Jump to content


Photo

DM500 - OpenVPN

DM500

  • Please log in to reply
100 replies to this topic

#1 silelis

  • Member
  • 13 posts

+1
Neutral

Posted 26 July 2010 - 18:02

I tried to install OpenVPN (openvpn01_nab.tgz) on PLi follow by this instruction:
When I try execute the openVPN:

/var/sbin/openvpn --config /var/etc/openvpn/file.conf


It send me back error:

Posted Image

Uploaded with ImageShack.us

Can someone give me advice what can I to to run openVPN on PLI or other image (expect DartStar II).

Re: DM500 - OpenVPN #2 dAF2000

  • PLi® Ex-Leden
  • 14,151 posts

+52
Good

Posted 26 July 2010 - 18:11

Welcome here.
See: http://www.pli-image...4195#post_84195
Many answers to your question can be found in our wiki: http://openpli.org/wiki

Re: DM500 - OpenVPN #3 silelis

  • Member
  • 13 posts

+1
Neutral

Posted 30 July 2010 - 21:41

It is possibel to install openVPN on DM500 and other than Nabilo image.

I made it on Gemini_0450_DM500_max_var_13092008.img. The only disadvantage is free flash memory.

Tutorial is here - unless in polish, but activities and commends are in table, so I hope that You'll understand.

Re: DM500 - OpenVPN #4 PaphosAL

  • Senior Member
  • 251 posts

+2
Neutral

Posted 5 August 2010 - 17:38

Thanks, sylis- but your link wants us to register on a Polish board. Is it possible to copy and paste the Table you mention into this thread, please?

Thanks- AL Posted Image

Re: DM500 - OpenVPN #5 silelis

  • Member
  • 13 posts

+1
Neutral

Posted 5 August 2010 - 20:12

I know I didn't have a time at that exactly moment so I decidet to put link to polish tutorial.

Now in english:

1) I tested this config on Gemini_0450_DM500_max_var_13092008.img, and I don't know if It'll go on Pli but I there is possibility.

2) As it's well known we need a lot of free flash mem. My solution is to cut files:

- automount.conf
- cables.xml
- satellites.xml
- smb.conf
- terrestrial.xml
- cam configs

from tugs You don't need or any comments (they take space, my files are shown on polish board sory, but I don't have to much time to recopy it to this board).

3) Just download OpenVPN from here, unzip it and put into /tmp/

4) telnet to DM500 and give command:

tar -xvzf /tmp/openvpn01_nab.tgz


It'll unpack openVPN

5) After that in telnet give commands:


ln -s /var/lib/libssl.so.0.9.7 /var/lib/libssl.so.0
ln -s /var/lib/libcrypto.so.0.9.7 /var/lib/libcrypto.so.0
ln -s /var/lib/libcrypto.so.0.9.7 /var/lib/libcrypto.so

The openVPN is installed.

6) As I told there is not to much flash mem in DM500 so for example openVPN do not manage with comp-lzo compression and other thinhs so the most importance is client and server configuration which will be compact with DM500 OpenVPN.

My confirmed config is:

Server:

port 1194
proto tcp-server
dev tun
dh /var/etc/openvpn/keys/dh.pem
ca /var/etc/openvpn/keys/ca.crt
cert /var/etc/openvpn/keys/cert.pem
key /var/etc/openvpn/keys/key.pem
server 10.8.0.0 255.255.255.0
route 10.8.0.0 255.255.255.0
client-to-client
client-config-dir /tmp/
#ifconfig-pool-persist /tmp/openvpn/ipp.txt
keepalive 10 120
persist-key
persist-tun
status /tmp/openvpn/openvpn-status.log
tun-mtu 1500
tls-server
mode server
log-append /tmp/openvpn/openvpn.log
verb 3
max-clients 20
#;comp-lzo - not managed by DM500 vpn other on other than nabilo image.

Client:

client
dev tun
proto tcp-client
remote XXX.XXX.XXX.XXX 1194
resolv-retry infinite
nobind
persist-key
persist-tun
mute-replay-warnings
ca /var/etc/openvpn/keys/ca.crt
cert /var/etc/openvpn/keys/server.crt
key /var/etc/openvpn/keys/server.key
ns-cert-type server
ping 10
ping-restart 60
pull
verb 3
float

The meaning of config lines is explained on this side as well as any other things like certificate generating.

My configuration works on H: DM500 S: Gemini_0450_DM500_max_var_13092008.img (client) <----> H: Linksys WRT54GL S: DD-WRT v24-sp1 (07/27/08) vpn (Server) <---> H: DM8000 S: Newnigma 3.0.1 (client).

Re: DM500 - OpenVPN #6 PaphosAL

  • Senior Member
  • 251 posts

+2
Neutral

Posted 6 August 2010 - 11:25

This is excellent input thanks, silelis- and your English is 1000% better than my Polish!!

In it's present form as downloaded and untarred, OpenVPN should not be working for you. It is missing one small, but vital, driver. So your log should still contain the same error as shown in your original screenshot:

Note: Cannot open TUN/TAP dev /dev/net/tun: no such file or directory (errno=2)

Also, I believe your start command is wrong. I have just tested a fix for both issues on my DM500 (OpenPLi Maxvar). Unrar the attached and pop the vpn folder into /var/lib and you should then see this via FTP:

/var/lib/vpn/tun.ko (9kb - standard chmod 644)

Next, if you don't have a /var/etc/init file, then please create one, and paste these two lines in:

insmod /var/lib/vpn/tun.ko
./var/bin/openvpn_script.sh start


Make sure it is in Unix/ANSI format for linux, not DOS/Windows format!!

After you reboot, a telnet ps should show openvpn as a running process. And your openvpn.log should show the tunnel is now opened:

TUN/TAP device tun0 opened
TUN/TAP TX queue length set to 100


A final check is to FTP in and you should now see that /dev/net/tun exists (which it did not before)

Note that the openvpn_script.sh contains more useful 'case' commands as well as 'start' for controlling OpenVPN (stop - restart - reload etc)- and this would lend itself quite nicely to a custom 'OpenVPN Control' ppanel.

Cheers- AL

Attached Files

  • Attached File  vpn.rar   3.94KB   288 downloads


Re: DM500 - OpenVPN #7 lincsat

  • Member
  • 23 posts

0
Neutral

Posted 7 August 2010 - 23:43

The OpenVPN files do seem to fit into the DM500 Pli image, VPN initializes OK but then stops just when trying to get cccam to do it's business. The same config and keys etc work fine in Nabilo DS2 and a Tuxbox image. Would be great to get it working in Pli.

Can anyone think of anything in Pli that would stop a cam accessing the VPN?

Re: DM500 - OpenVPN #8 ttom

  • Member
  • 4 posts

0
Neutral

Posted 5 September 2010 - 22:27

I had an issue with tun.ko from nabilo, it was working fine when testing in LAN but when I did port forward on router then I was able to establish connection but openvpn crashed each time when I tried to ssh/ping/whatever to server.

I had to rebuild the tun.ko module and now it works fine.

Re: DM500 - OpenVPN #9 ttom

  • Member
  • 4 posts

0
Neutral

Posted 5 September 2010 - 22:35

new module in attachment,
openvpn crashed with stack trace in dmesg saying panic in skbuff/skput over...

Attached Files

  • Attached File  tun.zip   4.15KB   134 downloads


Re: DM500 - OpenVPN #10 ttom

  • Member
  • 4 posts

0
Neutral

Posted 6 September 2010 - 11:44

In attachment recompiled openvpn with lzo enabled (compression) and --enable-small param, so binary is smaller but it doesnt have 'how to use' message. I've attached libs from same build. All files have been stripped.

So far it's working pretty good on dm500(openvpn,iptables)-wag200(port forward to dm for openvpn)-wrt54gl-dm500(openvpn in client mode)

Attached Files



Re: DM500 - OpenVPN #11 PaphosAL

  • Senior Member
  • 251 posts

+2
Neutral

Posted 6 September 2010 - 21:55

If Team PLi decided to switch ON tun support in the e1 kernel, (just like tuxbox do), then we would see /dev/net/tun on startup, and OpenVPN would be very simple to get properly working!

Forget trying to rip the tun.ko driver out of DS2, it is a non-working duplicate of the real tun support already embedded in their tuxbox kernel.

So it's up to the PLi team whether or not they wish to activate tun

Cheers- AL Posted Image

Re: DM500 - OpenVPN #12 ttom

  • Member
  • 4 posts

0
Neutral

Posted 6 September 2010 - 23:43

I would say it's more a free space issue, you need 2 pretty big libs and openvpn binary.
Right now I have maxvar image, with cccam, openvpn, iptables and only 300kb free space :(. I guess I could remove dropbear(180kb) and maybe software.xml(100kb) so I will have 600kb then which is still not enough to put newcs or something else.

ps. tun module I've attached is from e1 kernel :)

Re: DM500 - OpenVPN #13 PaphosAL

  • Senior Member
  • 251 posts

+2
Neutral

Posted 7 September 2010 - 08:50

I would say it's more a free space issue, you need 2 pretty big libs and openvpn binary.
Right now I have maxvar image, with cccam, openvpn, iptables and only 300kb free space :(. I guess I could remove dropbear(180kb) and maybe software.xml(100kb) so I will have 600kb then which is still not enough to put newcs or something else.

ps. tun module I've attached is from e1 kernel :)



With time and effort applied to editing the maxvar root, and removing the web I/F and other non-essential stuff in there, we have CCcam / OpenVPN / db_epg binary / three picon Skins (modded Astro, Carbon, Wise) / seven games all located and working in the SquashFS root partition.

Our picons.tar.gz is downloaded from the web at boot and umzipped to (and run from) the /tmp folder. This all results in 2.3mb Free Space in var. In fact, we are 148kb below the 4.0mb threshold for the maxvar root- so in theory, we could resize this to 3.875mb and give a further 128kb to var!

Another variant I'm playing with is my 'server edition' - where all the stuff mentioned above (and more) is hosted on and run from my LAN server. So this has a 3.0mb root and 3840kb var (3.3mb Free). All good fun!!

Cheers- AL Posted Image

Re: DM500 - OpenVPN #14 hus52

  • Member
  • 21 posts

0
Neutral

Posted 19 September 2010 - 21:47

i had a go, no luck as yet, still working on it, i will get this thing to work eventually

would someone be able to release a PLi based DM500 MaxVar CCcam/OpenVPN edition .nfi?

Re: DM500 - OpenVPN #15 nfnovice

  • Senior Member
  • 696 posts

0
Neutral

Posted 19 September 2010 - 23:11

i had a go, no luck as yet, still working on it, i will get this thing to work eventually

would someone be able to release a PLi based DM500 MaxVar CCcam/OpenVPN edition .nfi?

Dm500 has .img not .nfi
DM800+DM7025+DM7020+DM7000+DM600+DM5620+DM500+VUDUO Dreambox great invention - whats it for ?

Re: DM500 - OpenVPN #16 hus52

  • Member
  • 21 posts

0
Neutral

Posted 20 September 2010 - 06:30

sorry small typo /images/smiley/smile.gif, thanks

would someone be able to release a PLi based DM500 MaxVar CCcam/OpenVPN edition .img?

Re: DM500 - OpenVPN #17 PaphosAL

  • Senior Member
  • 251 posts

+2
Neutral

Posted 20 September 2010 - 11:54

I don't think PLi Admin would take too kindly to an image that includes an embedded CCcam being uploaded to here. In fact, the person involved would probably find themselves on a very long holiday from the PLi Forum.

Cheers- AL Posted Image

Re: DM500 - OpenVPN #18 hus52

  • Member
  • 21 posts

0
Neutral

Posted 20 September 2010 - 11:56

i see, didnt know

ok so maybe a PLi based DM500 MaxVar OpenVPN edition .img?

/images/smiley/grin.gif

Re: DM500 - OpenVPN #19 PaphosAL

  • Senior Member
  • 251 posts

+2
Neutral

Posted 20 September 2010 - 18:17

i see, didnt know

ok so maybe a PLi based DM500 MaxVar OpenVPN edition .img?

/images/smiley/grin.gif



We can easily provide a tarball for OpenVPN to share on here, as and when tun support is switched on in the cramfs kernel by TeamPLi for the nightly e1 OpenPLi builds (standard and maxvar).

This creates /dev/net/tun (0 bytes) at boot, so is not exactly going to overload the image, LOL! But without this action by PLi, I'm afraid OpenVPN on e1 id dead in the water...

It cannot be the case that the Team don't want us to have vpn working in e1, as they have this feature capable of working (manually via telnet, as there is no GUI) in the 600 image. (So I'm led to believe by a member here).

Come on DAF2000 ét al, please switch tun support on!!

Cheers- AL Posted Image

Re: DM500 - OpenVPN #20 hus52

  • Member
  • 21 posts

0
Neutral

Posted 20 September 2010 - 20:39

its a shame, the only alternative is darkstar2 openvpn edition, which i dont like to use since i prefer PLi builds



Also tagged with one or more of these keywords: DM500

6 user(s) are reading this topic

0 members, 6 guests, 0 anonymous users