def connect(server,
port,
silent,
test,
skip_dns_patch,
openvpn_options,
server_provider="nordvpn"):
detected_os = sys.platform
if server_provider == "nordvpn":
if port == "tcp":
folder = "ovpn_tcp/"
else:
folder = "ovpn_udp/"
vpn_config_file = __basefilepath__ + "files/" + folder + server +\
".nordvpn.com." + port + ".ovpn"
# print("CONFIG FILE", vpn_config_file)
if os.path.isfile(vpn_config_file) is False:
print(
Fore.RED + "VPN configuration file", vpn_config_file,
"doesn't exist, don't worry running 'openpyn --update' for you :)"
+ Fore.BLUE)
time.sleep(6)
update_config_files()
elif server_provider == "ipvanish":
vpn_config_file = __basefilepath__ + "files/" + "ipvanish/" + server
# print("ipvanish")
if test:
print(
"Simulation end reached, openpyn would have connected to Server:" +
Fore.GREEN, server, Fore.BLUE + "on port:" + Fore.GREEN, port,
Fore.BLUE + "with 'silent' mode:" + Fore.GREEN, silent)
print(Style.RESET_ALL)
sys.exit(1)
kill_vpn_processes() # kill existing openvpn processes
# kill_management_client()
print(Fore.BLUE + "CONNECTING TO SERVER" + Fore.GREEN, server,
Fore.BLUE + "ON PORT", Fore.GREEN + port + Fore.BLUE)
root_access = root.verify_root_access(
Fore.GREEN + "Sudo credentials required to run 'openvpn'" + Fore.BLUE)
if root_access is False:
root.obtain_root_access()
if not silent:
# notifications Don't work with 'sudo'
if detected_os == "linux" and root.running_with_sudo():
print(
Fore.RED +
"Desktop notifications don't work when using 'sudo', run without it, "
+ "when asked, provide the sudo credentials" + Fore.BLUE)
else:
subprocess.Popen("openpyn-management".split())
if detected_os == "linux":
resolvconf_exists = os.path.isfile("/sbin/resolvconf")
# resolvconf_exists = False
else:
resolvconf_exists = False
skip_dns_patch = True
if not openvpn_options:
openvpn_options = ""
if resolvconf_exists is True and skip_dns_patch is False: # Debian Based OS + do DNS patching
# tunnel dns throught vpn by changing /etc/resolv.conf using
# "update-resolv-conf.sh" to change the dns servers to NordVPN's.
try:
print(
"Your OS'" + Fore.GREEN + detected_os + Fore.BLUE +
"' Does have '/sbin/resolvconf'",
"using it to update DNS Resolver Entries")
print(Style.RESET_ALL)
if silent:
subprocess.run([
"sudo", "openvpn", "--redirect-gateway", "--auth-retry",
"nointeract", "--config", vpn_config_file,
"--auth-user-pass", __basefilepath__ + "credentials",
"--script-security", "2", "--up", __basefilepath__ +
"scripts/update-resolv-conf.sh", "--down",
__basefilepath__ + "scripts/update-resolv-conf.sh"
] + openvpn_options.split(),
check=True)
else:
# print(openvpn_options)
subprocess.run([
"sudo", "openvpn", "--redirect-gateway", "--auth-retry",
"nointeract", "--config", vpn_config_file,
"--auth-user-pass", __basefilepath__ + "credentials",
"--script-security", "2", "--up", __basefilepath__ +
"scripts/update-resolv-conf.sh", "--down",
__basefilepath__ + "scripts/update-resolv-conf.sh",
"--management", "127.0.0.1", "7015", "--management-up-down"
] + openvpn_options.split(),
check=True)
except subprocess.CalledProcessError as openvpn_err:
# print(openvpn_err.output)
if 'Error opening configuration file' in str(openvpn_err.output):
print("Error opening configuration file", vpn_config_file,
"Make Sure it exists, run 'openpyn --update'")
sys.exit()
except KeyboardInterrupt:
print('\nShutting down safely, please wait until process exits\n')
sys.exit()
except PermissionError: # needed cause complains when killing sudo process
sys.exit()
else: # If not Debian Based or skip_dns_patch
# if skip_dns_patch, do not touch etc/resolv.conf
if skip_dns_patch is False:
print(
"Your OS", Fore.GREEN + detected_os + Fore.BLUE,
"Does not have" + Fore.GREEN + " '/sbin/resolvconf':\n" +
Fore.BLUE + "Manually Applying Patch to Tunnel DNS Through" +
"The VPN Tunnel By Modifying" + Fore.GREEN +
"' /etc/resolv.conf'")
print(Style.RESET_ALL)
subprocess.call(
["sudo", __basefilepath__ + "scripts/manual-dns-patch.sh"])
else:
print(Fore.RED + "Not Modifying /etc/resolv.conf, DNS traffic",
"likely won't go through the encrypted tunnel")
print(Style.RESET_ALL)
try: # pylint: disable=R1702
if silent:
if detected_os == "linux":
if subprocess.check_output(["/bin/uname", "-o"]).decode(
sys.stdout.encoding).strip() == "ASUSWRT-Merlin":
# make sure module is loaded
if os.popen(
"test ! -c /dev/net/tun && echo 0 || echo 1"
).read()[0:-1] == '0':
subprocess.call("modprobe tun", shell=True)
if os.popen(
"test ! -c /dev/net/tun && echo 0 || echo 1"
).read()[0:-1] == '0':
print(
Style.BRIGHT + Fore.RED +
"Cannot open TUN/TAP dev /dev/net/tun: No such file or directory"
)
print(Style.RESET_ALL)
sys.exit(0)
subprocess.run([
"sudo", "openvpn", "--redirect-gateway", "--auth-retry",
"nointeract", "--config", vpn_config_file,
"--auth-user-pass", __basefilepath__ + "credentials"
] + openvpn_options.split(),
check=True)
else:
subprocess.run([
"sudo", "openvpn", "--redirect-gateway", "--auth-retry",
"nointeract", "--config", vpn_config_file,
"--auth-user-pass", __basefilepath__ + "credentials",
"--management", "127.0.0.1", "7015", "--management-up-down"
] + openvpn_options.split(),
check=True)
except subprocess.CalledProcessError as openvpn_err:
# print(openvpn_err.output)
if 'Error opening configuration file' in str(openvpn_err.output):
print("Error opening configuration file", vpn_config_file,
"Make Sure it exists, run 'openpyn --update'")
sys.exit()
except KeyboardInterrupt:
print('\nShutting down safely, please wait until process exits\n')
sys.exit()
except PermissionError: # needed cause complains when killing sudo process
sys.exit()
def connect(server: str, port: str, silent: bool, test: bool, skip_dns_patch: bool,
openvpn_options: str, server_provider="nordvpn") -> bool:
detected_os = sys.platform
if server_provider == "nordvpn":
if port == "tcp":
folder = "ovpn_tcp/"
else:
folder = "ovpn_udp/"
vpn_config_file = __basefilepath__ + "files/" + folder + server +\
".nordvpn.com." + port + ".ovpn"
# logger.debug("CONFIG FILE %s", vpn_config_file)
if os.path.isfile(vpn_config_file) is False:
logger.notice("VPN configuration file %s doesn't exist, \
don't worry running 'openpyn --update' for you :)", vpn_config_file)
time.sleep(6)
update_config_files()
elif server_provider == "ipvanish":
vpn_config_file = __basefilepath__ + "files/" + "ipvanish/" + server
# logger.debug("ipvanish")
if test:
logger.success("Simulation end reached, \
openpyn would have connected to server: " + server + " on port: " + port + " with 'silent' mode: " + str(silent).lower())
return 0
kill_vpn_processes() # kill existing OpenVPN processes
kill_management_client()
logger.success("CONNECTING TO SERVER " + server + " ON PORT " + port)
root_access = root.verify_root_access("Sudo credentials required to run 'openvpn'")
if root_access is False:
root.obtain_root_access()
if not silent:
# notifications Don't work with 'sudo'
if detected_os == "linux" and root.running_with_sudo():
logger.warning("Desktop notifications don't work when using 'sudo', run without it, \
when asked, provide the sudo credentials")
subprocess.Popen("openpyn-management".split())
else:
subprocess.Popen("openpyn-management --do-notify".split())
use_systemd_resolved = False
use_resolvconf = False
if detected_os == "linux":
if subprocess.check_output(["/bin/uname", "-o"]).decode(sys.stdout.encoding).strip() == "ASUSWRT-Merlin":
skip_dns_patch = True
elif os.path.exists("/etc/openwrt_release"):
skip_dns_patch = True
else:
use_systemd_resolved = uses_systemd_resolved()
use_resolvconf = os.path.isfile("/sbin/resolvconf")
else:
use_systemd_resolved = False
use_resolvconf = False
skip_dns_patch = True
if not openvpn_options:
openvpn_options = ""
if (use_systemd_resolved or use_resolvconf) and skip_dns_patch is False: # Debian Based OS + do DNS patching
try:
route_up_script = __basefilepath__ + "scripts/docker-shim.sh"
if use_systemd_resolved:
openvpn_options += " " + "--dhcp-option DOMAIN-ROUTE ."
up_down_script = __basefilepath__ + "scripts/update-systemd-resolved.sh"
logger.success("Your OS '%s' has systemd-resolve running, \
using it to update DNS Resolver Entries", detected_os)
elif use_resolvconf:
# tunnel DNS through VPN by changing /etc/resolv.conf using
# "update-resolv-conf.sh" to change the DNS servers to NordVPN's.
up_down_script = __basefilepath__ + "scripts/update-resolv-conf.sh"
logger.success("Your OS '%s' Does have '/sbin/resolvconf', \
using it to update DNS Resolver Entries", detected_os)
else:
raise RuntimeError("Should not happen")
def run_openvpn(*args):
cmdline = [
"sudo", "openvpn",
"--redirect-gateway",
"--auth-retry", "nointeract",
"--config", vpn_config_file,
"--auth-user-pass", __basefilepath__ + "credentials",
"--script-security", "2",
"--route-up", route_up_script,
"--up", up_down_script,
"--down", up_down_script,
"--down-pre",
*args,
] + openvpn_options.split()
subprocess.run(cmdline, check=True)
if silent:
run_openvpn()
else:
run_openvpn(
"--management", "127.0.0.1", "7015",
"--management-up-down",
)
except subprocess.CalledProcessError as openvpn_err:
# logger.debug(openvpn_err.output)
if "Error opening configuration file" in str(openvpn_err.output):
logger.error(
"Error opening config file %s, make sure it exists, run 'openpyn --update'", vpn_config_file)
return 1
except KeyboardInterrupt:
logger.info("Shutting down safely, please wait until process exits")
return 0
except PermissionError: # needed cause complains when killing sudo process
return 0
else: # If not Debian Based or skip_dns_patch
# if skip_dns_patch, do not touch etc/resolv.conf
if skip_dns_patch is False:
logger.warning("Your OS '%s' Does not have '/sbin/resolvconf'", detected_os)
logger.notice(
"Manually applying patch to tunnel DNS through the VPN tunnel by modifying '/etc/resolv.conf'")
subprocess.call(["sudo", __basefilepath__ + "scripts/manual-dns-patch.sh"])
else:
logger.warning(
"Not modifying '/etc/resolv.conf', DNS traffic likely won't go through the encrypted tunnel")
try: # pylint: disable=R1702
if silent:
if detected_os == "linux":
if subprocess.check_output(["/bin/uname", "-o"]).decode(sys.stdout.encoding).strip() == "ASUSWRT-Merlin":
# make sure module is loaded
if os.popen("test ! -c /dev/net/tun && echo 0 || echo 1").read()[0:-1] == '0':
subprocess.call("modprobe tun", shell=True)
if os.popen("test ! -c /dev/net/tun && echo 0 || echo 1").read()[0:-1] == '0':
logger.error(
"Cannot open TUN/TAP dev /dev/net/tun: No such file or directory")
return 1
subprocess.run(
["sudo", "openvpn", "--redirect-gateway", "--auth-retry",
"nointeract", "--config", vpn_config_file, "--auth-user-pass",
__basefilepath__ + "credentials"]
+ openvpn_options.split(), check=True)
else:
subprocess.run(
["sudo", "openvpn", "--redirect-gateway", "--auth-retry",
"nointeract", "--config", vpn_config_file, "--auth-user-pass",
__basefilepath__ + "credentials",
"--management", "127.0.0.1", "7015", "--management-up-down"]
+ openvpn_options.split(), check=True)
except subprocess.CalledProcessError as openvpn_err:
# logger.debug(openvpn_err.output)
if 'Error opening configuration file' in str(openvpn_err.output):
logger.error(
"Error opening config file %s, make sure it exists, run 'openpyn --update'", vpn_config_file)
return 1
except KeyboardInterrupt:
logger.info('Shutting down safely, please wait until process exits')
return 0
except PermissionError: # needed cause complains when killing sudo process
return 0
def connect(server,
port,
daemon,
test,
skip_dns_patch,
server_provider="nordvpn"):
if server_provider == "nordvpn":
vpn_config_file = "/usr/share/openpyn/files/" + server + ".nordvpn.com."\
+ port + ".ovpn"
# print("CONFIG FILE", vpn_config_file)
elif server_provider == "ipvanish":
vpn_config_file = "/usr/share/openpyn/files/ipvanish/" + server
# print("ipvanish")
if test:
print(
"Simulation end reached, openpyn would have connected to Server:" +
Fore.GREEN, server, Fore.BLUE + " on port:" + Fore.GREEN, port,
Fore.BLUE + " with 'daemon' mode:" + Fore.GREEN, daemon)
sys.exit(1)
kill_vpn_processes() # kill existing openvpn processes
# kill_management_client()
print(Fore.BLUE + "CONNECTING TO SERVER" + Fore.GREEN, server,
Fore.BLUE + "ON PORT", Fore.GREEN + port + Fore.BLUE)
root_access = root.verify_root_access(
Fore.GREEN + "Sudo credentials required to run 'openvpn'" + Fore.BLUE)
if root_access is False:
root.obtain_root_access()
# notifications Don't work with 'sudo'
if root.running_with_sudo():
print(
Fore.RED +
"Desktop notifications don't work when using 'sudo', run without it, "
+ "when asked, provide the sudo credentials" + Fore.BLUE)
else:
subprocess.Popen("openpyn-management".split())
resolvconf_exists = os.path.isfile("/sbin/resolvconf")
# resolvconf_exists = False
detected_os = platform.linux_distribution()[0]
if resolvconf_exists is True and skip_dns_patch is False: # Debian Based OS + do DNS patching
# tunnel dns throught vpn by changing /etc/resolv.conf using
# "update-resolv-conf.sh" to change the dns servers to NordVPN's.
if daemon:
subprocess.Popen([
"sudo", "openvpn", "--redirect-gateway", "--auth-retry",
"nointeract", "--config", vpn_config_file, "--auth-user-pass",
"/usr/share/openpyn/credentials", "--script-security", "2",
"--up", "/usr/share/openpyn/update-resolv-conf.sh", "--down",
"/usr/share/openpyn/update-resolv-conf.sh", "--daemon",
"--management", "127.0.0.1", "7015", "--management-up-down"
])
print("Started 'openvpn' in" + Fore.GREEN + "--daemon" +
Fore.BLUE + "mode")
else:
try:
print(
"Your OS'" + Fore.GREEN + detected_os + Fore.BLUE +
"' Does have '/sbin/resolvconf'",
"using it to update DNS Resolver Entries")
print(Style.RESET_ALL)
subprocess.call(
"sudo openvpn --redirect-gateway --auth-retry nointeract" +
" --config " + vpn_config_file + " --auth-user-pass \
/usr/share/openpyn/credentials --script-security 2 --up \
/usr/share/openpyn/update-resolv-conf.sh --down \
/usr/share/openpyn/update-resolv-conf.sh \
--management 127.0.0.1 7015 --management-up-down",
shell=True)
except (KeyboardInterrupt) as err:
print(
'\nShutting down safely, please wait until process exits\n'
)
sys.exit()
except PermissionError: # needed cause complains when killing sudo process
sys.exit()
else: # If not Debian Based or skip_dns_patch
# if skip_dns_patch, do not touch etc/resolv.conf
if skip_dns_patch is False:
print(
"Your OS", Fore.GREEN + detected_os + Fore.BLUE,
"Does not have" + Fore.GREEN + " '/sbin/resolvconf':\n" +
Fore.BLUE + "Manually Applying Patch to Tunnel DNS Through" +
"The VPN Tunnel By Modifying" + Fore.GREEN +
"' /etc/resolv.conf'")
apply_dns_patch = subprocess.call(
["sudo", "/usr/share/openpyn/manual-dns-patch.sh"])
else:
print(Fore.RED + "Not Modifying /etc/resolv.conf, DNS traffic",
"likely won't go through the encrypted tunnel")
print(Style.RESET_ALL)
if daemon:
subprocess.Popen([
"sudo", "openvpn", "--redirect-gateway", "--auth-retry",
"nointeract", "--config", vpn_config_file, "--auth-user-pass",
"/usr/share/openpyn/credentials", "--daemon", "--management",
"127.0.0.1", "7015", "--management-up-down"
])
print("Started 'openvpn' in --daemon mode")
else:
try:
subprocess.call((
"sudo openvpn --redirect-gateway --auth-retry nointeract "
+ "--config " + vpn_config_file + " --auth-user-pass " +
"/usr/share/openpyn/credentials --management 127.0.0.1 7015 "
+ "--management-up-down").split())
except (KeyboardInterrupt) as err:
print(
'\nShutting down safely, please wait until process exits\n'
)
sys.exit()
except PermissionError: # needed cause complains when killing sudo process
sys.exit()
