gargoyle-ispy 2017-October-13 22:01.torrent

Want to share your OpenWrt / Gargoyle knowledge? Implemented a new feature? Let us know here.

Moderator: Moderators

ispyisail
Moderator
Posts: 5180
Joined: Mon Apr 06, 2009 3:15 am
Location: New Zealand

gargoyle-ispy 2017-October-13 22:01.torrent

Post by ispyisail »

USE AT YOUR OWN RISK

WARNING: DO NOT PRESERVE SETTINGS

Now includes packages

Do not install on 4MB routers

gargoyle-ispy 2017-October-13 22:01.torrent
https://goo.gl/gcWEsD

magnet:?xt=urn:btih:dc8286b7f9b3125b1c90f213eb1a7817c29617cc&dn=gargoyle-ispy%202017-October-13%2022_01.7z&tr=udp%3a%2f%2ftracker.openbittorrent.com%3a80&tr=udp%3a%2f%2fopen.demonii.com%3a1337&tr=udp%3a%2f%2ftracker.coppersurfer.tk%3a6969&tr=udp%3a%2f%2ftracker.leechers-paradise.org%3a6969


Routers
https://goo.gl/adecVk

in openvpn set default server cipher to aes-256-cbc, and replace ns-c

Add ability to download OpenVPN config files as single .ovpn

i18n/Polish: plugin openvpn: fix new translation

ispyisail
Moderator
Posts: 5180
Joined: Mon Apr 06, 2009 3:15 am
Location: New Zealand

Re: gargoyle-ispy 2017-October-13 22:01.torrent

Post by ispyisail »

rseiler wrote:Since OpenVPN is being worked on in this release, do you think it would be a good idea to update it? Unless it changed in this release, I think it's been at 2.3.6 for a while. There have been 12 maintenance updates to 2.3 since then (late 2014):
https://community.openvpn.net/openvpn/w ... nOpenvpn23

Not sure about making the jump to 2.4.x, as there have been a lot of changes:
https://github.com/OpenVPN/openvpn/blob ... hanges.rst
Eric is aware of this and no doubt he will fix when he has time

I've just tested and it works as expected

ispyisail
Moderator
Posts: 5180
Joined: Mon Apr 06, 2009 3:15 am
Location: New Zealand

Re: gargoyle-ispy 2017-October-13 22:01.torrent

Post by ispyisail »

Can somebody else confirm that AES is still not the default?

Image

ispyisail
Moderator
Posts: 5180
Joined: Mon Apr 06, 2009 3:15 am
Location: New Zealand

Re: gargoyle-ispy 2017-October-13 22:01.torrent

Post by ispyisail »

I can confirm that single file is working as expected

Image

ispyisail
Moderator
Posts: 5180
Joined: Mon Apr 06, 2009 3:15 am
Location: New Zealand

Re: gargoyle-ispy 2017-October-13 22:01.torrent

Post by ispyisail »

If you use AES the only warning now is

Code: Select all

Sat Oct 14 15:13:39 2017 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Eric has determined that this is not a big risk.

rseiler
Posts: 208
Joined: Sun Dec 15, 2013 12:31 am

Re: gargoyle-ispy 2017-October-13 22:01.torrent

Post by rseiler »

I haven't gotten to this yet, but pretty soon.

Can you confirm that "remote-cert-tls server" is what's in server.conf now?

I don't know if you still have your 2.9.2 handy, but if you try adding that to your server.conf there and then restarting the OpenVPN process, are you able to connect? That's what I wasn't able to accomplish before, so it's interesting that it would work in the beta (which effectively is doing that same thing for us), but then you had more of a default setup in 2.9.2 than I did (several of our server.conf lines were different, not counting the ones that I know that I tweaked).
Sat Oct 14 15:13:39 2017 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this...

Eric has determined that this is not a big risk.
That agrees with what I read. Plus, you can eliminate the warning by adding "auth-nocache" to your .ovpn.

ispyisail
Moderator
Posts: 5180
Joined: Mon Apr 06, 2009 3:15 am
Location: New Zealand

Re: gargoyle-ispy 2017-October-13 22:01.torrent

Post by ispyisail »

Working config

Code: Select all

client
remote          192.168.10.141 1194
dev             tun
proto           udp
status          current_status
resolv-retry    infinite
remote-cert-tls server
topology        subnet
verb            3

cipher          AES-256-CBC


ca              ca.crt
cert            client210.crt
key             client210.key
tls-auth        ta.key 1

nobind
persist-key
persist-tun
comp-lzo

rseiler
Posts: 208
Joined: Sun Dec 15, 2013 12:31 am

Re: gargoyle-ispy 2017-October-13 22:01.torrent

Post by rseiler »

In 2.9.2 also?

ispyisail
Moderator
Posts: 5180
Joined: Mon Apr 06, 2009 3:15 am
Location: New Zealand

Re: gargoyle-ispy 2017-October-13 22:01.torrent

Post by ispyisail »

rseiler wrote:In 2.9.2 also?
I'm not sure what you mean by 2.9.2?

My config is the "client" for the above gargoyle image

quynhnt
Posts: 12
Joined: Thu May 25, 2017 9:00 am

Re: gargoyle-ispy 2017-October-13 22:01.torrent

Post by quynhnt »

It works well on my router (Buffalo WZR-AG300NH).
Can you add in Gargoyle GUI option that I can change country code like LEDE? My router country code is "US" default so I don't have channel 12, 13. I change it to my country code from shell command line but It revert back to "US" when router reboot.
Thank you

Post Reply