Openvpn for android have an important feature i have no found on openvpn for linux, you can chose wich apps have to use the tunnelling and wich app can use the normal connection. Any project on something like this for the librem5?
Sure, openVPN is a native citizen to linux.
Many network management softwares support the protocol, for example NetworkManager.
but i’m here to ask if is possible to use it not for the whole system but just for some selected app, you can do this with openvpn for android
If you’re familiar with openvpn configs you can install just openvpn package alone (400k) and use it via cli. Still don’t understand the question.
i try with an example
i wanna run firefox over vpn but trasmission with my isp connection on the same device
you can route arbitrary networks through VPN, from single host (/32) to default (/0) so yes, it is possible to have so-called split tunnel where part of traffic is encrypted and the rest is following normal routing.
could you please tell me how can i route firefox on the vpn and trasmission directly to my isp using network manager?
because i still not understood how can i do it
Ah got it, so this is per application then.
Easiest way would be - using iptables owner match + set fwmark and route fwmark to tunnel.
Another method to achieve similar result - to bring up local forwarding proxy, bind it to specific IP and route that IP via openvpn.
The routing could be part of openvpn tunnel startup sequence, so that it will redirect traffic to the tunnel only when tunnel is up, otherwise will fall back to standard ISP path.
@ruff, I also want to do something similar like the OP, and like the idea of setting up the iptables and tied to a tunnel startup sequence. For myself, my VPN server is located on my NAS within my home network, so I only need to use VPN for accessing my NAS once I’m using my laptop when I take it out of the house. I’m going to hunt up more information on doing both these things. If you know of a decent HowTo or tutorial or anything that does a decent description of setting these up (ideally Ubuntu or similar flavor), it would be appreciated.
The NAS access over OVPN is actually a classic setup since it’s destination-based (comparing to source based or app based). So it does not need any fancy iptables rules. You just fire up openvpn client and once it’s established the route towards NAS over tunnel is set up. Which means - any howto for openvpn on synology will do.
seems complicate for a normal user like me, i really hope purism could partnership with openvpn community to port this android funtionality also on linux/librem5 because seems weird to have it on android and not on linux
this depends on the gui part of the solution. the explanation above show the lower part. on top of such an aproach you will have a gui triggering this. this is especially true for a mobile phone which has limited input capacity (missing full keyboard, …).
you are right, indeed on android is noobproof