Not connected, Your IP: 216.73.216.108
Online: 36022 users - 518750 Mbit/s total BWAll Activity
This stream auto-updates
- Past hour
-
-
-
-
-
-
-
-
-
-
-
-
-
larry.munday reacted to a post in a topic:
Personal IPv6 exit IP as alternative to port forwarding ...
-
larry.munday reacted to a post in a topic:
Personal IPv6 exit IP as alternative to port forwarding ...
- Today
-
Doesn't take much for the score to be reduced to 0 stars, though. Certainly doesn't need the penalty value to be set (it's set nowhere in SE). I don't understand the "speed" scoring, anyway. Neither does it relate to theoretically achievable throughput (load), nor to a stable connection (clients). It's illogical for me why a server with 96% usage and 165 clients gets a similar score as a 28% usage server with a whopping 335 clients connected. The scoring by latency makes more sense in that those 23-37 ms servers get 5* and Menkab only 3-4. We really need better scoring rules…
-
-
I'm on pfsense+ 25.07.1. I'm delaying updating to 25.11 for a bit longer. Also I'm still using the wireguard package 0.2.9_5 instead of the latest version which is 0.2.11. -
Split DNS configuration for Eddie
Tech Jedi Alex replied to raxod502's topic in Eddie - AirVPN Client
Well, in the case of AirDNS the requests benefit from the encryption of the VPN tunnel, of course, so men in the middle cannot intercept DNS requests. It is safer to use AirDNS, that's for sure. Though outside of it, maybe DoT or DoH are alternatives. -
Tried several countries, using both with domain names and resolved addresses. Deleted even devices under client area, renewed, etc. The thing is, on my previous setup on pfsense I was able to connect wtih Air+Mullvad. Then after fresh Pfsense install it seems not to work in Air's case, Mullvad is fine. -
@Esurient, what software is that? Looks cool!
-
I just connected to three different servers with wireguard configs on pfsense. Are you using resolved hosts or the domain in the config? Only thing I can think of considering other VPNs are working for you is if the domain isn't resolvable for you.
-
-
Were you able to get your port forwarding fixed? In addition to specifying your WireGuard variables you need to add: FIREWALL_VPN_INPUT_PORTS=# (replace # with your port from AirVPN client area). Here is a template config: services: gluetun: cap_add: - NET_ADMIN container_name: gluetun devices: - /dev/net/tun:/dev/net/tun environment: - VPN_SERVICE_PROVIDER=custom - VPN_TYPE=wireguard - WIREGUARD_ENDPOINT_IP=# - WIREGUARD_ENDPOINT_PORT=# - WIREGUARD_PUBLIC_KEY=# - WIREGUARD_PRIVATE_KEY=# - WIREGUARD_PRESHARED_KEY=# - WIREGUARD_ADDRESSES=# - FIREWALL_VPN_INPUT_PORTS=# image: qmcgaw/gluetun:latest ports: - 8888:8888/tcp - 8388:8388/tcp restart: unless-stopped you can fill in # with values from your WireGuard configuration file. More info can be found here: https://github.com/qdm12/gluetun-wiki/blob/main/setup/options/wireguard.md. Hope that helps! -
-
-
I think that would definitely explain it, I'm guessing most people use Eddie to connect to AirVPN servers, and pick whatever server has the highest score. I just read your other posts going into detail on how the score for speed was calculated. Since ping, load percentage and user percentage are all comparable, it seems like that "Penality" factor must be extremely high then for the servers located in Uppsala.
-
If I use my standard public DNS servers, then assuming I trust the operator of those DNS servers to not log my requests, is there any additional reduction in privacy compared to using AirVPN's DNS servers? I imagine in either case the DNS requests are traveling across the network unencrypted, but maybe there is some encapsulation I am unaware of that would make the default configuration more secure? (Besides the request logging policy, if applicable.)
-
Looking in Eddie, I can deduce a possible reason. If the scoring rule is set to Speed, which is the default, only four servers actually get a non-zero score, putting only those four into consideration of the Connect to best server function. The client count reflects that. I quick-tested a connection to Sweden on Android, and Copernicus was chosen to be the best server.. huh. Also interesting: The first three are hosted by Altushost, Segin is Netrouting, rest seems to be Kustbandet. ISP might play a role here, too.
-
Request: split tunnel in eddie on windows
Tech Jedi Alex replied to costia's topic in General & Suggestions
This window is more or less an interface to the --route directive of OpenVPN, and --route does not support application names or strange protocol/port notations. -
Random question that I was always curious about, does anyone know why most of the servers in Sweden have such low utilization? Doesn't seem to happen for any other country.
-
-
Facing exactly the same issue on PfSense 2.8.1 CE. Have Mullvad tunnels working on it OK, with Air, under Status: tunnel shows up, but "Latest handshake": never. Have gone through the process couple of times, but with no avail...
-
-
The current options are more or less useless. It doesn't even allow to filter based on destination port or protocol. For example filter all TCP:443 traffic. Other VPN clients allow filtering by application, which is what I actually need. Edit: for some reason editing the post doesnt allow me to remove the uploaded image. strange.
-
-
-
Split DNS configuration for Eddie
Tech Jedi Alex replied to raxod502's topic in Eddie - AirVPN Client
My solution when connected, which is not a solution per se, is to simply not use AirDNS. Connected or not, I always use my network's Pi-Hole which forwards my local domain to the router. My router = my ISP's DNS servers, one Quad9 address and two OpenNIC servers are configured as upstream servers. Depends on what you use a VPN for whether this is okay for you. For my use case it's sufficient. -
Hello! In this case you should use your hosts file, so you bypass DNS directly, no need to expose any detail in AirVPN configuration of course. You would need to disable DHCP to have static addresses for the key devices in your LAN, but we don't know if you may like this limitation. Kind regards
-
.thumb.png.8be84fd39f94c1640ac8c5456fbf3449.png)
[SOLVED] Network lock protection lost when eddie-ui crashes
Staff replied to zebulon's topic in Eddie - AirVPN Client
Hello! Thank you first and foremost for this valuable information related to the possibility that a plasmashell crash can cause sending a graceful SIGTERM to children apps etc. This should be confirmed or denied as it is relevant. From the correct and precise info that @Tech Jedi Alex provided, you now know that: Network Lock is a set of firewall rules if Eddie is properly shut down, it restores the previous firewall rules if Eddie is killed ungracefully / crashes the rules remain in place, i.e. Network Lock stays "active" Now, you have an unstable environment which might cause a proper Eddie shut down with a tranquil kill signal, so you need to either revert to a stable environment, or keep even the firewall rules that are restored as blocking rules preventing leaks, so you have a "permanent" lock. Of course, should the environment cause modifications even to the filtering table, then a "permanent" network lock becomes impossible and the only real solution is using a stable environment, which would be the healthiest and safest solution. Seeking these types of protection when the operating environment itself is seriously unstable is not logic unless it's an exercise / proof when the assessed risk in controlled condition is zero (therefore do not use this environment for sensitive activity / sensitive data flow). Kind regards -
ANSWERED Help with setting up external access Plex server
bidasci replied to robzeta's topic in Troubleshooting and Problems
Works now. Thank you. -
Yeah, I think that would be a no-go, as my addresses are assigned dynamically via DHCP and the IPv6 SLAAC addresses rotate regularly per https://www.rfc-editor.org/rfc/rfc4941. Even if I set up automation to publish the mappings to AirVPN, it seems like poor practice to expose details of my private LAN in (unencrypted) account configuration like that. Ok, fair enough, if the configured DNS server is non-local. I guess I assumed that the DNS server that AirVPN configured my server to use would be a recursive resolver run by the AirVPN daemon to handle DNS tunnelling, but I see that it's not. Regardless, it should still be possible to achieve what I want - I could for example set up a simple recursive DNS resolver on my local machine, which would delegate ".lan" queries to my router and all other queries to the AirVPN DNS server. Does that sound right? I guess I'm just surprised this isn't a common enough ask that there's a standard solution.
- Yesterday
-
Jc = 10 Jmin = 53 Jmax = 488 S1 = 0 S2 = 0 H1 = 2 H2 = 4 H3 = 1 H4 = 3 I1 = <b 0xc800000001142041eb35d428321d4c7b5a54f4a25b2eb42b1473144d6f82c2a7fb72748e0ec1cb05dbee502b24ad1f008000047c54b2c6fd1b8d38cc5b2898ffb4ab45a98e34500df11f17d7a00e6feee8b1689e65d3de8267c53ab147353c33bb36072efc65b807af56031e5531651e06f604b15a2cffe4ac57a2611c5b4ed0de39c051de95ad48ca096859db12be3164a2b4c4780c20889a6d9f592cb30b7c0de1636492f9c708ba5ef94c62ff52355782fdc80a7cb7c271004b31164f17ae1164b2a6879182d4e43c06cc29803ee6817da5f08a2c43757cc0f1748ef45fd8b69559b96ecc22828bf5eb9c5796db363da6cd1e675808ff1fa60ed2f226ea9347b6aead0a77419dbea8c03053c6c78e98652faa8b3d7c266d508586f2bc642b55adadbfbeae7d36bf1555e5769b8bf21f81908da3418882937d394e73284fa254926373aeb3d9093f837281c533688e29dacf3d798a36e32ae5d06683b4fba6031652f3abd817d4e585dc8682d2fc661d58242f9148cf051ecd0bfc4d3d1ebbd5db752567389710d3f39d963e01d39240e79a83e5043455609733b00cf2abec95270125882327c93bb2702d2beb03fcf8e5df1234e10f28768d76458f5380a256c27d6623774deabcd327c845e1398006bf288fd3732ea36d13a661ee551d024403283bfde1213ff4e767fefac1db3a2555ae0ffc5ab72251c269bc5115cf4bb65280ffa35c62468801e191131d35ad081659abb97a8fbe26049556ffe87f4d7f592a6f4423133e79661a26928511288cf98e54e34a4e8ecdd4d8c6e1af469ded38a159d625e45e549b3a711ef293f7930040c72b7cd975045ed7e629b60104cced6cb5afb75712eefd60bd705c040bf2143de63d2f637f825c69e53034e183aadb94858d63f2506d42d4faed810ba98172d2340b9d2eb63a4665a5480124f6ce5369cccf2bf18d512fc1b52c0ae7f64ca4380a17d19882b69bcda00277f73b8e02160cddfd913b807149e8519cfbdcb216b80a377a735ad31b87b41c7fb966ebcaae7213e6d4915beb845f926f6e29a284ea11a4f3a63ed22a61d0110cd33b1c31a8a0538b312e9266b773621cdeb9aa862db0d99e04b3cfa1e9ab03ff35cf6a6d3b72be1a6e039104547f9041e007d02c3769510d507f07ea3ebf38a326a9d82977a1cd32b25af02ccf1ddac08389dfb0a30932161f20b53b7a19b6fa8850d86f67b4420eb65f5ed45ba282ad1b82bf341cb9ad3b36437a1f007ad98ce2058fef118a650c908ac9c8cfaffc6eb37f203946a05b1d1698a0e325fc25594d41df81e5984486209aaf3ec854bea023663a7b8c63d31aea21921dcfca5d828b10fca0dd0855ffcaf4e9f0ae83372ff1674f2229954b7dd5dedff81a34aea41537f4536a86a746fa1e28c06985bc029e76df04d383fa7559679d67aa53e153663653ea75cc29a400e20f7ec5c55d13669d08eb9a5615b6871f51c08fde02ddb3bdaa0cc28ef207c6ff51f52bbd3cd49fab6708db0ccda23c7cfd6bd7aae5143b4a88aedf4d232ef39645ddb5bfe794b3e7175cb0b355c4f44df07b53bc48c11e80c3b62319f6a26f8a9b300306c2077b3c0a06028ed9cc2ffabb9984500cd98420b58a6649be2ac1969c3cc2b2fe62dae03c4e48b080ae812c7e105f45fc4ad3544e46d38e25662177644d6ea87e99a892> It is highly preferred that you get your own QUIC packet for I1. You could do that with Wireshark and "curl --http3-only (possibly any Russian website that is whitelisted)" . Select first QUIC Initial packet, right click "QUIC IETF" below -> Copy -> Copy as a Hex Stream. (Mozilla Firefox QUIC packets did not work for 16 kbyte blocked subnets for me)
-
Hi i send working compose. Only problem is with "unhealthy" gluetun when serwer/port is not used. -
[SOLVED] Network lock protection lost when eddie-ui crashes
zebulon replied to zebulon's topic in Eddie - AirVPN Client
Thanks for your comment. Actually I think I might have been confused and did not realize I was still connected to server. I cannot ascertain it was not the case, and I cannot reproduce the steps to crash eddie-ui and disconnect at the same time.That said I cannot ascertain the contrary either, and it would be reassuring to be sure we have a real failsafe network lock. -
DNS on Linux stopped working without Air
Tech Jedi Alex replied to Biggsboy's topic in Troubleshooting and Problems
Provide a system report.. -
Split DNS configuration for Eddie
Tech Jedi Alex replied to raxod502's topic in Eddie - AirVPN Client
It is not possible to configure that. Once the DNS servers are replaced, .lan will be unresolvable. What you can do is enable custom DNS and fill the Custom answers table at the bottom with your .lan FQDNs with local addresses. Though if your network is more or less dynamic it probably will get tedious to keep up. -
Invisible characters when copying text from forum
Tech Jedi Alex replied to Stalinium's topic in General & Suggestions
That thing is most probably the reason why I always place a dot on a newline before doing LOG formats, spoilers, quotes or link embeds and leave them there if no text is following, otherwise I cannot type immediately after it or when editing. You learn to work around these quirks with time, but, well… IP.Board places those everywhere.
