View previous topic :: View next topic |
Author |
Message |
Tae_kyon n00b
Joined: 19 Apr 2006 Posts: 71
|
Posted: Sat Aug 10, 2019 3:48 pm Post subject: NordVPN |
|
|
I have a subscrition to NordVPN and am using it on my Gentoo box. However, I have to import the server configuration files manually into Network-Manager every time.
Openpyn and other such instruments I've found need to be installed with PIP, and in the end I can never get them to work.
An ebuild for nordmn is on panther-overlay, doesn't work either.
Has anyone found a good solution to this?
Thanks _________________ We shall not cease from exploration. And the end of all our exploring
will be to arrive where we started and know the place for the first time |
|
Back to top |
|
|
nowlodek n00b
Joined: 20 Jun 2006 Posts: 12
|
Posted: Fri Jan 24, 2020 8:19 pm Post subject: |
|
|
You can use NordVPN Linux app.
Get the latest deb package from https://repo.nordvpn.com/deb/nordvpn/debian/pool/main/
Use deb2tar to convert to tar.
Extract
/usr/bin/nordvpn to /usr/local/bin
and
/usr/sbin/nordvpnd to /usr/local/sbin
and
/var/lib/norvpn to /var/lib
then create init file
touch /etc/init.d/nordvpnd
with
Code: | #!/sbin/openrc-run
# Copyright 1999-2019 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
command="/usr/local/sbin/nordvpnd"
pidfile="/run/${RC_SVCNAME}.pid"
retry="SIGTERM/5/SIGTERM/5/SIGKILL/5"
start_stop_daemon_args="--background --make-pidfile"
depend() {
<------>use logger net
<------>provide dns
}
|
To use it start daemon first
Code: | rc-service nordvpnd start |
login to nordvpn
and
in case of issues with OpenVPN mode, switch to NordLynx mode
Code: | nordvpn set technology nordlynx |
|
|
Back to top |
|
|
Tae_kyon n00b
Joined: 19 Apr 2006 Posts: 71
|
Posted: Sat Jan 25, 2020 12:11 am Post subject: |
|
|
Thanks! Looks like just what I need! _________________ We shall not cease from exploration. And the end of all our exploring
will be to arrive where we started and know the place for the first time |
|
Back to top |
|
|
nowlodek n00b
Joined: 20 Jun 2006 Posts: 12
|
Posted: Sun Jan 26, 2020 4:09 pm Post subject: |
|
|
I'm lazy but I did it.
An ebuild for NordVPN
Code: | touch /usr/local/portage/net-vpn/nordvpn/nordvpn-3.6.0.3.ebuild |
nordvpn-3.6.0.3.ebuild
Code: |
# Copyright 1999-2017 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
EAPI=7
inherit eutils unpacker
MY_PV=$(ver_rs 3 '-')
DESCRIPTION="NordVPN native client"
HOMEPAGE="https://nordvpn.com"
SRC_URI="https://repo.nordvpn.com/deb/nordvpn/debian/pool/main/nordvpn_${MY_PV}_amd64.deb"
LICENSE="NordVPN"
SLOT="0"
KEYWORDS="-* ~amd64"
IUSE=""
# TODO: verify that list of RDEPEND is complete
RDEPEND="net-misc/networkmanager
net-vpn/networkmanager-openvpn"
RESTRICT="strip"
S="${WORKDIR}"
src_unpack() {
# Unpack Debian package containing application's files
unpack_deb ${A}
gzip "${S}"/usr/share/doc/nordvpn/changelog.gz -d "${S}"
gzip "${S}"/usr/share/man/man1/nordvpn.1.gz -d "${S}"
}
src_install() {
cd ${S}
# doinitd>etc/init.d/nordvpn
newinitd "${FILESDIR}"/nordvpn.initd ${PN}
# into<-->/usr
dobin<->usr/bin/nordvpn
dosbin<>usr/sbin/nordvpnd
insinto>/var/lib/nordvpn
doins -r var/lib/nordvpn
insinto>/usr/share/bash-completion/completions
doins <>usr/share/bash-completion/completions/nordvpn
dodoc usr/share/doc/nordvpn/changelog
doman usr/share/man/man1/nordvpn.1
}
|
new init file for package
Code: | touch /usr/local/portage/net-vpn/nordvpn/files/nordvpn.initd |
nordvpn.initd
Code: |
#!/sbin/openrc-run
# Copyright 1999-2019 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
command="/usr/sbin/nordvpnd"
pidfile="/run/${RC_SVCNAME}.pid"
retry="SIGTERM/5/SIGTERM/5/SIGKILL/5"
start_stop_daemon_args="--background --make-pidfile"
depend() {
use logger net
provide dns
}
|
Last edited by nowlodek on Sun Jan 26, 2020 8:51 pm; edited 1 time in total |
|
Back to top |
|
|
Hu Moderator
Joined: 06 Mar 2007 Posts: 21624
|
Posted: Sun Jan 26, 2020 5:03 pm Post subject: |
|
|
The way you represent tabs makes it difficult for users to quickly copy/paste this into a working ebuild. Do you have a repository somewhere from which interested users could download it? If not, consider posting the ebuild with tabs as actual tabs, not as placeholders. nowlodek wrote: | Code: | SRC_URI="https://repo.nordvpn.com/deb/nordvpn/debian/pool/main/nordvpn_${MY_PV}_amd64.deb"
KEYWORDS="~amd64" |
| I think it is conventional to include a -* in KEYWORDS when, as here, you download a prebuilt file that only works on one architecture. man 5 ebuild: | · If you do not know if an ebuild runs under a particular arch,
then do not specify it in KEYWORDS. It will then be masked by
default on that architecture.
· If the ebuild is known not to work on an arch, disable that
arch in KEYWORDS. This would be done by specifying "-ppc",
for example. This will ensure that it is explicitly key‐
word-masked for that architecture. | In this case, you know it will not work on non-amd64. nowlodek wrote: | Code: | DEPEND="${RDEPEND}" |
| I think this is incorrect. As a prebuilt package, the only things needed to "build" it are tools for unpacking upstream's archive. The packages in your RDEPEND may be needed to run it, but are not needed if someone just wants to run emerge --buildpkgonly.For consistency, this should be quoted. nowlodek wrote: | Code: | <------>gzip ${S}/usr/share/doc/nordvpn/changelog.gz -d ${S}
<------>gzip ${S}/usr/share/man/man1/nordvpn.1.gz -d ${S} |
| Again, quoting. Although rare, some people might set PORTAGE_TMPDIR, and by extension WORKDIR, and by extension, S, to a path with spaces.Quoting. nowlodek wrote: | Code: | command="/usr/local/sbin/nordvpnd" |
| Your ebuild installs this file into /usr/sbin, not /usr/local/sbin. |
|
Back to top |
|
|
nowlodek n00b
Joined: 20 Jun 2006 Posts: 12
|
Posted: Sun Jan 26, 2020 9:01 pm Post subject: |
|
|
Thank you for looking up.
There are others architectures so I started with ~amd64 with hope to include another.
Post altered accordingly. |
|
Back to top |
|
|
elover Apprentice
Joined: 20 Nov 2019 Posts: 159 Location: Spain
|
Posted: Mon Jan 27, 2020 10:08 am Post subject: |
|
|
Hey, I found this ebuild.
nordvpn-3.5.0-r2.ebuild
Code: | Close
# Copyright 2019 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
inherit unpacker
DESCRIPTION="NordVPN CLI tool for Linux"
HOMEPAGE="https://nordvpn.com"
BASE_URI="https://repo.nordvpn.com/deb/${PN}/debian/pool/main"
SRC_URI="
amd64? ( "${BASE_URI}/${P/-/_}-${PR/r}_amd64.deb" )
arm? ( "${BASE_URI}/${P/-/_}-${PR/r}_armel.deb" )
arm64? ( "${BASE_URI}/${P/-/_}-${PR/r}_arm64.deb" )
x86? ( "${BASE_URI}/${P/-/_}-${PR/r}_i386.deb" )
"
LICENSE="NordVPN"
SLOT="0"
KEYWORDS="~amd64 ~arm ~arm64 ~x86"
IUSE="nordlynx systemd"
RESTRICT="mirror strip"
RDEPEND="
dev-libs/libxslt[crypt]
net-firewall/iptables
sys-apps/iproute2[iptables]
sys-apps/net-tools
sys-process/procps
nordlynx? (
net-vpn/wireguard[module,tools]
)
systemd? (
sys-apps/systemd
)
"
S="${WORKDIR}"
src_unpack() {
unpack_deb "${A}"
}
src_prepare() {
rm _gpgbuilder || die
use !systemd && ( rm -rf usr/lib || die )
mv usr/share/doc/nordvpn/changelog.gz .
gunzip changelog.gz
mv usr/share/man/man1/${PN}.1.gz .
gunzip ${PN}.1.gz
rm -rf usr/share/man \
usr/share/doc \
etc
default
}
src_install() {
dodoc changelog
rm changelog
doman ${PN}.1
rm ${PN}.1
mkdir -p "${ED}"
cp -r . "${ED}"/
doinitd "${FILESDIR}/${PN}"
}
pkg_postinst() {
echo
elog "Thanks for installing the NordVPN client."
elog "Don't forget to purchase your NordVPN plan in order to use the client."
echo
} |
Could be arranged for the latest version deb? |
|
Back to top |
|
|
nowlodek n00b
Joined: 20 Jun 2006 Posts: 12
|
Posted: Mon Jan 27, 2020 4:59 pm Post subject: |
|
|
Change the number and save it as nordvpn-3.6.0-r4.ebuild and try to emerge.
Deb file structure is the same so elevating ebuild should work.
Current deb file ver. 3.6.0-3 => 3.6.0-r4 ebuild ver. |
|
Back to top |
|
|
MrEncryptor n00b
Joined: 26 Feb 2020 Posts: 1
|
Posted: Wed Feb 26, 2020 5:15 am Post subject: |
|
|
HEY!
If you're getting this when you try to connect:
Code: | ~ $ nordvpn c
A new version of NordVPN is available! Please update the application.
Connecting to Arrakis #420 (xx.nordvpn.com)
Whoops! Connection failed. Please try again. If the problem persists, contact our customer support.
|
And if you're getting this issue in your ` /usr/sbin/nordpvnd ` logs:
Code: |
2020/02/25 22:01:52 [INFO] Tue Feb 25 22:01:52 2020 /sbin/ip link set dev tun0 up mtu 1500
2020/02/25 22:01:52 [INFO] Tue Feb 25 22:01:52 2020 MANAGEMENT: Client disconnected
2020/02/25 22:01:52 [INFO] Tue Feb 25 22:01:52 2020 Linux ip link set failed: could not execute external program
2020/02/25 22:01:52 [INFO] Tue Feb 25 22:01:52 2020 Exiting due to fatal error
2020/02/25 22:01:52 [Error] Linux ip link set failed: could not execute external program
2020/02/25 22:01:52 Linux ip link set failed: could not execute external program
|
It's probably because your ip binary is in ` /bin/ip ` instead of ` /sbin/ip ` where nordvpn wants to use it. My solution was to symlink it there:
Code: | # ln -s /bin/ip /sbin/ip |
|
|
Back to top |
|
|
rmk88 n00b
Joined: 31 Mar 2019 Posts: 10
|
Posted: Fri Jul 30, 2021 7:14 pm Post subject: |
|
|
Probably stupid question, but did follow the instructions on second post and then I got this:
nae ~ # rc-service nordvpnd start
* Starting nordvpnd ... [ ok ]
rmk@nae ~ $ nordvpn login
Whoops! /run/nordvpn/nordvpnd.sock not found
What I'm doin' wrong? |
|
Back to top |
|
|
lahouari n00b
Joined: 14 Dec 2020 Posts: 14
|
Posted: Fri Aug 13, 2021 11:28 am Post subject: |
|
|
I have the same issue.
when trying to run nordvpnd manualy this output shows:
Code: | 2021/08/13 14:29:24 [Info] Daemon has started
2021/08/13 14:29:24 Kill Switch set to: disabled
NordVPN App Connection Settings:
Technology: OpenVPN
Protocol: UDP
Firewall: enabled
KillSwitch: disabled
Obfuscate: disabled
Notify: enabled
Auto-connect: disabled
2021/08/13 14:29:24 Auto-connect set to: disabled
NordVPN App Connection Settings:
Technology: OpenVPN
Protocol: UDP
Firewall: enabled
KillSwitch: disabled
Obfuscate: disabled
Notify: enabled
Auto-connect: disabled
2021/08/13 14:29:24 DNS set to: disabled
NordVPN App Connection Settings:
Technology: OpenVPN
Protocol: UDP
Firewall: enabled
KillSwitch: disabled
Obfuscate: disabled
Notify: enabled
Auto-connect: disabled
2021/08/13 14:29:24 CyberSec set to: disabled
NordVPN App Connection Settings:
Technology: OpenVPN
Protocol: UDP
Firewall: enabled
KillSwitch: disabled
Obfuscate: disabled
Notify: enabled
Auto-connect: disabled
2021/08/13 14:29:24 Protocol set to: UDP
NordVPN App Connection Settings:
Technology: OpenVPN
Protocol: UDP
Firewall: enabled
KillSwitch: disabled
Obfuscate: disabled
Notify: enabled
Auto-connect: disabled
2021/08/13 14:29:24 Technology set to: OpenVPN
NordVPN App Connection Settings:
Technology: OpenVPN
Protocol: UDP
Firewall: enabled
KillSwitch: disabled
Obfuscate: disabled
Notify: enabled
Auto-connect: disabled
2021/08/13 14:29:24 Error on listening to UNIX domain socket: listen unix /run/nordvpn/nordvpnd.sock: bind: no such file or directory
|
|
|
Back to top |
|
|
Hu Moderator
Joined: 06 Mar 2007 Posts: 21624
|
Posted: Fri Aug 13, 2021 3:15 pm Post subject: |
|
|
The error states that the socket does not exist. Why not? Does the containing directory exist? If not, who was supposed to create it? Why did that program not create it? Since the path is under /run, I would expect this to be managed by a tmpfiles.d entry. Do you have tmpfiles enabled? Does the package install the right configuration for tmpfiles? |
|
Back to top |
|
|
lahouari n00b
Joined: 14 Dec 2020 Posts: 14
|
Posted: Fri Aug 13, 2021 3:27 pm Post subject: |
|
|
ok after some digging and with help of support from NordVPN I moved some step further...
but not yet there.
so:
first thing is that nordvpn deamon wants to create soc file in /run/nordvpn/ and that folder does not exist.
I modified my init.d file like so for now:
Code: | pidfile="/run/${RC_SVCNAME}/${RC_SVCNAME}.pid" |
and created folder nordvpn folder in /run I think... or maybe the init script did... regardless after that there is another problem (deamon starts) but it then needs a certificate file it will look in
/var/lib/nordvpn/data//rsa-key-1.pub
it should look it up in
/var/lib/nordvpn/nordvpn/data/rsa-key-1.pub
this is easily ammended by copping files...
then next problem is it tries to find openvpn file
again can be ammended by coping files from /var/lib/nordvpn/nordvpn to /var/lib/nordvpn/
but now I run into some more serious problem
I was missing /dev/net/tun
which I created by doing this:
Code: |
mkdir -p /dev/net
mknod /dev/net/tun c 10 200
chmod 600 /dev/net/tun
cat /dev/net/tun
|
and now current issue:
log from nordvpnd when run manually ( I couldnt get it to log when run as service)
Code: |
2021/08/13 18:05:16 [Info] Daemon has started
2021/08/13 18:05:16 Kill Switch set to: disabled
NordVPN App Connection Settings:
Technology: OpenVPN
Protocol: UDP
Firewall: enabled
KillSwitch: disabled
Obfuscate: disabled
Notify: enabled
Auto-connect: disabled
2021/08/13 18:05:16 Auto-connect set to: disabled
NordVPN App Connection Settings:
Technology: OpenVPN
Protocol: UDP
Firewall: enabled
KillSwitch: disabled
Obfuscate: disabled
Notify: enabled
Auto-connect: disabled
2021/08/13 18:05:16 DNS set to: disabled
NordVPN App Connection Settings:
Technology: OpenVPN
Protocol: UDP
Firewall: enabled
KillSwitch: disabled
Obfuscate: disabled
Notify: enabled
Auto-connect: disabled
2021/08/13 18:05:16 CyberSec set to: disabled
NordVPN App Connection Settings:
Technology: OpenVPN
Protocol: UDP
Firewall: enabled
KillSwitch: disabled
Obfuscate: disabled
Notify: enabled
Auto-connect: disabled
2021/08/13 18:05:16 Protocol set to: UDP
NordVPN App Connection Settings:
Technology: OpenVPN
Protocol: UDP
Firewall: enabled
KillSwitch: disabled
Obfuscate: disabled
Notify: enabled
Auto-connect: disabled
2021/08/13 18:05:16 Technology set to: OpenVPN
NordVPN App Connection Settings:
Technology: OpenVPN
Protocol: UDP
Firewall: enabled
KillSwitch: disabled
Obfuscate: disabled
Notify: enabled
Auto-connect: disabled
2021/08/13 18:05:21 PRE_CONNECT system info:
App Version: 3.9.5
OS Info:
NAME=Gentoo
ID=gentoo
PRETTY_NAME="Gentoo/Linux"
ANSI_COLOR="1;32"
HOME_URL="https://www.gentoo.org/"
SUPPORT_URL="https://www.gentoo.org/support/"
BUG_REPORT_URL="https://bugs.gentoo.org/"
System Info:Linux zgredek 5.10.52-gentoo-dlc-34 #1 SMP Tue Aug 3 09:14:00 EEST 2021 x86_64 AMD Ryzen 7 1800X Eight-Core Processor AuthenticAMD GNU/Linux
Routes of All Routing Tables:
default via 192.168.0.1 dev enp3s0 proto dhcp src 192.168.0.2 metric 2
default via 192.168.0.1 dev enp3s0 proto dhcp metric 100
192.168.0.0/24 dev enp3s0 proto dhcp scope link src 192.168.0.2 metric 2
192.168.0.0/24 dev enp3s0 proto kernel scope link src 192.168.0.2 metric 100
broadcast 127.0.0.0 dev lo table local proto kernel scope link src 127.0.0.1
local 127.0.0.0/8 dev lo table local proto kernel scope host src 127.0.0.1
local 127.0.0.1 dev lo table local proto kernel scope host src 127.0.0.1
broadcast 127.255.255.255 dev lo table local proto kernel scope link src 127.0.0.1
broadcast 192.168.0.0 dev enp3s0 table local proto kernel scope link src 192.168.0.2
local 192.168.0.2 dev enp3s0 table local proto kernel scope host src 192.168.0.2
broadcast 192.168.0.255 dev enp3s0 table local proto kernel scope link src 192.168.0.2
local ::1 dev lo table local proto kernel metric 0 pref medium
multicast ff00::/8 dev enp3s0 table local proto kernel metric 256 pref medium
IP Rules:
0: from all lookup local
32766: from all lookup main
32767: from all lookup default
IP Tables:
filter:
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
nat:
-P PREROUTING ACCEPT
-P INPUT ACCEPT
-P OUTPUT ACCEPT
-P POSTROUTING ACCEPT
mangle:
-P PREROUTING ACCEPT
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-P POSTROUTING ACCEPT
raw:
-P PREROUTING ACCEPT
-P OUTPUT ACCEPT
security:
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
2021/08/13 18:05:21 [Debug] picking servers for OpenVPN technology
debug: Fri Aug 13 18:05:22 2021 OpenVPN 2.4.10 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Feb 8 2021
2021/08/13 18:05:22 [INFO] Fri Aug 13 18:05:22 2021 OpenVPN 2.4.10 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Feb 8 2021
debug: Fri Aug 13 18:05:22 2021 library versions: OpenSSL 1.1.1i 8 Dec 2020, LZO 2.10
2021/08/13 18:05:22 [INFO] Fri Aug 13 18:05:22 2021 library versions: OpenSSL 1.1.1i 8 Dec 2020, LZO 2.10
debug: Fri Aug 13 18:05:22 2021 MANAGEMENT: Connected to management server at /run/nordvpn/nordvpn-openvpn.sock
2021/08/13 18:05:22 [INFO] Fri Aug 13 18:05:22 2021 MANAGEMENT: Connected to management server at /run/nordvpn/nordvpn-openvpn.sock
debug: Fri Aug 13 18:05:22 2021 MANAGEMENT: CMD 'state on'
2021/08/13 18:05:22 [INFO] Fri Aug 13 18:05:22 2021 MANAGEMENT: CMD 'state on'
debug: Fri Aug 13 18:05:22 2021 MANAGEMENT: CMD 'username "Auth" FU9gYxQnT7xy7SUGNxUPpEfN'
2021/08/13 18:05:22 [INFO] Fri Aug 13 18:05:22 2021 MANAGEMENT: CMD 'username "Auth" FU9gYxQnT7xy7SUGNxUPpEfN'
debug: Fri Aug 13 18:05:22 2021 MANAGEMENT: CMD 'password [...]'
2021/08/13 18:05:22 [INFO] Fri Aug 13 18:05:22 2021 MANAGEMENT: CMD 'password [...]'
debug: Fri Aug 13 18:05:22 2021 WARNING: --ping should normally be used with --ping-restart or --ping-exit
2021/08/13 18:05:22 [INFO] Fri Aug 13 18:05:22 2021 WARNING: --ping should normally be used with --ping-restart or --ping-exit
debug: Fri Aug 13 18:05:22 2021 NOTE: --fast-io is disabled since we are not using UDP
2021/08/13 18:05:22 [INFO] Fri Aug 13 18:05:22 2021 NOTE: --fast-io is disabled since we are not using UDP
debug: Fri Aug 13 18:05:22 2021 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
2021/08/13 18:05:22 [INFO] Fri Aug 13 18:05:22 2021 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
debug: Fri Aug 13 18:05:22 2021 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
2021/08/13 18:05:22 [INFO] Fri Aug 13 18:05:22 2021 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
debug: Fri Aug 13 18:05:22 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]194.110.84.148:443
2021/08/13 18:05:22 [INFO] Fri Aug 13 18:05:22 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]194.110.84.148:443
debug: Fri Aug 13 18:05:22 2021 Socket Buffers: R=[131072->131072] S=[16384->16384]
2021/08/13 18:05:22 [INFO] Fri Aug 13 18:05:22 2021 Socket Buffers: R=[131072->131072] S=[16384->16384]
debug: Fri Aug 13 18:05:22 2021 Attempting to establish TCP connection with [AF_INET]194.110.84.148:443 [nonblock]
2021/08/13 18:05:22 [INFO] Fri Aug 13 18:05:22 2021 Attempting to establish TCP connection with [AF_INET]194.110.84.148:443 [nonblock]
debug: Fri Aug 13 18:05:22 2021 MANAGEMENT: >STATE:1628867122,TCP_CONNECT,,,,,,
2021/08/13 18:05:22 [INFO] Fri Aug 13 18:05:22 2021 MANAGEMENT: >STATE:1628867122,TCP_CONNECT,,,,,,
debug: Fri Aug 13 18:05:23 2021 TCP connection established with [AF_INET]194.110.84.148:443
2021/08/13 18:05:23 [INFO] Fri Aug 13 18:05:23 2021 TCP connection established with [AF_INET]194.110.84.148:443
debug: Fri Aug 13 18:05:23 2021 TCP_CLIENT link local: (not bound)
2021/08/13 18:05:23 [INFO] Fri Aug 13 18:05:23 2021 TCP_CLIENT link local: (not bound)
debug: Fri Aug 13 18:05:23 2021 TCP_CLIENT link remote: [AF_INET]194.110.84.148:443
2021/08/13 18:05:23 [INFO] Fri Aug 13 18:05:23 2021 TCP_CLIENT link remote: [AF_INET]194.110.84.148:443
debug: Fri Aug 13 18:05:23 2021 MANAGEMENT: >STATE:1628867123,WAIT,,,,,,
2021/08/13 18:05:23 [INFO] Fri Aug 13 18:05:23 2021 MANAGEMENT: >STATE:1628867123,WAIT,,,,,,
debug: Fri Aug 13 18:05:23 2021 MANAGEMENT: >STATE:1628867123,AUTH,,,,,,
2021/08/13 18:05:23 [INFO] Fri Aug 13 18:05:23 2021 MANAGEMENT: >STATE:1628867123,AUTH,,,,,,
debug: Fri Aug 13 18:05:23 2021 TLS: Initial packet from [AF_INET]194.110.84.148:443, sid=af42edf9 6ea9d291
2021/08/13 18:05:23 [INFO] Fri Aug 13 18:05:23 2021 TLS: Initial packet from [AF_INET]194.110.84.148:443, sid=af42edf9 6ea9d291
debug: Fri Aug 13 18:05:23 2021 VERIFY OK: depth=2, C=PA, O=NordVPN, CN=NordVPN Root CA
2021/08/13 18:05:23 [INFO] Fri Aug 13 18:05:23 2021 VERIFY OK: depth=2, C=PA, O=NordVPN, CN=NordVPN Root CA
debug: Fri Aug 13 18:05:23 2021 VERIFY OK: depth=1, C=PA, O=NordVPN, CN=NordVPN CA6
2021/08/13 18:05:23 [INFO] Fri Aug 13 18:05:23 2021 VERIFY OK: depth=1, C=PA, O=NordVPN, CN=NordVPN CA6
debug: Fri Aug 13 18:05:23 2021 VERIFY KU OK
2021/08/13 18:05:23 [INFO] Fri Aug 13 18:05:23 2021 VERIFY KU OK
debug: Fri Aug 13 18:05:23 2021 Validating certificate extended key usage
2021/08/13 18:05:23 [INFO] Fri Aug 13 18:05:23 2021 Validating certificate extended key usage
debug: Fri Aug 13 18:05:23 2021 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
2021/08/13 18:05:23 [INFO] Fri Aug 13 18:05:23 2021 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
debug: Fri Aug 13 18:05:23 2021 VERIFY EKU OK
2021/08/13 18:05:23 [INFO] Fri Aug 13 18:05:23 2021 VERIFY EKU OK
debug: Fri Aug 13 18:05:23 2021 VERIFY OK: depth=0, CN=fi163.nordvpn.com
2021/08/13 18:05:23 [INFO] Fri Aug 13 18:05:23 2021 VERIFY OK: depth=0, CN=fi163.nordvpn.com
debug: Fri Aug 13 18:05:23 2021 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1635', remote='link-mtu 1636'
2021/08/13 18:05:23 [INFO] Fri Aug 13 18:05:23 2021 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1635', remote='link-mtu 1636'
debug: Fri Aug 13 18:05:23 2021 WARNING: 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
2021/08/13 18:05:23 [INFO] Fri Aug 13 18:05:23 2021 WARNING: 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
debug: Fri Aug 13 18:05:23 2021 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, 4096 bit RSA
2021/08/13 18:05:23 [INFO] Fri Aug 13 18:05:23 2021 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, 4096 bit RSA
debug: Fri Aug 13 18:05:23 2021 [fi163.nordvpn.com] Peer Connection Initiated with [AF_INET]194.110.84.148:443
2021/08/13 18:05:23 [INFO] Fri Aug 13 18:05:23 2021 [fi163.nordvpn.com] Peer Connection Initiated with [AF_INET]194.110.84.148:443
debug: Fri Aug 13 18:05:24 2021 MANAGEMENT: >STATE:1628867124,GET_CONFIG,,,,,,
2021/08/13 18:05:24 [INFO] Fri Aug 13 18:05:24 2021 MANAGEMENT: >STATE:1628867124,GET_CONFIG,,,,,,
debug: Fri Aug 13 18:05:24 2021 SENT CONTROL [fi163.nordvpn.com]: 'PUSH_REQUEST' (status=1)
2021/08/13 18:05:24 [INFO] Fri Aug 13 18:05:24 2021 SENT CONTROL [fi163.nordvpn.com]: 'PUSH_REQUEST' (status=1)
debug: Fri Aug 13 18:05:24 2021 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 103.86.96.100,dhcp-option DNS 103.86.99.100,sndbuf 524288,rcvbuf 524288,explicit-exit-notify,comp-lzo no,route-gateway 10.7.2.1,topology subnet,ping 60,ping-restart 180,ifconfig 10.7.2.3 255.255.255.0,peer-id 0,cipher AES-256-GCM'
2021/08/13 18:05:24 [INFO] Fri Aug 13 18:05:24 2021 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 103.86.96.100,dhcp-option DNS 103.86.99.100,sndbuf 524288,rcvbuf 524288,explicit-exit-notify,comp-lzo no,route-gateway 10.7.2.1,topology subnet,ping 60,ping-restart 180,ifconfig 10.7.2.3 255.255.255.0,peer-id 0,cipher AES-256-GCM'
debug: Fri Aug 13 18:05:24 2021 Pushed option removed by filter: 'redirect-gateway def1'
2021/08/13 18:05:24 [INFO] Fri Aug 13 18:05:24 2021 Pushed option removed by filter: 'redirect-gateway def1'
debug: Fri Aug 13 18:05:24 2021 OPTIONS IMPORT: timers and/or timeouts modified
2021/08/13 18:05:24 [INFO] Fri Aug 13 18:05:24 2021 OPTIONS IMPORT: timers and/or timeouts modified
debug: Fri Aug 13 18:05:24 2021 OPTIONS IMPORT: --explicit-exit-notify can only be used with --proto udp
2021/08/13 18:05:24 [INFO] Fri Aug 13 18:05:24 2021 OPTIONS IMPORT: --explicit-exit-notify can only be used with --proto udp
debug: Fri Aug 13 18:05:24 2021 OPTIONS IMPORT: compression parms modified
2021/08/13 18:05:24 [INFO] Fri Aug 13 18:05:24 2021 OPTIONS IMPORT: compression parms modified
debug: Fri Aug 13 18:05:24 2021 OPTIONS IMPORT: --sndbuf/--rcvbuf options modified
2021/08/13 18:05:24 [INFO] Fri Aug 13 18:05:24 2021 OPTIONS IMPORT: --sndbuf/--rcvbuf options modified
debug: Fri Aug 13 18:05:24 2021 Socket Buffers: R=[131072->425984] S=[87040->425984]
2021/08/13 18:05:24 [INFO] Fri Aug 13 18:05:24 2021 Socket Buffers: R=[131072->425984] S=[87040->425984]
debug: Fri Aug 13 18:05:24 2021 OPTIONS IMPORT: --ifconfig/up options modified
2021/08/13 18:05:24 [INFO] Fri Aug 13 18:05:24 2021 OPTIONS IMPORT: --ifconfig/up options modified
debug: Fri Aug 13 18:05:24 2021 OPTIONS IMPORT: route-related options modified
2021/08/13 18:05:24 [INFO] Fri Aug 13 18:05:24 2021 OPTIONS IMPORT: route-related options modified
debug: Fri Aug 13 18:05:24 2021 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
2021/08/13 18:05:24 [INFO] Fri Aug 13 18:05:24 2021 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
debug: Fri Aug 13 18:05:24 2021 OPTIONS IMPORT: peer-id set
2021/08/13 18:05:24 [INFO] Fri Aug 13 18:05:24 2021 OPTIONS IMPORT: peer-id set
debug: Fri Aug 13 18:05:24 2021 OPTIONS IMPORT: adjusting link_mtu to 1658
2021/08/13 18:05:24 [INFO] Fri Aug 13 18:05:24 2021 OPTIONS IMPORT: adjusting link_mtu to 1658
debug: Fri Aug 13 18:05:24 2021 OPTIONS IMPORT: data channel crypto options modified
2021/08/13 18:05:24 [INFO] Fri Aug 13 18:05:24 2021 OPTIONS IMPORT: data channel crypto options modified
debug: Fri Aug 13 18:05:24 2021 Data Channel: using negotiated cipher 'AES-256-GCM'
2021/08/13 18:05:24 [INFO] Fri Aug 13 18:05:24 2021 Data Channel: using negotiated cipher 'AES-256-GCM'
debug: Fri Aug 13 18:05:24 2021 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2021/08/13 18:05:24 [INFO] Fri Aug 13 18:05:24 2021 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
debug: Fri Aug 13 18:05:24 2021 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2021/08/13 18:05:24 [INFO] Fri Aug 13 18:05:24 2021 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
debug: Fri Aug 13 18:05:24 2021 MANAGEMENT: Client disconnected
2021/08/13 18:05:24 [INFO] Fri Aug 13 18:05:24 2021 MANAGEMENT: Client disconnected
debug: Fri Aug 13 18:05:24 2021 ERROR: Cannot open TUN/TAP dev /dev/net/tun: No such file or directory (errno=2)
2021/08/13 18:05:24 [INFO] Fri Aug 13 18:05:24 2021 ERROR: Cannot open TUN/TAP dev /dev/net/tun: No such file or directory (errno=2)
debug: Fri Aug 13 18:05:24 2021 Exiting due to fatal error
2021/08/13 18:05:24 [INFO] Fri Aug 13 18:05:24 2021 Exiting due to fatal error
2021/08/13 18:05:24 [Error] FATAL: "ERROR: Cannot open TUN/TAP dev /dev/net/tun: No such file or directory (errno=2)"
2021/08/13 18:05:24 POST_CONNECT system info:
Routes of All Routing Tables:
default via 192.168.0.1 dev enp3s0 proto dhcp src 192.168.0.2 metric 2
default via 192.168.0.1 dev enp3s0 proto dhcp metric 100
192.168.0.0/24 dev enp3s0 proto dhcp scope link src 192.168.0.2 metric 2
192.168.0.0/24 dev enp3s0 proto kernel scope link src 192.168.0.2 metric 100
broadcast 127.0.0.0 dev lo table local proto kernel scope link src 127.0.0.1
local 127.0.0.0/8 dev lo table local proto kernel scope host src 127.0.0.1
local 127.0.0.1 dev lo table local proto kernel scope host src 127.0.0.1
broadcast 127.255.255.255 dev lo table local proto kernel scope link src 127.0.0.1
broadcast 192.168.0.0 dev enp3s0 table local proto kernel scope link src 192.168.0.2
local 192.168.0.2 dev enp3s0 table local proto kernel scope host src 192.168.0.2
broadcast 192.168.0.255 dev enp3s0 table local proto kernel scope link src 192.168.0.2
local ::1 dev lo table local proto kernel metric 0 pref medium
multicast ff00::/8 dev enp3s0 table local proto kernel metric 256 pref medium
IP Rules:
0: from all lookup local
32766: from all lookup main
32767: from all lookup default
IP Tables:
filter:
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
nat:
-P PREROUTING ACCEPT
-P INPUT ACCEPT
-P OUTPUT ACCEPT
-P POSTROUTING ACCEPT
mangle:
-P PREROUTING ACCEPT
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-P POSTROUTING ACCEPT
raw:
-P PREROUTING ACCEPT
-P OUTPUT ACCEPT
security:
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
|
|
|
Back to top |
|
|
lahouari n00b
Joined: 14 Dec 2020 Posts: 14
|
|
Back to top |
|
|
Hu Moderator
Joined: 06 Mar 2007 Posts: 21624
|
Posted: Fri Aug 13, 2021 4:08 pm Post subject: |
|
|
lahouari wrote: | first thing is that nordvpn deamon wants to create soc file in /run/nordvpn/ and that folder does not exist. | Right. That should be created either by the initscript or by a tmpfiles.d entry. lahouari wrote: | I modified my init.d file like so for now: Code: | pidfile="/run/${RC_SVCNAME}/${RC_SVCNAME}.pid" |
| That was probably the wrong solution. Among other things, init.d changes will be considered for overwrite on package update. CONFIG_PROTECT should avoid automatically losing the changes, but it's still an extra step you will need to deal with on every upgrade. lahouari wrote: | and created folder nordvpn folder in /run I think... or maybe the init script did... regardless after that there is another problem (deamon starts) but it then needs a certificate file it will look in | On most systems, /run is a tmpfs. Anything you create there manually will be lost on reboot. lahouari wrote: | /var/lib/nordvpn/data//rsa-key-1.pub
it should look it up in
/var/lib/nordvpn/nordvpn/data/rsa-key-1.pub | I disagree. The path it tried to use looks proper to me. If that is not where the file is, then the file is installed in the wrong place, and the ebuild needs to be modified. lahouari wrote: | this is easily ammended by copping files... | No. lahouari wrote: | then next problem is it tries to find openvpn file
again can be ammended by coping files from /var/lib/nordvpn/nordvpn to /var/lib/nordvpn/ | Again, no. Fix the install path. If you copy files around, they become unmanaged, so on next upgrade, they will not be updated. lahouari wrote: | I was missing /dev/net/tun
which I created by doing this: | I would expect that this device would be done for you, if you have the required kernel support (CONFIG_TUN=y). |
|
Back to top |
|
|
lahouari n00b
Joined: 14 Dec 2020 Posts: 14
|
Posted: Fri Aug 13, 2021 8:54 pm Post subject: |
|
|
Hay thanks for responce - yes yes it is a mess atm.. and I am working to fix it but I am stumbling blind.
So I intend to update the ebuild to do what it needs correctly (for creation of run foler etc it is obvious that it shouldnt be done manually.( I am just describing process of what I discover as I go along) init.d file I changed already in the ebuild files folder so it will be ok after updating.
as for the pub keys and and other files in /var/lib/nordvpn folder - yeah I agree that they need to be installed in to prper place by enuild but I also don't like the double slash in the path deamon uses.
There is the other problem mentioned above of nordvpn deamon or script its using looking for ip command in sbin therfor needing to have sym link created to ip command - should that be also added to nordvpn ebuild package?
@Hu do you know where I can find info how to cerate the run folder properly - that is the one I am not sure how to do. (I gues doing that in init script would be easiest ( check if folder exists and if not create it?)
Last edited by lahouari on Fri Aug 13, 2021 9:02 pm; edited 1 time in total |
|
Back to top |
|
|
lahouari n00b
Joined: 14 Dec 2020 Posts: 14
|
|
Back to top |
|
|
Hu Moderator
Joined: 06 Mar 2007 Posts: 21624
|
Posted: Fri Aug 13, 2021 9:17 pm Post subject: |
|
|
The double slash is a cosmetic issue only. The kernel will collapse it properly. It may indicate that the daemon tried to insert some empty string as an extra level of directory component.
No, this package should not symlink ip. Can you patch the package to use the proper path?
Historically, initscripts did handle the run directory on their own. However, the preferred path is now through tmpfiles. See man tmpfiles.d for documentation, although you may find it easier to find a similar package and derive your configuration from that. |
|
Back to top |
|
|
lahouari n00b
Joined: 14 Dec 2020 Posts: 14
|
Posted: Fri Aug 13, 2021 9:36 pm Post subject: |
|
|
Thanks again:
I found how to manage the run path in here:
https://www.linuxhowtos.org/manpages/8/openrc-run.htm
checkpath should do nicely (I see other init scripts using it)
as to the ip path I will dig around but as it is binary package distribution I don't think I can do it - maybe it will be possible to get NordVPN guys to fix that...
Sometimes it is so frustrating that Gentoo is a fringe distribution but I would not trade it for any other |
|
Back to top |
|
|
lahouari n00b
Joined: 14 Dec 2020 Posts: 14
|
Posted: Fri Aug 13, 2021 11:42 pm Post subject: |
|
|
Ok so I got it working almost out of the box:
only remaining problem is the ip being looked at in /usr/sbin instead of /usr/bin - work around for now create a sym link -ill ask nord vpn guys if this can be fixed better - but that will likely take time.
my code for now:
net-vpn/nordvpn/nordvpn-3.10.0.1.ebuild
Code: |
# Copyright 1999-2017 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
EAPI=7
inherit eutils unpacker
MY_PV=$(ver_rs 3 '-')
DESCRIPTION="NordVPN native client"
HOMEPAGE="https://nordvpn.com"
SRC_URI="https://repo.nordvpn.com/deb/nordvpn/debian/pool/main/nordvpn_${MY_PV}_amd64.deb"
LICENSE="NordVPN"
SLOT="0"
KEYWORDS="-* ~amd64"
IUSE=""
# TODO: verify that list of RDEPEND is complete
RDEPEND="net-misc/networkmanager
net-vpn/networkmanager-openvpn
sys-apps/iproute2
acct-group/nordvpn"
RESTRICT="strip"
S="${WORKDIR}"
src_unpack() {
# Unpack Debian package containing application's files
unpack_deb ${A}
gzip "${S}"/usr/share/doc/nordvpn/changelog.gz -d "${S}"
gzip "${S}"/usr/share/man/man1/nordvpn.1.gz -d "${S}"
}
src_install() {
cd ${S}
# doinitd>etc/init.d/nordvpn
newinitd "${FILESDIR}/nordvpn.initd" ${PN}
# into<-->/usr
dobin usr/bin/nordvpn
dosbin usr/sbin/nordvpnd
insinto /var/lib/
doins -r var/lib/nordvpn
fowners root:nordvpn /var/lib/nordvpn/openvpn
fperms 0550 /var/lib/nordvpn/openvpn
insinto /usr/share/bash-completion/completions
doins usr/share/bash-completion/completions/nordvpn
dodoc usr/share/doc/nordvpn/changelog
doman usr/share/man/man1/nordvpn.1
}
|
net-vpn/nordvpn/files/nordvpn.initd
Code: |
#!/sbin/openrc-run
# Copyright 1999-2019 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
LOGFILE="/var/log/${RC_SVCNAME}/daemon"
command="/usr/sbin/nordvpnd"
pidfile="/run/${RC_SVCNAME}.pid"
retry="SIGTERM/30/SIGKILL/5"
start_stop_daemon_args="--make-pidfile -g ${RC_SVCNAME} --background -1 ${LOGFILE}"
depend() {
use logger net
provide dns
}
start_pre() {
checkpath -d -m 0775 -o root:${RC_SVCNAME} /run/${RC_SVCNAME}
checkpath -d -m 0755 -o root:${RC_SVCNAME} /var/log/${RC_SVCNAME}
}
|
and one more:
acct-group/nordvpn/nordvpn-0.ebuild
Code: |
# Copyright 2021 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=8
inherit acct-group
ACCT_GROUP_ID=-1
|
I do not like also that there is an executable openvpn installed into /var/lib/nordvpn folder - I don't think it should be necesary we could instead depend on native openvpn - but will have to check with NordVPN guys if it is possible. any way I hope this helps some |
|
Back to top |
|
|
lahouari n00b
Joined: 14 Dec 2020 Posts: 14
|
Posted: Sat Aug 14, 2021 8:24 am Post subject: |
|
|
I created overlay containig above package
https://gitlab.com/lahouari.dc/nordvpn/
It is now avariable through overlay (nordvpn)
Code: |
# eselect repository enable nordvpn
# emerge --sync nordvpn
# emerge nordvpn
# rc-service nordvpn start
# rc-update add nordvpn default
|
|
|
Back to top |
|
|
lahouari n00b
Joined: 14 Dec 2020 Posts: 14
|
Posted: Sun Aug 15, 2021 7:26 am Post subject: |
|
|
@Hu - what do you think of adding an use flag conditional to add the symlink to ip? (USE=ipsymlink) I don't know if nordvpn will ever fix the deamon not to rely on the ip being in /sbin...
and it is a bit inconvenient to do a manual step after instalation...
Just thinking if it would be acceptable... |
|
Back to top |
|
|
Hu Moderator
Joined: 06 Mar 2007 Posts: 21624
|
Posted: Sun Aug 15, 2021 3:47 pm Post subject: |
|
|
I don't think a USE flag would be right here. I think installing such a symlink is always wrong, but on the other hand, if the package is broken without the link, then there should not be an option not to install the link, because then users could readily install a non-working package. I'm pretty sure Nordvpn has never been right here. ip may once have been in /sbin, and is now in /bin. I am not aware of /usr/sbin/ip ever having been the correct path.
Is this path not something you can patch? Fixing one character should be an easy patch regardless of the language NordVPN is written in, particularly since we need to delete a character, not add one. If there are alignment requirements, changing s to / will let you preserve the length of the string, and still fix the problem, since //bin/ip is an inefficient alias for /bin/ip.
You wrote earlier in the thread that there are openvpn script files for this, and also that the package installs a binary openvpn. Exactly which component uses the wrong path? OpenVPN is GPLv2, so if Nord is redistributing an openvpn with the bad path embedded in there, you should be able to get the source and recompile with the right path. |
|
Back to top |
|
|
lahouari n00b
Joined: 14 Dec 2020 Posts: 14
|
Posted: Wed Aug 18, 2021 6:24 am Post subject: |
|
|
ok to clarify I used paths /usr/{s}bin by mistake - it is /sbin in the package - problem with patching is that it is binary package and I do not feel proficient enough to fix binary package with a patch.
I referred to openvpn scripts as those are available alternative to using native client from nordvpn and can be downloaded from nordvpn servers - but I find usage of openvpn scripts inconvenient.
nordvpn package consists of 3 binary files and some certificates and maybe some other little data files; binaries are
* nordvpnd - service deamon;
* nordvpn - command line client to manage nordvpnd and connect to vpn service
* openvpn - binary in /var/lib/nordvpn open vpn version used by nordvpnd.
I did talk with NordVPN customer support and asked them about changing or allowing for various location of ip command but given Gentoo is not officially supported distribution that may never happen - especially as we are not too many to justify changes from established paths. (I assume ip is installed to /sbin in Debian based distributions)
I am not certain if it is nordvpn or nordvpnd that uses wrong path to ip (I assume it is the deamon) according to customer support it is used to establish server nearest to you to connect to.
I am certain it isn't the openvpn binary that uses ip as it was first error that appeared when trying to get this to work and path to openvpn was an error after that...
I assume we could replace the binary openvpn delivered by this package with link to system native openvpn but that is separate issue |
|
Back to top |
|
|
Hu Moderator
Joined: 06 Mar 2007 Posts: 21624
|
Posted: Wed Aug 18, 2021 3:35 pm Post subject: |
|
|
Patching one string in the binary should be pretty easy, but you would need to check the license terms first. Many vendors that fail to distribute source code also like to require restrictive licenses that prohibit modifying their binaries, even to fix their bugs. If the nordvpn daemon is just a patched/rebranded OpenVPN, then the license should be fairly friendly, and getting the source should be easy. If it's a custom program they wrote, they may have it under a restrictive license.
I seem to recall that /sbin was once the path of ip, but that was changed long ago, partly on the basis that Debian did it first. |
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|