Old Fella reacted to corrado in Alternative AirVPN client with provider-independent double-hop support (GNU/Linux) ...
I have written an alternative client for AirVPN that I would like to share with you. Just as Eddie, it supports other providers, too, as long as OpenVPN config files are provided. For AirVPN and Mullvad it offers a convenient update function that just requires you to enter your credentials in order to download the latest server configurations. Furthermore, it allows you to choose among the plethora of protocols offered by AirVPN (including OpenVPN over SSL/SSH) except the experimental ones (I might add support for those in the future, once they become available for all servers).
Qomui (Qt OpenVPN management UI) as I have named it, is written in Python and PyQt and should run on any GNU/Linux distribution. It allows you to easily create double-hop connections. In other words, you can route your requests via two OpenVPN servers. This feature works provider-independent. For example, you could choose a Mullvad server for the first hop, and AirVPN for the second (I have successfully tested this with AirVPN, Mullvad and ProtonVPN). Thereby, it avoids a major downside of similar offers by some providers, namely the fact that if one provider controls all "hops" he or she could potentially still see, log or inspect all your traffic. In the latter case, you would gain little in terms of privacy. With the ability to "mix" providers, Qomui does not suffer from the same problem and hence offers some tangible benefits. Obviously, you would still have to sacrifice some speed/bandwith, though.
Depending on your DE (looking at you, Gnome!), Qomui will also display a systray icon that shows the country of the server you are currently connected to. Additional features include protection against DNS leaks and a firewall that optionally blocks all outgoing network connections except for the OpenVPN server you have chosen. Since it is never recommended to run graphical applications as root, which is a major flaw of most OpenVPN clients, all commands that require root privileges are handled by a background service that can be controlled via systemd. The following screenshot gives you an idea of what Qomui looks like (on Arch/Arc Dark Theme).
If you are interested, you can download Qomui from github: https://github.com/corrad1nho/qomui
Of course, I'd be happy for any kind of feedback. If you find bugs or Qomui does not run properly or not at all on your machine, please let me know. I'm happy to help!
At last, a big thank you to AirVPN and its amazing community. The fact that you rely more on explaining technical details than empty promises, has helped me to learn a lot. It is also one of the main reason why I chose AirVPN. Commendably, Eddie is also released as open-source software. Only Mullvad does that, too, to my knowledge. Why doesn't every provider do that? You are selling a service, not software! Why would I trust in proprietary software? Funnily, I have never really used Eddie, though, since I was accustomed to manually adding config files to NetworkManager as my first provider did not offer a GNU/Linux client. My interest in features such as OpenVPN over SSL made me look into more convenient solutions, though. Ultimately I decided to write my own program as I wanted to learn some Python and this provided a perfect practical challenge. I have actually used Qomui daily on multiple machines during the past few months and constantly tried to improve it. So I'd thought it'd be about to time to share it (it's an alpha release, though).
Have a nice weekend!
Old Fella reacted to Staff in Status of Eddie on Linux distributions ...
Last update: 16 May 2018 - Related to version: Eddie 2.14.4
Any Linux distribution has at least:a different graphics server (X11, Wayland) a different desktop environment (GNOME, KDE, LXTE etc.) a package manager with a specific format (deb, rpm, tar.xf etc.) a different packaging signature for trust and security a different method to obtain administrative privileges, required by advanced features of Eddie (also because OpenVPN requires them) a different set of packages used by our client, that sometimes have different names (for example 'stunnel4' under Debian, 'stunnel' for Fedora) maybe a different DNS management. We are working at our best to support every kind of configuration managed by our source code directly, when possible.
Tested without known issues
Debian (tested 7/8/9) Ubuntu (18.04 GNOME tested) Ubuntu Mate (18.04 tested) Devuan (tested Ascii) Mint Arch (XFCE tested) Fedora (28 tested)
With minimal issues
openSUSE (Tumbleweed KDE tested)
openSUSE (Tumbleweed GNOME tested)
Works, with no tray icon. Elementary
Works, but tray icon, web and folder links don't work.
Sometimes Tray icon works, but it is not shown because the desktop environment hides it.
For example, latest GNOME may require a separate shell extension (generally TopIcons). Currently Eddie 2.x under Linux requires root privileges (like GParted or Synaptic Manager).
Elevation is generally obtained with a polkit policy file (pkexec) if installed, otherwise fallback methods are used when available (gksu, kdesu, beesu etc.).
When the UI runs as root, there are four -optional- actions that are performed as normal user: tray icon, notifications, open web links and open file folders.
If it is not possible to act as a normal user, such actions are not performed at all.
A totally separated UI (as a normal user) vs. root-actions (as root user, service or separate process) is currently under development.
Minimal lintian warnings on .deb edition General info details on .deb edition (for example, reporting Proprietary as License, not true.) General info details on .rpm edition (for example, reporting Proprietary as License, not true.) Create official package for AUR and other distributions. Create packages also for CLI-only edition. Create packages based on direct source compilation. Procedures to include Eddie in official/standard repository
Old Fella got a reaction from auser17 in Eddie plays dead - Mint Sylvia ...
Almost every time I go to shut down or restart Linux Mint 18.3 the Eddie Window is unresponsive; I can display it but I am unable to click anything on it. Initially I just shut the system down regardless but if I don't want to sign out I have to shut down all *vpn processes manually, usually with htop cos its quicker.
Just what might the issue be? It isn't new, I've had this happen for a long time, just not as often.
Old Fella reacted to Mad_Max in Using AirVPN with qBittorrent ...
You can add one more option to make sure that qBittoorent always uses AirVpn no matter what.
Go to Tools --> Options --> Advanced --> Network interface (Requires Restart)... change this to your vpn interface, in my case i use a cable and its "Ethernet 2"
One more thing, in Eddie, make sure u have Network lock always on.
you can test if your torrent client is leaking information from ipleak.net they have a torrent file that can test ur client.
Old Fella reacted to Staff in Five simultaneous connections per account ...
We're glad to inform you that, from now on, every account can establish up to five simultaneous connections to AirVPN servers. As usual, no restrictions will be applied on IP addresses.
No price increase has been planned for this new feature.
We're confident that allowing 5 connections per account at the very same price will meet and even exceed the expectations of our customers.
Please do not hesitate to contact us for any further information.
Kind regards & datalove
Old Fella reacted to Staff in PureVPN logging ...
we don't monitor and/or inspect (with or without logging) the traffic of any OpenVPN client. The information that you report shows that PureVPN did.
If you can't afford to trust our words please apply partition of trust. The fact that we don't block OpenVPN connections over Tor node or any socks or http proxy should say something about our honesty.
Furthermore, the fact the you don't have any official statement after seven years of AirVPN activity and hundreds of thousands rotating customers about any compromised customers identity (and you have such information about HideMyAss, PureVPN and other services) should be also taken into serious consideration.
Old Fella reacted to OpenSourcerer in BBC iPlayer knows my location despite VPN ...
A poor word, to be honest. It's a feature designed to be able to view geo-restricted content without switching servers.
Say, you want to view BBC iPlayer and you are connected to Kitalpha in Switzerland. Now, viewing BBC would suggest you are viewing this site from Switzerland, but only UK residents are allowed to view it (geo-restricted to UK). To not make you reconnect to a UK server, your request will be rerouted through GB2, a rerouting server of AirVPN used only for this purpose.
You <---> Kitalpha, CH <---> GB2 <---> BBC
In the end, the request appears to have come from a UK IP, even if you connect to Mesarthim in Germany the next time, and Phoenicis in Romania the next day.
Old Fella got a reaction from BullockBob in BBC iPlayer knows my location despite VPN ...
wow, thats what i call a detailed answer. About as useful as a choccy fire grate unless you are as clever as the respondent thinks he is or then you have to go find out what micro routing is and die of boredom.
So the answer is you have no concern.
Old Fella reacted to Staff in Likes and dislikes (IPv6) ...
the correct option is "-netlock" as clearly specified in the instructions.
Also type "airvpn -cli -help" or "man airvpn" to print the manual.
It is clearly specified in the guides, in the welcome e-mail that's sent when you subscribe to the service, in the dedicated forum and in the instructions for various Operating Systems.
There is no security breach.
We're glad too even if we are somehow puzzled to read your initial concerns. Perhaps they were just caused by a lack of information. You MUST read our instructions and you will be just fine.
Old Fella reacted to zhang888 in Does AirVPN support compression? ...
Compression is supported, but not recommended for all devices.
Note that most data that passes inside the tunnel is not compressible in any case, so the theoretical
gain you can benefit from using compression is very limited by what you are going to test.
Unless you are doing iperf tests with compressible data, such as /dev/zero, this is not going to benefit
you much, as most of the real-life traffic is not compressible from the beginning, such as encrypted
underlying protocols (when you use HTTPS websites) and so on.
This is based on the axiom that encrypted data is random. And random data can't be compressed.
A safer default would be turning it off, or at the best as 'adaptive'.
From the OpenVPN wiki:
With adaptive compression, OpenVPN will periodically sample the compression process to measure its efficiency. If the data being sent over the tunnel is
already compressed, the compression efficiency will be very low, triggering openvpn to disable compression for a period of time until the next re-sample test.
This was a more practical feature in the earlier days of the internet, when most traffic was counted and billed and data was mostly plain-text.
More about it here: