Comments (6)
Hi,
it is possible to start a second OpenVPN session for bypass apps (Go to the bypass tab -> select a server from your list of starred servers -> connect). However, this doesn't reliably work yet if you only choose to open a tunnel for bypass. Also, you'd have to deactivate the firewall obviously. I'll be working on making the bypass feature more robust but it's gotten quite complicated (to the point where I was about to ditch it entirely). So this will take some time to be implemented properly most likely.
from qomui.
Not sure whether I understand you correctly. I know, that you can start a secondary connection (bypass) together with or without starting a primary one. Even if the bypass feature is not so robust yet, I am quite happy with it. Right now I mainly use the app-with-bypass launcher.
My use case is the following:
I want the VPN only for a single application. This application allows setting a network interface. I would set this interface to tun1
. tun1
would in this case not be a bypass connection, but a proper VPN connection. There would be no tun0
. Now tun1
would be different from a standard tun0
connection, because it does not alter the routing table in a way that all traffic goes through the tunnel by default. ONLY if you specifically select this interface in an application, the VPN would be used.
I know this might be very complicated, but maybe it is possible.
But until then I am happy with the bypass laucher. There is only one caveat: It uses control groups which makes it hard to combine with systemd services (e.g. Plex Media Server). That is why I would value this enhancement a lot.
from qomui.
Actually, both are standard OpenVPN connections. They are only using a different routing table. What you want to do, is much easier to achieve, though. If the single application can be tied to a specific network interface you don't need the bypass at all. You'll just have to customize your OpenVPN configurations to not set the OpenVPN route as the main route. Have a look at the OpenVPN manpage and specifically the "route-nopull" and "route-noexec" option. The downside is that you'll have the deactivate the firewall.
from qomui.
Well, I tried your suggestion with the route-nopull
connection. The connection itself behaves like intended, but binding an application to it does not work properly: the traffic leaks outside the tunnel. I guess this happens, because of the weak host model used in Linux.
The only thing that worked for me, was creating a separate user whose traffic is forced through the VPN via iptables (I followed this guide more or less). This works reliably for all applications started as this user.
However, having a cgroup-based approach like your's would still be preferable to me, because it is more convenient than running applications as a different user.
from qomui.
I did some testing with the new release and on my machines at least only having a secondary VPN connection now works reliably. You'd have to deactivate the firewall, though, if you want non-cgroup applications to access the internet. No route-nopull option needed. The only downside is that you won't have a "killswitch".
from qomui.
Not sure if thats really an issue with the cool VPN here but if you just want a single connection though VPN: just use a Container for that. For example if you want a browser with the VPN IP , use something like https://github.com/dmouse/browser and add a startscript to the Container that establishes the VPN before starting the browser. I did that with the openconnect VPN of my university account (for accessing books from the university library) and it works great.
from qomui.
Related Issues (20)
- Since 0.8.3 Firewall settings getting mixed up
- Qomui on Raspberry Pi HOT 1
- Bypass doesn't work on ubuntu 19.10 HOT 1
- Fails when trying to use protonvpn provider
- Dead project? I hope not HOT 3
- Bypass not list all applications HOT 1
- Ubuntu 20.04 qomui-gui 0.8.3 crash when minimized HOT 2
- pkg_resources.DistributionNotFound: The 'qomui==0.8.3' distribution was not found and is required by the application HOT 5
- am on ARCH, i get this when i try to set the provider HOT 1
- Qomui blocks itself
- Can't connect to ProtonVPN
- do not work on ubuntu 20.04 HOT 1
- Any way to reach the author? Would love to help this project or worst case fork and help maintain HOT 10
- Is this still maintained & is there a possibility of a macOS version/port? HOT 1
- Operation not permitted: '/etc/resolv.conf on fresh install.
- AttributeError: 'QomuiGui' object has no attribute 'initalize_service'. Did you mean: 'initialize_service'? HOT 1
- GUI do not work on elementaryOS 6.1(ubuntu 20.04.5)
- `IndexError: list index out of range` crash on latest qomui and mullvad HOT 4
- OpenRC/runit
- Cannot start qoumi.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from qomui.