| View previous topic :: View next topic |
| Author |
Message |
LinuxDigger
n00b
Joined: 23 Jan 2021
Posts: 16
|
 Posted: Mon Feb 08, 2021 2:05 pm Post subject: OpenVPN not updating /etc/resolv.conf |
 |
|
| Hi. I have installed OpenVPN on my system and trying to connect to ProtonVPN. I have update-resolv-conf and configured it according to the instructions given in it's GitHub repo. But, it didn't work and my system isn't updating resolv.conf and using proton's DNS server, What should I do? |
|
| Back to top |
|
 |
alamahant
Advocate
Joined: 23 Mar 2019
Posts: 3948
|
| Posted: Mon Feb 08, 2021 5:43 pm Post subject: |
|
|
Isnt it supposed to do so?
Which dns would you like it to use?
Did Proton provide any .ovpn file for connecting to them?
Can you post it?
What is the problem exactly?
Can you pkease be more specific?
Ah you mean it keeps using proton dns AFTER disconnecting from proton?
Have you installed "openresolv"?
_________________
 |
|
| Back to top |
|
|
Hu
Administrator
Joined: 06 Mar 2007
Posts: 23062
|
| Posted: Mon Feb 08, 2021 6:15 pm Post subject: |
|
|
| I think OP is trying to say that the system continues to use the non-VPN resolv.conf even when connected to the VPN, and he considers this undesirable. He wants to switch to DNS servers pushed by the VPN provider, but no such switch happens. |
|
| Back to top |
|
|
Anon-E-moose
Watchman
Joined: 23 May 2008
Posts: 6208
Location: Dallas area
|
| Posted: Mon Feb 08, 2021 6:35 pm Post subject: |
|
|
How are you determining that its not using your vpn's dns server?
_________________
UM780, 6.12 zen kernel, gcc 13, openrc, wayland |
|
| Back to top |
|
|
alamahant
Advocate
Joined: 23 Mar 2019
Posts: 3948
|
| Posted: Mon Feb 08, 2021 6:36 pm Post subject: |
|
|
I think he doesnt see a modifiied resolv.conf.
_________________
|
|
| Back to top |
|
|
LinuxDigger
n00b
Joined: 23 Jan 2021
Posts: 16
|
| Posted: Mon Feb 08, 2021 6:41 pm Post subject: |
|
|
| Hu wrote: | | I think OP is trying to say that the system continues to use the non-VPN resolv.conf even when connected to the VPN, and he considers this undesirable. He wants to switch to DNS servers pushed by the VPN provider, but no such switch happens. |
You have exactly said what I wanted to mean. |
|
| Back to top |
|
|
LinuxDigger
n00b
Joined: 23 Jan 2021
Posts: 16
|
| Posted: Mon Feb 08, 2021 6:42 pm Post subject: |
|
|
| Anon-E-moose wrote: | | How are you determining that its not using your vpn's dns server? |
I see an unchanged resolv.conf file and testing with sites like ipleak.net or dnsleaktest.com |
|
| Back to top |
|
|
alamahant
Advocate
Joined: 23 Mar 2019
Posts: 3948
|
| Posted: Mon Feb 08, 2021 7:05 pm Post subject: |
|
|
Do you have a proton .ovpn file?
Can you plz post it?
_________________
|
|
| Back to top |
|
|
pa4wdh
l33t
Joined: 16 Dec 2005
Posts: 910
|
| Posted: Tue Feb 09, 2021 12:40 pm Post subject: |
|
|
OpenVPN does not change your DNS settings by itself. If you want it to update your DNS you should use up/down scripts to modify your DNS, the gentoo openvpn package provides /etc/openvpn/up.sh and /etc/openvpn/down.sh for that. In your openvpn configuration you should have statements like this:
| Code: |
up /etc/openvpn/up.sh
down /etc/openvpn/down.sh
|
Does your ovpn file have that?
_________________
The gentoo way of bringing peace to the world:
USE="-war" emerge --newuse @world
My shared code repository: https://code.pa4wdh.nl.eu.org
Music, Free as in Freedom: https://www.jamendo.com |
|
| Back to top |
|
|
LinuxDigger
n00b
Joined: 23 Jan 2021
Posts: 16
|
| Posted: Tue Feb 09, 2021 12:59 pm Post subject: |
|
|
| pa4wdh wrote: | OpenVPN does not change your DNS settings by itself. If you want it to update your DNS you should use up/down scripts to modify your DNS, the gentoo openvpn package provides /etc/openvpn/up.sh and /etc/openvpn/down.sh for that. In your openvpn configuration you should have statements like this:
| Code: |
up /etc/openvpn/up.sh
down /etc/openvpn/down.sh
|
Does your ovpn file have that? |
I am using update-resolv-conf script. My. ovpn has the following
| Code: |
script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf
|
|
|
| Back to top |
|
|
tld
Veteran
Joined: 09 Dec 2003
Posts: 1850
|
| Posted: Tue Feb 09, 2021 1:00 pm Post subject: |
|
|
Have you checked to see if PEER_DNS is set to "yes" in /etc/conf.d/openvpn?: | Code: | cat /etc/conf.d/openvpn
# OpenVPN automatically creates an /etc/resolv.conf (or sends it to
# resolvconf) if given DNS information by the OpenVPN server.
# Set PEER_DNS="no" to stop this.
PEER_DNS="no"
...etc... |
A "yes" setting is actually the default. In my case above I expressly wanted it set to "no".
Tom |
|
| Back to top |
|
|
LinuxDigger
n00b
Joined: 23 Jan 2021
Posts: 16
|
| Posted: Tue Feb 09, 2021 1:05 pm Post subject: |
|
|
| tld wrote: | Have you checked to see if PEER_DNS is set to "yes" in /etc/conf.d/openvpn?: | Code: | cat /etc/conf.d/openvpn
# OpenVPN automatically creates an /etc/resolv.conf (or sends it to
# resolvconf) if given DNS information by the OpenVPN server.
# Set PEER_DNS="no" to stop this.
PEER_DNS="no"
...etc... |
A "yes" setting is actually the default. In my case above I expressly wanted it set to "no".
Tom |
i have it set to yes. |
|
| Back to top |
|
|
alamahant
Advocate
Joined: 23 Mar 2019
Posts: 3948
|
| Posted: Tue Feb 09, 2021 1:11 pm Post subject: |
|
|
do you have openresolv or resolvconf installed?
_________________
|
|
| Back to top |
|
|
LinuxDigger
n00b
Joined: 23 Jan 2021
Posts: 16
|
| Posted: Tue Feb 09, 2021 1:13 pm Post subject: |
|
|
| alamahant wrote: | | do you have openresolv or resolvconf installed? |
Yes, I have openresolv installed. |
|
| Back to top |
|
|
LinuxDigger
n00b
Joined: 23 Jan 2021
Posts: 16
|
| Posted: Tue Feb 09, 2021 1:44 pm Post subject: |
|
|
| pa4wdh wrote: | OpenVPN does not change your DNS settings by itself. If you want it to update your DNS you should use up/down scripts to modify your DNS, the gentoo openvpn package provides /etc/openvpn/up.sh and /etc/openvpn/down.sh for that. In your openvpn configuration you should have statements like this:
| Code: |
up /etc/openvpn/up.sh
down /etc/openvpn/down.sh
|
Does your ovpn file have that? |
How to use those scripts? Is it enough to put those two lines? |
|
| Back to top |
|
|
alamahant
Advocate
Joined: 23 Mar 2019
Posts: 3948
|
| Posted: Tue Feb 09, 2021 1:47 pm Post subject: |
|
|
Maybe try to put them in the .ovpn file provided by proton.
Did proton provide you with a .ovpn file?
It must have.
_________________
|
|
| Back to top |
|
|
LinuxDigger
n00b
Joined: 23 Jan 2021
Posts: 16
|
| Posted: Tue Feb 09, 2021 1:57 pm Post subject: |
|
|
| alamahant wrote: | Maybe try to put them in the .ovpn file provided by proton.
Did proton provide you with a .ovpn file?
It must have. |
Yes, and I put those two lines. Still, no results. |
|
| Back to top |
|
|
alamahant
Advocate
Joined: 23 Mar 2019
Posts: 3948
|
| Posted: Tue Feb 09, 2021 1:59 pm Post subject: |
|
|
How do you connet to proton?
Do you use something
like
| Code: |
openvpn --config /path/to/proton/ovpn
[quote]
[/quote] |
_________________
|
|
| Back to top |
|
|
LinuxDigger
n00b
Joined: 23 Jan 2021
Posts: 16
|
| Posted: Tue Feb 09, 2021 2:01 pm Post subject: |
|
|
| alamahant wrote: | How do you connet to proton?
Do you use something
like
| Code: |
openvpn --config /path/to/proton/ovpn
[quote]
[/quote] |
|
| Code: | | sudo openvpn /path/to/proton.ovpn |
|
|
| Back to top |
|
|
alamahant
Advocate
Joined: 23 Mar 2019
Posts: 3948
|
| Posted: Tue Feb 09, 2021 2:03 pm Post subject: |
|
|
please append
--config
Do you see
| Code: |
Initialization Sequence Completed
|
in the terminal when running the above?
Also try running the above command as pure root.
_________________
Last edited by alamahant on Tue Feb 09, 2021 2:05 pm; edited 1 time in total |
|
| Back to top |
|
|
LinuxDigger
n00b
Joined: 23 Jan 2021
Posts: 16
|
| Posted: Tue Feb 09, 2021 2:04 pm Post subject: |
|
|
| alamahant wrote: | please append
--config
Do you see
| Code: |
Initialization Sequence Completed
|
in the terminal when running the above? |
Yes, I see that. Let me try with --config. |
|
| Back to top |
|
|
alamahant
Advocate
Joined: 23 Mar 2019
Posts: 3948
|
| Posted: Tue Feb 09, 2021 2:07 pm Post subject: |
|
|
Also please after connecting open a browser and go to one of these pages that tell you your external ip.
Is it different than when not running the vpn script?
_________________
|
|
| Back to top |
|
|
LinuxDigger
n00b
Joined: 23 Jan 2021
Posts: 16
|
| Posted: Tue Feb 09, 2021 2:08 pm Post subject: |
|
|
| alamahant wrote: | Also please after connecting open a browser and go to one of these pages that tell you your external ip.
Is it different than when not running the vpn script? |
IP address is ok. But, dns server isn't. Didn't work also with --config. |
|
| Back to top |
|
|
mvaterlaus
Apprentice
Joined: 01 Oct 2010
Posts: 237
Location: Switzerland
|
| Posted: Tue Feb 09, 2021 2:20 pm Post subject: |
|
|
Hi,
i'm using the following line in my openvpn Config File:
| Code: |
...
dhcp-option DNS xxx.xxx.xxx.xxx
|
This is only useful, if you know the IP Address of the DNS server provided by ProtonVPN.
_________________
For calming down your eyes or clearing your mind: www.patrickwehli.ch |
|
| Back to top |
|
|
alamahant
Advocate
Joined: 23 Mar 2019
Posts: 3948
|
| Posted: Tue Feb 09, 2021 2:21 pm Post subject: |
|
|
Have you tried with
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf
If everything else fails you will have to write a minimal bash script to do this for you.
| Code: |
sed -i '/nameserver/d' /etc/resolv.conf
echo "nameserver <your proton name server>" >> /etc/resolv.conf
openvpn --config proton.ovpn
trap "sed -i '/nameserver/d' /etc/resolv.conf;echo 'nameserver <your-normal name server>' >> /etc/resolv.conf" SIGINT
|
Then building on the concept you can make it polished end expanded
_________________
|
|
| Back to top |
|
|
|
Networking & Security
