[APP] openvpn-2.3.2 D(arm)/E/F

Here are software that related with Samsung F series TVs.
Please don't create any new topic here unless you have software to post/release.
Post Reply

User avatar
bugficks
Official SamyGO Developer
Posts: 1062
Joined: Tue Jun 25, 2013 3:56 pm

[APP] openvpn-2.3.2 D(arm)/E/F

Post by bugficks »

after a lot of fiddling....

mkdir -p /dtv/net
mknod /dtv/net/tun c 10 200

insmod drivers/net/tun.ko
tun: Universal TUN/TAP device driver, 1.6
tun: (C) 1999-2004 Max Krasnyansky <maxk@qualcomm.com>
tun mod ld
in client config: dev-node /dtv/net/tun or start with --dev-node /dtv/net/tun
SpoilerShow

Code: Select all

VDLinux#>  wget -q http://checkip.dyndns.com/ -O - | sed 's:[^1-9]*::' | sed 's:<.*::g'
***.237.131.41

VDLinux#> ./openvpn --config client.ovpn &
VDLinux#> Thu Aug  8 08:25:39 2013 OpenVPN 2.3.2 arm-v7a8-linux-gnueabi [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Aug  7 2013
Thu Aug  8 08:25:39 2013 Control Channel Authentication: tls-auth using INLINE static key file
Thu Aug  8 08:25:39 2013 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Aug  8 08:25:39 2013 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Aug  8 08:25:39 2013 Socket Buffers: R=[108544->131072] S=[108544->131072]
Thu Aug  8 08:25:39 2013 UDPv4 link local: [undef]
Thu Aug  8 08:25:39 2013 UDPv4 link remote: [AF_INET]***.47.168.226:1194
Thu Aug  8 08:25:39 2013 TLS: Initial packet from [AF_INET]***.47.168.226:1194, sid=13c781b0 cd44cb3e
Thu Aug  8 08:25:39 2013 VERIFY OK: depth=1, C=DE, ST=XX, L=Springfield, O=Simpsons, CN=vpn.blub.de, emailAddress=vpn@vpn.blub.de
Thu Aug  8 08:25:39 2013 VERIFY OK: nsCertType=SERVER
Thu Aug  8 08:25:39 2013 VERIFY OK: depth=0, C=DE, ST=XX, L=Springfield, O=Simpsons, CN=vpn.blub.de, emailAddress=vpn@vpn.blub.de
Thu Aug  8 08:25:40 2013 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Aug  8 08:25:40 2013 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Aug  8 08:25:40 2013 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Aug  8 08:25:40 2013 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Aug  8 08:25:40 2013 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Thu Aug  8 08:25:40 2013 [vpn.blub.de] Peer Connection Initiated with [AF_INET]***.47.168.226:1194
Thu Aug  8 08:25:42 2013 SENT CONTROL [vpn.blub.de]: 'PUSH_REQUEST' (status=1)
Thu Aug  8 08:25:42 2013 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 8.8.8.8,dhcp-option DNS 8.8.4.4,dhcp-option WINS 10.8.5.1,comp-lzo,route 10.8.5.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.5.6 10.8.5.5'
Thu Aug  8 08:25:42 2013 OPTIONS IMPORT: timers and/or timeouts modified
Thu Aug  8 08:25:42 2013 OPTIONS IMPORT: LZO parms modified
Thu Aug  8 08:25:42 2013 OPTIONS IMPORT: --ifconfig/up options modified
Thu Aug  8 08:25:42 2013 OPTIONS IMPORT: route options modified
Thu Aug  8 08:25:42 2013 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Thu Aug  8 08:25:42 2013 ROUTE_GATEWAY 192.168.1.254/255.255.255.0 IFACE=eth0 HWADDR=5c:f6:dc:99:02:f1
Thu Aug  8 08:25:42 2013 TUN/TAP device tun0 opened
Thu Aug  8 08:25:42 2013 TUN/TAP TX queue length set to 100
Thu Aug  8 08:25:42 2013 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Thu Aug  8 08:25:42 2013 /sbin/ifconfig tun0 10.8.5.6 pointopoint 10.8.5.5 mtu 1500
Thu Aug  8 08:25:42 2013 /sbin/route add -net ***.47.168.226 netmask 255.255.255.255 gw 192.168.1.254
Thu Aug  8 08:25:42 2013 /sbin/route add -net 0.0.0.0 netmask 128.0.0.0 gw 10.8.5.5
Thu Aug  8 08:25:42 2013 /sbin/route add -net 128.0.0.0 netmask 128.0.0.0 gw 10.8.5.5
Thu Aug  8 08:25:42 2013 /sbin/route add -net 10.8.5.1 netmask 255.255.255.255 gw 10.8.5.5
Thu Aug  8 08:25:43 2013 Initialization Sequence Completed

VDLinux#> wget -q http://checkip.dyndns.com/ -O - | sed 's:[^1-9]*::' | sed 's:<.*::g'
***.47.168.226

Code: Select all

VDLinux#> killall openvpn
VDLinux#> Thu Aug  8 08:10:43 2013 event_wait : Interrupted system call (code=4)
Thu Aug  8 08:10:43 2013 /sbin/route del -net 10.8.5.1 netmask 255.255.255.255
Thu Aug  8 08:10:43 2013 /sbin/route del -net ***.47.168.226 netmask 255.255.255.255
Thu Aug  8 08:10:43 2013 /sbin/route del -net 0.0.0.0 netmask 128.0.0.0
Thu Aug  8 08:10:43 2013 /sbin/route del -net 128.0.0.0 netmask 128.0.0.0
Thu Aug  8 08:10:43 2013 Closing TUN/TAP interface
Thu Aug  8 08:10:43 2013 /sbin/ifconfig tun0 0.0.0.0
Thu Aug  8 08:10:44 2013 SIGTERM[hard,] received, process exiting

VDLinux#>  wget -q http://checkip.dyndns.com/ -O - | sed 's:[^1-9]*::' | sed 's:<.*::g'
***.237.131.41
bins are built w/ arm-v7a8-linux-gnueabi toolchain
requires openssl, liblzo2 and libnsl.so.1
I had to copy libnsl.so.1 from arm-v7a8-linux-gnueabi/libc/lib/ to device

to get tun.ko compile kernel with: CONFIG_TUN=m
You do not have the required permissions to view the files attached to this post.
User avatar
bugficks
Official SamyGO Developer
Posts: 1062
Joined: Tue Jun 25, 2013 3:56 pm

Re: openvpn-2.3.2 T-MST12DEUC.110

Post by bugficks »

juuso wrote:possible to have sources?
sure
http://openvpn.net/index.php/open-source/downloads.html
http://www.oberhumer.com/opensource/lzo/download/
juuso wrote:And... where to get the proper config file from?
there is no default config. it has to match server config. usually you get client config + key/cert from server operator/admin :)

fwiw.. i've recently stumbled on http://buildroot.net/. makes building pretty easy. just set it up to use external toolchain and iirc eglibc instead of uClibc and you can build a bunch of tools :)
User avatar
juusso
SamyGO Moderator
Posts: 10129
Joined: Sun Mar 07, 2010 6:20 pm

Re: openvpn-2.3.2 T-MST12DEUC.110

Post by juusso »

Got it working on UExxD6750 (T-GASDEUC-1016.0).
To skip request to input user and password, i`ve had to recompile openvpn with --enable-password-save, because original version doesn`t have this "feature". Now user and password data for authentication can be catched from file (must set in ovpn config file). For example, i use leafy.us free 3 days trial. Write my login data to file named login.config:

Code: Select all

trial56821
password<-use your own here :P
added to info about my password file to Free-US01-T.ovpn config file i got from leafy.us:

Code: Select all

auth-user-pass login.config
...and started client:
SpoilerShow

Code: Select all

root@[TV] /mtd_rwcommon/temp>. /dtv/SGO.env
root@[TV] /mtd_rwcommon/temp>mkdir -p /dtv/net
root@[TV] /mtd_rwcommon/temp>mknod /dtv/net/tun c 10 200
root@[TV] /mtd_rwcommon/temp>insmod $MOD_DIR/kernel/drivers/net/tun.ko
root@[TV] /mtd_rwcommon/temp>./openvpn --config Free-US01-T.ovpn --dev-node /dtv/net/tun
[SSL_library_init] Initializing...
Sun Nov 24 10:15:34 2013 OpenVPN 2.3.2 i686-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [eurephia] [MH] [IPv6] built on Nov 24 2013
Sun Nov 24 10:15:34 2013 WARNING: file 'login.conf' is group or others accessible
Sun Nov 24 10:15:34 2013 Socket Buffers: R=[87380->131072] S=[16384->131072]
Sun Nov 24 10:15:34 2013 Attempting to establish TCP connection with [AF_INET]199.119.205.188:10339 [nonblock]
Sun Nov 24 10:15:35 2013 TCP connection established with [AF_INET]199.119.205.188:10339
Sun Nov 24 10:15:35 2013 TCPv4_CLIENT link local: [undef]
Sun Nov 24 10:15:35 2013 TCPv4_CLIENT link remote: [AF_INET]199.119.205.188:10339
Sun Nov 24 10:15:35 2013 TLS: Initial packet from [AF_INET]199.119.205.188:10339, sid=5a4d0c1b a776143d
Sun Nov 24 10:15:38 2013 VERIFY OK: depth=1, C=HK, ST=HK, L=Hongkong, O=openvpn, CN=openvpn CA, emailAddress=evergreenonline@126.com
Sun Nov 24 10:15:38 2013 VERIFY OK: nsCertType=SERVER
Sun Nov 24 10:15:38 2013 VERIFY OK: depth=0, C=HK, ST=HK, L=Hongkong, O=openvpn, CN=server, emailAddress=evergreenonline@126.com
Sun Nov 24 10:15:42 2013 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sun Nov 24 10:15:42 2013 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sun Nov 24 10:15:42 2013 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sun Nov 24 10:15:42 2013 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sun Nov 24 10:15:42 2013 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Sun Nov 24 10:15:42 2013 [server] Peer Connection Initiated with [AF_INET]199.119.205.188:10339
Sun Nov 24 10:15:44 2013 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Sun Nov 24 10:15:44 2013 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 8.8.8.8,dhcp-option DNS 8.8.4.4,route 10.2.3.1,topology net30,ping 10,ping-restart 120,ifconfig 10.2.3.6 10.2.3.5'
Sun Nov 24 10:15:44 2013 OPTIONS IMPORT: timers and/or timeouts modified
Sun Nov 24 10:15:44 2013 OPTIONS IMPORT: --ifconfig/up options modified
Sun Nov 24 10:15:44 2013 OPTIONS IMPORT: route options modified
Sun Nov 24 10:15:44 2013 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Sun Nov 24 10:15:44 2013 ROUTE_GATEWAY 192.168.1.1/255.255.255.0 IFACE=eth0 HWADDR=60:6b:bd:43:9d:e4
Sun Nov 24 10:15:44 2013 TUN/TAP device tun0 opened
Sun Nov 24 10:15:44 2013 TUN/TAP TX queue length set to 100
Sun Nov 24 10:15:44 2013 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Sun Nov 24 10:15:44 2013 /sbin/ifconfig tun0 10.2.3.6 pointopoint 10.2.3.5 mtu 1500
Sun Nov 24 10:15:44 2013 /sbin/route add -net 199.119.205.188 netmask 255.255.255.255 gw 192.168.1.1
route: SIOCADDRT: File exists
Sun Nov 24 10:15:44 2013 ERROR: Linux route add command failed: external program exited with error status: 1
Sun Nov 24 10:15:44 2013 /sbin/route add -net 0.0.0.0 netmask 128.0.0.0 gw 10.2.3.5
Sun Nov 24 10:15:44 2013 /sbin/route add -net 128.0.0.0 netmask 128.0.0.0 gw 10.2.3.5
Sun Nov 24 10:15:44 2013 /sbin/route add -net 10.2.3.1 netmask 255.255.255.255 gw 10.2.3.5
Sun Nov 24 10:15:44 2013 Initialization Sequence Completed

Code: Select all

root@[TV] /> wget -q http://checkip.dyndns.com/ -O - | sed 's:[^1-9]*::' | sed 's:<.*::g'
xxx.xxx.xxx.188
root@[TV] /> killall -9 openvpn
root@[TV] /> wget -q http://checkip.dyndns.com/ -O - | sed 's:[^1-9]*::' | sed 's:<.*::g'
xxx.xxx.xxx.96
For daily use we don`t need any logs, so we could either start it like this:

Code: Select all

./openvpn --config Free-US01-T.ovpn --dev-node /dtv/net/tun >/dev/null 2>&1 &
Or just disable debug with --verb 0 to cmdline

Code: Select all

./openvpn --config Free-US01-T.ovpn --dev-node /dtv/net/tun --verb 0 &

I think this tool is very usefull for those where VOD services won`t work because of limitations related to geo-location... Guess this will work on E series as well. May work on B and C series arm (need to recompile binary - only by request).

Do we need autostart init script?
You do not have the required permissions to view the files attached to this post.
LE40B653T5W,UE40D6750,UE65Q8C
Have questions? Read SamyGO Wiki, Search on forum first!
FFB (v0.8), FFB for CI+ . Get root on: C series, D series, E series, F series, H series. rooting K series, exeDSP/exeTV patches[C/D/E/F/H]

DO NOT EVER INSTALL FIRMWARE UPGRADE
User avatar
bugficks
Official SamyGO Developer
Posts: 1062
Joined: Tue Jun 25, 2013 3:56 pm

Re: [APP] openvpn-2.3.2 D(arm)/E/F

Post by bugficks »

not sure about autostart but webif w/ maybe multiple config listbox might be nice.
this really depends on personal usage i guess
Tamagnun
SamyGO Project Donor
Posts: 65
Joined: Tue Sep 10, 2013 7:31 pm
Location: Italy

Re: [APP] openvpn-2.3.2 D(arm)/E/F

Post by Tamagnun »

Please, don't be so tight!! :(

I've tried to input the commands you have explained in your first post, but nothing happens, probably I've to copy the lib files into the TV, but... WHERE?
1) Libs in libs.tgz are under /usr/lib directory, but this directory doesn't exist, and it isn't present in PATH, I have to create it and add it to the PATH list? Or it's better to use another dir (like /lib)?
2) openvpn.tgz contains two files... where I've to expand them? and the tun file seems to be referred to an MST TV model, it is OK also for F8000 TV?

You're a genius, but I (and not only me...) have some problems to follow your issues if you skip too much steps!! :lol:

Thank you for your awesome work!
User avatar
bugficks
Official SamyGO Developer
Posts: 1062
Joined: Tue Jun 25, 2013 3:56 pm

Re: [APP] openvpn-2.3.2 D(arm)/E/F

Post by bugficks »

this is usually due to that things start in private forum, those who have access usually know what to do :) later thread gets moved to public
i might add some instructions later. you would need tun.ko for your fw anyways.
@juuso
how to deal w/ that ? patch vermagic of .ko on TV to match kernel?
User avatar
juusso
SamyGO Moderator
Posts: 10129
Joined: Sun Mar 07, 2010 6:20 pm

Re: [APP] openvpn-2.3.2 D(arm)/E/F

Post by juusso »

yes and no. AFAIK modules differ between MST and FXP, right? SO we have to implement at least two sets of modules. But actually this is not the problem. I liked idea, will think about. Now we have other issues with smbclient, so - postponed.
LE40B653T5W,UE40D6750,UE65Q8C
Have questions? Read SamyGO Wiki, Search on forum first!
FFB (v0.8), FFB for CI+ . Get root on: C series, D series, E series, F series, H series. rooting K series, exeDSP/exeTV patches[C/D/E/F/H]

DO NOT EVER INSTALL FIRMWARE UPGRADE
User avatar
bugficks
Official SamyGO Developer
Posts: 1062
Joined: Tue Jun 25, 2013 3:56 pm

Re: [APP] openvpn-2.3.2 D(arm)/E/F

Post by bugficks »

2 sets is still way less than 2 sets * fw versions :)

what problems w/ smblcient? whats it used for anyways, its not required for mounting: 8-ways-to-mount-smbfs-samba-file-system-in-linux
Tamagnun
SamyGO Project Donor
Posts: 65
Joined: Tue Sep 10, 2013 7:31 pm
Location: Italy

Re: [APP] openvpn-2.3.2 D(arm)/E/F

Post by Tamagnun »

Dear bugficks and juuso, two things...

First:
I've read and understood your discussion about different tun.ko versions, but I've tried the same to insmod the tun.ko provided in the first post: in the dmesg log the following error message appears:

tun: version magic '0110, release SMP preempt mod_unload ARMv7 ' should be '0152, release SMP preempt mod_unload ARMv7 p2v8 '

I've hex edited the 0110 in 0152, but in the compiled file there isn't space (five bytes are required) to add the "p2v8" string, so I've obtained the following message:

tun: version magic '0152, release SMP preempt mod_unload ARMv7 ' should be '0152, release SMP preempt mod_unload ARMv7 p2v8 '

Is it a long work for you to cross-compile a tun.ko version for F series TVs (or FXP fw in general)?
I have no idea about the way to follow to crosscompile... :(

Second (quite O.T., sorry...):

At the shell> prompt the behaviour of the system is very poor, I think this is due to the very reduced shell (ash?) activated when you telnet to the device: is not possible to activate another more comfortable shell?
cd command as no effect, arrow keys, tab and backspace don't work, error output has to be redirected any time to std output for all commands... :cry:
I think it is impossible that you're working and developing in similar situation!! Or not??...

Thank you for your help and attention
Regards
Roberto
User avatar
bugficks
Official SamyGO Developer
Posts: 1062
Joined: Tue Jun 25, 2013 3:56 pm

Re: [APP] openvpn-2.3.2 D(arm)/E/F

Post by bugficks »

- you cant mix .ko for MST and FXP. whats working is changing version number not complete version string.
- at the moment im using exactly that "shell". for a real tty you need kmods that patch/add that functionality to kernel. samsung disabled it.

Post Reply

Return to “[F] Software”