SecureFishNet

Rating: 
4.85366
Your rating: None Average: 4.9 (41 votes)

SecureFishNet is OpenVPN client manager for
Sailfish. You can manage openvpn connection with it. It requires
Openvpn and that will be downloaded from repository. (If not you can
do it with “pkcon install openvpn”).

You need normal openvpn configuration file.

This package contains daemon and securefishnet-gui.

PushUpMenu:

- “flush”. In case of something broke routing and network does not work.

This reverses every change this program made to routing. If network still does not work after this, reboot is your friend.

 

IPv6 does not work.

 

 

 

Application versions: 
AttachmentSizeDate
File securefishnet-1.5-3.armv7hl.rpm78.1 KB26/08/2015 - 13:12
File securefishnet-1.5-4.armv7hl.rpm77.79 KB26/08/2015 - 20:14
File securefishnet-1.6-2.armv7hl.rpm111.93 KB22/10/2015 - 16:57
File securefishnet-1.6-2.i486.rpm120.59 KB22/10/2015 - 17:35
File securefishnet-1.6-3.armv7hl.rpm112.33 KB28/10/2015 - 17:26
File securefishnet-1.6-3.i486.rpm120.95 KB28/10/2015 - 18:21
File securefishnet-1.6-4.armv7hl.rpm112.34 KB11/11/2015 - 13:10
File securefishnet-1.6-4.i486.rpm120.94 KB11/11/2015 - 13:10
File securefishnet-1.6-5.armv7hl.rpm112.38 KB16/11/2015 - 09:42
File securefishnet-1.6-5.i486.rpm120.93 KB16/11/2015 - 09:42
File securefishnet-1.9-2.armv7hl.rpm139.88 KB10/04/2016 - 20:56
File securefishnet-1.9-2.i486.rpm151.24 KB10/04/2016 - 20:56
File securefishnet-1.9-5.armv7hl.rpm140.77 KB12/05/2016 - 15:02
File securefishnet-1.9-5.i486.rpm151.47 KB12/05/2016 - 15:02
File securefishnet-2.0-5.i486.rpm150.52 KB20/09/2016 - 16:11
File securefishnet-2.0-5.armv7hl.rpm138.31 KB20/09/2016 - 16:11
File securefishnet-2.0-7.armv7hl.rpm139.05 KB20/10/2016 - 14:01
File securefishnet-2.0-7.i486.rpm151.95 KB20/10/2016 - 14:01
File securefishnet-2.1-2.armv7hl.rpm139.59 KB30/08/2017 - 17:03
File securefishnet-2.1-2.i486.rpm151.33 KB30/08/2017 - 17:03
File securefishnet-2.1-4.armv7hl.rpm144.66 KB17/06/2018 - 12:35
File securefishnet-2.1-4.i486.rpm156.96 KB17/06/2018 - 12:35
File securefishnet-2.1-5.armv7hl.rpm144.81 KB12/09/2018 - 20:32
File securefishnet-2.1-5.i486.rpm157.23 KB12/09/2018 - 20:32
File securefishnet-2.1-7.armv7hl.rpm146.15 KB22/01/2019 - 12:28
File securefishnet-2.1-7.i486.rpm157.54 KB22/01/2019 - 12:28
File securefishnet-2.1-8.armv7hl.rpm146.13 KB28/01/2019 - 18:57
File securefishnet-2.1-8.i486.rpm157.3 KB28/01/2019 - 18:57
File securefishnet-2.1-9.armv7hl.rpm145.94 KB08/03/2019 - 11:38
File securefishnet-2.1-9.i486.rpm157.26 KB08/03/2019 - 11:38
File securefishnet-2.1-11.armv7hl.rpm147.17 KB08/08/2019 - 14:12
File securefishnet-2.1-11.i486.rpm159.11 KB08/08/2019 - 14:12
Changelog: 

2.1-11

  • Fixes for 3.1.0.11

2.1-9

  • Dns is not always ready instantly so add small delay

2.1-8

  • fix for bug in compat mode/static Key handling

2.1-7

  • Fix for various DNS and routing related issues

2.1-5

  • Fix for changes in SFOS 2.2.1.18 ( UI opened twice because of the way autostart was made (used when VPN is selected to start at boot) )

2.1-4

  • fixes for 2.2.0.29
  • fix for default gateway not persistent in connection change

2.1-2

  • fixes for 2.1.1.26 (not tested with earlier OS versions)

2.0-7

  • bug fixes
  • ui tweaks
  • connection changing logic improved

2.0-5

  • bug fixes
  • ui tweaks
  • more than 3 connections or conffiles
  • rewrite of connection changing logic ( again )

1.9-5

  • bug fixes

1.9-2

  • lots of new features (check config page)
  • rewrite of connection changing logic ( only tested with SFOS 2.0.1.7 )

1.6-5

  • fixed bug with routing not always working as it should

1.6-4

  • bug fixes

1.6-3

  • bug fixes

1.6-2

  • Lots of minor tweaks
  • UI fixes
  • more icon sizes = bigger rpm...
  • i486 build (not tested on real device but runs fine on emulator)

1.5-4

  • and more old bugs fixed... huh...

1.5-3

  • more bug fixes

1.5-2

  • bug fixes
  • You should reboot AFTER installing this as there might be some unwanted leftovers (in routing table) from earlier versions.

1.5-1

  • bug fixes
  • tcp connection handling improvements and other internal changes

1.4-4

  • bug fixes

1.4-2

  • new filepicker
  • uses less memory
  • loads faster

1.3-2

  • bug fixes
  • better roaming logic

1.2-4

  • Some roaming fixes
  • UI fixes
  • "Static Key" in config dialog might help if connection doesn't start (at all)

1.2-2

  • Roaming logic is removed from UI and daemon handles that now so you can close UI and it should still roam
  • bug fix for routing

1.0-4

  • bug fixes

1.0-2

  • fix for minor bug in roaming
  • less memory used
  • fix for gw not being set with newer openvpn

1.0-1

  • UIs internal logic rewrite
  • Added connection detection
  • Fixed reconnect with openvpn
  • Added restart of connection when changing networks ( wlan <-> mobile )
  • After UI start status of connection is now shown (If connection is/was up). Roaming logic is in UI so changing networks won't work when UI is closed. 

0.9-5

  • ui fixes

0.9-3

  • ui fixes

0.8-5

  • more bug fixes

0.8-4

  • fixes bug: dns forwarding in android apps

0.8-2

  • MicroSD button in filepicker might actually work now ;-)
  • Wait longer for response from openvpn

0.8-1

  • Landscape

0.7-2

  • Bug fixes

0.7-1

  • Small UI improvements
  • Encryption is now used on username and passwords when saved ( light encryption only )

0.6-3

  • Bug fixes

0.6-2

  • Bug fixes
  • You can now execute script with PushUpMenu ( user nemo )

0.6-1

  • Support for username/password
  • Rewrite of everything but UI

0.4-2

  • Minor bug fix

0.4-1

  • Added support for password encrypted keys ( in config )
  • Bug fixes

0.2-3

  • Bug fixes

0.2-2

  • Bug fixes
  • UI improvements

0.1-2 - initial release

Comments

GuSec's picture

Can't get it to work, it never connects. Strangely enough, it works perfectly through openvpn via the command-line. How do I troubleshoot this?

korppi's picture

Cert and keys in config need to be with full path (something like /home/nemo/cert.crt ). If those are ok you could send me that config file, just remove all the info you don't want to give me. Or you could, if you are familiar with systemd, check logs of OVPNdaemon.service.

GuSec's picture

Thank you, it now works like a charm!

I didn't realize the application needed full paths since relative paths have always worked in OpenVPN configs for me before; it wasn't obvious to me at all that this was the problem.

rob_k's picture

It works, and far easier than I expected!

The original description on TMO about setting up OpenVPN didn't work, and I was a little put off by all the config files, certs etc. But SecureFishNet worked like a dream. What I did - maybe handy for others who are (like me) no linux die-hards:
Went to VPN Gate, http://www.vpngate.net/en/
Downloaded the two .ovpn files for udp and tcp (udp is preferred, tcp will work when udp won't), copied them to my Jolla in /home/nemo. (I use Bitvise to connect via SSH, it provides an SFTP window)
Chose "New connection", pointed one of the files, Username vpn, no passwords, and it works.

Thank you korppi!

inte's picture

I expierenced some funny behavior.

One config (using certs) works just fine, while another config (using private key) doesn't work at all, while both work on the command line.

I can't figure out if and to where SecureFishNet is loggin (not to syslog obviously).

I tried starting SecureFishNet from the command line where it displays a "connection refused" error for the buggy connection. Nothing is displayed for the working connection.

The exact error message is:

[D] VpnExec::read_status:126 - Error:  "Connection refused"

As mentioned above, this config works just fine (when executed as root) on the commandline. I also checked the file access rights to config and key file which are all the same as for the other connection that works in SecureFishNet. Is there a way to increase verbosity or do you have any idea which could cause this behaviour?

Thanks!!

EDIT:

Just changed the not-working-by-now (key-based) connection to cert-authentification, and now it works fine as well. Maybe SecureFishnet has problems with key-based connections?

korppi's picture

Securefishnet just passes config file to openvpn's command line and does not try to understand it...

That error message comes when the gui tries to connect to openvpn's management port and openvpn is refusing. That has never happened to me. It's maybe timeout thing or...

Well I will release next version to fix minor things soon anyway so I'll increase the timeout and lets start with that.

inte's picture

According to https://openvpn.net/index.php/open-source/documentation/miscellaneous/79-management-interface.html

"The static protocol differs from the dynamic protocol in that the challenge question and response field is given to the user in the initial username/password dialog, and the username, password, and response are delivered back to the server in a single transaction."

I think your interface can probably not handle that properly yet.

korppi's picture

Well from error message it does not get anywhere near to the point where something could get handled and openvpn just stops responding... So I am thinking that some switches are missing from commandline or something like that. Right now I have no way of testing that and no time do yet another server config... But I'll put that on my TODO list.

inte's picture

Don't worry. it's working for me now (as I wrote in my initial post). I discarded my static config already anyways.

It was just a guess that maybe your script couldn't handle the static reply and therefore timed out. Thanks for your work!

korppi's picture

If you can give me the server config that is not working, that would help. Just remove all ip:s and info you don't like to give. I don't like bugs in my programs ;-).

asys3's picture

Great work - works like a charm.
But the configured connection doesn't survive a restart of the app.
So When I stop the connection and quit the app by swipe down -after a restart the main view is empty.
My configured connection isn't preserved.
Seems to be that I'm the only person having this issue otherwise someone should it posted it here already.
I'm using 0.6-1 and 1.0.5.16.
asys3

korppi's picture

Try new version.

naytsyrhc's picture

I was wondering if you could add option to add custom scripts before and after establishing connection. So one could e.g. do some automated tasks. In my case it would help me, because my vpn needs a knock on the door in order to open firewall.

korppi's picture

If executing script as user nemo is enough, I can put that in next version. But not sure about automated part yet.

naytsyrhc's picture

yeah. this would be sufficient and awesome. BTW, the latest update now shows two options after establishing connection: 'Add default gw' and 'update dns'. However, I can't selext/activate any of them and my manual update for resolv.conf is still needed.

korppi's picture

This should be fixed.

And script option added to push up menu. Not tested. Please report if working or not.

Script should be named as it says in push up menu.

naytsyrhc's picture

DNS works fine now. Script execution works as well. Allthough you can't see result/end of script. But nevertheless really great now already. Thank you very much.

Ray_Ven's picture

hmm - won't work. Key etc is in same directory... Do I have to set something special somewhere?

red aboutthe path right now... will look into that

 

Yaaaaay!!! Wooohoooo!!! VPN!!!!

Manankanchu's picture

Hi,

- do I have to copy ca.crt to a certain path ?

- any chance to get a version where I can enter username/password in GUI ?

Matthias

 

korppi's picture

Certs and keys need full path in config file.

Username/password thing is in todolist... But I have to do other things before it...

Manankanchu's picture

Thanks for your help - entered full paths and set up username/password file

Login into SwissVPN and surfing the VPN works perfectly !!!

Thanks for a great App !!!

    Matthias

Ray_Ven's picture

I'm testing it atm (4.2). Another question though: is this FOSS (Free open source software)

Thank you for the quick work though! Really awesome!

Ray_Ven's picture

IMHO OpenVPN should be open - especially for security reasons :-)

I'd love to donate for an free jolla openvpn client

korppi's picture

Sorry for not replying to this. Yes I can understand your worry. And I have no problems in releasing the code later. It is just not made in a way that I am happy with it right now. This is my first little app that I have released ever. And the source is full of my experiments that are not compiled in the version I made just for the users of SailfishOs.

OpenVPN it self is downloaded from default repos configured in SailfishOs. I have nothing to do with it. I ask package manager to get it put nothing else. My program just passes configfiles name and some needed switches to openvpn program and parses its responses. And puts routes little differently from default openvpn style because Sailfishs connection manager is pain in hmm... Is fast to replace default route ;-)

Feathers_McGraw's picture

Hi,

Any update on this? I'd be curious to see what you've done so that I can learn from it. I understand how you feel about releasing your code (I felt the same about my projects at first) but I think people are more likely to just be grateful for the source than they are to judge you for messy code or whatever. You may also find that you get some useful contributions from people!

Thanks

korppi's picture

Sorry no updates on releasing source...

It's beyond messy code as this was my first app on any platform with Qt and QML.

But the goal always was releasing the source and I hope that I get there some day.

naytsyrhc's picture

Great work! Thanks for the effort. I got it configured and it connects with a charm. Unfortunately that's it. It's just connected but afterwards I don't have  access to servers within VPN because DNS does not work. Somehow the routing and DNS configs provided by OpenVPN-Server are not considered. Do you have some ideas on how to investigate that further? As a side-note: I use exactly the same config I used on my N9 (meego harmattan) and I had no problems with it.

Info: using latest 0.2.3 versions

korppi's picture

Try version 0.4-1.

naytsyrhc's picture

Thanks for the update (updated to 0.4.2). Unfortunately it still doesn't seem to work. In your description of the app you wrote "(Only if you click switch about DNS...)", but I can not find any such switch. Where is it?

After connection I checked my /etc/resolv.conf and it still had the default nameserver entries (i.e. 127.0.0.1 for IPV4 an ::1 for IPV6). Any suggestion?

korppi's picture

Does it say SUCCESS,[some ip address],[some ip address] after busy indicator ?

And have you fixed path of keys and certs  something like "/home/nemo/client.key" in openvpn config file ?

Pages