Jump to content
TorGuard
  • 0

Share Wifi to LAN OpenVPN

Rate this question


Morphy

Question

Hi guys.

I need some help, I have a current Wireguard setup which is working fine, but I want to test out performance with OpenVPN and so far it seems that OpenVPN is performing better on my Rasp4.

My Rasp needs internet from Wifi , then share to eth . 

 

My TG.conf without cerficates:

client
dev tun
proto udp
remote swe.torguardvpnaccess.com 1912
resolv-retry infinite
nobind
persist-key
persist-tun
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
ca ca.crt
remote-cert-tls server
auth-user-pass user.txt
script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf
compress
ncp-disable
verb 3
reneg-sec 0
keepalive 5 30
fast-io
sndbuf 393216
rcvbuf 393216
cipher AES-256-GCM
auth SHA256
key-direction 1
<tls-auth>
 

My script 

#!/bin/bash

# Share Wifi with Eth device
#
#
# This script is created to work with Raspbian Stretch
# but it can be used with most of the distributions
# by making few changes.
#
# Make sure you have already installed `dnsmasq`
# Please modify the variables according to your need
# Don't forget to change the name of network interface
# Check them with `ifconfig`

ip_address="192.168.2.1"
netmask="255.255.255.0"
dhcp_range_start="192.168.2.2"
dhcp_range_end="192.168.2.100"
dhcp_time="12h"
eth="eth0"
wlan="tun0"

sudo systemctl start network-online.target &> /dev/null

sudo iptables -F
sudo iptables -t nat -F
sudo iptables -t nat -A POSTROUTING -o $wlan -j MASQUERADE
sudo iptables -A FORWARD -i $wlan -o $eth -m state --state RELATED,ESTABLISHED -j ACCEPT
sudo iptables -A FORWARD -i $eth -o $wlan -j ACCEPT

sudo sh -c "echo 1 > /proc/sys/net/ipv4/ip_forward"

sudo ifconfig $eth $ip_address netmask $netmask

# Remove default route created by dhcpcd
sudo ip route del 0/0 dev $eth &> /dev/null

sudo systemctl stop dnsmasq

sudo rm -rf /etc/dnsmasq.d/* &> /dev/null

echo -e "interface=$eth\n\
bind-interfaces\n\
server=1.1.1.1\n\
domain-needed\n\
bogus-priv\n\
dhcp-range=$dhcp_range_start,$dhcp_range_end,$dhcp_time" > /tmp/custom-dnsmasq.conf

sudo cp /tmp/custom-dnsmasq.conf /etc/dnsmasq.d/custom-dnsmasq.conf
sudo systemctl start dnsmasq

My ethernet dont seem to get any ip adress: 

 

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether XXXXXXXXXXXXXXXXXXXX
    inet 169.254.54.236/16 brd 169.254.255.255 scope global noprefixroute eth0
       valid_lft forever preferred_lft forever
    inet6 XXXXXXXXXXXXXXXXXXX/64 scope link
       valid_lft forever preferred_lft forever
3: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether XXXXXXXXXXXXXXXXXXXXX
    inet 192.168.0.219/24 brd 192.168.0.3 scope global dynamic noprefixroute wlan0
       valid_lft 85907sec preferred_lft 75107sec
    inet6 XXXXXXXXXXXXXX64 scope link
       valid_lft forever preferred_lft forever
4: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN group default qlen 100
    link/none
    inet 10.35.0.18 peer 10.35.0.17/32 scope global tun0
       valid_lft forever preferred_lft forever
    inet6 XXXXXXXXXXXXXXXXXXX64 scope link stable-privacy
       valid_lft forever preferred_lft forever

 

DNSMASQ info:

[email protected]:~ $ sudo systemctl status dnsmasq.service
● dnsmasq.service - dnsmasq - A lightweight DHCP and caching DNS server
   Loaded: loaded (/lib/systemd/system/dnsmasq.service; enabled; vendor preset: enabled)
   Active: active (running) since Thu 2020-09-24 10:48:54 CEST; 10min ago
  Process: 567 ExecStartPre=/usr/sbin/dnsmasq --test (code=exited, status=0/SUCCESS)
  Process: 570 ExecStart=/etc/init.d/dnsmasq systemd-exec (code=exited, status=0/SUCCESS)
  Process: 580 ExecStartPost=/etc/init.d/dnsmasq systemd-start-resolvconf (code=exited, status=0/SUCCESS)
 Main PID: 579 (dnsmasq)
    Tasks: 1 (limit: 4915)
   CGroup: /system.slice/dnsmasq.service
           └─579 /usr/sbin/dnsmasq -x /run/dnsmasq/dnsmasq.pid -u dnsmasq -r /run/dnsmasq/resolv.conf -7 /etc/dnsmasq.d,.dpkg-d

Sep 24 10:58:39 raspberrypi dnsmasq-dhcp[579]: no address range available for DHCP request via eth0
Sep 24 10:58:40 raspberrypi dnsmasq-dhcp[579]: no address range available for DHCP request via eth0
Sep 24 10:58:41 raspberrypi dnsmasq-dhcp[579]: no address range available for DHCP request via eth0
Sep 24 10:58:42 raspberrypi dnsmasq-dhcp[579]: no address range available for DHCP request via eth0
Sep 24 10:58:43 raspberrypi dnsmasq-dhcp[579]: no address range available for DHCP request via eth0
Sep 24 10:58:44 raspberrypi dnsmasq-dhcp[579]: no address range available for DHCP request via eth0
Sep 24 10:58:45 raspberrypi dnsmasq-dhcp[579]: no address range available for DHCP request via eth0
Sep 24 10:58:46 raspberrypi dnsmasq-dhcp[579]: no address range available for DHCP request via eth0
Sep 24 10:58:57 raspberrypi dnsmasq-dhcp[579]: no address range available for DHCP request via eth0
Sep 24 10:58:58 raspberrypi dnsmasq-dhcp[579]: no address range available for DHCP request via eth0

 

What am I missing here :) ?

 

 

Link to post
Share on other sites

1 answer to this question

Recommended Posts

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...