Skip to content

Commit 464eb1f

Browse files
authored
fix: allow PROTONVPN_SERVER to accept IP address (#293)
1 parent ca8f4b0 commit 464eb1f

File tree

2 files changed

+32
-29
lines changed

2 files changed

+32
-29
lines changed

docs/faq.md

Lines changed: 26 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -26,6 +26,32 @@ Please visit https://www.wireguard.com/install/ or contact device manufacturer.
2626
- If response is something like `<ip-address> dev protonwire0 table 51821 src 10.2.0.2 uid 0`,
2727
then the IP address will be routed via VPN.
2828

29+
## Server DNS name is not available or unknown
30+
31+
If for some reason you are not able to get server DNS name, and server name does not work
32+
for you, Try using IP address as `PROTONVPN_SERVER` or as CLI argument. IP address of server
33+
can be obtained from `[Peer]` section of the generated WireGuard configuration.
34+
35+
```ini
36+
[Interface]
37+
# Key for <name>
38+
# VPN Accelerator = on
39+
PrivateKey = KLjfIMiuxPskM4+DaSUDmL2uSIYKJ9Wap+CHvs0Lfkw=
40+
Address = 10.2.0.2/32
41+
DNS = 10.2.0.1
42+
43+
[Peer]
44+
# NL-FREE#128
45+
PublicKey = jbTC1lYeHxiz1LNSJHQMKDTq6sHgcWxkBwXvt7GWo1E=
46+
AllowedIPs = 0.0.0.0/0
47+
Endpoint = 91.229.23.180:51820
48+
```
49+
50+
In the above example, server's IP address is `91.229.23.180`. Use it as value for `PROTONVPN_SERVER`.
51+
If using docker-compose or kubernetes _do not forget to quote it_ to avoid any weird YAML issues.
52+
53+
> This may not work for IPv6 servers and should be considered experimental.
54+
2955
## How to check if systemd-resolved is in use
3056

3157
- If using Ubuntu/Fedora with defaults most likely using systemd-resolved is in use for local DNS.

protonwire

Lines changed: 6 additions & 29 deletions
Original file line numberDiff line numberDiff line change
@@ -1300,31 +1300,8 @@ function __protonvpn_verify_connection() {
13001300
log_debug "Connected to peer - ${configured_endpoints[*]}"
13011301
fi
13021302

1303-
# verify if server is correct.
1304-
local node_name
1305-
local node_dns
1303+
# Verify if server is correct.
13061304
declare -a allowed_exit_ips
1307-
1308-
node_name="$(jq -r --arg peer "${configured_endpoints[0]}" 'select(.Nodes[].PublicKey==$peer) | .Name' <<<"${__PROTONWIRE_SRV_INFO}" 2>/dev/null)"
1309-
node_dns="$(jq -r --arg peer "${configured_endpoints[0]}" 'select(.Nodes[].PublicKey==$peer) | .DNS' <<<"${__PROTONWIRE_SRV_INFO}" 2>/dev/null)"
1310-
1311-
if [[ -n $PROTONVPN_SERVER ]]; then
1312-
if [[ ${PROTONVPN_SERVER^^} == "${node_name^^}" ]] ||
1313-
[[ ${PROTONVPN_SERVER^^//#/-} == "${node_name^^}" ]] ||
1314-
[[ ${PROTONVPN_SERVER,,} == "${node_dns,,}" ]]; then
1315-
log_debug "Connected to server: ${node_name:-NA}(${node_dns:-NA})"
1316-
# server attributes are only validated if flags are specified
1317-
if ! __protonvpn_verify_server_attributes; then
1318-
return 1
1319-
fi
1320-
else
1321-
log_error "Expected to be connected to server $PROTONVPN_SERVER, but is connected to ${node_name:-NA}(${node_dns:-NA})"
1322-
return 1
1323-
fi
1324-
else
1325-
log_debug "PROTONVPN_SERVER is not specified, only validating exit IPs"
1326-
fi
1327-
13281305
readarray -t allowed_exit_ips < <(jq -r ".ExitIPs[]" <<<"${__PROTONWIRE_SRV_INFO}" 2>/dev/null)
13291306
log_debug "Allowed ExitIPs - ${allowed_exit_ips[*]}"
13301307

@@ -1378,25 +1355,25 @@ function __protonvpn_verify_connection() {
13781355
if __has_notify_socket; then
13791356
local status_msg
13801357
if __is_enable_killswitch; then
1381-
status_msg="Connected to ${node_dns} (via $client_ip, with KillSwitch)"
1358+
status_msg="Connected to ${PROTONVPN_SERVER} (as $client_ip, with KillSwitch)"
13821359
else
1383-
status_msg="Connected to ${node_dns} (via $client_ip)"
1360+
status_msg="Connected to ${PROTONVPN_SERVER} (as $client_ip)"
13841361
fi
13851362
log_debug "$status_msg"
13861363
if ! __systemd_notify --status "$status_msg"; then
13871364
log_error "Failed to notify status to systemd"
13881365
fi
13891366
else
1390-
log_success "Connected to ${node_dns:-NA} (via $client_ip)"
1367+
log_success "Connected to ${PROTONVPN_SERVER:-NA} (as $client_ip)"
13911368
fi
13921369
return 0
13931370
fi
13941371
done
1395-
log_error "Your current IP address - ${client_ip} is not in the list for server ${node_dns:-NA}"
1372+
log_error "Your current IP address - ${client_ip} is not in the list for server ${PROTONVPN_SERVER:-NA}"
13961373
log_error "Your current IP address - ${client_ip} must belong to set (${allowed_exit_ips[*]})"
13971374

13981375
if __has_notify_socket; then
1399-
if ! __systemd_notify --status "ExitIP mismatch for server ${node_dns:-NA} (via $client_ip)"; then
1376+
if ! __systemd_notify --status "ExitIP mismatch for server ${PROTONVPN_SERVER:-NA} (as $client_ip)"; then
14001377
log_error "Failed to notify error status to systemd"
14011378
fi
14021379
fi

0 commit comments

Comments
 (0)