Openvpn DNS leak almost resolved......almost

[dave205]

(Ubuntu 15.10)
So if I follow the instructions here (http://www.ubuntubuzz.com/2015/09/ho...-in-linux.html) then it actually fixes the issue BUT you must run openvpn from the cli and manually type in the username/password every time. I am using Private Internet Access (PIA) and they have preconfigured ovpn files that you can use to launch the vpn form the cli. (http://www.privateinternetaccess.com...pn/openvpn.zip) Or....you can use those as templates to import into the network manager. (next step)


I would like to use the network connection manager to launch the vpn connection as there is an option to have the vpn auto launch when the wireless is activated. Problem is, if I import the ovpn files from the zip above, then Ubuntu creates a new configuration file within /etc/NetworkManager/system-connections. This is what I assume the network manager is using to launch the vpn. I have tried appending the fix into these created files but that doesn't seem to work. I get leaks detected.

I have tried adding the extra security lines as described on ubuntubuzz above into the opvn file before importing into the network manager AND also adding those lines to the network manager created config file (after import) and neither one seems to work. The only sure fire way to stop the leak is to not use the network manager at all and just run cli.

Any ideas?

[Seanan]

I would think that you could make a executable that dumps wireless connectivity info and runs your vpn if it finds something in the dump and then use cron to run it every 30 seconds or something. Sorry if this doesn't help.

[weatherman2]

I use Cuttlefish to connect to my VPN automatically when I connect to certain wireless networks. Cuttlefish is a Gui-based event manager; based on certain triggers, it can execute various commands. OpenVPN via Network Manager does work fine for me in Ubuntu 12.04, though. I'm pretty sure you could put the password in a file on on the command line if issuing the openvpn via a command line, although that technically puts your password in the clear and makes it not very secure.

[dave205]

I use Cuttlefish to connect to my VPN automatically when I connect to certain wireless networks. Cuttlefish is a Gui-based event manager; based on certain triggers, it can execute various commands. OpenVPN via Network Manager does work fine for me in Ubuntu 12.04, though. I'm pretty sure you could put the password in a file on on the command line if issuing the openvpn via a command line, although that technically puts your password in the clear and makes it not very secure.

interesting! so you can check for DNS leak and it only shows the DNS from your VPN provider? If so, sounds like they broke something. I know in 15.x and have heard that in 14.x, the DNS leaks.


I'll have to look into cuttlefish and report back what I find. thanks for the tips!

[dave205]

I use Cuttlefish to connect to my VPN automatically when I connect to certain wireless networks. Cuttlefish is a Gui-based event manager; based on certain triggers, it can execute various commands. OpenVPN via Network Manager does work fine for me in Ubuntu 12.04, though. I'm pretty sure you could put the password in a file on on the command line if issuing the openvpn via a command line, although that technically puts your password in the clear and makes it not very secure.

Weatherman, I looked up cuttlefish and the only thing I can find is in the UB software center and it says it is a "icon previewer for artists & devleopers". A quick google search for cuttlefish event manager didnt turn up any results either. Do you have any links or pointers to it?

[weatherman2]

Weatherman, I looked up cuttlefish and the only thing I can find is in the UB software center and it says it is a "icon previewer for artists & devleopers". A quick google search for cuttlefish event manager didnt turn up any results either. Do you have any links or pointers to it?

Well, I found this:

http://ubuntuhandbook.org/index.php/...-ubuntu-13-10/

but unfortunately, it seems that Cuttlefish has been abandoned. I was able to build it in 14.04 using the link above, but I could not build it at all in 15.10.

[dave205]

Well, I found this:

http://ubuntuhandbook.org/index.php/...-ubuntu-13-10/

but unfortunately, it seems that Cuttlefish has been abandoned. I was able to build it in 14.04 using the link above, but I could not build it at all in 15.10.

well darn. I did get another site as a resource to read though. So that's good.

[davehenson]

Dave205, looks like this is a known issue already. Being tracked in Ubuntu's bugtracker. https://bugs.launchpad.net/ubuntu/+s...r/+bug/1211110