Add own service Topic is solved

[cc13]

Delete the last comment with the 3 DNS Servers in resolv.conf.

It happens again that the name resolution will not work, but only the 2 DNS servers are in the file. What I did? I started dietpi-services, edit the fritzbox-service (removed the # in front of the code-lines) and tried to start the service.

But the service is inactive and name resolution isn't working again.

If I run the /usr/sbin/vpnc manually it works perfect.

[Joulinar]

forget about dietpi-services for a moment. You can try to start the service like systemctl start <your_service>. I I Guess that's gonne fail already. Btw can you post your service file systemctl cat <your_service>

[cc13]

Code: Select all

root@DietPi:~# systemctl start fritzbox.service
Job for fritzbox.service failed because the control process exited with error code.
See "systemctl status fritzbox.service" and "journalctl -xe" for details.

Code: Select all

root@DietPi:~# systemctl cat fritzbox.service
# /etc/systemd/system/fritzbox.service
[Service]
ExecStart=/usr/sbin/vpnc
WorkingDirectory=/etc/vpnc
Restart=no
StandardOutput=journal+console
StandardError=journal+console
SyslogIdentifier=vpnc_fritzbox
User=root
Group=root
Type=oneshot

[Install]
WantedBy=multi-user.target

# /etc/systemd/system/fritzbox.service.d/dietpi-services_edit.conf
[Service]
ExecStart=/usr/sbin/vpnc
WorkingDirectory=/etc/vpnc
Restart=no
StandardOutput=journal+console
StandardError=journal+console
SyslogIdentifier=vpnc_fritzbox
User=root
Group=root
Type=oneshot

[Install]
WantedBy=multi-user.target

[Joulinar]

well your configuration is doubled now. Pls remove the following and reload your services.

Code: Select all

rm /etc/systemd/system/fritzbox.service.d/dietpi-services_edit.conf
systemctl daemon-reload
systemctl restart fritzbox.service
journalctl -u fritzbox.service

[cc13]

Nov 18 20:12:48 DietPi systemd[1]: Starting fritzbox.service...
Nov 18 20:13:02 DietPi vpnc[18075]: select: Interrupted system call
Nov 18 20:13:02 DietPi vpnc[18075]: terminated by signal: 15
Nov 18 20:13:03 DietPi systemd[1]: fritzbox.service: Succeeded.
Nov 18 20:13:03 DietPi systemd[1]: Started fritzbox.service.

[Joulinar]

does it mean it's still failing?

[cc13]

Yes, service is not running.

I think about to install DietPI fresh on this RPi3. Or will you try something different to find the issue?

[Joulinar]

pls can you provide journal once service was restarted

Code: Select all

systemctl restart fritzbox.service
journalctl -u fritzbox.service

[cc13]

Code: Select all

root@DietPi:~# systemctl restart fritzbox.service
root@DietPi:~# journalctl -u fritzbox.service
-- Logs begin at Wed 2020-11-18 17:33:16 CET, end at Thu 2020-11-19 15:31:50 CET. --
Nov 18 18:48:30 DietPi systemd[1]: Starting fritzbox.service...
Nov 18 18:48:46 DietPi vpnc_fritzbox[20145]: RTNETLINK answers: File exists
Nov 18 18:48:46 DietPi vpnc[20278]: select: Interrupted system call
Nov 18 18:48:46 DietPi vpnc[20144]: select: Interrupted system call
Nov 18 18:48:46 DietPi vpnc[20278]: terminated by signal: 15
Nov 18 18:48:46 DietPi vpnc[20144]: terminated by signal: 15
Nov 18 18:48:58 DietPi systemd[1]: fritzbox.service: Succeeded.
Nov 18 18:48:58 DietPi systemd[1]: Started fritzbox.service.
Nov 18 18:56:22 DietPi systemd[1]: Starting fritzbox.service...
Nov 18 18:56:22 DietPi vpnc_fritzbox[18388]: /usr/sbin/vpnc: unknown host `xxx.myfritz.net'
Nov 18 18:56:22 DietPi systemd[1]: fritzbox.service: Main process exited, code=exited, status=1/FAILURE
Nov 18 18:56:22 DietPi systemd[1]: fritzbox.service: Failed with result 'exit-code'.
Nov 18 18:56:22 DietPi systemd[1]: Failed to start fritzbox.service.
Nov 18 18:57:15 DietPi systemd[1]: Starting fritzbox.service...
Nov 18 18:57:31 DietPi vpnc_fritzbox[21582]: RTNETLINK answers: File exists
Nov 18 18:57:32 DietPi vpnc[21916]: select: Interrupted system call
Nov 18 18:57:32 DietPi vpnc[21916]: terminated by signal: 15
Nov 18 18:57:32 DietPi vpnc[21580]: select: Interrupted system call
Nov 18 18:57:32 DietPi vpnc[21580]: terminated by signal: 15
Nov 18 18:57:32 DietPi systemd[1]: fritzbox.service: Succeeded.
Nov 18 18:57:32 DietPi systemd[1]: Started fritzbox.service.
Nov 18 19:11:39 DietPi systemd[1]: Starting fritzbox.service...
Nov 18 19:11:39 DietPi vpnc_fritzbox[8776]: /usr/sbin/vpnc: unknown host `xxx.myfritz.net'
Nov 18 19:11:39 DietPi systemd[1]: fritzbox.service: Main process exited, code=exited, status=1/FAILURE
Nov 18 19:11:39 DietPi systemd[1]: fritzbox.service: Failed with result 'exit-code'.
Nov 18 19:11:39 DietPi systemd[1]: Failed to start fritzbox.service.
Nov 18 19:13:25 DietPi systemd[1]: Starting fritzbox.service...
Nov 18 19:13:25 DietPi vpnc_fritzbox[17344]: /usr/sbin/vpnc: unknown host `xxx.myfritz.net'
Nov 18 19:13:25 DietPi systemd[1]: fritzbox.service: Main process exited, code=exited, status=1/FAILURE
Nov 18 19:13:25 DietPi systemd[1]: fritzbox.service: Failed with result 'exit-code'.
Nov 18 19:13:25 DietPi systemd[1]: Failed to start fritzbox.service.
Nov 18 19:13:43 DietPi systemd[1]: Starting fritzbox.service...
Nov 18 19:13:43 DietPi vpnc_fritzbox[17381]: /usr/sbin/vpnc: unknown host `xxx.myfritz.net'
Nov 18 19:13:43 DietPi systemd[1]: fritzbox.service: Main process exited, code=exited, status=1/FAILURE
Nov 18 19:13:43 DietPi systemd[1]: fritzbox.service: Failed with result 'exit-code'.
Nov 18 19:13:43 DietPi systemd[1]: Failed to start fritzbox.service.
Nov 18 19:14:54 DietPi systemd[1]: Starting fritzbox.service...
Nov 18 19:14:54 DietPi vpnc_fritzbox[21812]: /usr/sbin/vpnc: unknown host `xxx.myfritz.net'
Nov 18 19:14:54 DietPi systemd[1]: fritzbox.service: Main process exited, code=exited, status=1/FAILURE
Nov 18 19:14:54 DietPi systemd[1]: fritzbox.service: Failed with result 'exit-code'.
Nov 18 19:14:54 DietPi systemd[1]: Failed to start fritzbox.service.
Nov 18 19:16:31 DietPi systemd[1]: Starting fritzbox.service...
Nov 18 19:16:46 DietPi vpnc[29249]: select: Interrupted system call
Nov 18 19:16:46 DietPi vpnc[29249]: terminated by signal: 15
Nov 18 19:16:46 DietPi systemd[1]: fritzbox.service: Succeeded.
Nov 18 19:16:46 DietPi systemd[1]: Started fritzbox.service.
Nov 18 20:12:48 DietPi systemd[1]: Starting fritzbox.service...
Nov 18 20:13:02 DietPi vpnc[18075]: select: Interrupted system call
Nov 18 20:13:02 DietPi vpnc[18075]: terminated by signal: 15
Nov 18 20:13:03 DietPi systemd[1]: fritzbox.service: Succeeded.
Nov 18 20:13:03 DietPi systemd[1]: Started fritzbox.service.
Nov 19 15:31:35 DietPi systemd[1]: Starting fritzbox.service...
Nov 19 15:31:50 DietPi vpnc[23006]: select: Interrupted system call
Nov 19 15:31:50 DietPi vpnc[23006]: terminated by signal: 15
Nov 19 15:31:50 DietPi systemd[1]: fritzbox.service: Succeeded.
Nov 19 15:31:50 DietPi systemd[1]: Started fritzbox.service.

[Joulinar]

I played a little bit with VPNC and got it working on my RPi3B+

Code: Select all

root@DietPi3:~# systemctl status vpnc@fb.service
● vpnc@fb.service - VPNC connection to fb
   Loaded: loaded (/lib/systemd/system/vpnc@.service; enabled; vendor preset: enabled)
   Active: active (running) since Thu 2020-11-19 16:43:16 CET; 26s ago
  Process: 548 ExecStart=/usr/sbin/vpnc --pid-file=/run/vpnc@fb.pid /etc/vpnc/fb.conf (code=exited, status=0/SUCCESS)
 Main PID: 603 (vpnc)
    Tasks: 1 (limit: 2182)
   CGroup: /system.slice/system-vpnc.slice/vpnc@fb.service
           └─603 /usr/sbin/vpnc --pid-file=/run/vpnc@fb.pid /etc/vpnc/fb.conf

Nov 19 16:43:14 DietPi3 systemd[1]: Starting VPNC connection to fb...
Nov 19 16:43:16 DietPi3 systemd[1]: Started VPNC connection to fb.
root@DietPi3:~#

Basically the idea was from this board https://forums.bunsenlabs.org/viewtopic.php?id=4126

I created following file

Code: Select all

nano /lib/systemd/system/vpnc@.service

added following

Code: Select all

[Unit]
Description=VPNC connection to %i
After=network-online.target nss-lookup.target
Wants=network-online.target nss-lookup.target

[Service]
Type=forking
ExecStart=/usr/sbin/vpnc --pid-file=/run/vpnc@%i.pid /etc/vpnc/%i.conf
PIDFile=/run/vpnc@%i.pid

[Install]
WantedBy=multi-user.target

start and stop of the service

Code: Select all

systemctl start vpnc@<your_config_file>
systemctl stop vpnc@<your_config_file>

<your_config_file> would need to be replaced by the name of the file you created in /etc/vpnc/ without .conf

In my case I created /etc/vpnc/fb.conf with following content

Code: Select all

IPSec gateway <your_DDNS>

IKE DH Group dh2
Perfect Forward Secrecy nopfs

IPSec ID <ID>
# "key" from the Fritz!Box VPN configuration
IPSec secret <key>

NAT Traversal Mode force-natt

Xauth username <user>
Xauth password <pw>

The only thing not working is to have the service started on reboot. It's starting to early and is not waiting on a valid network connection.

@MichaIng I know we had similar in past with Wiregard starting to early. But I'm not sure what you did to have it delayed

What I noticed as well, vpnc is able to damage the entire network configuration if the VPN connection could not be established correctly. Not realy fail save...