-
Content Count
11043 -
Joined
... -
Last visited
... -
Days Won
1866
Everything posted by Staff
-
@Rebelyouth Hello! We're not sure here, but one of the problems we see on your message might be a direct consequence of the infamous "translation" problem between iptables and nftables in a system based on nftables where rules are applied through iptables-nftables. In a few words, iptables-save-legacy generates a file which is wrong (some rules are translated with syntax errors). When iptables-save-restore reads the file, it detects the syntax error. Try to force Hummingbird to use nftables for the Network Lock feature with option --network-lock nftables (note: utility nft must be available to Hummingbird) Kind regards
-
Hello! We are glad to inform you that we support PeerTube by Framasoft as mécène. PeerTube is a tool for sharing online videos developed by Framasoft, a french non-profit, which allows you to create your own video platform, in complete independence. PeerTube also enables platforms to be connected to each other, creating a big network of autonomous and interconnected platforms. Moreover, PeerTube does not depend on any advertising and does not track users. https://joinpeertube.org/ Check out our mission page: https://airvpn.org/mission Kind regards and datalove AirVPN Staff
-
Hello! We have seen the Vilfo hardware and probably (if your network doesn't restrict UDP) you will get better performance with WireGuard (in Vilfo's documentation they say that WireGuard throughput in Vilfo routers is 2x higher than OpenVPN), so it's worth a test even before OpenVPN. Our Configuration Generator will generate any WireGuard profile you need (from your account "Client Area" click "Config Generator"). Kind regards
-
Eddie-ui no longer works for me since version 2.20.0
Staff replied to Fralund's topic in Eddie - AirVPN Client
Hello! Eddie modifies the rules only when Network Lock is enabled. If you enable Network Lock in Eddie and you see that the problem persists, or in any case if you don't want to enable Network Lock, then you can consider to disable Shorewall before you run Eddie and re-launch it after you have finished working with Eddie, or modify Shorewall rules in a way that they do not enforce the mentioned blocks on packets to and from the tun interface. Kind regards -
Hello! Bluetit developer's manual https://gitlab.com/AirVPN/AirVPN-Suite/-/blob/master/docs/Bluetit-Developers-Reference-Manual.pdf shows how to integrate any software with AirVPN infrastructure, including dialogue with the bootstrap servers. If the developer may use directly Bluetit's set of classes the job gets easy since all the classes and tools of the AirVPN–SUITE have been designed and developed by using standard C++ 11 classes and convention. For the developer who can't or doesn't want to do it, the integration can be ported from the original classes and by reading the documentation. It saves a lot of time because an API or other interaction with the web exposed AirVPN tools for end users are no more necessary, as they were, on the contrary, in the past, for example when Qomui was developed, due to the lack of documentation at that time. After that, the actual VPN connections can be handled as usual either by a WireGuard or OpenVPN compatible software (or through other Bluetit classes of course). Kind regards
-
Eddie-ui no longer works for me since version 2.20.0
Staff replied to Fralund's topic in Eddie - AirVPN Client
@squidf Hello! Yes, it was the firewall, example: janv. 11 17:01:20 cbct-desk kernel: OUTPUT REJECT IN= OUT=tun0 SRC=10.10.182.75 DST=10.10.182.1 LEN=57 TOS=0x00 PREC=0x00 TTL=64 ID=20318 DF PROTO=UDP SPT=56553 DPT=53 LEN=37 It was blocking everything on the tun interface to the VPN gateway IP address. Maybe when Eddie was working fine with WireGuard, the firewall did not block the specific WireGuard subnet? By the way, we're glad to know the "culprit" causing the problem has been found. Kind regards -
Eddie-ui no longer works for me since version 2.20.0
Staff replied to Fralund's topic in Eddie - AirVPN Client
@squidf Hello! OK, at least we know that the route check failure was not a "false positive". Anything else which might interfere with OpenVPN while working in UDP, in your system? Does OpenVPN work fine in TCP? Please try specifically entry-IP address 3 to port 443, in TCP. Kind regards -
Eddie-ui no longer works for me since version 2.20.0
Staff replied to Fralund's topic in Eddie - AirVPN Client
@squidf Hello, OpenVPN reports a successful connection but then the route check fails. Since WireGuard connection is fine we can rule out any UDP related problem. Please verify whether the route check failure is a false positive by disabling both route check and DNS check in Eddie's "Preferences" > "Advanced" and "DNS" windows, respectively. When you disable them both, the connection should be claimed as successful; at that point test the tunnel and check whether you can normally access the Internet or not. Kind regards -
@squidf Hello! Please use OpenVPN 2.x in the meantime when you run Eddie beta version. We are working to implement missing directives in our OpenVPN3-AirVPN library fork as we did in the past.: we have decided that again we can't wait for the implementation in the mainline. Specifically, the directives which are causing a critical error are "ping-exit" and "pull-filter" in your case. However, "pull-filter" is extremely useful in a wide range of cases, so a complete implementation is necessary from scratch (currently the code from the mainline we brought in ignores some pull-filter syntax and throws errors in other cases). Kind regards
-
Hello! Please see our previous reply in this thread and also the following one, where we explain more thoroughly our point of view and some facts: https://airvpn.org/forums/topic/50724-two-new-1-gbits-servers-available-us/?do=findComment&comment=216468 Just a brief addition: your above quoted sentence imply that protecting privacy in an agnostic network means supporting net abusers, which is an inadmissible and shameful idea that we strongly reject. This concept is one of the "moral" or "ethical" justifications to pervasive surveillance in virtually all countries controlled by human rights hostile regimes, and in a few "Western" countries too: since someone somewhere someday might commit a crime via the Internet, let's enforce blanket data retention and pervasive packet inspection for everyone, so Internet will be a "safe place" for the "law abiding, conforming" citizen. Your consideration has been and is the founding argument for power groups having the hidden agenda to expunge the right to privacy from the list of fundamental rights. Consider that one of the strictly necessary conditions for any dictatorship to survive is the effective suppression of the right to privacy. Kind regards
-
Hello! The blocks you mention have nothing to do at all with torrenting or copyright notices. If they were, then yes, it would be trivial indeed to offer special servers with the aims you describe as exceptions to our mission. The main three factors causing black listing are spam e-mails, attacks to web servers via HTTP POST etc., and false positives (we include here the widespread blocks against entire IP ranges when only one IP address in that range is flagged). The first problem can be strongly mitigated, if not solved, by blocking outbound ports 465 and 587, the second problem can be resolved by blocking outbound ports 80 and 443, therefore making the server unusable to reach web sites and send out e-mail. It's easy to guess that this type of service wouldn't be used by anybody as without e-mail and the World Wide Web nobody would feel on the Internet for real, but we could add servers with this limitation for free to our customers, as a free and optional bonus outside the service (in order not to cause a contractual breach) just to test how many would use them and for which purposes (maybe something interesting will come out). Another form of mitigation would be deep packet inspection to discard any packet with malformed queries and potentially malicious purposes according to pre-defined algorithms, data set etc. (needless to say it would be a contractual breach even on a bonus server, so it's not realistic to think of it). Please note that, according to latest reports, about 1 out of 12 Windows machine in the world is infected, so in various (many?) cases the activity causing IP address black-listing is performed without the knowledge of the computer owner. Another approach, which is actually more realistic and followed by most providers, is monitoring the customer's traffic, identify the customer at least via IP address at each connection, block immediately the account when something suspicious goes on and report the customer's IP address to competent authorities (this last step becomes legally mandatory on most countries when a provider monitors the traffic and comes to know that a potential infringement has been committed).. Then it's all up to the competent authorities, end of the story for the provider. This type of service is surely possible (and in reality it has been followed in secret by several VPNs in the recent years, together with personal data harvesting) but (leaving aside our contractual breach this would cause) why then would you need a VPN? Since the traffic would be monitored anyway, most customers might just decide to let their ISP monitor their traffic, rather than shifting this "duty" to some VPN operating company or entity. Then there's another type of block (block enforced against anything that does not come from IP addresses assigned to residential ISPs - for example BBC follows a similar policy), but that's outside the scope of your complaint, we guess, since to bypass those blocks renting IP addresses assigned to residential ISPs become necessary. This is not impossible, but only in some specific countries, and we will be working on it. Kind regards
-
[Android TV / Amazon Fire OS] How to install Eddie 3.0
Staff replied to Staff's topic in News and Announcement
Hello! Problem resolved server-side, please try again! Kind regards -
[Android TV / Amazon Fire OS] How to install Eddie 3.0
Staff replied to Staff's topic in News and Announcement
@zsam288 Hello! It seems a bug of the WebView when passing the name of the file to be downloaded to the system's DownloadManager used by Downloader app. It looks resolved in our various Fire* devices. Can you tell us the exact FireOS version your device is running? Let's make a comparison. @GreyGold In nVidia Shield TV, the problem persists even with the most up to date system. Shield TV users may consider to save time by downloading the file with any browser with a built-in downloader. For example TV Bro is a light-weight, open source browser for Android TV featuring a built-in download manager, so it doesn't rely on system's DownloadManager. It has been tested successfully to download various apk on our nVidisa Shield TV. Then the apk can be installed with X-plore. nVidia Shield TV users have of course a variety of additional options: side loading from an USB stick where a computer has stored the Eddie APK, or get the APK directly from the local network. We have opened an investigation aimed at providing the most practical solutions for FireOS and Android TV users. EDIT: resolved. We can circumvent the bad behavior by WebView in some Android TV devices by setting a different Content-Type header with a dedicated MIME type for APK. Kind regards -
[Android TV / Amazon Fire OS] How to install Eddie 3.0
Staff replied to Staff's topic in News and Announcement
@GreyGold Hello! Sorry, we omitted to mention that crucial operation. When you install a new APK with the same package name of an already installed version, you need to remove the previous version first. We added a note in the first post of this thread now. Kind regards -
[Android TV / Amazon Fire OS] How to install Eddie 3.0
Staff replied to Staff's topic in News and Announcement
I have the same problem on my nVidia Shields (2017 & 2019 Pro). I have Eddie 2.4 installed (via sideload). I want to update it. Launching org.bin results in a message saying there's no app to handle this file. Renaming it to org.apk allows it to be opened for installation, but upon completion, I get the rather unhelpful, "App not installed" message. The same happens if I download the Eddie v2.5 or 3.0 .apk and try to sideload either one. How can Eddie be installed/updated on a Shield? Hello! On nVidia Shield TV you have two options. Download the APK with a computer, store it in a USB key, and install from there (or install via local network) Download the APK directly on the Shield (for example with Downloader app), rename the file into org.airvpn.eddie.apk, and install it through some File Manager (both renaming and installation tested successfully with X-Plore) Your Shield TV must be enabled to install APK downloaded from third-parties (follow the guide if in doubt). Note: strangely we experienced problems in renaming the downloaded file with Downloader, but we had no issues with X-Plore. https://play.google.com/store/apps/details?id=com.lonelycatgames.Xplore&hl=en_US&gl=US X-Plore is just a suggestion after a successful test, you can use your favorite file manager as usual. Kind regards -
Hello! We're glad to inform you that we will support PeerTube by Framasoft within a few days. Support to Mastodon will remain. We're considering Pleroma as well. We see that the documentation invites to support directly the single administrators (if they accept donations) operating servers in the Fediverse. At a first glance Pleroma offers very interesting features, including Gopher support (very remarkable: get rid of Javascript bloat and make Pleroma a BBS, when necessary), PostgreSQL as RDBMS (and not MySQL) and it seems resource and memory conscious.. What's more Pleroma web interface apparently offers a better end-user experience than Mastodon, but again we're still a at a first glance only. Kind regards
-
[Android TV / Amazon Fire OS] How to install Eddie 3.0
Staff replied to Staff's topic in News and Announcement
Hello! We had thought about it, but ruled it out for now due to various reasons. It's not a final verdict, we'll give it another look in the future. Kind regards -
[Android TV / Amazon Fire OS] How to install Eddie 3.0
Staff replied to Staff's topic in News and Announcement
Hello! It's the correct file. It's an APK that you can then install according to the guide. Do you experience any problem? If so, check the new notes we have added in the 1st message of this thread. Kind regards -
@kbps Hello! Another factor to consider is the overall ability to fully utilize the 10 Gbit/s bandwidth by a server running WireGuard and various OpenVPN instances, given other constraints. For instance, on our 10 Gbit/s servers, we were unable to exceed 4 Gbit/s bandwidth (2 in + 2 out) as the CPU load increases more than proportionally with the number of connected peers, not to mention the varying number of "conntrack entries" generated by clients, which can greatly impact kernel operations in a VPN server once they exceed 110-120,000. Since AirVPN has fewer users per server than Mullvad, you should be able to achieve higher speeds on AirVPN's 10 Gbit/s servers, but you state that performance is comparable. This is likely due to the other load factors. What's more interesting is that the performance of AirVPN's 1 Gbit/s full duplex servers (i.e. 2 Gbit/s servers, all of them except Mesarthim nowadays) is higher than Mullvad's performance on 10 Gbit/s servers. Can you (or anyone else) confirm this? Kind regards
-
Hello! A complete, step by step guide is available here: https://airvpn.org/android/eddie/apk/tv/ Kind regards
-
[Android TV / Amazon Fire OS] How to install Eddie 3.0
Staff posted a topic in News and Announcement
Hello! In the past we did not announce new guides in the "News" forum, but from now on relevant guides will be also announced here. A new guide is available and it describes step by step how to install Eddie Android edition in Fire OS devices, such as Amazon FireStick and Cube TV. The guide can be also taken as a reference to side load Eddie (or any APK) on any Android TV device too. https://airvpn.org/android/eddie/apk/tv/ IMPORTANT: before you install, make sure that any previous Eddie version is uninstalled. (*) So here's the issue: Amazon has decided that all apps with certain behaviors must now include in-app purchases through Amazon Pay, and they'll take a 30% commission (20% for small developers and non-business ones). And it just so happens that our app, Eddie, facilitates the creation of non-Amazon accounts - which apparently counts as one of those behaviors. You see, Eddie can be used with VPN services (not Amazon's) that support WireGuard or OpenVPN, and many (if not all) of these services require creating an account to access them. Plus, the AirVPN website can be accessed from the app menu and the AirVPN logo is all over the place. So, Eddie is an app that pushes users to create non-Amazon accounts. We've decided, at least for now, to forego in-app purchases in the Eddie Android edition in order to keep the app open and avoid paying those commissions to Amazon. If we were to pay the 30% commission and maintain the same prices on our website and app, we would be selling at a loss. However, this means that Eddie won't be available on the Amazon AppStore anymore. This is where side loading comes in handy, at the price of just a couple of minutes of your time. As for the Eddie unavailability on the Google App Store for Android TV devices (it's available for any other Android device), we're waiting for an explanation from Google and hoping to fix the issue if possible. In the meantime, Android TV owners can use the guide linked above to install Eddie 3.0. Kind regards & datalove AirVPN Staff (*) When you try to install a newer version of an Android app using an APK file, you may encounter an error message stating that the "App not installed" because the package conflicts with an existing package by the same name. This occurs because Android uses the package name as a unique identifier for each app, and you cannot have two apps with the same package name installed on the same device. To fix this, you need to uninstall the older version of the app before installing the newer version. This can be done by going to the Settings app, selecting "Apps," finding the app in the list, and tapping the "Uninstall" button. Once the older version is uninstalled, you will be able to install the newer version using the APK file without any issues. -
Hello! Eddie 2.22.2 beta is available for download, featuring a fix for the pesky bug. Simply head to the usual download page for your OS and click "Switch to experimental" to access the update. Kind regards
-
Hello! Does it happen both with OpenVPN and WireGuard? Can you send us a report showing the issue? In order to do so open the "Log" view and tap the paper plane icon on the top. Eddie will send to us log and logcat and give you back a link to them. Copy the link and send it to us (even in a ticket in private, if you prefer so). Kind regards