SecureFishNet
SecureFishNet is OpenVPN client manager for
Sailfish. You can manage openvpn connection with it. It requires
Openvpn and that will be downloaded from repository. (If not you can
do it with “pkcon install openvpn”).
You need normal openvpn configuration file.
This package contains daemon and securefishnet-gui.
PushUpMenu:
- “flush”. In case of something broke routing and network does not work.
This reverses every change this program made to routing. If network still does not work after this, reboot is your friend.
IPv6 does not work correctly.
Category:
Application versions:
Changelog:
2.2-1
- bug fixes ( on connection handling etc.)
- changes underneath to fix issues
2.1-17
- bug fixes + aarch64 version
2.1-15
- fix for bug introduced by last version
2.1-14
- small timing and dns related bugs fixed
2.1-12
- routing fix for android 8 container
- packaging fix
- jollas systemctl changed location in system so minor fix for some of the functionality
2.1-11
- Fixes for 3.1.0.11
2.1-9
- Dns is not always ready instantly so add small delay
2.1-8
- fix for bug in compat mode/static Key handling
2.1-7
- Fix for various DNS and routing related issues
2.1-5
- Fix for changes in SFOS 2.2.1.18 ( UI opened twice because of the way autostart was made (used when VPN is selected to start at boot) )
2.1-4
- fixes for 2.2.0.29
- fix for default gateway not persistent in connection change
2.1-2
- fixes for 2.1.1.26 (not tested with earlier OS versions)
2.0-7
- bug fixes
- ui tweaks
- connection changing logic improved
2.0-5
- bug fixes
- ui tweaks
- more than 3 connections or conffiles
- rewrite of connection changing logic ( again )
1.9-5
- bug fixes
1.9-2
- lots of new features (check config page)
- rewrite of connection changing logic ( only tested with SFOS 2.0.1.7 )
1.6-5
- fixed bug with routing not always working as it should
1.6-4
- bug fixes
1.6-3
- bug fixes
1.6-2
- Lots of minor tweaks
- UI fixes
- more icon sizes = bigger rpm...
- i486 build (not tested on real device but runs fine on emulator)
1.5-4
- and more old bugs fixed... huh...
1.5-3
- more bug fixes
1.5-2
- bug fixes
- You should reboot AFTER installing this as there might be some unwanted leftovers (in routing table) from earlier versions.
1.5-1
- bug fixes
- tcp connection handling improvements and other internal changes
1.4-4
- bug fixes
1.4-2
- new filepicker
- uses less memory
- loads faster
1.3-2
- bug fixes
- better roaming logic
1.2-4
- Some roaming fixes
- UI fixes
- "Static Key" in config dialog might help if connection doesn't start (at all)
1.2-2
- Roaming logic is removed from UI and daemon handles that now so you can close UI and it should still roam
- bug fix for routing
1.0-4
- bug fixes
1.0-2
- fix for minor bug in roaming
- less memory used
- fix for gw not being set with newer openvpn
1.0-1
- UIs internal logic rewrite
- Added connection detection
- Fixed reconnect with openvpn
- Added restart of connection when changing networks ( wlan <-> mobile )
- After UI start status of connection is now shown (If connection is/was up). Roaming logic is in UI so changing networks won't work when UI is closed.
0.9-5
- ui fixes
0.9-3
- ui fixes
0.8-5
- more bug fixes
0.8-4
- fixes bug: dns forwarding in android apps
0.8-2
- MicroSD button in filepicker might actually work now ;-)
- Wait longer for response from openvpn
0.8-1
- Landscape
0.7-2
- Bug fixes
0.7-1
- Small UI improvements
- Encryption is now used on username and passwords when saved ( light encryption only )
0.6-3
- Bug fixes
0.6-2
- Bug fixes
- You can now execute script with PushUpMenu ( user nemo )
0.6-1
- Support for username/password
- Rewrite of everything but UI
0.4-2
- Minor bug fix
0.4-1
- Added support for password encrypted keys ( in config )
- Bug fixes
0.2-3
- Bug fixes
0.2-2
- Bug fixes
- UI improvements
0.1-2 - initial release
Comments
vm5
Tue, 2016/06/28 - 23:07
Permalink
Ok, thank You.
kaulian
Tue, 2016/04/12 - 13:14
Permalink
Thanks for the new release and the "autoconnect on data or wifi" nice feature
sebsikora
Tue, 2016/01/12 - 03:31
Permalink
Hi, problem here, and fix.
(apologies if this appears twice, buggy connection)
- Couldn't connect to Mulvad VPN using SecureFishNet.
- Tried using openvpn from command line - didn't work - couldn't find auto-resolv-conf
- Found this post - https://talk.maemo.org/showthread.php?t=92276 - in which author describes process for setting up connection using openvpn. Points out that once following the steps to copy the resolv updater scripts into the correct location, their filenames may not match those that appear in your VPN config file.
- I checked, mine did not. I edited the file as stated in the post and openvpn connection then worked from command line.
- I reopened SecureFishNet and could now connect in this manner also.
Happy hunting.
korppi
Mon, 2016/01/18 - 12:19
Permalink
You should NOT use any up/down/resolver-scripts. And config that does not work with openvpn directly is likely to fail(because openvpn is used here too).
You really should remove that resolv-updater from your config because sailfishOS's connectionmanager(=connman) really hates when somebody changes that file(/etc/resolv.conf) and connection sometimes stops working after that. And I mean all connections to anywhere.
But nice that you found temp fix...
sebsikora
Mon, 2016/01/25 - 22:21
Permalink
Do you mean that the openvpn config should contain no references to the client up and down scripts at all? From a fresh install Openvpn would not connect, with the original paths in it's config. If I simply remove the references, rather than 'correct' them, it should work?
korppi
Sat, 2016/01/30 - 13:39
Permalink
I mean in context of sailfish or any other system which is controlled by some kind of network manager, in this case connman. You should NOT use any of those scripts which do something to network connection. It is just generally bad idea, but if know what you are doing then...
So just remove or comment out the lines in config unless you absolutely need them. Or something strange might happen... Or not ;-)
caprico
Wed, 2015/11/18 - 02:26
Permalink
Really great app! Just gave it again a try after it didn't work a couple versions ago. Everything's perfect now :-) Thanks for figuring out the issues. I look forward to use SecureFishNet from now on.
jaekkay
Sun, 2015/11/15 - 22:12
Permalink
After upgrading to version 1.6-4, the application says it is connected but browser still shows actuall IP instead of VPN IP. It seems routing is not working as it should.
korppi
Mon, 2015/11/16 - 09:44
Permalink
Check with 1.6-5. Contains some fixes for that.
cy8aer
Tue, 2015/11/17 - 09:35
Permalink
This version fixes my route problems too!
jaekkay
Mon, 2015/11/16 - 11:48
Permalink
Thanks, it is working fine with 1.6-5.
Ingvix
Fri, 2015/11/13 - 01:29
Permalink
The app says it's connected but when I check my ip from duckduckgo on the browser it gives my own IP. What's the problem?
korppi
Mon, 2015/11/16 - 09:45
Permalink
Check with 1.6-5. Contains some fixes for that.
Ingvix
Tue, 2015/11/17 - 12:13
Permalink
Working for me too now.
kaulian
Sun, 2015/11/08 - 13:58
Permalink
Hi,
Thanks for this application
is there a possibility to start connexion at launch ? or with cmd line ?
i would like to start vpn always when phone use mobile data. i think use situation to monitoring the change of connexion but i dont know how to auto connect to the vpn.
thanks
korppi
Wed, 2015/11/11 - 13:28
Permalink
No way to use this like that right now, but maybe later as an option in settings page or commandline or something...
xcablex
Wed, 2015/10/21 - 16:57
Permalink
Hey,
first of all thank you very much for coding a sailfish app!
just installed SecureFishNet. I can't connect to my VPNs. Using the Terminal with "openvpn blabla.ovpn" works fine as long I'm root.
In SecureFishNet I push Start and it switches from Starting to Disconnected immediatly.
Some comments earlier you said "Normal user can't open tun/tap device. Thats why there is daemon handling that (and routing)."
Could there be the problem?
Any idea?
korppi
Thu, 2015/10/22 - 17:00
Permalink
Test with version 1.6-2.
cy8aer
Wed, 2015/10/28 - 10:12
Permalink
Tested it with 1.6-2 on 2.0.0.10: No routes built. When starting openvpn by hand as root everything works fine (including v6)
korppi
Wed, 2015/10/28 - 10:31
Permalink
Can't parse "No routes built."
If you mean you don't see added routes when you execute "route" that is kind of expected, because routes are in different routing table...
And if you had read description of this app you'd know that ipv6 is not working... So no news there...
cy8aer
Wed, 2015/10/28 - 14:13
Permalink
Quite simple: If you start openvpn by hand as nemo (not devel-su) you can see the daemon running. In openvpn's stdout you can see that the connection is not established now because you cannot create tun interface. An ip route shows the internet router as default gateway. There is no tun0 interface. So "no routes built" because missing tun0 and missing tunnel.
If you startup openvpn as root you can see the daemon running. In openvpn's stdout you can see that the connection is established. ip addr shows the default route to your openvpn interface (e.g. some 10.x.x.x address as gateway) and a tun0 interface. Routes built.
Now with Securefishnet:
The openvpn daemon is running. There is no tun0 interface and the default route is the internet router. Looks like openvpn without root and "no routes built" IMHO it is a permission problem.
Sometimes there are two routes (10..x.x.y/31 networks to mask out the default gateway) - > So I wrote "Routes" built.
korppi
Wed, 2015/10/28 - 14:26
Permalink
Look for p2p5 interface as my app overrides device name for reasons I am not explaining here.
And if you want to look at routes after starting connection just "ip route show table 4" as they are there.
And no permission problems... you just don't know what to look for.
cy8aer
Wed, 2015/10/28 - 16:01
Permalink
hm table 4 no default route into vpn device p2p5 either though set in ui.
korppi
Wed, 2015/10/28 - 17:25
Permalink
Execute "securefishnet-gui" from commandline as user nemo and start connection and check if the ips that it prints are something they should be.
cy8aer
Wed, 2015/10/28 - 21:56
Permalink
Ahem, I just upgraded to your version 1.6-3 and it is working again. Thank you for your effords and building this nice tool.
naytsyrhc
Thu, 2015/10/08 - 23:46
Permalink
I have some problems since some update of openssl that enforces not to use MD5. Exporting OPENSSL_ENABLE_MD5_VERIFY=1 before starting openvpn in terminal works though. So is there a possibility to pass such Environment within your app? And: the UI is slightly misplaced in 1.1.9.28 (i.e. sfos2). Maybe you can fix that?
korppi
Fri, 2015/10/09 - 11:26
Permalink
You can add environment variables to /etc/systemd/system/OVPNdaemon.service
Environment="LANG=en_US.UTF-8" "OPENSSL_ENABLE_MD5_VERIFY=1"
BUT BE CAREFULL !!!
After changing that (as root):
systemctl daemon-reload
systemctl restart OVPNdaemon
naytsyrhc
Sat, 2015/10/10 - 22:33
Permalink
That worked perfectly. Thanks!
ronny_b
Mon, 2015/08/24 - 20:34
Permalink
Hello,
I have tested the version 1.5-1. With this version I get no access to my home network. Unfortunately, there was no change with my problem. I'm first back to 1.4-4. :-(
Ronny
korppi
Tue, 2015/08/25 - 10:02
Permalink
You should reboot after installing new version(1.5-2) as there might be some unwanted leftovers (in routing table) from earlier versions.
Pages