#!/bin/bash # VPN Test Script - Quick verification that VPN is working properly # Run this inside the Docker container echo "=========================================" echo " VPN Connection Test" echo "=========================================" echo "" # Colors GREEN='\033[0;32m' RED='\033[0;31m' YELLOW='\033[1;33m' NC='\033[0m' # No Color # Test 1: Check VPN Interface echo "1. Checking VPN Interface (tun0)..." if ip addr show tun0 &>/dev/null; then echo -e "${GREEN}✓${NC} VPN interface (tun0) is UP" ip addr show tun0 | grep "inet " | awk '{print " IP: " $2}' else echo -e "${RED}✗${NC} VPN interface (tun0) NOT FOUND" echo " VPN is not connected!" fi echo "" # Test 2: Check Routing echo "2. Checking Routing Table..." DEFAULT_ROUTE=$(ip route | grep default) echo " $DEFAULT_ROUTE" if echo "$DEFAULT_ROUTE" | grep -q "tun"; then echo -e "${GREEN}✓${NC} Traffic is routed through VPN" else echo -e "${RED}✗${NC} Traffic is NOT routed through VPN" fi echo "" # Test 3: Check DNS echo "3. Checking DNS Configuration..." DNS_SERVERS=$(grep "^nameserver" /etc/resolv.conf | awk '{print $2}') echo " DNS Servers: $DNS_SERVERS" if echo "$DNS_SERVERS" | grep -q "10.2.0"; then echo -e "${GREEN}✓${NC} Using VPN DNS servers" elif echo "$DNS_SERVERS" | grep -E "8.8.8.8|1.1.1.1|8.8.4.4|1.0.0.1" &>/dev/null; then echo -e "${RED}✗${NC} DNS LEAK: Using public DNS servers" else echo -e "${YELLOW}⚠${NC} Using unknown DNS servers" fi echo "" # Test 4: Check Public IP echo "4. Checking Public IP Address..." PUBLIC_IP=$(curl -s --max-time 10 https://api.ipify.org 2>/dev/null) if [ -z "$PUBLIC_IP" ]; then echo -e "${RED}✗${NC} Could not determine public IP" else echo " Public IP: $PUBLIC_IP" # Get IP info IP_INFO=$(curl -s --max-time 10 https://ipinfo.io/$PUBLIC_IP/json 2>/dev/null) if [ ! -z "$IP_INFO" ]; then COUNTRY=$(echo "$IP_INFO" | grep -o '"country": "[^"]*' | cut -d'"' -f4) CITY=$(echo "$IP_INFO" | grep -o '"city": "[^"]*' | cut -d'"' -f4) ORG=$(echo "$IP_INFO" | grep -o '"org": "[^"]*' | cut -d'"' -f4) echo " Location: $CITY, $COUNTRY" echo " ISP: $ORG" if echo "$ORG" | grep -iq "proton\|vpn"; then echo -e "${GREEN}✓${NC} IP appears to be from VPN provider" else echo -e "${YELLOW}⚠${NC} IP may not be from VPN provider" fi fi fi echo "" # Test 5: Check OpenVPN Process echo "5. Checking OpenVPN Process..." if pgrep -f "openvpn.*config" &>/dev/null; then echo -e "${GREEN}✓${NC} OpenVPN process is running" ps aux | grep "[o]penvpn.*config" | awk '{print " PID: " $2}' else echo -e "${RED}✗${NC} OpenVPN process NOT found" fi echo "" # Test 6: Check iptables rules echo "6. Checking Firewall Rules..." VPN_RULES=$(iptables -L OUTPUT -n | grep -c "tun") if [ "$VPN_RULES" -gt 0 ]; then echo -e "${GREEN}✓${NC} VPN firewall rules are active ($VPN_RULES rules)" else echo -e "${YELLOW}⚠${NC} No VPN-specific firewall rules found" fi echo "" # Summary echo "=========================================" echo " Summary" echo "=========================================" ISSUES=0 if ! ip addr show tun0 &>/dev/null; then echo -e "${RED}✗${NC} VPN interface not found" ISSUES=$((ISSUES + 1)) fi if ! ip route | grep default | grep -q "tun"; then echo -e "${RED}✗${NC} Traffic not routed through VPN" ISSUES=$((ISSUES + 1)) fi if ! grep "^nameserver" /etc/resolv.conf | grep -q "10.2.0"; then echo -e "${RED}✗${NC} Not using VPN DNS" ISSUES=$((ISSUES + 1)) fi if [ $ISSUES -eq 0 ]; then echo -e "${GREEN}✓ VPN appears to be working correctly!${NC}" else echo -e "${RED}✗ Found $ISSUES issue(s) with VPN connection${NC}" echo "" echo "Troubleshooting steps:" echo "1. Check if VPN is connected in the web UI" echo "2. Try disconnecting and reconnecting" echo "3. Check backend logs: docker logs streamflow" echo "4. Try a different VPN server/country" echo "5. See docs/VPN_TROUBLESHOOTING.md for detailed help" fi echo ""