Leaderboard

Hello! We're very glad to inform you that two new 10 Gbit/s full duplex servers located in Frankfurt, Germany, are available: Adhil and Fuyue. They will replace 1 Gbit/s servers Intercrus, Serpens, Tucana and Veritate, which will be decommissioned on 2025-07-31 as they run on hardware and lines that show first signs of inadequacy after a year of extraordinary userbase growth. The AirVPN client will show automatically the new servers; if you use any other OpenVPN or WireGuard client you can generate all the files to access them through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The servers accept connections on ports 53, 80, 443, 1194, 2018 UDP and TCP for OpenVPN and ports 1637, 47107 and 51820 UDP for WireGuard. They support OpenVPN over SSL and OpenVPN over SSH, TLS 1.3, OpenVPN tls-crypt and WireGuard. Full IPv6 support is included as well. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses. You can check the status as usual in our real time servers monitor : https://airvpn.org/servers/Adhil https://airvpn.org/servers/Fuyue Do not hesitate to contact us for any information or issue. Kind regards & datalove AirVPN Staff

Hello! We're sorry to inform you that due to sloppy support by the datacenter provider (Racklot) we have decommissioned the server Metallah. Metallah went down on June the 18th, 2025, because IP addresses were null-routed. After more than a month, in spite of various contacts and solicitations, Racklot still fails to restore the routing. Our patience is over and we're acting accordingly. This was the last server still not supporting IPv6 (again for the laziness and the sloppy behavior of Racklot), so we finally have IPv6 support on every and each server. Kind regards

Hello! The problem has been finally isolated. From the provider customer service, just a few hours ago: "We have located the issue with the cabling, and have asked to [...] swap cables and ports around. This will correct the issue. [...] We expect this work to be completed within 24hrs". Kind regards

Hello! We're very glad to inform you that a new 10 Gbit/s full duplex server located in Toronto (Ontario, Canada), is available: Kornephoros. The AirVPN client will show automatically the new server; if you use any other OpenVPN or WireGuard client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The server accepts connections on ports 53, 80, 443, 1194, 2018 UDP and TCP for OpenVPN and ports 1637, 47107 and 51820 UDP for WireGuard. Kornephoros supports OpenVPN over SSL and OpenVPN over SSH, TLS 1.3, OpenVPN tls-crypt and WireGuard. Full IPv6 support is included as well. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses. You can check the status as usual in our real time servers monitor . Do not hesitate to contact us for any information or issue. Kind regards & datalove AirVPN Staff

I know it might seem a bit weird that a freshly joined member starts a discussion about a competitor. But I want to point out that I have no negative feelings for Perfect Privacy. I have been using them for a while. But there is something going on there that should concern us all. Perfect Privacy is a Germany based VPN provider that has been around for a while. In the past, they have proven more than once that they don't keep any logs and they also had a good reputation with people doing not so nice things. It was a common thing that one third of their servers have been down. But recently, something changed. They stopped updating their Warrant Canary in April. They have a forum too, but their staff entirely ignores this Warrant Canary topic. They refuse to comment on this matter. People told them they will leave if they don't update it. Others suggested they should just remove it if they don't bother updating it. Now if you think about it: If your users complain and even stop using your service, what could be a logical reason not to update the Warrant Canary? How much time would it take to do this? 3 months have passed by. At times, half their servers are down. IKEV2 is not working anymore because of some certificate error. They know about it. They say they are working on it. Even thought roughly half their servers are down or broken, their bandwidth at times see roughly around 10% usage. Unfortunately their forums is mostly in Germany. They had users defending this service for years. But now everyone and really everyone turned against the service and yet they don't seem to care. Can someone here come up with a reason why a service will suddenly stop updating the Warrant Canary and stop fixing things at the same time? For me, this sounds really bad. Talking about Perfect Privacy, they compare to services like Mullvad, AirVPN and IVPN. They have a very good reputation around privacy minded people. For me, this just sounds authorities prevent them from updating or removing it. I simply can not come up with any other explanation. Maybe you can.

Thanks for this update. The speed and connectivity is good.

Hello! We're very glad to announce that AirVPN Suite 2.0.0 Release is available. Special thanks to the outstanding community beta testers whose continued support in over a year and a half has been invaluable and decisive to find out and address several, insidious bugs. AirVPN Suite 2.0.0 introduces AirVPN's exclusive per app traffic splitting system, bug fixes, revised code, WireGuard support, and the latest OpenVPN3-AirVPN 3.12 library. Please see the respective changelogs for a complete list of changes for each component of the suite. The 2.0.0 Suite includes: Bluetit: lightweight, ultra-fast D-Bus controlled system daemon providing full connectivity and integration to AirVPN servers, or generic OpenVPN and WireGuard servers. Bluetit can also enforce Network Lock and/or connect the system to AirVPN during the bootstrap Goldcrest: Bluetit client, allowing full integration with AirVPN servers, users, keys, profiles as well as generic OpenVPN and WireGuard servers Hummingbird: lightweight and standalone binary for generic OpenVPN and WireGuard server connections Cuckoo: traffic split manager, granting full access and functionality to AirVPN's traffic split infrastructure airsu: a "run and forget" tool to automatically set and enable the user environment for the X.Org or Wayland based ecosystem without any user input WireGuard support WireGuard support is now available in Bluetit and Hummingbird. OpenVPN or WireGuard selection is controlled by Bluetit run control file option airvpntype or by Goldcrest option -f (short for --air-vpn-type). Possible values: openvpn, wireguard. New 2.0.0 default: wireguard. Bluetit run control file (/etc/airvpn/bluetit.rc) option: airvpntype: (string) VPN type to be used for AirVPN connections. Possible values: wireguard, openvpn. Default: wireguard Goldcrest option: --air-vpn-type, -f : VPN type for AirVPN connection <wireguard|openvpn> Suspend and resume services for systemd based systems For your comfort, the installation script can create suspend and resume services in systemd based systems, according to your preferences. allowing a more proper management of VPN connections when the system is suspended and resumed. The network connection detection code has also been rewritten to provide more appropriate behavior. Asynchronous mode A new asynchronous mode (off by default) is supported by Bluetit and Goldcrest, allowing asynchronous connections. Network Lock can be used accordingly in asynchronous connections. Please consult the readme.md file included in every tarball for more information and details. Word completion on bash and zsh Auto completion is now available by pressing the TAB key when entering any Goldcrest or Hummingbird option and filename on a bash or zsh interpreter. Auto completion files are installed automatically by the installation script. AirVPN's VPN traffic splitting AirVPN Suite version 2.0.0 introduces traffic splitting by using a dedicated network namespace. The VPN traffic is carried out in the default (main) namespace, ensuring all system data and traffic to be encrypted into the VPN tunnel by default. No clear and unencrypted data are allowed to pass through the default namespace. Any non-tunneled network traffic must be explicitly requested by an authorized user with the right to run cuckoo, the AirVPN traffic split manager tool. AirVPN's traffic splitting is managed by Bluetit and configured through run control directives. The system has been created in order to minimize any tedious or extensive configuration, even to the minimal point of telling Bluetit to enable traffic splitting with no other setting. In order to enable and control AirVPN's traffic splitting, the below new run control directives for /etc/airvpn/bluetit.rc have been implemented: allowtrafficsplitting: (on/off) enable or disable traffic splitting. Default: off trafficsplitnamespace: (string) name of Linux network namespace dedicated to traffic splitting. Default: aircuckoo trafficsplitinterface: (string) name of the physical network interface to be used for traffic splitting. All the unencrypted and out of the tunnel data will pass through the specified network device/interface. In case this directive is not used and unspecified, Bluetit will automatically use the main network interface of the system and connected to the default gateway. Default: unspecified trafficsplitnamespaceinterface: (string) name of the virtual network interface to be associated to the Linux network namespace dedicated to traffic splitting. Default: ckveth0 trafficsplitipv4: (IPv4 address|auto) IPv4 address of the virtual network interface used for traffic splitting. In case it is set to 'auto', Bluetit will try to automatically assign an unused IPv4 address belonging to the system's host sub-network (/24) Default: auto trafficsplitipv6: (IPv6 address|auto) IPv6 address of the virtual network interface used for traffic splitting. In case it is set to 'auto', Bluetit will try to automatically assign an unused IPv6 address belonging to the system's host sub-network (/64) Default: auto trafficsplitfirewall: (on/off) enable or disable the firewall in Linux network namespace dedicated to traffic splitting. The firewall is set up with a minimal rule set for a very basic security model. Default: off AirVPN's traffic splitting is designed in order to minimize any further configuration from the system administrator. To actually enable traffic splitting, it is just needed to set "allowtrafficsplitting" directive to "on" and Bluetit will configure the traffic split namespace with the default options as explained above. When needed, the system administrator can finely tune the traffic splitting service by using the above directives. Power and limitations The adopted solution offers a remarkable security bonus in terms of isolation. For example, it gets rid of the dangerous DNS "leaks in" typical of cgroups based traffic splitting solutions. However, the dedicated namespace needs an exclusive IP address. If the system is behind a NAT (connected to a home router for example) this is not a problem, but if the system is not behind any NAT, i.e. it is assigned directly a public IP address, you will need another public IP address for the network namespace dedicated to traffic splitting. You will need to manually set the other public IP address on the trafficsplitipv4 or trafficsplitipv6 directive as the guessing abilities of Bluetit may work only within a private subnet. Please keep this limitation in mind especially if you want to run the Suite with per app traffic splitting on a dedicated or virtual server in some datacenter, as they are most of the times NOT behind any NAT. Introducing Cuckoo, the AirVPN traffic splitting manager tool To generate out of the tunnel traffic, any application software must be run inside the "traffic split" namespace by using the dedicated traffic split tool cuckoo which can be run by users belonging to the airvpn group only. It cannot be used by the superuser. The usage is documented in the manual and on the inline help. The traffic split namespace uses its own routing, network channels and system DNS. It will not interfere or communicate in any way with the default namespace using its own encrypted tunnel. Programs started with cuckoo are regular Linux processes and, as such, can be managed (stopped, interrupted, paused, terminated and killed) by using the usual process control tools. The programs started by cuckoo are assigned to the user who started cuckoo. As a final note, in order to work properly, the following permissions must be granted to cuckoo and they are always checked at each run. Owner: root Group: airvpn Permissions: -rwsr-xr-x (owner can read, write, execute and setuid; group can read and execute, others can read and execute) Special note for snap packages users Snap is a controversial, locking-in package management system developed by Canonical and praised by Microsoft. It packages applications as snaps, which are self-contained units that include all necessary dependencies and run in a sandboxed environment in its default namespace. Therefore, "snap" applications will bypass the order by the system via Cuckoo to have an application running in one specific namespace created for reverse traffic splitting. As a result, snap applications will jettison the Suite's reverse traffic splitting feature. Currently, you must avoid snap packages of those applications whose traffic must flow outside the VPN tunnel. The issue is particularly relevant ever since Ubuntu migrated certain packages exclusively to Snap, such as Chromium and Firefox. At the moment it is still possible to eradicate snap from various distributions, including Ubuntu, quickly. Special note for firewalld users Please read here, it's very important: https://airvpn.org/forums/topic/70164-linux-network-lock-and-firewalld/ AirVPN Switch User Tool Airsu Running an application in a graphical environment requires a user having a local environment properly set, in particular variables and access to specific sockets or cookies. They are usually set at the moment of graphical login, while they may not be properly set in case a user logged in by using the system tool su. In this specific case the user will not probably be allowed to access the graphical environment, so any GUI application will not start. AirVPN’s airsu is used for this specific purpose and configures the user environment to the current X.Org (X11) or Wayland based manager, thus allowing access to GUI applications when run through cuckoo. Note on GUI software and Web Browsers Complete compatibility with both X11 and Wayland based environments has been implemented. Because of the specific Linux architecture and namespaces, some applications may need to specify the graphical environment in order to start and use the currently selected window manager on an X.Org (X11) or Wayland based habitat. Cuckoo can automatically do this by “injecting” predefined options to some preset applications, in particular those based on the chromium engines, most of them being web browsers. To see the list of predefined applications, please start cuckoo with --list-preset-apps option. When running an application with cuckoo, the user should make sure to actually start a new instance. This is usually granted by starting an application from the command line (such as running it with cuckoo). By starting an application from the desktop environment this may not happen. Download AirVPN Suite 2.0.0 The Suite is available in various flavors: ARM 64 bit, ARM 64 bit legacy, ARM 32 bit, ARM 32 bit legacy, x86-64 and x86-64 legacy. Download page: https://airvpn.org/linux/suite/ Changelog and source code Changelog for each component is available inside each package and on GitLab. Source code is available on GitLab: https://gitlab.com/AirVPN/AirVPN-Suite Kind regards and datalove AirVPN Staff

Hello! We're very glad to inform you that AirVPN Suite version 2.0.0 alpha 1 is now available. UPDATE 2023-11-24: version 2.0.0 alpha 2 is now available. UPDATE 2024-05-14: version 2.0.0 beta 1 is now available. UPDATE 2024-12-16: version 2.0.0 beta 2 is now available. UPDATE 2025-02-13: version 2.0.0 beta 3 is now available. UPDATE 2025-02-14: version 2.0.0 beta 4 is now available. UPDATE 2025-04-04: version 2.0.0 beta 5 is now available. UPDATE 2025-04-16: version 2.0.0 Release Candidate 1 is now available UPDATE 2025-06-10: version 2.0.0 Release Candidate 2 is now available UPDATE 2025-07-17: version 2.0.0 Release Candidate 3 is now available UPDATE 2025-07-25: version 2.0.0 is now available https://airvpn.org/forums/topic/73446-linux-airvpn-suite-200-available/ PLEASE NOTE THAT FROM NOW ON COMPATIBILITY WITH DEBIAN 10 AND ITS DERIVATIVES IS LOST, MAINLY BECAUSE THE SUITE IS NOW C++20 COMPLIANT. x86_64 LEGACY VERSION IS SUITABLE FOR DEBIAN 11 AirVPN Suite 2.0.0 introduces AirVPN's exclusive per app traffic splitting system, bug fixes, revised code in order to pave the way towards the final and stable release, WireGuard support, and the latest OpenVPN3-AirVPN 3.12 library. Please see the respective changelogs for a complete list of changes for each component of the suite. The 2.0.0 Release Candidate 1 Suite includes: Bluetit: lightweight, ultra-fast D-Bus controlled system daemon providing full connectivity and integration to AirVPN servers, or generic OpenVPN and WireGuard servers. Bluetit can also enforce Network Lock and/or connect the system to AirVPN during the bootstrap Goldcrest: Bluetit client, allowing full integration with AirVPN servers, users, keys, profiles as well as generic OpenVPN and WireGuard servers Hummingbird: lightweight and standalone binary for generic OpenVPN and WireGuard server connections Cuckoo: traffic split manager, granting full access and functionality to AirVPN's traffic split infrastructure airsu: a "run and forget" tool to automatically set and enable the user environment for the X.Org or Wayland based ecosystem without any user input WireGuard support WireGuard support is now available in Bluetit and Hummingbird. OpenVPN or WireGuard selection is controlled by Bluetit run control file option airvpntype or by Goldcrest option -f (short for --air-vpn-type). Possible values: openvpn, wireguard. New 2.0.0 default: wireguard. Bluetit run control file (/etc/airvpn/bluetit.rc) option: airvpntype: (string) VPN type to be used for AirVPN connections. Possible values: wireguard, openvpn. Default: wireguard Goldcrest option: --air-vpn-type, -f : VPN type for AirVPN connection <wireguard|openvpn> Suspend and resume services for systemd based systems For your comfort, the installation script can create suspend and resume services in systemd based systems, according to your preferences. allowing a more proper management of VPN connections when the system is suspended and resumed. The network connection detection code has also been rewritten to provide more appropriate behavior. Asynchronous mode A new asynchronous mode (off by default) is supported by Bluetit and Goldcrest, allowing asynchronous connections. Network Lock can be used accordingly in asynchronous connections. Please consult the readme.md file included in every tarball for more information and details. Word completion on bash and zsh Auto completion is now available by pressing the TAB key when entering any Goldcrest or Hummingbird option and filename on a bash or zsh interpreter. Auto completion files are installed automatically by the installation script. AirVPN's VPN traffic splitting AirVPN Suite version 2.0.0 introduces traffic splitting by using a dedicated network namespace. The VPN traffic is carried out in the default (main) namespace, ensuring all system data and traffic to be encrypted into the VPN tunnel by default. No clear and unencrypted data are allowed to pass through the default namespace. Any non-tunneled network traffic must be explicitly requested by an authorized user with the right to run cuckoo, the AirVPN traffic split manager tool. AirVPN's traffic splitting is managed by Bluetit and configured through run control directives. The system has been created in order to minimize any tedious or extensive configuration, even to the minimal point of telling Bluetit to enable traffic splitting with no other setting. In order to enable and control AirVPN's traffic splitting, the below new run control directives for /etc/airvpn/bluetit.rc have been implemented: allowtrafficsplitting: (on/off) enable or disable traffic splitting. Default: off trafficsplitnamespace: (string) name of Linux network namespace dedicated to traffic splitting. Default: aircuckoo trafficsplitinterface: (string) name of the physical network interface to be used for traffic splitting. All the unencrypted and out of the tunnel data will pass through the specified network device/interface. In case this directive is not used and unspecified, Bluetit will automatically use the main network interface of the system and connected to the default gateway. Default: unspecified trafficsplitnamespaceinterface: (string) name of the virtual network interface to be associated to the Linux network namespace dedicated to traffic splitting. Default: ckveth0 trafficsplitipv4: (IPv4 address|auto) IPv4 address of the virtual network interface used for traffic splitting. In case it is set to 'auto', Bluetit will try to automatically assign an unused IPv4 address belonging to the system's host sub-network (/24) Default: auto trafficsplitipv6: (IPv6 address|auto) IPv6 address of the virtual network interface used for traffic splitting. In case it is set to 'auto', Bluetit will try to automatically assign an unused IPv6 address belonging to the system's host sub-network (/64) Default: auto trafficsplitfirewall: (on/off) enable or disable the firewall in Linux network namespace dedicated to traffic splitting. The firewall is set up with a minimal rule set for a very basic security model. Default: off AirVPN's traffic splitting is designed in order to minimize any further configuration from the system administrator. To actually enable traffic splitting, it is just needed to set "allowtrafficsplitting" directive to "on" and Bluetit will configure the traffic split namespace with the default options as explained above. When needed, the system administrator can finely tune the traffic splitting service by using the above directives. Power and limitations The adopted solution offers a remarkable security bonus in terms of isolation. For example, it gets rid of the dangerous DNS "leaks in" typical of cgroups based traffic splitting solutions. However, the dedicated namespace needs an exclusive IP address. If the system is behind a NAT (connected to a home router for example) this is not a problem, but if the system is not behind any NAT, i.e. it is assigned directly a public IP address, you will need another public IP address for the network namespace dedicated to traffic splitting. You will need to manually set the other public IP address on the trafficsplitipv4 or trafficsplitipv6 directive as the guessing abilities of Bluetit may work only within a private subnet. Please keep this limitation in mind especially if you want to run the Suite with per app traffic splitting on a dedicated or virtual server in some datacenter, as they are most of the times NOT behind any NAT. Introducing Cuckoo, the AirVPN traffic splitting manager tool To generate out of the tunnel traffic, any application software must be run inside the "traffic split" namespace by using the dedicated traffic split tool cuckoo which can be run by users belonging to the airvpn group only. It cannot be used by the superuser. The usage is documented in the manual and on the inline help. The traffic split namespace uses its own routing, network channels and system DNS. It will not interfere or communicate in any way with the default namespace using its own encrypted tunnel. Programs started with cuckoo are regular Linux processes and, as such, can be managed (stopped, interrupted, paused, terminated and killed) by using the usual process control tools. The programs started by cuckoo are assigned to the user who started cuckoo. As a final note, in order to work properly, the following permissions must be granted to cuckoo and they are always checked at each run. Owner: root Group: airvpn Permissions: -rwsr-xr-x (owner can read, write, execute and setuid; group can read and execute, others can read and execute) Special note for snap packages users Snap is a controversial, locking-in package management system developed by Canonical and praised by Microsoft. It packages applications as snaps, which are self-contained units that include all necessary dependencies and run in a sandboxed environment in its default namespace. Therefore, "snap" applications will bypass the order by the system via Cuckoo to have an application running in one specific namespace created for reverse traffic splitting. As a result, snap applications will jettison the Suite's reverse traffic splitting feature. Currently, you must avoid snap packages of those applications whose traffic must flow outside the VPN tunnel. The issue is particularly relevant ever since Ubuntu migrated certain packages exclusively to Snap, such as Chromium and Firefox. At the moment it is still possible to eradicate snap from various distributions, including Ubuntu, quickly. Special note for firewalld users Please read here, it's very important: https://airvpn.org/forums/topic/70164-linux-network-lock-and-firewalld/ AirVPN Switch User Tool Airsu Running an application in a graphical environment requires a user having a local environment properly set, in particular variables and access to specific sockets or cookies. They are usually set at the moment of graphical login, while they may not be properly set in case a user logged in by using the system tool su. In this specific case the user will not probably be allowed to access the graphical environment, so any GUI application will not start. AirVPN’s airsu is used for this specific purpose and configures the user environment to the current X.Org (X11) or Wayland based manager, thus allowing access to GUI applications when run through cuckoo. Note on GUI software and Web Browsers The previous limitations on browsers have been completely resolved. Furthermore, complete compatibility with Wayland based environment has been implemented. Because of the specific Linux architecture and namespaces, some applications may need to specify the graphical environment in order to start and use the currently selected window manager on an X.Org (X11) or Wayland based habitat. Cuckoo can automatically do this by “injecting” predefined options to some preset applications, in particular those based on the chromium engines, most of them being web browsers. To see the list of predefined applications, please start cuckoo with --list-preset-apps option. When running an application with cuckoo, the user should make sure to actually start a new instance. This is usually granted by starting an application from the command line (such as running it with cuckoo). By starting an application from the desktop environment this may not happen. Download AirVPN Suite 2.0.0 Release Candidate 3 ARM 64 bit: https://eddie.website/repository/AirVPN-Suite/2.0-RC3/AirVPN-Suite-aarch64-2.0.0-RC-3.tar.gz https://eddie.website/repository/AirVPN-Suite/2.0-RC3/AirVPN-Suite-aarch64-2.0.0-RC-3.tar.gz.sha512 ARM 64 bit legacy: https://eddie.website/repository/AirVPN-Suite/2.0-RC3/AirVPN-Suite-aarch64-legacy-2.0.0-RC-3.tar.gz https://eddie.website/repository/AirVPN-Suite/2.0-RC3/AirVPN-Suite-aarch64-legacy-2.0.0-RC-3.tar.gz.sha512 ARM 32 bit: https://eddie.website/repository/AirVPN-Suite/2.0-RC3/AirVPN-Suite-armv7l-2.0.0-RC-3.tar.gz https://eddie.website/repository/AirVPN-Suite/2.0-RC3/AirVPN-Suite-armv7l-2.0.0-RC-3.tar.gz.sha512 ARM 32 bit legacy: https://eddie.website/repository/AirVPN-Suite/2.0-RC3/AirVPN-Suite-armv7l-legacy-2.0.0-RC-3.tar.gz https://eddie.website/repository/AirVPN-Suite/2.0-RC3/AirVPN-Suite-armv7l-legacy-2.0.0-RC-3.tar.gz.sha512 x86-64: https://eddie.website/repository/AirVPN-Suite/2.0-RC3/AirVPN-Suite-x86_64-2.0.0-RC-3.tar.gz https://eddie.website/repository/AirVPN-Suite/2.0-RC3/AirVPN-Suite-x86_64-2.0.0-RC-3.tar.gz.sha512 x86-64 legacy: https://eddie.website/repository/AirVPN-Suite/2.0-RC3/AirVPN-Suite-x86_64-legacy-2.0.0-RC-3.tar.gz https://eddie.website/repository/AirVPN-Suite/2.0-RC3/AirVPN-Suite-x86_64-legacy-2.0.0-RC-3.tar.gz.sha512 Changelogs Changelogs are available inside each package. Kind regards & Datalove AirVPN Staff

The heat on torrenting is getting worse - https://torrentfreak.com/u-s-court-orders-up-to-97500-in-damages-for-sharing-adult-films-via-bittorrent-250322/ The weak link in privacy is port forwarding, so adding an easy-to-use expiration date to a port would help users with their privacy. It could have practical time windows of usage: 12 hours, 1 day, 2 days, 7 days I think it would be a nice opt-in feature.

and they like tushy pron

Why should UK get any more servers? The bandwidth is maybe 60% used.

@Staff etc/airvpn/bluetit.rc from RC3 x86_64 tarball still contains the deprecated airvpnconnectivitycheck option and the new networkcheck isn't included. Also checked ARM64 tarball: same. I guess all tarballs are affected.

Hello! We're very glad to inform you that AirVPN Suite 2.0.0 Release Candidate 3 for Linux is now available. The original post is updated to show the new download URLs. The important improvements over RC 2 are: bug fixes Blutetit: added run control directive networkcheck (please see the included user's manual readme.md) Bluetit: removed run control directive airvpnconnectivitycheck (superseded by networkcheck directive) gateway is set in case it was not provided at construction time Special note for firewalld users Please read here, it's very important: https://airvpn.org/forums/topic/70164-linux-network-lock-and-firewalld/ Please note that compatibility with Debian 10 and its derivatives, that reached end of long term support and end of life on June 2024, is lost even for the legacy version, mainly because the Suite is now C++20 compliant. The legacy version remains suitable for Debian 11 and its derivatives. Kind regards

Another vote for adding Turkey servers.

Hello! This is by design to avoid permanent lock out on remotely accessed machines while allowing non-VPN traffic when wished. Please also note that the article is wrong in telling that there's a leak during a system reboot even when network lock is enabled: the leak may occur only if the Network Lock has not been engaged, for example if you have not started the AirVPN software. On Linux systems you also have the option of setting a persistent network lock with Bluetit daemon, a component of the AirVPN Suite. As soon as the daemon starts it enforces the network lock, no matter whether a connection is started or not. If you have a systemd based Linux distribution, please note that the asinine systemd init startup is not deterministic and this is of course not our responsibility. Therefore you can't be sure when Bluetit will be started, regardless of the priority you wish. If you need permanent blocking firewall rules surviving reboots even when the VPN software is not running the solution is straightforward: set permanent firewall rules as explained in various articles (a recent one is here https://airvpn.org/forums/topic/69097-permanent-kill-switch-for-eddie-client) or follow the suggestion included in the very same article you linked. Be aware that this setup is problematic on remotely accessed machines. Kind regards

Hello! No, we do not work with them, luckily! We have different providers in Germany and new servers will be added soon with new address ranges. Probably the block is aimed at various datacenters to prevent not only usage of publicly known VPN for consumers, but also home made VPN or simply SSH access to proxy to the Internet. Kind regards

I see. Have a look at these..

Connection refused means it was able to connect but on your host nothing is listening on port 18992.

uTP never changed. Though, there are some tests here and there that say mixed mode (TCP + uTP) can be faster, one just needs to wait a few minutes for uTP to ramp up. I generally still recommend TCP only, though, the difference is marginal. Still UDP, so uTP will behave similarly. Then maybe in your case mixed mode is indeed better. It's not like having this enabled will somehow cause your OS to uninstall. Or manipulate the weather around you and spawn an EF5 tornado on the spot. As written, I usually recommend TCP only because in most cases it just avoids headaches.

Well, it's the worst ISP in China.They shape everything.I suggest you should switch to other ISP such as China Telecom , China Unicom or China Mobile.You may find some cheap plans on the RedNote.But BE CAREFUL. If you switch your ISP to I mentioned above, you could try these servers. China Telecom: NL , DE , US SJC , US LAX China Unicom: nearly all european servers (except IE , NO , SE) (I recommend NL , DE) , US servers in the west coast. China Mobile: JP , SG servers I recommend using OpenVPN (IP Entry 3 & UDP & Port 443),since WireGuard is too easy to be identified (run a Wireshark and you know what I mean). If you have IPv6 connection,you should use them first (unless it's too slow for you).The GFW is less aggressive on IPv6 compared to IPv4

Hi Staff, I was trying out the latest version. Normally I use wireguard and that always works fine, also closing with Ctrl + C. However, if I use ./goldcrest AirVPN_Belgium_UDP-443-Entry3.ovpn and then close with Ctrl + C, Bluetit stops. Have to restart pc and do ./goldcrest --recover-network. some log files Wachtwoord: localhost:~ # journalctl bluetit.service Failed to add match 'bluetit.service': Invalid argument localhost:~ # journalctl -xeu bluetit.service Jul 05 18:07:20 localhost systemd[1]: Starting AirVPN Bluetit Daemon... ░░ Subject: A start job for unit bluetit.service has begun execution ░░ Defined-By: systemd ░░ Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel ░░ ░░ A start job for unit bluetit.service has begun execution. ░░ ░░ The job identifier is 309. Jul 05 18:07:20 localhost bluetit[1879]: Starting Bluetit - AirVPN WireGuard/OpenVPN3 Service 2.0.0 RC 2 - 9 > Jul 05 18:07:20 localhost bluetit[1879]: OpenVPN core 3.12 AirVPN (20250606) linux x86_64 64-bit Jul 05 18:07:20 localhost bluetit[1879]: Copyright (C) 2012- OpenVPN Inc. All rights reserved. Jul 05 18:07:20 localhost bluetit[1879]: SSL Library: OpenSSL 3.1.4 24 Oct 2023 Jul 05 18:07:20 localhost bluetit[1879]: AirVPN WireGuard Client 2.0.0 Linux x86_64 64-bit Jul 05 18:07:20 localhost bluetit[1890]: Bluetit daemon started with PID 1890 Jul 05 18:07:20 localhost bluetit[1890]: Reading run control directives from file /etc/airvpn/bluetit.rc Jul 05 18:07:20 localhost bluetit[1890]: External network is reachable via IPv4 gateway 192.168.178.1 through> Jul 05 18:07:20 localhost bluetit[1890]: Successfully connected to D-Bus Jul 05 18:07:20 localhost systemd[1]: Started AirVPN Bluetit Daemon. ░░ Subject: A start job for unit bluetit.service has finished successfully ░░ Defined-By: systemd ░░ Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel ░░ ░░ A start job for unit bluetit.service has finished successfully. ░░ ░░ The job identifier is 309. Jul 05 18:07:20 localhost bluetit[1890]: IPv6 is available in this system Jul 05 18:07:20 localhost bluetit[1890]: Creating AirVPN Boot server list Jul 05 18:07:20 localhost bluetit[1890]: Added server http://63.33.78.166 Jul 05 18:07:20 localhost bluetit[1890]: Added server http://54.93.175.114 Jul 05 18:07:20 localhost bluetit[1890]: Added server http://82.196.3.205 Jul 05 18:07:20 localhost bluetit[1890]: Added server http://63.33.116.50 Jul 05 18:07:20 localhost bluetit[1890]: Added server http://[2a03:b0c0:0:1010::9b:c001] Jul 05 18:07:20 localhost bluetit[1890]: Added server http://bootme.org Jul 05 18:07:20 localhost bluetit[1890]: Boot server http://bootme.org resolved into IPv6 2a03:b0c0:0:1010::9> Jul 05 18:07:20 localhost bluetit[1890]: AirVPN Boot server list successfully created. Added 6 servers. Jul 05 18:07:20 localhost bluetit[1890]: Default VPN type for AirVPN connections is set to WireGuard Jul 05 18:07:20 localhost bluetit[1890]: Use of user VPN profiles is enabled by Bluetit policy Jul 05 18:07:20 localhost bluetit[1890]: Bluetit successfully initialized and ready Jul 05 18:07:20 localhost bluetit[1890]: Scanning for system DNS addresses Jul 05 18:07:20 localhost bluetit[1890]: Found system IPv4 DNS 84.116.46.20 Jul 05 18:07:20 localhost bluetit[1890]: Found system IPv4 DNS 84.116.46.21 Jul 05 18:07:20 localhost bluetit[1890]: Found 2 system DNS addresses Jul 05 18:07:20 localhost bluetit[1890]: Checking AirVPN servers connectivity Jul 05 18:07:20 localhost bluetit[1890]: AirVPN connectivity attempt 1 in progress Jul 05 18:07:20 localhost bluetit[1890]: Successfully connected to AirVPN server 63.33.78.166 Jul 05 18:07:20 localhost bluetit[1890]: AirVPN servers connectivity successful Jul 05 18:07:20 localhost bluetit[1890]: Requesting network IP and country to AirVPN ipleak.net via secure co> Jul 05 18:07:20 localhost bluetit[1890]: ERROR: Cannot detect system location: Unknown error: Problem with th> Jul 05 18:07:20 localhost bluetit[1890]: AirVPN Manifest updater thread started Jul 05 18:07:20 localhost bluetit[1890]: Default AirVPN Manifest update interval is 15 minutes Jul 05 18:07:20 localhost bluetit[1890]: Updating AirVPN Manifest Jul 05 18:07:20 localhost bluetit[1890]: Trying connection to AirVPN bootstrap server at http://82.196.3.205 Jul 05 18:07:21 localhost bluetit[1890]: AirVPN Manifest successfully retrieved from server Jul 05 18:07:21 localhost bluetit[1890]: AirVPN Manifest update interval is now set to 30 minutes Jul 05 18:07:41 localhost bluetit[1890]: Requested method "version" Jul 05 18:07:41 localhost bluetit[1890]: Requested method "openvpn_info" Jul 05 18:07:42 localhost bluetit[1890]: Requested method "openvpn_copyright" Jul 05 18:07:42 localhost bluetit[1890]: Requested method "ssl_library_version" Jul 05 18:07:42 localhost bluetit[1890]: Requested method "wireguard_info" Jul 05 18:07:42 localhost bluetit[1890]: Requested method "recover_network: Bluetit does not need a network r> Jul 05 18:07:42 localhost bluetit[1890]: Sending event 'event_end_of_session' Jul 05 18:09:44 localhost bluetit[1890]: Requested method "version" Jul 05 18:09:44 localhost bluetit[1890]: Requested method "openvpn_info" Jul 05 18:09:44 localhost bluetit[1890]: Requested method "openvpn_copyright" Jul 05 18:09:44 localhost bluetit[1890]: Requested method "ssl_library_version" Jul 05 18:09:44 localhost bluetit[1890]: Requested method "wireguard_info" Jul 05 18:09:44 localhost bluetit[1890]: Requested method "reset_bluetit_options -> Bluetit options successfu> Jul 05 18:09:44 localhost bluetit[1890]: Requested method "set_options: client-name (client-name) -> Goldcres> Jul 05 18:09:44 localhost bluetit[1890]: Requested method "set_options: client-user (client-user) -> gerrit" Jul 05 18:09:44 localhost bluetit[1890]: Requested method "set_vpn_profile -> OK" Jul 05 18:09:44 localhost bluetit[1890]: Requested method "start_connection" Jul 05 18:09:44 localhost bluetit[1890]: Network filter and lock are using nftables Jul 05 18:09:44 localhost bluetit[1890]: Kernel module nf_tables is already loaded Jul 05 18:09:44 localhost bluetit[1890]: Network filter successfully initialized Jul 05 18:09:44 localhost bluetit[1890]: Private network is allowed to pass the network filter Jul 05 18:09:44 localhost bluetit[1890]: Ping output is allowed to pass the network filter Jul 05 18:09:44 localhost bluetit[1890]: IPv6 NDP is allowed to pass the network filter Jul 05 18:09:44 localhost bluetit[1890]: WireGuard connection successfully started Jul 05 18:09:44 localhost bluetit[1890]: Local interface lo - IPv4 127.0.0.1 IPv6 ::1 Jul 05 18:09:44 localhost bluetit[1890]: Local interface eth0 - IPv4 192.168.178.11 IPv6 2001:1c04:508:a800:b> Jul 05 18:09:44 localhost bluetit[1890]: Default IPv4 gateway via 192.168.178.1 dev eth0 Jul 05 18:09:44 localhost bluetit[1890]: Starting WireGuard synchronous connection Jul 05 18:09:44 localhost bluetit[1890]: Successfully loaded kernel module wireguard Jul 05 18:09:44 localhost bluetit[1890]: WireGuard client successfully created and initialized. Jul 05 18:09:44 localhost bluetit[1890]: Allowing system IPv4 DNS 84.116.46.20 to pass through the network fi> Jul 05 18:09:44 localhost bluetit[1890]: Allowing system IPv4 DNS 84.116.46.21 to pass through the network fi> Jul 05 18:09:45 localhost bluetit[1890]: Ping output is allowed to pass the network filter Jul 05 18:09:45 localhost bluetit[1890]: IPv6 NDP is allowed to pass the network filter Jul 05 18:09:45 localhost bluetit[1890]: Setting up WireGuard network interface tun0 Jul 05 18:09:45 localhost bluetit[1890]: Allowing IPv4 0.0.0.0/0 Jul 05 18:09:45 localhost bluetit[1890]: Allowing IPv6 ::/0 Jul 05 18:09:45 localhost bluetit[1890]: Allowing IPv4 0.0.0.0/5 Jul 05 18:09:45 localhost bluetit[1890]: Allowing IPv4 8.0.0.0/7 Jul 05 18:09:45 localhost bluetit[1890]: Allowing IPv4 11.0.0.0/8 Jul 05 18:09:45 localhost bluetit[1890]: Allowing IPv4 12.0.0.0/6 Jul 05 18:09:45 localhost bluetit[1890]: Allowing IPv4 16.0.0.0/4 Jul 05 18:09:45 localhost bluetit[1890]: Allowing IPv4 32.0.0.0/3 Jul 05 18:09:45 localhost bluetit[1890]: Allowing IPv4 64.0.0.0/2 Jul 05 18:09:45 localhost bluetit[1890]: Allowing IPv4 128.0.0.0/3 Jul 05 18:09:45 localhost bluetit[1890]: Allowing IPv4 160.0.0.0/5 Jul 05 18:09:45 localhost bluetit[1890]: Allowing IPv4 168.0.0.0/6 Jul 05 18:09:45 localhost bluetit[1890]: Allowing IPv4 172.0.0.0/12 Jul 05 18:09:45 localhost bluetit[1890]: Allowing IPv4 172.32.0.0/11 Jul 05 18:09:45 localhost bluetit[1890]: Allowing IPv4 172.64.0.0/10 Jul 05 18:09:45 localhost bluetit[1890]: Allowing IPv4 172.128.0.0/9 Jul 05 18:09:45 localhost bluetit[1890]: Allowing IPv4 173.0.0.0/8 Jul 05 18:09:45 localhost bluetit[1890]: Allowing IPv4 174.0.0.0/7 Jul 05 18:09:45 localhost bluetit[1890]: Allowing IPv4 176.0.0.0/4 Jul 05 18:09:45 localhost bluetit[1890]: Allowing IPv4 192.0.0.0/9 Jul 05 18:09:45 localhost bluetit[1890]: Allowing IPv4 192.128.0.0/11 Jul 05 18:09:45 localhost bluetit[1890]: Allowing IPv4 192.160.0.0/13 Jul 05 18:09:45 localhost bluetit[1890]: Allowing IPv4 192.169.0.0/16 Jul 05 18:09:45 localhost bluetit[1890]: Allowing IPv4 192.170.0.0/15 Jul 05 18:09:45 localhost bluetit[1890]: Allowing IPv4 192.172.0.0/14 Jul 05 18:09:45 localhost bluetit[1890]: Allowing IPv4 192.176.0.0/12 Jul 05 18:09:45 localhost bluetit[1890]: Allowing IPv4 192.192.0.0/10 Jul 05 18:09:45 localhost bluetit[1890]: Allowing IPv4 193.0.0.0/8 Jul 05 18:09:45 localhost bluetit[1890]: Allowing IPv4 194.0.0.0/7 Jul 05 18:09:45 localhost bluetit[1890]: Allowing IPv4 196.0.0.0/6 Jul 05 18:09:45 localhost bluetit[1890]: Allowing IPv4 200.0.0.0/5 Jul 05 18:09:45 localhost bluetit[1890]: Allowing IPv4 208.0.0.0/4 Jul 05 18:09:45 localhost bluetit[1890]: Allowing IPv4 224.0.0.0/3 Jul 05 18:09:45 localhost bluetit[1890]: Allowing IPv6 8000::/2 Jul 05 18:09:45 localhost bluetit[1890]: Allowing IPv6 c000::/3 Jul 05 18:09:45 localhost bluetit[1890]: Allowing IPv6 e000::/4 Jul 05 18:09:45 localhost bluetit[1890]: Allowing IPv6 f000::/5 Jul 05 18:09:45 localhost bluetit[1890]: Allowing IPv6 f800::/6 Jul 05 18:09:45 localhost bluetit[1890]: Allowing IPv6 fc00::/8 Jul 05 18:09:45 localhost bluetit[1890]: Allowing IPv6 fe00::/7 Jul 05 18:09:45 localhost bluetit[1890]: WireGuard end point set to IPv4 91.207.57.117, port 1637 Jul 05 18:09:45 localhost bluetit[1890]: Successfully created WireGuard device tun0 Jul 05 18:09:45 localhost bluetit[1890]: WireGuard interface tun0 set to IPv4 10.131.115.146/32 Jul 05 18:09:45 localhost bluetit[1890]: WireGuard interface tun0 set to IPv6 fd7d:76ee:e68f:a993:487a:1ccd:1> Jul 05 18:09:45 localhost bluetit[1890]: WireGuard interface tun0 successfully configured Jul 05 18:09:45 localhost bluetit[1890]: MTU WireGuard network interface tun0 set to 1320 Jul 05 18:09:45 localhost bluetit[1890]: WireGuard network interface tun0 successfully initialized and ready Jul 05 18:09:45 localhost bluetit[1890]: Adding IPv4 server 91.207.57.117 to network filter Jul 05 18:09:46 localhost bluetit[1890]: Network filter and lock successfully activated Jul 05 18:09:46 localhost bluetit[1890]: Added route IPv4 0.0.0.0/0 dev tun0 Jul 05 18:09:46 localhost bluetit[1890]: Added route IPv6 ::/0 dev tun0 Jul 05 18:09:46 localhost bluetit[1890]: Added route IPv4 0.0.0.0/5 dev tun0 Jul 05 18:09:46 localhost bluetit[1890]: Added route IPv4 8.0.0.0/7 dev tun0 Jul 05 18:09:46 localhost bluetit[1890]: Added route IPv4 11.0.0.0/8 dev tun0 Jul 05 18:09:46 localhost bluetit[1890]: Added route IPv4 12.0.0.0/6 dev tun0 Jul 05 18:09:46 localhost bluetit[1890]: Added route IPv4 16.0.0.0/4 dev tun0 Jul 05 18:09:46 localhost bluetit[1890]: Added route IPv4 32.0.0.0/3 dev tun0 Jul 05 18:09:46 localhost bluetit[1890]: Added route IPv4 64.0.0.0/2 dev tun0 Jul 05 18:09:46 localhost bluetit[1890]: Added route IPv4 128.0.0.0/3 dev tun0 Jul 05 18:09:46 localhost bluetit[1890]: Added route IPv4 160.0.0.0/5 dev tun0 Jul 05 18:09:46 localhost bluetit[1890]: Added route IPv4 168.0.0.0/6 dev tun0 Jul 05 18:09:46 localhost bluetit[1890]: Added route IPv4 172.0.0.0/12 dev tun0 Jul 05 18:09:46 localhost bluetit[1890]: Added route IPv4 172.32.0.0/11 dev tun0 Jul 05 18:09:46 localhost bluetit[1890]: Added route IPv4 172.64.0.0/10 dev tun0 Jul 05 18:09:46 localhost bluetit[1890]: Added route IPv4 172.128.0.0/9 dev tun0 Jul 05 18:09:46 localhost bluetit[1890]: Added route IPv4 173.0.0.0/8 dev tun0 Jul 05 18:09:46 localhost bluetit[1890]: Added route IPv4 174.0.0.0/7 dev tun0 Jul 05 18:09:46 localhost bluetit[1890]: Added route IPv4 176.0.0.0/4 dev tun0 Jul 05 18:09:46 localhost bluetit[1890]: Added route IPv4 192.0.0.0/9 dev tun0 Jul 05 18:09:46 localhost bluetit[1890]: Added route IPv4 192.128.0.0/11 dev tun0 Jul 05 18:09:46 localhost bluetit[1890]: Added route IPv4 192.160.0.0/13 dev tun0 Jul 05 18:09:46 localhost bluetit[1890]: Added route IPv4 192.169.0.0/16 dev tun0 Jul 05 18:09:46 localhost bluetit[1890]: Added route IPv4 192.170.0.0/15 dev tun0 Jul 05 18:09:46 localhost bluetit[1890]: Added route IPv4 192.172.0.0/14 dev tun0 Jul 05 18:09:46 localhost bluetit[1890]: Added route IPv4 192.176.0.0/12 dev tun0 Jul 05 18:09:46 localhost bluetit[1890]: Added route IPv4 192.192.0.0/10 dev tun0 Jul 05 18:09:46 localhost bluetit[1890]: Added route IPv4 193.0.0.0/8 dev tun0 Jul 05 18:09:46 localhost bluetit[1890]: Added route IPv4 194.0.0.0/7 dev tun0 Jul 05 18:09:46 localhost bluetit[1890]: Added route IPv4 196.0.0.0/6 dev tun0 Jul 05 18:09:46 localhost bluetit[1890]: Added route IPv4 200.0.0.0/5 dev tun0 Jul 05 18:09:46 localhost bluetit[1890]: Added route IPv4 208.0.0.0/4 dev tun0 Jul 05 18:09:46 localhost bluetit[1890]: Added route IPv4 224.0.0.0/3 dev tun0 Jul 05 18:09:46 localhost bluetit[1890]: Added route IPv6 8000::/2 dev tun0 Jul 05 18:09:46 localhost bluetit[1890]: Added route IPv6 c000::/3 dev tun0 Jul 05 18:09:46 localhost bluetit[1890]: Added route IPv6 e000::/4 dev tun0 Jul 05 18:09:46 localhost bluetit[1890]: Added route IPv6 f000::/5 dev tun0 Jul 05 18:09:46 localhost bluetit[1890]: Added route IPv6 f800::/6 dev tun0 Jul 05 18:09:46 localhost bluetit[1890]: Added route IPv6 fc00::/8 dev tun0 Jul 05 18:09:46 localhost bluetit[1890]: Added route IPv6 fe00::/7 dev tun0 Jul 05 18:09:46 localhost bluetit[1890]: Added route IPv4 128.0.0.0/1 dev tun0 Jul 05 18:09:46 localhost bluetit[1890]: Added route IPv6 8000::/1 dev tun0 Jul 05 18:09:46 localhost bluetit[1890]: Added route IPv4 91.207.57.117/32 via 192.168.178.1 dev eth0 Jul 05 18:09:46 localhost bluetit[1890]: Successfully initialized WireGuard device tun0 Jul 05 18:09:46 localhost bluetit[1890]: Connected to WireGuard server IPv4 91.207.57.117, port 1637 via tun0 Jul 05 18:09:46 localhost bluetit[1890]: VPN Server has pushed DNS IPv4 10.128.0.1 Jul 05 18:09:46 localhost bluetit[1890]: Setting pushed IPv4 DNS server 10.128.0.1 in resolv.conf Jul 05 18:09:46 localhost bluetit[1890]: VPN Server has pushed DNS IPv6 fd7d:76ee:e68f:a993::1 Jul 05 18:09:46 localhost bluetit[1890]: Setting pushed IPv6 DNS server fd7d:76ee:e68f:a993::1 in resolv.conf Jul 05 18:09:46 localhost bluetit[1890]: Server has pushed its own DNS. Rejecting system DNS from network fil> Jul 05 18:09:46 localhost bluetit[1890]: System IPv4 DNS 84.116.46.20 is now rejected by the network filter Jul 05 18:09:46 localhost bluetit[1890]: System IPv4 DNS 84.116.46.21 is now rejected by the network filter Jul 05 18:09:46 localhost bluetit[1890]: WireGuard connection monitor thread started Jul 05 18:09:46 localhost bluetit[1890]: Connected to AirVPN server Castor, Brussels (Belgium) IP address 91.> Jul 05 18:09:46 localhost bluetit[1890]: Pushed DNS: 10.128.0.1 (IPv4) fd7d:76ee:e68f:a993::1 (IPv6) Jul 05 18:09:46 localhost bluetit[1890]: Connection statistics updater thread started Jul 05 18:09:53 localhost bluetit[1890]: Requested method "bluetit_status -> Bluetit is connected to VPN (Wir> Jul 05 18:09:53 localhost bluetit[1890]: Requested method "stop_connection" Jul 05 18:09:53 localhost bluetit[1890]: Stopping WireGuard synchronous connection Jul 05 18:09:53 localhost bluetit[1890]: WireGuard connection monitor thread terminated Jul 05 18:09:53 localhost bluetit[1890]: Removed route IPv4 0.0.0.0/0 dev tun0 Jul 05 18:09:53 localhost bluetit[1890]: Removed route IPv6 ::/0 dev tun0 Jul 05 18:09:53 localhost bluetit[1890]: Removed route IPv4 0.0.0.0/5 dev tun0 Jul 05 18:09:53 localhost bluetit[1890]: Removed route IPv4 8.0.0.0/7 dev tun0 Jul 05 18:09:53 localhost bluetit[1890]: Removed route IPv4 11.0.0.0/8 dev tun0 Jul 05 18:09:53 localhost bluetit[1890]: Removed route IPv4 12.0.0.0/6 dev tun0 Jul 05 18:09:53 localhost bluetit[1890]: Removed route IPv4 16.0.0.0/4 dev tun0 Jul 05 18:09:53 localhost bluetit[1890]: Removed route IPv4 32.0.0.0/3 dev tun0 Jul 05 18:09:53 localhost bluetit[1890]: Removed route IPv4 64.0.0.0/2 dev tun0 Jul 05 18:09:53 localhost bluetit[1890]: Removed route IPv4 128.0.0.0/3 dev tun0 Jul 05 18:09:53 localhost bluetit[1890]: Removed route IPv4 160.0.0.0/5 dev tun0 Jul 05 18:09:53 localhost bluetit[1890]: Removed route IPv4 168.0.0.0/6 dev tun0 Jul 05 18:09:53 localhost bluetit[1890]: Removed route IPv4 172.0.0.0/12 dev tun0 Jul 05 18:09:53 localhost bluetit[1890]: Removed route IPv4 172.32.0.0/11 dev tun0 Jul 05 18:09:53 localhost bluetit[1890]: Removed route IPv4 172.64.0.0/10 dev tun0 Jul 05 18:09:53 localhost bluetit[1890]: Removed route IPv4 172.128.0.0/9 dev tun0 Jul 05 18:09:53 localhost bluetit[1890]: Removed route IPv4 173.0.0.0/8 dev tun0 Jul 05 18:09:53 localhost bluetit[1890]: Removed route IPv4 174.0.0.0/7 dev tun0 Jul 05 18:09:53 localhost bluetit[1890]: Removed route IPv4 176.0.0.0/4 dev tun0 Jul 05 18:09:53 localhost bluetit[1890]: Removed route IPv4 192.0.0.0/9 dev tun0 Jul 05 18:09:53 localhost bluetit[1890]: Removed route IPv4 192.128.0.0/11 dev tun0 Jul 05 18:09:53 localhost bluetit[1890]: Removed route IPv4 192.160.0.0/13 dev tun0 Jul 05 18:09:53 localhost bluetit[1890]: Removed route IPv4 192.169.0.0/16 dev tun0 Jul 05 18:09:53 localhost bluetit[1890]: Removed route IPv4 192.170.0.0/15 dev tun0 Jul 05 18:09:53 localhost bluetit[1890]: Removed route IPv4 192.172.0.0/14 dev tun0 Jul 05 18:09:53 localhost bluetit[1890]: Removed route IPv4 192.176.0.0/12 dev tun0 Jul 05 18:09:53 localhost bluetit[1890]: Removed route IPv4 192.192.0.0/10 dev tun0 Jul 05 18:09:53 localhost bluetit[1890]: Removed route IPv4 193.0.0.0/8 dev tun0 Jul 05 18:09:53 localhost bluetit[1890]: Removed route IPv4 194.0.0.0/7 dev tun0 Jul 05 18:09:53 localhost bluetit[1890]: Removed route IPv4 196.0.0.0/6 dev tun0 Jul 05 18:09:53 localhost bluetit[1890]: Removed route IPv4 200.0.0.0/5 dev tun0 Jul 05 18:09:53 localhost bluetit[1890]: Removed route IPv4 208.0.0.0/4 dev tun0 Jul 05 18:09:53 localhost bluetit[1890]: Removed route IPv4 224.0.0.0/3 dev tun0 Jul 05 18:09:53 localhost bluetit[1890]: Removed route IPv6 8000::/2 dev tun0 Jul 05 18:09:53 localhost bluetit[1890]: Removed route IPv6 c000::/3 dev tun0 Jul 05 18:09:53 localhost bluetit[1890]: Removed route IPv6 e000::/4 dev tun0 Jul 05 18:09:53 localhost bluetit[1890]: Removed route IPv6 f000::/5 dev tun0 Jul 05 18:09:53 localhost bluetit[1890]: Removed route IPv6 f800::/6 dev tun0 Jul 05 18:09:53 localhost bluetit[1890]: Removed route IPv6 fc00::/8 dev tun0 Jul 05 18:09:53 localhost bluetit[1890]: Removed route IPv6 fe00::/7 dev tun0 Jul 05 18:09:53 localhost bluetit[1890]: Removed route IPv4 128.0.0.0/1 dev tun0 Jul 05 18:09:53 localhost bluetit[1890]: Removed route IPv6 8000::/1 dev tun0 Jul 05 18:09:53 localhost bluetit[1890]: Removed route IPv4 91.207.57.117/32 via 192.168.178.1 dev eth0 Jul 05 18:09:53 localhost bluetit[1890]: Disabling WireGuard network interface tun0 Jul 05 18:09:53 localhost bluetit[1890]: WireGuard network interface tun0 successfully disabled Jul 05 18:09:54 localhost bluetit[1890]: WireGuard successfully disconnected Jul 05 18:09:54 localhost bluetit[1890]: Successfully restored DNS settings Jul 05 18:09:54 localhost bluetit[1890]: Session network filter and lock rollback successful Jul 05 18:09:54 localhost bluetit[1890]: Connection statistics updater thread terminated Jul 05 18:09:54 localhost bluetit[1890]: Sending event 'event_disconnected' Jul 05 18:09:54 localhost bluetit[1890]: Connection time: 00:00:07 Jul 05 18:09:54 localhost bluetit[1890]: Total transferred Input data: 6,30 KB Jul 05 18:09:54 localhost bluetit[1890]: Total transferred Output data: 69,80 KB Jul 05 18:09:54 localhost bluetit[1890]: Max Input rate: 1,09 Kbit/s Jul 05 18:09:54 localhost bluetit[1890]: Max Output rate: 2,32 Kbit/s Jul 05 18:09:54 localhost bluetit[1890]: Session network filter and lock are now disabled Jul 05 18:09:54 localhost bluetit[1890]: Sending event 'event_end_of_session' Jul 05 18:09:54 localhost bluetit[1890]: Sending event 'event_end_of_session' Jul 05 18:09:58 localhost bluetit[1890]: Requested method "version" Jul 05 18:09:58 localhost bluetit[1890]: Requested method "openvpn_info" Jul 05 18:09:58 localhost bluetit[1890]: Requested method "openvpn_copyright" Jul 05 18:09:58 localhost bluetit[1890]: Requested method "ssl_library_version" Jul 05 18:09:58 localhost bluetit[1890]: Requested method "wireguard_info" Jul 05 18:09:58 localhost bluetit[1890]: Requested method "reset_bluetit_options -> Bluetit options successfu> Jul 05 18:09:58 localhost bluetit[1890]: Requested method "set_options: client-name (client-name) -> Goldcres> Jul 05 18:09:58 localhost bluetit[1890]: Requested method "set_options: client-user (client-user) -> gerrit" Jul 05 18:09:58 localhost bluetit[1890]: Requested method "set_vpn_profile -> OK" Jul 05 18:09:58 localhost bluetit[1890]: Requested method "start_connection" Jul 05 18:09:58 localhost bluetit[1890]: Network filter and lock are using nftables Jul 05 18:09:58 localhost bluetit[1890]: Kernel module nf_tables is already loaded Jul 05 18:09:58 localhost bluetit[1890]: Network filter successfully initialized Jul 05 18:09:58 localhost bluetit[1890]: Private network is allowed to pass the network filter Jul 05 18:09:58 localhost bluetit[1890]: Ping output is allowed to pass the network filter Jul 05 18:09:58 localhost bluetit[1890]: IPv6 NDP is allowed to pass the network filter Jul 05 18:09:58 localhost bluetit[1890]: WireGuard connection successfully started Jul 05 18:09:58 localhost bluetit[1890]: Local interface lo - IPv4 127.0.0.1 IPv6 ::1 Jul 05 18:09:58 localhost bluetit[1890]: Local interface eth0 - IPv4 192.168.178.11 IPv6 2001:1c04:508:a800:b> Jul 05 18:09:58 localhost bluetit[1890]: Default IPv4 gateway via 192.168.178.1 dev eth0 Jul 05 18:09:58 localhost bluetit[1890]: Starting WireGuard synchronous connection Jul 05 18:09:58 localhost bluetit[1890]: Kernel module wireguard is already loaded Jul 05 18:09:58 localhost bluetit[1890]: WireGuard client successfully created and initialized. Jul 05 18:09:58 localhost bluetit[1890]: Allowing system IPv4 DNS 84.116.46.20 to pass through the network fi> Jul 05 18:09:58 localhost bluetit[1890]: Allowing system IPv4 DNS 84.116.46.21 to pass through the network fi> Jul 05 18:09:59 localhost bluetit[1890]: Ping output is allowed to pass the network filter Jul 05 18:09:59 localhost bluetit[1890]: IPv6 NDP is allowed to pass the network filter Jul 05 18:09:59 localhost bluetit[1890]: Setting up WireGuard network interface tun0 Jul 05 18:09:59 localhost bluetit[1890]: Allowing IPv4 0.0.0.0/0 Jul 05 18:09:59 localhost bluetit[1890]: Allowing IPv6 ::/0 Jul 05 18:09:59 localhost bluetit[1890]: Allowing IPv4 0.0.0.0/5 Jul 05 18:09:59 localhost bluetit[1890]: Allowing IPv4 8.0.0.0/7 Jul 05 18:09:59 localhost bluetit[1890]: Allowing IPv4 11.0.0.0/8 Jul 05 18:09:59 localhost bluetit[1890]: Allowing IPv4 12.0.0.0/6 Jul 05 18:09:59 localhost bluetit[1890]: Allowing IPv4 16.0.0.0/4 Jul 05 18:09:59 localhost bluetit[1890]: Allowing IPv4 32.0.0.0/3 Jul 05 18:09:59 localhost bluetit[1890]: Allowing IPv4 64.0.0.0/2 Jul 05 18:09:59 localhost bluetit[1890]: Allowing IPv4 128.0.0.0/3 Jul 05 18:09:59 localhost bluetit[1890]: Allowing IPv4 160.0.0.0/5 Jul 05 18:09:59 localhost bluetit[1890]: Allowing IPv4 168.0.0.0/6 Jul 05 18:09:59 localhost bluetit[1890]: Allowing IPv4 172.0.0.0/12 Jul 05 18:09:59 localhost bluetit[1890]: Allowing IPv4 172.32.0.0/11 Jul 05 18:09:59 localhost bluetit[1890]: Allowing IPv4 172.64.0.0/10 Jul 05 18:09:59 localhost bluetit[1890]: Allowing IPv4 172.128.0.0/9 Jul 05 18:09:59 localhost bluetit[1890]: Allowing IPv4 173.0.0.0/8 Jul 05 18:09:59 localhost bluetit[1890]: Allowing IPv4 174.0.0.0/7 Jul 05 18:09:59 localhost bluetit[1890]: Allowing IPv4 176.0.0.0/4 Jul 05 18:09:59 localhost bluetit[1890]: Allowing IPv4 192.0.0.0/9 Jul 05 18:09:59 localhost bluetit[1890]: Allowing IPv4 192.128.0.0/11 Jul 05 18:09:59 localhost bluetit[1890]: Allowing IPv4 192.160.0.0/13 Jul 05 18:09:59 localhost bluetit[1890]: Allowing IPv4 192.169.0.0/16 Jul 05 18:09:59 localhost bluetit[1890]: Allowing IPv4 192.170.0.0/15 Jul 05 18:09:59 localhost bluetit[1890]: Allowing IPv4 192.172.0.0/14 Jul 05 18:09:59 localhost bluetit[1890]: Allowing IPv4 192.176.0.0/12 Jul 05 18:09:59 localhost bluetit[1890]: Allowing IPv4 192.192.0.0/10 Jul 05 18:09:59 localhost bluetit[1890]: Allowing IPv4 193.0.0.0/8 Jul 05 18:09:59 localhost bluetit[1890]: Allowing IPv4 194.0.0.0/7 Jul 05 18:09:59 localhost bluetit[1890]: Allowing IPv4 196.0.0.0/6 Jul 05 18:09:59 localhost bluetit[1890]: Allowing IPv4 200.0.0.0/5 Jul 05 18:09:59 localhost bluetit[1890]: Allowing IPv4 208.0.0.0/4 Jul 05 18:09:59 localhost bluetit[1890]: Allowing IPv4 224.0.0.0/3 Jul 05 18:09:59 localhost bluetit[1890]: Allowing IPv6 8000::/2 Jul 05 18:09:59 localhost bluetit[1890]: Allowing IPv6 c000::/3 Jul 05 18:09:59 localhost bluetit[1890]: Allowing IPv6 e000::/4 Jul 05 18:09:59 localhost bluetit[1890]: Allowing IPv6 f000::/5 Jul 05 18:09:59 localhost bluetit[1890]: Allowing IPv6 f800::/6 Jul 05 18:09:59 localhost bluetit[1890]: Allowing IPv6 fc00::/8 Jul 05 18:09:59 localhost bluetit[1890]: Allowing IPv6 fe00::/7 Jul 05 18:09:59 localhost bluetit[1890]: WireGuard end point set to IPv4 91.207.57.117, port 1637 Jul 05 18:09:59 localhost bluetit[1890]: Successfully created WireGuard device tun0 Jul 05 18:09:59 localhost bluetit[1890]: WireGuard interface tun0 set to IPv4 10.131.115.146/32 Jul 05 18:09:59 localhost bluetit[1890]: WireGuard interface tun0 set to IPv6 fd7d:76ee:e68f:a993:487a:1ccd:1> Jul 05 18:09:59 localhost bluetit[1890]: WireGuard interface tun0 successfully configured Jul 05 18:09:59 localhost bluetit[1890]: MTU WireGuard network interface tun0 set to 1320 Jul 05 18:09:59 localhost bluetit[1890]: WireGuard network interface tun0 successfully initialized and ready Jul 05 18:09:59 localhost bluetit[1890]: Adding IPv4 server 91.207.57.117 to network filter Jul 05 18:10:00 localhost bluetit[1890]: Network filter and lock successfully activated Jul 05 18:10:00 localhost bluetit[1890]: Added route IPv4 0.0.0.0/0 dev tun0 Jul 05 18:10:00 localhost bluetit[1890]: Added route IPv6 ::/0 dev tun0 Jul 05 18:10:00 localhost bluetit[1890]: Added route IPv4 0.0.0.0/5 dev tun0 Jul 05 18:10:00 localhost bluetit[1890]: Added route IPv4 8.0.0.0/7 dev tun0 Jul 05 18:10:00 localhost bluetit[1890]: Added route IPv4 11.0.0.0/8 dev tun0 Jul 05 18:10:00 localhost bluetit[1890]: Added route IPv4 12.0.0.0/6 dev tun0 Jul 05 18:10:00 localhost bluetit[1890]: Added route IPv4 16.0.0.0/4 dev tun0 Jul 05 18:10:00 localhost bluetit[1890]: Added route IPv4 32.0.0.0/3 dev tun0 Jul 05 18:10:00 localhost bluetit[1890]: Added route IPv4 64.0.0.0/2 dev tun0 Jul 05 18:10:00 localhost bluetit[1890]: Added route IPv4 128.0.0.0/3 dev tun0 Jul 05 18:10:00 localhost bluetit[1890]: Added route IPv4 160.0.0.0/5 dev tun0 Jul 05 18:10:00 localhost bluetit[1890]: Added route IPv4 168.0.0.0/6 dev tun0 Jul 05 18:10:00 localhost bluetit[1890]: Added route IPv4 172.0.0.0/12 dev tun0 Jul 05 18:10:00 localhost bluetit[1890]: Added route IPv4 172.32.0.0/11 dev tun0 Jul 05 18:10:00 localhost bluetit[1890]: Added route IPv4 172.64.0.0/10 dev tun0 Jul 05 18:10:00 localhost bluetit[1890]: Added route IPv4 172.128.0.0/9 dev tun0 Jul 05 18:10:00 localhost bluetit[1890]: Added route IPv4 173.0.0.0/8 dev tun0 Jul 05 18:10:00 localhost bluetit[1890]: Added route IPv4 174.0.0.0/7 dev tun0 Jul 05 18:10:00 localhost bluetit[1890]: Added route IPv4 176.0.0.0/4 dev tun0 Jul 05 18:10:00 localhost bluetit[1890]: Added route IPv4 192.0.0.0/9 dev tun0 Jul 05 18:10:00 localhost bluetit[1890]: Added route IPv4 192.128.0.0/11 dev tun0 Jul 05 18:10:00 localhost bluetit[1890]: Added route IPv4 192.160.0.0/13 dev tun0 Jul 05 18:10:00 localhost bluetit[1890]: Added route IPv4 192.169.0.0/16 dev tun0 Jul 05 18:10:00 localhost bluetit[1890]: Added route IPv4 192.170.0.0/15 dev tun0 Jul 05 18:10:00 localhost bluetit[1890]: Added route IPv4 192.172.0.0/14 dev tun0 Jul 05 18:10:00 localhost bluetit[1890]: Added route IPv4 192.176.0.0/12 dev tun0 Jul 05 18:10:00 localhost bluetit[1890]: Added route IPv4 192.192.0.0/10 dev tun0 Jul 05 18:10:00 localhost bluetit[1890]: Added route IPv4 193.0.0.0/8 dev tun0 Jul 05 18:10:00 localhost bluetit[1890]: Added route IPv4 194.0.0.0/7 dev tun0 Jul 05 18:10:00 localhost bluetit[1890]: Added route IPv4 196.0.0.0/6 dev tun0 Jul 05 18:10:00 localhost bluetit[1890]: Added route IPv4 200.0.0.0/5 dev tun0 Jul 05 18:10:00 localhost bluetit[1890]: Added route IPv4 208.0.0.0/4 dev tun0 Jul 05 18:10:00 localhost bluetit[1890]: Added route IPv4 224.0.0.0/3 dev tun0 Jul 05 18:10:00 localhost bluetit[1890]: Added route IPv6 8000::/2 dev tun0 Jul 05 18:10:00 localhost bluetit[1890]: Added route IPv6 c000::/3 dev tun0 Jul 05 18:10:00 localhost bluetit[1890]: Added route IPv6 e000::/4 dev tun0 Jul 05 18:10:00 localhost bluetit[1890]: Added route IPv6 f000::/5 dev tun0 Jul 05 18:10:00 localhost bluetit[1890]: Added route IPv6 f800::/6 dev tun0 Jul 05 18:10:00 localhost bluetit[1890]: Added route IPv6 fc00::/8 dev tun0 Jul 05 18:10:00 localhost bluetit[1890]: Added route IPv6 fe00::/7 dev tun0 Jul 05 18:10:00 localhost bluetit[1890]: Added route IPv4 128.0.0.0/1 dev tun0 Jul 05 18:10:00 localhost bluetit[1890]: Added route IPv6 8000::/1 dev tun0 Jul 05 18:10:00 localhost bluetit[1890]: Added route IPv4 91.207.57.117/32 via 192.168.178.1 dev eth0 Jul 05 18:10:00 localhost bluetit[1890]: Successfully initialized WireGuard device tun0 Jul 05 18:10:00 localhost bluetit[1890]: Connected to WireGuard server IPv4 91.207.57.117, port 1637 via tun0 Jul 05 18:10:00 localhost bluetit[1890]: VPN Server has pushed DNS IPv4 10.128.0.1 Jul 05 18:10:00 localhost bluetit[1890]: Setting pushed IPv4 DNS server 10.128.0.1 in resolv.conf Jul 05 18:10:00 localhost bluetit[1890]: VPN Server has pushed DNS IPv6 fd7d:76ee:e68f:a993::1 Jul 05 18:10:00 localhost bluetit[1890]: Setting pushed IPv6 DNS server fd7d:76ee:e68f:a993::1 in resolv.conf Jul 05 18:10:00 localhost bluetit[1890]: Server has pushed its own DNS. Rejecting system DNS from network fil> Jul 05 18:10:00 localhost bluetit[1890]: System IPv4 DNS 84.116.46.20 is now rejected by the network filter Jul 05 18:10:00 localhost bluetit[1890]: System IPv4 DNS 84.116.46.21 is now rejected by the network filter Jul 05 18:10:00 localhost bluetit[1890]: WireGuard connection monitor thread started Jul 05 18:10:00 localhost bluetit[1890]: Connected to AirVPN server Castor, Brussels (Belgium) IP address 91.> Jul 05 18:10:00 localhost bluetit[1890]: Pushed DNS: 10.128.0.1 (IPv4) fd7d:76ee:e68f:a993::1 (IPv6) Jul 05 18:10:00 localhost bluetit[1890]: Connection statistics updater thread started Jul 05 18:10:02 localhost bluetit[1890]: Requested method "bluetit_status -> Bluetit is connected to VPN (Wir> Jul 05 18:10:02 localhost bluetit[1890]: Requested method "stop_connection" Jul 05 18:10:02 localhost bluetit[1890]: Stopping WireGuard synchronous connection Jul 05 18:10:02 localhost bluetit[1890]: WireGuard connection monitor thread terminated Jul 05 18:10:02 localhost bluetit[1890]: Removed route IPv4 0.0.0.0/0 dev tun0 Jul 05 18:10:02 localhost bluetit[1890]: Removed route IPv6 ::/0 dev tun0 Jul 05 18:10:02 localhost bluetit[1890]: Removed route IPv4 0.0.0.0/5 dev tun0 Jul 05 18:10:02 localhost bluetit[1890]: Removed route IPv4 8.0.0.0/7 dev tun0 Jul 05 18:10:02 localhost bluetit[1890]: Removed route IPv4 11.0.0.0/8 dev tun0 Jul 05 18:10:02 localhost bluetit[1890]: Removed route IPv4 12.0.0.0/6 dev tun0 Jul 05 18:10:02 localhost bluetit[1890]: Removed route IPv4 16.0.0.0/4 dev tun0 Jul 05 18:10:02 localhost bluetit[1890]: Removed route IPv4 32.0.0.0/3 dev tun0 Jul 05 18:10:02 localhost bluetit[1890]: Removed route IPv4 64.0.0.0/2 dev tun0 Jul 05 18:10:02 localhost bluetit[1890]: Removed route IPv4 128.0.0.0/3 dev tun0 Jul 05 18:10:02 localhost bluetit[1890]: Removed route IPv4 160.0.0.0/5 dev tun0 Jul 05 18:10:02 localhost bluetit[1890]: Removed route IPv4 168.0.0.0/6 dev tun0 Jul 05 18:10:02 localhost bluetit[1890]: Removed route IPv4 172.0.0.0/12 dev tun0 Jul 05 18:10:02 localhost bluetit[1890]: Removed route IPv4 172.32.0.0/11 dev tun0 Jul 05 18:10:02 localhost bluetit[1890]: Removed route IPv4 172.64.0.0/10 dev tun0 Jul 05 18:10:02 localhost bluetit[1890]: Removed route IPv4 172.128.0.0/9 dev tun0 Jul 05 18:10:02 localhost bluetit[1890]: Removed route IPv4 173.0.0.0/8 dev tun0 Jul 05 18:10:02 localhost bluetit[1890]: Removed route IPv4 174.0.0.0/7 dev tun0 Jul 05 18:10:02 localhost bluetit[1890]: Removed route IPv4 176.0.0.0/4 dev tun0 Jul 05 18:10:02 localhost bluetit[1890]: Removed route IPv4 192.0.0.0/9 dev tun0 Jul 05 18:10:02 localhost bluetit[1890]: Removed route IPv4 192.128.0.0/11 dev tun0 Jul 05 18:10:02 localhost bluetit[1890]: Removed route IPv4 192.160.0.0/13 dev tun0 Jul 05 18:10:02 localhost bluetit[1890]: Removed route IPv4 192.169.0.0/16 dev tun0 Jul 05 18:10:02 localhost bluetit[1890]: Removed route IPv4 192.170.0.0/15 dev tun0 Jul 05 18:10:02 localhost bluetit[1890]: Removed route IPv4 192.172.0.0/14 dev tun0 Jul 05 18:10:02 localhost bluetit[1890]: Removed route IPv4 192.176.0.0/12 dev tun0 Jul 05 18:10:02 localhost bluetit[1890]: Removed route IPv4 192.192.0.0/10 dev tun0 Jul 05 18:10:02 localhost bluetit[1890]: Removed route IPv4 193.0.0.0/8 dev tun0 Jul 05 18:10:02 localhost bluetit[1890]: Removed route IPv4 194.0.0.0/7 dev tun0 Jul 05 18:10:02 localhost bluetit[1890]: Removed route IPv4 196.0.0.0/6 dev tun0 Jul 05 18:10:02 localhost bluetit[1890]: Removed route IPv4 200.0.0.0/5 dev tun0 Jul 05 18:10:02 localhost bluetit[1890]: Removed route IPv4 208.0.0.0/4 dev tun0 Jul 05 18:10:02 localhost bluetit[1890]: Removed route IPv4 224.0.0.0/3 dev tun0 Jul 05 18:10:02 localhost bluetit[1890]: Removed route IPv6 8000::/2 dev tun0 Jul 05 18:10:02 localhost bluetit[1890]: Removed route IPv6 c000::/3 dev tun0 Jul 05 18:10:02 localhost bluetit[1890]: Removed route IPv6 e000::/4 dev tun0 Jul 05 18:10:02 localhost bluetit[1890]: Removed route IPv6 f000::/5 dev tun0 Jul 05 18:10:02 localhost bluetit[1890]: Removed route IPv6 f800::/6 dev tun0 Jul 05 18:10:02 localhost bluetit[1890]: Removed route IPv6 fc00::/8 dev tun0 Jul 05 18:10:02 localhost bluetit[1890]: Removed route IPv6 fe00::/7 dev tun0 Jul 05 18:10:02 localhost bluetit[1890]: Removed route IPv4 128.0.0.0/1 dev tun0 Jul 05 18:10:02 localhost bluetit[1890]: Removed route IPv6 8000::/1 dev tun0 Jul 05 18:10:02 localhost bluetit[1890]: Removed route IPv4 91.207.57.117/32 via 192.168.178.1 dev eth0 Jul 05 18:10:02 localhost bluetit[1890]: Disabling WireGuard network interface tun0 Jul 05 18:10:02 localhost bluetit[1890]: WireGuard network interface tun0 successfully disabled Jul 05 18:10:02 localhost bluetit[1890]: WireGuard successfully disconnected Jul 05 18:10:02 localhost bluetit[1890]: Successfully restored DNS settings Jul 05 18:10:03 localhost bluetit[1890]: Session network filter and lock rollback successful Jul 05 18:10:03 localhost bluetit[1890]: Sending event 'event_disconnected' Jul 05 18:10:03 localhost bluetit[1890]: Connection time: 00:00:02 Jul 05 18:10:03 localhost bluetit[1890]: Total transferred Input data: 6,30 KB Jul 05 18:10:03 localhost bluetit[1890]: Total transferred Output data: 69,80 KB Jul 05 18:10:03 localhost bluetit[1890]: Max Input rate: 1,09 Kbit/s Jul 05 18:10:03 localhost bluetit[1890]: Max Output rate: 2,32 Kbit/s Jul 05 18:10:03 localhost bluetit[1890]: Session network filter and lock are now disabled Jul 05 18:10:03 localhost bluetit[1890]: Sending event 'event_end_of_session' Jul 05 18:10:03 localhost bluetit[1890]: Sending event 'event_end_of_session' Jul 05 18:18:13 localhost bluetit[1890]: Requested method "version" Jul 05 18:18:13 localhost bluetit[1890]: Requested method "openvpn_info" Jul 05 18:18:13 localhost bluetit[1890]: Requested method "openvpn_copyright" Jul 05 18:18:13 localhost bluetit[1890]: Requested method "ssl_library_version" Jul 05 18:18:13 localhost bluetit[1890]: Requested method "wireguard_info" Jul 05 18:18:13 localhost bluetit[1890]: Requested method "reset_bluetit_options -> Bluetit options successfu> Jul 05 18:18:13 localhost bluetit[1890]: Requested method "set_options: client-name (client-name) -> Goldcres> Jul 05 18:18:13 localhost bluetit[1890]: Requested method "set_options: client-user (client-user) -> gerrit" Jul 05 18:18:13 localhost bluetit[1890]: Requested method "set_vpn_profile -> OK" Jul 05 18:18:13 localhost bluetit[1890]: Requested method "start_connection" Jul 05 18:18:13 localhost bluetit[1890]: Network filter and lock are using nftables Jul 05 18:18:13 localhost bluetit[1890]: Kernel module nf_tables is already loaded Jul 05 18:18:13 localhost bluetit[1890]: Network filter successfully initialized Jul 05 18:18:13 localhost bluetit[1890]: Private network is allowed to pass the network filter Jul 05 18:18:13 localhost bluetit[1890]: Ping output is allowed to pass the network filter Jul 05 18:18:13 localhost bluetit[1890]: IPv6 NDP is allowed to pass the network filter Jul 05 18:18:13 localhost bluetit[1890]: OpenVPN connection successfully started Jul 05 18:18:13 localhost bluetit[1890]: Local interface lo - IPv4 127.0.0.1 IPv6 ::1 Jul 05 18:18:13 localhost bluetit[1890]: Local interface eth0 - IPv4 192.168.178.11 IPv6 2001:1c04:508:a800:b> Jul 05 18:18:13 localhost bluetit[1890]: Default IPv4 gateway via 192.168.178.1 dev eth0 Jul 05 18:18:13 localhost bluetit[1890]: Starting OpenVPN synchronous connection Jul 05 18:18:13 localhost bluetit[1890]: OpenVPN3 client successfully created and initialized. Jul 05 18:18:13 localhost bluetit[1890]: TUN persistence is enabled. Jul 05 18:18:13 localhost bluetit[1890]: Allowing system IPv4 DNS 84.116.46.20 to pass through the network fi> Jul 05 18:18:13 localhost bluetit[1890]: Allowing system IPv4 DNS 84.116.46.21 to pass through the network fi> Jul 05 18:18:16 localhost bluetit[1890]: Resolved remote OpenVPN server be3.vpn.airdns.org into IPv4 91.207.5> Jul 05 18:18:16 localhost bluetit[1890]: Successfully set OpenVPN3 client configuration Jul 05 18:18:16 localhost bluetit[1890]: Ping output is allowed to pass the network filter Jul 05 18:18:16 localhost bluetit[1890]: IPv6 NDP is allowed to pass the network filter Jul 05 18:18:16 localhost bluetit[1890]: Starting OpenVPN3 connection thread Jul 05 18:18:16 localhost bluetit[1890]: Connection statistics updater thread started Jul 05 18:18:16 localhost bluetit[1890]: OpenVPN core 3.12 AirVPN (20250606) linux x86_64 64-bit Jul 05 18:18:16 localhost bluetit[1890]: Frame=512/2112/512 mssfix-ctrl=1250 Jul 05 18:18:16 localhost bluetit[1890]: NOTE: This configuration contains options that were not used: Jul 05 18:18:16 localhost bluetit[1890]: Unsupported option (ignored) Jul 05 18:18:16 localhost bluetit[1890]: 0 [resolv-retry] [infinite] Jul 05 18:18:16 localhost bluetit[1890]: 1 [persist-key] Jul 05 18:18:16 localhost bluetit[1890]: 2 [persist-tun] Jul 05 18:18:16 localhost bluetit[1890]: 3 [explicit-exit-notify] [5] Jul 05 18:18:16 localhost bluetit[1890]: 4 [data-ciphers-fallback] [AES-256-CBC] Jul 05 18:18:16 localhost bluetit[1890]: EVENT: RESOLVE Jul 05 18:18:16 localhost bluetit[1890]: Setting up network filter and lock Jul 05 18:18:16 localhost bluetit[1890]: Adding IPv4 server 91.207.57.117 to network filter Jul 05 18:18:16 localhost bluetit[1890]: Network filter and lock successfully activated Jul 05 18:18:16 localhost bluetit[1890]: Contacting 91.207.57.117:443 via UDP Jul 05 18:18:16 localhost bluetit[1890]: EVENT: WAIT Jul 05 18:18:16 localhost bluetit[1890]: Connecting to [91.207.57.117]:443 (91.207.57.117) via UDP Jul 05 18:18:16 localhost bluetit[1890]: EVENT: CONNECTING Jul 05 18:18:16 localhost bluetit[1890]: Tunnel Options:V4,dev-type tun,link-mtu 1586,tun-mtu 1500,proto UDPv> Jul 05 18:18:16 localhost bluetit[1890]: Sending Peer Info: IV_VER=3.12 AirVPN (20250606) IV_PLAT=linux IV_TCPNL=1 IV_PROTO=8094 IV_MTU=1600 IV_CIPHERS=AES-256-GCM:AES-256-CBC:AES-192-GCM:AES-192-CBC:AES-128-G> IV_LZO_STUB=1 IV_COMP_STUB=1 IV_COMP_STUBv2=1 IV_SSL=OpenSSL 3.1.4 24 Oct 2023 UV_IPV6=yes IV_GUI_VER=Bluetit - AirVPN WireGuard/OpenVPN3 Service 2.0.0 RC 2 IV_BS64DL=1 Jul 05 18:18:17 localhost bluetit[1890]: TLS Handshake: peer certificate: CN=Castor, 4096 bit RSA, cipher: TL> Jul 05 18:18:17 localhost bluetit[1890]: Session is ACTIVE Jul 05 18:18:17 localhost bluetit[1890]: EVENT: GET_CONFIG Jul 05 18:18:17 localhost bluetit[1890]: Sending PUSH_REQUEST to server... Jul 05 18:18:17 localhost bluetit[1890]: OPTIONS: 0 [comp-lzo] [no] 1 [redirect-gateway] [ipv6] [def1] [bypass-dhcp] 2 [dhcp-option] [DNS] [10.12.230.1] 3 [dhcp-option] [DNS6] [fde6:7a:7d20:8e6::1] 4 [tun-ipv6] 5 [route-gateway] [10.12.230.1] 6 [topology] [subnet] 7 [ping] [10] 8 [ping-restart] [60] 9 [ifconfig-ipv6] [fde6:7a:7d20:8e6::10c6/64] [fde6:7a:7d20:8e6::1] 10 [ifconfig] [10.12.230.200] [255.255.255.0] 11 [peer-id] [3] 12 [cipher] [AES-256-GCM] Jul 05 18:18:17 localhost bluetit[1890]: PROTOCOL OPTIONS: key-derivation: OpenVPN PRF compress: LZO_STUB control channel: tls-crypt enabled data channel: cipher AES-256-GCM, peer-id 3 Jul 05 18:18:17 localhost bluetit[1890]: EVENT: ASSIGN_IP Jul 05 18:18:17 localhost bluetit[1890]: VPN Server has pushed IPv4 DNS server 10.12.230.1 Jul 05 18:18:17 localhost bluetit[1890]: Setting pushed IPv4 DNS server 10.12.230.1 in resolv.conf Jul 05 18:18:17 localhost bluetit[1890]: VPN Server has pushed IPv6 DNS server fde6:7a:7d20:8e6::1 Jul 05 18:18:17 localhost bluetit[1890]: Setting pushed IPv6 DNS server fde6:7a:7d20:8e6::1 in resolv.conf Jul 05 18:18:17 localhost bluetit[1890]: net_route_best_gw query IPv4: 91.207.57.117/32 Jul 05 18:18:17 localhost bluetit[1890]: sitnl_route_best_gw result: via 192.168.178.1 dev eth0 Jul 05 18:18:17 localhost bluetit[1890]: net_iface_mtu_set: mtu 1500 for tun0 Jul 05 18:18:17 localhost bluetit[1890]: net_iface_up: set tun0 up Jul 05 18:18:17 localhost bluetit[1890]: net_addr_add: 10.12.230.200/24 brd 10.12.230.255 dev tun0 Jul 05 18:18:17 localhost bluetit[1890]: net_addr_add: fde6:7a:7d20:8e6::10c6/64 dev tun0 Jul 05 18:18:17 localhost bluetit[1890]: net_route_add: 91.207.57.117/32 via 192.168.178.1 dev eth0 table 0 m> Jul 05 18:18:17 localhost bluetit[1890]: net_route_add: 0.0.0.0/1 via 10.12.230.1 dev tun0 table 0 metric 0 Jul 05 18:18:17 localhost bluetit[1890]: net_route_add: 128.0.0.0/1 via 10.12.230.1 dev tun0 table 0 metric 0 Jul 05 18:18:17 localhost bluetit[1890]: net_route_add: ::/1 via fde6:7a:7d20:8e6::1 dev tun0 table 0 metric 0 Jul 05 18:18:17 localhost bluetit[1890]: net_route_add: 8000::/1 via fde6:7a:7d20:8e6::1 dev tun0 table 0 met> Jul 05 18:18:17 localhost bluetit[1890]: TunPersist: saving tun context: Session Name: 91.207.57.117 Layer: OSI_LAYER_3 Remote Address: 91.207.57.117 Tunnel Addresses: 10.12.230.200/24 -> 10.12.230.1 fde6:7a:7d20:8e6::10c6/64 -> fde6:7a:7d20:8e6::1 [IPv6] Reroute Gateway: IPv4=1 IPv6=1 flags=[ ENABLE REROUTE_GW DEF1 BYPASS> Block IPv4: no Block IPv6: no Block local DNS: no Add Routes: Exclude Routes: DNS Servers: Priority: 0 Addresses: 10.12.230.1 fde6:7a:7d20:8e6::1 Values from dhcp-options: true Jul 05 18:18:17 localhost bluetit[1890]: Connected via tun Jul 05 18:18:17 localhost bluetit[1890]: LZO-ASYM init swap=0 asym=1 Jul 05 18:18:17 localhost bluetit[1890]: Comp-stub init swap=0 Jul 05 18:18:17 localhost bluetit[1890]: EVENT: CONNECTED 91.207.57.117:443 (91.207.57.117) via /UDP on tun/1> Jul 05 18:18:17 localhost bluetit[1890]: Server has pushed its own DNS. Rejecting system DNS from network fil> Jul 05 18:18:17 localhost bluetit[1890]: System IPv4 DNS 84.116.46.20 is now rejected by the network filter Jul 05 18:18:17 localhost bluetit[1890]: System IPv4 DNS 84.116.46.21 is now rejected by the network filter Jul 05 18:18:17 localhost bluetit[1890]: Connected to AirVPN server Castor, Brussels (Belgium) IP address 91.> Jul 05 18:18:17 localhost bluetit[1890]: Pushed DNS: 10.12.230.1 (IPv4) fde6:7a:7d20:8e6::1 (IPv6) Jul 05 18:18:47 localhost bluetit[1890]: Requested method "bluetit_status -> Bluetit is connected to VPN (Ope> Jul 05 18:18:47 localhost bluetit[1890]: Requested method "stop_connection" Jul 05 18:18:47 localhost bluetit[1890]: Stopping OpenVPN synchronous connection Jul 05 18:18:47 localhost bluetit[1890]: Connection statistics updater thread terminated Jul 05 18:18:47 localhost systemd[1]: bluetit.service: Main process exited, code=dumped, status=11/SEGV ░░ Subject: Unit process exited ░░ Defined-By: systemd ░░ Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel ░░ ░░ An ExecStart= process belonging to unit bluetit.service has exited. ░░ ░░ The process' exit code is 'dumped' and its exit status is 11. Jul 05 18:18:47 localhost systemd[1]: bluetit.service: Failed with result 'core-dump'. ░░ Subject: Unit failed ░░ Defined-By: systemd ░░ Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel ░░ ░░ The unit bluetit.service has entered the 'failed' state with result 'core-dump'. Jul 05 18:18:47 localhost systemd[1]: bluetit.service: Consumed 5.589s CPU time. ░░ Subject: Resources consumed by unit runtime ░░ Defined-By: systemd ░░ Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel ░░ ░░ The unit bluetit.service completed and consumed the indicated resources. Jul 05 18:21:42 localhost systemd[1]: Starting AirVPN Bluetit Daemon... ░░ Subject: A start job for unit bluetit.service has begun execution ░░ Defined-By: systemd ░░ Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel ░░ ░░ A start job for unit bluetit.service has begun execution. ░░ ░░ The job identifier is 3689. Jul 05 18:21:42 localhost bluetit[11565]: Starting Bluetit - AirVPN WireGuard/OpenVPN3 Service 2.0.0 RC 2 - 9> Jul 05 18:21:42 localhost bluetit[11565]: OpenVPN core 3.12 AirVPN (20250606) linux x86_64 64-bit Jul 05 18:21:42 localhost bluetit[11565]: Copyright (C) 2012- OpenVPN Inc. All rights reserved. Jul 05 18:21:42 localhost bluetit[11565]: SSL Library: OpenSSL 3.1.4 24 Oct 2023 Jul 05 18:21:42 localhost bluetit[11565]: AirVPN WireGuard Client 2.0.0 Linux x86_64 64-bit Jul 05 18:21:42 localhost systemd[1]: bluetit.service: Can't open PID file /etc/airvpn/bluetit.lock (yet?) af> Jul 05 18:21:42 localhost systemd[1]: bluetit.service: Supervising process 11576 which is not our child. We'l> Jul 05 18:21:42 localhost bluetit[11576]: Bluetit daemon started with PID 11576 Jul 05 18:21:42 localhost bluetit[11576]: Reading run control directives from file /etc/airvpn/bluetit.rc Jul 05 18:21:42 localhost bluetit[11576]: External network is reachable via IPv4 gateway 192.168.178.1 throug> Jul 05 18:21:42 localhost bluetit[11576]: Successfully connected to D-Bus Jul 05 18:21:42 localhost systemd[1]: Started AirVPN Bluetit Daemon. ░░ Subject: A start job for unit bluetit.service has finished successfully ░░ Defined-By: systemd ░░ Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel ░░ ░░ A start job for unit bluetit.service has finished successfully. ░░ ░░ The job identifier is 3689. Jul 05 18:21:42 localhost bluetit[11576]: IPv6 is available in this system Jul 05 18:21:42 localhost bluetit[11576]: Creating AirVPN Boot server list Jul 05 18:21:42 localhost bluetit[11576]: Added server http://63.33.78.166 Jul 05 18:21:42 localhost bluetit[11576]: Added server http://54.93.175.114 Jul 05 18:21:42 localhost bluetit[11576]: Added server http://82.196.3.205 Jul 05 18:21:42 localhost bluetit[11576]: Added server http://63.33.116.50 Jul 05 18:21:42 localhost bluetit[11576]: Added server http://[2a03:b0c0:0:1010::9b:c001] Jul 05 18:21:42 localhost bluetit[11576]: Added server http://bootme.org Jul 05 18:22:07 localhost bluetit[11576]: Boot server http://bootme.org cannot be resolved Jul 05 18:22:07 localhost bluetit[11576]: AirVPN Boot server list successfully created. Added 6 servers. Jul 05 18:22:07 localhost bluetit[11576]: Default VPN type for AirVPN connections is set to WireGuard Jul 05 18:22:07 localhost bluetit[11576]: Use of user VPN profiles is enabled by Bluetit policy Jul 05 18:22:07 localhost bluetit[11576]: Bluetit successfully initialized and ready Jul 05 18:22:07 localhost bluetit[11576]: Scanning for system DNS addresses Jul 05 18:22:07 localhost bluetit[11576]: Found system IPv4 DNS 10.12.230.1 Jul 05 18:22:07 localhost bluetit[11576]: Found 1 system DNS address Jul 05 18:22:07 localhost bluetit[11576]: Bluetit did not exit gracefully on its last run or has been killed. Jul 05 18:22:07 localhost bluetit[11576]: Run recover network procedure by using Bluetit client option --reco> Jul 05 18:22:07 localhost bluetit[11576]: ERROR: Connection to AirVPN's ipleak.net cancelled. It seems Blueti> Your system may not be working properly and your network connection> Jul 05 18:22:07 localhost bluetit[11576]: AirVPN Manifest updater thread started Jul 05 18:22:07 localhost bluetit[11576]: Default AirVPN Manifest update interval is 15 minutes Jul 05 18:22:07 localhost bluetit[11576]: AirVPN Manifest update suspended: System needs network recovery Jul 05 18:22:07 localhost bluetit[11576]: Trying to load the local instance of AirVPN Manifest Jul 05 18:22:07 localhost bluetit[11576]: AirVPN Manifest successfully retrieved from local instance Jul 05 18:22:22 localhost bluetit[11576]: Requested method "version" Jul 05 18:22:22 localhost bluetit[11576]: Requested method "openvpn_info" Jul 05 18:22:23 localhost bluetit[11576]: Requested method "openvpn_copyright" Jul 05 18:22:23 localhost bluetit[11576]: Requested method "ssl_library_version" Jul 05 18:22:23 localhost bluetit[11576]: Requested method "wireguard_info" Jul 05 18:22:23 localhost bluetit[11576]: Requested method "reset_bluetit_options -> Bluetit options successf> Jul 05 18:22:23 localhost bluetit[11576]: Requested method "set_options: client-name (client-name) -> Goldcre> Jul 05 18:22:23 localhost bluetit[11576]: Requested method "set_options: client-user (client-user) -> gerrit" Jul 05 18:22:23 localhost bluetit[11576]: Requested method "set_vpn_profile -> ERROR: Cannot set VPN profile.> Your system may not be working properly and your network connection> " Jul 05 18:22:35 localhost bluetit[11576]: Requested method "version" Jul 05 18:22:35 localhost bluetit[11576]: Requested method "openvpn_info" Jul 05 18:22:35 localhost bluetit[11576]: Requested method "openvpn_copyright" Jul 05 18:22:35 localhost bluetit[11576]: Requested method "ssl_library_version" Jul 05 18:22:35 localhost bluetit[11576]: Requested method "wireguard_info" Jul 05 18:22:35 localhost bluetit[11576]: Successfully restored DNS settings Jul 05 18:22:35 localhost bluetit[11576]: Scanning for system DNS addresses Jul 05 18:22:35 localhost bluetit[11576]: Found system IPv4 DNS 84.116.46.20 Jul 05 18:22:35 localhost bluetit[11576]: Found system IPv4 DNS 84.116.46.21 Jul 05 18:22:35 localhost bluetit[11576]: Found 2 system DNS addresses Jul 05 18:22:35 localhost bluetit[11576]: Network filter successfully restored Jul 05 18:22:35 localhost bluetit[11576]: Updating AirVPN Manifest Jul 05 18:22:35 localhost bluetit[11576]: Requested method "recover_network -> Successfully restored DNS and > Jul 05 18:22:35 localhost bluetit[11576]: Sending event 'event_end_of_session' Jul 05 18:22:35 localhost bluetit[11576]: Trying connection to AirVPN bootstrap server at http://63.33.78.166 Jul 05 18:22:36 localhost bluetit[11576]: Boot server http://bootme.org resolved into IPv6 2a03:b0c0:0:1010::> Jul 05 18:22:36 localhost bluetit[11576]: AirVPN Manifest successfully retrieved from server Jul 05 18:22:36 localhost bluetit[11576]: AirVPN Manifest update interval is now set to 30 minutes lines 657-685/685 (END) Goldcrest - AirVPN Bluetit Client 2.0.0 RC 2 - 9 June 2025 2025-07-05 18:18:13 Reading run control directives from file /home/gerrit/.config/goldcrest.rc 2025-07-05 18:18:13 Bluetit - AirVPN WireGuard/OpenVPN3 Service 2.0.0 RC 2 - 9 June 2025 2025-07-05 18:18:13 OpenVPN core 3.12 AirVPN (20250606) linux x86_64 64-bit 2025-07-05 18:18:13 Copyright (C) 2012- OpenVPN Inc. All rights reserved. 2025-07-05 18:18:13 OpenSSL 3.1.4 24 Oct 2023 2025-07-05 18:18:13 AirVPN WireGuard Client 2.0.0 Linux x86_64 64-bit 2025-07-05 18:18:13 Bluetit options successfully reset 2025-07-05 18:18:13 Requesting VPN connection to Bluetit 2025-07-05 18:18:13 Network filter and lock are using nftables 2025-07-05 18:18:13 Kernel module nf_tables is already loaded 2025-07-05 18:18:13 Network filter successfully initialized 2025-07-05 18:18:13 Private network is allowed to pass the network filter 2025-07-05 18:18:13 Ping output is allowed to pass the network filter 2025-07-05 18:18:13 IPv6 NDP is allowed to pass the network filter 2025-07-05 18:18:13 Local interface lo - IPv4 127.0.0.1 IPv6 ::1 2025-07-05 18:18:13 Local interface eth0 - IPv4 192.168.178.11 IPv6 2001:1c04:508:a800:b260:b657:ae5d:6d7e IPv6 2001:1c04:508:a800:aaa1:59ff:fe2f:523e IPv6 fe80::aaa1:59ff:fe2f:523e 2025-07-05 18:18:13 Default IPv4 gateway via 192.168.178.1 dev eth0 2025-07-05 18:18:13 Starting OpenVPN synchronous connection 2025-07-05 18:18:13 TUN persistence is enabled. 2025-07-05 18:18:13 Allowing system IPv4 DNS 84.116.46.20 to pass through the network filter 2025-07-05 18:18:13 Allowing system IPv4 DNS 84.116.46.21 to pass through the network filter 2025-07-05 18:18:16 Resolved remote OpenVPN server be3.vpn.airdns.org into IPv4 91.207.57.117 2025-07-05 18:18:16 Ping output is allowed to pass the network filter 2025-07-05 18:18:16 OpenVPN core 3.12 AirVPN (20250606) linux x86_64 64-bit 2025-07-05 18:18:16 Frame=512/2112/512 mssfix-ctrl=1250 2025-07-05 18:18:16 NOTE: This configuration contains options that were not used: 2025-07-05 18:18:16 Unsupported option (ignored) 2025-07-05 18:18:16 0 [resolv-retry] [infinite] 2025-07-05 18:18:16 1 [persist-key] 2025-07-05 18:18:16 2 [persist-tun] 2025-07-05 18:18:16 3 [explicit-exit-notify] [5] 2025-07-05 18:18:16 4 [data-ciphers-fallback] [AES-256-CBC] 2025-07-05 18:18:16 EVENT: RESOLVE 2025-07-05 18:18:16 Setting up network filter and lock 2025-07-05 18:18:16 Adding IPv4 server 91.207.57.117 to network filter 2025-07-05 18:18:16 Network filter and lock successfully activated 2025-07-05 18:18:16 Contacting 91.207.57.117:443 via UDP 2025-07-05 18:18:16 EVENT: WAIT 2025-07-05 18:18:16 Connecting to [91.207.57.117]:443 (91.207.57.117) via UDP 2025-07-05 18:18:16 EVENT: CONNECTING 2025-07-05 18:18:16 Tunnel Options:V4,dev-type tun,link-mtu 1586,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA512,keysize 128,key-method 2,tls-client 2025-07-05 18:18:16 Sending Peer Info: IV_VER=3.12 AirVPN (20250606) IV_PLAT=linux IV_TCPNL=1 IV_PROTO=8094 IV_MTU=1600 IV_CIPHERS=AES-256-GCM:AES-256-CBC:AES-192-GCM:AES-192-CBC:AES-128-GCM:AES-128-CBC:BF-CBC IV_LZO_STUB=1 IV_COMP_STUB=1 IV_COMP_STUBv2=1 IV_SSL=OpenSSL 3.1.4 24 Oct 2023 UV_IPV6=yes IV_GUI_VER=Bluetit - AirVPN WireGuard/OpenVPN3 Service 2.0.0 RC 2 IV_BS64DL=1 2025-07-05 18:18:17 TLS Handshake: peer certificate: CN=Castor, 4096 bit RSA, cipher: TLS_CHACHA20_POLY1305_SHA256 TLSv1.3 Kx=any Au=any Enc=CHACHA20/POLY1305(256) Mac=AEAD, key-agreement: x25519 2025-07-05 18:18:17 Session is ACTIVE 2025-07-05 18:18:17 EVENT: GET_CONFIG 2025-07-05 18:18:17 Sending PUSH_REQUEST to server... 2025-07-05 18:18:17 OPTIONS: 0 [comp-lzo] [no] 1 [redirect-gateway] [ipv6] [def1] [bypass-dhcp] 2 [dhcp-option] [DNS] [10.12.230.1] 3 [dhcp-option] [DNS6] [fde6:7a:7d20:8e6::1] 4 [tun-ipv6] 5 [route-gateway] [10.12.230.1] 6 [topology] [subnet] 7 [ping] [10] 8 [ping-restart] [60] 9 [ifconfig-ipv6] [fde6:7a:7d20:8e6::10c6/64] [fde6:7a:7d20:8e6::1] 10 [ifconfig] [10.12.230.200] [255.255.255.0] 11 [peer-id] [3] 12 [cipher] [AES-256-GCM] 2025-07-05 18:18:17 PROTOCOL OPTIONS: key-derivation: OpenVPN PRF compress: LZO_STUB control channel: tls-crypt enabled data channel: cipher AES-256-GCM, peer-id 3 2025-07-05 18:18:17 EVENT: ASSIGN_IP 2025-07-05 18:18:17 VPN Server has pushed IPv4 DNS server 10.12.230.1 2025-07-05 18:18:17 Setting pushed IPv4 DNS server 10.12.230.1 in resolv.conf 2025-07-05 18:18:17 VPN Server has pushed IPv6 DNS server fde6:7a:7d20:8e6::1 2025-07-05 18:18:17 Setting pushed IPv6 DNS server fde6:7a:7d20:8e6::1 in resolv.conf 2025-07-05 18:18:17 net_route_best_gw query IPv4: 91.207.57.117/32 2025-07-05 18:18:17 sitnl_route_best_gw result: via 192.168.178.1 dev eth0 2025-07-05 18:18:17 net_iface_mtu_set: mtu 1500 for tun0 2025-07-05 18:18:17 net_iface_up: set tun0 up 2025-07-05 18:18:17 net_addr_add: 10.12.230.200/24 brd 10.12.230.255 dev tun0 2025-07-05 18:18:17 net_addr_add: fde6:7a:7d20:8e6::10c6/64 dev tun0 2025-07-05 18:18:17 net_route_add: 91.207.57.117/32 via 192.168.178.1 dev eth0 table 0 metric 0 2025-07-05 18:18:17 net_route_add: 0.0.0.0/1 via 10.12.230.1 dev tun0 table 0 metric 0 2025-07-05 18:18:17 net_route_add: 128.0.0.0/1 via 10.12.230.1 dev tun0 table 0 metric 0 2025-07-05 18:18:17 net_route_add: ::/1 via fde6:7a:7d20:8e6::1 dev tun0 table 0 metric 0 2025-07-05 18:18:17 net_route_add: 8000::/1 via fde6:7a:7d20:8e6::1 dev tun0 table 0 metric 0 2025-07-05 18:18:17 TunPersist: saving tun context: Session Name: 91.207.57.117 Layer: OSI_LAYER_3 Remote Address: 91.207.57.117 Tunnel Addresses: 10.12.230.200/24 -> 10.12.230.1 fde6:7a:7d20:8e6::10c6/64 -> fde6:7a:7d20:8e6::1 [IPv6] Reroute Gateway: IPv4=1 IPv6=1 flags=[ ENABLE REROUTE_GW DEF1 BYPASS_DHCP IPv4 IPv6 ] Block IPv4: no Block IPv6: no Block local DNS: no Add Routes: Exclude Routes: DNS Servers: Priority: 0 Addresses: 10.12.230.1 fde6:7a:7d20:8e6::1 Values from dhcp-options: true 2025-07-05 18:18:17 Connected via tun 2025-07-05 18:18:17 LZO-ASYM init swap=0 asym=1 2025-07-05 18:18:17 Comp-stub init swap=0 2025-07-05 18:18:17 EVENT: CONNECTED 91.207.57.117:443 (91.207.57.117) via /UDP on tun/10.12.230.200/fde6:7a:7d20:8e6::10c6 gw=[10.12.230.1/fde6:7a:7d20:8e6::1] mtu=(default) 2025-07-05 18:18:17 Server has pushed its own DNS. Rejecting system DNS from network filter. 2025-07-05 18:18:17 System IPv4 DNS 84.116.46.20 is now rejected by the network filter 2025-07-05 18:18:17 System IPv4 DNS 84.116.46.21 is now rejected by the network filter 2025-07-05 18:18:17 Connected to AirVPN server Castor, Brussels (Belgium) IP address 91.207.57.117 - VPN Type OpenVPN - Port 443 - Protocol UDP - Cipher AES-256-GCM 2025-07-05 18:18:17 Pushed DNS: 10.12.230.1 (IPv4) fde6:7a:7d20:8e6::1 (IPv6) ^C2025-07-05 18:18:47 Caught Onderbroken signal. Terminating. 2025-07-05 18:18:47 Requesting VPN connection termination to Bluetit 2025-07-05 18:18:47 ERROR: D-Bus service org.airvpn.server is not available. Please check whether Bluetit service (daemon) is running. gerrit@localhost:/usr/local/bin> ./goldcrest AirVPN_Belgium_UDP-443-Entry3.ovpn Goldcrest - AirVPN Bluetit Client 2.0.0 RC 2 - 9 June 2025 2025-07-05 18:19:00 Reading run control directives from file /home/gerrit/.config/goldcrest.rc 2025-07-05 18:19:00 ERROR: D-Bus service org.airvpn.server is not available. Please check whether Bluetit service (daemon) is running. gerrit@localhost:/usr/local/bin> ./goldcrest --recover-network Goldcrest - AirVPN Bluetit Client 2.0.0 RC 2 - 9 June 2025 2025-07-05 18:19:48 Reading run control directives from file /home/gerrit/.config/goldcrest.rc 2025-07-05 18:19:48 ERROR: D-Bus service org.airvpn.server is not available. Please check whether Bluetit service (daemon) is running. gerrit@localhost:/usr/local/bin>

I wouldn't say that, seeing as the project seemingly recommends using its own Linux kernel module, so only specialized projects may pull this out-of-tree module and compile it into their kernels. On a standard router, maybe even if you flash it with specialized ROMs like OpenWrt, you may find Wireguard, but not AmneziaWG. It also seems to need its own forks of standard Wireguard tools which you probably won't find in some distribution families. Maybe Debian at some point, later Ubuntu, and maybe maybe Fedora. On Arch, it might surface on the AUR (or probably is), and on SuSE on the OBS. Red Hat will never adopt it, and if Enterprise is not really interested, you get into a situation where single developers, or a single group of devs, are maintaining something used commercially again. It is not sustainable; you'll never know if it'll still be there in 5 years, or if internal disputes won't force the project to be forked and developed under a different name. But standard Wireguard is developed by well-known researchers, right in the kernel, and garnered enough commercial interest that some consumer networking companies implemented it as a feature. Wireguard is sustainable. AmneziaWG is not. It will never replace standard Wireguard. Besides, the aim of Wireguard is not privacy. And most people around the forums (by topics created in the forums, at least) use the VPN not for the privacy aspect but because they want to torrent. What they're looking for is performance. You don't need AmneziaWG for that. What I'm concerned about is the relationship Wireguard <> AmneziaWG. AmneziaWG would have the obligation to behave in a way a standard Wireguard behaves if server and client differ. I don't know how Wireguard will react if those fixed parameters talked about in the docs are altered. Maybe it's not even a problem, since AmneziaWG clients can connect here normally. At least according to some threads it doesn't seem to be a problem. Dunno. But, no, a replacement is highly unlikely, both generally and specifically on AirVPN.

It looks like the graphs on the status page aren't working for this server? edit: ctrl+f5 did the trick, sorry

Hello! After the hardware replacement the server is apparently working very well. Should you find any anomaly do not hesitate to warn us and/or update this thread. Kind regards

Working Well Now. Tried maximizing both upload and download in parallel, and it worked like a charm! Tzulo servers are excellent in my opinion. New York-based Tzulo servers also perform really well.

Hello, I have problems when downloading with AirVPN on Ubuntu 16.04 using OpenVPN client. I have tried switching to other VPN servers, but still have problems with the download speed. The speed often goes to zero and sometimes it goes up, but then quickly drops to zero again. For example it goes up to 1.1Mbit and then slowly goes back to zero. And 1.1Mbit is not even close to my actual network speed. When I disable openvpn the download speed is back to normal. Any ideas why this is happening? Cheers!

I wasn't sure about airvpn at first, but now I'm in love with this service!

Appreciate the update!

Can confirm and will also provide some info that may be useful: 1. Ping is horrible no matter what is done (I usually get ~35 ping to Stockholm, on Ain I get 100-180) 2. Something may be wrong with the MTU of the server, because on 1400 MTU I get 2 mbit/s download, with 1280 I get 450 mbit/s. I have no problem with 1400 MTU on other servers

Happy Birthday!! I am a brand new client. Hope to have a great and productive relationship with you into the future. Paul Keller

RESOLVED. I logged out from the eddie and logged in as I renewed my private keys. Now everything works. Thanks to the suggestion provided by the staff in another thread.

Hello! Starting from version 2.3, firewalld by default owns exclusively nftables tables generated by itself, thus preventing Eddie, Bluetit and Hummingbird Network Lock related operations. If you want to have Network Lock enabled and firewalld running at the same time, then you must configure firewalld by setting the following option: NftablesTableOwner=no in firewalld's configuration file, usually /etc/firewalld/firewalld.conf . After you have edited the configuration file with any text editor with root privileges, reload firewalld configuration or restart firewalld, and only then (re)start Bluetit, Hummingbird or Eddie. Additional insights: https://discussion.fedoraproject.org/t/firewalld-add-flags-owner-persist-in-fedora-42/148835 https://forums.rockylinux.org/t/rocky-9-5-breaks-netfilter/16551 Kind regards

I think Keenetic supports AmneziaWG natively now. You can try appending junk packets settings to fool DPI to make it work. Instruction is here: https://docs.amnezia.org/documentation/instructions/keenetic-os-awg/ At the step 23, since you don't have unique AmneziaWG settings as you would have if you self-hosted it, you need to set them in the way that is compatible with normal Wireguard. Example could be: interface Wireguard1 wireguard asc 8 50 1000 0 0 1 2 3 4

I missed package libcap-progs But still error; localhost:/usr/local/bin> ./goldcrest AirVPN_Belgium_UDP-1637-Entry3.conf Goldcrest - AirVPN Bluetit Client 2.0.0 beta 4 - 14 February 2025 2025-02-15 11:49:25 Reading run control directives from file /home/gerrit/.config/goldcrest.rc 2025-02-15 11:49:25 Bluetit - AirVPN WireGuard/OpenVPN3 Service 2.0.0 beta 4 - 14 February 2025 2025-02-15 11:49:25 OpenVPN core 3.11 AirVPN (20250206) linux x86_64 64-bit 2025-02-15 11:49:25 Copyright (C) 2012- OpenVPN Inc. All rights reserved. 2025-02-15 11:49:25 OpenSSL 3.1.4 24 Oct 2023 2025-02-15 11:49:25 AirVPN WireGuard Client 2.0.0 Linux x86_64 64-bit 2025-02-15 11:49:25 Bluetit options successfully reset 2025-02-15 11:49:25 Requesting VPN connection to Bluetit 2025-02-15 11:49:25 Network filter and lock are using nftables 2025-02-15 11:49:25 Kernel module nf_tables is already loaded 2025-02-15 11:49:25 Network filter successfully initialized 2025-02-15 11:49:25 Private network is allowed to pass the network filter 2025-02-15 11:49:25 ERROR: Cannot start WireGuard connection. Client name and user name (system login name) not pro vided. 2025-02-15 11:49:25 Bluetit session terminated

Hello! The unpacking will restore the old files with the wrong ownership, so the problem will likely re-appear when you re-install. The problem is still the same, but for another file: E 2025.01.29 21:21:14 - WireGuard > Error: Executable '/Applications/Eddie.app/Contents/MacOS/wg' not allowed: Not owned by root; Please change ownership of this file too and any other file in case of additional errors of the same type: sudo chown root /Applications/Eddie.app/Contents/MacOS/wg sudo chown root /Applications/Eddie.app/Contents/MacOS/wireguard-go Kind regards

It would probably be faster for everyone to simply show you my stack: # This is a P2P demonstration stack template which has been tested to work well with AirVPN as of January 2025. # Use AirVPN's config generator to obtain your specific values (https://airvpn.org/generator). Make sure to specify your device. # Remember that the indentation of a Docker Compose file is important. services: gluetun: image: qmcgaw/gluetun:latest container_name: gluetun cap_add: - NET_ADMIN devices: - /dev/net/tun:/dev/net/tun environment: - VPN_SERVICE_PROVIDER=airvpn - VPN_TYPE=wireguard - WIREGUARD_PUBLIC_KEY= # copy from config file - WIREGUARD_PRIVATE_KEY= # copy from config file - WIREGUARD_PRESHARED_KEY= # copy from config file - WIREGUARD_ADDRESSES= # copy from config file - SERVER_REGIONS= # optional, comma seperated list, no spaces after commas, make sure it matches the config you created - SERVER_COUNTRIES= # optional, comma seperated list, no spaces after commas, make sure it matches the config you created - SERVER_CITIES= # optional, comma seperated list, no spaces after commas, make sure it matches the config you created - FIREWALL_VPN_INPUT_PORTS= # mandatory, the port number AirVPN forwarded for you (from pool #1) should appear here - TZ= # choose timezone value from list at https://en.wikipedia.org/wiki/List_of_tz_database_time_zones (e.g.: Asia/Tokyo) ports: - 8080:8080 # qbittorrent web GUI, port number can be changed BUT it must match WEBUI_PORT in qbittorrent service environment - (port forwarded from AirVPN):(port forwarded from AirVPN) # also place in TORRENTING_PORT field in qbittorrent service environment restart: unless-stopped qbittorrent: image: lscr.io/linuxserver/qbittorrent:latest container_name: qbittorrent depends_on: gluetun: condition: service_healthy restart: true environment: - PUID= # your desired user's number - PGID= # your desired user's group number - TZ= # choose timezone value from list at https://en.wikipedia.org/wiki/List_of_tz_database_time_zones - WEBUI_PORT=8080 # must match "qbittorrent web GUI" port number in gluetun's service above - TORRENTING_PORT=(port forwarded from AirVPN) # must match forwarded port number in gluetun's service above volumes: - /mnt/(your folder structure here):/config # directory you want to save your qbittorrent config files - /mnt/(your folder structure here):/downloads # qbittorrent download location restart: unless-stopped network_mode: "service:gluetun" # this is what forces qbittorrent to only use the VPN connection from gluetun Hope this helps!

Airvpn has been pretty nice. Have had it for a few years. Need to make one more content item so I can edit my username. So there's that. Thanks, Airvpn.

Airvpn is dope. Had it for a while too. Also need one more content item to edit my username. Thanks, Airvpn.

content

Thank you AirVPN! I love you!!!

Thank you so much for your touching words and stellar feedback. And for your commitment in so many years. However, were you really under the illusion that you could escape so easily? Kind regards

Thanks for the fast reply! I will look into it. EDIT: For future readers: the link above was exactly my problem. I fixed by delaying the health check to 2 minutes. Apparently this is used for OpenVPN only anyway. Since I use Wireguard it doesn't matter. I added the following line to the environment in the gluetun docker-compose. 12 hours it's still running perfectly. HEALTH_VPN_DURATION_INITIAL=120s

Ok, I solved the problem and I think my experience can maybe be of any help to someone else, so I'll share. In my case, simply, it was all due to my firewall rules: analysing the log files and the traffic on the network, I noticed a lot of ICMP (=ping) requests by the process "NT System and Kernel". I allowed it and instantly latencies appeared in AirVPN.

And this is why AirVPN is THE Vpn.

When will the UK get new servers? 😩

No. Instead, remove the aur repo from your mirrorlist, remove all packages from it and rebuild them live from AUR. Cachy's aur repo is a horror made manifest, I'm hearing nothing but bad things about it.

I see similar behavior, the list of servers very slow to be populated (Fedora 40) with latest stable Eddie version. The pings of nearest, geographically, servers are showing > ~20/30ms, which seems to vary, from down as low as ~8ms with other recent previous Eddie versions.