ProtonVPN broke my machine after upgrade to Linux CLI version 3 - networking

I'm using the ProtonVPN Linux CLI client Ubuntu 18.04.
I was previously using the 2.2.6 version, but I wanted to upgrade, which was a huge mistake.
I uninstalled v2.2.6 and followed the instructions for installing v3.7.1 on the ProtonVPN website.
After installation, I was able to create a connection, use the Internet, etc. Everything seemed to work. I enabled the killswitch permanently with $ protonvpn-cli ks --permanent.
Then, I closed my laptop lid. When I re-opened it, I had no Internet connection. I expected this, since that's how the 2.2.6 client worked, and I'm used to having to manually reconnect every time I open my laptop.
I attempted to reconnect to the VPN, but it didn't work the way I expected. $ protonvpn-cli r wouldn't find previous connection data, and $ protonvpn-cli c returned the error
Setting up ProtonVPN
An unknown error has occured. Please ensure that you have internet connectivity.
If the issue persists, please contact support
My wifi connection was fine. If connectivity is the issue, then I assume it must be the killswitch. I disabled the killswitch with $ protonvpn-cli ks --off. My first question is, under v.2.2.6 I did not have to disable the killswitch in order to connect to ProtonVPN itself. Is this changed in v3.7.1?
With the killswitch disabled, $ protonvpn-cli r continues to not find previous connection data, but $ protonvpn-cli c at least makes an attempt at working. However, it's still broken. It takes a minute to load the list of countries. When I select "United States", it seems to freeze while loading the list of servers. I've tried several times, and I've reconnected my wifi. It just won't load servers.
My device now lacks internet connectivity entirely. I've turned off the killswitch, I've closed the terminal I was running protonvpn-cli in, and there are no protonvpn processes active on the machine. The wifi is fine, and other devices are using it to connect to the Internet perfectly well. I've even rebooted the laptop, but it still won't connect to the internet. ProtonVPN has completely wrecked it.
Please help me.

Although I don't think the problem still persists on your side I've struggled with similar problem today. For me the solution found here https://askubuntu.com/questions/1319033/internet-stops-working-after-installing-protonvpn solved all connectivity issues, by simply removing the pvpn-ipv6leak-protection as following:
sudo nmcli connection delete pvpn-ipv6leak-protection

This is from proton's own old web page on how to remove the leftover "always on kill switch" uning command lines in the terminal. It is on the page: "How to install early-access Proton VPN Linux CLI"
located # https://protonvpn.com/support/linux-vpn-tool-early-access/
Disable the kill switch if you have uninstalled the app
The kill switch can be easily disabled from within the official Linux CLI app, but this will not be possible if you have uninstalled the CLI app first without disabling the kill switch. This may result in your system being unable to access the internet. To remove the kill switch after the CLI app has been uninstalled:
a) Identify Proton VPN connection names by running the command:
nmcli connection show --active
This will display a list of all your system’s active connections.
b) Look for any connections with the pvpn- prefix. This usually includes pvpn-killswitch and pvpn-ipv6leak-protection, and may include pvpn-routed-killswitch. Delete all these connections using the following command:
nmcli connection delete [connection name]
For example:
nmcli connection delete pvpn-killswitch
c) Re-run the following command to verify that Proton VPN connections have been deleted:
nmcli connection show --active
If any Proton VPN connections remain, delete them as described above.

Don't know enough about linux to be helpful but have run into the same issue.
Seems to be that proton stuffs with the resolv.conf file.
This link has a fix https://www.reddit.com/r/Ubuntu/comments/cpzaxo/remove_protonvpn_from_ubuntu/
But I can't get it to work as chattr will not allow me to remove the -i permissions.
chattr: Inappropriate ioctl for device while reading flags
Maybe it will work for you

Related

How do I resolve an "Arg_NullReferenceException" error when trying to connect through CheckPoint VPN?

I use CheckPoint VPN to log in to my place of work's servers to work remotely. The VPN has been working (mostly) fine all year, and I haven't changed any of the settings, but this morning, when I tried to log in, it's giving me the "Arg_NullReferenceException." I can't seem to find anything on this particular error on google.
I have tried restarting my computer, because it's not the first issue I've had with CheckPoint VPN (though it is the first time I've seen that error message), and a restart usually resolves whatever issue I'm having. I've also tried creating a new connection with the same settings, but I'm getting the same error with that one, too.
I'm not entirely sure what other information I would need to provide. I'm also not sure if it's a problem on my end, or on the company servers. I have already emailed tech support, but I thought I should be thorough.
This is a known issue. I have been jumping through hoops trying to get the capsule client to work. Raise a ticket with TAC if you have support. If not then you can download the E86 Endpoint connect client and run it. That has been my work around for this issue.
They just issued an update to the Capsule via the Microsoft Store. It seems one of the recent Windows Security Update broke the L2TP protocol within windows.

puppet client reporting to wrong host in Foreman

This is my first post!
I have 100's of nodes managed by puppet/foreman. Everything is fine.
I did something I already did without problem in the past:
Change the hostname of a server.
This time I changed 2 hostnames:
Initially I had 'gate02' and 'gate03'.
I moved gate02 to 'gate02old' (with dummy IP, and switched the server OFF)
then I moved gate03 to gate02 ...
Now (the new) gate02 reports are updating the host called gate02old in foreman.
I did clean the certs in the puppetserver. I rm the ssl dir in the (new) gate02 and run puppet agent. I did not fing any reference to 'gate' in /var/lib/puppet. I changed the certname in puppet.conf and in hostname, and in sysconfig/network-script/ifcfg-xxxx.
The puppet agent run smoothly, and sends it to the puppetserver. But it updates the wrong host!
Anyone would have a clue on how to fix this ?
Thanks!
Foreman 2.0.3
Puppet 6
I do not accept that the sequence of events described led to the behavior described. If reports for the former gate03, now named gate02, are being logged on the server for name gate02old, then that is because that machine is presenting a cert to the server that identifies it as gate02old (and the server is accepting that cert). The sequence of events presented does not explain how that might be, but my first guess would be that it is actually (new) gate02old that is running and requesting catalogs from the server, not (new) gate02.
Fix it by
Ensuring that the machine you want running is in fact the one that is running, and that its hostname is in fact what you intend for it to be.
Shutting down the agent on (new) gate02. If it is running in daemon mode then shut down the daemon and disable it. If it is being scheduled by an external scheduler then stop and disable it there. Consider also using puppet agent --disable.
Deactivating the node on the server and cleaning out its data, including certs:
puppet node deactivate gate02
puppet node deactivate gate02old
puppet node deactivate gate03
You may want to wait a bit at this point, then ...
puppet node clean gate02
puppet node clean gate02old
puppet node clean gate03
Cleaning out the nodes' certs. For safety, I would do this on both nodes. Removing /opt/puppetlabs/puppet/ssl (on the nodes, not the server!) should work for that, or you could remove the puppet-agent package altogether, remove any files left behind, and then reinstall.
Updating the puppet configuration on the new gate02 as appropriate.
Re-enabling the agent on gate02, and starting it or running it in --test mode.
Signing the new CSR (unless you have autosigning enabled), which should have been issued for gate02 or whatever certname is explicitly specified in in that node's puppet configuration.
Thanks for the answer, though it was not the right one.
I did get to the right point by changing again the hostname of the old gateold02 to a another existing-for-testing one, starting the server and get it back in Foreman. Once that done, removing (again!) the certs of the new gate02 put it right, and its reports now updates the right entry in Foreman.
I still beleive there is something (a db ?) that was not updated right so foreman was sure that the host called 'gate02' was in the GUI 'gateold02'.
I am very sorry if you don't beleive me.
Not to say rather disappointed.
Cheers.

Problem communicating over a local area network (LAN) with ROS on WSL2

I am a developer of ROS projects. Recently I am trying using ROS(melodic) on WSL2(Windows Subsystem for Linux), and all things works just great. But I got some trouble when I want to use another PC which also in the same local area network(LAN) to communicate with. Before setting the environment variables like "ROS_MASTER_URI, ROS_IP", I know that since WSL 2 work on Hyper-V so the IP show on WSL2 is not the one in the real LAN. I have to do some command like below in order to make everyone in LAN communicate with the specific host:PORT on WSL2.
netsh interface portproxy delete v4tov4 listenport=$port listenaddress=$addr
But here comes a new question:
The nodes which use TCPROS to communicate with each other have a random PORT every time I launch the file.
How can I handle this kind of problem?
Or is there any information on the internet that I can have a look?
Thank you.
The root problem is described in WSL issue #4150. To quote from that thread,
WSL 2 seems to NAT it's virtual network, instead of making it bridged
to the host NIC.
Option 1 - Port forwarding script on login
Note: From #kraego's comment (and the edited question, which I'm just seeing based on the comment), this is probably not a good option for ROS, since the port numbers are randomly assigned. This makes port forwarding something that would have to be dynamically done.
There are a number of workarounds described in that issue, for which you've already figured out the first part (the port forwarding). The primary technique seems to be to create a PowerShell script to detect the IP address and create the port forwarding rules that runs upon Windows login. This particular comment near the top of the thread seems to be the canonical go-to answer, although many people have posted their tweaks or alternatives throughout the very long thread.
One downside - I believe the script that is mentioned there needs to be run at logon since the WSL subsystem seems to only want to run when a user is logged in. I've found that attempting to run a WSL service or instance through Windows OpenSSH results in that instance/service shutting down soon after the SSH session is closed, unless the user is already logged into Windows with a WSL instance opened.
Option 2 - WSL1
I would also propose that, assuming it fits your workflow and if the ROS works on it (it may not, given the device access you need, but not sure), you can simply use WSL1 instead of WSL2 to avoid this. You can try this out by:
Backing up your existing distro (from PowerShell or cmd, use wsl --export <DistroName> <FileName>
Import the backup into a new WSL1 instance with wsl --import <NewDistroName> <InstallLocation> <FileNameOfBackup> --version 1
It's possible to simply change versions in place, but I tend to like to have a backup anyway before doing it, and as long as you are backing up, you may as well leave the original in place.

R studio server browser freezes upon login

I have been working on my R studio session hosted by a Linux server and recently, ran a piece of code that was taking way too long to execute and I decided to kill it.
Here is the sequence of steps that I took - none of them helped me restore the health of my session.
1) Hit the stop button on R studio and be patient.
2) Ssh into my Linux server and ran the following command to kill all the processes running with my userid
killall -u myuserid
3) Removed the.RData,.Renviron,.Rhistory files from my workspace.
4) Ran the following R command via the Linux server for garbage collection
gc(reset=TRUE)
4) Restarted the entire Linux server.
I am running out of ideas and would really appreciate any other suggestions before I take more drastic steps like revoking access and granting it again(not sure if that would be the right fix)
Note: The browser window freezes every time I login, and it happens only for my R studio session, the rest of the users in the same network have no issues.
I solved this problem - Rstudio-serverfreezing. I think it was a network problem since I couldn't receive any response from calling "~~~~~~.cache.js". In this case, you can find out "~~~~~~~~~.cache.js" no response with pushing key before you click log-in button.
Anyway, here is my way.
Reset your Network with following orders
you can insert these into cmd terminal as an admin mode.
netsh winsock reset
netsh int ip reset
Reboot
The IP information may be erased. So if you're using fixed IP address, fill the blanks with as-is IP address.
That's all.
You may follow this way to recover the connection.

VMWare Virtual Machine Ignores DCHP Lease

I have a VMWare Player (Workstation 9 )virtual machine on an Ubuntu 12.10 (13.10 Kernel) host running Ubuntu 12.04 using a bridged connection and set to replicate the physical network connection. Everything usually works properly in a variety of locations. But at one location that I often frequent, the ip address of the virtual machine changes roughly every 10 minutes -rendering the vm entirely useless as it is a postgresql server and thus needs a dedicated local ip. Not only that, but when I copied a database dump into a shared folder, the file ended up getting corrupted.
I can verify that the network caused this problem, as the actual on the vm was not corrupted. I managed to temporarily solve the problem by going into a local modem and setting a DHCP Mac Address. Everything was working and files were not getting corrupted. However, it only lasted temporarily, and another random address was assigned, breaking several running processes on my machine. Between the router/gateway, there is a redundant apple router involved in the network that is likely causing the issue -but I cannot just throw it away or deactivate it, as it is not my network
Furthermore, DHCP leases work just fine for every other machine on the network; so
I believe the root issue is with vmware.
I have no clue what could possibly cause something like this to occur, as IP address assignment is one of those things that normally "just works". I am thinking about just switching to VitualBox, as I have used it in the past and never had a problem (except with properly running Windows 8. However,I have never actually seen any article suggesting VirtualVox over WMWare, as the latter supposedly performs better and has more intuitive shared folder support. Obviously though, any benefit from a shared folder is negated if it just shares corrupt garbage.
So you manually set a MAC address on your VM? In the past, I've seen VM's change MACs quite often; generally only after a reboot or cold start. It shouldn't happen on the fly... You could install Wireshark and grab a few packet captures to see if anything in there points you in the direction of the root cause.

Resources