Corsair28

I am not sure how to do that with the Firestarter firewall. Firestarter simplifies iptables. I tried doing something similar with iptables, but could not get it to work. I would say that is your best way to do what you are asking, but you would definitely have to do quite a bit of reading on iptables. You can try to do that with Firestarter too, I would have to look into doing that kind of setup with it, although I am very satisfied with this setup here now. Here is the website for Firestarter. They have a tutorial on there.-------> http://www.fs-security.com/

BTW, the last picture on the manual I posted above, the port should be 1194 and not 1149.

I am not sure how to do that with the Firestarter firewall. Firestarter simplifies iptables. I tried doing something similar with iptables, but could not get it to work. I would say that is your best way to do what you are asking, but you would definitely have to do quite a bit of reading on iptables. You can try to do that with Firestarter too, I would have to look into doing that kind of setup with it, although I am very satisfied with this setup here now. Here is the website for Firestarter. They have a tutorial on there.-------> http://www.fs-security.com/

BTW, the last picture on the manual I posted above, the port should be 1194 and not 1149.

Here are the pics to the rest of the guide.

WARNING: this guide assumes that you have no IPv6 connectivity. If you have, you should block outgoing IPv6 packets while connected to the VPN with "ip6tables". Please see https://airvpn.org/faq/software_lock
 
Here is a guide to prevent leaks and completely stop traffic when the VPN drops in Linux. If the openvpn connection drops you will not be able to access the internet while the firewall is activated. Just click the "stop firewall" button and reconnect with Openvpn, then re-enable to firewall. If you wish to connect to the internet without openvpn just press the "stop firewall" button within firestarter. This way you are protected in the VPN drops. Tested on Debian, Ubuntu, Mint, and OpenSUSE.

This is assuming you have already setup OpenVPN on Linux after following the guide here-----> https://airvpn.org/linux/

1). Install Firestarter firewall for Linux by opening the terminal and typiing ----> sudo apt-get install firestarter

2). Allow traffic on the OpenVPN interface by updating /etc/firestarter/user-pre. There are multiple ways to do this depending on your Linux Distro. Here are 2 examples.
A). Open the terminal with root privileges and type-----> gksu gedit /etc/firestarter/user-pre
Add the following text to /etc/firestarter/user-pre and save----------> $IPT -A INPUT -i tun+ -j ACCEPT
$IPT -A OUTPUT -o tun+ -j ACCEPT

. The second way is simply to go to the folder /etc/firestarter/ and click on the file USER-PRE and open in terminal with root privileges. Then add the code and save-----> $IPT -A INPUT -i tun+ -j ACCEPT
$IPT -A OUTPUT -o tun+ -j ACCEPT

3). Restart Firestarter by opening the terminal and typing ------------> sudo /etc/init.d/firestarter restart

4). Follow the images below to finish. You may have to restart the machine afterwards.

<a href="/external_link/?url=http%3A%2F%2Fbeta.photobucket.com%2F" target="_blank"><img src="/external_image/?url=http%3A%2F%2Fi1285.photobucket.com%2Falbums%2Fa582%2Fcorsair28%2F01firewallwizard.png" border="0" alt="Photobucket"/></a>
<a href="/external_link/?url=http%3A%2F%2Fbeta.photobucket.com%2F" target="_blank"><img src="/external_image/?url=http%3A%2F%2Fi1285.photobucket.com%2Falbums%2Fa582%2Fcorsair28%2F02firewallwizard.png" border="0" alt="Photobucket"/></a>
<a href="/external_link/?url=http%3A%2F%2Fbeta.photobucket.com%2F" target="_blank"><img src="/external_image/?url=http%3A%2F%2Fi1285.photobucket.com%2Falbums%2Fa582%2Fcorsair28%2F03wizard.png" border="0" alt="Photobucket"/></a>
<a href="/external_link/?url=http%3A%2F%2Fbeta.photobucket.com%2F" target="_blank"><img src="/external_image/?url=http%3A%2F%2Fi1285.photobucket.com%2Falbums%2Fa582%2Fcorsair28%2F04selectthepolicytab.png" border="0" alt="Photobucket"/></a>
<a href="/external_link/?url=http%3A%2F%2Fbeta.photobucket.com%2F" target="_blank"><img src="/external_image/?url=http%3A%2F%2Fi1285.photobucket.com%2Falbums%2Fa582%2Fcorsair28%2F05nothingdotooninboundp.png" border="0" alt="Photobucket"/></a>
<a href="/external_link/?url=http%3A%2F%2Fbeta.photobucket.com%2F" target="_blank"><img src="/external_image/?url=http%3A%2F%2Fi1285.photobucket.com%2Falbums%2Fa582%2Fcorsair28%2F06selectoutboundtraffic.png" border="0" alt="Photobucket"/></a>
<a href="/external_link/?url=http%3A%2F%2Fbeta.photobucket.com%2F" target="_blank"><img src="/external_image/?url=http%3A%2F%2Fi1285.photobucket.com%2Falbums%2Fa582%2Fcorsair28%2F07policyoutboundsetrest.png" border="0" alt="Photobucket"/></a>

Doesn't matter that the servers are gone temporarily. What matters is having a provider that is willing to accommodate Air's agreement to the level of service they want to provide to their customers. I'll wait for new servers and rather have security without compromise. If there are no servers in the USA one day, then I will connect to another country instead. Regardless I will always stick with Air because of their commitment to privacy for their customers. Thanks for the info and keep up the good work!

Happy New Year Giganerd!
 
I hope your wish comes true, but with all of the taxpayer money funding these programs, its not likely to happen until the majority of people are educated enough to understand the programs they are supporting.  Snowden was labeled a traitor under the guise that he is keeping the government from protecting the citizens.  The majority of people are not informed well enough on technology, so it is easy to manipulate them with fear and offer to protect them at the small price of liberty.  The more people we educate, the more likely these mass surveillance programs will be exposed for what they really are.  
 
To everyone here on the forum have a happy, healthy, and prosperous new year!
 
To the Air staff I wish you all continued success and thank you for providing a great service.  Keep up the good work it is much appreciated!

Happy New Year Giganerd!
 
I hope your wish comes true, but with all of the taxpayer money funding these programs, its not likely to happen until the majority of people are educated enough to understand the programs they are supporting.  Snowden was labeled a traitor under the guise that he is keeping the government from protecting the citizens.  The majority of people are not informed well enough on technology, so it is easy to manipulate them with fear and offer to protect them at the small price of liberty.  The more people we educate, the more likely these mass surveillance programs will be exposed for what they really are.  
 
To everyone here on the forum have a happy, healthy, and prosperous new year!
 
To the Air staff I wish you all continued success and thank you for providing a great service.  Keep up the good work it is much appreciated!

Interesting bit of conversation.  I dont worry much about AES encryption being breached or even OpenVPN for that matter.  I am more concerned about the alternative ways that my privacy can be breached.  Agencies have enormous resources and spend night and day finding clever ways to spy on the citizenry.  I would say worry about protecting your network and computer first before worrying about your connection with AirVPN.  There is a reason I have been using Air and I will continue to do so long into the foreseeable future. 

This setup works very well.  I have had to change several times due to the dynamics at work.  I just wanted to add that using comodo firewall to make sure the VM only uses air and has no internet access once disconnected is easy to do you can use the same rule as utorrent

I hear many people run multiple virtual boxes if you own a quad cpu and 8gig+ or above you will be fine,  whonix is a popular choice and runs under Tor network.  You could also run Ubuntu in another vbox,  if you setup truecrypt then even safer.
 
I think its a great idea,  your normal windows is fine,   any other logs and activities,  windows logs will only see you opened virtualbox software.  You can further run the latest version of ccleaner and privazer which supports cleanup of Windows logs (finally!) and also virtual box logs (set dod pass for non recovery) you can set them up on schedule daily even or upon boot,  this way an adversary has nothing much to check into!
 
This way your linux torrents and surfing and any other activities remain in a virtual box and much better privacy and security.  Just bare in mind when you shut down your virtual machines perhaps you may want it to not save any data/changes ?  the other issue is an adversary could catch your system live and not encrypted and thus have full access to your drives and virtual boxes and see all the data and usage !   Just like AirVPN has a kill switch,  maybe you require one also.  I was thinking perhaps there maybe a screen lock or screen password to perhaps work inbetween this issue but not sure of one on linux.