Mr_MIagi 2 Posted ... Hi all, I followed the suggested how to guide and set up Synology DiskStation to connect to AirVPN. It was a convoluted set-up but this was not fault of the guide or author, it was a just a pain and a little over my head. Anyway, I am successfully connected, but is there a way to prevent leaks if they occur, and secondly, other that viewing connections in client area of the AiVPN website, is there anyway to confirm that I am actually connected? Thanks MM Quote Share this post Link to post
OpenSourcerer 1447 Posted ... Hey where did you find the guide ?? Maybe that one. Found by searching for synology, but no offense. Quote Hide OpenSourcerer's signature Hide all signatures NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT. LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too! Want to contact me directly? All relevant methods are on my About me page. Share this post Link to post
urbanconcrete 14 Posted ... If someone is still looking for a script...i found this one but it has to be changed for airvpn... #!/bin/ash # wget https://gist.githubusercontent.com/aelveborn/e0faab9185256eeb86ad/raw/ -O ipredator-iptables.sh # chmod 755 ipredator-iptables.sh # and modify your local ip in the script enableRules() { if [ -f /etc/ipredator/iptables.orig ]; then echo "Ipredator iptables rules already enabled!" else if [ ! -d /etc/ipredator ]; then mkdir /etc/ipredator/ fi iptables-save > /etc/ipredator/iptables.orig # Flush iptables and add tunnel and localhost iptables -F iptables -A INPUT -i tun+ -j ACCEPT iptables -A OUTPUT -o tun+ -j ACCEPT iptables -A INPUT -s 127.0.0.0/8 -j ACCEPT iptables -A OUTPUT -d 127.0.0.0/8 -j ACCEPT # Add local subnet for LAN access # Modify these ips for your local network iptables -A INPUT -s 10.0.0.0/24 -j ACCEPT iptables -A OUTPUT -d 10.0.0.0/24 -j ACCEPT iptables -A INPUT -s 10.8.0.0/24 -j ACCEPT iptables -A OUTPUT -d 10.8.0.0/24 -j ACCEPT iptables -A INPUT -s 192.168.1.0/24 -j ACCEPT iptables -A OUTPUT -d 192.168.1.0/24 -j ACCEPT # Add Ipredators IP's iptables -A INPUT -s 46.246.32.0/19 -j ACCEPT iptables -A OUTPUT -d 46.246.32.0/19 -j ACCEPT # Add current IP, in case currently connected server IP isn't in server list for some reason # Also allows script to handle individual servers from other VPN providers #CURRENT_SERVER_IP=$(wget https://duckduckgo.com/?q=whats+my+ip -q -O - | grep -Eo '\<[[:digit:]]{1,3}(\.[[:digit:]]{1,3}){3}\>') #iptables -A INPUT -s $CURRENT_SERVER_IP -j ACCEPT #iptables -A OUTPUT -d $CURRENT_SERVER_IP -j ACCEPT # Drop everything else iptables -A INPUT -j DROP iptables -A OUTPUT -j DROP echo "Ipredator iptables rules activated" fi } disableRules() { if [ -f /etc/ipredator/iptables.orig ]; then iptables-restore /etc/ipredator/iptables.orig rm /etc/ipredator/iptables.orig echo "Ipredator iptables rules deactivated" else echo "Ipredator iptables rules already disabled!" fi } help () { echo "Ipredator iptables" echo " Based on PIA IPTables Leak Blocker 0.5 - coded by Colonel Panic" echo " and on scripts created by ShadowSpectre (PIA Iptables Manager)" echo " and Windom (iptables-vpnon-update)" echo "" echo "Usage: $0 [OPTION]" echo " start Replace current iptables rules to accept Ipredator servers and LAN, dropping all other connections" echo " stop Reset iptables rules to original values" echo " {no option} Display this help text" } if [ $# -gt 1 ]; then echo "Too many arguments" elif [ $# -eq 1 ]; then case $1 in start) enableRules;; stop) disableRules;; *) echo "Invalid option: $1" esac else help fi Quote Share this post Link to post
urbanconcrete 14 Posted ... I'f tested the script and it prevents the ip leak, but only there is no traffic working at all...[/size]It looks like this at the moment: #!/bin/ash # wget https://gist.githubusercontent.com/aelveborn/e0faab9185256eeb86ad/raw/ -O ipredator-iptables.sh # chmod 755 airvpn-iptables.sh # and modify your local ip in the script enableRules() { if [ -f /etc/airvpn/iptables.orig ]; then echo "AirVPN iptables rules already enabled!" else if [ ! -d /etc/airvpn ]; then mkdir /etc/airvpn/ fi iptables-save > /etc/airvpn/iptables.orig # Flush iptables and add tunnel and localhost iptables -F iptables -A INPUT -i tun+ -j ACCEPT iptables -A OUTPUT -o tun+ -j ACCEPT iptables -A INPUT -s 127.0.0.0/8 -j ACCEPT iptables -A OUTPUT -d 127.0.0.0/8 -j ACCEPT # Add local subnet for LAN access # Modify these ips for your local network #iptables -A INPUT -s 10.0.0.0/24 -j ACCEPT #iptables -A OUTPUT -d 10.0.0.0/24 -j ACCEPT iptables -A INPUT -s 10.8.0.0/24 -j ACCEPT iptables -A OUTPUT -d 10.8.0.0/24 -j ACCEPT iptables -A INPUT -s MY.LOCAL.NETWORK.RANGE/24 -j ACCEPT iptables -A OUTPUT -d MY.LOCAL.NETWORK.RANGE/24 -j ACCEPT # Add AirVPNs IP's iptables -A INPUT -s AIR.VPN.SERVER.IP -j ACCEPT iptables -A OUTPUT -d AIR.VPN.SERVER.IP -j ACCEPT # Add current IP, in case currently connected server IP isn't in server list for some reason # Also allows script to handle individual servers from other VPN providers #CURRENT_SERVER_IP=$(wget https://duckduckgo.com/?q=whats+my+ip -q -O - | grep -Eo '\<[[:digit:]]{1,3}(\.[[:digit:]]{1,3}){3}\>') #iptables -A INPUT -s $CURRENT_SERVER_IP -j ACCEPT #iptables -A OUTPUT -d $CURRENT_SERVER_IP -j ACCEPT # Drop everything else iptables -A INPUT -j DROP iptables -A OUTPUT -j DROP echo "AirVPN iptables rules activated" fi } disableRules() { if [ -f /etc/airvpn/iptables.orig ]; then iptables-restore /etc/airvpn/iptables.orig rm /etc/airvpn/iptables.orig echo "AirVPN iptables rules deactivated" else echo "AirVPN iptables rules already disabled!" fi } help () { echo "AirVPN iptables" echo " Based on PIA IPTables Leak Blocker 0.5 - coded by Colonel Panic" echo " and on scripts created by ShadowSpectre (PIA Iptables Manager)" echo " and Windom (iptables-vpnon-update)" echo "" echo "Usage: $0 [OPTION]" echo " start Replace current iptables rules to accept AirVPN servers and LAN, dropping all other connections" echo " stop Reset iptables rules to original values" echo " {no option} Display this help text" } if [ $# -gt 1 ]; then echo "Too many arguments" elif [ $# -eq 1 ]; then case $1 in start) enableRules;; stop) disableRules;; *) echo "Invalid option: $1" esac else help fi Do i miss something? Quote Share this post Link to post