astralmind 0 Posted ... (edited) I just received a notice from my ISP indicating I had downloaded a file (accurately citing the precise file and my actual real IP address) with bittorrent. As far as I know Eddie has been running non stop since I added that file (2/11/2022 at 1PM and finished activity 15 minutes later) - Connection time 53 hours + since 2/10/2022 @ 8 am. Whatsmyip returns the public IP assigned via AirVPN when I check it. ipleak.net test (including torrent) does not reveal any possible leak either. This is the first notice I've received in over 2 years with AirVPN. I wonder how that possible (leaking ?) and what I can do to remedy this issue. Thanks for your help Edited ... by astralmind Quote Share this post Link to post
OpenSourcerer 1441 Posted ... Network Lock enabled? Your torrent client likely bound to all interfaces, and it so happened that one connection went out through the physical interface. Or, your torrent client had UPnP/NAT-PMP enabled and sent a port forward to your router (some accept these by default), introducing the leak without you even being made aware of. In any case, I'd really check the torrent client config here. Chances are it will happen again! Quote Hide OpenSourcerer's signature Hide all signatures NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT. LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too! Want to contact me directly? All relevant methods are on my About me page. Share this post Link to post
astralmind 0 Posted ... Client was indeed bound to all interface, just changed it to TAP. UPnP/NAT-PMP has always been disabled. I did not have network lock ever enabled but might as well now. I find it odd that I never got any issues over a long period of time but I guess that's what it took for me to be more careful. So, network lock + binding to only TAP should take care of it ? According to their below log it seems like it leaked momentarily as in less than 1 second ? I checked the log in Eddie and couldn't see any sign of it being disconnected at any point over the past 2-3 days Edit: Just got a second email with once again a very limited time (2 hours later for another file). I notice this message in Eddie for both instances where the leak occurred. Anyone can explain what happens there (I'm EST vs UTC so same time) ? : 2022.02.11 12:47:51 - OpenVPN > AEAD Decrypt error: bad packet ID (may be a replay): [ #866105 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings . 2022.02.11 12:53:00 - Above log line repeated 2940 times more -------------- INFRINGEMENT DETAIL - ------------------------------ Infringing Work : FileNAME Filename : FileNAME First found (UTC): 2022-02-11T17:49:38.86Z Last found (UTC): 2022-02-11T17:49:38.97Z Filesize : 2492232393 bytes IP Address: My real IP IP Port: ThePort I used Network: BitTorrent Protocol: BitTorrent Quote Share this post Link to post
OpenSourcerer 1441 Posted ... 5 hours ago, astralmind said: So, network lock + binding to only TAP should take care of it ? One of these is sufficient. Both is an additional layer of safety should you feel like doing it. 5 hours ago, astralmind said: Anyone can explain what happens there (I'm EST vs UTC so same time) ? OpenVPN suspected these packets were replayed. Say you've got a download stream going on: packet 1, 2, 3,… 1000 being sent by the server effectively, in that order. They're sequence numbers. First situation: Your client received packets 1-1000, but then suddenly packets 900-1000 come in again. There is no way the server could've retransmitted the packet because we're on UDP (which doesn't care about whether packets are missing or not, intact or not, duplicate or not). The replay warning is fired, and it actually might be a replay. Second situation: Your client received this stream slightly differently than it's sent, say, 1, 2, 3, 150, 151, 152, then 4, 5, 6 out of the blue because of some miniscule lag on the way, I don't know. Again, UDP doesn't care if that is the case because 1-1000 were sent from the server. OpenVPN, though, cares: Sequential packets with a sequence number difference of > 64 within 15 seconds (by default) are dropped. The replay warning is fired, but it doesn't need to be a replay, just a bad lag situation. 6 hours ago, astralmind said: . 2022.02.11 12:53:00 - Above log line repeated 2940 times more That for example would be a massive thing. It could either mean that the difference between two packets' sequence numbers was >3000 (a rather noticeable lag), or that someone or something tried to replay >3000 packets which all got dropped (for your safety, I might add). Quote Hide OpenSourcerer's signature Hide all signatures NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT. LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too! Want to contact me directly? All relevant methods are on my About me page. Share this post Link to post
d3adf1sh 1 Posted ... On 2/12/2022 at 9:21 PM, OpenSourcerer said: On 2/12/2022 at 2:28 PM, astralmind said: So, network lock + binding to only TAP should take care of it ? One of these is sufficient. Both is an additional layer of safety should you feel like doing it. question: so i always have network lock on so i guess i'm good, but in qbittorent i already have the port number assigned by air entered there, am i suppose to also uncheck "use nat/upnp portforwarding from my router"? also i noticed in advanced settings there's a network setting i have "any network" also selected.. guess i'm lucky i had network lock on. my choices are: local area connection ethernet loopback psuedo interface so i should be using the psuedo interface? i am on a wired connection. Quote Share this post Link to post
bluesjunior 43 Posted ... I have used AirVPN and qBittorrent for years and always have UPn'P unchecked from both the VPN and the router. Here is a link to setting up qBittorrent. https://www.techjunkie.com/best-qbittorrent-settings/ There was a better on on the Gizmo's Freeware site but it is gone now 1 d3adf1sh reacted to this Quote Share this post Link to post
Staff 10014 Posted ... Hello! The AirVPN guide to correctly configure your torrent software and optimize performance in AirVPN by using inbound remote port forwarding and avoiding wrong settings is available in the FAQ:https://airvpn.org/faq/p2p/ Kind regards 1 d3adf1sh reacted to this Quote Share this post Link to post
OpenSourcerer 1441 Posted ... 19 hours ago, d3adf1sh said: am i suppose to also uncheck "use nat/upnp portforwarding from my router"? also i noticed in advanced settings there's a network setting i have "any network" also selected.. guess i'm lucky i had network lock on. my choices are: Advisable. With this setting it might forward that port on your router because it likely has UPnP enabled. 19 hours ago, d3adf1sh said: so i should be using the psuedo interface? i am on a wired connection. Ethernet is the physical interface. Local Area Connection is likely TAP. Select this. The Pseudo Interface is a loopback interface. Refer to the posted FAQ entry, ask specifics for your own torrent client, if necessary. 1 d3adf1sh reacted to this Quote Hide OpenSourcerer's signature Hide all signatures NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT. LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too! Want to contact me directly? All relevant methods are on my About me page. Share this post Link to post