maemo.org - Talk
Page 1 of 2 1 2
Show 40 post(s) from this thread on one page

maemo.org - Talk (https://talk.maemo.org/index.php)
-   Applications (https://talk.maemo.org/forumdisplay.php?f=41)
-   -   how to sustain openvpn even when changing wifi connection (https://talk.maemo.org/showthread.php?t=52316)

niv 2010-05-10 14:26
how to sustain openvpn even when changing wifi connection
 
Did anyone managed to have openvpn stay connected even after changing wifi access points?
did anyone managed to sustain openvpn after switching to 3G connection?
Niv

Joorin 2010-05-10 14:31
Re: how to sustain openvpn even when changing wifi connection
 
Take some time and think about what OpenVPN is doing and I think it will be hard to make this work if you change WiFi connection or switch to 3G.

The interface that is the endpoint on your device is a virtual one that sends its traffic through your real one, the wlan0 interface. If the wlan0 interface is reconfigured the remote end will not be able to send data to the same IP address and this is the base for the tunnel that is created.

Perhaps there is some way to restart the lower levels of the OpenVPN connection without disturbing established TCP/IP connections, but I doubt it.

ysss 2010-05-10 14:34
Re: how to sustain openvpn even when changing wifi connection
 
But as long as the clients are running sessions that are attached to the virtual interface, a vpn reconnection shouldn't reset their connection, no?

Joorin 2010-05-10 14:57
Re: how to sustain openvpn even when changing wifi connection
 
Quote:
Originally Posted by ysss (Post 651879)
But as long as the clients are running sessions that are attached to the virtual interface, a vpn reconnection shouldn't reset their connection, no?
Define "session".

As far as I know, applications running on the client machine that access services on the inside via VPN can't pick a special interface. This is done via the kernel routing table that after the creation of the VPN connection gets a new entry pointing at the virtual interface for all traffic in that subnet.

When it comes to established TCP/IP connections, any packet that's sent over the VPN connection has to be encrypted and sent to the receiver (client or server) using the normal connection. If this mapping were to break, I'd guess all established TCP/IP connections would be orphaned and removed by the connection tracking in the TCP/IP stack, possibly after some timeout.

If you only look at new connections, like clicking a new link in your browser, it might work even if you just reconnected the lower levels of the VPN system. But, to me, this is of limited use since that's not saving established connections.

niv 2010-05-10 15:06
Re: how to sustain openvpn even when changing wifi connection
 
I was basicly looking for script that will restart the openvpn service , whenever it senses that a new connection was established. just like my sip account registers again whenever I switch access point connection.
Niv

TA-t3 2010-05-10 15:11
Re: how to sustain openvpn even when changing wifi connection
 
Technically there shouldn't really be any problem. Just as the openvpn connection itself can go down and get re-established, and the only thing you would notice would be a pause in your remote access. But this doesn't mean that there's actual support for moving sessions between different physical layers. I haven't done any experiments on this.

Joorin 2010-05-10 15:12
Re: how to sustain openvpn even when changing wifi connection
 
That's something else, I'd say. And much easier, if I were to guess.

I'm sure there are dbus messages sent when a new connection is established. If you register to listen for them, you can (re)start the VPN connection when you want to.

niv 2010-05-10 15:23
Re: how to sustain openvpn even when changing wifi connection
 
Quote:
Originally Posted by Joorin (Post 651937)
That's something else, I'd say. And much easier, if I were to guess.

I'm sure there are dbus messages sent when a new connection is established. If you register to listen for them, you can (re)start the VPN connection when you want to.
yes I tried using dbus-scripts for this. but if I move from 3G to wifi I first get a msg about connecting to the wifi then I get an idle from 3G. so according to the last msg I close the openvpn service.
how can I know if there is actually still a connection to the WAN?

Joorin 2010-05-10 15:27
Re: how to sustain openvpn even when changing wifi connection
 
Quote:
Originally Posted by niv (Post 651957)
yes I tried using dbus-scripts for this. but if I move from 3G to wifi I first get a msg about connecting to the wifi then I get an idle from 3G. so according to the last msg I close the openvpn service.
how can I know if there is actually still a connection to the WAN?
Eh? That's a state machine with two states: connected and not connected. The connected state has one attribute: what am I connected to?

So, if you've moved from "not connected" to "connected" with the attribute set to "wifi", and get a message from the 3G module, you can just ignore that.

Or am I missing something here?

niv 2010-05-11 14:15
Re: how to sustain openvpn even when changing wifi connection
 
Quote:
Originally Posted by Joorin (Post 651962)
Eh? That's a state machine with two states: connected and not connected. The connected state has one attribute: what am I connected to?

So, if you've moved from "not connected" to "connected" with the attribute set to "wifi", and get a message from the 3G module, you can just ignore that.

Or am I missing something here?
will this satisfy your suggestion:
Code:
#! /bin/sh
# /etc/openvpn/dbus.openvpn
# This script is invoked by dbus-scripts when connection changes
# state.
LOG=/var/log/dbus.openvpn.log
STATUS_FILE=/var/log/dbus.openvpn-status
DAEMON="/etc/init.d/openvpn"
NAME="dbusScriptsOpenvpn"
DESC="Sipn openvpn deam up and down by dbus-scripts"
CONN_STATE=/etc/openvpn/connected
# Connection serial in saved connection database
CONN_ID=$5
#$6 is GPRS or WLAN_INFRA or WLAN_ADHOC
TYPE=$6
STATUS=$7

        Count=0                                       
        for arg ; do                                 
                Count=$(( $Count + 1 ))               
                echo "Parameter $Count = '$arg'" >>$LOG
        done                                         
        test -f $DAEMON || exit 0                     

#current connection state is "connected"
if test -f $CONN_STATE ; then
        if test "x$STATUS" = "xCONNECTED" ; then
                if test $CONN_ID = '78967400-a235-4a4e-91d2-9ca80c250247' ; then
                        echo "Home lan sensed. killing openvpn"  >>$LOG
                        $DAEMON stop >>$LOG
                        rm -r $CONN_STATE
                elif ! grep -q $TYPE $CON_FLAG ; then
                        $DAEMON restart >>$LOG
                        echo $TYPE > $CONN_STATE
                else
                        $DAEMON restart >>$LOG
                fi
        elif test "x$STATUS" = "xIDLE" ; then
                if grep -q $TYPE $CON_FLAG ; then
                        echo "current connection went idle , killing openvpn"
                        $DAEMON stop >>$LOG
                        rm -r $CONN_STATE
                fi
        else
                echo "Error: got this status: $STATUS while being connected" >>$LOG
        fi
#current connection state is "not connected"
elif test "x$STATUS" = "xCONNECTED" ; then
                        #if connected to home access point dont run openvpn
        if test $CONN_ID = '78967400-a235-4a4e-91d2-9ca80c250247' ; then
                echo "Home lan sensed. leaving not connected"  >>$LOG
        else
                echo "Starting $DESC:" >>$LOG
                $DAEMON start >>$LOG
                if [ "$?" -ne 0 ];then
                        echo $TYPE > $CONN_STATE
                fi
        fi
elif test "x$STATUS" = "xSCAN_START" -o "x$STATUS" = "xSCAN_STOP" ; then
        echo .
elif test "x$STATUS" = "xCONNECTING" -o "x$STATUS" = "xDISCONNECTING" ; then
        echo .
else
        echo "Error in calling /etc/openvpn/dbus.openvpn" >>$LOG
fi


#        wget http://www.whatismyip.com -T 10 -O - -o /dev/null
#                if [ "$?" -ne 0 ];then
#                        $DAEMON stop >>$LOG
#                        echo "failed to access inet"  >>$LOG
#                fi       
exit 0
dbus.openvpn.log is:
Code:
Stopping virtual private network daemon:.
Starting virtual private network daemon: openvpnParameter 1 = ':1.81'
Parameter 2 = 'null'
Parameter 3 = 'com.nokia.icd'
Parameter 4 = 'status_changed'
Parameter 5 = '1c7096bb-1788-487c-8c5c-3998e7b99fde'
Parameter 6 = 'WLAN_INFRA'
Parameter 7 = 'DISCONNECTING'
Parameter 8 = 'com.nokia.icd.error.network_error'
Error: got this status: DISCONNECTING while being connected
Parameter 1 = ':1.81'
Parameter 2 = 'null'
Parameter 3 = 'com.nokia.icd'
Parameter 4 = 'status_changed'
Parameter 5 = '1c7096bb-1788-487c-8c5c-3998e7b99fde'
Parameter 6 = 'WLAN_INFRA'
Parameter 7 = 'IDLE'
Parameter 8 = 'com.nokia.icd.error.network_error'
Parameter 1 = ':1.81'
Parameter 2 = 'null'
Parameter 3 = 'com.nokia.icd'
Parameter 4 = 'status_changed'
Parameter 5 = '[SCAN]'
Parameter 6 = 'GPRS'
Parameter 7 = 'SCAN_START'
Parameter 8 = ''
Error: got this status: SCAN_START while being connected
Parameter 1 = ':1.81'
Parameter 2 = 'null'
Parameter 3 = 'com.nokia.icd'
Parameter 4 = 'status_changed'
Parameter 5 = '[SCAN]'
Parameter 6 = 'WLAN_INFRA'
Parameter 7 = 'SCAN_START'
Parameter 8 = ''
Error: got this status: SCAN_START while being connected
Parameter 1 = ':1.81'
Parameter 2 = 'null'
Parameter 3 = 'com.nokia.icd'
Parameter 4 = 'status_changed'
Parameter 5 = '[SCAN]'
Parameter 6 = 'WLAN_ADHOC'
Parameter 7 = 'SCAN_START'
Parameter 8 = ''
Error: got this status: SCAN_START while being connected
Parameter 1 = ':1.81'
Parameter 2 = 'null'
Parameter 3 = 'com.nokia.icd'
Parameter 4 = 'status_changed'
Parameter 5 = '[SCAN]'
Parameter 6 = 'GPRS'
Parameter 7 = 'SCAN_STOP'
Parameter 8 = ''
Error: got this status: SCAN_STOP while being connected
Parameter 1 = ':1.81'
Parameter 2 = 'null'
Parameter 3 = 'com.nokia.icd'
Parameter 4 = 'status_changed'
Parameter 5 = '7bc55dda-a470-4885-a802-c119f9ad4f88'
Parameter 6 = 'GPRS'
Parameter 7 = 'CONNECTING'
Parameter 8 = ''
Error: got this status: CONNECTING while being connected
Parameter 1 = ':1.81'
Parameter 2 = 'null'
Parameter 3 = 'com.nokia.icd'
Parameter 4 = 'status_changed'
Parameter 5 = '[SCAN]'
Parameter 6 = 'WLAN_INFRA'
Parameter 7 = 'SCAN_STOP'
Parameter 8 = ''
Error: got this status: SCAN_STOP while being connected
Parameter 1 = ':1.81'
Parameter 2 = 'null'
Parameter 3 = 'com.nokia.icd'
Parameter 4 = 'status_changed'
Parameter 5 = '[SCAN]'
Parameter 6 = 'WLAN_ADHOC'
Parameter 7 = 'SCAN_STOP'
Parameter 8 = ''
Error: got this status: SCAN_STOP while being connected
Parameter 1 = ':1.81'
Parameter 2 = 'null'
Parameter 3 = 'com.nokia.icd'
Parameter 4 = 'status_changed'
Parameter 5 = '7bc55dda-a470-4885-a802-c119f9ad4f88'
Parameter 6 = 'GPRS'
Parameter 7 = 'CONNECTED'
Parameter 8 = ''
Stopping virtual private network daemon:.
Starting virtual private network daemon: openvpnParameter 1 = ':1.81'
Parameter 2 = 'null'
Parameter 3 = 'com.nokia.icd'
Parameter 4 = 'status_changed'
Parameter 5 = '[SCAN]'
Parameter 6 = 'WLAN_INFRA'
Parameter 7 = 'SCAN_START'
Parameter 8 = ''
Error: got this status: SCAN_START while being connected
Parameter 1 = ':1.81'
Parameter 2 = 'null'
Parameter 3 = 'com.nokia.icd'
Parameter 4 = 'status_changed'
Parameter 5 = '[SCAN]'
Parameter 6 = 'WLAN_ADHOC'
Parameter 7 = 'SCAN_START'
Parameter 8 = ''
Error: got this status: SCAN_START while being connected
Parameter 1 = ':1.81'
Parameter 2 = 'null'
Parameter 3 = 'com.nokia.icd'
Parameter 4 = 'status_changed'
Parameter 5 = '[SCAN]'
Parameter 6 = 'GPRS'
Parameter 7 = 'SCAN_START'
Parameter 8 = ''
Error: got this status: SCAN_START while being connected
Parameter 1 = ':1.81'
Parameter 2 = 'null'
Parameter 3 = 'com.nokia.icd'
Parameter 4 = 'status_changed'
Parameter 5 = '[SCAN]'
Parameter 6 = 'GPRS'
Parameter 7 = 'SCAN_STOP'
Parameter 8 = ''
Error: got this status: SCAN_STOP while being connected
Parameter 1 = ':1.81'
Parameter 2 = 'null'
Parameter 3 = 'com.nokia.icd'
Parameter 4 = 'status_changed'
Parameter 5 = '[SCAN]'
Parameter 6 = 'WLAN_INFRA'
Parameter 7 = 'SCAN_STOP'
Parameter 8 = ''
Error: got this status: SCAN_STOP while being connected
Parameter 1 = ':1.81'
Parameter 2 = 'null'
Parameter 3 = 'com.nokia.icd'
Parameter 4 = 'status_changed'
Parameter 5 = '[SCAN]'
Parameter 6 = 'WLAN_ADHOC'
Parameter 7 = 'SCAN_STOP'
Parameter 8 = ''
Error: got this status: SCAN_STOP while being connected
Parameter 1 = ':1.81'
Parameter 2 = 'null'
Parameter 3 = 'com.nokia.icd'
Parameter 4 = 'status_changed'
Parameter 5 = '1c7096bb-1788-487c-8c5c-3998e7b99fde'
Parameter 6 = 'WLAN_INFRA'
Parameter 7 = 'CONNECTING'
Parameter 8 = ''
Error: got this status: CONNECTING while being connected
Parameter 1 = ':1.81'
Parameter 2 = 'null'
Parameter 3 = 'com.nokia.icd'
Parameter 4 = 'status_changed'
Parameter 5 = '7bc55dda-a470-4885-a802-c119f9ad4f88'
Parameter 6 = 'GPRS'
Parameter 7 = 'DISCONNECTING'
Parameter 8 = ''
Error: got this status: DISCONNECTING while being connected
Parameter 1 = ':1.81'
Parameter 2 = 'null'
Parameter 3 = 'com.nokia.icd'
Parameter 4 = 'status_changed'
Parameter 5 = '1c7096bb-1788-487c-8c5c-3998e7b99fde'
Parameter 6 = 'WLAN_INFRA'
Parameter 7 = 'CONNECTED'
Parameter 8 = ''
Stopping virtual private network daemon:.
Starting virtual private network daemon: openvpnParameter 1 = ':1.81'
Parameter 2 = 'null'
Parameter 3 = 'com.nokia.icd'
Parameter 4 = 'status_changed'
Parameter 5 = '7bc55dda-a470-4885-a802-c119f9ad4f88'
Parameter 6 = 'GPRS'
Parameter 7 = 'IDLE'
Parameter 8 = ''


All times are GMT. The time now is 09:33.
Page 1 of 2 1 2
Show 40 post(s) from this thread on one page

vBulletin® Version 3.8.8