Hey chojin, I spent the last month trying to setup Netflix on my raspberry using a vpn.
So far, the only working combination I got was to use openvpn and chromium (with prebuilt widevine support). But this is far from perfect since I don’t want to play around with mouse and keyboard Everytime I turn on the TV.
Now I’m trying to use Netflix add-on on Kodi and as vpn manager this plugin:
But I get the same error as @BBLyons, searching for those error on inputstream.adaptive repository it looks like that vpn is not supported at all and the error is expected.
Now, since raspberry and vero4k are not so different I wonder what could be the problem. You did not had any problem with inputstream.adaptive?
As soon as I started to bypass the VPN for Netflix by adding static routes to my default gateway for all Netflix ip-ranges and additionally for all Amazon AWS ip ranges, I had no problems with inputstream.adaptive.
Without any bypassing, I got an http error 420, indicating that Netflix didn’t want to serve over VPN.
Then after bypassing only the netflix ip ranges, the error was less clear and more some kind of timeout. But after also bypassing the AWS ip ranges, It just started to work, as none of the netflix traffic was now going through the VPN.
I may have misinterpreted some of the last comments, but what I was saying is that I don’t want to bypass the vpn, that is why I’m gonna try openpyn and see if the --netflix option works for me or I still get inputstream errors.
You might want to be aware. Currently, Netfilx is broken. I suspect you’ll have to wait until the devs resolve their issue with it before you can do any useful testing.
@chojin thanks for this guide!
Just one question: what if I don’t want Kodi (and its add-ons, for example BBC etc) to go through the tunnel? Or the other way around: only have Kodi go through the tunnel.
What if I only want apps like rTorrent/Transmission/Flexget to go through the tunnel?
I have tried playing with network namespaces but it’s way over my head:
I can see new entries in IP tables after running the script bypass_vpn_static_routes.sh start.
Unfortunately, I have an error when trying to traceroute:
traceroute to amazonaws.com (207.171.166.22), 30 hops max, 38 byte packets
1traceroute: sendto: Operation not permitted
And I still can’t curl ip-ranges.amazonaws.com once I’ve added the routes
Hi, Thanks for this info @chojin
I have an issue though, and not done much of this type of thing before but i get the following error
Dec 16 17:46:15 osmc systemd[1]: Starting NordVPN connection manager…
Dec 16 17:46:20 osmc systemd[1]: Started NordVPN connection manager.
Dec 16 17:48:29 osmc openpyn[4403]: 2019-12-16 17:48:29 [ERROR] There was an ambiguous exception, Check Your Network Connection. forgot to flush iptables? (openpyn -x)
Dec 16 17:48:29 osmc openpyn[4403]: There was an ambiguous exception, Check Your Network Connection. forgot to flush iptables? (openpyn -x)
Dec 16 17:48:29 osmc systemd[1]: openpyn.service: Main process exited, code=exited, status=1/FAILURE
Dec 16 17:48:30 osmc openpyn[4545]: 2019-12-16 17:48:30 [WARNING] Killing the running processes
Dec 16 17:48:30 osmc openpyn[4545]: Killing the running processes
Dec 16 17:48:30 osmc sudo[4549]: root : TTY=unknown ; PWD=/usr/local/lib/python3.5/dist-packages/openpyn ; USER=root ; COMMAND=/bin/cat /etc/resolv.conf
Dec 16 17:48:30 osmc sudo[4549]: pam_unix(sudo:session): session opened for user root by (uid=0)
Dec 16 17:48:30 osmc sudo[4549]: pam_unix(sudo:session): session closed for user root
Dec 16 17:48:30 osmc sudo[4563]: root : TTY=unknown ; PWD=/usr/local/lib/python3.5/dist-packages/openpyn ; USER=root ; COMMAND=/usr/bin/killall openpyn-management
Dec 16 17:48:30 osmc sudo[4563]: pam_unix(sudo:session): session opened for user root by (uid=0)
Dec 16 17:48:30 osmc sudo[4563]: pam_unix(sudo:session): session closed for user root
Dec 16 17:48:30 osmc sudo[4578]: root : TTY=unknown ; PWD=/usr/local/lib/python3.5/dist-packages/openpyn ; USER=root ; COMMAND=/bin/cat /etc/resolv.conf
Dec 16 17:48:30 osmc sudo[4578]: pam_unix(sudo:session): session opened for user root by (uid=0)
Dec 16 17:48:30 osmc sudo[4578]: pam_unix(sudo:session): session closed for user root
Dec 16 17:48:30 osmc sudo[4592]: root : TTY=unknown ; PWD=/usr/local/lib/python3.5/dist-packages/openpyn ; USER=root ; COMMAND=/usr/bin/killall openpyn
Dec 16 17:48:30 osmc sudo[4592]: pam_unix(sudo:session): session opened for user root by (uid=0)
Dec 16 17:48:30 osmc sudo[4592]: pam_unix(sudo:session): session closed for user root
Dec 16 17:48:30 osmc systemd[1]: openpyn.service: Unit entered failed state.
Dec 16 17:48:30 osmc systemd[1]: openpyn.service: Failed with result ‘exit-code’.
this happens after 2 mins each time i start the service, ive just done a clean install on vero 4k and still no dice.
Does anyone have an idea what im doing wrong ?
I’m on NOV update and previously had the vpn running with the bhornsby method then that failed and i had this one running with no problems for over a year. then i dunno what happened but nothing was working !!!
Thanks for the comment, I added a disclaimer to the Netflix through VPN section clearing out that I can’t test this for myself and that it will probably not work according to the issue you mention.
I have all netflix and aws traffic routed through my default gateway instead of through the VPN using the script I described in the instructions, and that way I don’t experience any troubles with the plugin nor with inputstream.adaptive
I’m sorry, but I have no idea what is going on in your setup… curl ip-ranges.amazonaws.com gives me a 301 - moved permanently, but that is normal.
I get a JSON with ip-ranges when I call curl -s https://ip-ranges.amazonaws.com/ip-ranges.json as my script does… traceroute amazonaws.com shows me that the first hop to amazonaws is my own gateway while traceroute to some random other server shows me that the first hop is some NordVPN ip, as expected.
Currently, after running bypass_vpn_static_routes.sh start I end up with 1375 entries in my routing table where 0.0.0.0/1 via <NordVPN gw> and default via 192.168.0.1 are the first entries (192.168.0.1 being my own gateway)
I was getting the same error after changing my dns servers to 1.1.1.1 The link given by chojin shows the problem nicely, changing dns to the Google ones or my isp ones solved it for me
I’m getting the following even after upgrading OpenPyn:
Oct 16 18:49:40 osmc openpyn[28133]: Traceback (most recent call last):
Oct 16 18:49:40 osmc openpyn[28133]: File "/usr/local/bin/openpyn", line 7, in <module>
Oct 16 18:49:40 osmc openpyn[28133]: from openpyn.openpyn import main
Oct 16 18:49:40 osmc openpyn[28133]: ModuleNotFoundError: No module named 'openpyn'
OK, I did but then realized that i needed to update the openpyn.service as it was still referencing the 3.5 folder and then reload systemctl and restart the service.
Now it’s all working fine.
NordVPN has already released a debian package which i’ve tested and works on OSMC. This package allows connections using the NordLynx protocol as well as OpenVPN, and is officially supported.
In addition, I had to disable IPv6 by adding the below lines to /etc/sysctl.conf
# Disable IPv6 as suggested by https://support.nordvpn.com/Connectivity/Linux/1047409212/How-to-disable-IPv6-on-Linux.htm
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1
net.ipv6.conf.tun0.disable_ipv6 = 1
I’ve been able to connect trivially with that.
osmc@osmc:~$ nordvpn status
Status: Connected
Current server: us8531.nordvpn.com
Country: United States
City: San Francisco
Server IP: 192.145.118.142
Current technology: NORDLYNX
Current protocol: UDP
Transfer: 115.92 MiB received, 1.77 MiB sent
Uptime: 6 minutes 19 seconds
