SecureFishNet

Rating: 
4.85366
Your rating: None Average: 4.9 (41 votes)

SecureFishNet is OpenVPN client manager for
Sailfish. You can manage openvpn connection with it. It requires
Openvpn and that will be downloaded from repository. (If not you can
do it with “pkcon install openvpn”).

You need normal openvpn configuration file.

This package contains daemon and securefishnet-gui.

PushUpMenu:

- “flush”. In case of something broke routing and network does not work.

This reverses every change this program made to routing. If network still does not work after this, reboot is your friend.

 

IPv6 does not work.

 

 

 

Application versions: 
AttachmentSizeDate
File securefishnet-1.5-3.armv7hl.rpm78.1 KB26/08/2015 - 13:12
File securefishnet-1.5-4.armv7hl.rpm77.79 KB26/08/2015 - 20:14
File securefishnet-1.6-2.armv7hl.rpm111.93 KB22/10/2015 - 16:57
File securefishnet-1.6-2.i486.rpm120.59 KB22/10/2015 - 17:35
File securefishnet-1.6-3.armv7hl.rpm112.33 KB28/10/2015 - 17:26
File securefishnet-1.6-3.i486.rpm120.95 KB28/10/2015 - 18:21
File securefishnet-1.6-4.armv7hl.rpm112.34 KB11/11/2015 - 13:10
File securefishnet-1.6-4.i486.rpm120.94 KB11/11/2015 - 13:10
File securefishnet-1.6-5.armv7hl.rpm112.38 KB16/11/2015 - 09:42
File securefishnet-1.6-5.i486.rpm120.93 KB16/11/2015 - 09:42
File securefishnet-1.9-2.armv7hl.rpm139.88 KB10/04/2016 - 20:56
File securefishnet-1.9-2.i486.rpm151.24 KB10/04/2016 - 20:56
File securefishnet-1.9-5.armv7hl.rpm140.77 KB12/05/2016 - 15:02
File securefishnet-1.9-5.i486.rpm151.47 KB12/05/2016 - 15:02
File securefishnet-2.0-5.i486.rpm150.52 KB20/09/2016 - 16:11
File securefishnet-2.0-5.armv7hl.rpm138.31 KB20/09/2016 - 16:11
File securefishnet-2.0-7.armv7hl.rpm139.05 KB20/10/2016 - 14:01
File securefishnet-2.0-7.i486.rpm151.95 KB20/10/2016 - 14:01
File securefishnet-2.1-2.armv7hl.rpm139.59 KB30/08/2017 - 17:03
File securefishnet-2.1-2.i486.rpm151.33 KB30/08/2017 - 17:03
File securefishnet-2.1-4.armv7hl.rpm144.66 KB17/06/2018 - 12:35
File securefishnet-2.1-4.i486.rpm156.96 KB17/06/2018 - 12:35
File securefishnet-2.1-5.armv7hl.rpm144.81 KB12/09/2018 - 20:32
File securefishnet-2.1-5.i486.rpm157.23 KB12/09/2018 - 20:32
File securefishnet-2.1-7.armv7hl.rpm146.15 KB22/01/2019 - 12:28
File securefishnet-2.1-7.i486.rpm157.54 KB22/01/2019 - 12:28
File securefishnet-2.1-8.armv7hl.rpm146.13 KB28/01/2019 - 18:57
File securefishnet-2.1-8.i486.rpm157.3 KB28/01/2019 - 18:57
File securefishnet-2.1-9.armv7hl.rpm145.94 KB08/03/2019 - 11:38
File securefishnet-2.1-9.i486.rpm157.26 KB08/03/2019 - 11:38
File securefishnet-2.1-11.armv7hl.rpm147.17 KB08/08/2019 - 14:12
File securefishnet-2.1-11.i486.rpm159.11 KB08/08/2019 - 14:12
Changelog: 

2.1-11

  • Fixes for 3.1.0.11

2.1-9

  • Dns is not always ready instantly so add small delay

2.1-8

  • fix for bug in compat mode/static Key handling

2.1-7

  • Fix for various DNS and routing related issues

2.1-5

  • Fix for changes in SFOS 2.2.1.18 ( UI opened twice because of the way autostart was made (used when VPN is selected to start at boot) )

2.1-4

  • fixes for 2.2.0.29
  • fix for default gateway not persistent in connection change

2.1-2

  • fixes for 2.1.1.26 (not tested with earlier OS versions)

2.0-7

  • bug fixes
  • ui tweaks
  • connection changing logic improved

2.0-5

  • bug fixes
  • ui tweaks
  • more than 3 connections or conffiles
  • rewrite of connection changing logic ( again )

1.9-5

  • bug fixes

1.9-2

  • lots of new features (check config page)
  • rewrite of connection changing logic ( only tested with SFOS 2.0.1.7 )

1.6-5

  • fixed bug with routing not always working as it should

1.6-4

  • bug fixes

1.6-3

  • bug fixes

1.6-2

  • Lots of minor tweaks
  • UI fixes
  • more icon sizes = bigger rpm...
  • i486 build (not tested on real device but runs fine on emulator)

1.5-4

  • and more old bugs fixed... huh...

1.5-3

  • more bug fixes

1.5-2

  • bug fixes
  • You should reboot AFTER installing this as there might be some unwanted leftovers (in routing table) from earlier versions.

1.5-1

  • bug fixes
  • tcp connection handling improvements and other internal changes

1.4-4

  • bug fixes

1.4-2

  • new filepicker
  • uses less memory
  • loads faster

1.3-2

  • bug fixes
  • better roaming logic

1.2-4

  • Some roaming fixes
  • UI fixes
  • "Static Key" in config dialog might help if connection doesn't start (at all)

1.2-2

  • Roaming logic is removed from UI and daemon handles that now so you can close UI and it should still roam
  • bug fix for routing

1.0-4

  • bug fixes

1.0-2

  • fix for minor bug in roaming
  • less memory used
  • fix for gw not being set with newer openvpn

1.0-1

  • UIs internal logic rewrite
  • Added connection detection
  • Fixed reconnect with openvpn
  • Added restart of connection when changing networks ( wlan <-> mobile )
  • After UI start status of connection is now shown (If connection is/was up). Roaming logic is in UI so changing networks won't work when UI is closed. 

0.9-5

  • ui fixes

0.9-3

  • ui fixes

0.8-5

  • more bug fixes

0.8-4

  • fixes bug: dns forwarding in android apps

0.8-2

  • MicroSD button in filepicker might actually work now ;-)
  • Wait longer for response from openvpn

0.8-1

  • Landscape

0.7-2

  • Bug fixes

0.7-1

  • Small UI improvements
  • Encryption is now used on username and passwords when saved ( light encryption only )

0.6-3

  • Bug fixes

0.6-2

  • Bug fixes
  • You can now execute script with PushUpMenu ( user nemo )

0.6-1

  • Support for username/password
  • Rewrite of everything but UI

0.4-2

  • Minor bug fix

0.4-1

  • Added support for password encrypted keys ( in config )
  • Bug fixes

0.2-3

  • Bug fixes

0.2-2

  • Bug fixes
  • UI improvements

0.1-2 - initial release

Comments

vm5's picture

Ok, thank You.

kaulian's picture

Thanks for the new release and the "autoconnect on data or wifi" nice feature

sebsikora's picture

Hi, problem here, and fix.

(apologies if this appears twice, buggy connection)

- Couldn't connect to Mulvad VPN using SecureFishNet.

- Tried using openvpn from command line - didn't work - couldn't find auto-resolv-conf

- Found this post - https://talk.maemo.org/showthread.php?t=92276 - in which author describes process for setting up connection using openvpn. Points out that once following the steps to copy the resolv updater scripts into the correct location, their filenames may not match those that appear in your VPN config file.

- I checked, mine did not. I edited the file as stated in the post and openvpn connection then worked from command line.

- I reopened SecureFishNet and could now connect in this manner also.

Happy hunting.

korppi's picture

You should NOT use any up/down/resolver-scripts. And config that does not work with openvpn directly is likely to fail(because openvpn is used here too).

You really should remove that resolv-updater from your config because sailfishOS's connectionmanager(=connman) really hates when somebody changes that file(/etc/resolv.conf) and connection sometimes stops working after that. And I mean all connections to anywhere.

But nice that you found temp fix...

sebsikora's picture

Do you mean that the openvpn config should contain no references to the client up and down scripts at all? From a fresh install Openvpn would not connect, with the original paths in it's config. If I simply remove the references, rather than 'correct' them, it should work?

korppi's picture

I mean in context of sailfish or any other system which is controlled by some kind of network manager, in this case connman. You should NOT use any of those scripts which do something to network connection. It is just generally bad idea, but if know what you are doing then...

So just remove or comment out the lines in config unless you absolutely need them. Or something strange might happen... Or not ;-)

caprico's picture

Really great app! Just gave it again a try after it didn't work a couple versions ago. Everything's perfect now :-) Thanks for figuring out the issues. I look forward to use SecureFishNet from now on.

jaekkay's picture

After upgrading to version 1.6-4, the application says it is connected but browser still shows actuall IP instead of VPN IP. It seems routing is not working as it should. 

korppi's picture

Check with 1.6-5. Contains some fixes for that.

cy8aer's picture

This version fixes my route problems too!

jaekkay's picture

Thanks, it is working fine with 1.6-5.

Ingvix's picture

The app says it's connected but when I check my ip from duckduckgo on the browser it gives my own IP. What's the problem?

korppi's picture

Check with 1.6-5. Contains some fixes for that.

Ingvix's picture

Working for me too now.

kaulian's picture

Hi,
Thanks for this application

is there a possibility to start connexion at launch ? or with cmd line ?

i would like to start vpn always when phone use mobile data. i think use situation to monitoring the change of connexion but i dont know how to auto connect to the vpn.

thanks

korppi's picture

No way to use this like that right now, but maybe later as an option in settings page or commandline or something...

xcablex's picture

Hey,

first of all thank you very much for coding a sailfish app!

just installed SecureFishNet. I can't connect to my VPNs. Using the Terminal with "openvpn blabla.ovpn" works fine as long I'm root.

In SecureFishNet I push Start and it switches from Starting to Disconnected immediatly.

Some comments earlier you said "Normal user can't open tun/tap device. Thats why there is daemon handling that (and routing)."

Could there be the problem?

Any idea?

korppi's picture

Test with version 1.6-2.

cy8aer's picture

Tested it with 1.6-2 on 2.0.0.10: No routes built. When starting openvpn by hand as root everything works fine (including v6)

korppi's picture

Can't parse "No routes built."

If you mean you don't see added routes when you execute "route"  that is kind of expected, because routes are in different routing table...

And if you had read description of this app you'd know that ipv6 is not working... So no news there...

cy8aer's picture

Quite simple: If you start openvpn by hand as nemo (not devel-su) you can see the daemon running. In openvpn's stdout you can see that the connection is not established now because you cannot create tun interface. An ip route shows the internet router as default gateway.  There is no tun0 interface. So "no routes built" because missing tun0 and missing tunnel.

If you startup openvpn as root you can see the daemon running. In openvpn's stdout you can see that the connection is established. ip addr shows the default route to your openvpn interface (e.g. some 10.x.x.x address as gateway) and a tun0 interface. Routes built.

Now with Securefishnet:

The openvpn daemon is running. There is no tun0 interface and the default route is the internet router. Looks like openvpn without root and "no routes built" IMHO it is a permission problem.

Sometimes there are two routes (10..x.x.y/31 networks to mask out the default gateway) - > So I wrote "Routes" built.

korppi's picture

Look for p2p5 interface as my app overrides device name for reasons I am not explaining here.

And if you want to look at routes after starting connection just "ip route show table 4" as they are there.

 

And no permission problems... you just don't know what to look for.

cy8aer's picture

hm table 4 no default route into vpn device p2p5 either though set in ui.

korppi's picture

Execute "securefishnet-gui" from commandline as user nemo and start connection and check if the ips that it prints are something they should be.

cy8aer's picture

Ahem, I just upgraded to your version 1.6-3 and it is working again. Thank you for your effords and building this nice tool.

naytsyrhc's picture

I have some problems since some update of openssl that enforces not to use MD5. Exporting OPENSSL_ENABLE_MD5_VERIFY=1 before starting openvpn in terminal works though. So is there a possibility to pass such Environment within your app? And: the UI is slightly misplaced in 1.1.9.28 (i.e. sfos2). Maybe you can fix that?

korppi's picture

You can add environment variables to /etc/systemd/system/OVPNdaemon.service

Environment="LANG=en_US.UTF-8" "OPENSSL_ENABLE_MD5_VERIFY=1"

BUT BE CAREFULL !!!

After changing that (as root):

systemctl daemon-reload

systemctl restart OVPNdaemon

naytsyrhc's picture

That worked perfectly. Thanks!

ronny_b's picture

Hello,

I have tested the version 1.5-1. With this version I get no access to my home network. Unfortunately, there was no change with my problem. I'm first back to 1.4-4. :-(

 

Ronny

korppi's picture

You should reboot after installing new version(1.5-2) as there might be some unwanted leftovers (in routing table) from earlier versions.

Pages