UBports Robot Logo UBports Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Groups
    • Search
    • Register
    • Login
    1. Home
    2. ubportsuser
    3. Posts
    U
    Offline
    • Profile
    • Following 0
    • Followers 0
    • Topics 2
    • Posts 4
    • Groups 0

    Posts

    Recent Best Controversial
    • RE: VPN kill switch

      @davedanger I open the terminal> execute ./unfirewall.sh > connect to vpn via GUI> use ./firewall.sh> and then close the terminal. ufw doesnt require the terminal to be open after the commamds have been executed. Both .sh files are inside the home directory.

      i saw your post "Auto Execute Startup Scripts" just now. Here the terminal doesnt need to be kept open. Although I do get the following warnings

      WARN: /etc is group writable!
      WARN: / is world writable!
      WARN: / is group writable!
      WARN: /lib is world writable!
      WARN: /lib is group writable!
      WARN: /usr is world writable!
      WARN: /usr is group writable!
      
      

      And my ufw was enabled by default since the fist installation (OTA-19). Although in my ut tweak tools, "make image writable" can be set to read-only.

      posted in Support
      U
      ubportsuser
    • VPN kill switch

      Hi good people of ubports!

      I have a question regarding vpn kill switch. I run 2 scripts with a set of commands as follows:

      i use the below commands before connecting to my VPN

      sudo ufw reset
      sudo ufw deny incoming
      sudo ufw deny forward
      sudo ufw allow outgoing
      sudo ufw enable
      

      And is in a file called unfirewall.sh

      I use the below commands after connecting to the vpn so that there is no leak.

      sudo ufw default deny incoming
      sudo ufw default deny forward
      sudo ufw default deny outgoing
      sudo ufw allow out on tun0 from any to any
      sudo ufw enable
      

      And this is in a file called ./firewall.sh

      I run ./unfirewall.sh from the terminal, connect to the vpn and run ./firewall.sh from the terminal again. My question is, is there a way to make an executable icon called "on" (for ./firewall.sh) and "off" (for ./unfirewall.sh) and put it in the app drawer so that i dont have to use the terminal to do it every time my vpn disconnects?

      posted in Support
      U
      ubportsuser
    • Processes not associating to VPN gateway

      When vpn is connected with a kill switch, certain processess like ubuntu push notification and pantalimon (and may be other processess) are still associated with the old gateway and not the VPN gateway.
      When sudo netstat -tunlpaw is issued in the terminal
      Certain processess are ESTABLISHED with the router gateway address (for ex: 192.168.1.xx) and
      sudo kill -HUP xxxx (where xxxx is the PID number of the process) needs to be issued to re-associate this process to the VPN gateway.
      Sometimes that doesnt work and sudo kill xxxx (without -HUP option) needs to be issued to kill the process running outside of VPN. Is there a solution for this where i dont have to constantly use this workaround everytime my VPN connection drops ?

      PS: my kill switch uses ufw with the following:

      Below is run after VPN connection is established

      sudo ufw reset
      sudo ufw default deny incoming
      sudo ufw default deny forward
      sudo ufw default deny outgoing
      sudo ufw allow out on tun0 from any to any
      sudo ufw enable

      And i use the below commands before reconnecting to my VPN

      sudo ufw reset
      sudo ufw deny incoming
      sudo ufw deny forward
      sudo ufw allow outgoing
      sudo ufw enable

      posted in General
      U
      ubportsuser
    • RE: Missing Push-Notifications via VPN

      @thilov I am not sure if your issue is solved, but I think I noticed something similar. When you connect to the vpn and especially use a kill switch, the ubuntu push notification ( and also pantalimon and may be other processess unrelated to notifications) are still associated with the old gateway and not the VPN gateway. You can can do the following:
      sudo netstat -tunlpaw
      and look for the processess ESTABLISHED with your old gateway address (for ex: 192.168.1.xx)
      Then use sudo kill -HUP xxxx where xxxx is the PID number of the process identified in the previous process.
      This should reassociate the process to the new gateway. If not try sudo kill xxxx without -HUP option. Notification process will reassociate after a while. Hope this helps.

      posted in Support
      U
      ubportsuser