updated linux build

client/configurators/openvpn_configurator.cpp

@@ -19,6 +19,7 @@ QString OpenVpnConfigurator::getEasyRsaShPath()
     qDebug().noquote() << "EasyRsa sh path" << easyRsaShPath;
 
     return easyRsaShPath;
+
 #else
     return QDir::toNativeSeparators(QApplication::applicationDirPath()) + "/easyrsa";
 #endif
@@ -29,12 +30,14 @@ QProcessEnvironment OpenVpnConfigurator::prepareEnv()
     QProcessEnvironment env = QProcessEnvironment::systemEnvironment();
     QString pathEnvVar = env.value("PATH");
 
-#ifdef Q_OS_WIN
+#if defined Q_OS_WIN
     pathEnvVar.clear();
     pathEnvVar.prepend(QDir::toNativeSeparators(QApplication::applicationDirPath()) + "\\cygwin;");
     pathEnvVar.prepend(QDir::toNativeSeparators(QApplication::applicationDirPath()) + "\\openvpn;");
-#else
+#elif defined Q_OS_MAC
     pathEnvVar.prepend(QDir::toNativeSeparators(QApplication::applicationDirPath()) + "/Contents/MacOS");
+#elif defined Q_OS_LINUX
+    pathEnvVar.prepend(QDir::toNativeSeparators(QApplication::applicationDirPath()) + "/openvpn");
 #endif
 
     env.insert("PATH", pathEnvVar);
@@ -213,7 +216,7 @@ QString OpenVpnConfigurator::genOpenVpnConfig(const ServerCredentials &credentia
         config.replace("</tls-auth>", "");
     }
 
-#ifdef Q_OS_MAC
+#if defined Q_OS_MAC || defined(Q_OS_LINUX)
     config.replace("block-outside-dns", "");
 #endif
 
@@ -236,7 +239,7 @@ QString OpenVpnConfigurator::processConfigWithLocalSettings(QString config)
         }
     }
 
-#ifdef Q_OS_MAC
+#if defined Q_OS_MAC || defined(Q_OS_LINUX)
     config.replace("block-outside-dns", "");
     QString dnsConf = QString(
                 "\nscript-security 2\n"
@@ -259,7 +262,7 @@ QString OpenVpnConfigurator::processConfigWithExportSettings(QString config)
         config.append("redirect-gateway def1 bypass-dhcp\n");
     }
 
-#ifdef Q_OS_MAC
+#if defined Q_OS_MAC || defined(Q_OS_LINUX)
     config.replace("block-outside-dns", "");
 #endif
 

client/protocols/openvpnprotocol.cpp

@@ -142,6 +142,8 @@ QString OpenVpnProtocol::openVpnExecPath() const
 {
 #ifdef Q_OS_WIN
     return Utils::executable("openvpn/openvpn", true);
+#elif defined Q_OS_LINUX
+    return Utils::usrExecutable("openvpn");
 #else
     return Utils::executable("/openvpn", true);
 #endif

client/protocols/shadowsocksvpnprotocol.cpp

@@ -36,8 +36,12 @@ ErrorCode ShadowSocksVpnProtocol::start()
     m_shadowSocksCfgFile.write(QJsonDocument(m_shadowSocksConfig).toJson());
     m_shadowSocksCfgFile.close();
 
+#ifdef Q_OS_LINUX
+    QStringList args = QStringList() << "-c" << m_shadowSocksCfgFile.fileName();
+#else
     QStringList args = QStringList() << "-c" << m_shadowSocksCfgFile.fileName()
                                      << "--no-delay";
+#endif
 
     qDebug().noquote() << "ShadowSocksVpnProtocol::start()"
                        << shadowSocksExecPath() << args.join(" ");
@@ -91,6 +95,8 @@ QString ShadowSocksVpnProtocol::shadowSocksExecPath()
 {
 #ifdef Q_OS_WIN
     return Utils::executable(QString("ss/ss-local"), true);
+#elif defined Q_OS_LINUX
+    return Utils::usrExecutable(QString("ss-local"));
 #else
     return Utils::executable(QString("/ss-local"), true);
 #endif

client/protocols/wireguardprotocol.cpp

@@ -122,6 +122,8 @@ QString WireguardProtocol::wireguardExecPath() const
 {
 #ifdef Q_OS_WIN
     return Utils::executable("wireguard/wireguard", true);
+#elif defined Q_OS_LINUX
+    return Utils::usrExecutable("wg");
 #else
     return Utils::executable("/wireguard", true);
 #endif

client/utils.cpp

@@ -68,6 +68,14 @@ QString Utils::executable(const QString& baseName, bool absPath)
     return QCoreApplication::applicationDirPath() + "/" + fileName;
 }
 
+QString Utils::usrExecutable(const QString& baseName)
+{
+    if (QFileInfo::exists("/usr/sbin/" + baseName))
+        return ("/usr/sbin/" + baseName);
+    else
+        return ("/usr/bin/" + baseName);
+}
+
 bool Utils::processIsRunning(const QString& fileName)
 {
 #ifdef Q_OS_WIN

client/utils.h

@@ -14,6 +14,7 @@ public:
     static QString getRandomString(int len);
 
     static QString executable(const QString& baseName, bool absPath);
+    static QString usrExecutable(const QString& baseName);
     static QString systemLogPath();
     static bool createEmptyFile(const QString& path);
     static bool initializePath(const QString& path);

deploy/data/linux/client/AmneziaVPN.desktop

@@ -0,0 +1,8 @@
+#!/usr/bin/env xdg-open
+[Desktop Entry]
+Type=Application
+Name=AmneziaVPN client
+Comment=AmneziaVPN client
+Exec=bash -c 'export LD_LIBRARY_PATH=/opt/AmneziaVPN/client/lib/ ; AmneziaVPN'
+Icon=AmneziaVPN_Logo.png
+Categories=VPN

deploy/data/linux/client/bin/openvpn/openssl-easyrsa.cnf

@@ -0,0 +1,138 @@
+# For use with Easy-RSA 3.0+ and OpenSSL or LibreSSL
+
+####################################################################
+[ ca ]
+default_ca	= CA_default		# The default ca section
+
+####################################################################
+[ CA_default ]
+
+dir		= $ENV::EASYRSA_PKI	# Where everything is kept
+certs		= $dir			# Where the issued certs are kept
+crl_dir		= $dir			# Where the issued crl are kept
+database	= $dir/index.txt	# database index file.
+new_certs_dir	= $dir/certs_by_serial	# default place for new certs.
+
+certificate	= $dir/ca.crt	 	# The CA certificate
+serial		= $dir/serial 		# The current serial number
+crl		= $dir/crl.pem 		# The current CRL
+private_key	= $dir/private/ca.key	# The private key
+RANDFILE	= $dir/.rand		# private random number file
+
+x509_extensions	= basic_exts		# The extensions to add to the cert
+
+# This allows a V2 CRL. Ancient browsers don't like it, but anything Easy-RSA
+# is designed for will. In return, we get the Issuer attached to CRLs.
+crl_extensions	= crl_ext
+
+default_days	= $ENV::EASYRSA_CERT_EXPIRE	# how long to certify for
+default_crl_days= $ENV::EASYRSA_CRL_DAYS	# how long before next CRL
+default_md	= $ENV::EASYRSA_DIGEST		# use public key default MD
+preserve	= no			# keep passed DN ordering
+
+# This allows to renew certificates which have not been revoked
+unique_subject	= no
+
+# A few different ways of specifying how similar the request should look
+# For type CA, the listed attributes must be the same, and the optional
+# and supplied fields are just that :-)
+policy		= policy_anything
+
+# For the 'anything' policy, which defines allowed DN fields
+[ policy_anything ]
+countryName		= optional
+stateOrProvinceName	= optional
+localityName		= optional
+organizationName	= optional
+organizationalUnitName	= optional
+commonName		= supplied
+name			= optional
+emailAddress		= optional
+
+####################################################################
+# Easy-RSA request handling
+# We key off $DN_MODE to determine how to format the DN
+[ req ]
+default_bits		= $ENV::EASYRSA_KEY_SIZE
+default_keyfile 	= privkey.pem
+default_md		= $ENV::EASYRSA_DIGEST
+distinguished_name	= $ENV::EASYRSA_DN
+x509_extensions		= easyrsa_ca	# The extensions to add to the self signed cert
+
+# A placeholder to handle the $EXTRA_EXTS feature:
+#%EXTRA_EXTS%	# Do NOT remove or change this line as $EXTRA_EXTS support requires it
+
+####################################################################
+# Easy-RSA DN (Subject) handling
+
+# Easy-RSA DN for cn_only support:
+[ cn_only ]
+commonName		= Common Name (eg: your user, host, or server name)
+commonName_max		= 64
+commonName_default	= $ENV::EASYRSA_REQ_CN
+
+# Easy-RSA DN for org support:
+[ org ]
+countryName			= Country Name (2 letter code)
+countryName_default		= $ENV::EASYRSA_REQ_COUNTRY
+countryName_min			= 2
+countryName_max			= 2
+
+stateOrProvinceName		= State or Province Name (full name)
+stateOrProvinceName_default	= $ENV::EASYRSA_REQ_PROVINCE
+
+localityName			= Locality Name (eg, city)
+localityName_default		= $ENV::EASYRSA_REQ_CITY
+
+0.organizationName		= Organization Name (eg, company)
+0.organizationName_default	= $ENV::EASYRSA_REQ_ORG
+
+organizationalUnitName		= Organizational Unit Name (eg, section)
+organizationalUnitName_default	= $ENV::EASYRSA_REQ_OU
+
+commonName			= Common Name (eg: your user, host, or server name)
+commonName_max			= 64
+commonName_default		= $ENV::EASYRSA_REQ_CN
+
+emailAddress			= Email Address
+emailAddress_default		= $ENV::EASYRSA_REQ_EMAIL
+emailAddress_max		= 64
+
+####################################################################
+# Easy-RSA cert extension handling
+
+# This section is effectively unused as the main script sets extensions
+# dynamically. This core section is left to support the odd usecase where
+# a user calls openssl directly.
+[ basic_exts ]
+basicConstraints	= CA:FALSE
+subjectKeyIdentifier	= hash
+authorityKeyIdentifier	= keyid,issuer:always
+
+# The Easy-RSA CA extensions
+[ easyrsa_ca ]
+
+# PKIX recommendations:
+
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid:always,issuer:always
+
+# This could be marked critical, but it's nice to support reading by any
+# broken clients who attempt to do so.
+basicConstraints = CA:true
+
+# Limit key usage to CA tasks. If you really want to use the generated pair as
+# a self-signed cert, comment this out.
+keyUsage = cRLSign, keyCertSign
+
+# nsCertType omitted by default. Let's try to let the deprecated stuff die.
+# nsCertType = sslCA
+
+# CRL extensions.
+[ crl_ext ]
+
+# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
+
+# issuerAltName=issuer:copy
+authorityKeyIdentifier=keyid:always,issuer:always
+

deploy/data/linux/client/bin/qt.conf

@@ -0,0 +1,7 @@
+# Generated by linuxdeployqt
+# https://github.com/probonopd/linuxdeployqt/
+[Paths]
+Prefix = ../
+Plugins = plugins
+Imports = qml
+Qml2Imports = qml

deploy/data/linux/client/bin/update-resolv-conf.sh

@@ -0,0 +1,71 @@
+#!/usr/bin/env bash
+#
+# Parses DHCP options from openvpn to update resolv.conf
+# To use set as 'up' and 'down' script in your openvpn *.conf:
+# up /etc/openvpn/update-resolv-conf
+# down /etc/openvpn/update-resolv-conf
+#
+# Used snippets of resolvconf script by Thomas Hood <jdthood@yahoo.co.uk>
+# and Chris Hanson
+# Licensed under the GNU GPL.  See /usr/share/common-licenses/GPL.
+# 07/2013 colin@daedrum.net Fixed intet name
+# 05/2006 chlauber@bnc.ch
+#
+# Example envs set from openvpn:
+# foreign_option_1='dhcp-option DNS 193.43.27.132'
+# foreign_option_2='dhcp-option DNS 193.43.27.133'
+# foreign_option_3='dhcp-option DOMAIN be.bnc.ch'
+# foreign_option_4='dhcp-option DOMAIN-SEARCH bnc.local'
+
+## The 'type' builtins will look for file in $PATH variable, so we set the
+## PATH below. You might need to directly set the path to 'resolvconf'
+## manually if it still doesn't work, i.e.
+## RESOLVCONF=/usr/sbin/resolvconf
+export PATH=$PATH:/sbin:/usr/sbin:/bin:/usr/bin
+RESOLVCONF=$(type -p resolvconf)
+
+case $script_type in
+
+up)
+  for optionname in ${!foreign_option_*} ; do
+    option="${!optionname}"
+    echo $option
+    part1=$(echo "$option" | cut -d " " -f 1)
+    if [ "$part1" == "dhcp-option" ] ; then
+      part2=$(echo "$option" | cut -d " " -f 2)
+      part3=$(echo "$option" | cut -d " " -f 3)
+      if [ "$part2" == "DNS" ] ; then
+        IF_DNS_NAMESERVERS="$IF_DNS_NAMESERVERS $part3"
+      fi
+      if [[ "$part2" == "DOMAIN" || "$part2" == "DOMAIN-SEARCH" ]] ; then
+        IF_DNS_SEARCH="$IF_DNS_SEARCH $part3"
+      fi
+    fi
+  done
+  R=""
+  if [ "$IF_DNS_SEARCH" ]; then
+    R="search "
+    for DS in $IF_DNS_SEARCH ; do
+      R="${R} $DS"
+    done
+  R="${R}
+"
+  fi
+
+  for NS in $IF_DNS_NAMESERVERS ; do
+    R="${R}nameserver $NS
+"
+  done
+  #echo -n "$R" | $RESOLVCONF -x -p -a "${dev}"
+  echo -n "$R" | $RESOLVCONF -x -a "${dev}.inet"
+  ;;
+down)
+  $RESOLVCONF -d "${dev}.inet"
+  ;;
+esac
+
+# Workaround / jm@epiclabs.io 
+# force exit with no errors. Due to an apparent conflict with the Network Manager
+# $RESOLVCONF sometimes exits with error code 6 even though it has performed the
+# action correctly and OpenVPN shuts down.
+exit 0

deploy/data/linux/client/share/applications/AmneziaVPN_build.desktop

@@ -0,0 +1,8 @@
+#!/usr/bin/env xdg-open
+[Desktop Entry]
+Type=Application
+Name=AmneziaVPN client
+Comment=AmneziaVPN client
+Exec=AmneziaVPN
+Icon=AmneziaVPN_Logo.png
+Categories=VPN

deploy/data/linux/post_install.sh

@@ -0,0 +1,58 @@
+#!/bin/bash
+
+APP_NAME=AmneziaVPN
+LOG_FOLDER=/var/log/$APP_NAME
+LOG_FILE="$LOG_FOLDER/post-install.log"
+APP_PATH=/opt/$APP_NAME
+
+if ! test -f $LOG_FOLDER; then
+        sudo mkdir $LOG_FOLDER
+        echo "AmneziaVPN log dir created at /var/log/"
+fi
+
+if ! test -f $LOG_FILE; then
+        touch $LOG_FILE
+        echo "AmneziaVPN log file created at /var/log/AmneziaVPN/post-install.log"
+fi
+
+date > $LOG_FILE
+echo "Script started" >> $LOG_FILE
+sudo killall -9 $APP_NAME 2>> $LOG_FILE
+
+if sudo systemctl is-active --quiet $APP_NAME; then
+	sudo systemctl stop $APP_NAME >> $LOG_FILE
+	sudo systemctl disable $APP_NAME >> $LOG_FILE
+	sudo rm -rf /etc/systemd/system/$APP_NAME.service >> $LOG_FILE
+fi
+
+sudo cp $APP_PATH/service/$APP_NAME.service /etc/systemd/system/ >> $LOG_FILE
+
+sudo ln -s $APP_PATH/client/lib/* /usr/lib/ >> $LOG_FILE
+
+sudo systemctl start $APP_NAME >> $LOG_FILE
+sudo systemctl enable $APP_NAME >> $LOG_FILE
+sudo ln -s $APP_PATH/client/bin/$APP_NAME /usr/sbin/ >> $LOG_FILE
+
+
+echo "user desktop creation loop started" >> $LOG_FILE
+getent passwd {1000..6000} | while IFS=: read -r name password uid gid gecos home shell; do
+        echo "name: $name"
+        if ! test -f /home/$name/.icons; then
+                mkdir /home/$name/.icons/ >> $LOG_FILE
+        fi
+
+        cp -f $APP_PATH/client/share/icons/AmneziaVPN_Logo.png /home/$name/.icons/ >> $LOG_FILE
+        cp $APP_PATH/client/$APP_NAME.desktop /home/$name/Desktop/ >> $LOG_FILE
+
+        sudo chown $name:$name /home/$name/.local/share/gvfs-metadata/home* >> $LOG_FILE
+        sudo -u $name dbus-launch gio set /home/$name/Desktop/AmneziaVPN.desktop "metadata::trusted" yes >> $LOG_FILE
+        sudo chown $name:$name /home/$name/Desktop/AmneziaVPN.desktop >> $LOG_FILE
+done
+echo "user desktop creation loop ended" >> $LOG_FILE
+
+date >> $LOG_FILE
+echo "Service status:" >> $LOG_FILE
+sudo systemctl status $APP_NAME >> $LOG_FILE
+date >> $LOG_FILE
+echo "Script finished" >> $LOG_FILE
+exit 0

deploy/data/linux/post_uninstall.sh

@@ -0,0 +1,74 @@
+#!/bin/bash
+
+APP_NAME=AmneziaVPN
+LOG_FOLDER=/var/log/$APP_NAME
+LOG_FILE="$LOG_FOLDER/post-uninstall.log"
+APP_PATH=/opt/$APP_NAME
+
+if ! test -f $LOG_FILE; then
+	touch $LOG_FILE
+fi
+
+date >> $LOG_FILE
+echo "Uninstall Script started" >> $LOG_FILE
+sudo killall -9 $APP_NAME 2>> $LOG_FILE
+
+ls /opt/AmneziaVPN/client/lib/* | while IFS=: read -r dir; do
+	sudo unlink $dir  >> $LOG_FILE
+done
+
+if sudo systemctl is-active --quiet $APP_NAME; then
+	sudo systemctl stop $APP_NAME >> $LOG_FILE
+fi
+
+if sudo systemctl is-enabled --quiet $APP_NAME; then
+	sudo systemctl disable $APP_NAME >> $LOG_FILE
+fi
+
+if test -f /etc/systemd/system/$APP_NAME.service; then
+	sudo rm -rf /etc/systemd/system/$APP_NAME.service >> $LOG_FILE
+fi
+
+if test -f /usr/bin/$APP_NAME; then
+        sudo rm -rf /usr/sbin/$APP_NAME >> $LOG_FILE
+fi
+
+if test -f $APP_PATH; then
+        sudo rm -rf $APP_PATH >> $LOG_FILE
+fi
+
+if test -f /usr/sbin/$APP_NAME; then
+        sudo rm -rf /usr/sbin/$APP_NAME >> $LOG_FILE
+fi
+
+getent passwd {1000..6000} | while IFS=: read -r name password uid gid gecos home shell; do
+	if test -f /home/$name/Desktop/$APP_NAME\ client.desktop; then
+		sudo rm -rf /home/$name/Desktop/$APP_NAME\ client.desktop >> $LOG_FILE
+	fi
+
+        if test -f /home/$name/Desktop/$APP_NAME.desktop; then
+                sudo rm -rf /home/$name/Desktop/$APP_NAME.desktop >> $LOG_FILE
+        fi
+
+	if test -f /home/$name/.config/$APP_NAME.ORG; then
+		sudo rm -rf /home/$name/.config/$APP_NAME.ORG >> $LOG_FILE
+	fi
+
+	if test -f /home/$name/.local/share/$APP_NAME.ORG; then
+		sudo rm -rf /home/$name/.local/share/$APP_NAME.ORG >> $LOG_FILE
+	fi
+
+	if test -f /home/$name/.local/share/$APP_NAME; then
+                sudo rm -rf /home/$name/.local/share/$APP_NAME >> $LOG_FILE
+        fi
+
+	if test -f /home/$name/.icons/AmneziaVPN_Logo.png; then
+		sudo rm -rf /home/$name/.icons/AmneziaVPN_Logo.png >> $LOG_FILE
+	fi
+done
+
+date >> $LOG_FILE
+echo "Service after uninstall status:" >> $LOG_FILE
+sudo systemctl status $APP_NAME >> $LOG_FILE
+date >> $LOG_FILE
+echo "Script finished" >> $LOG_FILE

deploy/data/linux/service/AmneziaVPN.service

@@ -0,0 +1,13 @@
+[Unit]
+Description=AmneziaVPN Service
+After=network.target
+StartLimitIntervalSec=0
+
+[Service]
+Type=simple
+Restart=always
+RestartSec=1
+ExecStart=/opt/AmneziaVPN/service/bin/AmneziaVPN-service
+
+[Install]
+WantedBy=multi-user.target

deploy/data/linux/service/share/applications/AmneziaVPN_build.desktop

@@ -0,0 +1,7 @@
+#!/usr/bin/env xdg-open
+[Desktop Entry]
+Type=Application
+Name=AmneziaVPN service
+Comment=AmneziaVPN service
+Exec=AmneziaVPN-service
+Categories=VPN

deploy/installer/config/controlscript.js

@@ -25,6 +25,8 @@ function appInstalled()
         appInstalledUninstallerPath_x86 = installer.value("RootDir") + "Program Files (x86)/AmneziaVPN/maintenancetool.exe";
     } else if (runningOnMacOS()){
         appInstalledUninstallerPath = "/Applications/" + appName() + ".app/maintenancetool.app/Contents/MacOS/maintenancetool";
+    } else if (runningOnLinux()){
+	allInstalledUninstallerPath = "/opt/" + appName();
     }
 
     return installer.fileExists(appInstalledUninstallerPath) || installer.fileExists(appInstalledUninstallerPath_x86);
@@ -45,6 +47,11 @@ function runningOnMacOS()
     return (installer.value("os") === "mac");
 }
 
+function runningOnLinux()
+{
+    return (installer.value("os") === "linux");
+}
+
 function sleep(miliseconds) {
     var currentTime = new Date().getTime();
     while (currentTime + miliseconds >= new Date().getTime()) {}

deploy/installer/config/linux.xml

@@ -0,0 +1,27 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Installer>
+    <Name>AmneziaVPN</Name>
+    <Version>1.6.0.0</Version>
+    <Title>AmneziaVPN</Title>
+    <Publisher>AmneziaVPN</Publisher>
+    <StartMenuDir>AmneziaVPN</StartMenuDir>
+    <TargetDir>@ApplicationsDir@/AmneziaVPN</TargetDir>
+    <WizardDefaultWidth>600</WizardDefaultWidth>
+    <WizardDefaultHeight>380</WizardDefaultHeight>
+    <WizardStyle>Modern</WizardStyle>
+    <RemoveTargetDir>true</RemoveTargetDir>
+    <AllowSpaceInPath>true</AllowSpaceInPath>
+    <AllowNonAsciiCharacters>false</AllowNonAsciiCharacters>
+    <ControlScript>controlscript.js</ControlScript>
+    <RepositorySettingsPageVisible>false</RepositorySettingsPageVisible>
+    <DependsOnLocalInstallerBinary>true</DependsOnLocalInstallerBinary>
+    <SupportsModify>false</SupportsModify>
+    <DisableAuthorizationFallback>true</DisableAuthorizationFallback>
+    <RemoteRepositories>
+     <Repository>
+       <Url>https://amneziavpn.org/updates/linux</Url>
+       <Enabled>true</Enabled>
+       <DisplayName>AmneziaVPN - repository for Linux</DisplayName>
+     </Repository>
+    </RemoteRepositories>
+</Installer>

deploy/installer/packages/org.amneziavpn.package/meta/componentscript.js

@@ -28,6 +28,11 @@ function runningOnMacOS()
     return (systemInfo.kernelType === "darwin");
 }
 
+function runningOnLinux()
+{
+    return (systemInfo.kernelType === "linux");
+}
+
 function vcRuntimeIsInstalled()
 {
     return (installer.findPath("msvcp140.dll", [installer.value("RootDir")+ "\\Windows\\System32\\"]).length !== 0)
@@ -86,6 +91,8 @@ Component.prototype.createOperations = function()
 
     } else if (runningOnMacOS()) {
         component.addElevatedOperation("Execute", "@TargetDir@/post_install.sh", "UNDOEXECUTE", "@TargetDir@/post_uninstall.sh");
+    } else if (runningOnLinux()) {
+	component.addElevatedOperation("Execute", "bash", "@TargetDir@/post_install.sh", "UNDOEXECUTE", "bash", "@TargetDir@/post_uninstall.sh");
     }
 }
 
@@ -112,7 +119,9 @@ Component.prototype.installationFinished = function()
 
         } else if (runningOnMacOS()) {
             command = "/Applications/" + appName() + ".app/Contents/MacOS/" + appName();
-        }
+        } else if (runningOnLinux()) {
+	    command = "@TargetDir@/client/" + appName();
+	}
 
         installer.dropAdminRights()
 

service/server/router.cpp

@@ -4,6 +4,8 @@
 #include "router_win.h"
 #elif defined (Q_OS_MAC)
 #include "router_mac.h"
+#elif defined Q_OS_LINUX
+#include "router_linux.h"
 #endif
 
 
@@ -13,6 +15,8 @@ int Router::routeAddList(const QString &gw, const QStringList &ips)
     return RouterWin::Instance().routeAddList(gw, ips);
 #elif defined (Q_OS_MAC)
     return RouterMac::Instance().routeAddList(gw, ips);
+#elif defined Q_OS_LINUX
+    return RouterLinux::Instance().routeAddList(gw, ips);
 #endif
 }
 
@@ -22,6 +26,8 @@ bool Router::clearSavedRoutes()
     return RouterWin::Instance().clearSavedRoutes();
 #elif defined (Q_OS_MAC)
     return RouterMac::Instance().clearSavedRoutes();
+#elif defined Q_OS_LINUX
+    return RouterLinux::Instance().clearSavedRoutes();
 #endif
 }
 
@@ -31,6 +37,8 @@ int Router::routeDeleteList(const QString &gw, const QStringList &ips)
     return RouterWin::Instance().routeDeleteList(gw, ips);
 #elif defined (Q_OS_MAC)
     return RouterMac::Instance().routeDeleteList(gw, ips);
+#elif defined Q_OS_LINUX
+    return RouterLinux::Instance().routeDeleteList(gw, ips);
 #endif
 }
 
@@ -40,6 +48,8 @@ void Router::flushDns()
     RouterWin::Instance().flushDns();
 #elif defined (Q_OS_MAC)
     RouterMac::Instance().flushDns();
+#elif defined Q_OS_LINUX
+    RouterLinux::Instance().flushDns();
 #endif
 }
 

service/server/router_linux.cpp

@@ -0,0 +1,166 @@
+#include "router_linux.h"
+
+#include <QProcess>
+#include <QThread>
+#include <utils.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <net/route.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#include <sys/ioctl.h>
+#include <paths.h>
+#include <fcntl.h>
+#include <errno.h>
+#include <stdio.h>
+#include <unistd.h>
+#include <QFileInfo>
+
+RouterLinux &RouterLinux::Instance()
+{
+    static RouterLinux s;
+    return s;
+}
+
+bool RouterLinux::routeAdd(const QString &ipWithSubnet, const QString &gw, const int &sock)
+{
+    QString ip = Utils::ipAddressFromIpWithSubnet(ipWithSubnet);
+    QString mask = Utils::netMaskFromIpWithSubnet(ipWithSubnet);
+
+    if (!Utils::checkIPv4Format(ip) || !Utils::checkIPv4Format(gw)) {
+        qCritical().noquote() << "Critical, trying to add invalid route: " << ip << gw;
+        return false;
+    }
+
+    struct rtentry route;
+    memset(&route, 0, sizeof( route ));
+
+    // set gateway
+    ((struct sockaddr_in *)&route.rt_gateway)->sin_family = AF_INET;
+    ((struct sockaddr_in *)&route.rt_gateway)->sin_addr.s_addr = inet_addr(gw.toStdString().c_str());
+    ((struct sockaddr_in *)&route.rt_gateway)->sin_port = 0;
+    // set host rejecting
+    ((struct sockaddr_in *)&route.rt_dst)->sin_family = AF_INET;
+    ((struct sockaddr_in *)&route.rt_dst)->sin_addr.s_addr = inet_addr(ip.toStdString().c_str());
+    ((struct sockaddr_in *)&route.rt_dst)->sin_port = 0;
+    // set mask
+    ((struct sockaddr_in *)&route.rt_genmask)->sin_family = AF_INET;
+    ((struct sockaddr_in *)&route.rt_genmask)->sin_addr.s_addr = inet_addr(mask.toStdString().c_str());
+    ((struct sockaddr_in *)&route.rt_genmask)->sin_port = 0;
+
+    route.rt_flags = RTF_UP | RTF_GATEWAY;
+    route.rt_metric = 0;
+    //route.rt_dev = "ens33";
+
+    if (int err = ioctl(sock, SIOCADDRT, &route) < 0)
+    {
+        qDebug().noquote() << "route add error: gw "
+        << ((struct sockaddr_in *)&route.rt_gateway)->sin_addr.s_addr
+        << " ip " << ((struct sockaddr_in *)&route.rt_dst)->sin_addr.s_addr
+        << " mask " << ((struct sockaddr_in *)&route.rt_genmask)->sin_addr.s_addr << " " << err;
+        return false;
+    }
+    return true;
+}
+
+int RouterLinux::routeAddList(const QString &gw, const QStringList &ips)
+{
+    int temp_sock = socket(AF_INET, SOCK_DGRAM,  IPPROTO_IP);
+    int cnt = 0;
+    for (const QString &ip: ips) {
+        if (routeAdd(ip, gw, temp_sock)) cnt++;
+    }
+    close(temp_sock);
+    return cnt;
+}
+
+bool RouterLinux::clearSavedRoutes()
+{
+    // No need to delete routes after iface down
+    return true;
+
+//    int cnt = 0;
+//    for (const QString &ip: m_addedRoutes) {
+//        if (routeDelete(ip)) cnt++;
+//    }
+    //    return (cnt == m_addedRoutes.count());
+}
+
+bool RouterLinux::routeDelete(const QString &ipWithSubnet, const QString &gw, const int &sock)
+{
+    QString ip = Utils::ipAddressFromIpWithSubnet(ipWithSubnet);
+    QString mask = Utils::netMaskFromIpWithSubnet(ipWithSubnet);
+
+    if (!Utils::checkIPv4Format(ip) || !Utils::checkIPv4Format(gw)) {
+        qCritical().noquote() << "Critical, trying to remove invalid route: " << ip << gw;
+        return false;
+    }
+
+    if (ip == "0.0.0.0") {
+        qDebug().noquote() << "Warning, trying to remove default route, skipping: " << ip << gw;
+        return true;
+    }
+
+    struct rtentry route;
+    memset(&route, 0, sizeof( route ));
+
+    // set gateway
+    ((struct sockaddr_in *)&route.rt_gateway)->sin_family = AF_INET;
+    ((struct sockaddr_in *)&route.rt_gateway)->sin_addr.s_addr = inet_addr(gw.toStdString().c_str());
+    ((struct sockaddr_in *)&route.rt_gateway)->sin_port = 0;
+    // set host rejecting
+    ((struct sockaddr_in *)&route.rt_dst)->sin_family = AF_INET;
+    ((struct sockaddr_in *)&route.rt_dst)->sin_addr.s_addr = inet_addr(ip.toStdString().c_str());
+    ((struct sockaddr_in *)&route.rt_dst)->sin_port = 0;
+    // set mask
+    ((struct sockaddr_in *)&route.rt_genmask)->sin_family = AF_INET;
+    ((struct sockaddr_in *)&route.rt_genmask)->sin_addr.s_addr = inet_addr(mask.toStdString().c_str());
+    ((struct sockaddr_in *)&route.rt_genmask)->sin_port = 0;
+
+    route.rt_flags = RTF_UP | RTF_GATEWAY;
+    route.rt_metric = 0;
+    //route.rt_dev = "ens33";
+
+    if (ioctl(sock, SIOCDELRT, &route) < 0)
+    {
+        qDebug().noquote() << "route delete error: gw " << gw << " ip " << ip << " mask " << mask;
+        return false;
+    }
+    return true;
+}
+
+bool RouterLinux::routeDeleteList(const QString &gw, const QStringList &ips)
+{
+    int temp_sock = socket(AF_INET, SOCK_DGRAM, IPPROTO_IP);
+    int cnt = 0;
+    for (const QString &ip: ips) {
+        if (routeDelete(ip, gw, temp_sock)) cnt++;
+    }
+    close(temp_sock);
+    return cnt;
+}
+
+void RouterLinux::flushDns()
+{
+    QProcess p;
+    p.setProcessChannelMode(QProcess::MergedChannels);
+
+    //check what the dns manager use
+    if (QFileInfo::exists("/usr/bin/nscd")
+        || QFileInfo::exists("/usr/sbin/nscd")
+        || QFileInfo::exists("/usr/lib/systemd/system/nscd.service"))
+    {
+        p.start("systemctl restart nscd");
+    }
+    else
+    {
+        p.start("systemctl restart systemd-resolved");
+    }
+
+    p.waitForFinished();
+    QByteArray output(p.readAll());
+    if (output.isEmpty())
+        qDebug().noquote() << "Flush dns completed";
+    else
+        qDebug().noquote() << "OUTPUT systemctl restart nscd/systemd-resolved: " + output;
+}

service/server/router_linux.h

@@ -0,0 +1,38 @@
+#ifndef ROUTERLINUX_H
+#define ROUTERLINUX_H
+
+#include <QTimer>
+#include <QString>
+#include <QSettings>
+#include <QHash>
+#include <QDebug>
+#include <QObject>
+
+/**
+ * @brief The Router class - General class for handling ip routing
+ */
+class RouterLinux : public QObject
+{
+    Q_OBJECT
+public:
+    static RouterLinux& Instance();
+
+    bool routeAdd(const QString &ip, const QString &gw, const int &sock);
+    int routeAddList(const QString &gw, const QStringList &ips);
+    bool clearSavedRoutes();
+    bool routeDelete(const QString &ip, const QString &gw, const int &sock);
+    bool routeDeleteList(const QString &gw, const QStringList &ips);
+    void flushDns();
+
+public slots:
+
+private:
+    RouterLinux() {}
+    RouterLinux(RouterLinux const &) = delete;
+    RouterLinux& operator= (RouterLinux const&) = delete;
+
+    QList<QString> m_addedRoutes;
+};
+
+#endif // ROUTERLINUX_H
+

service/server/server.pro

@@ -46,7 +46,7 @@ LIBS += \
 
 macx {
 HEADERS += \
-    router_mac.h
+    router_mac.h \
     helper_route_mac.h
 
 SOURCES += \
@@ -54,6 +54,14 @@ SOURCES += \
     helper_route_mac.c
 }
 
+linux {
+HEADERS += \
+    router_linux.h
+
+SOURCES += \
+    router_linux.cpp
+}
+
 include(../src/qtservice.pri)
 
 #CONFIG(release, debug|release) {