Jump to content
Not connected, Your IP: 44.223.70.167

Recommended Posts

thx 4 hummingbird on linux.
problem: if i connect (for example) to belgium & test the connection per ipleak .. ect .. my isp is cloudflare (belgium = not my country - that's ok - but it should be airvpn?). same with netherlands, germany .. and so on. i'm on gnome, clear l.   
 

..
Server has pushed its own DNS. Removing system DNS from network filter.
System DNS 1.1.1.1 is now rejected by the network filter
System DNS 1.0.0.1 is now rejected by the network filter
..

seems .. ok.

Share this post


Link to post

Not quite sure I get your problem. You connect to a server in Belgium or any other server whatsoever and you see your ISP being CloudFlare instead of whatever the datacenter is the AirVPN server is hosted in?


NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT.

LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Want to contact me directly? All relevant methods are on my About me page.

Share this post


Link to post
Posted ... (edited)

sry i'm tired today. yes, exactly. it's not the cloudflare isp of my country, but the cloudflare isp of the country i connect too (instead of the airvpn isp). if i import an ovpn file & connect per network-manager on gnome, i do not have this issue. it's only happening with hummingbird.

Screenshot from 2020-04-01 12-35-39.png

Edited ... by archetyp

Share this post


Link to post

Hm. Can you please post the complete Hummingbird log here? And maybe the results of the following two commands:

curl -sL https://ipleak.net/json
curl -sL $(sha512sum ~/.bash_history | cut -b -40).ipleak.net/json


NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT.

LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Want to contact me directly? All relevant methods are on my About me page.

Share this post


Link to post

yep:
 

{
    "country_code": "NO",
    "country_name": "Norway",
    "continent_code": "EU",
    "continent_name": "Europe",
    "city_name": "Oslo",
    "postal_code": null,
    "postal_confidence": null,
    "latitude": "59.9384655",
    "longitude": "10.8348384",
    "accuracy_radius": 1,
    "time_zone": "Europe\/Oslo",
    "metro_code": null,
    "level": "min",
    "country_confidence": 100,
    "city_confidence": 100,
    "region_confidence": 100,
    "cache": 1585738428,
    "ip": "185.206.225.59",
    "type": "AirVPN Server (Exit, Ophiuchus)",
    "reverse": "",
    "tor": "unknown",
    "query_text": "185.206.225.59",
    "query_type": "myip",
    "query_date": 1585738428
}⏎                                       
 
{
    "country_code": "NO",
    "country_name": "Norway",
    "region_code": "03",
    "region_name": "Oslo County",
    "continent_code": "EU",
    "continent_name": "Europe",
    "city_name": "Oslo",
    "postal_code": null,
    "postal_confidence": null,
    "latitude": 59.905,
    "longitude": 10.7487,
    "accuracy_radius": 100,
    "time_zone": "Europe\/Oslo",
    "metro_code": null,
    "level": "min",
    "cache": 1585737310,
    "ip": "162.158.221.35",
    "reverse": "",
    "tor": "unknown",
    "query_text": "162.158.221.35",
    "query_type": "mydns",
    "query_date": 1585738972
}⏎                                 

Wed Apr  1 12:50:50.191 2020 Starting thread
Wed Apr  1 12:50:50.192 2020 OpenVPN core 3.6.3 AirVPN linux x86_64 64-bit
Wed Apr  1 12:50:50.202 2020 Frame=512/2048/512 mssfix-ctrl=1250
Wed Apr  1 12:50:50.211 2020 UNUSED OPTIONS
3 [resolv-retry] [infinite] 
4 [nobind] 
5 [persist-key] 
6 [persist-tun] 
7 [auth-nocache] 
8 [route-delay] [5] 
9 [verb] [3] 
Wed Apr  1 12:50:50.211 2020 EVENT: RESOLVE
Wed Apr  1 12:50:50.211 2020 WARNING: NetworkManager is running on this system and may interfere with DNS management and cause DNS leaks
Wed Apr  1 12:50:50.211 2020 WARNING: systemd-resolved is running on this system and may interfere with DNS management and cause DNS leaks
Wed Apr  1 12:50:50.211 2020 Network filter and lock is using iptables-legacy
Wed Apr  1 12:50:50.214 2020 Successfully loaded kernel module iptable_filter
Wed Apr  1 12:50:50.220 2020 Successfully loaded kernel module iptable_nat
Wed Apr  1 12:50:50.222 2020 Successfully loaded kernel module iptable_mangle
Wed Apr  1 12:50:50.224 2020 Successfully loaded kernel module iptable_security
Wed Apr  1 12:50:50.226 2020 Successfully loaded kernel module iptable_raw
Wed Apr  1 12:50:50.228 2020 Successfully loaded kernel module ip6table_filter
Wed Apr  1 12:50:50.232 2020 Successfully loaded kernel module ip6table_nat
Wed Apr  1 12:50:50.234 2020 Successfully loaded kernel module ip6table_mangle
Wed Apr  1 12:50:50.235 2020 Successfully loaded kernel module ip6table_security
Wed Apr  1 12:50:50.237 2020 Successfully loaded kernel module ip6table_raw
Wed Apr  1 12:50:50.240 2020 Network filter successfully initialized
Wed Apr  1 12:50:50.240 2020 Local IPv4 address 10.0.0.2
Wed Apr  1 12:50:50.240 2020 Local IPv6 address fe80::2f4:8dff:fea8:ff6d
Wed Apr  1 12:50:50.240 2020 Local interface enp2s0
Wed Apr  1 12:50:50.240 2020 Local interface wlp3s0
Wed Apr  1 12:50:50.240 2020 Setting up network filter and lock
Wed Apr  1 12:50:50.240 2020 Allowing system DNS 10.16.245.1 to pass through the network filter
Wed Apr  1 12:50:50.592 2020 Resolved server no.vpn.airdns.org into IPv4 185.206.225.58
Wed Apr  1 12:50:50.592 2020 Adding IPv4 server 185.206.225.58 to network filter
Wed Apr  1 12:50:50.655 2020 Network filter and lock successfully activated
Wed Apr  1 12:50:50.657 2020 Contacting 185.206.225.58:443 via TCPv4
Wed Apr  1 12:50:50.657 2020 EVENT: WAIT
Wed Apr  1 12:50:50.657 2020 net_route_best_gw query IPv4: 185.206.225.58/32
Wed Apr  1 12:50:50.657 2020 sitnl_route_best_gw result: via 10.0.0.1 dev wlp3s0
Wed Apr  1 12:50:50.657 2020 net_route_add: 185.206.225.58/32 via 10.0.0.1 dev wlp3s0 table 0 metric 0
Wed Apr  1 12:50:50.658 2020 Wed Apr  1 12:50:50.721 2020 Connecting to [no.vpn.airdns.org]:443 (185.206.225.58) via TCPv4
Wed Apr  1 12:50:50.783 2020 EVENT: CONNECTING
Wed Apr  1 12:50:50.784 2020 Tunnel Options:V4,dev-type tun,link-mtu 1560,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,keydir 1,cipher AES-256-CBC,auth SHA1,keysize 256,tls-auth,key-method 2,tls-client
Wed Apr  1 12:50:50.784 2020 Peer Info:
IV_VER=3.6.3 AirVPN
IV_PLAT=linux
IV_NCP=2
IV_TCPNL=1
IV_PROTO=2
IV_LZO_STUB=1
IV_COMP_STUB=1
IV_COMP_STUBv2=1
IV_GUI_VER=Hummingbird - AirVPN OpenVPN 3 Client 1.0.2

Wed Apr  1 12:50:51.005 2020 VERIFY OK : depth=1
cert. version     : 3
serial number     : 8C:D8:43:EF:E4:5F:20:03
issuer name       : C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org
subject name      : C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org
issued  on        : 2014-04-11 10:15:45
expires on        : 2024-04-08 10:15:45
signed using      : RSA with SHA1
RSA key size      : 4096 bits
basic constraints : CA=true

Wed Apr  1 12:50:51.005 2020 VERIFY OK : depth=0
cert. version     : 3
serial number     : 40
issuer name       : C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org
subject name      : C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=Ophiuchus, emailAddress=info@airvpn.org
issued  on        : 2016-12-02 16:49:50
expires on        : 2026-11-30 16:49:50
signed using      : RSA with SHA-512
RSA key size      : 4096 bits
basic constraints : CA=false
cert. type        : SSL Server
key usage         : Digital Signature, Key Encipherment
ext key usage     : TLS Web Server Authentication

Wed Apr  1 12:50:51.466 2020 SSL Handshake: TLSv1.2/TLS-DHE-RSA-WITH-AES-256-GCM-SHA384
Wed Apr  1 12:50:51.467 2020 Session is ACTIVE
Wed Apr  1 12:50:51.467 2020 EVENT: GET_CONFIG
Wed Apr  1 12:50:51.467 2020 Sending PUSH_REQUEST to server...
Wed Apr  1 12:50:51.779 2020 OPTIONS:
0 [comp-lzo] [no] 
1 [redirect-gateway] [def1] [bypass-dhcp] 
2 [dhcp-option] [DNS] [10.25.213.1] 
3 [route-gateway] [10.25.213.1] 
4 [topology] [subnet] 
5 [ping] [10] 
6 [ping-restart] [60] 
7 [ifconfig] [10.25.213.25] [255.255.255.0] 
8 [peer-id] [0] 
9 [cipher] [AES-256-GCM] 

Wed Apr  1 12:50:51.780 2020 PROTOCOL OPTIONS:
  cipher: AES-256-GCM
  digest: NONE
  ncp enabled: yes
  compress: LZO_STUB
  peer ID: 0
Wed Apr  1 12:50:51.780 2020 EVENT: ASSIGN_IP
Wed Apr  1 12:50:51.780 2020 VPN Server has pushed IPv4 DNS server 10.25.213.1
Wed Apr  1 12:50:51.787 2020 Setting pushed IPv4 DNS server 10.25.213.1 in resolv.conf
Wed Apr  1 12:50:51.791 2020 net_iface_mtu_set: mtu 1500 for tun0
Wed Apr  1 12:50:51.791 2020 net_iface_up: set tun0 up
Wed Apr  1 12:50:51.791 2020 net_addr_add: 10.25.213.25/24 brd 10.25.213.255 dev tun0
Wed Apr  1 12:50:51.792 2020 net_route_add: 0.0.0.0/1 via 10.25.213.1 dev tun0 table 0 metric 0
Wed Apr  1 12:50:51.792 2020 net_route_add: 128.0.0.0/1 via 10.25.213.1 dev tun0 table 0 metric 0
Wed Apr  1 12:50:51.792 2020 Connected via tun
Wed Apr  1 12:50:51.792 2020 LZO-ASYM init swap=0 asym=1
Wed Apr  1 12:50:51.792 2020 Comp-stub init swap=0
Wed Apr  1 12:50:51.792 2020 EVENT: CONNECTED no.vpn.airdns.org:443 (185.206.225.58) via /TCPv4 on tun/10.25.213.25/ gw=[10.25.213.1/]
Wed Apr  1 12:50:51.792 2020 Server has pushed its own DNS. Removing system DNS from network filter.
Wed Apr  1 12:50:51.796 2020 System DNS 10.16.245.1 is now rejected by the network filter

 


 

Share this post


Link to post
47 minutes ago, archetyp said:

Wed Apr  1 12:50:50.211 2020 WARNING: NetworkManager is running on this system and may interfere with DNS management and cause DNS leaks
Wed Apr  1 12:50:50.211 2020 WARNING: systemd-resolved is running on this system and may interfere with DNS management and cause DNS leaks


systemd-resolved here may be the culprit. Under its umbrella resolv.conf is a symlink to /lib/systemd/resolv.conf (on Debian; can vary from distro to distro), and this file is generated automatically by systemd-resolved based on the settings provided in /etc/systemd/resolved.conf or by the resolvectl command. Can you please post the output of resolvectl status? I'm thinking you might be using DNS-over-HTTPS or DNS-over-TLS by default here or resolved is otherwise configured to use CloudFlare as upstream DNS servers.

NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT.

LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Want to contact me directly? All relevant methods are on my About me page.

Share this post


Link to post

thx, it's clear linux; a little different from the debian & co. filesystem (stateless). yes, i've adjusted my router & gnome network manager to cloudflare dns. but no dns-over-https or dns-over-tls. here is the log:
 

curl ifconfig.co/city
Oslo
~ ❯❯❯  resolvectl status
Global
       LLMNR setting: no
MulticastDNS setting: yes
  DNSOverTLS setting: no
      DNSSEC setting: no
    DNSSEC supported: no
  Current DNS Server: 10.25.213.1
         DNS Servers: 10.25.213.1
Fallback DNS Servers: 1.1.1.1
                      8.8.8.8
                      1.0.0.1
                      8.8.4.4
                      2606:4700:4700::1111
                      2001:4860:4860::8888
                      2606:4700:4700::1001
                      2001:4860:4860::8844
          DNSSEC NTA: 10.in-addr.arpa
                      16.172.in-addr.arpa
                      168.192.in-addr.arpa
                      17.172.in-addr.arpa
                      18.172.in-addr.arpa
                      19.172.in-addr.arpa
                      20.172.in-addr.arpa
                      21.172.in-addr.arpa
                      22.172.in-addr.arpa
                      23.172.in-addr.arpa
                      24.172.in-addr.arpa
                      25.172.in-addr.arpa
                      26.172.in-addr.arpa
                      27.172.in-addr.arpa
                      28.172.in-addr.arpa
                      29.172.in-addr.arpa
                      30.172.in-addr.arpa
                      31.172.in-addr.arpa
                      corp
                      d.f.ip6.arpa
                      home
                      internal
                      intranet
                      lan
                      local
                      private
                      test

Link 5 (tun0)
      Current Scopes: none
DefaultRoute setting: no
       LLMNR setting: yes
MulticastDNS setting: no
  DNSOverTLS setting: no
      DNSSEC setting: no
    DNSSEC supported: no

Link 3 (wlp3s0)
      Current Scopes: DNS
DefaultRoute setting: yes
       LLMNR setting: yes
MulticastDNS setting: no
  DNSOverTLS setting: no
      DNSSEC setting: no
    DNSSEC supported: no
  Current DNS Server: 1.1.1.1
         DNS Servers: 1.1.1.1
                      1.0.0.1
          DNS Domain: ~.

Link 2 (enp2s0)
      Current Scopes: none
DefaultRoute setting: no
       LLMNR setting: yes
MulticastDNS setting: no
  DNSOverTLS setting: no
      DNSSEC setting: no
    DNSSEC supported: no

Share this post


Link to post

+ firewall (hummingbird active):

hain INPUT (policy DROP)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     all  --  255.255.255.255      anywhere            
ACCEPT     all  --  192.168.0.0/16       192.168.0.0/16      
ACCEPT     all  --  10.0.0.0/8           10.0.0.0/8          
ACCEPT     all  --  172.16.0.0/12        172.16.0.0/12       
ACCEPT     icmp --  anywhere             anywhere             icmp echo-request
ACCEPT     all  --  anywhere             anywhere             state RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere            
DROP       all  --  anywhere             anywhere            

Chain FORWARD (policy DROP)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere            
DROP       all  --  anywhere             anywhere            

Chain OUTPUT (policy DROP)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             10.25.213.1         
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     all  --  anywhere             255.255.255.255     
ACCEPT     all  --  192.168.0.0/16       192.168.0.0/16      
ACCEPT     all  --  10.0.0.0/8           10.0.0.0/8          
ACCEPT     all  --  172.16.0.0/12        172.16.0.0/12       
ACCEPT     all  --  192.168.0.0/16       base-address.mcast.net/24 
ACCEPT     all  --  10.0.0.0/8           base-address.mcast.net/24 
ACCEPT     all  --  172.16.0.0/12        base-address.mcast.net/24 
ACCEPT     all  --  192.168.0.0/16       239.255.255.250     
ACCEPT     all  --  10.0.0.0/8           239.255.255.250     
ACCEPT     all  --  172.16.0.0/12        239.255.255.250     
ACCEPT     all  --  192.168.0.0/16       239.255.255.253     
ACCEPT     all  --  10.0.0.0/8           239.255.255.253     
ACCEPT     all  --  172.16.0.0/12        239.255.255.253     
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere             state ESTABLISHED
ACCEPT     all  --  anywhere             58.225.206.185.in-addr.arpa 
DROP       all  --  anywhere             anywhere            
 

Share this post


Link to post
3 hours ago, archetyp said:

i've adjusted my router & gnome network manager to cloudflare dns.


Well, you see, you even gave birth to the issue yourself. NetworkManager tends to simply override resolv.conf. You can configure a second profile for AirVPN with the DNS servers written on the specs page. Name it something like "AirDNS". In both v4 and v6, set the method to "Automatic (addresses only)". This is the way I did it in the past.
Others suggested to simply prevent NetworkManager from updating resolv.conf at all. In /etc/NetworkManager/NetworkManager.conf in the [main] section, set dns=none.

NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT.

LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Want to contact me directly? All relevant methods are on my About me page.

Share this post


Link to post

i'm an idiot. as i "said" - tired today. sry. too many work. many thx for your hints & help. great service/support as always! 

Share this post


Link to post
Guest
This topic is now closed to further replies.

×
×
  • Create New...