Leaderboard

Not when you only ever connect to one single server. They will connect to whatever IP you manually enter, and since AirVPN exit IPs don't change it could work. But you still need to connect to only one server. Yes. If you want to be connected the whole time, it's the recommended solution. I don't, sorry. But others surely can help with this.

"The mass have never decided anything. " Perhaps its the general state of mind about privacy and what can happen if there is no privacy left. Most of the people dont want to think or talk about this topic. Convenience first or something. Interesting but also a horror. Casper.

Hello! Simply because when you are the one to decide when to unlock, you can first terminate those app which must not have their traffic outside the VPN according to your threat model. Yes, we are talking about the same. There's nothing to report, the option works as expected. It's you that you're asking it for what it can't (and did not promise to) do, i.e. block the traffic unconditionally, if we understand correctly what you want. The "Block connection ..." new sub-option under "Always on" blocks traffic of the unregistered (to the VpnService API) applications while the tunnel is non-existing. All the traffic of the registered to the service applications is not blocked as well as the traffic (outside any tunnel) during all the time necessary to rebuild a tunnel and connect. Eddie leaves you the freedom of choice according to your threat model. If the "Alway on" + "Block connections..." are not a hazard for your threat model, then you can disable VPN lock in Eddie. On the contrary, if you can't allow the risk of traffic flowing outside any tunnel in aforementioned cases, then enable Eddie "VPN lock". Finally, always remember that, even while the tunnel is up, in an Android device leaks are ALWAYS possible by applications running with high privileges (typically Google and system manufacturer software), trivially by binding to the physical network interface . Such leaks could be theoretically prevented only with the correct packet filtering table rules, which you can't modify if you're not root (that's why Eddie leaks prevention is a "best effort"). The same happens in iOS where Apple. by policy, reminds you that Apple applications will bypass whenever they want any VPN and exchange data outside the VPN tunnel without warning you. Kind regards

Hi everyone, I had some difficulty setting up port forwarding with the Merlin WRT firmware on my ASUS routers and did not find a great guide online so figured I would write one up to hopefully help save someone a few hours of pain. 1. Download the Merlin WRT firmware from the website and just upload is as a regular file through the Administration -> Firmware Upgrade page. 2. Once done go to Administration -> System -> Persistent JFFS partition and make sure enable both options and restart. This is where the script will go. Restart the router. 3. Download Win-SCP to help you upload and edit files on the router. I found this to be the easiest way. 4. Log in to your router with WinSCP: - File protocol: SCP - Host name: Router IP (eg. 192.168.1.1) - User name/Password of your router – Login 5. Use the “..” folder all the way on the top to go all the way back where you will see “jffs” partition. Go to jffs -> scripts and then right click and create new file named “nat-start” without quotations. So /jffs/scripts/nat-start For whatever reason the first time I activated JFFS partition it was read only and did not allow me to create any new files so I followed the instructions here and used the commands through telnet to mount the partition and then restarted the router 6. Once the file is created, right click and goto properties and make sure Owner permission has check next to “X” making it executable. You can do this through telnet also using chmod command. 7. Use the following script below to setup port forwarding: #!/bin/sh iptables -I FORWARD -i br0 -o tun11 -j ACCEPT iptables -I FORWARD -i tun11 -o br0 -j ACCEPT iptables -I FORWARD -i br0 -o vlan1 -j DROP iptables -I INPUT -i tun11 -j REJECT iptables -t nat -A POSTROUTING -o tun11 -j MASQUERADE iptables -I FORWARD -i tun11 -p udp -d *IP of device requiring open port* --dport *Port* -j ACCEPT iptables -I FORWARD -i tun11 -p tcp -d *IP of device requiring open port* --dport *Port* -j ACCEPT iptables -t nat -I PREROUTING -i tun11 -p tcp --dport *Port* -j DNAT --to-destination *IP of device requiring open port* iptables -t nat -I PREROUTING -i tun11 -p udp --dport *Port* -j DNAT --to-destination *IP of device requiring open port* ~Obviously replace the stuff between * * with the right numbers and remove the *. 8. To check which tun and vlan you have telnet to your router and type in “ifconfig” and use this information to determine this. The 2nd paragraph can be copied for multiple ports. I have OSX so I used "Terminal.app" and typed "telnet 192.168.1.1" and then type in your admin/pass, then "ifconfig". 9. That’s it. Save it and restart your router. Make sure you obviously setup the correct ports on the AirVPN website. 10. You can check under your router page: System Log -> Port Forwarding to see the appropriate ports being forwarded. Also can check through the AirVPN website. Hope that helps. Let me know if something is unclear and I will modify it. Thanks and enjoy.