[OPEN CALL 📣] Bring NymVPN to OpenWRT!

The connection seems to disconnect once in a while, is there a way to keep the persistent connection

I’ll note that AdBlock will break the adblocking done by adguard home in the docs, thanks for the heads up.

Regarding disconnects, I haven’t had an issue with it. However I can look into an always on feature. Shouldn’t be too hard to implement.

Same issue, every time it reboots the account is forgotten

This should be fixed from a previous patch but I’m looking into it again. Also, shipping always on feature this week, in testing phase now.

v1.26.1 Release

What’s New

• Always-on watchdog - auto-reconnects the VPN if the connection drops. Enable via the LuCI toggle or uci set nym-vpn.settings.always_on=1
• Account credentials persist across reboots - data directory moved from /var (tmpfs) to /etc (flash)
• New architectures - riscv64 and armv5te builds now available
• Signed package feed - feed signing switched to proper usign/Ed25519 keys for opkg compatibility

Upgrade

The feed signing key changed in this release, so opkg upgrade won’t work directly from v1.26.0. Re-run the installer instead:

curl -fsSL https://packages.dial0ut.org/install.sh | sh

Future upgrades will work normally with:

opkg update && opkg upgrade nym-vpn

Documentation: docs.dial0ut.org

Smaller binaries coming soon!

root@GL-AX1800:/tmp# du -h nym-vpnd nym-vpnc
28.0M   nym-vpnd
2.8M    nym-vpnc

In testing now

ERROR nym_client_core::client::base_client::non_wasm_helpers: setup_fs_reply_surb_backend: Failed to setup persistent storage backend for our reply needs: The loaded data is inconsistent - it seems that on the last shutdown the client hasn't finished the data flush. You may have to remove the entire storage m
anually. We're going to create a fresh database instead. This behaviour might change in the future

I removed /etc/nym* several times with service running or stopped with no success. also tried to forget ACC, same error.

WARN nym_gateway_client::client: Not enough bandwidth. Trying to get more bandwidth, this might take a whilekill
ERROR nym_gateway_client::client: failed to claim ecash bandwidth with the gateway...: gateway returned an error response: the provided ticket failed to get verified
INFO nym_gateway_client::client: attempting to revert ticket withdrawal...
ERROR nym_client_core::client::base_client: Could not authenticate and start up the gateway connection - gateway returned an error response: the provided ticket failed to get verified
WARN nym_registration_client::builder: mixnet build/connect error: failed to connect to mixnet
ERROR nym_vpn_lib::tunnel_state_machine::tunnel_monitor: Error: Tunnel monitor exited with error

my few androids and one win work fine on this acc.

device: glinet flint 1

What version are you running?

nym-vpnc --version

Maybe you have some leftover data from original install, the following will do a full storage reset:

/etc/init.d/nym-vpnd stop
killall -9 nym-vpnd

rm -rf /etc/nym/data/*
rm -rf /root/.nym*
rm -rf /var/lib/nym-vpn
rm -rf /tmp/nym*

Also, if you haven’t already, install latest (v1.26.1):

curl -fsSL https://packages.dial0ut.org/install.sh | sh

@code-zm thanks for response,
version 1.26.1 from post 173 prev was 1.25
i did not remove all leftovers. only /etc/nym*
now retrying completely uninstall install,

/tmp# curl -fsSL https://packages.dial0ut.org/install.sh | sh

NymVPN Installer

==> Detecting system...
[INFO] Package manager: opkg
[INFO] Architecture: aarch64_cortex-a53_neon-vfpv4
==> Getting latest version...
[INFO] Version: 1.26.1
==> Downloading nym-vpn_1.26.1_aarch64_cortex-a53_neon-vfpv4.ipk...
==> Installing...
Unknown package 'nym-vpn'.
Collected errors:
* pkg_hash_check_unresolved: cannot find dependency luci-base for nym-vpn
* pkg_hash_fetch_best_installation_candidate: Packages for nym-vpn found, but incompatible with the architectures configured
* opkg_install_cmd: Cannot install package nym-vpn.

script works for update.

# opkg update
Downloading https://packages.dial0ut.org/opkg/arm_cortex-a7/Packages.gz
Updated list of available packages in /var/opkg-lists/nym-vpn

# opkg install nym-vpn
Package nym-vpn version 1.26.1 has no valid architecture, ignoring.
Package nym-vpn version 1.26.1 has no valid architecture, ignoring.
Package nym-vpn version 1.26.1 has no valid architecture, ignoring.
Package nym-vpn version 1.26.1 has no valid architecture, ignoring.
Package nym-vpn version 1.26.1 has no valid architecture, ignoring.
Unknown package 'nym-vpn'.
Collected errors:
* opkg_install_cmd: Cannot install package nym-vpn.

i tried manual wget + opkg install of 3:

• nym-vpn_1.26.1_arm_cortex-a7.ipk

• nym-vpn_1.26.1_arm_cortex-a7_neon-vfpv4.ipk

• nym-vpn_1.26.1_arm_cortex-a7_vfpv4.ipk

with same result

# opkg install ./nym.ipk
Unknown package 'nym-vpn'.
Collected errors:
* pkg_hash_fetch_best_installation_candidate: Packages for nym-vpn found, but incompatible with the architectures configured
* opkg_install_cmd: Cannot install package nym-vpn.

note on release page

arm_cortex-a7 GL.iNet Flint, custom ARM builds

device: glinet flint 1,

Run these commands and share output please:

cat /etc/openwrt_release
opkg print-architecture
grep nym /etc/opkg/customfeeds.conf

My GL.inet AX1800 runs on arm_cortex-a7, maybe I have a newer version of it?

likely they changed arch ??? in latest updated, now

# opkg print-architecture
arch all 1
arch noarch 1
arch aarch64_cortex-a53_neon-vfpv4 10

and

NymVPN installed successfully!

Are you still getting the bandwidth credential error?

since latest major update of FW from GLinet,

• arch changed from generic a7 to specific cortexa53, I believe with neon and vfp4 enabled performance increased
• luci interface stale, nothing by link from original interface, they suggested to remove it and I did, now luci cannot be installed - not enough space
• with nymvpn installed /overlay 40.7M 37.8M 744.0K 98% /
• router become unresponsive on first nymvpn connect, with service

nym VPN works from CMD line. curl ipinfo.io shows foreign IP.

Cheers. thanks. have a nice life!l

v1.26.2 Release

What’s New

• Dynamic linking - binaries now link against system musl, libmnl, and libnftnl instead of bundling everything statically. Significantly smaller packages, especially on resource-constrained devices.

Binary Size Improvements

Upgrade

opkg update && opkg upgrade nym-vpn

Or via the installer:

curl -fsSL https://packages.dial0ut.org/install.sh | sh

Documentation: docs.dial0ut.org

hi @code-zm
what does nymvpn-watchdog?
nothing was found in docs.
and why it is stopped by default?

It’s a way for the vpn to always be connected. So if the vpn disconnects for any reason, the connection will automatically come back up.

More details:
It polls nym-vpnc status every X seconds with escalating recovery:

1. Soft reconnect - if tunnel state is disconnected or error, runs nym-vpnc connect-v2 (up to 3 retries)
2. Hard recovery - after soft retries exhausted, restarts the daemon entirely then reconnects, with escalating backoff up to 5 minutes
3. Stuck detection - if stuck in connecting state for ~3 minutes, triggers hard recovery. The service runs as a procd daemon but does nothing if it isn’t enabled - it just loops and checks the flag each tick.

It’s stopped by default because auto-reconnect is opt-in - users may intentionally disconnect. I will update the docs explaining it this week.

does this mean with watchdog enabled manual disconnection via vpnc or via web will be forced back to connect silently?

Yes as of now. I can modify the behavior to respect manual disconnect, is this something you want?

not really, I want it is never disconnected, keep connecting forever, i.e. never pass without VPN (glinet has such option for ovpn and wg embedded into their wui). nymvpn also have kill-switch, isn’t it?

and what I really want is to notify user THEREISNOVPN in user’s browser, but I believe it is nearly impossible. hm stop, providers (especially on public wifi) have some ability to redirect requests to their you-must-login(and_pay)-page.