Make path to ifconfig and route configurable upon installation

[GoogleCodeExporter]

Original post from:
http://github.com/fries/android-external-openvpn/issues#issue/2


I have a problem with OpenVPN Settings and my HTC Hero / T-Mobile G2 - i
have installed the MoDaCo custom ROM 3.2.

So Busybox is integrated, but i have no /system/xbin/bb/ifconfig - if i ask
'which ifconfig' i get /system/xbin/ifconfig (which links to busybox)

if i want to start my openvpn config, after entering the password i get
this error:
FATAL: Linux ifconfig failed: could not execute external program

Can you fix this for the MoDaCo Hero users? :)

Let me know if i can help you in any way!

Original issue reported on code.google.com by friedrich.schaeuffelhut on 15 Mar 2010 at 9:57

[GoogleCodeExporter]

Added a dialog to choose path to ifconfig and route.

Original comment by friedrich.schaeuffelhut on 15 Mar 2010 at 9:59

Attachments:

• OpenVPN-Installer-0.2.2test1.apk

[GoogleCodeExporter]

thank you for this release!

so in the OpenVPN Settings it is "Connected to [IP] as" - that worked now! :)

but still it looks lik i'm not in the VPN - the up: and down: values are not 
changing
when i make some traffic with f.e. the browser or the youtube app (up: 0.02kBps 
-
down: 0.02 kBps).

when i do a ifconfig on the console of my hero i get the following devices, with
openvpn running and without:
lo, rmnet0

so there is no tun0 - but there should be, right?

so i restarted my phone, made an 
 lsmod
 "tun 11172 0 - Live 0xbf000000"

then i tried to:
 su
 ifconfig tun0 up
 "ifconfig: SIOCGIFFLAGS: No such device"

so OpenVPN Settings shows me a valid IP where it is connected, but the traffice 
is
not going thought the VPN. Whats the problem with my HTC Hero? :)

Original comment by [email protected] on 17 Mar 2010 at 8:32

[GoogleCodeExporter]

First we should make sure the vpn connection is established and the interface is
configured correctly. Could you please start openvpn from the commandline and 
see if
there are any errors when it configures the interface? Then try to ping your 
peer. If
this works the interface should be configured correctly (You should also see the
up/down counters changing while pinging). You may also check the configuration 
using
ifconfig. But make sure you are using ifconfig from busybox, by using the full 
path.

No traffic will be redirected through the tunnel. This only happens if you use 
the
redirect-gateway option in your openvpn config, which I have not tested so far.

Original comment by friedrich.schaeuffelhut on 18 Mar 2010 at 10:35

[GoogleCodeExporter]

[deleted comment]

[GoogleCodeExporter]

i did as superuser:
# openvpn /sdcard/openvpn/user.conf
Fri Mar 19 10:48:56 2010 OpenVPN 2.1.1 i686-pc-linux-gnu [SSL] [LZO2] [EPOLL] 
built
on Feb  2 2010
Fri Mar 19 10:48:56 2010 NOTE: 
OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined 
scripts or
executables
Fri Mar 19 10:48:57 2010 
WARNING: this configuration may cache passwords in memory -- use the 
auth-nocache
option to prevent this
Fri Mar 19 10:48:57 2010 Cannot load private key file 
/sdcard/openvpn/user.okey: 
error:0906A068:PEM routines:PEM_do_header:bad password read: error:140B0009:SSL
routines:SSL_CTX_use_PrivateKey_file:PEM lib
Fri Mar 19 10:48:57 2010 Error: 
private key password verification failed
Fri Mar 19 10:48:57 2010 Exiting

strange, i was not asked for a 
password...

Original comment by [email protected] on 19 Mar 2010 at 1:35

[GoogleCodeExporter]

Ah, I remember. Android libc (bionic) does not support the getpass function 
which
openvpn seems to use when asking for the passphrase. When I ported openvpn I 
created
a stub just returning the empty string. (It's defined here: 
http://github.com/fries/android-external-openvpn/blob/master/missing.c). That's 
the
reason you where not asked for a passphrase. 

OpenVPN-Settings will advice openvpn to ask for a passphrases via the management
interface.

Original comment by friedrich.schaeuffelhut on 19 Mar 2010 at 9:11

[GoogleCodeExporter]

thank you for the detailed explanation!

so actually i can't test if openvpn on console is working, right?

Original comment by [email protected] on 19 Mar 2010 at 10:02

[GoogleCodeExporter]

Actually you could use the '--askpass [file]' option. This would read the 
passphrase
from a file. This should be good enough for testing. 

Original comment by friedrich.schaeuffelhut on 19 Mar 2010 at 10:19

[GoogleCodeExporter]

ok, thanks for the hint!

# su
# echo [mypassword] > /sdcard/pw
# openvpn --askpass /sdcard/pw /sdcard/openvpn/user.conf
Options error: You must define TUN/TAP device (--dev)
Use --help for more information

well, is the following right?

# openvpn --askpass /sdcard/pw --dev tun0 /sdcard/openvpn/user.conf
Sat Mar 20 09:29:04 2010 OpenVPN 2.1.1 i686-pc-linux-gnu [SSL] [LZO2] [EPOLL] 
built
on Feb  2 2010
Sat Mar 20 09:29:04 2010 WARNING: file '/sdcard/pw' is group or others 
accessible
Sat Mar 20 09:29:04 2010 IMPORTANT: OpenVPN's default port number is now 1194, 
based
on an official port number assignment by IANA.  OpenVPN 2.0-beta16 and earlier 
used
5000 as the default port.
Sat Mar 20 09:29:04 2010 NOTE: OpenVPN 2.1 requires '--script-security 2' or 
higher
to call user-defined scripts or executables
Sat Mar 20 09:29:04 2010 ******* WARNING *******: all encryption and 
authentication
features disabled -- all data will be tunnelled as cleartext
Sat Mar 20 09:29:04 2010 TUN/TAP device tun0 opened
Sat Mar 20 09:29:04 2010 UDPv4 link local (bound): [undef]:1194
Sat Mar 20 09:29:04 2010 UDPv4 link remote: [undef]

Now the cursor waits there... i tried to reach some server on my VPN but there 
are
just timeouts...

Actually it does not matter if the text in the file is is the right password or 
not,
i get the same output as above... any hints?

Original comment by [email protected] on 20 Mar 2010 at 8:53

[GoogleCodeExporter]

Hmm, could you post your config?
The command line seems to be correct. But I would first cd into 
/sdcard/openvpn/ and
then call 'openvpn --askpass /sdcard/pw --dev tun0 user.conf'. You might also 
add
--verb 4 or --verb 5 to get more verbose debugging output.

Original comment by friedrich.schaeuffelhut on 22 Mar 2010 at 2:20

• Added labels: Type-Task
• Removed labels: Type-Enhancement

[GoogleCodeExporter]

ok, i did what you told :)

cd /sdcard/openvpn
openvpn --askpass /sdcard/pw --dev tun0 --verb 5 user.conf > openvpn.txt

hope that helps!

Original comment by [email protected] on 28 Mar 2010 at 8:56

Attachments:

• openvpn.txt
• user.conf

[GoogleCodeExporter]

Here's my problem, the 2.1.1 version is having some problem with ifconfig.  
However
ifconfig is located in these places:

./system/bin/ifconfig
./system/xbin/bb/ifconfig
./system/xbin/ifconfig

and 'which ifconfig' shows:  /system/xbin/ifconfig

Here's the log showing the error.  Any ideas?  I'm running DroidMod 1.0 on a 
Motorola
Droid.  OpenVPN 2.1_rc15 which comes installed with the rom works just fine.

[root@droid] openvpn # openvpn home.ovpn
openvpn home.ovpn
Mon Mar 29 12:12:26 2010 OpenVPN 2.1.1 i686-pc-linux-gnu [SSL] [LZO2] [EPOLL] bu
ilt on Feb  2 2010
Mon Mar 29 12:12:26 2010 WARNING: Make sure you understand the semantics of --tl
s-remote before using it (see the man page).
Mon Mar 29 12:12:26 2010 NOTE: OpenVPN 2.1 requires '--script-security 2' or hig
her to call user-defined scripts or executables
Mon Mar 29 12:12:26 2010 WARNING: file 'laptop.key' is group or others accessibl
e
Mon Mar 29 12:12:26 2010 WARNING: file 'ta.key' is group or others accessible
Mon Mar 29 12:12:26 2010 Control Channel Authentication: using 'ta.key' as a Ope
nVPN static key file
Mon Mar 29 12:12:26 2010 LZO compression initialized
Mon Mar 29 12:12:26 2010 UDPv4 link local: [undef]
Mon Mar 29 12:12:26 2010 UDPv4 link remote: xxxxxx
Mon Mar 29 12:12:33 2010 [server] Peer Connection Initiated with xxxxxxx
Mon Mar 29 12:12:35 2010 Options error: Unrecognized option or missing parameter
(s) in [PUSH-OPTIONS]:6: ifconfig (2.1.1)
Mon Mar 29 12:12:35 2010 TUN/TAP device tap0 opened
route: SIOCADDRT: Network is unreachable
Mon Mar 29 12:12:35 2010 ERROR: Linux route add command failed: external program
 exited with error status: 1
route: SIOCADDRT: Network is unreachable
Mon Mar 29 12:12:35 2010 ERROR: Linux route add command failed: external program
 exited with error status: 1
Mon Mar 29 12:12:35 2010 Initialization Sequence Completed

Original comment by [email protected] on 29 Mar 2010 at 5:23

[GoogleCodeExporter]

[deleted comment]

[GoogleCodeExporter]

i'm now running N1 FroYo with cyanogen rooter, which gives root and busybox

My server config works with about a dozen Win/OSX/Linux clients.

The client config I am using worked with 5.0.6 (built-in openvpn binary) + 
OpenVPN Settings (couldn't get the 
"redirect-gateway def1" to work using 5.0.6 built-in openvpn gui).


# which ifconfig
/system/bin/ifconfig

# find / -name ifconfig
/system/xbin/ifconfig
/system/bin/ifconfig

I know that the BusyBox ifconfig is in /system/xbin/ifconfig so I used this 
location during OpenVPN-Installer 
binary installation.

I get this, as su:

# cd /sdcard/openvpn
# openvpn myvpn.ovpn &
# Thu May 27 11:02:57 2010 OpenVPN 2.1.1 i686-pc-linux-gnu [SSL] [LZO2] [EPOLL] 
built on Feb  2 2010
Thu May 27 11:02:57 2010 IMPORTANT: OpenVPN's default port number is now 1194, 
based on an official 
port number assignment by IANA.  OpenVPN 2.0-beta16 and earlier used 5000 as 
the default port.
Thu May 27 11:02:57 2010 WARNING: No server certificate verification method has 
been enabled.  See 
http://openvpn.net/howto.html#mitm for more info.
Thu May 27 11:02:57 2010 NOTE: OpenVPN 2.1 requires '--script-security 2' or 
higher to call user-defined 
scripts or executables
Thu May 27 11:02:57 2010 WARNING: file 'client1.key' is group or others 
accessible
Thu May 27 11:02:57 2010 LZO compression initialized
Thu May 27 11:02:57 2010 UDPv4 link local (bound): [undef]:1194
Thu May 27 11:02:57 2010 UDPv4 link remote: MY.SERVER.IP.ADDRESS:1194
Thu May 27 11:03:02 2010 [server] Peer Connection Initiated with 
MY.SERVER.IP.ADDRESS:1194
Thu May 27 11:03:05 2010 Options error: Unrecognized option or missing 
parameter(s) in [PUSH-OPTIONS]:4: 
route (2.1.1)
Thu May 27 11:03:05 2010 Options error: Unrecognized option or missing 
parameter(s) in [PUSH-OPTIONS]:7: 
ifconfig (2.1.1)
Thu May 27 11:03:05 2010 TUN/TAP device tun0 opened
Thu May 27 11:03:05 2010 NOTE: unable to redirect default gateway -- VPN 
gateway parameter (--route-
gateway or --ifconfig) is missing
Thu May 27 11:03:05 2010 Initialization Sequence Completed

So then I check if the interface is up:
# /system/xbin/ifconfig
eth0 (details omitted)
lo (details omitted)

No TUN interface seems to be up, no IP addresses assigned (from 
OpenVPN-Settings).

So then I do this (just like my desktop client does):

#/system/xbin/ifconfig tun0 delete
#/system/xbin/ifconfig tun0 10.8.0.6 10.8.0.5 mtu 1500 netmask 255.255.255.255 
up

OK, tun0 shows up:
tun0      Link encap:UNSPEC  HWaddr 
00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  
          inet addr:10.8.0.5  P-t-P:10.8.0.5  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:19 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100 
          RX bytes:1456 (1.4 KiB)  TX bytes:0 (0.0 B)

I can ping 10.8.0.5
I can not ping 10.8.0.6 (not a problem, I can't ping it from the desktop 
either).

I can not ping the server 10.8.0.1

Why not? No route? Duh.
# /system/xbin/route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.199.0   *               255.255.255.0   U     0      0        0 eth0
default         tomato          0.0.0.0         UG    0      0        0 eth0


In summary, I am inclined to conclude that neither ifconfig nor route location 
hard-coding has the desired 
effect :(

I am willing to troubleshoot this till no tomorrow as I NEED to be able to 
openvpn.

Original comment by [email protected] on 27 May 2010 at 7:49

[GoogleCodeExporter]

Was there any resolution to that.
I am having exact same problem with Villan10 rom on hero...

Original comment by [email protected] on 5 Jun 2010 at 7:09

[GoogleCodeExporter]

I noticed that, p-t-p ip assignment to tun0 is actually wrong...

tun0      Link encap:UNSPEC  HWaddr 
00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  
          inet addr:10.8.0.5  P-t-P:10.8.0.5  Mask:255.255.255.255
                    ^^^^^^^^        ^^^^^^^^

actually the first one should read 10.0.0.6.

I am guessing that should be the problem.

By the way, is ifconfig and route ripped off from this openvpn binary?

Original comment by [email protected] on 6 Jun 2010 at 5:28

[GoogleCodeExporter]

Problem solved....

This binary doesn't work with busybox:
http://github.com/downloads/fries/android-external-openvpn/openvpn-static-2.1.1.
bz2

However this does:
http://github.com/downloads/fries/android-external-openvpn/openvpn-static.bz2

By the way there should be pointtopoint in between the ips for the ifconfig 
problem...

Original comment by [email protected] on 6 Jun 2010 at 5:58

[GoogleCodeExporter]

which binary is integrated into android-openvpn-installer ?

Original comment by [email protected] on 8 Jun 2010 at 1:22

[GoogleCodeExporter]

The current version is OpenVPN 2.1.1

Original comment by friedrich.schaeuffelhut on 9 Jun 2010 at 11:08

[GoogleCodeExporter]

Both links cited in #17 use /system/xbin/bb/ifconfig and /system/xbin/bb/route.

The difference is that openvpn-static.bz2 contains OpenVPN 2.1_rc15 whereas 
openvpn-static-2.1.1.bz2 contains OpenVPN 2.1.1.

Original comment by friedrich.schaeuffelhut on 9 Jun 2010 at 11:23

[GoogleCodeExporter]

Is there a way to fix this or have I been doing smth wrong in comment 14?

Original comment by [email protected] on 9 Jun 2010 at 11:40

[GoogleCodeExporter]

I'm puzzled by those two lines. What is thair cause?

Thu May 27 11:03:05 2010 Options error: Unrecognized option or missing 
parameter(s) in [PUSH-OPTIONS]:4: route (2.1.1)
Thu May 27 11:03:05 2010 Options error: Unrecognized option or missing 
parameter(s) in [PUSH-OPTIONS]:7: ifconfig (2.1.1)

Original comment by friedrich.schaeuffelhut on 11 Jun 2010 at 4:09

[GoogleCodeExporter]

[deleted comment]

[GoogleCodeExporter]

[deleted comment]

[GoogleCodeExporter]

on the server log i see:
 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 208.67.222.222,dhcp-option DNS 208.67.220.220,route 10.8.0.1,ping 10,ping-restart 60,ifconfig 10.8.0.6 10.8.0.5'

it seems the android binary doesn't like PUSH OPTIONS:
route 10.8.0.1
ifconfig 10.8.0.6 10.8.0.5

Original comment by [email protected] on 11 Jun 2010 at 4:48

[GoogleCodeExporter]

Does anyone have the openvpn-installer & openvpn-settings working on froyo?

what images did you use to install froyo? cyanogen rooter?

should i try reflash and install the apps again?

Original comment by [email protected] on 21 Jun 2010 at 11:26

[GoogleCodeExporter]

I'm attempting to get this to work on my Droid. I had this same issue where I 
wouldn't get the route on a 2.1 rom but never tried starting from the command 
line. Now I'm running a 2.2 rom and I'm having the same issue, the routes don't 
get pushed. 

Details:
Phone: MotoDroid
ifconfig selected during install: /system/xbin/

when I run it from the command line I see this output that someone else here 
also had.

Mon Jun 28 11:29:32 2010 Options error: Unrecognized option or missing 
parameter(s) in [PUSH-OPTIONS]:1: route (2.1.1)
Mon Jun 28 11:29:32 2010 Options error: Unrecognized option or missing 
parameter(s) in [PUSH-OPTIONS]:3: route (2.1.1)
Mon Jun 28 11:29:32 2010 Options error: Unrecognized option or missing 
parameter(s) in [PUSH-OPTIONS]:6: ifconfig (2.1.1)

that's just the bitthat didn't seem to work, if you need the whole log I post 
that.

Original comment by [email protected] on 28 Jun 2010 at 3:35

[GoogleCodeExporter]

Thanks KylePond!!! Comment #43 did the trick for me.

Original comment by [email protected] on 12 Jan 2011 at 5:34

[GoogleCodeExporter]

@friedrich
please can you change it and update it on market ?
maybe you can change the settings , that the path to route and ifconfig is 
always /system/xbin (there are the apps be sure..) and cahnge the code, so that 
route and ifconfig use always the /system/xbin/ path, then it would be ok, and 
noone must create apath manually ... for newbies it would be easier to know .. 
this::

only to be sure - here in summary:
it works if it will be done in this way:

1.) install binaries to /system/xbin
2.) select path to ifconfig and route -> /system/xbin/bb
3.) make a link to xbin -> "ln -s /system/xbin /system/xbin/bb"

then it works fine :)

Original comment by [email protected] on 5 Mar 2011 at 1:19

[GoogleCodeExporter]

Somehow I don't feel any new versions of this will come out.

You're better off getting CyanogenMOD that has OpenVPN built-in.

Original comment by [email protected] on 5 Mar 2011 at 1:22

[GoogleCodeExporter]

I will probably have time to update the project by end of March.

Original comment by friedrich.schaeuffelhut on 6 Mar 2011 at 8:35

[GoogleCodeExporter]

On my Galaxy I9000 (Froyo) it works to 90%. After OpenVPN-Settings shows 
"Resolve"-"Wait"-"Auth"-"Get Config"-"?" it stopps with the message: "Linix 
ifconfig: Could not execute external programm". 

I´ve set the permission to full rights (rwxrwx...), I tried several tun.ko. 
Nothing helps. Has someone an idear?

Original comment by [email protected] on 8 Mar 2011 at 1:29

[GoogleCodeExporter]

I was unable to connect until I create a "bb" link in /system/xbin
Previously I've created a /system/xbin/bb directory and placed the bb's 
"ifconfig" and "route" links there.
Once I've replaced "bb" dir with "bb" link - everything works fine!

So, the trouble is that openvpn is sticked to /system/xbin/bb, not to 
/system/xbin IMHO.

HTC Desire, ROM - MCR r26 (Android 2.3).

Original comment by [email protected] on 18 Mar 2011 at 3:18

[GoogleCodeExporter]

Hello

Phone i9000
ROM Gingerbread 2.3.4 XXJVP
Connecting ok but:
"
...
Options error: Unrecognized otption or missing parameters(s) in 
[PUSH-OPTIONS]:2 route (2.1.1)
Options error: Unrecognized otption or missing parameters(s) in 
[PUSH-OPTIONS]:6 ifconfig (2.1.1)
...
NOTE: unable to redirect default gateway -- VPN gateway parameter 
(--route-gateway or --ifconfig) is missing
...
"
Have root, busybox in /system/xbin/ (ifconfig and route works) and tun. 
I can't mkdir /system/xbin/bb in this rom (readonly in su:/) so I can't make it 
work like in comment #54.

Any news about pointing to /system/xbin ant not to /system/xbin/bb ??

Peter J.

Original comment by [email protected] on 8 Jul 2011 at 10:31

[GoogleCodeExporter]

[deleted comment]

[GoogleCodeExporter]

Got this working with #43 trick on my Asus Transformer!

Original comment by [email protected] on 28 Jul 2011 at 8:48

[GoogleCodeExporter]

Got this working with #43 trick on my Glaxy Tab

Original comment by [email protected] on 26 Aug 2011 at 1:46

[GoogleCodeExporter]

My error is ifconfig:SIOCSIFADDR: permission denied 

This is probably the same problem as in comment #53 by Johannes...

My steps:
First, I did the steps in comment #43 and that helped 90%.

Then I executed openvpn using the terminal (BTEP in my case) as root:
#openvpn --config mycfg.conf
all early messages look good, including "TUN/TAP device tun0 opened"
Then the error comes:
ifconfig:SIOCSIFADDR: permission denied 
Linix ifconfig failed: external program exited with error ... (can't read the 
rest)

I'm running as root, so I don't understand the "ifconfig:SIOCSIFADDR: 
permission denied". 

Before doing steps in #43, I had the same errors as everyone else:

Options error: Unrecognized otption or missing parameters(s) in 
[PUSH-OPTIONS]:2 route (2.1.1)
Options error: Unrecognized otption or missing parameters(s) in 
[PUSH-OPTIONS]:6 ifconfig (2.1.1)

#43 fixed those for me. Now my issue is just "ifconfig:SIOCSIFADDR: permission 
denied". 

I'm on a rooted Thunderbolt with TH3ORY Gingerbread ROM. I don't want to change 
ROMS. This one is working good for all my other stuff.
Can anyone help?

Original comment by [email protected] on 3 Sep 2011 at 3:40

[GoogleCodeExporter]

Replying to my own earlier comment #59
I got it working with help of two earlier comments.

1. Comment #30 by [email protected], Jul 10, 2010:
Unlike the steps in comment #43, I actually had to download the statically 
linked openvpn binary too. Without that, I was getting this error:
ifconfig: siocsifaddr permission denied

2. Comment #44 by [email protected], Nov 20, 2010
Except, instead of this:
    ip ru del gprs
The command that worked for me was:
    ip rule del from all lookup gprs

Next, I guess I'll try running this with gscript (or similar) so I don't have 
to enter the above command every time. Anyone know a better way?

Original comment by [email protected] on 3 Sep 2011 at 5:06

[GoogleCodeExporter]

Comment #44 fixed my issue with adaptation from comment #60.

But instead of removing gprs or wifi ip rule, wouldn't it be better to add the 
routing entry via dev tun0 into the wifi or gprs table ?

Is openvpn client able to modify another table than the main table ?

Original comment by [email protected] on 7 Nov 2011 at 10:57

[GoogleCodeExporter]

Yo lo sulucione instalardo nuevamente el openvpn, los binarios en /system/xbin 
y el ifconfig/route en /system/xbin/bb, despues hice un link simbolico 'ln -s 
/system/xbin /system/xbin/bb', con eso funciono. cualquier duda comente y yo 
vere los comentarios

Original comment by [email protected] on 15 Nov 2011 at 4:04

[GoogleCodeExporter]

#34 fixed the problem for me as well.  OG Droid with project elite 6.5.  Is 
this ever going to get fixed?  Took hours of tinkering to get this solved.

Original comment by [email protected] on 15 Nov 2011 at 11:43

[GoogleCodeExporter]

While sollofing the instruction related to comments #30 and #43 indeed work, it 
is a lot easier to just use a different app.

The following will create the symlinks in /system/xbin/bb for you.
https://market.android.com/details?id=de.akvsoft.droid.ovpninstall

Just override if needed thr path to the BusyBox installation and ignore the 
message about the TUN/TAP module missing if you are using a Samsung device: 
usually TUN support is compiled in the kernel.

If you need a BusyBox installer, I have used this one wit success:
https://market.android.com/details?id=com.jrummy.busybox.installer

Original comment by [email protected] on 11 Dec 2011 at 7:46

[GoogleCodeExporter]

This is how I resolved my issue:
- installed openvpn-static.2.1.1 to /system/xbin
- created dir /system/xbin/bb
- created symlinks route & ifconfig to /system/xbin/bb

before adding the symlink for route to /system/xbin/bb the tunnel would be up 
but was missing the route back to my network.

Original comment by [email protected] on 23 Dec 2011 at 9:55

[GoogleCodeExporter]

I got OpenVPN working on my SGS2 due to this thread. Thanks a lot for all the 
help.  I have put together a blog post for OpenVPN on  Samsung Galaxy S2 
http://www.yogendra.me/2012/01/02/openvpn-on-rooted-sgs2/. 

Original comment by [email protected] on 1 Jan 2012 at 5:11

[GoogleCodeExporter]

I just published a new version of the installer on the market.
Today I built a new set of openvpn binaries dropping the /system/xbin/bb path.

Androids ifconfig implementation fails to configure the tunnel device 
correctly. So you need ifconfig provided by busybox. Try a BusyBox Installer 
from the market.

The path to ifconfig is a compile time option to openvpn and can not be changed 
at runtime. The new version of the installer includes multiple binaries with 
preconfigured ifconfig locations.

The preferred way to install openvpn: 
1. put busybox at /system/xbin/busybox
2. using the installer choose openvpn preconfigured for '/system/xbin/busybox 
ifconfig'

Finally /system/xbin/bb is not needed anymore! I hope this update makes live 
easier for some of you.

Please be so kind and report if you feel the issue has been fixed for you.

Original comment by friedrich.schaeuffelhut on 7 Jan 2012 at 1:58

[GoogleCodeExporter]

I have followed the steps exactly mentioned in comment # 67 but still unable to 
connect to CyberGhostVPN servers on my Toshiba Thrive. Can you please help me 
in trouble shooting ?

Original comment by [email protected] on 26 Jan 2012 at 3:10

[GoogleCodeExporter]

[deleted comment]

[GoogleCodeExporter]

I have today followed comments 30, 34 and finally 11 of this thread to 
reconfigure & troubleshoot my openvpn installation. When I finally issued the 
comment from command line the output log file is enclosed alongwith the config 
file. Please help me understand what is the error and why my installation is 
not working. The same instructions of #30 seems to have worked for all.

Command : openvpn --dev tun0 --verb 5 user.conf > openvpn.log

Original comment by [email protected] on 27 Jan 2012 at 1:33

Attachments:

• openvpn.log
• test.ovpn

[GoogleCodeExporter]

I have yesterday used successfully the same config file given attached on my 
fedora Linux machine and connected successfully with cyberghostvpn servers. 
However, when I'm running it on android (thrive) , I'm getting the error 
message : "Unrecognized option or missing parameter(s) in test.ovpn: 1: 
client(2.1.1)". 
I have checked that my tun.ko is being loaded properly and upon lsmod I can see 
: 
tun 12536 2 -Live 0xbf043000. 
Also on subsequent ls -l /dev/tun*, it is displayed that, 
"crw-r----- vpn vpn 10,200 2012-02-04 09:21 tun" 
It seems to me that somehow the openvpn binary is failing to recognize/read my 
config file and hence I'm unable to connect with the server. Can you please 
help and let me know how I can proceed to troubleshoot further? 
My openvpn binary and busybox is located in /system/xbin and symlinks are 
created for ifconfig and route from /system/bin to /system/bin/bb. 

My config file is enclosed. Please help.

Original comment by [email protected] on 6 Feb 2012 at 12:45

[GoogleCodeExporter]

config file used is given in my earlier post #70. Name test.ovpn

Original comment by [email protected] on 6 Feb 2012 at 12:59

[GoogleCodeExporter]

I have today continued my trouble shooting further on Thrive with the same 
config file options as shown in my config file in the last post ( --client etc) 
but running them as command line arguments because the openvpn binary was not 
reading them from config files. Upon executing from command line the following 
options are given as not valid ones.

1.--dhcp-renew
2.--dhcp-release
3.--win-sys env

It needs to be mentioned here that as per openvpn man pages they are all valid 
command line options and in my fedora machine all of them are running without 
throwing incompatibility errors. They were also read from the config file in 
fedora as I had mentioned in my last post. This gives cause to raise my 
suspicion whether the openvpn binary we are getting via openvpn-installer app 
is perfect !

I continued with my trouble shooting by removing these three options and the 
system starts initiating the connection and comes to the message , " Enter Auth 
Username: ", which should be followed by a , "Enter Auth Password : ". But this 
password prompt is NOT coming in thrive (android) at all though it's coming in 
Fedora(Linux). After entering username in thrive, the sytem goes on assuming it 
as the username and password as 'blank' (which I have verified by intentionally 
proving my password as blank in Fedora) which results into a AUTH_FAILURE 
message slightly later. I have tried to input the user name and password 
through text file (in 2 lines) also e,g. --auth-user-pass mypass.txt still 
receiving AUTH_FAILURE message. Then I had decided to log the output in a file 
for review by other experts which is enclosed.

Now, my conclusion as of this point is that the openvpn binary may be 
DEFECTIVE....see the excerpt from the man page..

--auth-user-pass [up] Authenticate with server using username/password. up is a 
file containing username/password on 2 lines (Note: OpenVPN will only read 
passwords from a file if it has been built with the --enable-password-save 
configure option, or on Windows by defining ENABLE_PASSWORD_SAVE in 
config-win32.h). If up is omitted, username/password will be prompted from the 
console.


Can you suggest how to compile a new one for Thrive (Android 3.2.1, my system 
details are available in my auto signature below) from the source files 
maintained at openvpn download site, 
http://openvpn.net/index.php/open-source/downloads.html.

My Thrive System :
Rooted, Dalenet-Thrive-HTK55D.31.5.0002-OOM_Rooted_ROM
Kernel version: 2.6.36.3-00020-g3d351b6

Original comment by [email protected] on 8 Feb 2012 at 3:25

Attachments:

• consolelog.txt

[GoogleCodeExporter]

Hi,

my OpenVPN client can connect to my server, but I can't redirect all traffic to 
VPN because ROUTE command ends with errors.

My goal is to use Skype via VPN between my phone and my router, with no extra 
bill (my carrier allows me 1Gb/month but no VoIP).

My configuration is:

OpenVPN client on Desire HD with MIUI 2.3.9 (Android 2.3.7 Gingerbread derived 
from CyanoGenMod). This ROM includes busybox 1.19.4-cm7 (2012-02-04) and 
OpenVPN 2.1.4 and  /system is read-only. (OpenVPN Installer and BusyBox 
installer don't work, I'd use adb, but it's not necessary). I use OpenVPN 
Settings.

OpenVPN server 2.1.1 on my router NetGear DG834Gv4 (and his brother DGN2000) 
with fantastic DGTeam firmware V5.01.16 - DGTeam Rev. 1018 - 
http://dgteam.ilbello.com
It allows autenthication only by static (preshared) key.

This is an extract from OpenVPN log:

Mon Mar 12 00:24:29 2012 Peer Connection Initiated with MY_ROUTER_IP:1194
Mon Mar 12 00:24:39 2012 /system/xbin/route add -net MY_ROUTER_IP netmask 
255.255.255.255 gw MY_CARRIER_GW
Mon Mar 12 00:24:39 2012 /system/xbin/route add -net 0.0.0.0 netmask 128.0.0.0 
gw MY_ROUTER_IP
Mon Mar 12 00:24:39 2012 ERROR: Linux route add command failed: external 
program exited with error status: 1
Mon Mar 12 00:24:39 2012 /system/xbin/route add -net 128.0.0.0 netmask 
128.0.0.0 gw MY_ROUTER_IP
Mon Mar 12 00:24:39 2012 ERROR: Linux route add command failed: external 
program exited with error status: 1
Mon Mar 12 00:24:39 2012 MANAGEMENT: >STATE:1331508279,ADD_ROUTES,,,
Mon Mar 12 00:24:39 2012 /system/xbin/route add -net 192.168.0.0 netmask 
255.255.255.0 gw MY_ROUTER_IP
Mon Mar 12 00:24:39 2012 ERROR: Linux route add command failed: external 
program exited with error status: 1
Mon Mar 12 00:24:39 2012 Initialization Sequence Completed


Finally, I think busybox ROUTE command has some bugs.
All works if I use "ip route add" from terminal console, after VPN connection.

This page supports my opinion 
http://zecke.blogspot.com/2010/06/adding-route-with-androids-route.html 

Lastly (and important for me) OpenVPN 2.2.2 changelog reports bugfixes in route 
and default gateway management.

I hope in OpenVPN and busybox bugfix update or a new OpenVPN version using "ip 
route" instead of "ROUTE".

Thank you
McSty

Original comment by [email protected] on 12 Mar 2012 at 9:26

[GoogleCodeExporter]

Motorola razr. ifconfig ok, openvpn installed ok, conf file ok,

1-When gui execute  /system/bin/ifconfig tun0...
Linux ifconfig failed: External Program ...

2-Then i try to create a tun0, because tun exists, and ifconfig no problem.with 
it.
(also module is up)
Well, i do:
./openvpn -mkdev --dev tun0 
Succefull, persisten mode on, and i can manage the interface without problem.
3- Execute again openvpn-gui buttttt
now execute  /system/bin/ifconfig tun1 <----!!!!
4-Then go to step 2, (create tun1) 
5-Execute again openvpn-gui buttttt
now execute  /system/bin/ifconfig tun2 <----!!!!
(for ever loop)

I cant manage the tun device in gui???, because, if i do -rmdev for all tun 
devs they askme for tun0!..if i create that, they ask me for tun1!!!.

Please help.




I Get some problem with 

Original comment by [email protected] on 1 Jun 2012 at 6:41

[GoogleCodeExporter]

問NUC950BSP    linux-2.6.35.4 網路部分的問題
#ifconfig eth0 up
顯示  linux ifconfig:SIOCSIFFLAGS:Cannot assign requested address
#ping 192.168.240.128
顯示 ping:sendto:Network is unreachable
#ifconfig eth0 hw ether 08:90:90:90:90:90
顯示 ifconfig: bad address ‘hw’

Original comment by [email protected] on 23 May 2013 at 2:26

[GoogleCodeExporter]

would it be possible to compile somewhat more recent version than 2.1.1 that is 
~2 years old, please?

thanks in advance

Original comment by [email protected] on 26 Jan 2014 at 10:21

[GoogleCodeExporter]

Dears,
this is an urgent ..
I am trying to change my smart phone mac address 
Samsung Galaxy Win  GT-I8552

failed attempted :

1) 
Command line on the terminal apk
Result :
Ip either dev is duplicate or type is garbage..

2)
Using mac address goust
Result:
Initialized....
But when iconnect to wifi .. and check my mac address from 
Wirliess network watcher
I see my orginal mac
Also in setting...

3)
using mac spoof
Result:
Initialized....
But when iconnect to wifi .. and check my mac address from 
Wirliess network watcher
I see my orginal mac
Also in setting...

Kindly advice ..

[email protected]

Original comment by [email protected] on 24 Dec 2014 at 3:53