View Single Post
  #5   (View Single Post)  
Old 11th February 2011
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,128
Default

A snippet from a connection to the test account of http://swissvpn.net
Code:
Fri Feb 11 04:19:40 2011 us=266591 /etc/openvpn/up tun0 1500 1543 80.254.76.249 255.255.255.128 init
Configuration of tun0 :
# ifconfig tun0 
tun0: flags=8151<UP,POINTOPOINT,RUNNING,PROMISC,MULTICAST> mtu 1500
        priority: 0
        groups: tun
        status: active
        inet 80.254.76.249 --> 0.0.0.0 netmask 0xffffff80
---------------------------------------------
Setting up resolv.conf ....
Contents of /etc/resolv.conf
-------------------------------------------
lookup file bind
nameserver 192.168.222.10
-------------------------------------------
-rw-r--r--  1 root  wheel  43 Nov 11 10:32 /etc/resolv.conf
-------------------------------------------
resolv.conf for VPN installed
Contents of /etc/resolv.conf
-------------------------------------------
# Fri Feb 11 04:19:40 CET 2011 : resolv.conf generated for OpenVPN connection 
lookup file bind
nameserver 80.254.79.157
nameserver 80.254.77.39
-------------------------------------------
-rwxr-xr-x  1 root  wheel  145 Feb 11 04:19 /etc/resolv.conf
-rw-r--r--  1 root  wheel   43 Feb 11 04:19 /etc/resolv.conf.beforeVPN
-------------------------------------------
Fri Feb 11 04:19:40 2011 us=521392 /sbin/route add -net 80.254.79.87 192.168.222.10 -netmask 255.255.255.255
add net 80.254.79.87: gateway 192.168.222.10
The one in blue is the new resolv.conf.

After stopping openvpn with cntrl-C:
Code:
Fri Feb 11 04:22:12 2011 us=883585 Closing TUN/TAP interface
Fri Feb 11 04:22:12 2011 us=884485 /etc/openvpn/up tun0 1500 1543 80.254.76.249 255.255.255.128 init
Restoring previous resolv.conf ....
Contents of /etc/resolv.conf
-------------------------------------------
# Fri Feb 11 04:19:40 CET 2011 : resolv.conf generated for OpenVPN connection 
lookup file bind
nameserver 80.254.79.157
nameserver 80.254.77.39
-------------------------------------------
-rwxr-xr-x  1 root  wheel  145 Feb 11 04:19 /etc/resolv.conf
-rw-r--r--  1 root  wheel   43 Feb 11 04:19 /etc/resolv.conf.beforeVPN
-------------------------------------------

Saving 'resolv.conf used during VPN ... OK

Restoring original pre-VPN 'resolv.conf' ... OK
Contents of /etc/resolv.conf
-------------------------------------------
lookup file bind
nameserver 192.168.222.10
-------------------------------------------
-rwxr-xr-x  1 root  wheel   43 Feb 11 04:22 /etc/resolv.conf
-rw-r--r--  1 root  wheel   43 Feb 11 04:19 /etc/resolv.conf.beforeVPN
-rwxr-xr-x  1 root  wheel  145 Feb 11 04:22 /etc/resolv.conf.duringVPN
-------------------------------------------
Fri Feb 11 04:22:13 2011 us=7752 SIGINT[hard,] received, process exiting
You can check the DNS queries with running tcpdump twice:
  1. A tcpdump on your network card e.g. xl0
    Code:
    sudo tcpdump -ni xl0 port 53
  2. tcpdump on the 'tun0' device
    Code:
    sudo tcpdump -ni tun0
After the VPN connection is made, the DNS queries on you network should stop, and appear in the tcpdump on 'tun0'.

Or do a nameserver query with dig and watch the SERVER line [code]
Code:
$ dig www.openbsd.org | grep SERVER
;; SERVER: 192.168.222.10#53(192.168.222.10)
After the VPN tunnel is up:
Code:
dig www.openbsd.org | grep SERVER
;; SERVER: 80.254.79.157#53(80.254.79.157)
BTW I now notice that I goofed up the permissions of the new resolv.conf.
Forgot that 'install(1)' sets the 'eXecute' bit by default
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump

Last edited by J65nko; 11th February 2011 at 04:35 AM.
Reply With Quote