Leaderboard

Hello! We would like to inform you that we have made every effort to ensure AirVPN full and efficient operation during the pandemic caused by SARS-CoV-2. In order to reduce hazard and safeguard health, AirVPN staff and personnel work exclusively from home and worked from home well before the current situation appeared clearly as a pandemic Each member has a landline and one or more mobile lines, when possible in different infrastructures, to maximize likelihood to stay connected to the Internet 24/7 AirVPN system is more efficiently automated and basic functioning requires no manual interventions, even for several months (if kernel upgrades hadn't been necessary, we would have had servers uptime of 4 years or more) AirVPN inner staff members have now overlapping competences. Therefore if a key member, including a founder, is forced to stop working, the other ones can carry out his/her functions Emergency funds already secured in the past in different facilities as well as banks remain unaltered and ensure AirVPN financial health for a very long time even in very harsh scenarios. However, we would like to assure you that they are not needed at all currently, quite the contrary. In the last 10 days we have experienced a substantial increase in the growth of our customer base We have been informed by our most important partners and providers of housing and hosting in Europe, America and Asia they they are, and expect to, remain fully operational Kind regards AirVPN Staff

Please stay healthy everyone!

--------------------------------------------------------- SECURE YOUR WINDOWS VPN CONNECTION This script will allow your Windows OS to flip between secure VPN traffic and normal traffic mode. -Secure VPN mode: Allows 'only' secure VPN traffic, this script also prevents the 'DNS leak' problem you might have read about. -Normal traffic mode: Your normal internet I wrote this for people with little know-how of computers but need security without complication. This is a simple script that you double-click to flip between 'normal internet' mode and 'Secure VPN Mode'. When in 'Secure VPN Mode' your computer completely prevents DNS leaks and will deny ALL internet traffic that is not VPN. It still allows LAN access so your servers/network's existing setup won't be affected by it. Requirements: -My windows batch script -Your VPN's .ovpn files -You need to the DNS servers of your VPN (Note: Not all VPN's provide them, but all the good ones do) -Windows Vista/7/8/10 (These are the OS' that come default installed/enabled with Windows Firewall) --------------------------------------------------------- STEP 1 - Download your .ovpn file(s) from your VPN provider STEP 2 - Place those .ovpn files into your OpenVPN config directory This folder is usually: C:\Program Files\OpenVPN\config STEP 3 - Creating the .bat file -Create an empty .txt file and open it up -Copy and paste everything in the code box below into the empty .txt file -Edit the line near the top that says SET YOUR_VPN_PRIMARY_DNS= <- Put YOUR VPN's DNS address after the equal sign (AirVPN is 10.4.0.1 - this is what I use, so I left it as the default) -Save the file -Rename the .txt file extension to .bat (e.g. FirewallFlip.txt -> FirewallFlip.bat) BATCH FILE - FIREWALL FLIPPER @ECHO OFF SETLOCAL ENABLEDELAYEDEXPANSION SETLOCAL ENABLEEXTENSIONS REM ------------------- REM MANDATORY VARIABLES REM ------------------- REM This section is required to prevent DNS leaks REM Example VPN DNS servers: AirVPN's are 10.4.0.1 and 10.5.0.1 REM THIS VARIABLE CANNOT BE BLANK AND MUST BE CHANGED TO YOUR VPN'S DNS SERVER SET YOUR_VPN_PRIMARY_DNS=10.4.0.1 REM ------------------ REM OPTIONAL VARIABLES REM ------------------ REM Put the filename of your preferred OVPN server here REM Leave blank to let this script select one at random for you REM Example filename you would enter here: AirVPN_America_UDP-443.ovpn SET YOUR_PREFERRED_OVPN= REM Enter your backup/secondary DNS here SET YOUR_VPN_SECONDARY_DNS=10.5.0.1 REM Your preferred public DNS servers (e.g. Google is 8.8.8.8 and OpenDNS is 10.5.0.1) REM These are usually superior to the ones your ISP provides you with REM If you clear these values then your ISP DNS will be used SET YOUR_PUBLIC_PRIMARY_DNS=8.8.8.8 SET YOUR_PUBLIC_SECONDARY_DNS=208.67.220.220 REM Basic error check IF NOT DEFINED YOUR_VPN_PRIMARY_DNS ( ECHO WARNING ECHO ------- ECHO You have not set the YOUR_VPN_PRIMARY_DNS variable in this script ECHO. ECHO Open %~nx0 and edit the necessary line ECHO. ECHO This script CANNOT continue until you do so ECHO. ECHO Press any key to exit... PAUSE >NUL 2>NUL GOTO :EOF ) REM Finding your OpenVPN Installation IF EXIST "C:\Program Files (x86)\OpenVPN" SET OpenVPN=C:\Program Files (x86)\OpenVPN IF EXIST "C:\Program Files\OpenVPN" SET OpenVPN=C:\Program Files\OpenVPN IF NOT DEFINED OpenVPN ( ECHO Your OpenVPN installation was not found, press any key to exit... PAUSE >NUL 2>NUL GOTO :EOF ) REM Basic error check IF NOT EXIST "%OpenVPN%\config\*.ovpn" ( ECHO ****************************************************************** ECHO This script cannot continue because it could not find the .ovpn ECHO files required in: "%OpenVPN%\config" ECHO. ECHO Please copy your .ovpn files into the above directory for this ECHO script to work. ECHO ****************************************************************** PAUSE GOTO :EOF ) SET "FIREWALL_FLIP_BACKUP_FOLDER=%OpenVPN%\FIREWALL_FLIP_BACKUP" IF NOT EXIST "%FIREWALL_FLIP_BACKUP_FOLDER%" MD "%FIREWALL_FLIP_BACKUP_FOLDER%" REM Finding the network adapter used by OpenVPN FOR /F "tokens=1-3 delims='{" %%a IN ('"%OpenVPN%\bin\openvpn.exe" --show-adapters ^| findstr {') DO ( SET VPN_ADAPTER=%%a SET VPN_ADAPTER_GUID={%%c ) REM Checking config file limit FOR /F "tokens=1 delims= " %%a IN ('DIR "%OpenVPN%\config\*.ovpn" ^| findstr File^(s^)') DO ( IF %%a GTR 50 ( ECHO You have %%a config files in your OpenVPN config folder ECHO. ECHO OpenVPN only supports a maximum of 50, so you will need to delete some ECHO. ECHO This script has made no modifications to the system ECHO Press any key to exit... PAUSE >NUL 2>NUL GOTO :EOF ) ) REM Checking if any of the addresses aren't fully resolved FOR %%a IN ("%OpenVPN%\config\*.ovpn") DO ( FOR /F "tokens=2-3 delims= " %%b IN ('findstr "remote " "%%a" ^| findstr \.') DO ( ECHO %%b | findstr [a-z] && SET OVPN_FORMATTED=NO ) ) IF "!OVPN_FORMATTED!" EQU "NO" ( ECHO ******************************************************************** ECHO Could not find IP addresses for some, or all, of your .ovpn file^(s^) ECHO. ECHO Would you like this script to automatically format your .ovpn files? ECHO. ECHO REQUIRES INTERNET CONNECTION ECHO ******************************************************************** CHOICE IF !ERRORLEVEL! EQU 1 ( FOR %%f IN ("%OpenVPN%\config\*.ovpn") DO ( SET "OVPN_BACKUP_FILE=%OpenVPN%\FIREWALL_FLIP_BACKUP\Backup_%%~nxf" REM Create backup of your .ovpn file IF NOT EXIST "!FIREWALL_FLIP_BACKUP_FOLDER!" MD "!FIREWALL_FLIP_BACKUP_FOLDER!" >NUL 2>NUL IF NOT EXIST "!OVPN_BACKUP_FILE!" ( COPY /Y "%%f" "!OVPN_BACKUP_FILE!" >NUL 2>NUL ) ELSE ( ECHO A backup of "%%f" already exists, do you wish to overwrite it? CHOICE IF !ERRORLEVEL! EQU 1 ( COPY /Y "%%f" "!OVPN_BACKUP_FILE!" >NUL 2>NUL ) ) REM Get your VPN server name and port FOR /F "tokens=2-3 delims= " %%a IN ('findstr "remote " "%%f" ^| findstr \.') DO ( SET VPN_SERVER_NAME=%%a SET VPN_SERVER_PORT=%%b ) ECHO !VPN_SERVER_NAME! | findstr [a-z] >NUL 2>NUL && ( REM Resolve the server name to an IP FOR /F "tokens=2 delims=[]" %%a IN ('ping -n 1 !VPN_SERVER_NAME! ^| findstr [') DO ( SET VPN_SERVER_IP=%%a ) REM Replace the VPN server name with its direct IP >"%%f" ( FOR /F "usebackq tokens=*" %%a IN ("!OVPN_BACKUP_FILE!") DO ( IF "%%a" EQU "remote !VPN_SERVER_NAME! !VPN_SERVER_PORT!" ( ECHO remote !VPN_SERVER_IP! !VPN_SERVER_PORT! ) ELSE ( ECHO %%a ) ) ) ) ) ) ELSE ( ECHO. ECHO This script has made no modifications to the system. ECHO Press any key to exit... PAUSE >NUL 2>NUL GOTO :EOF ) ) REM If you haven't set the variable YOUR_PREFERRED_OVPN this bit of code will select one at random from the OpenVPN config folder where all your .ovpn files are stored. IF DEFINED YOUR_PREFERRED_OVPN GOTO :CURRENT_STATE IF "!YOUR_PREFERRED_OVPN!" EQU "" ( FOR /F "tokens=1 delims= " %%a IN ('DIR "%OpenVPN%\config\*.ovpn" ^| findstr /C:" File(s)"') DO SET /A "rand=%RANDOM% %% %%a+1" FOR %%f IN ("%OpenVPN%\config\*.ovpn") DO ( SET /A num+=1 IF !num! EQU !rand! SET "YOUR_PREFERRED_OVPN=%%~nxf" ) ) :CURRENT_STATE REM Check what state the firewall is in (VPN ONLY or ALLOW ALL) CLS FOR /F "tokens=2 delims=," %%a IN ('netsh advfirewall show allprofiles firewallpolicy') DO SET state=%%a IF "%state%" EQU "BlockOutbound" GOTO :VPN_TO_ALL IF "%state%" EQU "Ausgehend blockieren" GOTO :VPN_TO_ALL IF "%state%" EQU "AllowOutbound" GOTO :ALL_TO_VPN IF "%state%" EQU "Ausgehend zulassen" GOTO :ALL_TO_VPN ECHO Your firewall state cannot be determined... ECHO. ECHO This script has made no modifications to the system. ECHO Press any key to exit... PAUSE >NUL 2>NUL GOTO :EOF :VPN_TO_ALL ECHO. ECHO -------------------------------------------------- ECHO ^|The firewall currently allows "ONLY VPN" traffic^| ECHO -------------------------------------------------- ECHO. ECHO Do you wish to allow "ALL" traffic? CHOICE IF !ERRORLEVEL! EQU 1 ( CLS ECHO ------------------------------------------------ ECHO Configuring your computer to allow "ALL" traffic ECHO ------------------------------------------------ ECHO. REM Firewall .wfw backup file IF NOT EXIST "%FIREWALL_FLIP_BACKUP_FOLDER%\PRE_VPN_FIREWALL_RULES_BACK.wfw" ( ECHO. ECHO. ECHO ******************************************************************************* ECHO The firewall rules backup this script made could not be found... ECHO. ECHO Something has happened to the file: ECHO "%FIREWALL_FLIP_BACKUP_FOLDER%\PRE_VPN_FIREWALL_RULES_BACK.wfw" ECHO ******************************************************************************* ECHO. ECHO Would you like to automatically reset your windows firewall to default rules? ECHO This is perfectly safe to do, but it will reset your firewall prompts. REM Reset windows firewall if rules backup not found CHOICE IF !ERRORLEVEL! EQU 1 ( netsh advfirewall reset >NUL 2>NUL ) ELSE ( ECHO. ECHO This script has made no modifications to the system. ECHO Press any key to exit... PAUSE >NUL 2>NUL GOTO :EOF ) ) REM Delete all current firewall rules netsh advfirewall firewall delete rule name=all >NUL 2>NUL ECHO All firewall rules cleared ECHO. REM Terminate OpenVPN taskkill /f /im openvpn* >NUL 2>NUL ECHO OpenVPN Terminated ECHO. REM Identify all NIC's and set their DNS ECHO. ECHO. ECHO Sanitizing and configuring your network adaptors ECHO ------------------------------------------------ ECHO. FOR /F "tokens=2 delims=, skip=2" %%a IN ('"wmic nic where PhysicalAdapter=TRUE get netconnectionid /format:csv"') DO ( ECHO "%%a" | findstr OpenVPN || ( SET "adapter=%%a" SET dnsprimary=!YOUR_PUBLIC_PRIMARY_DNS! SET dnssecondary=!YOUR_PUBLIC_SECONDARY_DNS! CALL :ADAPTER_CONFIG ) ) REM Import your backup firewall rules IF EXIST "%FIREWALL_FLIP_BACKUP_FOLDER%\PRE_VPN_FIREWALL_RULES_BACK.wfw" netsh advfirewall import "%FIREWALL_FLIP_BACKUP_FOLDER%\PRE_VPN_FIREWALL_RULES_BACK.wfw" >NUL 2>NUL REM Re-enable program firewall access request notifications netsh advfirewall set allprofiles settings inboundusernotification enable >NUL 2>NUL REM Register with the network properly ipconfig /registerdns >NUL 2>NUL netsh winsock reset >NUL 2>NUL ipconfig /renew >NUL 2>NUL REM Enable ALL traffic firewall rules netsh advfirewall set allprofiles firewallpolicy BlockInbound,AllowOutbound >NUL 2>NUL CLS ECHO ------------------------------------------- ECHO Your computer should now allow "ALL" traffic ECHO ------------------------------------------- GOTO :VERIFICATION ) ECHO. ECHO This script has made no modifications to the system. ECHO Press any key to exit... PAUSE >NUL 2>NUL GOTO :EOF :ALL_TO_VPN ECHO. ECHO -------------------------------------------------- ECHO ^|The firewall currently allows "ALL" traffic^| ECHO -------------------------------------------------- ECHO. ECHO Do you wish to allow "ONLY VPN" traffic? CHOICE IF !ERRORLEVEL! EQU 1 ( CLS ECHO ----------------------------------------------------- ECHO Configuring your computer to allow "ONLY VPN" traffic ECHO ----------------------------------------------------- ECHO. REM Creating VPN_SERVER_IP SET /P 1=Generating list of VPN server IP's... <NUL FOR /F "tokens=*" %%a IN ('DIR /b "%OpenVPN%\config\*.ovpn"') DO ( FOR /F "tokens=1-3 delims= " %%b IN ('findstr "remote " "%OpenVPN%\config\%%a" ^| findstr \.') DO ( IF DEFINED VPN_SERVER_IP ( IF %%c NEQ !lastip! SET VPN_SERVER_IP=!VPN_SERVER_IP!,%%c ) ELSE ( SET VPN_SERVER_IP=%%c ) SET lastip=%%c ) ) ECHO Done REM Backup all firewall rules SET /P 1=Backing up current firewall rules... <NUL netsh advfirewall export "%FIREWALL_FLIP_BACKUP_FOLDER%\PRE_VPN_FIREWALL_RULES_BACK.wfw" >NUL 2>NUL IF NOT EXIST "%FIREWALL_FLIP_BACKUP_FOLDER%\PRE_VPN_FIREWALL_RULES_BACK.wfw" ( ECHO ERROR ECHO. ECHO This script has made no modifications to the system. ECHO Press any key to exit... PAUSE >NUL 2>NUL GOTO :EOF ) ECHO Done REM Enable VPN traffic firewall rules SET /P 1=Configuring new firewall rules... <NUL netsh advfirewall set allprofiles firewallpolicy BlockInbound,BlockOutbound >NUL 2>NUL REM Delete all current firewall rules (filtering method used to retain file/network sharing functionality) netsh advfirewall firewall delete rule name=all >NUL 2>NUL REM FOR /F "tokens=2 delims=:" %%a IN ('netsh advfirewall firewall show rule name^=all ^| findstr /C:"Rule Name:" ^| findstr /v "@"') DO ( REM REM Trim all extra spaces REM FOR /F "tokens=* delims= " %%b IN ("%%a") DO SET "RULE_NAME=%%b" REM REM Filter out all firewall rules that aren't the microsoft local subnet ones REM FOR /F "tokens=* delims= " %%b IN ('@ECHO !RULE_NAME! ^| findstr /v /b /L "File and Printer Sharing" ^| findstr /v /b /L "Network Discovery"') DO netsh advfirewall firewall delete rule name="!RULE_NAME!" >NUL 2>NUL REM ) REM Create VPN only rules netsh advfirewall firewall add rule name="VPN_LOCALNETWORK_INBOUND" dir=in action=allow remoteip=LocalSubnet >NUL 2>NUL netsh advfirewall firewall add rule name="VPN_LOCALNETWORK_OUTBOUND" dir=out action=allow remoteip=LocalSubnet >NUL 2>NUL netsh advfirewall firewall add rule name="VPN_RESOLUTION_OUTBOUND" dir=out action=allow remoteip=!VPN_SERVER_IP! >NUL 2>NUL netsh advfirewall firewall add rule name="VPN_DHCP" dir=out action=allow program="%%SystemRoot%%\system32\svchost.exe" localip=0.0.0.0 localport=68 remoteip=255.255.255.255 remoteport=67 protocol=UDP >NUL 2>NUL REM Disable program requesting firewall access notifications (just in case you aren't connected to the VPN and you are asked by something and accidentally allow it) netsh advfirewall set allprofiles settings inboundusernotification disable >NUL 2>NUL ECHO Done REM Identify all NIC's and set their DNS to the secure VPN DNS ECHO. ECHO. ECHO Sanitizing and configuring your network adaptors ECHO ------------------------------------------------ ECHO. FOR /F "tokens=2 delims=, skip=2" %%a IN ('"wmic nic where PhysicalAdapter=TRUE get netconnectionid /format:csv"') DO ( ECHO "%%a" | findstr OpenVPN || ( SET "adapter=%%a" SET dnsprimary=!YOUR_PUBLIC_PRIMARY_DNS! SET dnssecondary=!YOUR_PUBLIC_SECONDARY_DNS! CALL :ADAPTER_CONFIG ) ) REM Register with the network properly ipconfig /registerdns >NUL 2>NUL netsh winsock reset >NUL 2>NUL ipconfig /renew >NUL 2>NUL CLS ECHO ------------------------------------------------ ECHO Your computer should now allow "ONLY VPN" traffic ECHO ------------------------------------------------ GOTO :VERIFICATION ) ECHO. ECHO This script has made no modifications to the system. ECHO Press any key to exit... PAUSE >NUL 2>NUL GOTO :EOF :VERIFICATION ECHO. ECHO. ECHO VERIFICATION STEPS ECHO ------------------ REM Automatic firewall verification FOR /F "tokens=2 delims=," %%a IN ('netsh advfirewall show allprofiles firewallpolicy') DO IF "%%a" EQU "%state%" ( ECHO Your firewall state did not successfully switch over, do you want to run this script again? CHOICE IF !ERRORLEVEL! EQU 1 ( GOTO :CURRENT_STATE ) ELSE ( GOTO :EOF ) ) ECHO Firewall - passed automatic verification REM Automatic DNS verification netsh interface ipv4 show dns | findstr \. | findstr !dnsprimary! >NUL 2>NUL || GOTO :VERIFICATION_FAILURE IF DEFINED dnssecondary netsh interface ipv4 show dns | findstr \. | findstr !dnssecondary! >NUL 2>NUL || GOTO :VERIFICATION_FAILURE ECHO DNS - passed automatic verification ECHO ------------------ ECHO. IF !dnsprimary! EQU !YOUR_VPN_PRIMARY_DNS! ( SET ovpnlog=!YOUR_PREFERRED_OVPN:ovpn=log! taskkill /f /im openvpn* >NUL 2>NUL DEL /F /Q "%OpenVPN%\log\!ovpnlog!" >NUL 2>NUL ECHO. SET /P 1=Connecting to your VPN and waiting for IP to be assigned: <NUL START "" "%OpenVPN%\bin\openvpn-gui.exe" --connect !YOUR_PREFERRED_OVPN! >NUL 2>NUL :VPN_IP_LOOP findstr "CONNECTED,SUCCESS" "%OpenVPN%\log\!ovpnlog!" >NUL 2>NUL || GOTO :VPN_IP_LOOP FOR /F "tokens=4 delims=," %%a IN ('findstr "CONNECTED,SUCCESS" "%OpenVPN%\log\!ovpnlog!"') DO ( SET VPN_ASSIGNED_IP=%%a ) ECHO !VPN_ASSIGNED_IP! ECHO. SET /P 1=Granting your assigned VPN IP access to the internet... <NUL FOR /F "tokens=2-4 delims=,." %%a IN ('wmic nicconfig get DHCPServer^,SettingID /format:csv ^| findstr "!VPN_ADAPTER_GUID!"') DO ( SET VPN_IP_POOL_RANGE=%%a.%%b.0.0-%%a.%%b.255.254 ) netsh advfirewall firewall add rule name="VPN_INTERNET_OUTBOUND" dir=out action=allow localip=!VPN_IP_POOL_RANGE! >NUL 2>NUL ECHO Done ECHO. ECHO. ECHO ------------------------------------------------------------------- ECHO ^|Visit www.ipleak.net to verify that you are connected to your VPN^| ECHO ------------------------------------------------------------------- ECHO. PAUSE GOTO :EOF ) ELSE ( PAUSE ) GOTO :EOF :VERIFICATION_FAILURE ECHO There was an error setting your DNS, press any key to see your current DNS servers... PAUSE >NUL 2>NUL netsh interface ipv4 show dns ECHO ------------------------------------------------------------ ECHO The DNS listed should be: !dnsprimary! -OR- !dnssecondary! ECHO ------------------------------------------------------------ ECHO. ECHO IF THE DNS SERVERS DO NOT MATCH WHAT THEY SHOULD BE, CHANGE THEM MANUALLY ECHO IF YOU DON'T DO THIS: ECHO --------------------- ECHO YOUR VPN CONNECTION WILL NOT BE SECURE ECHO -AND/OR- ECHO YOUR REGULAR INTERNET MODE WILL NOT WORK ECHO. PAUSE GOTO :EOF :ADAPTER_CONFIG REM This section resets and configures your network adapters as necessary SET /P 1=%adapter%... <NUL ipconfig /release >NUL 2>NUL ipconfig /flushdns >NUL 2>NUL netsh interface ipv4 set dns "%adapter%" static %dnsprimary% primary validate=no >NUL 2>NUL IF DEFINED dnssecondary netsh interface ipv4 add dns "%adapter%" !dnssecondary! index=2 validate=no >NUL 2>NUL ECHO Done STEP 4 Now you just double click the .bat file whenever you want to switch between VPN secure or normal internet mode. If double-clicking doesn't start the script you can right click it and select 'open'. SPECIAL NOTES -This script creates a backup of your original .ovpn files under the folder FIREWALL_FLIP_BACKUP in your OpenVPN Installation directory. This script resolves the IP's of the hostnames in the VPN files so if you feel there is something wrong with this script you can still just go back to your originals. -The changes made by this script are permanent, until you run it again. This means that reboots or any sort of system hiccup will not affect it. WARNING If you start fiddling with your network adapters or windows firewall yourself you will most likely compromise what this script has set out to do. Only do so if you know what you're doing.

@arteryshelby Thank you, we will keep your suggestion in serious consideration. Kind regards

i would apreachiate if servers from upsala can be moved towards stockholm. Stockholm server are always at higher (not "high" but almost always arround 400 mbit - atm its more like 700 mbit per server) load. For me and many others upsalla location seems quite slow (check the user connected from upsalla and stockholm) Server add in Stockholm would be great!