edgd1er / nordlynx-proxy Goto Github PK

View Code? Open in Web Editor NEW

16.0 8.0 8.0 168 KB

use nordvpn app to open a vpn connection, run a socks proxy

Dockerfile 15.79% Makefile 5.18% Shell 79.03%

nordvpn socks5

nordlynx-proxy's Introduction

nordlynx-proxy's People

Contributors

Stargazers

Watchers

Forkers

batminer hirschq dmgolembiowski ross7691 thovi 1dimension1 piemmepi xaegrek

nordlynx-proxy's Issues

udp buffer size

Hi,
thank you for providing this!
I tried it out using portainer and docker compose but keep getting this error:

2022/12/02 16:37:35 failed to sufficiently increase receive buffer size (was: 208 kiB, wanted: 2048 kiB, got: 416 kiB). See https://github.com/lucas-clemente/quic-go/wiki/UDP-Receive-Buffer-Size for details.

I tried manually increasing the udp buffer by adding "- net.core.rmem_max = 4194304" to the sysctls in the docker compose, but without any effect.

Do you know how I might be able to address this issue? I have the ghcr.io/bubuntux/nordlynx running without problems with my credentials, but as this does not include a socks5 proxy, I'd prefer your image.

Thank you so much in advance!
Cheers

How to use

Can you explain more for new nordvpn login method --nordaccount
And what if i had logged in manually before running docker

Dante times out, but NordVPN is successfully connected

Unfortunately, I have issues with dante. NordVPN connects without any problem.

nordvpn status

Status: Connected
Hostname: de1117.nordvpn.com
IP: 156.67.85.18
Country: Germany
City: Frankfurt
Current technology: NORDLYNX
Current protocol: UDP
Uptime: 4 minutes 31 seconds

checkip
returns private ip address but curl --interface nordlynx ifconfig.co returns nordvpn ip address (156.67.85.18)

So the issue is not the connection with the vpn server, it has to be with dante. I set

DANTE_LOGLEVEL=error
DANTE_ERRORLOG=/dev/stdout
DANTE_DEBUG=1

getdante

internal: eth0 port=1080
internal: 127.0.0.1 port=1080
external: nordlynx
logoutput: stdout
debug: 1
socksmethod: none
clientmethod: none
user.privileged: root
user.notprivileged: nobody
client pass {
        from: 10.0.0.0/8 to: 0.0.0.0/0
  log: error
}
client pass {
        from: 172.16.0.0/12 to: 0.0.0.0/0
        log: error
}
client pass {
        from: 192.168.0.0/16 to: 0.0.0.0/0
        log: error
}
client pass {
        from: 127.0.0.0/8 to: 0.0.0.0/0
        log: error
}
client pass {
        from: 172.18.0.0/16 to: 0.0.0.0/0
        log: error
}
socks pass {
        from: 0.0.0.0/0 to: 0.0.0.0/0
        protocol: tcp udp
        log: error
}

I attached the logs from dante. Maybe this helps.

Using token but nordvpn asks for username

I am using a docker-compose.yml file basically the same as the example, uncommenting the username line and using my token there. However, I am getting this when trying to log in

What am I doing wrong?

[...]
pi-proxy-1 | 2023-07-01 16:29:26: ERROR: NORDVPN: cannot login: Incorrect Usage: flag provided but not defined: -username
pi-proxy-1 |
pi-proxy-1 |
pi-proxy-1 | nordvpn login - Logs you in
pi-proxy-1 |
pi-proxy-1 | Usage: nordvpn login command [command options] [arguments...]
pi-proxy-1 |
pi-proxy-1 | Commands:
pi-proxy-1 | help, h Shows a list of commands or help for one command
pi-proxy-1 |
pi-proxy-1 | Options:
pi-proxy-1 | --nordaccount (default: false)
pi-proxy-1 | --callback Usually used by the browser to finish Nord Account login flow. Also useful in headless setups. (default: false)
pi-proxy-1 | --token Use token login method. Does not support MFA. (default: false)
pi-proxy-1 | --help, -h show help
pi-proxy-1 |
pi-proxy-1 | flag provided but not defined: -username
pi-proxy-1 | 2023-07-01 16:29:26,443 WARN exited: start_vpn (exit status 1; not expected)
[...]

TOKEN environmant variable

Hello,
it is planned to integrate the variable TOKEN?

"TOKEN - Used in place of USER and PASS for NordVPN account, can be generated in the web portal"

Latest change breaks login: logincmd: unbound variable

Seems like logincmd is not set when using login + pass

/app/start_vpn.sh: line 149: logincmd: unbound variable
2022-12-23 10:25:30: ERROR: NORDVPN: cannot login:
2022-12-23 10:25:30,502 INFO exited: start_vpn (exit status 1; not expected)

I'm still using this in my docker compose:

NORDVPN_LOGIN=
NORDVPN_PASS=

Do i need to use another method to login ?

Local_network environment only allows one subnet

From the Readme there should be a option to add more subnets.

LOCAL_NETWORK: add subnet to allow, multiple values possible net1, net2, net3, ....

When i change this in my config to:

from:
- LOCAL_NETWORK=192.168.0.0/16
to:
- LOCAL_NETWORK=192.168.0.0/16,10.100.100.0/24

Then tinyproxy is not able to start anymore due to a config error:

tinyproxy: ERROR (spawn error)
2022-06-01 16:17:57,007 INFO exited: start_vpn (exit status 7; not expected)
2022-06-01 16:17:58,010 INFO spawned: 'tinyproxy' with pid 801
Unable to parse config file. Not starting.
Syntax error on line 229
2022-06-01 16:17:59,020 INFO exited: tinyproxy (exit status 70; not expected)
2022-06-01 16:18:01,033 INFO spawned: 'tinyproxy' with pid 808
Unable to parse config file. Not starting.
Syntax error on line 229
2022-06-01 16:18:02,047 INFO exited: tinyproxy (exit status 70; not expected)
2022-06-01 16:18:05,053 INFO spawned: 'tinyproxy' with pid 817
Unable to parse config file. Not starting.
Syntax error on line 229
2022-06-01 16:18:06,063 INFO exited: tinyproxy (exit status 70; not expected)
2022-06-01 16:18:07,065 INFO gave up: tinyproxy entered FATAL state, too many start retries too quickly

Do you have an idea on how to solve this?

Idea: Option to set Obfuscated servers

Maybe add environment variable to allow settings this option?

Obfuscated servers are specialized VPN servers that hide the fact that you’re using a VPN to reroute your traffic. They allow users to connect to a VPN even in heavily restrictive environments.

When you connect to a regular [VPN server](https://nordvpn.com/servers/), your ISP can’t see where you go online. But it knows that you’re using a VPN from the way your data looks. However, if you connect to an obfuscated server, it changes your data packets. Therefore, tools that are meant to block VPN traffic let it pass. No one notices you’re using a VPN, unless they inspect your data packets manually.

https://nordvpn.com/features/obfuscated-servers/

Type nordvpn set obfuscate on in the terminal window to enable the obfuscated servers, or type nordvpn set obfuscate off to disable obfuscated servers.

Obfuscated options only work on OpenVPN(TCP) and OpenVPN(UDP) protocols, so that means that Obfuscated servers are grayed out on the NordLynx or IKEv2 protocols.

tinyproxy configuration help

Hi there,

I was wondering if I could get your help with the tinyproxy config , I can't seem to connect to the proxy ( let alone use it )?

I have configured this:

LOCAL_NETWORK=192.168.0.0/24

but as far I know that's the only place I can configure it .

Here is the error I'm getting :

I'm basically wondering where I can configure it ?

Here is my docker compose ( through Portainer )

version: '3.8'
services:
  proxy:
    image: edgd1er/nordlynx-proxy:latest
    ports:
      - "1080:1080"
      - "8888:8888"
    sysctls:
      - net.ipv6.conf.all.disable_ipv6=1 # disable ipv6
    cap_add:
      - NET_ADMIN               # Required
    environment:
      - TZ=Asia/Tokyo
      - GROUP=P2P #Africa_The_Middle_East_And_India, Asia_Pacific, Europe, Onion_Over_VPN, P2P, Standard_VPN_Servers, The_Americas
      - DEBUG=0 #(0/1) activate debug mode for scripts, dante, tinproxy
      - LOCAL_NETWORK=192.168.0.0/24
      - TINYLOGLEVEL=error #Optional, default error: Critical (least verbose), Error, Warning, Notice, Connect (to log connections without Info's noise), Info
      - TINYPORT=8888 #define tinyport inside the container, optional, 8888 by default,
    secrets:
      - NORDVPN_CREDS

secrets:
    NORDVPN_CREDS:
       name: nordvpn_creds
       external: true

Here are the container logs

Status: Connected
Hostname: ch333.nordvpn.com
IP: 195.216.219.155
Country: Switzerland
�
City: Zurich
Current technology: NORDLYNX
Current protocol: UDP
Transfer: 92 B received, 180 B sent
Uptime: 0 seconds
2023-04-03 14:12:01: INFO: detected WAN IP: "195.216.219.87" / nordvpn status: 195.216.219.155 = 
2023-04-03 14:12:01: INFO: DANTE: generate configuration
2023-04-03 14:12:01: INFO: DANTE: INTERFACE: nordlynx, error log: /dev/stdout, log level: error, dante debug: 0
2023-04-03 14:12:01: INFO: DANTE: check configuration socks proxy
2023-04-03 14:12:01: INFO: TINYPROXY: generate configuration
2023-04-03 14:12:01: INFO: TINYPROXY: set configuration INT_IP: 10.255.0.35/ EXT_IP: 10.5.0.2
2023-04-03 14:12:01: INFO: DANTE: starting
2023-04-03 14:12:01,720 INFO spawned: 'dante' with pid 1063
2023-04-03 14:12:01,720 INFO success: dante entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
dante: started
Apr  3 14:12:03 (1680495123.559034) danted[1063]: info: Dante/server[1/2] v1.4.2 running
Apr  3 14:12:03 (1680495123.559033) danted[1066]: info: Dante/server[2/2] v1.4.2 running
2023-04-03 14:12:03: INFO: TINYPROXY: starting
2023-04-03 14:12:03,968 INFO spawned: 'tinyproxy' with pid 1105
2023-04-03 14:12:08,976 INFO success: tinyproxy entered RUNNING state, process has stayed up for > than 5 seconds (startsecs)
tinyproxy: started
2023-04-03 14:12:09,020 INFO exited: start_vpn (exit status 0; expected)
2023/04/03 14:41:28 quic transport needs reconnect, err: Application error 0x100 (remote)
2023/04/03 14:56:28 quic transport needs reconnect, err: Application error 0x100 (remote)
2023/04/03 15:11:28 quic transport needs reconnect, err: Application error 0x100 (remote)
2023/04/03 15:26:28 quic transport needs reconnect, err: Application error 0x100 (remote)
2023/04/03 15:41:28 quic transport needs reconnect, err: Application error 0x100 (remote)
2023/04/03 15:56:28 quic transport needs reconnect, err: Application error 0x100 (remote)
2023/04/03 16:11:28 quic transport needs reconnect, err: Application error 0x100 (remote)
2023/04/03 16:26:28 quic transport needs reconnect, err: Application error 0x100 (remote)
2023/04/03 16:41:28 quic transport needs reconnect, err: Application error 0x100 (remote)
2023/04/03 16:56:28 quic transport needs reconnect, err: Application error 0x100 (remote)

I would appreciate any help :)

OpenVPN technology error

Switched from NordLynx to OpenVPN for testing but got the following error while starting. NordVPN client seems to work but Device "nordlynx" does not exist. seems not correct.

Didn't look into it much i though i would just report it for now. If i have more info i will update this issue

2023-04-18 20:07:17: INFO: DANTE: generate configuration
2023-04-18 20:07:17: INFO: detected WAN IP: "xxx" / nordvpn status: xxx = 
Uptime: 0 seconds
Current protocol: UDP
Current technology: OPENVPN
2023-04-18 20:07:18: INFO: DANTE: INTERFACE: tun, error log: /dev/null, log level: error, dante debug: 0
2023-04-18 20:07:18: INFO: DANTE: check configuration socks proxy
Apr 18 20:07:18 (1681841238.052012) danted[1036]: error: /etc/sockd.conf: problem on line 3 near token "tun": could not resolve hostname "tun": Name or service not known.  Please see the Dante manual for more information
2023-04-18 20:07:18: INFO: TINYPROXY: generate configuration
Apr 18 20:07:18 (1681841238.052093) danted[1036]: alert: mother[1/1]: shutting down
Device "nordlynx" does not exist.
2023-04-18 20:07:18: INFO: DANTE: starting
2023-04-18 20:07:18,186 INFO spawned: 'dante' with pid 1062
dante: started
2023-04-18 20:07:18,186 INFO success: dante entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)

env var NORDVPN_VERSION to 3.16.9 does not work

Hi,

i set env var NORDVPN_VERSION to 3.16.9 but it does not work

0 upgraded, 0 newly installed, 1 downgraded, 0 to remove and 0 not upgraded.
Need to get 32.3 MB of archives.
After this operation, 9000 kB disk space will be freed.
Get:1 https://repo.nordvpn.com/deb/nordvpn/debian stable/main arm64 nordvpn arm64 3.16.9 [32.3 MB]
debconf: delaying package configuration, since apt-utils is not installed
Fetched 32.3 MB in 3s (10.6 MB/s)
dpkg: warning: downgrading nordvpn from 3.17.2 to 3.16.9
(Reading database ...
(Reading database ... 5%
(Reading database ... 10%
(Reading database ... 15%
(Reading database ... 20%
(Reading database ... 25%
(Reading database ... 30%
(Reading database ... 35%
(Reading database ... 40%
(Reading database ... 45%
(Reading database ... 50%
(Reading database ... 55%
(Reading database ... 60%
(Reading database ... 65%
(Reading database ... 70%
(Reading database ... 75%
(Reading database ... 80%
(Reading database ... 85%
(Reading database ... 90%
(Reading database ... 95%
(Reading database ... 100%
(Reading database ... 8990 files and directories currently installed.)
Preparing to unpack .../nordvpn_3.16.9_arm64.deb ...
[ERROR] Unknown environment `supervisord'
Unpacking nordvpn (3.16.9) over (3.17.2) ...
Setting up nordvpn (3.16.9) ...
2024-03-07 19:50:12: INFO: logall feature not available
2024-03-07 19:50:12,953 WARN exited: start_vpn (exit status 1; not expected)