I have a DNS leak. I am "some Ubuntu user".
Into what file are the following lines added? Which file and which directory?
script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf
from:
https://github.com/cryptostorm/cryptost ... ster/linux
at the very bottom of that page.
I just got CS up and running and after 6 months of working on this (one and off), I don't want to do it all again, I won't remember how.
Ξ welcome to cryptostorm's member forums ~ you don't have to be a cryptostorm member to post here Ξ
Ξ any OpenVPN configs found on the forum are likely outdated. For the latest, visit here or GitHub Ξ
Ξ If you're looking for tutorials/guides, check out the new https://cryptostorm.is/#section6 Ξ
Ξ any OpenVPN configs found on the forum are likely outdated. For the latest, visit here or GitHub Ξ
Ξ If you're looking for tutorials/guides, check out the new https://cryptostorm.is/#section6 Ξ
For some Ubuntu versions, you may need to add this to your OpenVPN config in order to prevent DNS leaks
Re: For some Ubuntu versions, you may need to add this to your OpenVPN config in order to prevent DNS leaks
Go to the directory you have the configs (*.ovpn files)
Done. This adds the 3 lines to each .ovpn file which fixes DNS leaks.
Done. This adds the 3 lines to each .ovpn file which fixes DNS leaks.
Re: For some Ubuntu versions, you may need to add this to your OpenVPN config in order to prevent DNS leaks
The following should give an understanding as to how little I understand the "work" I'm doing.
When I determined I had a DNS leak via https://ipleak.net/ (Cryptostorm's "Goodies" page), I tried to find my own solution. When I saw the info about Ubuntu I jumped to a false conclusion. I thought, because my router is OpenWRT/LEDE, that it is Linux/Ubuntu based. My bad.
I did the following:
ssh root@192.168.xxx.xxx and entered the pw.
cd /etc/openvpn
then nano cstorm_linux-rumplestiltskin_udp.ovpn
next copy the text starting "for x" in the above post (and without quotes) next, holding ctrl & shift, this was pasted into cstorm_linux-rumplestiltskin_udp.ovpn. Ctrl-O, Enter, Ctrl-X.
As a double check open the modified .ovpn. Nope, not 3 lines of text, only one. Manually 3 lines separated at >> with no spaces before or after. Ctrl-O, Ctrl-X. Double check: see 3 lines.
Reboot. Odd I can ping google.com, but cannot get to a common web page such as ipleak.net.
So I had to remove the Ubuntu text. And I still have a DNS leak.
Thank you for your concern.
When I determined I had a DNS leak via https://ipleak.net/ (Cryptostorm's "Goodies" page), I tried to find my own solution. When I saw the info about Ubuntu I jumped to a false conclusion. I thought, because my router is OpenWRT/LEDE, that it is Linux/Ubuntu based. My bad.
I did the following:
ssh root@192.168.xxx.xxx and entered the pw.
cd /etc/openvpn
then nano cstorm_linux-rumplestiltskin_udp.ovpn
next copy the text starting "for x" in the above post (and without quotes) next, holding ctrl & shift, this was pasted into cstorm_linux-rumplestiltskin_udp.ovpn. Ctrl-O, Enter, Ctrl-X.
As a double check open the modified .ovpn. Nope, not 3 lines of text, only one. Manually 3 lines separated at >> with no spaces before or after. Ctrl-O, Ctrl-X. Double check: see 3 lines.
Reboot. Odd I can ping google.com, but cannot get to a common web page such as ipleak.net.
So I had to remove the Ubuntu text. And I still have a DNS leak.
Thank you for your concern.
Re: For some Ubuntu versions, you may need to add this to your OpenVPN config in order to prevent DNS leaks
Old post, I'm sure you've figured out the problem by now, but if not:
That "for x" line was meant to be executed at the command line, not pasted into your text editor (nano).
If you can edit the config with nano, you can add the three lines from there:
script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf
But the reason for that "for x" command is that it allows you to add the above three lines to all your configs at once, so you don't have manually edit each of them with nano.
Our new Linux tutorial page @ https://cryptostorm.is/nix includes a similar command:
for conf in *.ovpn;do echo 'script-security 2' >> $conf;echo 'up /etc/openvpn/update-resolv-conf' >> $conf;echo 'down /etc/openvpn/update-resolv-conf' >> $conf;done
That "for x" line was meant to be executed at the command line, not pasted into your text editor (nano).
If you can edit the config with nano, you can add the three lines from there:
script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf
But the reason for that "for x" command is that it allows you to add the above three lines to all your configs at once, so you don't have manually edit each of them with nano.
Our new Linux tutorial page @ https://cryptostorm.is/nix includes a similar command:
for conf in *.ovpn;do echo 'script-security 2' >> $conf;echo 'up /etc/openvpn/update-resolv-conf' >> $conf;echo 'down /etc/openvpn/update-resolv-conf' >> $conf;done
Re: For some Ubuntu versions, you may need to add this to your OpenVPN config in order to prevent DNS leaks
@patrickjburt
Nothing to worry about. Just follow the directions on https://cryptostorm.is/nix and the DNS leak will be taken care of.
Nothing to worry about. Just follow the directions on https://cryptostorm.is/nix and the DNS leak will be taken care of.