我有一个奇怪的问题。一切都工作正常,直到我最后一次更新 archlinux。
我的 ufw 防火墙设置为阻止除 tun0 和默认 openvpn ip(用于 openvpn 第一个连接)之外的所有内容!非常完美,即使 VPN 关闭也不会泄漏...
但在我更新之后,openvpn 没有任何进展。我尝试重置所有配置(网络/openvpn/ufw),但没有任何效果。我现在不得不禁用 ufw,这真的很困扰我。
OpenVPN 说一切都很好,但我的 IP 仍然是我的默认 isp 路由器。似乎所有流量都经过 enp3s0 而不是 tun0
[root@user ~]# sudo systemctl status openvpn@Netherlands
● [email protected] - OpenVPN connection to Netherlands
Loaded: loaded (/usr/lib/systemd/system/[email protected]; enabled)
Drop-In: /etc/systemd/system/[email protected]
└─restart.conf
Active: active (running) since dim. 2014-08-03 00:50:10 CEST; 8s ago
Process: 7401 ExecStart=/usr/bin/openvpn --cd /etc/openvpn --config /etc/openvpn/%i.conf --daemon openvpn@%i --writepid /run/openvpn@%i.pid (code=exited, status=0/SUCCESS)
Main PID: 7402 (openvpn)
CGroup: /system.slice/system-openvpn.slice/[email protected]
└─7402 /usr/bin/openvpn --cd /etc/openvpn --config /etc/openvpn/Netherlands.conf --daemon openvpn@Netherlands --writepid /run/[email protected]
août 03 00:50:10 user openvpn@Netherlands[7402]: UDPv4 link local: [undef]
août 03 00:50:10 user openvpn@Netherlands[7402]: UDPv4 link remote: [AF_INET]109.xx.xx.xx:1194
août 03 00:50:10 user openvpn@Netherlands[7402]: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
août 03 00:50:10 user openvpn@Netherlands[7402]: [VPN] Peer Connection Initiated with [AF_INET]109.xx.xx.xx:1194
août 03 00:50:12 user openvpn@Netherlands[7402]: TUN/TAP device tun0 opened
août 03 00:50:12 user openvpn@Netherlands[7402]: do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
août 03 00:50:12 user openvpn@Netherlands[7402]: /usr/bin/ip link set dev tun0 up mtu 1500
août 03 00:50:12 user openvpn@Netherlands[7402]: /usr/bin/ip addr add dev tun0 local 10.192.1.6 peer 10.192.1.5
août 03 00:50:12 user openvpn@Netherlands[7402]: Initialization Sequence Completed
[root@user ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.1.1 0.0.0.0 UG 1024 0 0 enp3s0
10.192.1.1 10.192.1.5 255.255.255.255 UGH 20 0 0 tun0
10.192.1.5 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
109.xx.xx.xx 192.168.1.1 255.255.255.255 UGH 0 0 0 enp3s0
128.0.0.0 10.192.1.5 128.0.0.0 UG 20 0 0 tun0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 enp3s0
[root@user ~]# ifconfig
enp3s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 9000
inet 192.168.1.111 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::12bf:48ff:fe7d:a5cc prefixlen 64 scopeid 0x20<link>
ether 10:bf:48:7d:a5:cc txqueuelen 1000 (Ethernet)
RX packets 13226 bytes 7955537 (7.5 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 12985 bytes 2539362 (2.4 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 0 (Local Loopback)
RX packets 8581 bytes 34060996 (32.4 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 8581 bytes 34060996 (32.4 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
tun0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1500
inet 10.192.1.6 netmask 255.255.255.255 destination 10.192.1.5
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 100 (UNSPEC)
RX packets 42 bytes 27761 (27.1 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 61 bytes 7072 (6.9 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0user
答案1
最后决定重置我的网络设置:
- 卸载了 openvpn/dhclient/networkmanager/iptables/ufw (以及所有相关的软件包)并删除了配置
- 安装了 dhcpcd
- 重新启动
- 安装 openvpn/iptables/ufw
- 重新启动
一切又恢复正常了! :)