Posted: Wed Jun 22, 2022 8:09 Post subject: Shell script to shuffle VPN
I have a Linksys WRT1200AC. My ISP has been hassling me lately and banning my VPN's servers a couple times a day. Changing it manually has become cumbersome. I've come up with a shell script to do so and I'm just curios as to how bad an idea you think this is. I have all the original info from openvpn.conf before and after the line with the connection info in the designated text files. I'm basically generating two pseudo random digits to hit a new server.
You can enter multiple servers in the VPN GUI and if you enable Random then it will randomly choose one.
Unfortunately, they still haven't fixed the WRT1200ACv2 wireless security bug. I'm stuck on r36247 so I don't have that feature.
Which security bug? This one? The reason nobody is complaining is because of all of the fixes applied to wifi, including MAC filtering. You should upgrade to the current release (now 49289) ... _________________ "The woods are lovely, dark and deep,
But I have promises to keep,
And miles to go before I sleep,
And miles to go before I sleep." - Robert Frost
"I am one of the noticeable ones - notice me" - Dale Frances McKenzie Bozzio
That's the one. I've tried 44715 (most recent stable build) and at least up to 46788 according to that thread. I know I tried a 48*** and it was still broken a few months back. Are you sure?
Update to the current, do a hard reset (nvram erase && reboot), re-configure manually, and test. I have MAC filtering set up on a different device altogether that I just flashed to the last build yesterday and just updated to current this morning and it is working flawlessly. That part of the firmware is common across the board from what I understand, so it should work. The only way it won't work is if it is a Marvell-specific issue, which I doubt that is the case. If you run into issues, reply to your thread on the subject and someone may be kind enough to forward your findings after all possible anomalies are ruled out. _________________ "The woods are lovely, dark and deep,
But I have promises to keep,
And miles to go before I sleep,
And miles to go before I sleep." - Robert Frost
"I am one of the noticeable ones - notice me" - Dale Frances McKenzie Bozzio
Joined: 31 Jul 2021 Posts: 2146 Location: All over YOUR webs
Posted: Wed Jun 22, 2022 14:04 Post subject:
So let me see if I understand this properly.
You are or were running r36247 because of some WiFi security issue, that presumably doesnt exist in r36247.
But in the meanwhile far more serious known exploits that some are actively being targeted, which have been patched in DD-WRT since that build, including kernel, 3rd party libraries e.g. openssl (but not exclusive to that lib) and untold amount of 3rd party components also patched known exploits.
Makes sense. secure one leave a million and one open.
You are or were running r36247 because of some WiFi security issue, that presumably doesnt exist in r36247.
why would it not exist?
the-joker wrote:
But in the meanwhile far more serious known exploits that some are actively being targeted, which have been patched in DD-WRT since that build, including kernel, 3rd party libraries e.g. openssl (but not exclusive to that lib) and untold amount of 3rd party components also patched known exploits.
Why wouldn't I be more worried about securing my wi-fi using basic things shat should just work?
the-joker wrote:
FYI, MAC Filter has worked for a long time and works just fine with current advised build.
If you are referring to anything else, please clarify. _________________ "The woods are lovely, dark and deep,
But I have promises to keep,
And miles to go before I sleep,
And miles to go before I sleep." - Robert Frost
"I am one of the noticeable ones - notice me" - Dale Frances McKenzie Bozzio
Since I've finished generating material for the other thread, I've come back to working on this. Over the past few days there have been some interesting developments.
First, I found out that I was trying to write the data to the wrong place. There is a command to set persistent nvram I'm not sure what models require this. 1200ACv2 certainly does.
Code:
nvram set VARIABLE="VALUE"
Second, in an ideal situation you can shut down the openvpn service with stopservice and start it with startservice but that is not always guaranteed. I never got the command I copied from using ps to work. So good ol reboot is always a possibility when other stuff doesn't get things to restart properly.
This seems to change between versions so your best bet is to see what it looks like using the ps command. Trying this will likely not bring your VPN back up if startservice does not work.
First, I found out that I was trying to write the data to the wrong place. There is a command to set persistent nvram I'm not sure what models require this. 1200ACv2 certainly does.
The nvram set command applies to all supported devices; what persistent values are you trying to manipulate, anyway? _________________ "The woods are lovely, dark and deep,
But I have promises to keep,
And miles to go before I sleep,
And miles to go before I sleep." - Robert Frost
"I am one of the noticeable ones - notice me" - Dale Frances McKenzie Bozzio
Joined: 31 Jul 2021 Posts: 2146 Location: All over YOUR webs
Posted: Fri Jun 24, 2022 18:18 Post subject:
JediMaster666 wrote:
[This just isn't true. Troll harder.
I would advise you to refrain posting little snips of inflammatory taunts which are now noticeable across your latest threads against anyone who doesn't echo your faulty assumptions.
Being part of this community is not a right, it is a privileged. Our community is one of volunteers who contribute to support and helping improve a product and enrich the community we are part of by imparting factual information and skills which is used by all at the grand price of free, while sacrificing the most valuable resource of all, time -- our free time.
I also do not have to remind you of this, and only am doing so with the hope you will self correct.
I have tried reaching you via PM but did not have any luck there.