Jump to content
Not connected, Your IP: 18.207.130.162
iwih2gk

Eddie takes 20-30 seconds to connect using Buster?

Recommended Posts

First; let me say that other than the thread title Eddie is working flawlessly.  I am using the stable version and not the beta.  Some of my installs are clean Buster and some are updated from previous Debian OS's.  Regardless they all perform the same while connecting via Eddie.  Formerly (before Buster) Eddie would connect in a few seconds.  Any ideas of where to look (in my logs) for an answer?  Is this something that the Beta Eddie would address?  I prefer the stable because family members also use some of these machines.

Share this post


Link to post

Use the beta, simple as that. Fixes issues on all platforms.
Anyway, I cannot reproduce it on Debian buster and testing, but I'm already on 2.18.x.


Four simple things:
There's a guide to AirVPN. Before you ask questions, take 30 minutes of your time to go through it.

Amazon IPs are not dangerous here. It's the fallback DNS.
Running TOR exits is discouraged. They're subject to restrictions on the internet and harm all AirVPN users.

Furthermore, I propose that your paranoia is to be destroyed. If you overdo privacy, you'll be unique among the mass again.

 

XMPP: gigan3rd@xmpp.airvpn.org or join our lounge@conference.xmpp.airvpn.org

Share this post


Link to post

Mixed outcomes from trying beta Eddie.  The client will connect quickly and exactly IF I leave my UFW firewall DOWN before connecting to the VPN.  If I leave my firewall UP (I use it 24/7/365) the client will NOT connect.  I use a manual UFW firewall so that NO family member can use our family machines without first connecting to AirVpn.  The stable Eddie simply replaces my firewall rules and creates a network lock on its own.  When I exit stable it replaces my firewall Iptable rules so that it is impossible to connect UNLESS Air is used in a future session.  I don't want a family member to be able to click on Firefox and go online with my raw ISP IP.  My current Eddie stable accomplishes that perfectly.  Make sense?

Have I configured something incorrectly or has the process on the beta changed so that it no longer performs as the stable in this regard.  In other words does the beta no longer make a copy of the iptables and then replace them upon exit?

Share this post


Link to post

My other option of course would be to leave the firewall in place, BUT create a rule to allow a hole in it for AirVpn!  That wouldn't be my preference compared to my current scheme but it would be an option for me.  Let me know.

Share this post


Link to post
@iwih2gk

Hello!

It's important to know that Eddie 2.16.3 doesn't run properly in Debian 10. In Debian 10 please run Eddie 2.18 beta or Hummingbird. Remember in any case to disable UFW completely, if you need Network Lock. UFW is an iptables and iptables-legacy frontend which may interfere fatally.

You may set iptables-legacy or nftables rules to accomplish your purpose.

If you run nftables directly remember that:
  • Eddie 2.18 beta does NOT support nftables
  • Hummingbird fully supports nftables BUT will prefer by default iptables-legacy if available, so remember to force Network Lock based on nftables:
--network-lock nftables


Kind regards
 

Share this post


Link to post
6 hours ago, Staff said:
@iwih2gk

Hello!

It's important to know that Eddie 2.16.3 doesn't run properly in Debian 10. In Debian 10 please run Eddie 2.18 beta or Hummingbird. Remember in any case to disable UFW completely, if you need Network Lock. UFW is an iptables and iptables-legacy frontend which may interfere fatally.

You may set iptables-legacy or nftables rules to accomplish your purpose.

If you run nftables directly remember that:
  • Eddie 2.18 beta does NOT support nftables
  • Hummingbird fully supports nftables BUT will prefer by default iptables-legacy if available, so remember to force Network Lock based on nftables:

--network-lock nftables


Kind regards
 
 
Perhaps you or someone else here can make this "connect the dot" easy for me.  My desire is to simply make certain that a family computer, when started/booted in Debian 10, cannot go online without using Eddie.  No ISP IP in workspace allowed.  NO exceptions!

Note: Eddie 2.18.7 is so fricken smooth and fast for me on Buster.  BUT I cannot relax IF one of my computers can go online without being AirVpn tunneled by accident.

Can you highlight how to enter iptables-legacy into Eddie to accomplish my preference as described?  Should be easy I would think.  Thank you for your help.  I imagine many users would love to know their computers cannot accidentally be used without Eddie.


ps - If Hummingbird would make this easier I am not afraid to do some homework, LOL.

Share this post


Link to post

I think it will be much easier to do that in a firewall to which all devices are connected instead of fighting with NetLock. Allow all the AirVPN servers out, deny rest of out and all in and you have the guarantee that nothing can use the net without a working VPN connection to one of the servers.
For the servers' IPs you can use the brilliant Ellie app AV remotes from forums user @benfitita here:Tool terminates with an error right now, I'm sure not for long. :)


Four simple things:
There's a guide to AirVPN. Before you ask questions, take 30 minutes of your time to go through it.

Amazon IPs are not dangerous here. It's the fallback DNS.
Running TOR exits is discouraged. They're subject to restrictions on the internet and harm all AirVPN users.

Furthermore, I propose that your paranoia is to be destroyed. If you overdo privacy, you'll be unique among the mass again.

 

XMPP: gigan3rd@xmpp.airvpn.org or join our lounge@conference.xmpp.airvpn.org

Share this post


Link to post

I used to create ip-tables/UFW in a manual way years ago.  Then Eddie made it easy by simply moving the saved ip-tables and use the ones it created in the background for LOCK,  and then would write back my ip-tables upon exit.  Too bad that can no longer happen.  That was the most convenient thing in the world because it allowed me to lock down the machine entirely with UFW and yet with Eddie pick ANY server I wanted without creating any ovpn stuff at all.

It is apparent that has changed for Buster.  For now; I'll have to decide whether to create a manual ip-table once again, OR figure a way to make sure I don't go online without using Eddie thereby having an accident that could betray some anonymity at sites I visit.  The Network Lock created by Eddie seems much more sophisticated than a simple ip-table firewall.

Share this post


Link to post
42 minutes ago, iwih2gk said:

The Network Lock created by Eddie seems much more sophisticated than a simple ip-table firewall.


Not everything that glares is made of gold.. or something like that. :D
It seems so, but at the end of the day all Eddie does is call iptables
. And what is iptables in Linux, or pf on BSD (=> pfSense), if not a firewall, a packet filter?

Four simple things:
There's a guide to AirVPN. Before you ask questions, take 30 minutes of your time to go through it.

Amazon IPs are not dangerous here. It's the fallback DNS.
Running TOR exits is discouraged. They're subject to restrictions on the internet and harm all AirVPN users.

Furthermore, I propose that your paranoia is to be destroyed. If you overdo privacy, you'll be unique among the mass again.

 

XMPP: gigan3rd@xmpp.airvpn.org or join our lounge@conference.xmpp.airvpn.org

Share this post


Link to post

After due consideration I decided to stay with Eddie and network lock.  I was able to devise a "method" to make pretty certain my family members will not boot and then use a machine without connecting Eddie first.  Nothing technical just MY way of handling family, LOL!

Share this post


Link to post

That's savage. I hope it doesn't involve electric shocks everytime someone forgets launching Eddie… :)


Four simple things:
There's a guide to AirVPN. Before you ask questions, take 30 minutes of your time to go through it.

Amazon IPs are not dangerous here. It's the fallback DNS.
Running TOR exits is discouraged. They're subject to restrictions on the internet and harm all AirVPN users.

Furthermore, I propose that your paranoia is to be destroyed. If you overdo privacy, you'll be unique among the mass again.

 

XMPP: gigan3rd@xmpp.airvpn.org or join our lounge@conference.xmpp.airvpn.org

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...