Leaderboard

Hello! We're very glad to inform you that two new 1 Gbit/s full duplex servers located in Tokyo, Japan, are available: Albaldah and Bharani. The AirVPN client will show automatically the new servers; if you use any other OpenVPN or WireGuard client you can generate all the files to access it through our configuration/certificates/key generator (menu "Client Area"->"Config generator"). The servers accept connections on ports 53, 80, 443, 1194, 2018 UDP and TCP for OpenVPN and port 1637 UDP for WireGuard. Albaldah and Bahrani support OpenVPN over SSL and OpenVPN over SSH, TLS 1.3, OpenVPN tls-crypt and WireGuard. Full IPv6 support is included as well. As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses. You can check servers status as usual in our real time servers monitor: https://airvpn.org/servers/albaldah https://airvpn.org/servers/bharani Do not hesitate to contact us for any information or issue. Kind regards and datalove AirVPN Team

I am experiencing intermitting DNS problems, where noting gets resolved anymore. I am using Eddie 2.21.3beta and Wireguard. I have to connect to another server for DNS to work again. Which server doesn'tmatter, as after some time to problem reoccurs and I have to connect to yet another server to get it working again for some time. Rinse and repeat so to say. I have no idea if it is either Eddie, Wireguard or something else related.

Hello! We're very glad to inform you that Eddie Android edition 2.5 has been released. The new release achieves full compatibility with Android versions 10, 11 and 12,. It also maintains compatibility with Android 5.1. Many parts have been thoroughly rewritten to obtain better performance and efficiency. Ability to start and connect during device bootstrap is no more limited to a specific profile: it has been extended to a variety of choices, such as quick auto connection or user defined servers or countries, according to a customizable priority list. Master Password is now optional and VPN concurrency management has been improved. SSL/TLS library is OpenSSL, since it can provide, nowadays, slightly better performance than mbedTLS library on several processors. TLS 1.3 is supported as well. Eddie for Android is free and open source software released under GPLv3. We invite you to check from independent 3rd parties lack of trackers code signatures, for example here: https://reports.exodus-privacy.eu.org/en/reports/search/org.airvpn.eddie You can download Eddie Android 2.5 APK directly from our repository: https://airvpn.org/forums/topic/29660-using-airvpn-with-eddie-client-for-android/ You can also download it from the Google Play Store: https://play.google.com/store/apps/details?id=org.airvpn.eddie and from Amazon Appstore: https://www.amazon.com/Eddie-AirVPN-official-OpenVPN-GUI/dp/B07KTD6DH9/ Source code (and of course changelog) is available in GitLab: https://gitlab.com/AirVPN/EddieAndroid/ Main features (new features in bold): Free and open source OpenVPN GUI based on "OpenVPN 3.7.1 AirVPN" (free and open source software library by AirVPN) ChaCha20-Poly1305, AES-CBC and AES-GCM support on both OpenVPN Control and Data channel Robust, best effort prevention of traffic leaks outside the VPN tunnel Battery-conscious application Low RAM footprint Ergonomic and friendly interface Ability to start and connect the application at device boot Option to define which apps must have traffic inside or outside the VPN tunnel through white and black list Localization in simplified and traditional Chinese, Danish, English, French, German, Italian, Portuguese, Russian, Spanish, Turkish Full integration with AirVPN Enhanced security thanks to locally stored encrypted data through optional master password Quick one-tap connection and smart, fully automated server selection Smart server selection with custom settings Manual server selection Ability to start and connect during device startup according to a priority list which includes automatic choice, your defined country and your defined AirVPN server Smart attempts to bypass OpenVPN blocks featuring protocol and server fail-over Full Android TV compatibility including D-Pad support. Mouse emulation is not required. Enhancements aimed at increasing accessibility and comfort to visually impaired persons AirVPN servers sorting options Customizable "Default", "Favorite" and "Forbidden" servers and countries OpenVPN mimetype support to import profiles from external applications Multiple OpenVPN profile support. The app now imports and manages multiple OpenVPN profiles Support for custom bootstrap servers Support for favorite and forbidden countries AirVPN broadcast messages support User's subscription expiration date is shown in login/connection information The app is aware of concurrent VPN use. In case another app is granted VPN access, Eddie acts accordingly and releases VPN resources Optional local networks access. In such case, local network devices are exempted from the VPN and can be accessed within the local devices Localization override. User can choose the default language and localization from one of the available ones Favorite and forbidden lists can be emptied with a single tap Ability to directly select an AirVPN area (country, continent, planet) to connect to VPN reconnection in case of unexpected OpenVPN disconnection. (It requires VPN Lock to be disabled) VPN concurrency management Full integration with VPN traffic leaks prevention by system in Android 7 or higher version Full compatibility with Android 10, 11 and 12 User can generate or save an OpenVPN profile for any AirVPN server or country and save it in the internal OpenVPN profile manager or export it On the fly language change allowing to switch language without re-starting application Exclusive optional VPN lock in case the device cannot take advantage of Android's VPN direct management (Android 5 and 6) Server scoring algorithm implementing the latest AirVPN balancing factors in order to determine the best server for quick connection Network name and extra information are shown along with network type Device network status management Fully compatible with Android TV 5.1 and higher versions bug fixes Kind regards & datalove AirVPN Staff

@eburom Thank you very much! The problem you found and kindly reported has been fixed and you'll see the fix in the next, imminent version. From the developer: you can't build the Suite now because OpenVPN3 has recently changed ClientAPI::Config definition. They replaced member ipv6 with allowUnusedAddrFamilies which is basically used for the very same purpose. The change has been already imported into OpenVPN3-AirVPN 3.7.1 fork and Bluetit/Hummingbird code has been updated accordingly in the development branch which is to be released very soon, along with some other minor fixes and changes [including the aforementioned one}. Kind regards

Hello @Staff , I tried running this command in Monterey 12.1 and I got sysctl: unknown oid 'kern.ipc.maxsockbuf' and I tried this command Also : sudo sysctl -w kern.ipc.maxsockbuf=33554432 and I got this : sysctl: kern.ipc.maxsockbuf=33554432: Result too large any ideas ? maybe try smaller buffer ? Edit : I tried sudo sysctl -w kern.ipc.maxsockbuf=16554432 and I got : kern.ipc.maxsockbuf: 8388608 -> 16554432 it's seems that 16mb was accepted unlike the 32 I'll test and report back.

Hello everybody, can you please re-perform all of your tests and report back? We have found a bug which potentially might have caused the reported names resolution failures and we have fixed the code. Please let us know whether the problems keeps occurring or not, as our automated DNS testing sentinels deployed on several flag servers have stopped reporting resolution failures since when the fix was applied. A couple of hours ago the fix has been deployed on all the VPN servers. We are looking forward to hearing from you. Kind regards

That Pull option is not set, I believe it corresponds to --pull which is a necessity. --pull This option must be used on a client which is connecting to a multi-client server. It indicates to OpenVPN that it should accept options pushed by the server, provided they are part of the legal set of pushable options (note that the --pull option is implied by --client ). Not sure if your app implies --client. I'd say, try ticking Pull.

Check if the DNS servers are reset back to DHCP, or whatever the normal setting is for you. Here's how to do the reset.

AirVPN Suite does work fine with Slackware 15.0 RC3 64bit, but I suggest to make the change noted below. I have noticed Intermittent issues with IPv6 on my system with my ISP. This assumes you are using Network Manager, which is setup via /sbin/netconfig You should edit file /etc/NetworkManager/conf.d/00-dhcp-client.conf and comment out line 'dhcp=dhcpcd' then uncomment line 'dhcp=dhclient'. Doing that all works fine after a reboot to reset dhcp. Well spoke too soon, above does work most of the time, but I suspect there is an issue in Slackware with its dbus. Once in a great while IPv6 causes problems with goldcrest (or bluetit or my ISP). I will play around and respond here if I track down the issue.

Yeah, good idea and I don't know why I didn't think of that. I did have the secure DNS setting on and have now turned it off. I'll try if for a few days and come back if it fixed the problem. Follow-up - a couple of days after turning off the secure DNS option in Brave, and no messages so far. For what it's worth, I also have DNSSEC enabled on my pfSense router "DNS Resolver" service, pointing to 1.1.1.1 / 1.1.1.2. So whether I am on AirVPN or not, I have a secure DNS connection.

I see. Issue seems to be Brave-specific and points to the issue of the configured Secure DNS provider not being reachable. Disable it, it makes little sense in the VPN network.

Hello! We confirm that it's not possible for Eddie to start during the bootstrap of any un-rooted device running Android TV 10, 11 and 12, and this is not an Eddie-specific limitation, simply because "Always on VPN" has become mandatory for the purpose, but at the same time Android TV has always had this feature removed. Should we find a solution to circumvent this deliberate limitation on un-rooted devices, we will be willing to implement it, but at the moment we are not aware of any solution. OpenVPN connect, OpenVPN for Android and other apps undergo the very same limitation. Kind regards

Hi @Staff, just a quick reminder that as of today this bug is still open in the Config Generator. No big deal for me, but new/other users (who are unaware) might be wondering why the old host is not resolving.

Hi, on starting Eddie, when I click on 'Activate Network Lock', after the 'Are you sure' prompt then I'm getting the following error Exception: iptables don't reply, probably kernel modules issue This has been working fine until recently. I'm using Pop! OS 21.04 and they recently upped their kernel to 5.15.5, so that may have something to do with it. I've tried Eddie versions 2.20 and experimental 2.21.3beta and both have the error. If I avoid the 'Activate Network Lock' and just run 'Connect to a recommended server' then this runs just fine. But then I lose some connectivity to other servers and services across my LAN. Any thoughts?

Same issue for me, ticket #152107

Eddie is a C# app run with Mono on Linux and natively with .NET on Windows. There is no JavaScript code. You're welcome otherwise. Enjoy!

Well your wish came true...Enjoy it

Hello everybody! Some guidelines to help us investigate, as we have failed to reproduce the issue. When you experience the problem please report here all the following information: the fully qualified domain name you could not resolve the server you were connected to the connection mode and protocol (some OpenVPN mode or WireGuard) the DNS block lists you had active, if any the complete output of the command dig or nslookup pertaining to the "problematic" domain name Kind regards

Hello! We are currently unable to reproduce the reported DNS issues and we do not have tickets by users (not even one) that can help us investigate. Can you please specify the exact servers where you can reliably reproduce the problem while you query VPN DNS? Note: if you cant' resolve names with other (not AirVPN's) public DNS, then the problem should be related to a broken connection, and not to VPN DNS: @root1337 The error: VERIFY ERROR: depth=1, error=certificate is not yet valid: implies that the device date is incorrectly set to the past and the certificate is not yet valid in that date. It's possible that the router could not sync through NTP during the bootstrap. Actually the first DNS server you set (10.4.0.1) is accessible only from within the VPN, therefore it will not resolve any name, including NTP server names. The router will then fall back to the second DNS, the OpenNIC one. Since OpenNIC servers have been replaced and some of them suffered downtime, try a different DNS server (for example Quad9, address 9.9.9.9). Anyway this problem seems unrelated to the other DNS issue you report. Kind regards

The guides are user-produced content, so contacting the authors of those guides will be the only thing getting you forward here. Also, how do you know they will answer in the same tome? You really think the way they write a guide in the forums, targeted at more advanced people, is the way they write to everybody, especially if you specifically ask for a more beginner-friendly vocabulary? I'm sure the overwhelming majority will break it down for you a little; they're not machines, you know, they can adapt. Alternatively, you can ask here for some explanations, but please link the guides you were trying to follow. Other people could chime in this way. And, of course, welcome to AirVPN.

@thetechdude Hello! We're sorry, we can't do that. Although you say it's not, what you propose is indeed specific client related traffic monitoring and logging/storing which we are contractually obliged not to perform. Even setting it as an opt-in feature would surely cause endless controversy and potential contractual breach. As a workaround, if a DNS query fails on our DNS (remember that each server runs its own DNS server) you can discover the reason through dig or nslookup. Kind regards

There are a few misconceptions here. There is a difference between logging DNS queries temporarily and logging VPN traffic. It's possible to enable logs on DNS for like 5 minutes and then turn it off. Let's say I'm trying to go to a site that Easylist, or any other list, blocks. Wouldn't it be nice to know that, so that you could then make an exclusion? This is something that every other DNS filtering service allows; ControlD, NextDNS, AdGuard Home, etc. So, what I'm asking for is nothing new or scandalous in any way.

This would create a crapload of backlash. What, it is possible to log DNS queries? So what, AirVPN lied about the no-log? I think I can answer this with a confident "No, never". I don't understand this sentence. Blocked by what? AirDNS doesn't block a single domain name. If enabled, it even unblocks a few of them. Is there a case where you think AirDNS blocked something? Or what's the cause for this sentence?

I'd assume so, since WireguardNT has been enabled by default in Wireguard itself for a few months now. https://mobile.twitter.com/EdgeSecurity/status/1437402720135270403 WireguardNT is part of the Wireguard project and thus bugs should be reported there. https://lists.zx2c4.com/mailman/listinfo/wireguard

eddie 2.21.3, + updated to macos 12.1 - has not crashed in the 8 days installed/all day use, i don't let eddie beta run if no one is attending mac but it's still up about 14 hours per day. (after updating to macos 12.1 i tested eddie 2.20.0 but it still crashed, sometimes twice in minutes, (to see if it was macos 12.0.1 issue only). eddie 2.21.3 so far does not get stuck at IPv4 as eddie 2.20.0 did, 2.21.3 always then goes to IPv6 and connects. one diff/issue 1. running eddie 2. manual disconnect ethernet cable for 30 seconds. 3. eddie trying to reconnect. 4. plug ethernet cable back. 5. eddie cannot auto reconnect because eddie auto logged me out. 6. have to relogin to airvpn then click "Connect to a recommended server". i believe previous eddies did not lose my login credentials.

You should get different interface addresses if you configure multiple different "devices" in AirVPN's UI here: https://airvpn.org/devices/. Each device has a details button to view the VPN IP for that device. Two AirVPN devices should work fine on the same physical device, just remember to use different adapter names if on Linux (eg. wg0 for the first one and wg1 for the second one).

No more memory leaks on my side.

Please add it also to F-Droid. Thanks!

Is mailbox.org a viable candidate? You can use your own domain with them. In general, any SMTP server goes, be it GMail, Posteo, Tutanota, whatever. If you're okay with the mail address being shown as sender on the receiver's end, that is. You can additionally include a Reply-To header pointing at your domain mail address so that anyone clicking on the Reply button will send response mails back to your domain mail address. Some spam software will rate this approach slightly higher, though. Matter of preference.

Thanks for that tip. Will definitely give them a look. Cheers! 👍

Maybe mailjet.com is something for you. The free service includes 200 emails per day and 6000 emails per month. Do not use it myself, but heard some good stuff about them.

Hello! We would like to inform you that we have never used the Apache Logging Services and/or Java in general, so any Log4j vulnerability, CVE-2021-44228 included (overall CVSS score 10.0 - critical) doesn't affect AirVPN web site or anything related to AirVPN. https://nvd.nist.gov/vuln/detail/CVE-2021-44228 Kind regards and datalove AirVPN Staff

Not sure if this will help but in the last couple of updates I have gone into services.msc and changed the Eddie Elevation Service from manual to Automatic after reading an earlier post in this thread on that and AirVPN connects fine after that. Thanks, but Eddie Elevation Service was already on automatic..

Hello! We're very glad to announce a special promotion on our long terms Premium plans. You can get prices as low as 2.20 €/month with a three years plan, which is a 68.6% discount when compared to monthly plan price of 7 €. You can also send an AirVPN plan as a gift: you have the option to print or send a colorful, dedicated picture with the code to activate the plan. You can do it in your account Client Area -> Your membership: Purchase and credit -> Print X-Mas after you have bought a coupon. If you're already our customer and you wish to stay aboard for a longer period, any additional subscription will be added on top of already existing subscriptions and you will not lose any day. Please check plans special prices on https://airvpn.org and https://airvpn.org/buy Kind regards & datalove AirVPN Staff

# apt-get install nftables More info:

Ah that did the trick! Thanks Daniel i didn't known that there was a difference in the Details information.

Well… after a couple of days digging deeper into the source code, I was able to make hummingbird 1.1.2 compile and run in a Docker container with working network lock. Clone my fork from https://gitlab.com/fschaeckermann/hummingbird.git and read instructions in README.md I made it compile under Alpine Linux as well, but iptables seems to misbehave in some breaking way. Therefore the Alpine image is not really usable yet. @whiteowl3: I shamelessly copied your work and incorporated it in the Dockerfile - tini and entrypoint.sh and healthcheck.sh including. The client is actually issuing modprobe and iptables commands to create the network lock (using iptables-legacy, maybe that was the reason you couldn’t see any rules?). I haven’t tested with nftables or pf. That might even work under alpine… Also, if ipv6 gets in the picture, things go haywire! But ipv6 and Docker is an altogether different can of worms…. Have fun! And post your results here if you like.

I like and use AirVPN but I don't trust him/his reviews. It's not hidden knowledge that the whole VPN review market is a bidding war between which company pays more. Here's my (salty) opinion. Although he uses a fixed script for each review and assigns points fairly, no matter which VPN he reviews he mentions his top scorers at least once per video. I have a feeling that the point of every non "S tier" review is to redirect customers, like "hey you know AirVPN is cool and has some promising features but check this two VPNs I'm affiliated with, they're the best". The review script is odd. He values <1h customer support response higher than all the privacy points combined. Speed test results may depend on the time of day, location and server load, so one day the score may be 50 and another 40 points or lower. A bit off-topic: There was a civil war/drama between some VPNs, mainly *cough*Windscribe*cough* and him. I was following their discord channel some time ago. Previously he was promoting them as one of the best VPNs, but when they announced shutdown of affiliate program he started throwing blames (telling a company that they should keep it - continue paying him). Since then he moved them to the bottom of the tier list .

Hi, I worked for free on the 1st, 2nd and 3rd reading of the Telecoms Package for a grassroots organization in close contact and co-operation with several other organizations including La Quadrature du Net, EDRi, the Swedish Pirate Party and EFF Europe with Eddan Katz (International Affairs Director). I also worked against ACTA (the Anti Counterfeiting Trade Agreement) with Katz and several activists since when the very first secret discussion paper was published by Wikileaks in 2008 and up to the final and total "victory" with ACTA's rejection by the European Parliament in 2012. My main activities were legislative analysis, giving lectures in Brussels at the Commission and the Parliament sites, as well as around Europe, or having discussions with MEPs and when possible Commission personnel to defend and explain grassroots movements point of view. In 2010 I co-founded AirVPN and when it had so much success I moved to a more "fundamental", technical activism, and finally left the public activism with direct lobbying. soon after 2013, when AirVPN took 100% of my work time. Currently my activism is reflected by AirVPN activities, technical infrastructure, donations etc. Kind regards

when playing with hummingbird on my raspberrypi, I once killed the process and managed to bring the bird into a quite strange state. What´s the best way to get back to normal? pi@raspi:~ $ uname -srm Linux 5.10.17-v7l+ armv7l pi@raspi:~ $ sudo hummingbird -e Hummingbird - AirVPN OpenVPN 3 Client 1.1.2 - 4 June 2021 It seems this program did not exit gracefully or has been killed. Your system may not be working properly and your network connection may not work as expected. To recover your network settings, run this program again and use the "--recover-network" option. pi@raspi:~ $ sudo hummingbird --recover-network Hummingbird - AirVPN OpenVPN 3 Client 1.1.2 - 4 June 2021 It seems this program has properly exited in its last run and it has already restored network settings on exit. Network recovery is not needed.

Both of these txt files, too. Then it should work.

@m1ster Hello! You can't build Hummingbird or the AirPVN Suite in FreeBSD because OpenVPN3 AirVPN library needs various modification for FreeBSD, you will not be able to even compile it at the moment. We have plans to port the AirVPN Suite to FreeBSD later this year, but first we need to adapt the library, which might be or not a trivial task, and we must release a new Eddie Android edition version before the summer is over. At the moment you only have the Linux binary compatibility mode option (try with Hummingbird, as Eddie will have too many complications due to Mono), and of course OpenVPN 2.5.2. Hummingbird and the Suite support and have always supported pf, the default FreeBSD firewall, but different directory tree and some other issue may cause trouble. https://docs.freebsd.org/en/books/handbook/linuxemu/ Anyway we assure you that FreeBSD support improvement with native applications remains our goal for 2021. Our FreeBSD users are many (25% of our Windows customers, and 20% of our Linux customers, who are currently the absolute majority), not to mention the system outstanding superiority, so stay tuned. Kind regards

Wow, a guide! Thank you very much for the work you put into it. I'll probably test it out one of these days. This is false. It is available and working as intended on Linux. This is true, though. But in all fairness, most directives in OpenVPN refer to v4 only. One thing came to mind when I read this:

AIRVPN DOES NOT RECOGNIZE ANYMORE VERISIGN, AFILIAS AND ICANN AUTHORITY. OUR COMMITMENT AGAINST UNITED STATES OF AMERICA UNFAIR AND ILLEGAL DOMAIN NAMES SEIZURES. The United States of America authorities have been performing domain names seizures since the end of 2010. The seizures have been performed against perfectly legal web-sites and/or against web-sites outside US jurisdiction. Administrators of some of those web-sites had been previously acquitted of any charge by courts in the European Union. The domain name seizures affect the world wide web in its entirety since they are performed bypassing the original registrar and forcing VeriSign and Afilias (american companies which administer TLDs like .org, .net, .info and .com) to transfer the domain name to USA authorities property. No proper judicial overview is guaranteed during the seizure. Given all of the above, we repute that these acts: - are a violation of EU citizens fundamental rights, as enshrined in the European Convention on Human Rights; - are an attack against the Internet infrastructure and the cyberspace; - are a strong hint which shows that decision capacities of USA Department of Justice and ICE are severely impaired; and therefore from now on AirVPN does not recognize VeriSign, Afilias and/or ICANN authority over domain names. AirVPN refuses to resolve "seized" domain names to the IP address designated by USA authorities, allowing normal access to the original servers' websites / legitimate Ip addresses. In order to fulfil the objective, we have put in place an experimental service which is already working fine. If you find anomalies, please let us know, the system will surely improve in time. Kind regards AirVPN admins

You can either do that, like I did, or simply use the advanced settings when creating a config file and do not selct IPV6, so all your settings are IPV4. It will then work as well.

By using Tor behind an AirVPN node, you are blacklisting dozens of websites for no reason. IRC servers such as Freenode have been blocked, and now even imgur is blocked from uploading because it thinks its Tor. Heze is a good server and its one of only two on the West Coast, so please stop running Tor behind AirVPN nodes.

Hello! A dedicated panel to manage your client certificates and keys is accessible in our web site. In order to access the main control panel click Client Area while your account is logged into the AirVPN web site. The Devices / Keys tab provides you with access to a panel to administer your client certificate/key pairs. The panel lets you use a multi-certificate/key support from AirVPN, a comfortable and convenient feature. You can have multiple pairs, renew them and issue completely new ones. From each device of yours you will be free to use any pair you like. Therefore you can keep all of your certificates and keys under control, administer them and also connect multiple devices to the same server and port by using a different key on each device. Eddie 2.13.6 or higher is required. In Eddie's Overview window a menu which will let you choose a key before you start a connection will appear automatically when you create a new certificate/key par from your account control panel (note: restart Eddie and log your account out and in again if such menu does not appear). To create a new certificate/key pair click the button labeled Add a new device. The Configuration Generator has been modified as well, in order to let you generate configuration files with the certificate/key pair you wish. Let's see in details how to use the "Devices/Keys" options. Device Name and Description: these are free name and description which you can associate to any pair for your comfort. Click the pencil icon to edit. Details opens a window showing various information: Type, Creation date, Last renew date and Last VPN connection. In the same window you can find the following actions: Renew: when you click this action button, the corresponding certificate will be revoked, and a new certificate/key pair will be issued. Delete: this action button will revoke the corresponding certificate, without issuing a new one. DNS: this action button will let you enter the DNS block list panel for that specific certificate/key pair to let you define, activate or de-activate specific DNS block lists, exceptions and additions, which will apply to that pair only. View history and View Active will toggle with each other to provide you with any relevant information on the history of your actions about keys and the current active list. Some caution when using the aforementioned features: if you revoke or renew a certificate/key pair which is being used by some connected device, that device will soon be disconnected in Eddie, you will need to log your account out and then in again to force Eddie to pick a different pair (new or old) to use new pairs, you will need to re-generate and import configuration files if you use them with some third-party software, or if you run OpenVPN or Wireguard directly Kind regards and datalove AirVPN Staff

And BTW, @VpnAndMe: the IPLeak website (run by the good folks from AirVPN) checks and reports whether you're susceptible to the WebRTC leak.

Hello! If you had Network Lock enabled in our Air client, you have always prevented "WebRTC leaks", as well as any other packet out of the tunnel sent by any process binding to your physical network card. https://airvpn.org/faq/software_lock/ Kind regards

Hello! Some additional considerations on the whole discussion. It seems somehow paradoxical that some of our customers explicitly ask for Net Neutrality violation when they look exactly for a service capable to respect Net Neutrality with no discriminations against any protocol. As soon as Net Neutrality respect brings inconveniences created by third-parties, we are somehow invited to send such respect into the trashcan. We tend to think that it would be more appropriate and honest to focus energy and protests against those services whose administrators actively contribute to destroy the open Internet, with Tor indiscriminate bans, huge blacklists which block millions of IP addresses just because they are 'used as NAT' or because they are used to operate dedicated servers. It seems unquestionable that the concept behind such actions is an Internet where end-to-end principle and privacy are deemed as negative features to be fought. Remember our philosophy and mission: banning a server of ours because it's a source of problems appears as a very questionable action. It is the same error that some services do with Tor: to hit someone, they ban innocent users who love their privacy or who are forced to use Tor to bypass censorship in their country. If our servers or a Tor node are performing vulnerability scan, service needs to fix the vulnerability, not blame who caught it red handed. If our servers or a Tor node are wasting a service resource, service operators need to learn how to configure well their systems. If a service can't afford a method to manage spam, it should close the discussion system, it would be better for all. For all of the above, AirVPN will never violate Net Neutrality, and so we'll never commit any action to help "incompetent services". Kind regards AirVPN Staff