Jump to content
Not connected, Your IP: 44.197.191.240
yigiel

Eddie (linux) questions

Recommended Posts

1. Once a connetion is lost, is there any way to stop Eddie from continually retrying to connect and re-establish a connection ? I could not find an option for this.

2. I understand that under network lock, iptables are updated to allow for all Air servers. Is there any way to have blacklisted servers not appear in this iptables updates ?





 

Share this post


Link to post
12 hours ago, yigiel said:

1. Once a connetion is lost, is there any way to stop Eddie from continually retrying to connect and re-establish a connection ? I could not find an option for this.


No option. But you can try with OpenVPN2 directive connect-retry-max. In Preferences > OVPN directives, add connect-retry-max 1 to the left side.
 
12 hours ago, yigiel said:

2. I understand that under network lock, iptables are updated to allow for all Air servers. Is there any way to have blacklisted servers not appear in this iptables updates ?


Why are you asking?

NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT.

LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Want to contact me directly? All relevant methods are on my About me page.

Share this post


Link to post
12 hours ago, giganerd said:
Why are you asking?

To lower attack surface, and just plain de-bloating. Same applies to those certs that are downloaded for each server during initial install.

No need to have 100-150 ? certs and thir related open IP ports when you may just need one or a few. I know I can delete the certs and patch the iptables after the install/run, but it would have been easier if Eddie did this.
Once blacklisted servers are added, their certs and iptable rules are also blacklisted (removed).

Share this post


Link to post
8 hours ago, yigiel said:

To lower attack surface, and just plain de-bloating. Same applies to those certs that are downloaded for each server during initial install.


Don't know about you, but for me the servers are only ACCEPTed in the OUTPUT chain (origin = my host). So I can't see what you mean by attack surface here. Everything is already being dropped inbound in two locations: Once on application level (Preferences > Network Lock > Incoming set to Block) and once on server level (NAT; that's why you need port forwarding). Also, if you are connected to 1.2.3.4 and another server sits on 2.3.4.5, and someone wants to reach you on port 9000, he/she won't be able to contact you at 2.3.4.5 port 9000, anyway.

About the certs – can you elaborate? If I connected with Eddie in the past, a temporary profile was generated and immediately deleted after disconnection. Is that different for you?

NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT.

LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Want to contact me directly? All relevant methods are on my About me page.

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...