From 7213d53eecaa486611ec5e10aeed074470dd8e9f Mon Sep 17 00:00:00 2001 From: Daniel Gonzalez Gasull Date: Sat, 28 Jul 2018 11:17:23 +0800 Subject: [PATCH] Fix auto-VPN `nm-online` doesn't seem reliable and many times it didn't work, and piping it to `systemd-cat` would log a small binary blob. The new method has worked for me 100% of the time. Also fixing weirdly indented comment in bash script. --- configuration/vpn.md | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/configuration/vpn.md b/configuration/vpn.md index fe4bebe6..4eaabbf7 100644 --- a/configuration/vpn.md +++ b/configuration/vpn.md @@ -56,8 +56,11 @@ Set up a ProxyVM as a VPN gateway using NetworkManager ```bash # Automatically connect to the VPN once Internet is up - nm-online --quiet --wait-for-startup - nmcli connection up file-vpn-conn passwd-file /rw/config/NM-system-connections/secrets/passwd-file.txt + while ! ping -c 1 -W 1.1.1.1; do + sleep 1 + done + PWDFILE="/rw/config/NM-system-connections/secrets/passwd-file.txt" + nmcli connection up file-vpn-conn passwd-file $PWDFILE ``` You can find the actual "file-vpn-conn" in `/rw/config/NM-system-connections/`. @@ -73,8 +76,8 @@ Set up a ProxyVM as a VPN gateway using NetworkManager Edit `/rw/config/qubes-firewall-user-script` and add these lines: ```bash - # Block forwarding of connections through upstream network device - # (in case the vpn tunnel breaks): + # Block forwarding of connections through upstream network device + # (in case the vpn tunnel breaks) iptables -I FORWARD -o eth0 -j DROP iptables -I FORWARD -i eth0 -j DROP ```