Jump to content
Not connected, Your IP: 18.226.93.138

Recommended Posts

Linux user (ZorinOS, based on Ubuntu 22.04). Recently upgraded its version on a clean install, and now Eddie leaks DNS requests (this was not the case on the older version).

On ipleak.net, first it shows the VPN's DNS, then some "GOOGLE" stuff I'm not sure where they're from, then my real ISP DNS.

This is the case on multiple browsers (hardened firefox and brave)‌ so I'm assuming it's a system-wide issue.

Please if you have any suggestions let me know :confused:

Share this post


Link to post
@OpenSourcerer  Right, how could I forget :| here you go

 

Eddie System/Environment Report - 6/18/2024 - 9:30 PM UTC

Eddie version: 2.21.8
Eddie OS build: linux_x64
Eddie architecture: x64
OS type: Linux
OS name: Zorin OS 17.1
OS version: 17.1
OS architecture: x64
Mono /.Net Framework: 6.8.0.105 (Debian 6.8.0.105+dfsg-3.2 Wed Jun 30 05:34:49 UTC 2021); Framework: v4.0.30319
OpenVPN: 2.5.9 - OpenSSL 3.0.2 15 Mar 2022, LZO 2.10 (/usr/sbin/openvpn)
Hummingbird: Not available
WireGuard: 1.0.0
SSH: OpenSSH_8.9p1 Ubuntu-3ubuntu0.7, OpenSSL 3.0.2 15 Mar 2022 (/usr/bin/ssh)
SSL: Initializing (/usr/bin/stunnel4)
curl: 7.81.0 (/usr/bin/curl)
Profile path: /home/duck/.config/eddie/default.profile
Data path: /home/duck/.config/eddie
Application path: /usr/lib/eddie-ui
Executable path: /usr/lib/eddie-ui/eddie-ui.exe
Command line arguments: (2 args) path.resources="/usr/share/eddie-ui" path.exec="/usr/bin/eddie-ui"
Network Lock Active: Yes, Linux nftables
Connected to VPN: Yes, Hyadum
OS support IPv4: Yes
OS support IPv6: Yes
Detected DNS: 10.19.70.1, fde6:7a:7d20:f46::1
Test DNS IPv4: Ok
Test DNS IPv6: Ok
Test Ping IPv4: 78 ms
Test Ping IPv6: 80 ms
Test HTTP IPv4: Ok
Test HTTP IPv6: Ok
Test HTTPS: Ok
----------------------------
Important options not at defaults:

login: (omissis)
password: (omissis)
remember: True
netlock: True
areas.allowlist: ch,de,ca,se,jp,us,ro,gb,nl,at,rs,ee,ua,sg,bg,no,be,cz,es,nz,lv,br,ie
proxy.mode: none
netlock.allow_dns: True
ui.unit: bits
gui.tray_minimized: True

----------------------------
Logs:

. 2024.06.19 00:26:38 - Eddie version: 2.21.8 / linux_x64, System: Linux, Name: Zorin OS 17.1, Version: 17.1, Mono/.Net: 6.8.0.105 (Debian 6.8.0.105+dfsg-3.2 Wed Jun 30 05:34:49 UTC 2021); Framework: v4.0.30319
. 2024.06.19 00:26:38 - Command line arguments (2): path.resources="/usr/share/eddie-ui" path.exec="/usr/bin/eddie-ui"
. 2024.06.19 00:26:46 - Reading options from /home/duck/.config/eddie/default.profile
. 2024.06.19 00:26:47 - OpenVPN - Version: 2.5.9 - OpenSSL 3.0.2 15 Mar 2022, LZO 2.10 (/usr/sbin/openvpn)
. 2024.06.19 00:26:47 - SSH - Version: OpenSSH_8.9p1 Ubuntu-3ubuntu0.7, OpenSSL 3.0.2 15 Mar 2022 (/usr/bin/ssh)
. 2024.06.19 00:26:47 - SSL - Version: Initializing (/usr/bin/stunnel4)
. 2024.06.19 00:26:47 - curl - Version: 7.81.0 (/usr/bin/curl)
. 2024.06.19 00:26:47 - DNS of the system restored to original settings (Rename method)
. 2024.06.19 00:26:47 - Recovery. Unexpected crash?
! 2024.06.19 00:26:47 - Deactivation of Network Lock
! 2024.06.19 00:26:47 - Activation of Network Lock - Linux nftables
I 2024.06.19 00:26:48 - Ready
. 2024.06.19 00:26:49 - Collect information about AirVPN completed
I 2024.06.19 00:27:15 - Session starting.
I 2024.06.19 00:27:15 - Checking authorization ...
! 2024.06.19 00:27:15 - Connecting to Hyadum (Netherlands, Alblasserdam)
. 2024.06.19 00:27:16 - Routes, add 213.152.161.37/32 for interface "wlp0s20f3".
. 2024.06.19 00:27:16 - Routes, add 213.152.161.37/32 for interface "wlp0s20f3", already exists.
. 2024.06.19 00:27:16 - OpenVPN > OpenVPN 2.5.9 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Sep 29 2023
. 2024.06.19 00:27:16 - OpenVPN > library versions: OpenSSL 3.0.2 15 Mar 2022, LZO 2.10
. 2024.06.19 00:27:16 - OpenVPN > Outgoing Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
. 2024.06.19 00:27:16 - OpenVPN > Outgoing Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
. 2024.06.19 00:27:16 - OpenVPN > Incoming Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
. 2024.06.19 00:27:16 - OpenVPN > Incoming Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
. 2024.06.19 00:27:16 - OpenVPN > TCP/UDP: Preserving recently used remote address: [AF_INET]213.152.161.37:443
. 2024.06.19 00:27:16 - OpenVPN > Socket Buffers: R=[212992->212992] S=[212992->212992]
. 2024.06.19 00:27:16 - OpenVPN > UDP link local: (not bound)
. 2024.06.19 00:27:16 - OpenVPN > UDP link remote: [AF_INET]213.152.161.37:443
. 2024.06.19 00:27:16 - OpenVPN > TLS: Initial packet from [AF_INET]213.152.161.37:443, sid=fb593f78 bea17f19
. 2024.06.19 00:27:16 - OpenVPN > VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org
. 2024.06.19 00:27:16 - OpenVPN > VERIFY KU OK
. 2024.06.19 00:27:16 - OpenVPN > Validating certificate extended key usage
. 2024.06.19 00:27:16 - OpenVPN > ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
. 2024.06.19 00:27:16 - OpenVPN > VERIFY EKU OK
. 2024.06.19 00:27:16 - OpenVPN > VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=Hyadum, emailAddress=info@airvpn.org
. 2024.06.19 00:27:16 - OpenVPN > Control Channel: TLSv1.3, cipher TLSv1.3 TLS_CHACHA20_POLY1305_SHA256, peer certificate: 4096 bit RSA, signature: RSA-SHA512
. 2024.06.19 00:27:16 - OpenVPN > [Hyadum] Peer Connection Initiated with [AF_INET]213.152.161.37:443
. 2024.06.19 00:27:16 - OpenVPN > PUSH: Received control message: 'PUSH_REPLY,comp-lzo no,redirect-gateway ipv6 def1 bypass-dhcp,dhcp-option DNS 10.19.70.1,dhcp-option DNS6 fde6:7a:7d20:f46::1,tun-ipv6,route-gateway 10.19.70.1,topology subnet,ping 10,ping-restart 60,ifconfig-ipv6 fde6:7a:7d20:f46::10cd/64 fde6:7a:7d20:f46::1,ifconfig 10.19.70.207 255.255.255.0,peer-id 1,cipher AES-256-GCM'
. 2024.06.19 00:27:16 - OpenVPN > Pushed option removed by filter: 'redirect-gateway ipv6 def1 bypass-dhcp'
. 2024.06.19 00:27:16 - OpenVPN > Pushed option removed by filter: 'dhcp-option DNS 10.19.70.1'
. 2024.06.19 00:27:16 - OpenVPN > Pushed option removed by filter: 'dhcp-option DNS6 fde6:7a:7d20:f46::1'
. 2024.06.19 00:27:16 - OpenVPN > OPTIONS IMPORT: timers and/or timeouts modified
. 2024.06.19 00:27:16 - OpenVPN > OPTIONS IMPORT: compression parms modified
. 2024.06.19 00:27:16 - OpenVPN > OPTIONS IMPORT: --ifconfig/up options modified
. 2024.06.19 00:27:16 - OpenVPN > OPTIONS IMPORT: route-related options modified
. 2024.06.19 00:27:16 - OpenVPN > OPTIONS IMPORT: peer-id set
. 2024.06.19 00:27:16 - OpenVPN > OPTIONS IMPORT: adjusting link_mtu to 1625
. 2024.06.19 00:27:16 - OpenVPN > OPTIONS IMPORT: data channel crypto options modified
. 2024.06.19 00:27:16 - OpenVPN > Data Channel: using negotiated cipher 'AES-256-GCM'
. 2024.06.19 00:27:16 - OpenVPN > Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
. 2024.06.19 00:27:16 - OpenVPN > Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
. 2024.06.19 00:27:16 - OpenVPN > TUN/TAP device tun0 opened
. 2024.06.19 00:27:17 - OpenVPN > net_iface_mtu_set: mtu 1500 for tun0
. 2024.06.19 00:27:17 - OpenVPN > net_iface_up: set tun0 up
. 2024.06.19 00:27:17 - OpenVPN > net_addr_v4_add: 10.19.70.207/24 dev tun0
. 2024.06.19 00:27:17 - OpenVPN > net_iface_mtu_set: mtu 1500 for tun0
. 2024.06.19 00:27:17 - OpenVPN > net_iface_up: set tun0 up
. 2024.06.19 00:27:17 - OpenVPN > net_addr_v6_add: fde6:7a:7d20:f46::10cd/64 dev tun0
. 2024.06.19 00:27:21 - OpenVPN > Initialization Sequence Completed
. 2024.06.19 00:27:21 - DNS of the system updated to VPN DNS (Rename method: /etc/resolv.conf generated)
. 2024.06.19 00:27:21 - Routes, add 0.0.0.0/1 for interface "tun0".
. 2024.06.19 00:27:21 - Routes, add 128.0.0.0/1 for interface "tun0".
. 2024.06.19 00:27:21 - Routes, add ::/1 for interface "tun0".
. 2024.06.19 00:27:21 - Routes, add 8000::/1 for interface "tun0".
. 2024.06.19 00:27:21 - Routes, add 213.152.161.35/32 for interface "tun0".
. 2024.06.19 00:27:21 - Routes, add 2a00:1678:2470:43:85b2:1f97:5342:c096/128 for interface "tun0".
. 2024.06.19 00:27:21 - Flushing DNS
I 2024.06.19 00:27:22 - Checking route IPv4
I 2024.06.19 00:27:22 - Checking route IPv6
I 2024.06.19 00:27:22 - Checking DNS
! 2024.06.19 00:27:22 - Connected.

----------------------------
Network Interfaces and Routes:

{
    "routes": [
        {
            "destination": "0.0.0.0\/1",
            "interface": "tun0",
            "scope": "link"
        },
        {
            "destination": "0.0.0.0\/0",
            "gateway": "192.168.0.1",
            "interface": "wlp0s20f3",
            "metric": "600",
            "proto": "dhcp"
        },
        {
            "destination": "10.19.70.0\/24",
            "interface": "tun0",
            "proto": "kernel",
            "scope": "link",
            "src": "10.19.70.207"
        },
        {
            "destination": "128.0.0.0\/1",
            "interface": "tun0",
            "scope": "link"
        },
        {
            "destination": "169.254.0.0\/16",
            "interface": "wlp0s20f3",
            "metric": "1000",
            "scope": "link"
        },
        {
            "destination": "192.168.0.0\/24",
            "interface": "wlp0s20f3",
            "metric": "600",
            "proto": "kernel",
            "scope": "link",
            "src": "192.168.0.183"
        },
        {
            "destination": "213.152.161.35\/32",
            "interface": "tun0",
            "scope": "link"
        },
        {
            "destination": "213.152.161.37\/32",
            "gateway": "192.168.0.1",
            "interface": "wlp0s20f3"
        },
        {
            "destination": "::1\/128",
            "interface": "lo",
            "metric": "256",
            "pref": "medium",
            "proto": "kernel"
        },
        {
            "destination": "2a00:1678:2470:43:85b2:1f97:5342:c096\/128",
            "interface": "tun0",
            "metric": "1024",
            "pref": "medium"
        },
        {
            "destination": "::\/1",
            "interface": "tun0",
            "metric": "1024",
            "pref": "medium"
        },
        {
            "destination": "fde6:7a:7d20:f46::\/64",
            "interface": "tun0",
            "metric": "256",
            "pref": "medium",
            "proto": "kernel"
        },
        {
            "destination": "fe80::\/64",
            "interface": "tun0",
            "metric": "256",
            "pref": "medium",
            "proto": "kernel"
        },
        {
            "destination": "fe80::\/64",
            "interface": "wlp0s20f3",
            "metric": "1024",
            "pref": "medium",
            "proto": "kernel"
        },
        {
            "destination": "8000::\/1",
            "interface": "tun0",
            "metric": "1024",
            "pref": "medium"
        },
        {
            "destination": "::\/0",
            "gateway": "fe80::aa63:7dff:fe7a:e11d",
            "interface": "wlp0s20f3",
            "metric": "20600",
            "pref": "low",
            "proto": "ra"
        }
    ],
    "ipv4-default-gateway": "192.168.0.1",
    "ipv4-default-interface": "wlp0s20f3",
    "ipv6-default-gateway": "fe80::aa63:7dff:fe7a:e11d",
    "ipv6-default-interface": "wlp0s20f3",
    "interfaces": [
        {
            "friendly": "lo",
            "id": "lo",
            "name": "lo",
            "description": "lo",
            "type": "Loopback",
            "status": "Unknown",
            "bytes_received": "887201",
            "bytes_sent": "887201",
            "support_ipv4": true,
            "support_ipv6": true,
            "ips": [
                "127.0.0.1",
                "::1"
            ],
            "bind": true
        },
        {
            "friendly": "wlp0s20f3",
            "id": "wlp0s20f3",
            "name": "wlp0s20f3",
            "description": "wlp0s20f3",
            "type": "Wireless80211",
            "status": "Up",
            "bytes_received": "13668506",
            "bytes_sent": "1604310",
            "support_ipv4": true,
            "support_ipv6": true,
            "ips": [
                "192.168.0.183",
                "fe80::88a8:8bd:765e:e8fb"
            ],
            "bind": true
        },
        {
            "friendly": "tun0",
            "id": "tun0",
            "name": "tun0",
            "description": "tun0",
            "type": "0",
            "status": "Unknown",
            "bytes_received": "12216170",
            "bytes_sent": "749281",
            "support_ipv4": true,
            "support_ipv6": true,
            "ips": [
                "10.19.70.207",
                "fde6:7a:7d20:f46::10cd",
                "fe80::ade1:424:a1e3:2d14"
            ],
            "bind": true
        }
    ]
}
----------------------------
ip addr show:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: wlp0s20f3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 3c:e9:f7:68:ab:eb brd ff:ff:ff:ff:ff:ff
    inet 192.168.0.183/24 brd 192.168.0.255 scope global dynamic noprefixroute wlp0s20f3
       valid_lft 86166sec preferred_lft 86166sec
    inet6 fe80::88a8:8bd:765e:e8fb/64 scope link noprefixroute
       valid_lft forever preferred_lft forever
3: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UNKNOWN group default qlen 500
    link/none
    inet 10.19.70.207/24 scope global tun0
       valid_lft forever preferred_lft forever
    inet6 fde6:7a:7d20:f46::10cd/64 scope global
       valid_lft forever preferred_lft forever
    inet6 fe80::ade1:424:a1e3:2d14/64 scope link stable-privacy
       valid_lft forever preferred_lft forever
----------------------------
ip link show:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: wlp0s20f3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DORMANT group default qlen 1000
    link/ether 3c:e9:f7:68:ab:eb brd ff:ff:ff:ff:ff:ff
3: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UNKNOWN mode DEFAULT group default qlen 500
    link/none

Share this post


Link to post
11 hours ago, hedgehoq said:

netlock.allow_dns: True


Hello!

Note the above and this:
11 hours ago, hedgehoq said:

. 2024.06.19 00:27:16 - OpenVPN > Pushed option removed by filter: 'dhcp-option DNS 10.19.70.1'
. 2024.06.19 00:27:16 - OpenVPN > Pushed option removed by filter: 'dhcp-option DNS6 fde6:7a:7d20:f46::1'


You specifically configured Eddie to ignore the DNS push by the server and let the packets to your default DNS slip through the Network Lock.

Kind regards
 

Share this post


Link to post
@Staff Thanks for your reply :)

I'm sorry if this silly but how do I even fix the problem? I honestly have no idea... Is it under "N
etwork Lock"; I should uncheck "Allow detected DNS"?

Also, would disabling all 4 "Allow" options below Outgoing improve privacy, meaning everything runs through the VPN instead of my real network?

Many thanks

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...