Difference between revisions of "Mullvad"

From ArchWiki
Jump to: navigation, search
(Using Mullvad as plain OpenVPN)
m (Fixed systemd service name ( https://www.archlinux.org/news/openvpn-240-update-requires-administrative-interaction/ ))
 
(14 intermediate revisions by 11 users not shown)
Line 1: Line 1:
[[Category:Virtual Private Network]]
+
[[Category:VPN providers]]
==Using Mullvad as plain OpenVPN==
+
Mullvad is a VPN service based in Sweden which operates [[OpenVPN]] and PPTP servers. This article explains how to set up an OpenVPN connection to Mullvad.
  
To use the VPN service Mullvad on Arch Linux a few small adjustments need to be done. First, install [[OpenVPN]] and [[resolvconf]]. Download the plain [[OpenVPN]] version of Mullvad [http://mullvad.net/en/openvpn_conf.php "here"]. Next, copy the content of the zip file to /etc/openvpn. Open the file mullvad_linux.conf and change the end of the file from
+
== Configuring OpenVPN ==
{{hc|mullvad_linux.conf|<nowiki>
 
# Parses DHCP options from openvpn to update resolv.conf
 
up /etc/openvpn/update-resolv-conf
 
down /etc/openvpn/update-resolv-conf
 
 
 
ping 10
 
 
 
ca master.mullvad.net.crt
 
cert mullvad.crt
 
key mullvad.key
 
</nowiki>}}
 
to
 
{{hc|mullvad_linux.conf|<nowiki>
 
# Parses DHCP options from openvpn to update resolv.conf
 
# up /etc/openvpn/update-resolv-conf
 
# down /etc/openvpn/update-resolv-conf
 
up /usr/share/openvpn/update-resolv-conf
 
down /usr/share/openvpn/update-resolv-conf
 
  
ping 10
+
Mullvad supply their own client but it can also be used with a manual configuration of Openvpn.
 +
Install {{Pkg|openvpn}} and {{Pkg|openresolv}}. Download the Mullvad OpenVPN configuration files from [https://www.mullvad.net/download/config/ Mullvad] (under the "other platforms" tab) and unzip into /etc/openvpn/client. Rename mullvad_linux.conf:
  
ca /etc/openvpn/master.mullvad.net.crt
+
# mv /etc/openvpn/client/mullvad_linux.conf /etc/openvpn/client/mullvad.conf
cert /etc/openvpn/mullvad.crt
 
key /etc/openvpn/mullvad.key
 
</nowiki>}}
 
and make it executable by running
 
    sudo chmod +x /etc/openvpn/mullvad_linux.conf
 
  
Load the tun module by creating the file
+
In order to use the nameservers supplied by the VPN, a script needs to be called when starting and stopping OpenVPN to update resolvconf with the correct servers. This script is also included in the config folder provided by Mullvad.
{{hc|/etc/modules-load.d/tun.conf|<nowiki>
 
# Load tun.ko at boot
 
tun</nowiki>}}
 
  
and create
+
{{hc|/etc/openvpn/update-resolv-conf|<nowiki>
{{hc|/usr/share/openvpn/update-resolv-conf|<nowiki>
 
 
#!/bin/bash
 
#!/bin/bash
 
#
 
#
Line 48: Line 22:
 
# and Chris Hanson
 
# and Chris Hanson
 
# Licensed under the GNU GPL.  See /usr/share/common-licenses/GPL.
 
# Licensed under the GNU GPL.  See /usr/share/common-licenses/GPL.
#
+
# 07/2013 colin@daedrum.net Fixed intet name
 
# 05/2006 chlauber@bnc.ch
 
# 05/2006 chlauber@bnc.ch
 
#
 
#
Line 55: Line 29:
 
# foreign_option_2='dhcp-option DNS 193.43.27.133'
 
# foreign_option_2='dhcp-option DNS 193.43.27.133'
 
# foreign_option_3='dhcp-option DOMAIN be.bnc.ch'
 
# foreign_option_3='dhcp-option DOMAIN be.bnc.ch'
 +
# foreign_option_4='dhcp-option DOMAIN-SEARCH bnc.local'
  
[ -x /usr/sbin/resolvconf ] || exit 0
+
RESOLVCONF=/usr/bin/resolvconf
  
 
case $script_type in
 
case $script_type in
  
 
up)
 
up)
  for optionname in ${!foreign_option_*} ; do
+
  for optionname in ${!foreign_option_*} ; do
      option="${!optionname}"
+
    option="${!optionname}"
      echo $option
+
    echo $option
      part1=$(echo "$option" | cut -d " " -f 1)
+
    part1=$(echo "$option" | cut -d " " -f 1)
      if [ "$part1" == "dhcp-option" ] ; then
+
    if [ "$part1" == "dhcp-option" ] ; then
        part2=$(echo "$option" | cut -d " " -f 2)
+
      part2=$(echo "$option" | cut -d " " -f 2)
        part3=$(echo "$option" | cut -d " " -f 3)
+
      part3=$(echo "$option" | cut -d " " -f 3)
        if [ "$part2" == "DNS" ] ; then
+
      if [ "$part2" == "DNS" ] ; then
            IF_DNS_NAMESERVERS="$IF_DNS_NAMESERVERS $part3"
+
        IF_DNS_NAMESERVERS="$IF_DNS_NAMESERVERS $part3"
        fi
+
      fi
        if [ "$part2" == "DOMAIN" ] ; then
+
      if [[ "$part2" == "DOMAIN" || "$part2" == "DOMAIN-SEARCH" ]] ; then
            IF_DNS_SEARCH="$part3"
+
        IF_DNS_SEARCH="$IF_DNS_SEARCH $part3"
        fi
 
 
       fi
 
       fi
  done
+
    fi
  R=""
+
  done
  if [ "$IF_DNS_SEARCH" ] ; then
+
  R=""
          R="${R}search $IF_DNS_SEARCH
+
  if [ "$IF_DNS_SEARCH" ]; then
 +
    R="search "
 +
    for DS in $IF_DNS_SEARCH ; do
 +
      R="${R} $DS"
 +
    done
 +
  R="${R}
 
"
 
"
  fi
+
  fi
  for NS in $IF_DNS_NAMESERVERS ; do
+
 
          R="${R}nameserver $NS
+
  for NS in $IF_DNS_NAMESERVERS ; do
 +
    R="${R}nameserver $NS
 
"
 
"
  done
+
  done
  echo -n "$R" | /usr/sbin/resolvconf -a "${dev}.inet"
+
  #echo -n "$R" | $RESOLVCONF -x -p -a "${dev}"
  ;;
+
  echo -n "$R" | $RESOLVCONF -x -a "${dev}.inet"
 +
  ;;
 
down)
 
down)
  /usr/sbin/resolvconf -d "${dev}.inet"
+
  $RESOLVCONF -d "${dev}.inet"
  ;;
+
  ;;
 
esac
 
esac
 
</nowiki>}}
 
</nowiki>}}
  
and don't forget to make it executable by running
+
Make it executable:
    sudo chmod +x /usr/share/openvpn/update-resolv-conf
 
  
Lastly create the file
+
# chmod +x /etc/openvpn/update-resolv-conf
{{hc|/usr/bin/mullvad|<nowiki>
+
 
#! /bin/bash
+
The VPN can then be [[enabled|controlled]] through {{ic|openvpn-client@mullvad.service}}.
# Script to start Mullvad
+
 
gksu openvpn /etc/openvpn/mullvad_linux.conf
+
== Mullvad Client ==
</nowiki>}}
 
make it executable
 
    sudo chmod +x /usr/bin/mullvad
 
and simply run Mullvad in the terminal by typing
 
    mullvad
 
  
To create a menu item we need the logo
+
Mullvad also supply their own [https://mullvad.net/en/download/ graphical client], packaged as {{AUR|mullvad}}.
    wget https://mullvad.net/images/logo.png -O /usr/share/icons/mullvad.png
 
Then create the .desktop file
 
{{hc|/usr/share/applications/mullvad.desktop|<nowiki>
 
[Desktop Entry]
 
Type=Application
 
Icon=/usr/share/icons/mullvad.png
 
Name=Mullvad
 
Comment=Start Mullvad VPN service
 
Exec=mullvad
 
Categories=Network
 
</nowiki>}}
 

Latest revision as of 23:13, 18 February 2017

Mullvad is a VPN service based in Sweden which operates OpenVPN and PPTP servers. This article explains how to set up an OpenVPN connection to Mullvad.

Configuring OpenVPN

Mullvad supply their own client but it can also be used with a manual configuration of Openvpn. Install openvpn and openresolv. Download the Mullvad OpenVPN configuration files from Mullvad (under the "other platforms" tab) and unzip into /etc/openvpn/client. Rename mullvad_linux.conf:

# mv /etc/openvpn/client/mullvad_linux.conf /etc/openvpn/client/mullvad.conf

In order to use the nameservers supplied by the VPN, a script needs to be called when starting and stopping OpenVPN to update resolvconf with the correct servers. This script is also included in the config folder provided by Mullvad.

/etc/openvpn/update-resolv-conf
#!/bin/bash
#
# Parses DHCP options from openvpn to update resolv.conf
# To use set as 'up' and 'down' script in your openvpn *.conf:
# up /etc/openvpn/update-resolv-conf
# down /etc/openvpn/update-resolv-conf
#
# Used snippets of resolvconf script by Thomas Hood <jdthood@yahoo.co.uk>
# and Chris Hanson
# Licensed under the GNU GPL.  See /usr/share/common-licenses/GPL.
# 07/2013 colin@daedrum.net Fixed intet name
# 05/2006 chlauber@bnc.ch
#
# Example envs set from openvpn:
# foreign_option_1='dhcp-option DNS 193.43.27.132'
# foreign_option_2='dhcp-option DNS 193.43.27.133'
# foreign_option_3='dhcp-option DOMAIN be.bnc.ch'
# foreign_option_4='dhcp-option DOMAIN-SEARCH bnc.local'

RESOLVCONF=/usr/bin/resolvconf

case $script_type in

up)
  for optionname in ${!foreign_option_*} ; do
    option="${!optionname}"
    echo $option
    part1=$(echo "$option" | cut -d " " -f 1)
    if [ "$part1" == "dhcp-option" ] ; then
      part2=$(echo "$option" | cut -d " " -f 2)
      part3=$(echo "$option" | cut -d " " -f 3)
      if [ "$part2" == "DNS" ] ; then
        IF_DNS_NAMESERVERS="$IF_DNS_NAMESERVERS $part3"
      fi
      if [[ "$part2" == "DOMAIN" || "$part2" == "DOMAIN-SEARCH" ]] ; then
        IF_DNS_SEARCH="$IF_DNS_SEARCH $part3"
      fi
    fi
  done
  R=""
  if [ "$IF_DNS_SEARCH" ]; then
    R="search "
    for DS in $IF_DNS_SEARCH ; do
      R="${R} $DS"
    done
  R="${R}
"
  fi

  for NS in $IF_DNS_NAMESERVERS ; do
    R="${R}nameserver $NS
"
  done
  #echo -n "$R" | $RESOLVCONF -x -p -a "${dev}"
  echo -n "$R" | $RESOLVCONF -x -a "${dev}.inet"
  ;;
down)
  $RESOLVCONF -d "${dev}.inet"
  ;;
esac

Make it executable:

# chmod +x /etc/openvpn/update-resolv-conf

The VPN can then be controlled through openvpn-client@mullvad.service.

Mullvad Client

Mullvad also supply their own graphical client, packaged as mullvadAUR.