HTTP or Socks Proxy

[TexasLarge]

Would there be a way to use a socks proxy or http proxy with authentication with ovpn through hybrid vpn. Wish there was a way to point it to a auth.txt file or stdin.

[Netduma Fraser]

Hello, welcome to the forum!

No I don't think so, it's just a VPN client, so user/pass and the VPN config are the only options you can configure + DNS. I can add it to our list as something to potentially implement in the future.

[TexasLarge]

Before 3.3 you could use a http proxy by adding the following block to the end of your config and using http-proxy .... Port auto within the config. At the end you needed to add the following for inline auth but this broke after the 3.3 update. 

<http-proxy-user-pass> user pass on 2 lines in-between this

</http-proxy-user-pass>

 

 

 

 

 

[Netduma Fraser]

In that case I can put it through as a bug but if it wasn't intended behavior then it's unlikely to be resolved as fast, I'll keep you posted.

[Netduma Fraser]

Which 3.3 firmware are you on by the way so I can note it down for the ticket

[TexasLarge]

9 hours ago, Netduma Fraser said:

Which 3.3 firmware are you on by the way so I can note it down for the ticket

R2 3.3.280

[Netduma Fraser]

Great thank you.

[TexasLarge]

Thu Apr  6 01:09:57 2023 OpenVPN 2.4.7 mipsel-openwrt-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
Thu Apr  6 01:09:57 2023 library versions: OpenSSL 1.0.2p  14 Aug 2018, LZO 2.10
Thu Apr  6 01:09:57 2023 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Thu Apr  6 01:09:57 2023 TCP/UDP: Preserving recently used remote address: [AF_INET]45.152.200.122:9668
Thu Apr  6 01:09:57 2023 Socket Buffers: R=[87380->87380] S=[16384->16384]
Thu Apr  6 01:09:57 2023 Attempting to establish TCP connection with [AF_INET]45.152.200.122:9668 [nonblock]
Thu Apr  6 01:09:58 2023 TCP connection established with [AF_INET]45.152.200.122:9668
Thu Apr  6 01:09:58 2023 Send to HTTP proxy: 'CONNECT srilanka.privacy.network:501 HTTP/1.0'
Thu Apr  6 01:09:58 2023 Send to HTTP proxy: 'Host: srilanka.privacy.network'
Thu Apr  6 01:09:59 2023 HTTP proxy returned: 'HTTP/1.0 407 Proxy Authentication Required'
Thu Apr  6 01:09:59 2023 Proxy requires authentication
Thu Apr  6 01:09:59 2023 PROXY AUTH BASIC: 'Proxy-Authenticate: Basic realm="Invalid proxy credentials or missing IP Authorization."'
Thu Apr  6 01:09:59 2023 HTTP proxy authenticate 'realm="Invalid proxy credentials or missing IP Authorization."'
Thu Apr  6 01:09:59 2023 Attempting to establish TCP connection with [AF_INET]45.152.200.122:9668 [nonblock]
Thu Apr  6 01:10:00 2023 TCP connection established with [AF_INET]45.152.200.122:9668
Thu Apr  6 01:10:00 2023 Send to HTTP proxy: 'CONNECT srilanka.privacy.network:501 HTTP/1.0'
Thu Apr  6 01:10:00 2023 Send to HTTP proxy: 'Host: srilanka.privacy.network'
Thu Apr  6 01:10:00 2023 Attempting Basic Proxy-Authorization
Thu Apr  6 01:10:00 2023 HTTP proxy returned: 'HTTP/1.0 200 OK'
Thu Apr  6 01:10:02 2023 TCP_CLIENT link local: (not bound)
Thu Apr  6 01:10:02 2023 TCP_CLIENT link remote: [AF_INET]45.152.200.122:9668
Thu Apr  6 01:10:03 2023 TLS: Initial packet from [AF_INET]45.152.200.122:9668, sid=d3f7f309 6660f914
Thu Apr  6 01:10:03 2023 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Thu Apr  6 01:10:03 2023 VERIFY OK: depth=1, C=US, ST=CA, L=LosAngeles, O=Private Internet Access, OU=Private Internet Access, CN=Private Internet Access, name=Private Internet Access, [email protected]
Thu Apr  6 01:10:03 2023 VERIFY KU OK
Thu Apr  6 01:10:03 2023 Validating certificate extended key usage
Thu Apr  6 01:10:03 2023 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Thu Apr  6 01:10:03 2023 VERIFY EKU OK
Thu Apr  6 01:10:03 2023 VERIFY OK: depth=0, C=US, ST=CA, L=LosAngeles, O=Private Internet Access, OU=Private Internet Access, CN=srilanka403, name=srilanka403
Thu Apr  6 01:10:04 2023 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
Thu Apr  6 01:10:04 2023 [srilanka403] Peer Connection Initiated with [AF_INET]45.152.200.122:9668
Thu Apr  6 01:10:05 2023 SENT CONTROL [srilanka403]: 'PUSH_REQUEST' (status=1)
Thu Apr  6 01:10:06 2023 PUSH: Received control message: 'PUSH_REPLY,comp-lzo no,redirect-gateway def1,route-ipv6 2000::/3,dhcp-option DNS 10.0.0.243,route-gateway 10.4.19.1,topology subnet,ping 10,ping-restart 60,ifconfig 10.4.19.17 255.255.255.0,peer-id 0,cipher AES-256-GCM'
Thu Apr  6 01:10:06 2023 Pushed option removed by filter: 'route-ipv6 2000::/3'
Thu Apr  6 01:10:06 2023 OPTIONS IMPORT: timers and/or timeouts modified
Thu Apr  6 01:10:06 2023 OPTIONS IMPORT: compression parms modified
Thu Apr  6 01:10:06 2023 OPTIONS IMPORT: --ifconfig/up options modified
Thu Apr  6 01:10:06 2023 OPTIONS IMPORT: route options modified
Thu Apr  6 01:10:06 2023 OPTIONS IMPORT: route-related options modified
Thu Apr  6 01:10:06 2023 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Thu Apr  6 01:10:06 2023 OPTIONS IMPORT: peer-id set
Thu Apr  6 01:10:06 2023 OPTIONS IMPORT: adjusting link_mtu to 1627
Thu Apr  6 01:10:06 2023 OPTIONS IMPORT: data channel crypto options modified
Thu Apr  6 01:10:06 2023 Data Channel: using negotiated cipher 'AES-256-GCM'
Thu Apr  6 01:10:06 2023 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Thu Apr  6 01:10:06 2023 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Thu Apr  6 01:10:06 2023 TUN/TAP device tun0 opened
Thu Apr  6 01:10:06 2023 TUN/TAP TX queue length set to 100
Thu Apr  6 01:10:06 2023 /sbin/ifconfig tun0 10.4.19.17 netmask 255.255.255.0 mtu 1500 broadcast 10.4.19.255
Thu Apr  6 01:10:06 2023 /bin/touch /tmp/lua_NPhaNB tun0 1500 1555 10.4.19.17 255.255.255.0 init
Thu Apr  6 01:10:06 2023 Initialization Sequence Completed

Error: CONNECTION TIMEOUT
Thu Apr  6 01:10:06 2023 event_wait : Interrupted system call (code=4)
Thu Apr  6 01:10:06 2023 Closing TUN/TAP interface
Thu Apr  6 01:10:06 2023 /sbin/ifconfig tun0 0.0.0.0
Thu Apr  6 01:10:06 2023 SIGINT[hard,] received, process exiting

Openvpn terminated

 

This is the log if it helps. You might know what the issue is.

[Netduma Fraser]

Great thank you, I'll add that to the ticket.

[TexasLarge]

On 4/6/2023 at 7:09 AM, Netduma Fraser said:

Great thank you, I'll add that to the ticket.

any updates?

[Netduma Fraser]

14 hours ago, TexasLarge said:

any updates?

Easter Holidays at the moment so no updates. It will be assigned to a developer and it will have a priority tag on it, whatever that is will determine when it gets worked on. Just to give you a realistic expectation the devs have a lot more priorities to cover so it might not be a quick thing - it depends how quick a fix it is I would have though.

[TexasLarge]

On 4/10/2023 at 7:02 AM, Netduma Fraser said:

Easter Holidays at the moment so no updates. It will be assigned to a developer and it will have a priority tag on it, whatever that is will determine when it gets worked on. Just to give you a realistic expectation the devs have a lot more priorities to cover so it might not be a quick thing - it depends how quick a fix it is I would have though.

anything happening on your end?

[Netduma Fraser]

I don't see any activity on the ticket, I'll check with the assigned dev to see if I can get some information and will get back to you.

[TexasLarge]

bump?

 

[Netduma Fraser]

There is no update on the ticket so far, the dev on it is not available at the moment, I've left them a message and will get back to you when I know more.