Staff

Hello, please see the quote from the OpenVPN manual, reported here: https://airvpn.org/topic/3773-pls-help-strange-logs/?do=findComment&comment=3784 If UDP is not throttled in your ISP infrastructure AND your applications do not fall in the very exceptional cases that are mentioned there, you can safely prefer UDP. Kind regards

Hello, https://airvpn.org/topic/20939-eddie-openvpn-24-rc2-issue-no-connection-could-be-made-because-the-target-machine-actively-refused-it/ Kind regards

Hello! We're glad to inform you that we are contributing to the OSTIF project for an extensive OpenVPN 2.4 audit and bugs bounty. https://airvpn.org/mission https://ostif.org/top-ostif-donors/ Kind regards & datalove AirVPN Staff

Hello and welcome aboard! About the syntax and logical errors in your commands please refer to appropriate manuals for your culture or curiosity. Anyway, they are not essential to resolve the problem. Now the main problem is that Eddie 2.10.3 is not compatible with Mono 4-related packages, and the Mono version required by Eddie 2.10.3 is not available in the canonical repositories of your distribution. Just upgrade to Eddie 2.11.9beta which is compatible with Mono 4 and will run fine in your distribution. If you run a desktop manager, the swiftest way to install Eddie 2.11.9beta in your Kali is downloading the .deb version (pay attention to 32 or 64 bit), right-click on the icon of the downloaded package and select "Open with" > "Installer" (or "gdebi" or any equivalent menu item). All dependencies will be resolved automatically. To download Eddie latest beta version for GNU/Linux click in our web site "Enter" > "Linux" > "Other versions" > "Experimental", select the appropriate edition and click the blue download button. See also: https://airvpn.org/topic/18625-eddie-211beta-available/ Kind regards

Copyright infringements as a market failure to meet demand is a strong point supported about 10-12 years ago by Oopen Rights Group, EFF and others to a certain degree. Here comes the clash between the need of control and the revenues, because higher control on how and when and on which devices customers can "consume" a content causes lower revenues on the short term, but copyright industry (until some years ago: things are evolving) reputed that on the long term stricter control was to be preferred, as lack of control could bring to other problems (more independent creators/artists, new distribution methods, rise of new licensing methods "copyleft" etc., and rise of startup companies able to become highly competitive even with sector giants in a short time thanks to the level playing field provided by a neutral Internet). In short, losing control was (and is still to some degree) seen as long term loss of revenue due to stronger and more diversified market competition. It's not a matter of confirming our words or not, it's a matter on how to investigate so called "reality". If we agree that a scientific approach is the only acceptable way to investigate reality and build predictive models, the above quoted sentences have been falsified exactly by the studies we mentioned: a paramount purpose of statistical inference is providing/deducing one or more properties which are true when you consider the whole population (data set) and you can't falsify it with any empirical, single example (any deviation is already included in the data set from which properties derive, in a quantitative, and not qualitative, way), so the sentence is "false" (in the sense that it's an unsupported assertion/dogma falsified by currently available data). Of course, when the "population" is made of persons, behaviors, social manners, ways of living can evolve quickly, so it's important to periodically repeat studies and gather fresh data, and of course things can change in the future: it can't be ruled out that one day pirates will be worse content customers than non-pirates, but this is, to the best of our scientific knowledge, FALSE now and here ("here" = European Union and United States, where most of the studies have focused). Kind regards

Hello! About option "Force all network interfaces for DNS": some people have DNS leak if unchecked, it's still under investigation. With - DNS -> DNS Switch mode - Automatic - DNS -> Check AirVPN DNS - YES - Advanced -> Ensure DNS Lock - YES - Advanced -> Force all network interfaces for DNS - YES 1) do you have ALWAYS a "The remote name could not be resolved" error, or only sometimes? 2) if you uncheck "Force all network interfaces for DNS" as explained in your topic/post, do you have ALWAYS a successful connection? In this case, after an established, successful connection, please post the log generated by "life belt" icon. It's important for us to understand if your issue is always reproducible. Thank you. Kind regards

Issue: error No connection could be made because the target machine actively refused it 127.0.0.1:3100 when using OpenVPN 2.4 (or similar "Connection refused" error). Temporary workaround: upgrade to Eddie 2.11.x beta and add management 127.0.0.1 3100in AirVPN -> Preferences -> OVPN directives -> Custom directives In any case the issue will be fixed in the next Eddie release. EDIT: fixed in Eddie 2.11.10beta. Kind regards

Movies are made to be watched, it's only fitting to let people pay for watching it since that's what a movie is there for. Otherwise, no one gets compensated for their work. ? Yes, and the most important part of people supporting them are so-called "pirates". It has been repeatedly shown in the last 12 years that so-called "pirates" are the best customers for content (especially videogames, movies and music) and that the infringements of copyright (only those for non-commercial purposes) are an essential pillar to sustain even the obsolete business model based on copyright. Just some random studies that prove the above in the last 12 years: http://copy-me.org/2015/10/ep-4-pirates-anti-piracy-artists/ http://www.webpronews.com/new-research-once-again-confirms-that-pirates-are-the-best-customers-2013-01/ https://yro.slashdot.org/story/11/07/20/2119232/suppressed-report-shows-pirates-are-good-customers etc. etc. etc. (you should be able to find about 15 different, independent studies which, with different analysis methods and different gathered data, all show a causal correlation between the act of "pirating" content and being better customers). It has also been shown in the past that "pirates" spend up to 10 more times to access content than "non-pirates" customers. Only one study (commissioned by BASCAP/TERA, so already suspected of being biased) tries to show a causal correlation between piracy and contraction of work places available in the content industry, but that study has been proved as containing two important scientific mistakes which make the study irrelevant: Piracy and Jobs in Europe: Why the BASCAP/TERA Approach is Wrong. Social Science Research Council, Nice executive summary: https://www.techdirt.com/articles/20100317/1617328605.shtml Kind regards

Just downgrade to OpenVPN 2.3.13, it's the most straightforward solution. Please see here: https://airvpn.org/topic/20939-eddie-openvpn-24-issue-no-connection-could-be-made-because-the-target-machine-actively-refused-it/ Kind regards

In reality it's quite simple: a pure TLS tunnel. As long as pure TLS tunnels are allowed, no problems (but note that pure TLS tunnel traffic is shaped, even heavily - that's one of the reasons why HTTPS is frequently much slower than HTTP in China residential lines). Whether a company is big or tiny does not matter because the ways to circumvent the blocks, under a technical point of view, are simple and can be achieved even by a single person in a matter of minutes with minimal monetary involvement. And note that "such a sophisticated piece of Chinese engineering" does not exist as a single piece. It's just a set of non-uniform ISP techniques, which are not even coherent between lines and zones. For example, in many residential lines in mainland China OpenVPN is disrupted, but on mobile lines it is not (you can successfully use OpenVPN in TCP most of the time, no need of double tunneling). In Shanghai less blocks than in other areas are enforced. And so on. Kind regards

Hello! The problem is showed in the quoted log entry: your system can't resolve "localhost". Somehow your system hosts file has been wrongly modified, or corrupted. Please make sure that in your hosts file the first hosts block line is: 127.0.0.1 localhost How to edit hosts file in various Mac systems: https://www.tekrevue.com/tip/edit-hosts-file-mac-os-x/ Kind regards

Hello! We're very glad to announce a promotion on all of our Premium plans with a 20% discount. The promotion will remain active until January the 1st, 2017, 23.59 (CET). If you're already our customer and you wish to jump aboard for a longer period, any additional subscription will be added on top of already existing subscriptions and you will not lose any day. Kind regards & datalove AirVPN Staff

Hello! It's a bug. When the binary file exists in the Eddie directory, the custom path is ignored. Bug fixed from Eddie 2.11. You might like to upgrade to Eddie 2.11.9beta. https://airvpn.org/services/changelog.php?software=client&format=html To download latest Eddie beta version please see here: https://airvpn.org/topic/18625-eddie-211beta-available/ Kind regards

Hey - thanks!Ugh, I have to do this every time I want off AirVPN? There is a bug in Eddie 2.10.3 for which DNS settings are not restored properly, not even if Eddie is shut down properly. A condition to reproduce this bug is having one or both DNS servers omitted in the network interface. Therefore, if you set the interface DNS to "automatic DNS", you will just satisfy an essential condition for the bug to come out. You have two choices to get definitively rid of the issue: 1) set BOTH DNS to publicly accessible DNS servers in your network interface while Eddie is not running (do NOT set to "Automatic") 2) upgrade Eddie to version 2.11.x beta, where this bug has been fixed AND of course always shut Eddie down properly (never kill it without grace), to give it time to restore the settings. To download Eddie latest beta version please see here: https://airvpn.org/topic/18625-eddie-211beta-available/ Kind regards

Hello, maybe with Tomato or Synology you just hit the processing power limit of a core of their CPUs to encrypt/decrypt AES-256. A limit that's so near to the shaping cap of your ISP that can be confused with it. Kind regards

I didn't know this. Guess I was lucky that I didn't try a 3 TiB drive, I suppose. The limit is on the boot partition only, not on the drive itself. Once the kernel runs, you can handle any other partition larger than 2 TB, but (of course) according to the limits of the filesystem of each partition. You need to take additional care if you need a dual boot BIOS machine with Linux and Windows, when you want an older than Windows 7 system (or a Linux kernel older than 2.6, really archaic), or any other system not supporting GPT partitioning (in this case, even with EFI). To clarify: https://superuser.com/questions/384807/2-1tb-limit-on-bios https://unix.stackexchange.com/questions/33555/what-is-the-max-partition-supported-in-linux https://en.wikipedia.org/wiki/Comparison_of_file_systems Kind regards

Hi, please see here (and if necessary continue on that thread): https://airvpn.org/topic/20750-airvpn-not-working-with-fedora-25/ Hopefully just disabling Wayland will solve the issue. Kind regards

Hello! Can you please re-post it? That pastebin page content has been deleted. Would you like to open a ticket with logs, at your convenience, citing your message in the thread? We would like to put you in touch with some developer, directly. We have tried with multiple combinations and in different ways, but we never managed to reproduce the issue... Kind regards

chattr acts on file system flags, so if a file is flagged immutable, root user passing through OS r/w can't change it until the flag is reset. That said your report clearly shows a potential bug (minor, not critical). Do you have some procedure to reproduce it with a certain degree of regularity? Currently we can't find a way to do it in Debian 7 and 8. Kind regards

Hello! There are no DNS leaks on Linux. What Eddie version are you running ("AirVPN" > "About") and which ArchLinux version? In Eddie 2.11.1 Mono caused in some Fedora systems to cache the resolv.conf file for a couple of minutes, so new DNS were queried only after that time. However, this issue had been fixed. Probably the best course of action is that you open a ticket so that we put in you touch directly with the developers. In the ticket, please include a system report taken WHILE the problem is occurring, and a system report after the problem has ceased. To send us a system report click "Logs" tab, click the safe belt icon and paste into your message. Kind regards

That's correct and expected: Network Lock is a set of iptables and ip6tables rules enforced when Eddie starts. Such rules are not permanent and on top of that Eddie will explicitly restore previous ip*tables rules when you shut it down. The easiest way is to set proper iptables rules at the very beginning of your init. See also https://airvpn.org/topic/12175-network-lock/ Kind regards

LZO should be enabled. The reason is that on some DD-WRT firmware interfaces (as well as in some network-manager-openvpn versions for Linux, we suspect), setting LZO to "Disabled" will not originate "comp-lzo no" directive. The comp-lzo directive could be totally omitted. This will cause connection failure when our servers push "comp-lzo no". You need "comp-lzo yes" or "comp-lzo no" (it doesn't matter which, it will be overridden by VPN server) to be fully compatible with our service. Kind regards

Eddie for Windows 7 can run with .NET framework 2, while Eddie for Windows 8/10 needs .NET framework 4. Which Eddie version are you running? Note that the inactivity timeouts occur on the OpenVPN flow, not on Eddie's. We see at least two important problems in those logs, on top of something interfering with UDP anbd/or OpenVPN packets (or just line instability): routes and outdated tun/tap driver (manual installation? you disabled auto-update in Eddie options?). Please feel free to open a ticket, this thread is probably not appropriate (because troubleshooting does not seem to involve Eddie beta bugs). Kind regards

That's impossible. Even if you insert a third-party nameserver in the resolv.conf file, the DNS query will be tunneled. If the local router is also a DNS server and forwards DNS queries in the clear, then again this is not a DNS leak by Linux (Linux has just sent some traffic inside the local network, traffic which is, must be and is compelled to stay outside the tunnel). A DNS leak occurs when a DNS query to some DNS server on the Internet is NOT tunneled in spite of the routing table. This can't happen on Linux, unless explicitly configured to do so. However, DNS leaks can happen in Windows, because there is no DNS implementation there (there is something that emulates a DNS implementation in some circumstance but in reality it's something very different, and very alien). We can't support you to solve a problem that does not exist.. If you open a ticket you'll get full support, but of course on the problem that you really have, not on the problem that you think you have. Don't worry, the support tickets are handled without this joking spirit. Kind regards

Currently not reproducible, we're sorry. As long as it's not reproducible, it does not exist for us: if you want to help us reproduce the problem (which is probably on your system for the current knowledge we have) please open a ticket. Kind regards