[Christophe Vandeplas]

Good news, as I finally have a working tun driver I can continue my work on a GUI.

The current version is very alpha, but can start/stop an openvpn tunnel and edit the config files on my hero.
Before it's usable I will need to add a notification when the tunnel comes up,
and a way to display the tunnel logfile.

The code will be available here: http://tunneldroid.svn.sourceforge.net/vie...id/tunneldroid/

I will post binaries/packages once I need testers.

[Sponsored Links]

[Chris Cureau]

Very, very, very interested in this! Might be able to help with the coding as well. Contact me if you're interested.

Christophe Vandeplas, on Oct 27 2009, 14:17, said:

Good news, as I finally have a working tun driver I can continue my work on a GUI.

The current version is very alpha, but can start/stop an openvpn tunnel and edit the config files on my hero.
Before it's usable I will need to add a notification when the tunnel comes up,
and a way to display the tunnel logfile.

The code will be available here: http://tunneldroid.svn.sourceforge.net/vie...id/tunneldroid/

I will post binaries/packages once I need testers.

[chefcb_2]

there is another OpenVPN App on Android market named OpenVPN GUI,
it allows you to set the path to your config files and the openvpn binary file.
You can easily start/stop vpns via checkboxes. It's very usefull if you have a few VPN's which shouldn't be open all the time, so that you're in need of start/stop them often.
Some more informations can be found at the Developer's page at http://www.blank-onl...id/openvpn_gui/ but unfortunately only in german...
just have a look at the market, it pays :-)

[cyde]

well, I just tried this new appliation (and no, it wasnt there ages ago).

Using MDC 2.8 Tech kernal 1.3

I can successfully run the openvpn command with my options file perfectly well from the command line (via connectbot).

however this app.... not the best.
I can set the folder that countains me config, This works.
I can set the location of the openvpn binary. This works.
I can set the last characters of my config file. This works. So it now displays my list of various .opvn files I use/tested with.
Show debug tick box. This.. ticks but doesnt work as expected.

When I attempt to connect with a VPN connection using this gui, I get the standard root request, and approve, but it then errors for some reason, and the error box that displays last like 2 secs. or some rediculous short time, not enough to read it.

A good start.

-Randy

[cyde]

okay.. got the newer gui update version 1.1 ( I hope you are reading this).

good to have the ability to turn modprobe off. Thanks!

Got a different error this time with modprobe off. lasted <2secs on screen (you need to change that) but the message was shorter this time. I was able to read it and it said could not find file.

The file it could not find was in my case /sdcard/my3.vpn and while from the gui screen I had selected my3, but in the settings I had set the file extension to .ovpn, hence it correctly populated the GUI, but then the writer has hard coded .vpn into the scripting. he needs to fix that.

Once I copied my3.ovpn to my3.vpn, it worked. or atleast when I checked in connectbot I can see the full route table I expected to. Its midnight so I am to tired to test it all. will do a more in depth test tomorrow.

Also to note, I had to include my password file reference/setting into the .ovpn settings file. there is no where to we are prompted at the GUI for a username/password to use at connect time. while for me its not such an issue, but I think this should be addressed some time in the future.

-Randy

[Christophe Vandeplas]

Hello Everyone,


I have good news, my OpenVPN GUI is ready to be released to a wider test audience.
As explained in a previous post the code is completely opensource, so you can check that I added no backdoors, or you could help fixing bugs by sending patches ;-)

The application can currently:
- Create and edit configurations
- Connect / Disconnect
- View log and share it ( send by email or other means )

Future releases will:
- show the status of the connection, your assigned IP,...
- prompt for username/password instead of including passwordfiles in your configuration


You can find a README and the openvpn binaries (working on the Hero) here:
https://sourceforge....neldroid/files/

(these binaries don't require the ugly symlinks that the others published on Git do need (http://github.com/fr...xternal-openvpn)

TunnelDroid is published on the Android Market.
So just do a simple search for it. This will help you to follow the updates.

Please give feedback if it works/doesn't work on your phone. It works like a charm on my Hero running MoDaCo 2.9 Hero Rom.

[cyde]

hi chris,

Just to advise, I downloaded Tunneldroid from market place and tried it out.

It crashes as it starts. I did a power down/restart to see if a reboot was required. Nope. same problem.

Specs on my hero are: MDC 2.8 Tch kernal 1.3

Error that displays is:

/!\ Sorry!

The application TunnelDroid (process net.sourceforge.tunneldroid) has stopped unexpectedly. Please try again.

~~~~~

The OpenVPN GUI client, is now up to version 1.3 Now works. it no longer has hard coding to the .vpn extension even when not selected. It successfully brings up and down a VPN connection (with the relevant prompts for root).

what I did find lacking is to see the log/status of the VPN connection when I go in/out of range. but you cant have everything.

Good work to both of you.

-Randy

[Christophe Vandeplas]

cyde, on Nov 8 2009, 06:14, said:

It crashes as it starts. I did a power down/restart to see if a reboot was required. Nope. same problem.

This is because your openvpn dir didn't exist on the sdcard.
v0.5 now automagically creates the config-dir
Check the market for update

PS: Two good reasons to use TunnelDroid :-)
1/ I will never add ads in the application
2/ it's completely opensource, so you can check if it doesn't do evil things, and you can help adding new features

I will continue working on new features,
please please report bugs so I can fix them.

This post has been edited by Christophe Vandeplas: 08 November 2009 - 10:27 AM

[cyde]

Tunneldroid it is!

newer version 0.5 I just tried, and it works fine now. dropped my .ovpn files into the require folder, and now I can see it connects and see the log!. just great. running on MDC 2.8. tch 1.3 kernel

As you say, still some things to do, like to show status of the vpn.

If we are adding to wish list, then maybe a icon in the top system tray ( like when data/wireless is running) and some way within the VPN icon to ID data going out/in. (Thats the one thing I miss dislike about the wireless icon, you cant see when traffic is happening, where as mobile data you can).

Greatwork Chris. I will be recommending it to my follow VPN users.

-Randy.

This post has been edited by cyde: 08 November 2009 - 11:44 AM

[Christophe Vandeplas]

cyde, on Nov 8 2009, 13:39, said:

If we are adding to wish list, then maybe a icon in the top system tray ( like when data/wireless is running) and some way within the VPN icon to ID data going out/in. (Thats the one thing I miss dislike about the wireless icon, you cant see when traffic is happening, where as mobile data you can).

Btw, we're already at version 0.6, with a rewrite of the logging-system.
I planned to add a permanent notification in the notification area, just like the music player does.
This should be added in the release of 0.7 if no major bug is reported.

The biggest work to come is the implementation of the user/pass prompt as I will need to plug into the management interface of openvpn. That's more a milestone for v1.0.

Keep on giving feedback and don't forget to rate the app on the market ! ;-)


Cheers

[cyde]

Another error/issue and resulting workaround for this:

System: MDC 2.8 Tch Kernal 1.3
Tunneldroid Version 0.6

Issue:

My .ovpn files has 2 entries for REMOTE parameter. This should allow me to check/attempt VPN connections with the same CERT & credentials to multiple VPN Endpoints. In my case, the first endpoint is my home 10.x.y.z wireless network on my DMZ port of my Firewall system. The second IP is my External internet based IP.

When I run openvpn via connectbot command prompt with this config file in either wireless, or via data plan, it connects and I can VPN into my systems.

However When using tunneldroid, I can successfully connect via home WiFi, but when I try via my dataplan connection, it doesnt connect.

To test this, I made a copy of my .ovpn config file, and then in the copy I only made 1 change, commenting out the first REMOTE entry, so that this .ovpn config will try the internet based address first. This works perfectly. I then disconnect and try the first one (with wifi first then internet 2nd) and it still fails.

In the log (Thanks for that feature Chris), I get the follow entries at the end. (italics information I have commented out for security reasons)

Mon Nov 9 13:48:21 2009 OpenVPN 2.1_rc15 i686-pc-linux-gnu [SSL] [LZO2] [EPOLL] built on Sep 15 2009
..... [stuff in between removed]
Mon Nov 9 13:48:50 2009 Data Channel Encrypt: Cipher blah blah blah
Mon Nov 9 13:48:50 2009 Data Channel Encrypt: Using blah blah blah
Mon Nov 9 13:48:50 2009 Data Channel Decrypt: Cipher blah blah blah
Mon Nov 9 13:48:50 2009 Data Channel Decrypt: Using blah blah blah
Mon Nov 9 13:48:50 2009 Control Channel: TLSv1, cipher blah blah blah
Mon Nov 9 13:48:50 2009 [ASTARO-MACHINE-NAME] Peer Connection Initiated with WW.XX.YY.ZZ:443
Mon Nov 9 13:48:51 2009 SENT CONTROL [ASTARO-MACHINE-NAME]: 'PUSH_REQUEST' (status=1)
Mon Nov 9 13:48:51 2009 event_wait : Interrupted system call (code=4)
Mon Nov 9 13:48:51 2009 TCP/UDP: Closing socket
Mon Nov 9 13:48:51 2009 SIGTERM[hard,] received, process exiting

Now based on the start and end time, I see 30 seconds, so I am guessing that Chris has a hard coded 30 second time out. Might be good to know, and to advise only 1 REMOTE option per config. Or a change to the code to fix this.

This post has been edited by cyde: 09 November 2009 - 03:08 AM

[Christophe Vandeplas]

cyde, on Nov 9 2009, 05:02, said:

To test this, I made a copy of my .ovpn config file, and then in the copy I only made 1 change, commenting out the first REMOTE entry, so that this .ovpn config will try the internet based address first. This works perfectly. I then disconnect and try the first one (with wifi first then internet 2nd) and it still fails.
...
Now based on the start and end time, I see 30 seconds, so I am guessing that Chris has a hard coded 30 second time out. Might be good to know, and to advise only 1 REMOTE option per config. Or a change to the code to fix this.

Your assumptions are correct. Check line 94 to 126 of the source
The timeout is set on 30 seconds.

Openvpn might, for whatever reasons, not be able to connect. I need to have a way to stop openvpn if it can't connect as it will otherwise continue. Do you have any other ideas to solve this issue? Maybe show a prompt to ask the user if he still wants to try?

[cyde]

Christophe Vandeplas, on Nov 10 2009, 03:58, said:

Your assumptions are correct. Check line 94 to 126 of the source
The timeout is set on 30 seconds.

Openvpn might, for whatever reasons, not be able to connect. I need to have a way to stop openvpn if it can't connect as it will otherwise continue. Do you have any other ideas to solve this issue? Maybe show a prompt to ask the user if he still wants to try?

hmmm.

Maybe prior to connecting, the file is parsed for for all uncommented REMOTE entries and 30 seconds (which is a good figure) is allocated per entry. This should time it right.

-Randy

[Christophe Vandeplas]

cyde, on Nov 9 2009, 20:18, said:

Maybe prior to connecting, the file is parsed for for all uncommented REMOTE entries and 30 seconds (which is a good figure) is allocated per entry. This should time it right.

I am currently working on the support of an username and password prompt (well, in fact it's a kind of management socket).
As this will take place in the same code as the timeout thing that is currently implemented, and as that part will be completely refactored I will delay this feature request until the basics of the user/pass prompt is implemented.

For those interested, here's the document explaining the features of the openvpn management socket: http://pastebin.ch/4660

As you can expect this will take more than a few days to implement. (as I'm not a professional programmer and code this in my free time)

I already implemented the tunnel-active notification, I'll upload a minor release to the market for that feature.

[cyde]

Chris,

Gotta say that the bells and whistles are now coming out.

Nice new features you have with 0.6.2,such as the tunnel Icon on the status bar tray. as well as the "ongoing" feature in the drag down notification area.

Gotta say I am now getting way impressed with this.

Keep up the good work.

-Randy

[gascharlie65]

I have an HTC Tattoo with donut and I could not find in the market your application. Is it only for Android 1.5?

Christophe Vandeplas, on Nov 7 2009, 21:50, said:

Hello Everyone,


I have good news, my OpenVPN GUI is ready to be released to a wider test audience.
As explained in a previous post the code is completely opensource, so you can check that I added no backdoors, or you could help fixing bugs by sending patches ;-)

The application can currently:
- Create and edit configurations
- Connect / Disconnect
- View log and share it ( send by email or other means )

Future releases will:
- show the status of the connection, your assigned IP,...
- prompt for username/password instead of including passwordfiles in your configuration


You can find a README and the openvpn binaries (working on the Hero) here:
https://sourceforge....neldroid/files/

(these binaries don't require the ugly symlinks that the others published on Git do need (http://github.com/fr...xternal-openvpn)

TunnelDroid is published on the Android Market.
So just do a simple search for it. This will help you to follow the updates.

Please give feedback if it works/doesn't work on your phone. It works like a charm on my Hero running MoDaCo 2.9 Hero Rom.

[cyde]

if you cant find it in the market place try the QR barcode for it. (you do have Barcode scanner don't you?)

TunnelDroid QR

Thanks to Androlib.com

-R

[gascharlie65]

I am afraid not, but usually when I cannot find in the market an app that is available for other android versions, it means that it does not work on the mine...

[Christophe Vandeplas]

gascharlie65, on Nov 11 2009, 11:28, said:

I have an HTC Tattoo with donut and I could not find in the market your application. Is it only for Android 1.5?

From what I read your phone should support TunnelDroid.
The requirements re min-sdk = 3 , this means it's for SDKv1.5 or newer.
This post kinda confirms what I think: http://www.mail-archive.com/android-beginn...m/msg15715.html

[bukington]

Hi Chris,

Thanks for your application. It seems to work well on my Galaxy except that I use bridge networking and thus, the tap device instead of tun.
I saw in your source code that you're looking for /sys/class/net/tun0. In my case, that's /sys/class/net/tap0 that shows up.
This result in a timeout and the connection is closed despite the fact that the tunnel is fine.

Can you make a fix for this ?

Thanks

[Sponsored Links]