jotygill / openpyn-nordvpn Goto Github PK

Looks like installing and running on raspberry pi doesn't work, using python 3.6.1.
Installed it as listed in the readme and problem appears like:

Errors:

1. openpyn -s au10
   returns Unrecognized option or missing parameter(s) in [CMD-LINE]:1: management-up-down (2.2.1) Use --help for more information.

Soon later spits a traceback ending with
ModuleNotFoundError: No module named 'gi'
with reference to the file .../openpyn/management/management.py line 3 'import gi'

Fixed attempts:

I attempted to install packages like sudo pip3 install gi which worked and returned the same unrecognized option error but had a different traceback ending with
SyntaxError: Missing parentheses in call to 'print'
Which appears to look like python 2 syntax?

additional info:

raspberry pi original, so is sorta old and shit.

1. python -V: Python 3.6.1
2. openvpn --version: OpenVPN 2.2.1 arm-linuxgnueabihf

any other details necessary guys?

Nord publishes a list of servers optimized for netflix. It would be great if there was a netflix option. I do not know if this information is published by the api but it seems like it should.

Thanks in Advance
MG

I have the systemd service installed, but after a system reboot, I need to manually run sudo systemctl start openpyn for the service to actually connect to nord.

If I check systemctl status openpyn, i get:

Jan 03 13:44:28 slash systemd[1]: Started NordVPN connection manager.
Jan 03 13:44:29 slash openpyn[541]: There was an ambiguous exception, Check Your Network Connection. forgot to flush iptables? 

Any idea how to fix this?

I am using Network Manager to connect to wifi.
I'm running on Arch with a cloned git version (AUR version did not work)

Hello

I really liked the functionality provided by openpyn-nordvpn, such as selecting the best VPN server and auto restart.

I'm currently building a VPN gateway VM (will share the project later after creating the github rep.).

So my question, any plan to convert this project into a VPN platform that supports other VPN providers?

Thanks

Would be nice to have a support for simple GUI, e.g. a tray icon indicating connection status, country/server, button to kill VPN, etc. I might even try and do that myself once I have some free time, just leaving this issue as a reminder.
P.S. also thanks for your work, great stuff. I have a kinda similar script for enforcing firewall rules and DNS, but your tool is clearly way more advanced and user friendly :)

Please port package on AUR : https://wiki.archlinux.org/index.php/Arch_User_Repository

Hi sorry to be stupid - how best would you recommend getting openpyn to run and start openvpn as a daemon. I have tried init.d script and crontab, neither work.
Thanks in advance.
Mike

I pulled the august 5 commit, and I get an error using the following command line(works with prior commits):
sudo openpyn us -u -f --skip-dns-patch --allow 22 80 443 3128 8112 58846 -t 10 -T 2 -d --p2p

Error:

Flushing iptables INPUT and OUTPUT chains AND Applying default Rules
...SNIP...
Top 2 Servers with best Ping are: ['us650', 'us505']
Traceback (most recent call last):
  File "/usr/local/bin/openpyn", line 11, in <module>
    load_entry_point('openpyn==1.6.0', 'console_scripts', 'openpyn')()
  File "/usr/local/lib/python3.5/dist-packages/openpyn-1.6.0-py3.5.egg/openpyn/openpyn.py", line 118, in main
    args.skip_dns_patch)
  File "/usr/local/lib/python3.5/dist-packages/openpyn-1.6.0-py3.5.egg/openpyn/openpyn.py", line 203, in run
    vpn_server_ip = get_vpn_server_ip(chosen_servers, port)
  File "/usr/local/lib/python3.5/dist-packages/openpyn-1.6.0-py3.5.egg/openpyn/openpyn.py", line 527, in get_vpn_server_ip
    file_path = "/usr/share/openpyn/files/" + server + ".nordvpn.com." + port + ".ovpn"
TypeError: Can't convert 'list' object to str implicitly

Hello,

NordVPN offers obfuscated servers.
Is it possible to implement option to look for these servers?

Best regards

Currently if you start the script it collects a list of 3 best servers and then loops through them if they fail.

On the third failure it'd be great if it could go and collect a new best list and try those.

To stop loops if all 3 of those fail it would then exit.

Great script you got here, really helps me out with using NordVPN on Linux. Thanks 👍

Got some bugs though. I'm on Peppermint OS 7, based on Ubuntu 16.04.

There seems to be a difference on running a command with openpyn, with vs without sudo in front of it.
openpyn -c nl --p2p -t 5 -f
Will grant for password after saying, "Root access needed to modify 'iptables' rules, and connects just fine
sudo openpyn -c nl --p2p -t 5 -f
Asks for root password right away, openpyn does the testing of servers, but after "CONNECTING TO SERVER....." it exits with error:
"FileNotFoundError: [Errno 2] No such file or directory" (Sudo_error.png)
This also happens when logging in to su before running the command. (Su_error.png)

Oh, and one more thing. Exiting would be CTRL-C right? Well, it stops at "SIGNIT[hard,] received, process exiting" and never really exits, have to press CTRL-C again. (Exit_error.png)

Sudo_error
https://user-images.githubusercontent.com/6450056/33093172-85643414-cefc-11e7-8a94-f1fa270bf3a7.PNG

Su_error
https://user-images.githubusercontent.com/6450056/33093171-853f86aa-cefc-11e7-8a8a-8ba7d4aa8031.PNG

Exit_error
https://user-images.githubusercontent.com/6450056/33093163-7ecbf088-cefc-11e7-83db-9f739827f6e6.PNG

Hello

NordVPN is blocked by my ISP so the command
openpyn --init
will not work because it's trying to download
https://nordvpn.com/api/files/zip

I suggest if you change the link to https://downloads.nordcdn.com/configs/archives/servers/ovpn.zip

Any documentation on this?

Thanks!

So I live in the US and started the software with -t 10 and got all servers with 200ms+ ping times. I increased to -t 45 (which was probably over killed) and got same servers with 50-100ms ping time. The thing is the pinging process is slow. So I wondered about using netselect to speed up the process? Or figure out a way to get low ping servers with -t 5-10? Thoughts?

It would be useful to not override the DNS server of the host computer permanently. Some people might need a specific DNS server when not connected to VPN and they would lose it using openpyn-nordvpn.

It was mentioned in this discussion (#30) that backing up and restoring on Ctrl-C might be dangerous -- I totally agree.

I found a workaround that I have not tested yet due to limited time here that could work: https://serverfault.com/questions/318563/how-to-push-my-own-dns-server-to-openvpn

On the .ovpn file if this is injected: dhcp-option DNS <whatever> theoretically it should work. So my suggestion is: before connecting copy target-config.ovpn to temp-config.ovpn, inject the necessary lines, and connect to the temp file.

Debian testing openpyn 2.3.1
getting a lot of these errors:
Sun Feb 11 22:28:03 2018 AEAD Decrypt error: bad packet ID (may be a replay): [ #2371 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings

Thanks
Mnt_grrrl

....
Out of the Best Available Servers, Chose nl129
CONNECTING TO SERVER nl129 ON PORT udp1194
Your OS'Ubuntu' Does have '/sbin/resolvconf' using it to update DNS Resolver Entries

Wed Jan 17 20:04:39 2018 OpenVPN 2.3.10 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Jun 22 2017
Wed Jan 17 20:04:39 2018 library versions: OpenSSL 1.0.2g 1 Mar 2016, LZO 2.08
Wed Jan 17 20:04:39 2018 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:7015
Wed Jan 17 20:04:39 2018 WARNING: --ping should normally be used with --ping-restart or --ping-exit
Wed Jan 17 20:04:39 2018 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
....
Thu Jan 18 08:04:45 2018 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Thu Jan 18 08:04:45 2018 VERIFY EKU OK
Thu Jan 18 08:04:45 2018 VERIFY OK: depth=0, C=PA, ST=PA, L=Panama, O=NordVPN, OU=NordVPN, CN=nl129.nordvpn.com, name=NordVPN, emailAddress=[email protected]
Thu Jan 18 08:04:45 2018 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Thu Jan 18 08:04:45 2018 Data Channel Encrypt: Using 512 bit message hash 'SHA512' for HMAC authentication
Thu Jan 18 08:04:45 2018 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Thu Jan 18 08:04:45 2018 Data Channel Decrypt: Using 512 bit message hash 'SHA512' for HMAC authentication
Thu Jan 18 08:04:45 2018 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Thu Jan 18 08:47:53 2018 [nl129.nordvpn.com] Inactivity timeout (--ping-restart), restarting
Thu Jan 18 08:47:53 2018 SIGUSR1[soft,ping-restart] received, process restarting
Thu Jan 18 08:47:53 2018 Restart pause, 10 second(s)
Thu Jan 18 08:48:03 2018 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Thu Jan 18 08:48:03 2018 Socket Buffers: R=[212992->425984] S=[212992->425984]
Thu Jan 18 08:48:03 2018 UDPv4 link local: [undef]
Thu Jan 18 08:48:03 2018 UDPv4 link remote: [AF_INET]85.159.237.34:1194
Thu Jan 18 08:49:03 2018 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Thu Jan 18 08:49:03 2018 TLS Error: TLS handshake failed
Thu Jan 18 08:49:03 2018 SIGUSR1[soft,tls-error] received, process restarting
Thu Jan 18 08:49:03 2018 Restart pause, 10 second(s)
Thu Jan 18 08:49:13 2018 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Thu Jan 18 08:49:13 2018 Socket Buffers: R=[212992->425984] S=[212992->425984]
Thu Jan 18 08:49:13 2018 UDPv4 link local: [undef]
Thu Jan 18 08:49:13 2018 UDPv4 link remote: [AF_INET]85.159.237.34:1194
Thu Jan 18 08:50:13 2018 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Thu Jan 18 08:50:13 2018 TLS Error: TLS handshake failed
Thu Jan 18 08:50:13 2018 SIGUSR1[soft,tls-error] received, process restarting
Thu Jan 18 08:50:13 2018 Restart pause, 10 second(s)
Thu Jan 18 08:50:23 2018 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Thu Jan 18 08:50:23 2018 Socket Buffers: R=[212992->425984] S=[212992->425984]
Thu Jan 18 08:50:23 2018 UDPv4 link local: [undef]
Thu Jan 18 08:50:23 2018 UDPv4 link remote: [AF_INET]85.159.237.34:1194
Thu Jan 18 08:51:23 2018 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Thu Jan 18 08:51:23 2018 TLS Error: TLS handshake failed
Thu Jan 18 08:51:23 2018 SIGUSR1[soft,tls-error] received, process restarting
Thu Jan 18 08:51:23 2018 Restart pause, 10 second(s)
Thu Jan 18 08:51:33 2018 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Thu Jan 18 08:51:33 2018 Socket Buffers: R=[212992->425984] S=[212992->425984]
Thu Jan 18 08:51:33 2018 UDPv4 link local: [undef]
Thu Jan 18 08:51:33 2018 UDPv4 link remote: [AF_INET]85.159.237.34:1194
Thu Jan 18 08:52:33 2018 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Thu Jan 18 08:52:33 2018 TLS Error: TLS handshake failed
Thu Jan 18 08:52:33 2018 SIGUSR1[soft,tls-error] received, process restarting
Thu Jan 18 08:52:33 2018 Restart pause, 10 second(s)
Thu Jan 18 08:52:43 2018 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Thu Jan 18 08:52:43 2018 Socket Buffers: R=[212992->425984] S=[212992->425984]
Thu Jan 18 08:52:43 2018 UDPv4 link local: [undef]
Thu Jan 18 08:52:43 2018 UDPv4 link remote: [AF_INET]85.159.237.34:1194
Thu Jan 18 08:53:43 2018 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Thu Jan 18 08:53:43 2018 TLS Error: TLS handshake failed
Thu Jan 18 08:53:43 2018 SIGUSR1[soft,tls-error] received, process restarting
Thu Jan 18 08:53:43 2018 Restart pause, 10 second(s)
....

xxx@xxx:~/$ openpyn nl -t 10 -T 2 --p2p
usage: openpyn [-h] [-v] [--init] [-s SERVER] [--tcp] [-c COUNTRY_CODE]
[-a AREA] [-d] [-m MAX_LOAD] [-t TOP_SERVERS] [-p PINGS] [-k]
[-x] [--update] [--skip-dns-patch] [-f]
[--allow INTERNALLY_ALLOWED [INTERNALLY_ALLOWED ...]]
[-l [LIST_SERVERS]] [--silent] [--p2p] [--dedicated] [--tor]
[--double] [--anti-ddos] [--test]
[country]
openpyn: error: unrecognized arguments: -T 2

I get this error when running the command: "openpyn fi -t 10"

None
Traceback (most recent call last):
  File "/usr/local/bin/openpyn", line 9, in <module>
    load_entry_point('openpyn==2.4.0', 'console_scripts', 'openpyn')()
  File "/usr/local/lib/python3.5/dist-packages/openpyn/openpyn.py", line 133, in main
    args.skip_dns_patch, args.silent, args.nvram, args.openvpn_options)
  File "/usr/local/lib/python3.5/dist-packages/openpyn/openpyn.py", line 309, in run
    connection = connect(aserver, port, silent, test, skip_dns_patch, openvpn_options)
  File "/usr/local/lib/python3.5/dist-packages/openpyn/openpyn.py", line 713, in connect
    + openvpn_options.split(), check=True)
AttributeError: 'NoneType' object has no attribute 'split'

Hi,

First of all, thank you for this neat piece of code that makes connecting to nordvpn servers a much easier job than with ubuntu's network-manager or else.

It all worked fine so far, but since today I can't connect to any server. Just using openpyn 'country code' command, no option, I always get the message "There are no servers that satisfy your criteria, please broaden your search.". Any country code won't work. Any idea why ?

Thanks!

EDIT : Worked again after doing an 'openpyn --init'.

In the experimental firewall feature, Is there a way to allow ports, for say, SSH and a Deluge daemon from the local network?

Is it possible to use your tool with ipVanish instead of NordVPN?

when starting openpyn without sudo and providing "sudo" access later when asked. The later "root access needed for 'this'" messages still get printed because os.getuid remains != 0, but the sudo credentials get cached and the script can run root level commands fine.

Hello,
Your script looks quite awesome, but I use a different provider, namely IPVanish. I wonder whether it would be very hard to adapt it for IPVanish. Here's their server list, although it seems that it requires logging in
https://account.ipvanish.com/index.php?t=Server%20List
Thanks!

When running openpyn -l I get the following error:

Traceback (most recent call last):
  File "/usr/bin/openpyn", line 730, in <module>
    args.tor_over_vpn, args.anti_ddos, args.test)
  File "/usr/bin/openpyn", line 47, in main
    list_all_countries()
  File "/usr/bin/openpyn", line 463, in list_all_countries
    for key in country_dic.keys():
NameError: name 'country_dic' is not defined

Running init on Raspbian Jessie following first install fails?

sudo -H pip3 install openpyn --upgrade
Downloading/unpacking openpyn
Downloading openpyn-1.5.2.tar.gz (40kB): 40kB downloaded
Running setup.py (path:/tmp/pip-build-oo5oujjn/openpyn/setup.py) egg_info for package openpyn

warning: no files found matching 'README'

Downloading/unpacking requests from https://pypi.python.org/packages/5a/58/671011e3ff4a06e2969322267d78dcfda1bf4d1576551df1cce93cd7239d/requests-2.18.1-py2.py3-none-any.whl#md5=a7fbdc82134a2610b3d0cdc7e59f0bde (from openpyn)
Downloading requests-2.18.1-py2.py3-none-any.whl (88kB): 88kB downloaded
Downloading/unpacking certifi>=2017.4.17 (from requests->openpyn)
Downloading certifi-2017.4.17-py2.py3-none-any.whl (375kB): 375kB downloaded
Downloading/unpacking urllib3>=1.21.1,<1.22 (from requests->openpyn)
Downloading urllib3-1.21.1-py2.py3-none-any.whl (131kB): 131kB downloaded
Downloading/unpacking chardet>=3.0.2,<3.1.0 (from requests->openpyn)
Downloading chardet-3.0.4-py2.py3-none-any.whl (133kB): 133kB downloaded
Downloading/unpacking idna>=2.5,<2.6 (from requests->openpyn)
Downloading idna-2.5-py2.py3-none-any.whl (55kB): 55kB downloaded
Installing collected packages: openpyn, requests, certifi, urllib3, chardet, idna
Running setup.py install for openpyn

warning: no files found matching 'README'
Installing openpyn-start-management script to /usr/local/bin
Installing openpyn-management script to /usr/local/bin
Installing openpyn script to /usr/local/bin

Found existing installation: requests 2.4.3
Not uninstalling requests at /usr/lib/python3/dist-packages, owned by OS
Found existing installation: urllib3 1.9.1
Not uninstalling urllib3 at /usr/lib/python3/dist-packages, owned by OS
Found existing installation: chardet 2.3.0
Not uninstalling chardet at /usr/lib/python3/dist-packages, owned by OS
Successfully installed openpyn requests certifi urllib3 chardet idna
Cleaning up...

sudo openpyn --init
Storing credentials in '/usr/share/openpyn/credentials with openvpn compatible 'auth-user-pass' file format

Enter your username for NordVPN, i.e [email protected]: [email protected]
Enter the password for NordVPN: xxx
Traceback (most recent call last):
File "/usr/local/bin/openpyn", line 9, in
load_entry_point('openpyn==1.5.2', 'console_scripts', 'openpyn')()
File "/usr/local/lib/python3.4/dist-packages/openpyn/openpyn.py", line 110, in main
args.tor_over_vpn, args.anti_ddos, args.test)
File "/usr/local/lib/python3.4/dist-packages/openpyn/openpyn.py", line 124, in run
initialise()
File "/usr/local/lib/python3.4/dist-packages/openpyn/openpyn.py", line 212, in initialise
credentials.save_credentials()
File "/usr/local/lib/python3.4/dist-packages/openpyn/credentials.py", line 30, in save_credentials
subprocess.run("sudo touch /usr/share/openpyn/credentials".split())
AttributeError: 'module' object has no attribute 'run'

According to the manual only 192.168.1.x can be allowed to access port 22 via -allow 22, however I use a VPN to connect to my firewall (and I get 10.0.8.x) so I don't fall in this range. (This is also the case if someone hosts the server in the cloud) Is it possible to allow a list or range of IP-addresses?

Perhaps an alternative or addition to get_network_interfaces():

In save_credentials() passwords are requested by input(). However, some passwords contain symbols and are some are not correctly parsed. I evaluated my password with the one in the credentials file and they differ. Any suggestions about this?

user@hostname:~$ openpyn -l --p2p

(list of servers)

Traceback (most recent call last): File "/usr/local/bin/openpyn", line 9, in <module> load_entry_point('openpyn==1.7.3', 'console_scripts', 'openpyn')() File "/usr/local/lib/python3.5/dist-packages/openpyn-1.7.3-py3.5.egg/openpyn/openpyn.py", line 116, in main args.skip_dns_patch) File "/usr/local/lib/python3.5/dist-packages/openpyn-1.7.3-py3.5.egg/openpyn/openpyn.py", line 156, in run double_vpn=double_vpn, tor_over_vpn=tor_over_vpn, anti_ddos=anti_ddos) File "/usr/local/lib/python3.5/dist-packages/openpyn-1.7.3-py3.5.egg/openpyn/openpyn.py", line 436, in display_servers locations_in_country = locations.get_unique_locations(list_of_servers=json_res_list) File "/usr/local/lib/python3.5/dist-packages/openpyn-1.7.3-py3.5.egg/openpyn/locations.py", line 14, in get_unique_locations geo_address_list = get_location_name(eachLocation) File "/usr/local/lib/python3.5/dist-packages/openpyn-1.7.3-py3.5.egg/openpyn/locations.py", line 34, in get_location_name results = r.json()['results'][0]['address_components'] IndexError: list index out of range

I understood that this was due to the fact that the API of Google has a limit, which is 50 requests per second, calculated as the sum of client-side and server-side queries. Link

Is it possible to limit these requests in the software so no error messages will be generated?

openpyn uses subprocess.run to spawn the openvpn process that is available only on Python 3.5 and newer; OS that come without it (e.g. Debian 8.9) bomb out of the execution because they come with less recent Python versions.

As pointed out in this StackOverflow question, backporting the function is easy, so a patch could be devised as follows:

def backport_run(*popenargs, input=None, check=False, **kwargs):

    if input is not None:

        if "stdin" in kwargs:

            raise ValueError("stdin and input arguments may not both be used.")

        kwargs["stdin"] = subprocess.PIPE


    process = subprocess.Popen(*popenargs, **kwargs)
    try:
        stdout, stderr = process.communicate(input)
    except:
        process.kill()
        process.wait()
        raise
    retcode = process.poll()
    if check and retcode:
        raise subprocess.CalledProcessError(
            retcode, process.args, output=stdout, stderr=stderr)
    return retcode, stdout, stderr

try:
        subprocess.run("/bin/ls")
except AttributeError:
        subprocess.run = backport_run

This is enough to run openpyn successfully.

How can i open port for ssh and other service with iptables and -F option enabled?

CONNECTING TO SERVER de111 ON PORT tcp443
Your OS debian Does not have '/sbin/resolvconf': Manually Applying Patch to Tunnel DNS Through The VPN Tunnel By Modifying '/etc/resolv.conf'
sudo: /usr/share/openpyn/manual-dns-patch.sh: command not found ** this file doesn't exist becouse pip is installing it somewhere else maybe**
Sun Jun 11 00:07:53 2017 OpenVPN 2.4.0 [git:master/d73f7253d939e293+] x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on May 22 2017
Sun Jun 11 00:07:53 2017 library versions: OpenSSL 1.0.2l 25 May 2017, LZO 2.08
Sun Jun 11 00:07:53 2017 Error reading username from Auth authfile: /usr/share/openpyn/credentials
Sun Jun 11 00:07:53 2017 Exiting due to fatal error

I have a few new feature ideas..

1. Refresh the vpn connection at a predefined time or duration (i.e. in minutes)
2. Auto-restart dropped vpn connection (I have this working well today via openvpn running in systemctl)

I'm happy to fork and have a go myself, but it might take me a while as I don't know Python

Hi,

First of all thanks for creating this, it's really useful. I've managed to get it working on MacOS, and I wanted to give feedback. See installation method below, and comments regarding some minor code changes.

/usr/share is protected by System Integrity Protection on MacOS

If System Integrity Protection is on, the below commands will not work, meaning that every time a Mac user would want to download/update vpn config files, they would also need to disable it before and reenable it after

sudo openpyn --init
sudo openpyn --update

To enable or disable System Integrity Protection, you must boot to Recovery OS by restarting your machine and holding down the Command and R keys at startup and run the csrutil command from the Terminal. After enabling or disabling System Integrity Protection on a machine, a reboot is required.

Installation Methods

1. For MacOS

Boot to Recovery OS.
Launch Terminal from the Utilities menu.
csrutil disable
shutdown -r now

xcode-select --install
/usr/bin/ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"
echo 'export PATH="/usr/local/sbin:$PATH"' >> ~/.bash_profile
brew install python3
brew install wget
brew install openvpn
sudo brew services start openvpn

git clone https://github.com/jotyGill/openpyn-nordvpn.git
cd openpyn-nordvpn
sudo python3 setup.py install
sudo openpyn --init

Boot to Recovery OS.
Launch Terminal from the Utilities menu.
csrutil enable
shutdown -r now

libnotify doesn’t work on MacOS, below commands eliminate a couple of warnings for those that dislike warnings, a workaround would be to prevent MANAGEMENT code from being executed for MacOS users or use a multi-platform notifier…

brew install pygobject3 --with-python3
brew install libnotify

Code changes required (which should not have impact for other platforms)

Below command doesn't work on macOS (Tested: 10.11.6)

ping es30.nordvpn.com -i .2 -c 5

This command does :)

ping -i .2 -c 5 es30.nordvpn.com

Ping returns slightly different output on MacOS (Tested: 10.11.6)

round-trip min/avg/max/stddev = 135.534/140.502/148.232/4.704 ms

Notice min/avg/max/stddev instead of min/avg/max/mdev

In openpyn.py, could you make these changes:

["ping", i[0] + ".nordvpn.com", "-i", ".2", "-c", pings] > ["ping", "-i", ".2", "-c", pings, i[0] + ".nordvpn.com"]

("grep", "min/avg/max/mdev"), stdin=ping_proc.stdout) > ("grep", "min/avg/max/”), stdin=ping_proc.stdout)

Forking and opening a pull request for these minor changes would be overkill, hopefully you won't mind testing and making these changes

when i init the program, it download ovpn.zip from nordvpn , but the wget error "Unable to establish SSL connection" . i download the file by myself . is that storeing in "/usr/share/openpyn/files" ? then if i unzip in this dir?
if i was right , i run the program and got an error "There was an ambiguous exception, Check Your Network Connection. forgot to flush iptables? (openpyn -x) " . i do not run any firewall(exp. iptables,firewalld)
my info:
thinkpad t440 , i7 8g
ubuntu 16.04
python 3.5

thx

Firstly, glad to have found this repository. It's proven really useful. Thanks.

This is possibly a feature request, or perhaps this exists already and I haven't been able to find it.

I have, until finding this repository, been starting Openvpn with the --log and --status parameters as I have a webinterface that reads the contents of these files to learn about the status of the current connection for example:

sudo openvpn --status "/etc/openvpn/status.log" 10 --config "/etc/openvpn/custom/nordvpn/us543.nordvpn.com.tcp443.ovpn" --auth-user-pass "/etc/openvpn/custom/nordvpn/nordvpn.auth" --log "/etc/openvpn/log.log"

1. Are these created somewhere by default that I can access? If so where?
2. If note, Are you able to specify similar status and log file destinations with openpyn? If not I think this would make be a useful feature.

Thanks for the help and mostly, thanks for the contribution of this repository!

provide description

the location of "sleep" in not consistent among different OSs.

It does not appear that my stalled connections ever fail and reconnect. I do not see any logs for openvpn or openpyn in /var/log to paste.

Running on latest OSMC installed on PI 3. Debian Jessie (8.9).

When running openpyn using the defaults ("openpyn nz" for instance) all pings fail. Failure message:

Ping Failed to : nz7 Skipping it
ping: invalid option -- 'i'
BusyBox v1.22.1 (Debian 1:1.22.0-9+deb8u1) multi-call binary.

Usage: ping [OPTIONS] HOST

Send ICMP ECHO_REQUEST packets to network hosts

    -4,-6           Force IP or IPv6 name resolution
    -c CNT          Send only CNT pings
    -s SIZE         Send SIZE data bytes in packets (default:56)
    -t TTL          Set TTL
    -I IFACE/IP     Use interface or IP address as source
    -W SEC          Seconds to wait for the first response (default:10)
                    (after all -c CNT packets are sent)
    -w SEC          Seconds until ping exits (default:infinite)
                    (can exit earlier with -c CNT)
    -q              Quiet, only displays output at start
                    and when finished

and no connection gets made (script fails with "Top 0 Servers..."). Running openpyn with a specified server ("openpyn -s nz8") works just fine, only problem seems to be when using ping to select servers.

Any thoughts? Missing dependencies? Wrong version of something? Or is it simply "i" vs. "I" (in which case I might be able to figure out the edit)?

Hey,

If I use for example "openpyn us -a ny" I got this output:
Traceback (most recent call last): File "/usr/local/bin/openpyn", line 9, in <module> load_entry_point('openpyn==1.7.3', 'console_scripts', 'openpyn')() File "/usr/local/lib/python3.4/dist-packages/openpyn-1.7.3-py3.4.egg/openpyn/openpyn.py", line 116, in main args.skip_dns_patch) File "/usr/local/lib/python3.4/dist-packages/openpyn-1.7.3-py3.4.egg/openpyn/openpyn.py", line 191, in run dedicated, double_vpn, tor_over_vpn, anti_ddos) File "/usr/local/lib/python3.4/dist-packages/openpyn-1.7.3-py3.4.egg/openpyn/openpyn.py", line 293, in find_better_servers double_vpn=double_vpn, tor_over_vpn=tor_over_vpn, anti_ddos=anti_ddos) File "/usr/local/lib/python3.4/dist-packages/openpyn-1.7.3-py3.4.egg/openpyn/openpyn.py", line 276, in get_data_from_api type_country_area_filtered = filters.filter_by_area(area, type_country_filtered) File "/usr/local/lib/python3.4/dist-packages/openpyn-1.7.3-py3.4.egg/openpyn/filters.py", line 8, in filter_by_area resolved_locations = locations.get_unique_locations(list_of_servers=type_country_filtered) File "/usr/local/lib/python3.4/dist-packages/openpyn-1.7.3-py3.4.egg/openpyn/locations.py", line 14, in get_unique_locations geo_address_list = get_location_name(eachLocation) File "/usr/local/lib/python3.4/dist-packages/openpyn-1.7.3-py3.4.egg/openpyn/locations.py", line 34, in get_location_name results = r.json()['results'][0]['address_components'] IndexError: list index out of range

Connection with country only is no problem.

Curious as if able to use with optware ng as opposed to entware?

is this a thing maybe?

hi,

after the connect i want to run a script that enables ip_forwarding and masquerading, would be nice if openpyn could run that script automaticly for me

regards

celevra

harry@debian:~$ openpyn uk
There are no servers that satisfy your criteria, please broaden your search.

sudo openpyn it
According to NordVPN, Least Busy 4 Servers, In IT With 'Load' less than 70 Which Support OPENVPN-TCP are : [['it15', 7], ['it18', 8], ['it13', 9], ['it7', 11]]

Pinging Server it15 min/avg/max/mdev = [15, 15, 15, 0]

Pinging Server it18 min/avg/max/mdev = [15, 15, 15, 0]

Pinging Server it13 min/avg/max/mdev = [26, 27, 27, 0]

Pinging Server it7 min/avg/max/mdev = [15, 15, 17, 0]

Top 4 Servers with best Ping are: ['it15', 'it18', 'it7', 'it13']

Out of the Best Available Servers, Chose it15
CONNECTING TO SERVER it15 ON PORT tcp443
Traceback (most recent call last):
File "/usr/bin/openpyn", line 11, in
load_entry_point('openpyn==1.7.3', 'console_scripts', 'openpyn')()
File "/usr/lib/python3.6/site-packages/openpyn/openpyn.py", line 116, in main
args.skip_dns_patch)
File "/usr/lib/python3.6/site-packages/openpyn/openpyn.py", line 216, in run
connection = connect(aserver, port, daemon, test, skip_dns_patch)
File "/usr/lib/python3.6/site-packages/openpyn/openpyn.py", line 578, in connect
if root.running_with_sudo():
File "/usr/lib/python3.6/site-packages/openpyn/root.py", line 55, in running_with_sudo
logged_in_user = os.getlogin()
FileNotFoundError: [Errno 2] No such file or directory

I tried one of the examples provided, openpyn us -t 10 -T 2 --dedicated
Where the -T 2 switch gave an error. Are there still similar functionality in the script/ program, and if, what options to use?

I have setup my router to use nordvpn dns so no need to patch at pc level. please add the option to not touch dns