www.google.com "site:openpli.org openvpn"
OpenVPN autostart in OpenPLi4
Re: OpenVPN autostart in OpenPLi4 #21
Posted 5 March 2017 - 13:13
* Wavefrontier T90 with 28E/23E/19E/13E via SCR switches 2 x 2 x 6 user bands
I don't read PM -> if you have something to ask or to report, do it in the forum so others can benefit. I don't take freelance jobs.
Ik lees geen PM -> als je iets te vragen of te melden hebt, doe het op het forum, zodat anderen er ook wat aan hebben.
Re: OpenVPN autostart in OpenPLi4 #22
Re: OpenVPN autostart in OpenPLi4 #23
Posted 5 March 2017 - 16:27
To build what? OpenVPN itself is available in the feeds, and that comes with an init script to stop and start it.
As to the config, there are two possibilities. If you use the box a client, the server usually delivers the config. Most OpenVPN server devices, and most VPN providers do. If you want to use the box as a server, you need to setup your own server config.
As we are of the opinion that the STB is not a (hardened) security device, and it will never become one, it should not be used to terminate public connections originating from the internet. This is as true for a VPN solution as it is for the webinterface.
Currently in use: VU+ Duo 4K (2xFBC S2), VU+ Solo 4K (1xFBC S2), uClan Usytm 4K Ultimate (S2+T2), Octagon SF8008 (S2+T2), Zgemma H9.2H (S2+T2)
Due to my bad health, I will not be very active at times and may be slow to respond. I will not read the forum or PM on a regular basis.
Many answers to your question can be found in our new and improved wiki.
Re: OpenVPN autostart in OpenPLi4 #24
Re: OpenVPN autostart in OpenPLi4 #25
Posted 5 March 2017 - 16:51
You can build them with your settop box when the packages are included... But you can also use your PC to create them... SpaceRat demonstrates that this is possilbe and how...
I think is is more user friendly to use your PC to create them....
Edited by littlesat, 5 March 2017 - 16:52.
WaveFrontier 28.2E | 23.5E | 19.2E | 16E | 13E | 10/9E | 7E | 5E | 1W | 4/5W | 15W
Re: OpenVPN autostart in OpenPLi4 #26
Posted 5 March 2017 - 16:57
I suspended working on simple-rsa for the moment, more relevant things to do
2nd box: Gigablue Quad 4k 2xDVB-S2 FBC / 2xDVB-C / 1.8 TB HDD / OpenATV 6.2
testing boxes: Vu+ Duo² + AX Quadbox HD2400 + 2x Vu+ Solo² + Octagon SF4008
Sats & Pay-TV: Astra 19.2°E + Hotbird 13°E with Redlight / SCT HD / SES Astra HD- / Sky V14 / 4th empire propaganda TV
Card-Server: Raspberry Pi + IPv6-capable oscam
Router: Linksys WRT1900ACS w/ LEDE + Fritz!Box 7390
Re: OpenVPN autostart in OpenPLi4 #27
Posted 5 March 2017 - 17:05
Could anybody adapt it to work with 2.4 openvpn version???
I have seen the script names them clients as 3 apple device clients, it doesnt matter.
Attached Files
Edited by daveraver, 5 March 2017 - 17:08.
Re: OpenVPN autostart in OpenPLi4 #28
Re: OpenVPN autostart in OpenPLi4 #29
Re: OpenVPN autostart in OpenPLi4 #30
Posted 5 March 2017 - 17:34
See this part:
. ./vars ./clean-all ./pkitool --initca ./pkitool --server server ./pkitool client1 ./pkitool client2 ./pkitool client3
2nd box: Gigablue Quad 4k 2xDVB-S2 FBC / 2xDVB-C / 1.8 TB HDD / OpenATV 6.2
testing boxes: Vu+ Duo² + AX Quadbox HD2400 + 2x Vu+ Solo² + Octagon SF4008
Sats & Pay-TV: Astra 19.2°E + Hotbird 13°E with Redlight / SCT HD / SES Astra HD- / Sky V14 / 4th empire propaganda TV
Card-Server: Raspberry Pi + IPv6-capable oscam
Router: Linksys WRT1900ACS w/ LEDE + Fritz!Box 7390
Re: OpenVPN autostart in OpenPLi4 #31
Re: OpenVPN autostart in OpenPLi4 #32
Re: OpenVPN autostart in OpenPLi4 #33
Re: OpenVPN autostart in OpenPLi4 #34
Posted 5 March 2017 - 18:32
ok, somebody maybe interested in it, not advanced users, this is an example to automatisation of the process, a script I borrow from a certain forum.
Could anybody adapt it to work with 2.4 openvpn version???
I have seen the script names them clients as 3 apple device clients, it doesnt matter.
The script suposes that you have downloaded easy-rsa files to create the openvpn rsa and certificates. But version 2.3.2 and 2.4 dont include the easy-rsa tool, because it's known we can run easy-rsa on windows dist. The manual of openvix works on v2.2.2. Well, I just want v2.4.0 binary, please...enigma2 binary of course. I stop here, I am sorry. Thanks.
Edited by daveraver, 5 March 2017 - 18:33.
Re: OpenVPN autostart in OpenPLi4 #35
Posted 5 March 2017 - 20:31
You wouldn't want OpenVPN (Neither the old one on the feeds nor the newer one) in conjunction with those ancient OpenSSL libs that OpenPLi 4.0 comes with.
Even the OpenSSL in OpenATV 5.3 and 6.0 is already obsoleted by new vulnerabilities I didn't have the time yet to check in the CVE patches for.
Fighting for security in E2 images feels a lot like f*cking for virginity ... pretty useless
2nd box: Gigablue Quad 4k 2xDVB-S2 FBC / 2xDVB-C / 1.8 TB HDD / OpenATV 6.2
testing boxes: Vu+ Duo² + AX Quadbox HD2400 + 2x Vu+ Solo² + Octagon SF4008
Sats & Pay-TV: Astra 19.2°E + Hotbird 13°E with Redlight / SCT HD / SES Astra HD- / Sky V14 / 4th empire propaganda TV
Card-Server: Raspberry Pi + IPv6-capable oscam
Router: Linksys WRT1900ACS w/ LEDE + Fritz!Box 7390
Re: OpenVPN autostart in OpenPLi4 #36
Posted 5 March 2017 - 23:38
Edited by daveraver, 5 March 2017 - 23:40.
Re: OpenVPN autostart in OpenPLi4 #37
Posted 6 March 2017 - 00:08
It is very simple: because not every image works yet, although we have managed to narrow the issues down to a two manufacturers now. Once this is taken care off, we'll put the release engine in motion.
Currently in use: VU+ Duo 4K (2xFBC S2), VU+ Solo 4K (1xFBC S2), uClan Usytm 4K Ultimate (S2+T2), Octagon SF8008 (S2+T2), Zgemma H9.2H (S2+T2)
Due to my bad health, I will not be very active at times and may be slow to respond. I will not read the forum or PM on a regular basis.
Many answers to your question can be found in our new and improved wiki.
Re: OpenVPN autostart in OpenPLi4 #38
Posted 6 March 2017 - 09:27
It is very simple: because not every image works yet, although we have managed to narrow the issues down to a two manufacturers now. Once this is taken care off, we'll put the release engine in motion.
Just a suggestion, but wouldn't it be possible to realease OpenPLi 5 for the rest (and only not build for these 2 manufacturers)?
Mutant HD2400, OpenPLi nightly, 2x DVB-C & 2x DVB-S
Mutant HD51, OpenPLi nightly, 1x DVB-C & 1x DVB-S
Wavefrontier T55 (Astra 1,2,3 en HB)
Smartcards Ziggo (Irdeto) and CDS (Seca) on Oscam
Re: OpenVPN autostart in OpenPLi4 #39
Posted 6 March 2017 - 10:11
That will have more or less up-to-date OpenSSL ... in the beginning.And openpli 5.0?
Usually, once images go into "stable" state, they are built against the same revision of openembedded for the rest of their life-time.
I have had to add a bunch of security fixes (from Debian and Ubuntu) to oe-a as well to make OpenSSL in OpenATV 5.3/OpenViX 4.2 and OpenATV 6.0 secure again ... for that moment.
Since then new vulnerabilities have been found and not yet fixed, because I can not replace whole security teams that Debian or Ubuntu have.
The next thing is, that not all vulnerabilities are necessarily relevant for OpenVPN, but maybe only for things that aren't even in use on your E2 box.
Generally speaking, if you have the chance to run OpenVPN on either a well maintained router OS (Like LEDE, the de-facto-successor of OpenWrt) or a machine running a full version of a current Linux/BSD, e.g. Debian or Ubuntu, then do that.
A Raspberry Pi with Raspbian would already do.
Those will be much better maintained when it comes to security.
You can also rely on these to have the tools to distribute/allow/deny traffic (Firewall, Masquerading, ...)
You should only use the OpenVPN on your E2 box if you do not have one of these better alternatives, as it will still be better than port-forwardings for the OpenWebif, ftp, ...
2nd box: Gigablue Quad 4k 2xDVB-S2 FBC / 2xDVB-C / 1.8 TB HDD / OpenATV 6.2
testing boxes: Vu+ Duo² + AX Quadbox HD2400 + 2x Vu+ Solo² + Octagon SF4008
Sats & Pay-TV: Astra 19.2°E + Hotbird 13°E with Redlight / SCT HD / SES Astra HD- / Sky V14 / 4th empire propaganda TV
Card-Server: Raspberry Pi + IPv6-capable oscam
Router: Linksys WRT1900ACS w/ LEDE + Fritz!Box 7390
Re: OpenVPN autostart in OpenPLi4 #40
20 user(s) are reading this topic
0 members, 20 guests, 0 anonymous users