Jump to content
Not connected, Your IP:


  • Content Count

  • Joined

  • Last visited

  • Days Won


Everything posted by Clodo

  1. This software doesn't use Windows Firewall (can be turned off), and doesn't touch anything in the OS. I have not yet tested what happens if used with a third-party firewall like Comodo. Probably Pocket Firewall takes the precedence due to priority weight on WFP.
  2. Thanks, i reproduce it with a shortcut with minimized like your approach. Will be fixed in the next build.
  3. In Settings, Ensure you have DNS -> "DNS Switch Mode" on "Automatic" Ensure you have Advanced -> "Ensure DNS Lock" checked and post a log and your OS, please. After, try to enable Advanced -> "Force all network interfaces for DNS". Thanks.
  4. About this: The bugfix it's related to timeout when used with Tor. Probably don't affect you. So, maybe you can use the .deb release on rPI Or maybe more simple: install yourself openvpn package, mono runtime, download "Eddie - Portable Mono required", and delete the 'openvpn' and 'stunnel' bundled in tar.gz. If Eddie don't find it and found openvpn in the system, will use it. Please report the results of your experiment, maybe a guide or an official package of Eddie for rPI maybe builded.
  5. Pocket Firewall for Windows (Vista and above, no XP) Doesn't require any driver installationPortablePocket, Safe, absolutely not OS invasive: if you brutally kill the process, rules are cleaned (persistent mode not yet implemented).Requires Administrator privilegesRequires .NET 4 (at the moment)32 bit and 64 bit editionIt is not needed for Network Lock, IPv6 block or DNS Lock with Eddie (AirVPN client). Eddie 2.11 (currently under experimental phase) that already has it built-in. It was born to study whether we can avoid the dependencies between Eddie (AirVPN Client) and Windows Firewall for the Network Lock / IPv6 lock / DNS lock features. There are a lot of improvements that can be done (viewer/editor of rules running on the system, persistent rules across boot, etc). I think it can be an interesting community project, a free and open source alternative to expensive firewall software. I released all source-code on GitHub (under GPLv3). Download v0.1: 32 bit , 64 bit
  6. Hi, i open a specific topic about this issue here: https://airvpn.org/topic/18709-eddie-portable-with-mono-44-libmonoposixhelper-issue/
  7. In some Linux distro (ArchLinux for example), Eddie portable edition throw this error: Unhandled Exception: System.TypeInitializationException: An exception was thrown by the type initializer for Mono.Unix.Native.Syscall ---> System.DllNotFoundException: $mono_libdir/libMonoPosixHelper.so The issue occurs only with Portable edition and only if Mono 4.4 is installed. The quick solution is using the Portable (Mono required) version. Or edit the file /etc/mono/config and replace <dllmap dll="MonoPosixHelper" target="$mono_libdir/libMonoPosixHelper.so" os="!windows" />with <dllmap dll="MonoPosixHelper" target="libMonoPosixHelper.so" os="!windows" />TL; DR; /etc/mono/config have an hardcoded path in it, only for libMonoPosixHelper.so <configuration> <dllmap dll="i:cygwin1.dll" target="libc.so.6" os="!windows" /> <dllmap dll="libc" target="libc.so.6" os="!windows"/> <dllmap dll="intl" target="libc.so.6" os="!windows"/> <dllmap dll="intl" name="bind_textdomain_codeset" target="libc.so.6" os="solaris"/> <dllmap dll="libintl" name="bind_textdomain_codeset" target="libc.so.6" os="solaris"/> <dllmap dll="libintl" target="libc.so.6" os="!windows"/> <dllmap dll="i:libxslt.dll" target="libxslt.so" os="!windows"/> <dllmap dll="i:odbc32.dll" target="libodbc.so" os="!windows"/> <dllmap dll="i:odbc32.dll" target="libiodbc.dylib" os="osx"/> <dllmap dll="oci" target="libclntsh.so" os="!windows"/> <dllmap dll="db2cli" target="libdb2_36.so" os="!windows"/> <dllmap dll="MonoPosixHelper" target="$mono_libdir/libMonoPosixHelper.so" os="!windows" /> <dllmap dll="i:msvcrt" target="libc.so.6" os="!windows"/> <dllmap dll="i:msvcrt.dll" target="libc.so.6" os="!windows"/> <dllmap dll="sqlite" target="libsqlite.so.0" os="!windows"/> <dllmap dll="sqlite3" target="libsqlite3.so.0" os="!windows"/> <dllmap dll="libX11" target="libX11.so.6" os="!windows" /> <dllmap dll="libgdk-x11-2.0" target="libgdk-x11-2.0.so.0" os="!windows"/> <dllmap dll="libgtk-x11-2.0" target="libgtk-x11-2.0.so.0" os="!windows"/> <dllmap dll="libXinerama" target="libXinerama.so.1" os="!windows" /> <dllmap dll="libcairo-2.dll" target="libcairo.so.2" os="!windows"/> <dllmap dll="libcairo-2.dll" target="libcairo.2.dylib" os="osx"/> <dllmap dll="libcups" target="libcups.so.2" os="!windows"/> <dllmap dll="libcups" target="libcups.dylib" os="osx"/> <dllmap dll="i:kernel32.dll"> <dllentry dll="__Internal" name="CopyMemory" target="mono_win32_compat_CopyMemory"/> <dllentry dll="__Internal" name="FillMemory" target="mono_win32_compat_FillMemory"/> <dllentry dll="__Internal" name="MoveMemory" target="mono_win32_compat_MoveMemory"/> <dllentry dll="__Internal" name="ZeroMemory" target="mono_win32_compat_ZeroMemory"/> </dllmap> <dllmap dll="gdiplus" target="libgdiplus.so" os="!windows"/> <dllmap dll="gdiplus.dll" target="libgdiplus.so" os="!windows"/> <dllmap dll="gdi32" target="libgdiplus.so" os="!windows"/> <dllmap dll="gdi32.dll" target="libgdiplus.so" os="!windows"/> </configuration> It's a Mono bug. Fedora removed it: http://pkgs.fedoraproject.org/cgit/rpms/mono.git/commit/?id=cc7b8dcb9f02810b0322b24e8ac63581d9be8146 I contacted the ArchLinux Mono maintainer about this issue. This issue can't be fixed in Eddie/AirVPN client, because the above config overwrites the config bundled in portable edition (mkbundle --config)
  8. Around twelve days ago I wrote a comment about the list of this topic, almost the same things explained by zhang888. Anyway, I think this guy (who maybe is related to privacytools.io, I'm not sure) has good and impartial intentions. I like that, there are too many popular VPN comparison websites that don't really compare services: they collect affiliate and advertising income and then they rank services only on a revenue basis. Maybe anyone here can be constructive and help him improve his spreadsheet. Maybe if he receives some examples of fake geo IP address, he can add a column on that.
  9. Remove IPv6 Google DNS, leave only IPv4 addresses and There is a bug in Eddie, will be fixed in the next version.
  10. Sorry. We plan to release a new Eddie version shortly, and we ensure that GitHub will match.
  11. cm0s, thanks! Please feel free to open a specific topic here: https://airvpn.org/forum/37-xmpp/ will be useful as a guide for others. In general, it will be nice to understand how many people are using our XMPP server. Maybe there are some interesting XEP-* extension can be configured/enabled. Also, AirVPN maybe can provide a free/open IRC server, if anyone is interested.
  12. A dark skin of AirVPN website is planned and will be released asap. Thanks for your patience.
  13. Just installed a fresh Debian 8 Jessie. Upgrading to the latest Mono Main repo (deb http://download.mono-project.com/repo/debian wheezy main) doesn't break Eddie. Upgrading to the latest Mono BETA repo (deb http://download.mono-project.com/repo/debian wheezy beta) BREAKS Eddie. Since package libmono-winforms2.0-cil is not available anymore in BETA repo, and apt removes also airvpn package because it has a dependency. Installing libmono-system-windows-forms4.0-cil fixes the issue with Mono 4.2.1. We need to investigate side-effects on other Linux distros before changing .deb dependencies. In the meantime, this info can be useful for external package maintainer (like ArchLinux).
  14. The answer to the FAQ (link) talks about the LSUIElement element. Eddie (AirVPN client) needs a graceful exit, otherwise it can't restore system changes (network lock, IPv6 etc). Some time ago, setting LSUIElement to TRUE caused a brutal kill of the software by the system if a shutdown or logout is started. With LSUIElement set to FALSE (the default/current setting), the OS waits until Eddie restores system changes before proceeding to shutdown/logout. If this behavior has changed Apple-side, we can add an option. Otherwise LSUIElement to TRUE may cause issues, and can't be the default. Anyway, thanks for your feedback.
  15. First version of Eddie software skip TAP, but sometime OpenVPN fail to set the DNS of the adapter, so it's forced. Absolutely not. Please open Eddie, connect, disconnect and post a FULL log with your Win version. Thanks.
  16. DNS lookups are currently not used in Eddie. Eddie downloads a manifest file with the list of servers, and contacts them directly with the entry-IP address in it. I don't understand why you need to download config files: Eddie already builds them internally, and the list is updated in realtime. What you mean with 'login requirement' ? Storing login & password with the remember option is (security) the same as having .ovpn files with the user keys inside. Thinking about that. Maybe it's useful, but it's difficult to create an UI for settings options like that. Eddie removes the current iptables rules and creates new rules when Network Lock is activated under Linux. Otherwise, by default, people connects to VPN and Eddie doesn't touch the original iptables. If this kind of options is inside the Network Lock feature, it can be implemented, otherwise it's difficult to understand priority (insert or append in current iptables rules). Can be advanced options. But you use the work "Temporally"... for example, if I set disable_ipv6 to 1 and then I restore it to 0, there are a lot of issues, like route loss. For this reason, ONLY in Eddie under Linux, if IPv6 is enabled, Eddie doesn't turn it off automatically, but asks the user to do it. It's possibile to implement any kind of tweaking, but it MUST be reversible (applied only during the connection or life of the app, restored at end).
  17. As explained by zhang888, if a feature can be a benefit for all users, it can be implemented in Eddie. Otherwise, supporting an enormous list of features that only a little percent of users will use (or understand) is not a recommended approach: it requires UI, docs, testing the support in any OS & versions, and is the road to bloatware. But if someone have a necessity, it MUST be possibile to do it. So, I think that the best approach is allowing this kind of feature requests by adding specific events linked to external script, or maybe think about a plugin-system in Eddie to allow people to implement feature extensions. When a community-script or extension reaches stability and people like it, it can be moved inside the official Eddie. I think this is the best way. But it requires collaboration.
  18. After building, run the project "Deploy" to generate .deb files (will be placed in /repository/ directory). Why you need to compile and rebuild? You have special needs (like patch) or error with standard AirVPN files ?
  19. You can specify also the login and password as command-line parameters. It's explained in the docs. It's strange that xml is recreated every time. What version you have? Any error about permission in the log? About autostart, search about running a linux command with nohup or & background, but depends if you run the UI or not.
  20. I think there is a lot of confusion in that article. Tor and VPN are different products. And it's not correct to list features where Tor can 'beat' VPN and overlook features where Tor loses the comparison: - Tor is TCP only - Port forwarding is not possible in Tor - Tor is not protocol agnostics: Torrent/P2P is not recommended. - VPN has good speed with P2P - VPN has good latency in games - Several Tor exit-nodes block so many ports and are so overcrowded that Tor usage is viable only for moderate web browsing and very few other protocols. It is assumed that VPN services are used for anonymity. There are also other reasons: - bypass throttling - bypass censorship - need of port forwarding or in general a public IP - wrap UDP in TCP (ISPs which block outgoing UDP are not so rare) True. But not AirVPN, that allows OpenVPN usage and has also an open-source client (Eddie). It's really Tor that avoid this kind of Data Collection Techniques? Or it's the firefox extensions in Tor Browser Bundle? This is by design, as a neutral VPN provider, AirVPN never alter customers traffic. Honestly I did not study the paper deeply. But, after a first quick reading, the targets are guesstimate websites requested (NOT viewing traffic data), and there are a lot of assumptions in the paper, like The attacker knows all the pages the victim is going to retrieve. Same as point 2. Same as point 2. I don't understand. A shot in the dark. This campaign shows how much NSA and intelligence agencies fears VPN services and how NSA is impotent against their ciphers. That's why NSA needed a campaign to steal directly keys. True, inevitable. The attacker needs the access to the VPN node, and can only sniff the running sessions traffic on that node. AirVPN servers are clean/plain, dedicated Linux Debian stable machine with OpenVPN daemon. There isn't any database of customers, any log (not even by the OS). True by design. Tor and VPN are different product. Remember, customers can run VPN and Tor -inside- the VPN, and gain advantage of both. True, multi-hopping in the same VPN provider can be useless, for this reason AirVPN doesn't support it (but you can do it easily for didactic purposes).
  21. I just tested a Win8.1 64 bit, with Windows auto-start, auto-connect, and activate Network Lock at startup. Everything works. Please: - Try to simply activate and deactivate Network lock, without connecting to VPN. You have an unexpected error E 2015.05.17 20:28:55 - Der Dienst MpsSvc auf dem Computer . kann nicht beendet werden. and we need to understand if it is always reproducible. - About problem 1, please try to connect, disconnect and give us complete logs. The logs in your ticket end after the connection, disconnection log entries are not there. - About problem 2, Eddie set automatically DNS settings only for IPv4. IPv6 is planned but currently not supported. I think if you disable IPv6, you won't have any DNS leak. - About problem 3, we can't reproduce it. Another strange error from your logs: W 2015.05.17 20:29:20 - Der Zugriff auf einen Socket war aufgrund der Zugriffsrechte des Sockets unzulässig You are sure that another running instance of the client doesn't exists? You wrote a guide about the CLI version some time ago. - About problem 4: maybe in a future version, thanks for your suggestion. Kind regards
  22. I have the same issue with OpenVPN Connect via iOS iPod. The issue is related to TCP: UDP profiles work correctly. Does anyone here use OpenVPN Connect in iOS with TCP profiles? Thanks for any feedback.
  23. It's the same issue here: https://airvpn.ch/topic/14244-openvpn-write-udpv4-operation-not-permitted-code1/ ? If yes, confirm in that topic. Thanks. I just tested this environment: Windows 7 64-bit, with a printer shared on the local network.OS X Yosemite, in the same local network. In Windows -> Eddie -> Settings -> Advanced -> Network Lock -> Allow private -> YesI can print a document in OS X using the printer attached to Windows 7 via local network. In Windows -> Eddie -> Settings -> Advanced -> Network Lock -> Allow private -> NoI cannot print a document in OS X. The document remains in the OS X print queue.The document is printed on the fly when I deactivate the Network Lock on Windows. We also use ShareMouse, a software that allows me to move cursor between physically different machines in the same local network.And, correctly, it works only with Netlock -> Allow private enabled. @tranquivox69Sorry if we don't reply to your request, the truth is that we are unable to reproduce the issue in our labs. Notes about your Inbound Rules:Any File and Printer Sharing and Network Discovery rule you use, are already covered by the generic AirVPN - In - AllowLocal and AirVPN - Out - AllowLocal rule. It's very strange that you resolve your issue by adding rules that don't change anything. We are currently testing if a Profile=Private will be better for our AllowLocal rules, but it is not related to your issue.
  24. I am doing some research about it. http://www.reddit.com/r/VPN/comments/32d94q/an_alternative_approach_to_socalled_webrtc_leaks/
  • Create New...