Leaderboard

I think it's almost trivial to connect to internet via multi hop OpenVPN system, at least on Linux. Thanks to AirVPN for allowing multiple connections at the same time! The hopping can be made with the following bash script by Perfect Privacy (https://www.perfect-privacy.com/en/manuals/linux_openvpn_terminal_cascading). At first, you download the ovpn configurations for your favorite servers. I use only one hop so in practice, I need two different OpenVPN servers with their entry IP addresses. Then you follow the instructions of the script. For example, if your first server is in Siauliai, you run sudo openvpn --config AirVPN_LT-Siauliai_Porrima_UDP-443.ovpn --script-security 2 --route remote_host --persist-tun --up updown.sh --down updown.sh --route-noexec Then read the output of the above command and insert the given gateway IP address to the next hop: sudo openvpn --config AirVPN_LV-Riga_Meissa_UDP-443.ovpn --script-security 2 --route remote_host--persist-tun --up updown.sh --down updown.sh --route-noexec --setenv hopid 2 --setenv prevgw 10.xxx.yyy.zzz (Note that the hop script looks also for update-resolv-conf script to update the DNS, so install it if necessary from https://github.com/jonathanio/update-systemd-resolved). Then the traffic goes through two VPN servers! Your ISP sees UDP traffic to the first hop, meanwhile your external IP looks to be the exit IP address of the second server. If you want to apply leak protection, you can use Eddie. The second option is to apply Eddie's leak protection and then export the generated iptables rules to a file: sudo iptables-save > iptables-rules.txt sudo iptables-restore iptables-rules.txt If your iptables rules were empty before leak protection, you can recover that state by sudo iptables -F The last step is really not necessary, but rather for peace of mind. Latest Linux distros may have peculiar DNS behaviour (not leak, because even DNS requests are tunneled in the VPN connection), you can remove the nasty entry of DNS Domain: ~. from your systemd-resolved daemon by command (assumed that your interface is called wlan0) sudo systemd-resolve -i wlan0 --set-domain local I don't know, if the local argument is a proper one, but at least is forces away the value ~. and ipleak.net shows that non-AirVPN DNS servers are not used at all.

Could the same result be achieved by just doing the following? binding torrent client to VPN interface (qBittorrent/Vuze)setting "Routes" in Eddie/AirVPN-Client to "Not specified routes go Outside the VPN tunnel" (similar to route-nopull directive)