What's new

Solved How to modify the custom configuration of OpenVPN through the terminal?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Yota

Very Senior Member
I have some OpenVPN configurations and I want to modify them through scripts. But I can't find the stored configuration in nvram and /jffs. These configurations only exist in /tmp/etc/openvpn/clientX/config.ovpn after I start the OpenVPN client. I want to know where this configuration is saved before OpenVPN is started? How to modify it before starting?
 
Everything is stored in nvram apart from certificates IIRC. What are you trying to change?
 
These configurations only exist in /tmp/etc/openvpn/clientX/config.ovpn

Most of this is generated dynamically by the firmware from individual nvram vars whenever you start the Openvpn client (there isn't any other saved config). Rather than hunt down all the individual vars, it may be easier to use a openvpnvpnclientx.postconf script to modify it (see the wiki on using scripts).
 
Most of this is generated dynamically by the firmware from individual nvram vars whenever you start the Openvpn client (there isn't any other saved config). Rather than hunt down all the individual vars, it may be easier to use a openvpnvpnclientx.postconf script to modify it (see the wiki on using scripts).
Yes, I entered some configurations in the GUI "custom configuration", I need to modify them every time to start the client, so I want to use a script to help me complete the modify -> start. But I can't found these configurations because I checked NVRAM, nothing, only show in the GUI.

So my question is, how do I modify these configurations with scripts?
 
Last edited:
Everything is stored in nvram apart from certificates IIRC. What are you trying to change?
For example, here are some settings, I want to know where they are saved?
pic.png

pic2.PNG



My question is not four configurations in the image above, but all save locations for custom configurations. I can't find any "custom configuration" in my NVRAM and JFFS.
 
Last edited:
Code:
nvram get vpn_client1_custom
Nothing to reply

In fact, I have checked all the outputs of this nvram show | grep -i vpn, but I didn't found any custom configuration.
I also think they exist in NVRAM, because I tested the backup router config, then restore config, these custom configurations are restored. (Certificate will not be restored because they are stored in JFFS) But I can't find any clues in NVRAM.
 
Last edited:
Custom configuration portion is Base64 encoded, to avoid nvram storage trashing the carriage returns.
 
Custom configuration portion is Base64 encoded, to avoid nvram storage trashing the carriage returns.
Cool, then what is the NVRAM variable name?

I found it!
Code:
nvram get vpn_client1_cust2
 
Last edited:
Code:
skynet@RT-AX88U-DC28:/tmp/home/root# echo "AgMAAAAAAAAADzE0OS4xNTQuMTUzLjE1MyA-GhoPbFPz6XpJLVcIS1uYBwWe4FerFQWHb9g_2j24OBhhZGZyZWUudXNhYmxlcHJpdmFjeS5uZXQKL2Rucy1xdWVyeQ" | openssl enc -a -d
skynet@RT-AX88U-DC28:/tmp/home/root#

This is not standard Base64, but URL safe Base64, encoding is simple:
replace + with -
replace / with _
and delete trailing =
Decoding is more difficult, because the = need to be reconstructed.
Below I will post my PHP solution, witch could be rewritten for Shell script:

Code:
//  +------------------------------------------------------------------------+
//  | base64url encode                                                       |
//  +------------------------------------------------------------------------+
function base64url_encode($string) {
    // http://www.ietf.org/rfc/rfc4648.txt
    return rtrim(strtr(base64_encode($string), '+/', '-_'), '=');
}


//  +------------------------------------------------------------------------+
//  | base64url decode                                                       |
//  +------------------------------------------------------------------------+
function base64url_decode($string) {
    // Thanks gutzmer at usa dot net
    // http://php.net/manual/en/function.base64-encode.php#103849
    return base64_decode(str_pad(strtr($string, '-_', '+/'), strlen($string) % 4, '=', STR_PAD_RIGHT));
}

For anyone who searches for this thread, here is how to decode it: Use OpenSSL
Code:
value="$({ nvram get vpn_client1_cust2; nvram get vpn_client1_cust21; nvram get vpn_client1_cust22; } | tr -d '\n')" && echo $value | openssl enc -a -d

Recode your changes and save:
Code:
value1="your changes" && value="$(echo $value1 | openssl enc -a -e)" && nvram set vpn_client1_cust2="$(echo "$value" | cut -c 1-255)" && nvram set vpn_client1_cust21="$(echo "$value" | cut -c 256-511)" && nvram set vpn_client1_cust22="$(echo "$value" | cut -c 512-767)" && nvram commit
 
Last edited:

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top