this post was submitted on 14 Jun 2023
3 points (100.0% liked)

Synology

965 readers
1 users here now

Synology

This is a place for all topics regarding Synology hard- and software - especially (but not limited to) their NAS devices.

Just one thing: Let’s please be pleasant to each other and respect that people have different experience levels. Some are pros, some are noobs, yet everybody may have good ideas or interesting questions to ask and comments to make, and all of these shall be heard and appreciated. ❤️


And since we know from TV that all IT nerds 🤓 are h4xx0rs and wear hoodies all the time (if not even ski masks) in front of their computers, I chose an appropriate banner image (image credit).

founded 1 year ago
MODERATORS
 

Do you experience similar connectivity issues when using a VPN provider for torrenting? I have tried different servers (which allow torrenting), both udp/tcp protocol, and the recommended dns settings, yet it remains quite buggy. Somtimes, it works well and remains stable for a few days or even weeks. But eventuelly it loses connection, although it says it's still connected. Have any of you encountered the same problems? I am using: DSM 6.2.4-25556 Update 7 and Proton as VPN Provider.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 2 points 1 year ago (2 children)

I gave up on DSM's own VPN client setup, because IIRC first it only supports OpenVPN, and 2nd it tends to quietly disconnect from the VPN server even if keep-alive is enabled.

But if you do want to stick with DSM VPN, I wrote a script before that would help revive the connection even if it gets severed. Maybe this will help you. Let me know if you want to give it a try, so I can see if I still have it somewhere to share with you.

[–] [email protected] 1 points 1 year ago* (last edited 1 year ago) (2 children)

Yes, this is exactly what happens to my connection. If you still have your script around feel free to share it. I will have a look at it since I don't have any experience with dockers. Thx very much.

[–] [email protected] 2 points 1 year ago

Ok once I get home tonight I will search for it. It worked pretty well actually but eventually I made the switch to docker VPN anyway because of Wireguard support.

[–] [email protected] 2 points 1 year ago (1 children)

My script writing skills are pretty bad. So while this has worked for me, if you are up for it feel free to modify it any way you want.

First save this script somewhere in your home folder (or any folder of your choice). Name it vpn_watchdog.sh:

#!/bin/sh

LOGFILE="/volume1/homes/xxxxx/VPN_watchdog.log"
CURRENT_IP=`timeout -k 1 -s 0 5 curl icanhazip.com`
WATCHTIME=30
ALTERNATE_VPN=1

vpn_restart () {

        LAST=`ifconfig | grep "tun0"`

        while [ ! -z "$LAST" ]; do

                echo $(date)" - tun0 exists, killing vpn client..." >> $LOGFILE
                synovpnc kill_client
                sleep 5
                LAST=`ifconfig | grep "tun0"`

        done

        if [[ $ALTERNATE_VPN -eq 1 ]];then

#       2022-07-02 confined to one VPN only for now

#               ALTERNATE_VPN=2
                ALTERNATE_VPN=1

                cat >/usr/syno/etc/synovpnclient/vpnc_connecting <<END
conf_id=o1663422808
conf_name=Surfshark_HK
proto=openvpn
END


                echo $(date)" - Establishing VPN connection..." >> $LOGFILE

                synovpnc connect --id=o1663422808

        elif [[ $ALTERNATE_VPN -eq 2 ]];then

#       2022-07-02 confined to one VPN only for now

#               ALTERNATE_VPN=1

                cat >/usr/syno/etc/synovpnclient/vpnc_connecting <<END
conf_id=o1642598846
conf_name=Surfshark_TW
proto=openvpn
END

                echo $(date)" - Establishing alternate VPN connection..." >> $LOGFILE

                synovpnc connect --id=o1642598846

        fi

        sleep 20

        CONNECTION_TEST=`cat /usr/syno/etc/synovpnclient/vpnc_last_connect | grep server_ip0 | awk -F= 'NF==2 {print $2}'`
        CURRENT_IP=`timeout -k 1 -s 0 5 curl icanhazip.com`
        echo $(date)" - Completed command to start VPN.  IP used for connection test = "$CONNECTION_TEST", current IP = "$CURRENT_IP >> $LOGFILE

}

case $1 in

        start)

                echo $(date)" - Started, IP used for connection test = "$CONNECTION_TEST", current IP = "$CURRENT_IP >> $LOGFILE

                while true; do

                        sleep 30

                        LAST=`ping -I tun0 -c 5 -W 2 -q "$CONNECTION_TEST"`
                        OUTCOME=$?
                        LAST=`echo $LAST | grep "0 received"`

                        if [[ ! -z "$LAST" || $OUTCOME -eq 2 ]];then

                                echo $(date)" - Ping to "$CONNECTION_TEST" via TUN0 failed" >> $LOGFILE
                                vpn_restart

                        fi

                        LAST=`ping -c 5 -W 2 -q "$CONNECTION_TEST"`
                        OUTCOME=$?
                        LAST=`echo $LAST | grep "0 received"`

                        if [[ ! -z "$LAST" || $OUTCOME -eq 2 ]];then

                                echo $(date)" - Ping to "$CONNECTION_TEST" via general connection failed" >> $LOGFILE
                                vpn_restart

                        fi

                        LAST=`ifconfig | grep "tun0"`

                        if [ -z "$LAST" ];then

                                echo $(date)" - TUN0 down" >> $LOGFILE
                                vpn_restart

                        fi

                done
                ;;

        stop)

                echo $(date)" - Shutting down" >> $LOGFILE
                pkill -9 -f vpn_watchdog
                ;;

esac

You will then need to change something in the script:

  1. LOGFILE -> change the 'xxxxx' to your home folder
  2. o1663422808 and Surfshark_HK -> change according to the following instructions (info sourced from https://blog.benoitblanchon.fr/synology-auto-connect-vpn-at-startup/ ):

Quoting the relevant info from this site: The DSM comes with a command line tool to manage the VPN connection. As you’ll see the ergonomy is debatable, but it allows to initiate the connection from the shell. This tool is synovpnc, but before we can use it, we need the following file: /usr/syno/etc/synovpnclient/vpnc_connecting This is a temporary file that lives only a few seconds after you click “Connect” in the VPN configuration GUI. Your mission is to click on “Connect” and cat this file so you can see the configuration. It should be something among those lines: conf_id=o1481981647 conf_name=MyVpnConnection proto=openvpn The conf_id and conf_name is what we are after.

Once found, just change o1663422808 and Surfshark_HK with the names you found following the above instructions.

(Edit: Note - there are multiple occurrences of o1663422808 (and possibly Surfshark_HK) in the script, so change all occurrences) Now that we have created the script, 2 additional steps are needed:

  1. Uncheck the 'Reconnect when the VPN connection is lost' checkbox. This script takes over the monitoring / restarting.
  2. We need a way to run the script at system startup. Either you can figure out how to utilize 'task scheduler' to do this, or do what I did:

cd to /usr/local/etc/rc.d , then create a 'startup.sh' with the following content:

#!/bin/sh

# Start everything up in background.
# My experience shows Synology may start these process one by one, and only if one has finished will it start the next one.
# So for script with forever loops, it potentially will block other scripts from running
# Therefore I need to use one single script to start other scripts in the background.

case $1 in

        start)

               /bin/sh /volume1/homes/xxxxx/vpn_watchdog.sh stop

               /bin/sh /volume1/homes/xxxxx/vpn_watchdog.sh start &

                ;;

        stop)

               /bin/sh /volume1/homes/xxxxx/vpn_watchdog.sh stop &

                ;;

esac

Again, change xxxxx with your home folder (or whatever folder you placed the watchdog script in).

Also, remember to 'chmod +x' the scripts so they become executable.

That's all I can think of. Good luck !

[–] [email protected] 1 points 1 year ago

Thx very much, will have a look at it on the weekend ;)

[–] [email protected] 1 points 1 year ago* (last edited 1 year ago)

My script writing skills are pretty bad. So while this has worked for me, if you are up for it feel free to modify it any way you want.

First save this script somewhere in your home folder (or any folder of your choice). Name it vpn_watchdog.sh:

#!/bin/sh

LOGFILE="/volume1/homes/xxxxx/VPN_watchdog.log"
CURRENT_IP=`timeout -k 1 -s 0 5 curl icanhazip.com`
WATCHTIME=30
ALTERNATE_VPN=1

vpn_restart () {

        LAST=`ifconfig | grep "tun0"`

        while [ ! -z "$LAST" ]; do

                echo $(date)" - tun0 exists, killing vpn client..." >> $LOGFILE
                synovpnc kill_client
                sleep 5
                LAST=`ifconfig | grep "tun0"`

        done

        if [[ $ALTERNATE_VPN -eq 1 ]];then

#       2022-07-02 confined to one VPN only for now

#               ALTERNATE_VPN=2
                ALTERNATE_VPN=1

                cat >/usr/syno/etc/synovpnclient/vpnc_connecting <<END
conf_id=o1663422808
conf_name=Surfshark_HK
proto=openvpn
END


                echo $(date)" - Establishing VPN connection..." >> $LOGFILE

                synovpnc connect --id=o1663422808

        elif [[ $ALTERNATE_VPN -eq 2 ]];then

#       2022-07-02 confined to one VPN only for now

#               ALTERNATE_VPN=1

                cat >/usr/syno/etc/synovpnclient/vpnc_connecting <<END
conf_id=o1642598846
conf_name=Surfshark_TW
proto=openvpn
END

                echo $(date)" - Establishing alternate VPN connection..." >> $LOGFILE

                synovpnc connect --id=o1642598846

        fi

        sleep 20

        CONNECTION_TEST=`cat /usr/syno/etc/synovpnclient/vpnc_last_connect | grep server_ip0 | awk -F= 'NF==2 {print $2}'`
        CURRENT_IP=`timeout -k 1 -s 0 5 curl icanhazip.com`
        echo $(date)" - Completed command to start VPN.  IP used for connection test = "$CONNECTION_TEST", current IP = "$CURRENT_IP >> $LOGFILE

}

case $1 in

        start)

                echo $(date)" - Started, IP used for connection test = "$CONNECTION_TEST", current IP = "$CURRENT_IP >> $LOGFILE

                while true; do

                        sleep 30

                        LAST=`ping -I tun0 -c 5 -W 2 -q "$CONNECTION_TEST"`
                        OUTCOME=$?
                        LAST=`echo $LAST | grep "0 received"`

                        if [[ ! -z "$LAST" || $OUTCOME -eq 2 ]];then

                                echo $(date)" - Ping to "$CONNECTION_TEST" via TUN0 failed" >> $LOGFILE
                                vpn_restart

                        fi

                        LAST=`ping -c 5 -W 2 -q "$CONNECTION_TEST"`
                        OUTCOME=$?
                        LAST=`echo $LAST | grep "0 received"`

                        if [[ ! -z "$LAST" || $OUTCOME -eq 2 ]];then

                                echo $(date)" - Ping to "$CONNECTION_TEST" via general connection failed" >> $LOGFILE
                                vpn_restart

                        fi

                        LAST=`ifconfig | grep "tun0"`

                        if [ -z "$LAST" ];then

                                echo $(date)" - TUN0 down" >> $LOGFILE
                                vpn_restart

                        fi

                done
                ;;

        stop)

                echo $(date)" - Shutting down" >> $LOGFILE
                pkill -9 -f vpn_watchdog
                ;;

esac

You will then need to change something in the script:

  1. LOGFILE -> change the 'xxxxx' to your home folder
  2. o1663422808 and Surfshark_HK -> change according to the following instructions (info sourced from https://blog.benoitblanchon.fr/synology-auto-connect-vpn-at-startup/ ):

Quoting the relevant info from this site: The DSM comes with a command line tool to manage the VPN connection. As you’ll see the ergonomy is debatable, but it allows to initiate the connection from the shell. This tool is synovpnc, but before we can use it, we need the following file: /usr/syno/etc/synovpnclient/vpnc_connecting This is a temporary file that lives only a few seconds after you click “Connect” in the VPN configuration GUI. Your mission is to click on “Connect” and cat this file so you can see the configuration. It should be something among those lines: conf_id=o1481981647 conf_name=MyVpnConnection proto=openvpn The conf_id and conf_name is what we are after.

Once found, just change o1663422808 and Surfshark_HK with the names you found following the above instructions.

(Edit: Note - there are multiple occurrences of o1663422808 (and possibly Surfshark_HK) in the script, so change all occurrences) Now that we have created the script, 2 additional steps are needed:

  1. Uncheck the 'Reconnect when the VPN connection is lost' checkbox. This script takes over the monitoring / restarting.
  2. We need a way to run the script at system startup. Either you can figure out how to utilize 'task scheduler' to do this, or do what I did:

cd to /usr/local/etc/rc.d , then create a 'startup.sh' with the following content:

#!/bin/sh

# Start everything up in background.
# My experience shows Synology may start these process one by one, and only if one has finished will it start the next one.
# So for script with forever loops, it potentially will block other scripts from running
# Therefore I need to use one single script to start other scripts in the background.

case $1 in

        start)

               /bin/sh /volume1/homes/xxxxx/vpn_watchdog.sh stop

               /bin/sh /volume1/homes/xxxxx/vpn_watchdog.sh start &

                ;;

        stop)

               /bin/sh /volume1/homes/xxxxx/vpn_watchdog.sh stop &

                ;;

esac

Again, change xxxxx with your home folder (or whatever folder you placed the watchdog script in).

Also, remember to 'chmod +x' the scripts so they become executable.

That's all I can think of. Good luck !