Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Firewall setup (allow SSH) for windscribe-CLI #200

Open
ekasprzak opened this issue Nov 22, 2024 · 20 comments
Open

Firewall setup (allow SSH) for windscribe-CLI #200

ekasprzak opened this issue Nov 22, 2024 · 20 comments

Comments

@ekasprzak
Copy link

Is your feature request related to a problem? Please describe.
I can't find any documentation on how to setup windscribe firewall for CLI version (how to allow SSH connection).

Describe the solution you'd like
Configure windscribe firewall to allow SSH connection

Describe alternatives you've considered
Using old, unmaintained, unsecure CLI version.

Additional context
I'm using vagrant to manage my virtual machines, on one of those I use windscribe (cli).
Still using the old, long time unmaintained version, because there windscribe connect (which turns on firewall) doesn't block me from accessing it via vagrant (which is SSH).
Using new CLI version (just tried 2.12.7) when I connect to windscribe, my SSH connection is immediately interrupted.
I guess this is because firewall default conf which works differently than the one in legacy CLI.
@blknight88
Copy link

I have the same issue, I assume this is cause the "lanbypass" option is gone, this exists in the old CLI client and allows LAN connections to go through when the Firewall is On, however that seems to be missing in the new client.

Is that going to be added?

@jaxu
Copy link
Contributor

jaxu commented Nov 22, 2024

There's a configuration file at ~/.config/Windscribe/windscribe_cli.conf that contains almost everything that the GUI supports. You can toggle AllowLANTraffic in there to true, and then reload the config with windscribe-cli preferences reload

@blknight88
Copy link

@jaxu thanks for the suggestion, I was able to get it to work by editing that file with that change after my first login.

However now I have a new issue where it won't auto connect on reboot. I tried setting "Autoconnect=true" but every time after reboot it shows logged in but connection state as disconnected. Am I missing something?

I tried looking for documentation on this file in case there is something else in here I need to change but couldn't find any so far.

@ekasprzak
Copy link
Author

@jaxu great, thank you!

@blknight88 can you point me to the documentation for this file, please?

BTW, I think the no autoconnect after reboot problem (which I also experience now after setting AllowLANTraffic) deserves another issue to be opened.

@jaxu
Copy link
Contributor

jaxu commented Nov 23, 2024

There's no issue with Autoconnect as far as I can tell. You most likely forgot to windscribe-cli preferences reload after modifying the file. If you don't do this, on shutdown the service will write its internal settings to this file, overwriting yours.

@blknight88
Copy link

blknight88 commented Nov 23, 2024
edited
Loading

@ekasprzak I couldn't find any documentation on this file unfortunately

@jaxu I did miss that the first time and it is pretty obvious as if I go back to the file my changes won't be there, however on subsequent attempts I have confirmed it did save my settings however it still does not auto connect on reboot.

My process being the following:

nano ~/.config/Windscribe/windscribe_cli.conf

  # Modify these values 
  AllowLANTraffic=true
  Autoconnect=true

windscribe-cli preferences reload

In the old version, the 1.4 CLI I only got this to work by making a systemd windscribe CLI service, not sure if that is needed again here? If so not sure how it would need to be configured to make it work.

@jaxu
Copy link
Contributor

jaxu commented Nov 23, 2024

No, it should just work with that. What is the output of windscribe-cli status after reboot? I don't have enough information to debug this with you. Please send in a debug log and DM me your username.

@blknight88
Copy link

@jaxu Here is the output of windscribe-cli status

Internet connectivity: available
Login state: Logged in
Firewall state: Off
Connect state: Disconnected
Data usage: 75.63 GB / Unlimited

Debug logs sent, however I am not sure how I can DM you in Github?

@jaxu
Copy link
Contributor

jaxu commented Nov 23, 2024

Hah, sorry, wrong platform. You can either post it here if you don't mind or you can email it to me at [email protected].

@blknight88
Copy link

No worries, just sent you an email, thanks

I'll post the solution here, once we figure it out for others to see.

@jaxu
Copy link
Contributor

jaxu commented Nov 24, 2024

Thanks, received. I'll look at this probably Monday and reply here when I have a conclusion.

@blknight88
Copy link

blknight88 commented Nov 24, 2024 via email

@jaxu
Copy link
Contributor

jaxu commented Nov 25, 2024

For anyone lurking here, here's an update of the autoconnect issue from blknight88.

We've had a bit of an offline conversation where it came to light that autoconnect works fine, but only when the user it was installed for logs in. It is killed when the user logs out. This is sort of expected because the windscribe process runs as a user service, which is only valid during the user session.

One workaround for this is to enable linger for the user via loginctl enable-linger <user>. This will make a user session spawn at boot, and will continue to exist if the user logs out.

We are also exploring other ways to make this work on our side and I've added a ticket to our board.

@jaxu
Copy link
Contributor

jaxu commented Nov 26, 2024

I've found a few areas in the code which don't work quite right in pure CLI mode and is affecting the functionality of the autoconnect feature. A fix should be available in an upcoming 2.13 build.

@blknight88
Copy link

blknight88 commented Nov 26, 2024 via email

@jaxu
Copy link
Contributor

jaxu commented Nov 26, 2024

No guarantees but my guess is 1-2 weeks.

@blknight88
Copy link

blknight88 commented Nov 26, 2024 via email

@jaxu jaxu mentioned this issue Nov 28, 2024
Closed
@bernerdad
Copy link
Collaborator

Upcoming build mentioned by @jaxu above is available now. 2.13.3 release

@blknight88
Copy link

I can confirm that using the new alpha 2.13.3 worked for fixing autoconnect for me. Thanks for all the help!

The only other thing missing in this thread is due to my instance being a server, I had to use this command
loginctl enable-linger <user> to get it to work on reboot without me logging in every time.

@jaxu
Copy link
Contributor

jaxu commented Dec 3, 2024

I can confirm that using the new alpha 2.13.3 worked for fixing autoconnect for me. Thanks for all the help!

The only other thing missing in this thread is due to my instance being a server, I had to use this command loginctl enable-linger <user> to get it to work on reboot without me logging in every time.

Thanks for confirming. That command is about half a dozen message above. I'll try to find some suitable place to add documentation for this as well.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@jaxu @bernerdad @ekasprzak @blknight88