Staff

@happysatan13 Hello! The following virtual network adapter: is causing a critical error to OpenVPN: To resolve the problem please tell Eddie to use exclusively a virtual network interface created by itself and ignore other "alien" interfaces: from Eddie's main window select Preferences > Networking in the "VPN interface name" field type eddie (or any other very short name you like) click "Save" Switching to WireGuard will also resolve the problem. You can switch to WireGuard and change connection mode in Eddie's Preferences > Protocols window. Kind regards

@183aTr78f9o Hello! We apologize, it's a problem in the developer's build process affecting the legacy packages we have been given for production. You can expect fixed packages today. EDIT: if you urgently need a legacy package not affected by the "building bug", you can get it from GitLab https://gitlab.com/AirVPN/AirVPN-Suite/-/tree/master/binary EDIT 2023-06-07: new packages have been uploaded, problem fixed. Kind regards

Hello! We're very glad to inform you that we have just released Hummingbird 1.3.0 for macOS (High Sierra or higher version required). Hummingbird is available natively both for Intel and M1 based Mac computers. Hummingbird is free and open source released under GPLv3: https://gitlab.com/AirVPN/AirVPN-Suite Main features Lightweight and stand alone binary No heavy framework required, no GUI Small RAM footprint Lightning fast Up to 100% higher throughput than OpenVPN 2.5 (on 1 Gbit/s lines) Based on OpenVPN 3 library fork by AirVPN Robust leaks prevention through Network Lock based on pf Proper handling of DNS push by VPN servers What's new linked against the OpenVPN3-AirVPN 3.8.4 library bugs inherited from OpenVPN3 main branch breaking the parser in various circumstances, such as presence of more than one pull-filter directive, have been fixed in OpenVPN3-AirVPN bugs inherited from OpenVPN3 main branch causing explosions when MTU related directive is specified have been fixed in OpenVPN3-AirVPN all libraries and dependencies have been updated Important note for high speed line users Because of some architectural specifications and implementation in macOS, in particular in case of high speed traffic Hummingbird may warn the user about shortage of buffer space, specifically when connected with the UDP. This condition is signaled by Hummingbird with the below messages in the log: UDP send exception: send: No buffer space available ERROR: NETWORK_SEND_ERROR The error is caused by the maximum network sockets size set in macOS, a value usually small and unsuited for modern high speed networks. The solution consists in increasing the maximum allowed size for socket buffers and, in case the problem persists, the number of mbuf clusters. The procedure is simple, please find out all the details in the manual. Open the README.md file with any viewer and search for "SEND_ERROR", or consult the online manual. Download the software here: https://airvpn.org/macos/hummingbird/ Kind regards & datalove AirVPN Staff

@cheapsheep Hello! Can you please test AirVPN Suite 1.3.0? https://airvpn.org/forums/topic/56375-linux-airvpn-suite-130-available/ Kind regards

Hello! We're very glad to inform you that AirVPN Suite version 1.3.0 is now available. This release prepares the road to AirVPN Suite 2, where brand new features are being implemented. 1.3.0 addresses and fixes many regressions inherited from the OpenVPN3 library main branch causing critical errors with various directives and breaking the parser. The Network Lock has been extensively rewritten to solve some minor problems related to nft. Other bugs have been fixed. Please see the changelog for a complete list of changes. The suite includes: Bluetit: lightweight, ultra-fast D-Bus controlled system daemon providing full connectivity and integration to AirVPN servers, or generic OpenVPN servers. Bluetit can also enforce Network Lock and/or connect the system to AirVPN during the bootstrap Goldcrest: Bluetit client, allowing full integration with AirVPN servers, users, keys, profiles as well as generic OpenVPN servers Hummingbird: lightweight and standalone binary for generic OpenVPN server connections What's new in 1.3.0 Packages are available both for OpenSSL 3 and OpenSSL 1.1.x (legacy). Pick one according to the version you have in your system. If in doubt, run openssl version command from a terminal to see whether you have 1.x or 3.x version to solve problems specifically related to name resolutions, domain names included in OpenVPN profile "remote" directives are resolved before submitting them to OpenVPN3-AirVPN AirVPN server provided by the client is now properly checked against country's white and black lists Bluetit's run control directive allowuservpnprofiles has been added to let root user control whether external profiles must be allowed or rejected different implementations preparing for WireGuard support planned in version 2 NetFilter class has been re-designed to offer a faster and more robust persistent Network Lock when needed added connection statistics to the system log when raising "event_disconnected" Please check the changelog or detailed information. AirVPN Suite is free and open source software released under GPLv3. Source code is available here: https://gitlab.com/AirVPN/AirVPN-Suite Download page: https://airvpn.org/linux/suite/ User's manual: https://airvpn.org/suite/readme/ Bluetit Developer's reference manual: https://gitlab.com/AirVPN/AirVPN-Suite/-/blob/master/docs/Bluetit-Developers-Reference-Manual.pdf Some notes: for Raspberry Pi OS 64 bit pick the ARM 64 bit legacy package, because Raspberry Pi OS 64 bit is based on Debian 11 and uses OpenSSL 1.1.x by default. for Raspbian operating system and other 32 bit ARM systems, including Raspberry Pi OS 32 bit, pick the ARM 32 bit legacy package for Ubuntu 22 for Raspberry, pick ARM 64 bit mainline package (not legacy) if you run some i686 Linux let us know. You can still run AirVPN Suite 1.10 but if we have requests we can prepare a package for abandoned systems. Link to AirVPN Suite 1.1.0 for i686: https://eddie.website/repository/AirVPN-Suite/1.1/AirVPN-Suite-i686-1.1.0.tar.gz sha256 checksum: 6454cafc860ccc89da5da933c5bed279b1e1534a750f4423e6937e4fb84779e1 Kind regards & Datalove AirVPN Staff

@vOsgZC7 Hello! For Eddie's manual, please type in a terminal "man eddie-ui". To switch connection mode, in the "Preferences" > "Protocols" window please uncheck "Automatic", select the connection mode line you prefer (the line will be highlighted) and click "Save". The change will apply at the next connection. Eddie will prevent WireGuard selection if WireGuard is not installed in the system. WireGuard should have been installed during Eddie installation as a dependency, but please check. Kind regards

@GaryUnwin Hello! Please check https://airvpn.org/mission The following forum is dedicated to community driven suggestions to donations: https://airvpn.org/forums/forum/32-nonprofit/ Kind regards

Hello! By adding WireGuard's pre-shared key we are ready to deploy an additional encryption layer supposed to be "quantum resistant". It's important NOT to deploy it right now because ciphers thought to be "post-quantum world ready" are not well reviewed and it may happen that they can be cracked with a classic computer. It happened for example to Rainbow last year. Rainbow was a cipher meant to resist even to quantum computers. It was the state-of-the-art cryptography algorithm in the world, rivaled only by other two algorithms. Except that it was cracked with a modest CPU laptop a year ago or so. https://www.newscientist.com/article/2310369-encryption-meant-to-protect-against-quantum-hackers-is-easily-cracked/ We have 20 Gbit/s server lines as well (10 Gbit/s full duplex). However those lines can not be saturated at the moment due to CPU limits: with a few dozen of connected clients, all vCPU limit is reached well before the line is saturated. This is due mainly to the computational power required by the encryption algorithms and marginally by other reasons. Unfortunately WireGuard is not difficult to block, so it's possible that your ISP blocks it. For additional investigation feel free to open a ticket at your convenience. You over-estimate us. Yes, we have implemented a lot of things to load balance the servers, but it still happens that some servers go at capacity, it's unavoidable, especially nowadays when 1 Gbit/s residential lines are common. Thanks! Starting the 14th year of AirVPN's life. Kind regards

@iwih2gk Hi! As usual please send us a system report in a ticket, thanks a lot. Kind regards

Hello! Each Air VPN server has one exit IPv4 address and one exit IPv6 address. They are not exchanged with entry-IP addresses not to wreak havoc to customers having configuration files and to those white listing exit IP addresses to access via VPN their own services on the Internet. Blocking a specific IP address if verified evidence of abuses is gathered is the behavior of all the serious black lists around without exceptions. Over-blocking is the inept behavior which sooner or later leads to disasters. For example when Malwarebytes blocked all Google and YouTube and entire AS hosting hundreds or thousands of perfectly safe web sites. Kind regards

Hello! Please try to delete Eddie's configuration file: make sure that Eddie is not running open a terminal (from the account which installed and uses Eddie) and delete the configuration file with command: rm ~/.config/eddie/* start Eddie (you will need to re-enter AirVPN account credentials) Kind regards

Hello! We're very glad to see that a connection mode capable to bypass the block has been found. The problem with Eddie is still unexplained, we see from the ticket, unfortunately. Port forwarding does not depend on the software you run to connect, so you can use remote port forwarding exactly in the same way, no matter which software you run to connect. Quick reference for your comfort: https://airvpn.org/faq/port_forwarding/ Kind regards

Hello! Understood. In this case, maybe Eddie is not installed properly. We performed additional tests on our Arch testing machine and we couldn't reproduce the problem unfortunately. Eddie starts fine and the man is available. Eddie stores the man in /usr/share/man/man8 correctly. To open a ticket you may either click "Contact us" button (top right corner), while your account is logged in to the web site, or write an e-mail to support@airvpn.org Kind regards

That's correct and we will start an evaluation of possible solutions in the next days. It's not a trivial problem at all and it will require a lot of care, but at the moment the day you mention seems still very far away. Of course port usage could increase anytime, we're aware of that. Thank you and kind regards!

Hello! WireGuard is mentioned in the man pages, however, the problem here seems that Eddie has not been installed, as the man is not available. In the meantime we tested on an Arch machine and we had no problems at all, Eddie runs just fine, so a deeper investigation is needed. Open a ticket at your convenience. An explanation which comes to mind is that you're running man with a user whose PATH does not include the path to the man pages and you're running Eddie with a user that doesn't have a DISPLAY set. Kind regards

Hello! As you prefer, of course. Keep in mind that if you run Eddie you can also have the leaks prevention thanks to the "Network Lock" feature. You can tell Eddie to connect via WireGuard or via OpenVPN in the "Preferences" > "Protocols" window. Uncheck "Automatic", select the connection mode you prefer (in your case WireGuard), click "Save". Enjoy AirVPN! Kind regards

Hello! If you keep Network Lock disabled, does Eddie complete a connection successfully? Do you run any third party firewall and/or antimalware tool? If so, does the problem persist if you test with all of them momentarily disabled? Kind regards

Hello! WireGuard is not supported by the AirVPN Suite. Is the problem related to WireGuard too? Instructions to run WireGuard in Linux without Eddie (or any other AirVPN software) is available here: https://airvpn.org/linux/wireguard/terminal/ About Eddie, you can find the option to switch to WireGuard in the man (--mode-type) while you can select connection mode via GUI in the "Preferences" > "Protocols" window. Kind regards

Hello! Now a new different problem came out: W 2023.05.31 10:18:43 - Windows WFP, Add rule failed: App not found:{2} We will have Eddie's developer chime in, but apparently there's a serious problem between Eddie and the Windows Filtering Platform. Out of info, if you disable Network Lock does this problem get resolved (this is not to say that you should keep Network Lock disabled, but to understand what happens)? We also wonder why you did not have this error earlier, maybe you had Network Lock disabled? Can you also add a system report? Please see here to do so: https://airvpn.org/forums/topic/50663-youve-been-asked-for-a-support-filesystem-report-–-heres-what-to-do/ Kind regards

Hello! If we're not mistaken a moderator of this community forum @OpenSourcerer uses routinely Arch, so he might help you effectively when he reads this message. Otherwise please do not hesitate to open a ticket. Just a preliminary question before anything else: are you sure that you run Eddie without root privileges? This is mandatory, because if you run Eddie with root privileges, chances are that root does not have any display in X, any call to open windows etc. in your Desktop Environment will fail, and you will get the error message we see in your report. If you already launched Eddie as a normal user and the problem remains the same, can you please test the AppImage as well? You can find it here: https://airvpn.org/linux/eddie/ Eddie's documentation is organized in a FAQ-style, scroll down the home page of https://eddie.website to see it. From a terminal, type "man eddie-ui" to see the man pages (only Linux systems). AirVPN Suite user's manual is available here: https://airvpn.org/suite/readme/ Kind regards

Hello! That's great, we're glad to know that the problem is resolved. Note taken. On the bottom of the Windows download page, you can see the icons to access instruction pages for OpenVPN, OpenVPN GUI and WireGuard (click them to open the respective instruction pages). Each Operating System page collects the various solutions to connect (we do not force our software usage). In Windows those solutions are Eddie, OpenVPN GUI, OpenVPN from a terminal and WireGuard. Kind regards

@AmineZary Hello! The previous problem has been resolved. Now you have a different problem: UDP packets seem blocked. First and foremost, please make sure that no packet filtering tool blocks UDP. Check both your router and system, please. If you find nothing blocking, maybe your ISP is the "culprit". Consider to switch to the following connection mode: from Eddie's main window select "Preferences" > " Protocols" uncheck "Automatic" select the line with OpenVPN, protocol TCP, port 443, entry-IP address THREE. The line will be highlighted click "Save" The above connection mode is able to bypass a wide variety of blocks. Kind regards

Hello! Eddie is a GUI and "wrapper" for WireGuard and OpenVPN. Just use the protocol which can give you the best performance, in this case WireGuard. For additional investigation on why OpenVPN is dramatically slower please feel free to open a ticket or continue the discussion here, as you prefer. Kind regards

Hello! Oh no, absolutely not, a clarification is due here. The VPN connection is performed to entry-IP addresses which never send out packets to the Internet except to the clients of the VPN itself. And actually entry-IP addresses of our servers are clean, they are not included in any decent black list, as you can verify (and it's blatantly obvious, as they are "isolated", nobody can make anything reachable behind an entry-IP address). If confirmed, this is a VirusTotal undue overblocking and/or false positive warning. Malwarebytes does something similar (for example, it blocks a whole /22 subnet when just one IP address inside that vast subnet is suspicious, according to recent reports). Kind regards

@TresVille Hello! You don't need a separate program for WireGuard. Eddie can establish a VPN connection either via OpenVPN or WireGuard, according to your preferences. You can set your favorite connection mode in "Preferences" > "Protocols" window. Remote port forwarding is not a WireGuard or OpenVPN related feature, obviously it is a server side feature, and it is available regardless of your connection mode and both in IPv4 and IPv6. Do not hesitate to open a ticket if you still experience problems. Some more details now. The file name of a configuration generated by the Configuration Generator is descriptive, and if you use WireGuard official client and userspace utilities you must rename it with a very short name because WireGuard will use the file name to name the network interface too. Anyway, you can ignore the above. If you run Eddie, you don't need configuration files. Furthermore, if you enable Eddie "Network Lock", you can avoid your own firewall rules, unless you have some very specific need. Eddie's "Network Lock" is a set of firewall rules which will prevent any possible traffic leak (including leaks caused by wrong software network binf, STUN based protocols like WebRTC, UPnP etc.). Kind regards