection: session D-Bus connection created before QCoreApplication. Application may misbehave.
unnamed app(7142): KUniqueApplication: Cannot find the D-Bus session server: "Failed to connect to socket /tmp/dbus-78fnqxoZAF: Connection refused"
unnamed app(7141): KUniqueApplication: Pipe closed unexpectedly. `