Active Topics
-
Is there a section to talk about Java ME? Apps, etc. (0)
to General by Kalatti - 3 days, 4 hrs ago -
Extra softwares in Sailfish using CLI, repositories, etc (117)
to SailfishOS by nieldk - 5 days, 1 hr ago -
Firefox with Leste (6)
to Maemo 7 / Leste by teroyk - 5 days, 22 hrs ago - more...
|
2010-05-10
, 14:31
|
|
Posts: 726 |
Thanked: 345 times |
Joined on Apr 2010
@ Sweden
|
#2
|
Take some time and think about what OpenVPN is doing and I think it will be hard to make this work if you change WiFi connection or switch to 3G.
The interface that is the endpoint on your device is a virtual one that sends its traffic through your real one, the wlan0 interface. If the wlan0 interface is reconfigured the remote end will not be able to send data to the same IP address and this is the base for the tunnel that is created.
Perhaps there is some way to restart the lower levels of the OpenVPN connection without disturbing established TCP/IP connections, but I doubt it.
The interface that is the endpoint on your device is a virtual one that sends its traffic through your real one, the wlan0 interface. If the wlan0 interface is reconfigured the remote end will not be able to send data to the same IP address and this is the base for the tunnel that is created.
Perhaps there is some way to restart the lower levels of the OpenVPN connection without disturbing established TCP/IP connections, but I doubt it.
 |
|
2010-05-10
, 14:34
|
|
Posts: 4,384 |
Thanked: 5,524 times |
Joined on Jul 2007
@ ˙ǝɹǝɥʍou
|
#3
|
But as long as the clients are running sessions that are attached to the virtual interface, a vpn reconnection shouldn't reset their connection, no?
__________________
Class .. : Power User
Humor .. : [#####-----] | Alignment: Pragmatist
Patience : [###-------] | Weapon(s): Galaxy Note + BB Bold Touch 9900
Agro ... : [###-------] | Relic(s) : iPhone 4S, Atrix, Milestone, N900, N800, N95, HTC G1, Treos, Zauri, BB 9000, BB 9700, etc
Class .. : Power User
Humor .. : [#####-----] | Alignment: Pragmatist
Patience : [###-------] | Weapon(s): Galaxy Note + BB Bold Touch 9900
Agro ... : [###-------] | Relic(s) : iPhone 4S, Atrix, Milestone, N900, N800, N95, HTC G1, Treos, Zauri, BB 9000, BB 9700, etc
Follow the MeeGo Coding Competition!
|
|
2010-05-10
, 14:57
|
|
Posts: 726 |
Thanked: 345 times |
Joined on Apr 2010
@ Sweden
|
#4
|
Originally Posted by ysss
Define "session".
But as long as the clients are running sessions that are attached to the virtual interface, a vpn reconnection shouldn't reset their connection, no?
As far as I know, applications running on the client machine that access services on the inside via VPN can't pick a special interface. This is done via the kernel routing table that after the creation of the VPN connection gets a new entry pointing at the virtual interface for all traffic in that subnet.
When it comes to established TCP/IP connections, any packet that's sent over the VPN connection has to be encrypted and sent to the receiver (client or server) using the normal connection. If this mapping were to break, I'd guess all established TCP/IP connections would be orphaned and removed by the connection tracking in the TCP/IP stack, possibly after some timeout.
If you only look at new connections, like clicking a new link in your browser, it might work even if you just reconnected the lower levels of the VPN system. But, to me, this is of limited use since that's not saving established connections.
|
|
2010-05-10
, 15:06
|
|
Posts: 74 |
Thanked: 34 times |
Joined on Jan 2008
|
#5
|
I was basicly looking for script that will restart the openvpn service , whenever it senses that a new connection was established. just like my sip account registers again whenever I switch access point connection.
Niv
Niv
|
|
2010-05-10
, 15:11
|
|
Posts: 3,841 |
Thanked: 1,079 times |
Joined on Nov 2006
|
#6
|
Technically there shouldn't really be any problem. Just as the openvpn connection itself can go down and get re-established, and the only thing you would notice would be a pause in your remote access. But this doesn't mean that there's actual support for moving sessions between different physical layers. I haven't done any experiments on this.
__________________
N800/OS2007|N900/Maemo5
-- Metalayer-crawler delenda est.
-- Current state: Fed up with everything MeeGo.
N800/OS2007|N900/Maemo5
-- Metalayer-crawler delenda est.
-- Current state: Fed up with everything MeeGo.
|
|
2010-05-10
, 15:12
|
|
Posts: 726 |
Thanked: 345 times |
Joined on Apr 2010
@ Sweden
|
#7
|
That's something else, I'd say. And much easier, if I were to guess.
I'm sure there are dbus messages sent when a new connection is established. If you register to listen for them, you can (re)start the VPN connection when you want to.
I'm sure there are dbus messages sent when a new connection is established. If you register to listen for them, you can (re)start the VPN connection when you want to.
|
|
2010-05-10
, 15:23
|
|
Posts: 74 |
Thanked: 34 times |
Joined on Jan 2008
|
#8
|
Originally Posted by Joorin
yes I tried using dbus-scripts for this. but if I move from 3G to wifi I first get a msg about connecting to the wifi then I get an idle from 3G. so according to the last msg I close the openvpn service.
That's something else, I'd say. And much easier, if I were to guess.
I'm sure there are dbus messages sent when a new connection is established. If you register to listen for them, you can (re)start the VPN connection when you want to.
how can I know if there is actually still a connection to the WAN?
|
|
2010-05-10
, 15:27
|
|
Posts: 726 |
Thanked: 345 times |
Joined on Apr 2010
@ Sweden
|
#9
|
Originally Posted by niv
Eh? That's a state machine with two states: connected and not connected. The connected state has one attribute: what am I connected to?
yes I tried using dbus-scripts for this. but if I move from 3G to wifi I first get a msg about connecting to the wifi then I get an idle from 3G. so according to the last msg I close the openvpn service.
how can I know if there is actually still a connection to the WAN?
So, if you've moved from "not connected" to "connected" with the attribute set to "wifi", and get a message from the 3G module, you can just ignore that.
Or am I missing something here?
|
|
2010-05-11
, 14:15
|
|
Posts: 74 |
Thanked: 34 times |
Joined on Jan 2008
|
#10
|
Originally Posted by Joorin
will this satisfy your suggestion:
Eh? That's a state machine with two states: connected and not connected. The connected state has one attribute: what am I connected to?
So, if you've moved from "not connected" to "connected" with the attribute set to "wifi", and get a message from the 3G module, you can just ignore that.
Or am I missing something here?
Code:
#! /bin/sh
# /etc/openvpn/dbus.openvpn
# This script is invoked by dbus-scripts when connection changes
# state.
LOG=/var/log/dbus.openvpn.log
STATUS_FILE=/var/log/dbus.openvpn-status
DAEMON="/etc/init.d/openvpn"
NAME="dbusScriptsOpenvpn"
DESC="Sipn openvpn deam up and down by dbus-scripts"
CONN_STATE=/etc/openvpn/connected
# Connection serial in saved connection database
CONN_ID=$5
#$6 is GPRS or WLAN_INFRA or WLAN_ADHOC
TYPE=$6
STATUS=$7
Count=0
for arg ; do
Count=$(( $Count + 1 ))
echo "Parameter $Count = '$arg'" >>$LOG
done
test -f $DAEMON || exit 0
#current connection state is "connected"
if test -f $CONN_STATE ; then
if test "x$STATUS" = "xCONNECTED" ; then
if test $CONN_ID = '78967400-a235-4a4e-91d2-9ca80c250247' ; then
echo "Home lan sensed. killing openvpn" >>$LOG
$DAEMON stop >>$LOG
rm -r $CONN_STATE
elif ! grep -q $TYPE $CON_FLAG ; then
$DAEMON restart >>$LOG
echo $TYPE > $CONN_STATE
else
$DAEMON restart >>$LOG
fi
elif test "x$STATUS" = "xIDLE" ; then
if grep -q $TYPE $CON_FLAG ; then
echo "current connection went idle , killing openvpn"
$DAEMON stop >>$LOG
rm -r $CONN_STATE
fi
else
echo "Error: got this status: $STATUS while being connected" >>$LOG
fi
#current connection state is "not connected"
elif test "x$STATUS" = "xCONNECTED" ; then
#if connected to home access point dont run openvpn
if test $CONN_ID = '78967400-a235-4a4e-91d2-9ca80c250247' ; then
echo "Home lan sensed. leaving not connected" >>$LOG
else
echo "Starting $DESC:" >>$LOG
$DAEMON start >>$LOG
if [ "$?" -ne 0 ];then
echo $TYPE > $CONN_STATE
fi
fi
elif test "x$STATUS" = "xSCAN_START" -o "x$STATUS" = "xSCAN_STOP" ; then
echo .
elif test "x$STATUS" = "xCONNECTING" -o "x$STATUS" = "xDISCONNECTING" ; then
echo .
else
echo "Error in calling /etc/openvpn/dbus.openvpn" >>$LOG
fi
# wget http://www.whatismyip.com -T 10 -O - -o /dev/null
# if [ "$?" -ne 0 ];then
# $DAEMON stop >>$LOG
# echo "failed to access inet" >>$LOG
# fi
exit 0
Code:
Stopping virtual private network daemon:. Starting virtual private network daemon: openvpnParameter 1 = ':1.81' Parameter 2 = 'null' Parameter 3 = 'com.nokia.icd' Parameter 4 = 'status_changed' Parameter 5 = '1c7096bb-1788-487c-8c5c-3998e7b99fde' Parameter 6 = 'WLAN_INFRA' Parameter 7 = 'DISCONNECTING' Parameter 8 = 'com.nokia.icd.error.network_error' Error: got this status: DISCONNECTING while being connected Parameter 1 = ':1.81' Parameter 2 = 'null' Parameter 3 = 'com.nokia.icd' Parameter 4 = 'status_changed' Parameter 5 = '1c7096bb-1788-487c-8c5c-3998e7b99fde' Parameter 6 = 'WLAN_INFRA' Parameter 7 = 'IDLE' Parameter 8 = 'com.nokia.icd.error.network_error' Parameter 1 = ':1.81' Parameter 2 = 'null' Parameter 3 = 'com.nokia.icd' Parameter 4 = 'status_changed' Parameter 5 = '[SCAN]' Parameter 6 = 'GPRS' Parameter 7 = 'SCAN_START' Parameter 8 = '' Error: got this status: SCAN_START while being connected Parameter 1 = ':1.81' Parameter 2 = 'null' Parameter 3 = 'com.nokia.icd' Parameter 4 = 'status_changed' Parameter 5 = '[SCAN]' Parameter 6 = 'WLAN_INFRA' Parameter 7 = 'SCAN_START' Parameter 8 = '' Error: got this status: SCAN_START while being connected Parameter 1 = ':1.81' Parameter 2 = 'null' Parameter 3 = 'com.nokia.icd' Parameter 4 = 'status_changed' Parameter 5 = '[SCAN]' Parameter 6 = 'WLAN_ADHOC' Parameter 7 = 'SCAN_START' Parameter 8 = '' Error: got this status: SCAN_START while being connected Parameter 1 = ':1.81' Parameter 2 = 'null' Parameter 3 = 'com.nokia.icd' Parameter 4 = 'status_changed' Parameter 5 = '[SCAN]' Parameter 6 = 'GPRS' Parameter 7 = 'SCAN_STOP' Parameter 8 = '' Error: got this status: SCAN_STOP while being connected Parameter 1 = ':1.81' Parameter 2 = 'null' Parameter 3 = 'com.nokia.icd' Parameter 4 = 'status_changed' Parameter 5 = '7bc55dda-a470-4885-a802-c119f9ad4f88' Parameter 6 = 'GPRS' Parameter 7 = 'CONNECTING' Parameter 8 = '' Error: got this status: CONNECTING while being connected Parameter 1 = ':1.81' Parameter 2 = 'null' Parameter 3 = 'com.nokia.icd' Parameter 4 = 'status_changed' Parameter 5 = '[SCAN]' Parameter 6 = 'WLAN_INFRA' Parameter 7 = 'SCAN_STOP' Parameter 8 = '' Error: got this status: SCAN_STOP while being connected Parameter 1 = ':1.81' Parameter 2 = 'null' Parameter 3 = 'com.nokia.icd' Parameter 4 = 'status_changed' Parameter 5 = '[SCAN]' Parameter 6 = 'WLAN_ADHOC' Parameter 7 = 'SCAN_STOP' Parameter 8 = '' Error: got this status: SCAN_STOP while being connected Parameter 1 = ':1.81' Parameter 2 = 'null' Parameter 3 = 'com.nokia.icd' Parameter 4 = 'status_changed' Parameter 5 = '7bc55dda-a470-4885-a802-c119f9ad4f88' Parameter 6 = 'GPRS' Parameter 7 = 'CONNECTED' Parameter 8 = '' Stopping virtual private network daemon:. Starting virtual private network daemon: openvpnParameter 1 = ':1.81' Parameter 2 = 'null' Parameter 3 = 'com.nokia.icd' Parameter 4 = 'status_changed' Parameter 5 = '[SCAN]' Parameter 6 = 'WLAN_INFRA' Parameter 7 = 'SCAN_START' Parameter 8 = '' Error: got this status: SCAN_START while being connected Parameter 1 = ':1.81' Parameter 2 = 'null' Parameter 3 = 'com.nokia.icd' Parameter 4 = 'status_changed' Parameter 5 = '[SCAN]' Parameter 6 = 'WLAN_ADHOC' Parameter 7 = 'SCAN_START' Parameter 8 = '' Error: got this status: SCAN_START while being connected Parameter 1 = ':1.81' Parameter 2 = 'null' Parameter 3 = 'com.nokia.icd' Parameter 4 = 'status_changed' Parameter 5 = '[SCAN]' Parameter 6 = 'GPRS' Parameter 7 = 'SCAN_START' Parameter 8 = '' Error: got this status: SCAN_START while being connected Parameter 1 = ':1.81' Parameter 2 = 'null' Parameter 3 = 'com.nokia.icd' Parameter 4 = 'status_changed' Parameter 5 = '[SCAN]' Parameter 6 = 'GPRS' Parameter 7 = 'SCAN_STOP' Parameter 8 = '' Error: got this status: SCAN_STOP while being connected Parameter 1 = ':1.81' Parameter 2 = 'null' Parameter 3 = 'com.nokia.icd' Parameter 4 = 'status_changed' Parameter 5 = '[SCAN]' Parameter 6 = 'WLAN_INFRA' Parameter 7 = 'SCAN_STOP' Parameter 8 = '' Error: got this status: SCAN_STOP while being connected Parameter 1 = ':1.81' Parameter 2 = 'null' Parameter 3 = 'com.nokia.icd' Parameter 4 = 'status_changed' Parameter 5 = '[SCAN]' Parameter 6 = 'WLAN_ADHOC' Parameter 7 = 'SCAN_STOP' Parameter 8 = '' Error: got this status: SCAN_STOP while being connected Parameter 1 = ':1.81' Parameter 2 = 'null' Parameter 3 = 'com.nokia.icd' Parameter 4 = 'status_changed' Parameter 5 = '1c7096bb-1788-487c-8c5c-3998e7b99fde' Parameter 6 = 'WLAN_INFRA' Parameter 7 = 'CONNECTING' Parameter 8 = '' Error: got this status: CONNECTING while being connected Parameter 1 = ':1.81' Parameter 2 = 'null' Parameter 3 = 'com.nokia.icd' Parameter 4 = 'status_changed' Parameter 5 = '7bc55dda-a470-4885-a802-c119f9ad4f88' Parameter 6 = 'GPRS' Parameter 7 = 'DISCONNECTING' Parameter 8 = '' Error: got this status: DISCONNECTING while being connected Parameter 1 = ':1.81' Parameter 2 = 'null' Parameter 3 = 'com.nokia.icd' Parameter 4 = 'status_changed' Parameter 5 = '1c7096bb-1788-487c-8c5c-3998e7b99fde' Parameter 6 = 'WLAN_INFRA' Parameter 7 = 'CONNECTED' Parameter 8 = '' Stopping virtual private network daemon:. Starting virtual private network daemon: openvpnParameter 1 = ':1.81' Parameter 2 = 'null' Parameter 3 = 'com.nokia.icd' Parameter 4 = 'status_changed' Parameter 5 = '7bc55dda-a470-4885-a802-c119f9ad4f88' Parameter 6 = 'GPRS' Parameter 7 = 'IDLE' Parameter 8 = ''
Last edited by niv; 2010-05-12 at 05:29.
| The Following User Says Thank You to niv For This Useful Post: | ||
did anyone managed to sustain openvpn after switching to 3G connection?
Niv