Commit Graph

37 Commits

Author SHA1 Message Date
Daniel Gonzalez Gasull
7213d53eec Fix auto-VPN
`nm-online` doesn't seem reliable and many times it didn't work, and
piping it to `systemd-cat` would log a small binary blob. The new method
has worked for me 100% of the time.

Also fixing weirdly indented comment in bash script.
2018-07-28 11:20:37 +08:00
Andrew David Wong
4d378b3c4f
Merge branch 'patch-1' of https://github.com/gasull/qubes-doc into gasull-patch-1 2018-07-20 20:15:52 -05:00
Daniel Gonzalez Gasull
ac58fb4c9b
Use nm-online 2018-07-02 15:55:53 +08:00
Christopher Laprise
c0f0fb01a6
Add IPv6 failsafe 2018-07-01 16:57:45 -04:00
Daniel Gonzalez Gasull
82b14042de
Update vpn.md 2018-06-30 09:02:42 +08:00
Daniel Gonzalez Gasull
349f9ba7e1
Add troubleshooting for race condition on step 4 2018-06-28 15:39:31 +08:00
Daniel Gonzalez Gasull
045e4c7d3e
Make it clear that the 2 new steps are optional 2018-06-26 18:37:28 +08:00
Daniel Gonzalez Gasull
7811443006
NM: start VPN automatically, fail-close
When configuring with NetworkManager, make VPN start automatically and fail-close the connection.
2018-06-26 18:29:55 +08:00
pierwill
dbb790331b fix typo in vpn guide 2018-03-01 22:02:44 -06:00
Andrew David Wong
b41c8bf4ac
Fix formatting
https://github.com/QubesOS/qubes-doc/pull/544
2018-01-30 20:41:56 -06:00
Patrick Schleizer
9db21775d3
remove trailing spaces 2018-01-29 14:10:53 +01:00
Patrick Schleizer
15bf72edad
fixes 2018-01-28 19:26:35 +01:00
Patrick Schleizer
75a7a003c5
fix duplicate
"For OpenVPN."
2018-01-28 19:23:24 +01:00
Patrick Schleizer
5fd8389c73
fix 2018-01-25 22:52:47 +00:00
Patrick Schleizer
56774d73eb
fix 2018-01-25 22:50:43 +00:00
Patrick Schleizer
8e9982cf08
fix 2018-01-25 22:46:24 +00:00
Patrick Schleizer
13d7375ff2
formatting and rewording enhancements 2018-01-25 21:11:34 +00:00
Andrew David Wong
3ca3f1f1a6
Minor grammar fix 2017-04-02 21:01:17 -07:00
stubbybubby
a94bdbd27f Fixed a typo in first paragraph. 2017-04-02 10:19:38 -07:00
stubbybubby
66c32bc8d7 Small edits to vpn.md
A few new or revised sentences in the goal of accuracy. Also fixed some grammar issues and simplified some roundabout phrases.
2017-04-01 12:09:04 -07:00
Andrew David Wong
fa46feae1e
Revise for clarity, terminology, and orthography 2017-01-11 19:50:31 -08:00
unman
d95582f62b Add support for updates proxy in VPN doc
QubesOS/Qubes-issues#2383
2017-01-12 01:38:02 +00:00
Andrew David Wong
f32bf85689
Fix table of contents (QubesOS/qubes-issues#1941) 2016-09-24 13:12:37 -07:00
Andrew David Wong
fbbe139432
Fix code block and image
QubesOS/qubes-issues#2317
2016-09-17 02:49:39 -07:00
ttasket
abfdb29393 Update vpn.md
Elaborate note about NM, and fix paths in step 3.
2016-09-16 07:30:30 -04:00
ttasket
93f0211f61 Update vpn.md
* Scripts and text mention openvpn only in the context of examples.
* Firewall commands slightly tweaked: Important blocking rules move to top. Removed superfluous check for qvpn OUTPUT rule.
* Clarifications, especially mentioning that NM shouldn't be enabled for iptables/scripts option (this was causing DNS to fail for people who tried both NM and scripts).
* Tells the user when and what they should test (iptables/scripts).
* Change script order to enable testing flow.
* Added Usage and Troubleshooting sections.

https://github.com/QubesOS/qubes-issues/issues/2317
2016-09-15 08:14:54 -04:00
Andrew David Wong
a0bee729e1
Clean up text and fix formatting (closes #162) 2016-06-06 02:39:39 -07:00
Andrew David Wong
9b2ce97fe8
Fix code block formatting (closes #161) 2016-06-06 02:31:37 -07:00
ttasket
fab1c3043c quotes 2016-06-05 02:57:51 -04:00
ttasket
9f512be79f fedora needs PATH assignment 2016-06-05 02:50:54 -04:00
ttasket
88b4097c23 Switch to 'su -' envs, quote vars, rm --dport 53
Thanks Marek!
2016-06-04 22:46:18 -04:00
ttasket
a09ec964ad Automatic; No manual coding of IP addresses.
This requires the user only to add a few lines to their ovpn config file, and copy a few scripts (verbatim). They do not have to figure out which IP addresses are appropriate and hard-code them--unless their VPN service is bereft of domain names. Even in that case, they can do it easily within the ovpn config file. This is much less error-prone and should work with a greater variety of services (large commercial services tend to change their IPs so using domain names and DHCP is preferable in that case).

Also converted firewall section (3) to one code block for much less cutting/pasting. Comments are still there as shell comments.

The only required template changes are adding openvpn itself and possibly disabling the default systemd service for it. Everything else should be there in /rw/config.

This doesn't include extra firewall protections against inadvertent net access from within the VPN VM. I'm thinking of proposing those additions in a separate edit.
2016-06-04 20:01:58 -04:00
john-david-r-smith
c6da0b0664 now using systemd to start openvpn 2016-05-26 09:02:52 +02:00
john-david-r-smith
a9ae590f6f removed unnecessary + dangerous iptables rule 2016-05-26 08:42:25 +02:00
john-david-r-smith
bed89b7eab fixed typo 2016-05-25 23:26:55 +02:00
john-david-r-smith
bccd9558b3 how to setup an openvpn connection using iptables 2016-05-25 22:55:27 +02:00
Axon
73a546854a
Clean up and organize privacy pages
* Logically organize the Whonix-related pages
* Move the VPN page to /configuration/
  * VPNs are used for more than just privacy, and many VPN setups and
    services either can't or don't claim to provide privacy.
* Remove `/privacy/` from URLs
  * These directory names are just for organizing the source pages,
    *unless* an actual page resides there. Since there is no
    /doc/privacy/ page, it's unnecessary and misleading to have this in
    the URLs. It also breaks uniformity, since none of the other pages
    have their informal group name in their URL (again, unless there's
    a page with that name).
2016-02-20 21:15:30 +00:00