go558a83nk

Some extension developers might need some more time to adjust for the new WebExtensions API.
Overall it's a good step forward, and most "important" extensions such as HTTPS Everywhere, NoScript and uBlock Origin are supported.
 
You can always use Firefox ESR in the meantime, it is branched from version 52 with backward compatibility and upstream patches.
Tor Browser is branched from ESR as well.

Quantum was a huge step backward in my opinion. While I do not entirely disagree with the long term goals, they broke the extensions that always made Firefox great. And while I appreciate the thought, I have a list of legacy extensions than now do nothing and cannot in this version be compelled to work. (That was a nice touch for the browser to at least show me what extensions it is not going to use so I can seek replacements.)
 
Unfortunately it would seem there is no such thing as a perfect browser anymore. Waterfox will not work with ANY advertisement blocker extension for some reason I have yet to determine. Pale Moon, while lean, is also featureless and void of the same beloved extensions that make Firefox great. Chrome... Not even considering anything made by Google, not even if they swear on a stack of Bibles that they will not betray me.
 
So I guess I am either stuck with Quantum, or I could install a portable version of an earlier Firefox and see if it will do everything I want.
 
Good luck to anyone considering a change. You may need it more than you think.

Hello!

We're glad to inform you that according to our ongoing support toward compatible with our mission projects, we have begun running mirror nodes to enhance distribution of Free and Open Source Software.
 
Please find the current status of the mirror nodes, the list of supported software as well as additional information in the new, dedicated page https://airvpn.org/mirrors
 
We provide this service for free. Do you need mirrors to aid your software downloads, or do you know services which would need our support? If a software meets our mission priorities feel free to propose and discuss about it in our forum.
 
Kind regards and datalove
AirVPN Staff
 

My suggestion is for you to use Asus Merlin firmware, where you get much more control over openvpn.  There you can specify what DNS you want to use.  My thoughts are you're having a DNS problem.

Your eddie portable version of the client which is written in C# make enormous not needed usage of CPU on my ArchLinux. It continually uses around 50% of the CPU which from some reason make load on my machine goes over the 120 load after few minutes. My machine is two core four threads and it uses two cores fully all the time which is insane. I used simply openvpn with generated certs from the website and had minimal under 1% usage. Why does the eddie have that much use of cpu resources. Also one bad thing why there is no possibility to minimize your client. That is a bit irritating.

Btw I have disabled checking for servers first I have selected checking for servers every minute then I thought maybe badly written code have problem with checking of the servers. Its not that. I dont write C# I write C and C++ I can write C# I just don't want to. And I expected at least a decent client. Btw I'm using your portable version I might try with AUR version. version is 2.13.6 which is the latest version.

Would anyone like to help rewrite this software in either QT C++ or some functional paradigm language because client that behave like this is insanity. Simply mono framework and C# are buggy on Linux and there is always an issue with something if you guys do have a target audience in Linux users too it would be nicer to write it in some Linux frameworks either QT or gtk. I mean I might switch again to using my archlinux openvpn client and use ovpn files but that removes one nice functionality which is easy switch of servers. If I wanted to use only single server I would use some of my machines and setup vpn server on them.
 
Btw 2 months without release and any commit on github is a bit scary for professional project. If you guys use some private repo for development you should just have faster release cycles if not then just involve more people in project and have the gitrepository at least a bit more active.

Is anyone aware of a statement by any VPN company that they would ignore a court order valid in their jurisdiction? If so does anyone actually believe that? Do you believe that VPN companies do not take their terms of service seriously? Did you read beyond the first sentence?

That's exactly what enabling geolocation in browser does.  But, you can spoof it with an add-on such as location guard.  Otherwise I suggest you disable that setting in your browser.

Tonight it's bad for me.  I tested 15 minutes ago and got good speed.  But, now it's less than 1mbit/s and I'm getting packet loss to the server (Ran) according to pfsense gateway monitoring.

masterip.txt
 
 
 
The first half mitigates ddos attacks. The second half is for tor and the vpn. I use ssh port 22. I disable the proxy in client and restart tor the proxy gets in the way sometimes. I install iptables-persistent and then ran a dpkg-reconfigure iptables-persistent and that save the rules to rules.v4 and rules.v6 files in /etc/iptables. I suggest wireshark to sniff packets if you are dedicated on debian just install ap install wireshark. on fedora you have to install the gnome package theres a tutorial on youtube. When loading iptables make sure your network is owned by you because you will block subnets from the outside world im using 192.168.0.0/16 and 127.0.0.0/8 for network so if this is true for you it should work if you see a subnet in there that you own under the drop commands I would delete it. you can add the other two that I just mentioned in the drop command if you are not using these.Also I am using tor through tor routing so I have isc-dhcp-server set up. If you mess up on these iptables -F and iptables -t nat -F then remove the rules files and reboot at least that was the only way I could get my network back. If you do lose connection you are blocking a subnet that you device communicates with.
 
 
 
I'M STILL WORKING ON THIS IT SEEMS YOU NEED AIR RUNNING TO RUN IPCHAINS SO DON'T RUN THE DPKG COMMAND BECAUSE THEY WILL LOAD ON EVERY REBOOT. SAVE THEM AND RELOAD THEM AFTER YOU HAVE VPN RUNNING!!!!!!
 
 
for onion routing tor through tor I have new ip chains for ubuntu see rolph tag my new ip chains revised

Create NAT and firewall rules that allow your work computer out via the WAN not VPN.
 
My suggestion is to create aliases.  One alias for devices you want through the VPN, another for devices you want through the WAN.  Or you might create just one alias for VPN devices and by default new devices will go via WAN.  I figured this was best for when I have guests they probably don't want to be going through VPN.
 
Then edit and/or create NAT and firewall rules using those aliases.

Yes, in the config generator advanced settings.
 
If you're using Merlin Asus firmware you should be able to just change the server port and save.  But, I think stock firmware gives you no options.

I haven't followed all this but i read your thread on reddit.  I've been saying this re cogent for some time - that it's cogent's connection from Dallas VPN servers to Houston Comcast that's clogged, not Comcast themselves.
 
That's why the new Dallas servers are horrible during peak hours but the previous servers became quite nice because they started using Zayo to reach Comcast Houston.  (there was a point in the past that only Tonatiuh was good for me)

Hello!
 
This is a bizarre explanation for the issue because if there are no leaks (which may well occur with UPnP enabled and Network Lock disabled) it doesn't matter whether the torrent client establishes one or a hundred thousand half-open TCP connections, your router will see only ONE stream (the unique connection necessary for the tunnel between your node and the VPN server).
 
Anything from qBittorrent (and any other application) is wrapped by OpenVPN (in UDP or TCP) and your router does not even see it. Anything lying under is re-ordered, unwrapped and decrypted in the VPN server only.
 
The huge difference is in the TCP/IP stack of the system running qBittorrent.
 
Kind regards

Short experience report: VPN works with the given help perfectly. Thank you very much!

I'd like to clarify a few things. First, IVPN did pay me for the work. And, having written a leak-testing guide for them, I knew that I hadn't managed to make their Windows or OSX clients leak. As long as their firewall was on, that is. However, I was entirely free to choose which other VPNs to test. And there were no restrictions on what I could or couldn't report. Indeed, I reported that six Windows clients didn't leak, and four OS X clients.
 
Second, I did in fact leave the default "Allow pings" option checked in the AirVPN client's "Network Lock". But here's the thing: I didn't even look at the options. Nor did I look at options for the firewall in IVPN's Windows and OSX clients, or at options for any firewall/lock/kill-switch features in other VPN clients. If I saw a firewall/lock/kill-switch feature, I enabled it. Also any other top-level security features. But I did no fine tuning.
 
Why did I do that? I did it because I wasn't just testing the capabilities of VPN clients. Rather, I was testing how VPN clients performed for users that are security-conscious, but not highly technical. I mean, if they were highly technical, they'd be running open-source OpenVPN clients, and using firewall rules to prevent leaks. Or pfSense VMs. So my target users were people who knew that leaks could happen, and so would enable features to prevent them. But such users wouldn't have the technical expertise to change default options in those features. And arguably, they might not even look. At least, not when they first used the VPN client.
 
And the point is that even one leaked packet can be problematic. Let's say that you're torrenting some popular film or TV episode. You notice that your Internet connection is funky, and the VPN connection is flapping. So you close the torrent client, and troubleshoot the problem. What can bite you is the tendency for torrent clients to ping swarms, when transfers start failing. And pinging malicious peers directly, rather than through the VPN, can disclose your IP to people who will make trouble for you.
 
Also, there was an odd difference between the behavior of AirVPN's Windows and OSX clients (both v2.10). I was pinging 8.8.8.8 throughout the testing. In Windows, I saw no pings to 8.8.8.8, or replies from it, until after exiting from the AirVPN client. In OS X, I saw no ping requests/responses until after interrupting and restoring the uplink. So Network Lock in the OSX client must have been blocking pings initially, just as in the Windows client. But unlike the Windows client, the OSX client apparently allowed pings during reconnection after uplink interruption.
 
Third, I did not contact AirVPN, or any of the other VPNs for which I found leaks. I did announce https://vpntesting.info/ on Wilders Security Forums and in /r/VPNs, and summarized the results. I assumed that VPN providers would generally be monitoring such sites for issues. And Wilders does trend high in Google results. Also, I admit, the prospect of dialoguing with numerous VPNs, and retesting their clients, was daunting.
 
In any case, it was a mistake to not alert VPNs to the leaks. And I apologize.

Making progress.  Still needs some tweaks but I bought an additional router, placed the gateway (3 in one, b/c I use VOIP) in bridge mode, then set up my router w/ settings more towards my liking.  Right now I'm not getting the speeds I had in the past during peak hours, but I know I'm getting closer... b/c I can tweak the Netgear Router settings vs. the VOIP/Gateway I still have to use.  Before I only had a leased Comcast 3in1 router/gateway/VOIP -so I was limited.  I might be wrong, but using two routers w/ Comcast might be the way to go in general (whether you need a VOIP gateway or not)... w/ just the one, they lock it down, force firmware updates, mandate DNS, no Static connection, et. 
 
It's getting better... once I find the settings on the my new 2nd Router that finally puts this Comcast shaping thing to bed I'll post more.  Oh, one tip did help w/ the initial 2nd router set-up -which I found here... 
 
https://www.reddit.com/r/Comcast/comments/42ths7/arris_tg1682g_how_to_solve_your_bridge_mode_woes/

The reason I ask about time is because depending on the environment the system may write out the space needed on the hard drive as soon as the torrent is started.  Since the hard drive is in 100% use for a time the torrent speed drops to 0.  Once the hard drive is done writing torrent speed goes up.  But, it sounds like you've been very patient.

how long have you left torrents running?
 
what torrent client are you using?
 
do you have "utp"  turned on?

Sadly there has been basically zero outcry about this illegal throttle. (The throttle itself is legal, but enforcement requires them to break secure connections, and that is a crime in all parts of America for any purpose other than law enforcement, and even then a warrant is required.)

If a protocol is not working you should send a note to AirVPN staff via the "contact us" page.

Hello!

We're very glad to inform you that ten new 1 Gbit/s servers located in Dallas (TX), USA, are available: Chamaeleon, Equuleus, Helvetios, Leo, Mensa, Pegasus, Ran, Scutum, Volans, Vulpecula.

The AirVPN client will show automatically the new servers, while if you use the OpenVPN client you can generate all the files to access them through our configuration/certificates/key generator (menu "Client Area"->"Config generator").

The servers accept connections on ports 53, 80, 443, 1194, 2018 UDP and TCP.

Just like every other Air server, they support OpenVPN over SSL and OpenVPN over SSH.

As usual no traffic limits, no logs, no discrimination on protocols and hardened security against various attacks with separate entry and exit-IP addresses.
 
Please note that the aforementioned servers will replace the following five servers in Dallas which will be withdrawn within a week:
Aldib, Alnair, Alsavi, Auva, Rasalgethi
 
Do not hesitate to contact us for any information or issue.

Kind regards and datalove
AirVPN Team

if I used Eddie I'd test for you.  Sorry. 

All, maybe you didn't see this tweet https://twitter.com/airvpn/status/865895863041785857 regarding a throughput record.  It is possible to max out a server but it'll only be 500mbit/s to the end user because the corresponding 500mbit/s inbound to the server counts against the 1gbit/s max.  Of course, some servers may actually have higher capabilities but 1gbit/s is what's guaranteed by the datacenter.  And, you're hitting against the maximum capabilities of the encryption unit.
 
The 4mbit/s guarantee by AirVPN is based on statistics of their overall system as I understand it.  It doesn't guarantee that all users of a given server will be able to get 4mbit/s always.  There's no way they could make that promise because every user is on a local system and using an ISP with many various problems of their own.  What it does guarantee is that if all customers were on at once AirVPN has the worldwide bandwidth to be able to offer all customers 4mbit/s.  But, it's up to the customer to pick the server with bandwidth available and up to the customer to have all problems on their end solved.

Hello!
 
We inform you that we will not be accepting BTC starting from July the 31st, late afternoon UTC, due to the proposed changes and likely implementations in the Bitcoin network.
 
As soon as the transition ends and the network gets "stable", we will re-accept Bitcoin payments.
 
EDIT: we started to accept Bitcoin again since Aug the 1st.
 
Kind regards and datalove
AirVPN Staff