Staff

Hello! In the past we did not announce new guides in the "News" forum, but from now on relevant guides will be also announced here. A new guide is available and it describes step by step how to install Eddie Android edition in Fire OS devices, such as Amazon FireStick and Cube TV. The guide can be also taken as a reference to side load Eddie (or any APK) on any Android TV device too. https://airvpn.org/android/eddie/apk/tv/ IMPORTANT: before you install, make sure that any previous Eddie version is uninstalled. (*) So here's the issue: Amazon has decided that all apps with certain behaviors must now include in-app purchases through Amazon Pay, and they'll take a 30% commission (20% for small developers and non-business ones). And it just so happens that our app, Eddie, facilitates the creation of non-Amazon accounts - which apparently counts as one of those behaviors. You see, Eddie can be used with VPN services (not Amazon's) that support WireGuard or OpenVPN, and many (if not all) of these services require creating an account to access them. Plus, the AirVPN website can be accessed from the app menu and the AirVPN logo is all over the place. So, Eddie is an app that pushes users to create non-Amazon accounts. We've decided, at least for now, to forego in-app purchases in the Eddie Android edition in order to keep the app open and avoid paying those commissions to Amazon. If we were to pay the 30% commission and maintain the same prices on our website and app, we would be selling at a loss. However, this means that Eddie won't be available on the Amazon AppStore anymore. This is where side loading comes in handy, at the price of just a couple of minutes of your time. As for the Eddie unavailability on the Google App Store for Android TV devices (it's available for any other Android device), we're waiting for an explanation from Google and hoping to fix the issue if possible. In the meantime, Android TV owners can use the guide linked above to install Eddie 3.0. Kind regards & datalove AirVPN Staff (*) When you try to install a newer version of an Android app using an APK file, you may encounter an error message stating that the "App not installed" because the package conflicts with an existing package by the same name. This occurs because Android uses the package name as a unique identifier for each app, and you cannot have two apps with the same package name installed on the same device. To fix this, you need to uninstall the older version of the app before installing the newer version. This can be done by going to the Settings app, selecting "Apps," finding the app in the list, and tapping the "Uninstall" button. Once the older version is uninstalled, you will be able to install the newer version using the APK file without any issues.

Hello! Eddie 2.22.2 beta is available for download, featuring a fix for the pesky bug. Simply head to the usual download page for your OS and click "Switch to experimental" to access the update. Kind regards

Hello! Does it happen both with OpenVPN and WireGuard? Can you send us a report showing the issue? In order to do so open the "Log" view and tap the paper plane icon on the top. Eddie will send to us log and logcat and give you back a link to them. Copy the link and send it to us (even in a ticket in private, if you prefer so). Kind regards

Hello! Not planned, we might re-consider in the next year. In the meantime you can download the APK from our web site, no need for F-Droid or any other repository. Kind regards

At the date of your writing yes, it is. You can easily see whether a promotion is ongoing from the home page and the "Buy" page. Kind regards

Hello! In order to enable a set of Windows Filtering Platform (WFP) rules to block all outbound traffic on a Windows 10/11 system, make sure that Eddie is NOT running and follow these steps: Open the Start menu and search for "Windows Defender Firewall with Advanced Security". Click on the "Windows Defender Firewall with Advanced Security" icon to open the firewall settings. In the left pane, click on "Outbound Rules". In the right pane, click on the "New Rule" button. In the New Outbound Rule Wizard, select "Custom" and click "Next". Select "All Programs" and click "Next". In the "Protocols and Ports" section, select "All outbound traffic" and click "Next". In the "Action" section, select "Block the connection" and click "Next". In the "Profile" section, select the profiles for which you want to enable the rule (e.g., Domain, Private, Public) and click "Next". In the "Name" section, give the rule a name you like (e.g., "Block all outbound traffic") and click "Finish". The new outbound rule will be added to the list of firewall rules and will block all outbound traffic on the system. Then, when you run Eddie, enable Network Lock to restore traffic flow to the VPN servers. Disable Network Lock or shut down Eddie and the previous, block-all rules will be restored. Note: no third-party packet filtering tool should run as it could re-modify your rules. Kind regards

@wiz4rd Hello! Apparently UDP is blocked. Please make sure that no packet filtering tool either on your router or system blocks UDP. If you find nothing blocking: 1) The behavior has been noted sporadically with the Proton wintun interface your system is using (probably some previous installation: if Eddie finds a wintun interface already installed, it will use it without adding interfaces).. Force Eddie to create and use its own VPN interface: from Eddie's main window select "Preferences" > "Networking", fill the "VPN interface name" with eddie (or any other very short name you like), click "Save" and try again. 2) if the previous attempt does not resolve the issue, chances are that it's your ISP the one blocking UDP. Change connection mode: from Eddie's main window select "Preferences" > "Protocols" uncheck "Automatic" select the line with OpenVPN, protocol TCP, port 443, entry-IP address 3 (THREE). The line will be highlitghted click "Save" If the above connection mode is successful, also try WireGuard. WireGuard works only in UDP, but if the ISP block pertains only to certain UDP ports, you could have a successful connection as WireGuard connects to a different port in our service. You can switch to WireGuard again in the "Preferences" > "Protocols" window. Kind regards

Hello! This is a job for Eddie's white list of apps. Enter the apps you mention in the white list and then connect to the VPN. When a white list is defined, Eddie (through the VPNService Android API) will tunnel the traffic only of apps included in the white list. Any other traffic, including system service traffic, will flow outside the tunnel. We're very glad to know that the app rocks, thank you very much for your feedback! Kind regards

Hello! Recently Apple removed two apps which did the same. However, similar apps keep re-appearing . Usually they are scams. Those apps harvest personal data (even remotely, as the VPN infrastructure may exist just for this purpose in some cases) and may have other malicious purposes. We'll check, thank you for the head up. Kind regards

Hello! Out of curiosity, the Suite foundation classes are shared between the whole Suite components whenever possible, as you rightly notice, for the purposes of good design and optimization, but historically and logically Bluetit did not derive from Hummingbird. Given the completely different architecture of those programs, it would have been impossible. Even the logic is profoundly different (no wonder, one is a real daemon the other a root process). Nowadays the opposite is partly true, it's Hummingbird which benefits from Bluetit development when possible. The foundation classes themselves have been and are always designed for the client-server model. @tranquivox69 As explained by @OpenSourcerer you can't run Bluetit in a docker. If you need the client-server architecture that only Bluetit can give you, consider a full virtualization (or running the daemon on the host - of course. ). By running Hummingbird, anyway, performance will not be penalized at all: the underlying libraries which are critical for performance (e.g. OpenVPN3-AirVPN and OpenSSL) are the very same, so you should not notice any differences in this respect. Kind regards

@zerosum Hello! Capricornus suffered various problems in the datacenter. They should be all resolved now, we are testing. Please check again in a few hours. We apologize for any inconvenience. Kind regards

Hello! We're very glad to announce a special promotion on our long terms Premium plans. You can get prices as low as 2.20 €/month with a three years plan, which is a 68% discount when compared to monthly plan price of 7 €. You can also send an AirVPN plan as a gift: you have the option to print or send a colorful, dedicated picture with the code to activate the plan. You can do it in your account Client Area -> Your membership: Purchase and credit -> Print X-Mas after you have bought a coupon. If you're already our customer and you wish to stay aboard for a longer period, any additional subscription will be added on top of already existing subscriptions and you will not lose any day. Please check plans special prices on https://airvpn.org and https://airvpn.org/buy Kind regards & datalove AirVPN Staff

Hello! Yes, stay tuned! Kind regards

Hello! iVPN does not authorize your account to connect. Contact their customer service. You also have a valid subscription in AirVPN, do you experience any problem with AirVPN? Kind regards

Hello! The rules appear as totally correct. Please make sure that: the tun interface name is tun1, the destination IP address of the device is indeed 192.168.99.15, and no firewall in the final machine (192.168.99.15) blocks incoming packets. Then, verify the listening programs settings: make sure that they listen respectively to port 3637 and 15744. Last but not least review the iptables rules on the router during a connection, in order to ascertain that they are actually what you expect them to be after the VPN connection has been established (i.e nothing else modified them and so on). Kind regards

Hello everybody! We're moving the discussion from "News" to "Nonprofit", the community forum where you can discuss projects in your opinion compliant and non-compliant to our mission, where it fits much better. The "News" forum is moderated with iron fist and ruthless ferocity by the AirVPN founders. In "News", new topics can not be opened but by the founders themselves, and the community moderators have no power. Kind regards

Hello! Please note that auto-connecting VPN apps during device bootstrap is inhibited on Android TV 10 and higher versions. Which FireOS / Android versions do you both run? If it's Android TV 9 or older version, in your Eddie app please open the "Settings" view, expand "System" and make sure that "Start VPN at connection boot" is enabled. Check also the "VPN Priority order" Optionally, consider to populate "AirVPN Default" with servers in "AIRVPN SERVER" view if you wish a connection to a specific set of servers. When those settings are enabled, Eddie should start and connect to a VPN server according to the priority list (Eddie will try the list in ascending order) during device bootstrap after you shut down the device while Eddie is active and connected. EDIT: if you have Master Password enabled, the connection during the bootstrap can work only with a profile. You need to disable the Master Password if you want that Eddie connects during device bootstrap without a profile. In order to do so, open the "Settings" view, expand "AirVPN" and make sure that "Enable Master Password" item is off. Kind regards

@AR45H Hello! Eddie Desktop edition is not linked against any OpenVPN library. Instead, it runs external binaries with the proper options, according to customer preferences, in order to establish an OpenVPN based connection. It can run: OpenVPN 2.x, which is a binary Hummingbird, which is an AirVPN software (available to most Linux distributions and macOS) linked against OpenVPN3-AirVPN library a custom binary enforced by the user and provided that it is an OpenVPN drop-in replacement Furthermore: OpenVPN3-AirVPN is a forked library which (currently) is 161 commits ahead of OpenVPN:master. It's a fork of the OpenVPN 3 core library OpenVPN GUI is a Windows graphical user interface (GUI) of OpenVPN. Eddie can run the latest OpenVPN 2.x version installed in your system or the Hummingbird version included in the package Supporting connections over a SOCKS5 proxy and switching to UDP for data exchange is technically possible but currently not available in any OpenVPN version. We might evaluate the matter in our OpenVPN3 library in the future, but it's not planned at the moment. Kind regards

In Eddie there is a socks option under the proxy type. Is that just socks4 then if the client doesn't support socks5? Hello! OpenVPN is "socks" aware and supports connections to SOCKS4/5 proxies, as well as HTTP proxies. Eddie uses this feature. It's very useful if you are behind a corporate proxy and so on. Currently, to use this option OpenVPN must work over TCP because even when you enable UDP proxying on the SOCKS proxy (if the proxy supports it) you must first open a TCP connection to the proxy and, only once the method-dependent negotiation is complete, send an UDP ASSOCIATE request, acknowledge the reply, and properly process the port the proxy will indicate you to send UDP packets. The described process is currently unavailable on OpenVPN 2 and our OpenVPN3 library (while in WireGuard the option to connect over a proxy of any kind is totally missing). For more details and a thorough overview see RFC 1928 https://www.rfc-editor.org/rfc/rfc1928 Kind regard

@The_Purist Hello! Thanks, Eddie should not hang if the OpenVPN service is already running, it should warn you and only then exit. Probably it's a matter for developer's investigation. In the meantime you should be able to resolve the problem instantly by avoiding to start the OpenVPN service. Eddie manages either WireGuard or OpenVPN according to your preferences, so another OpenVPN or WireGuard instance already running will create conflicts. Kind regards

Hello! Thanks for the report. It shows two different problems. The latency tests remain stuck because of an Eddie bug which has been addresses in 2.22.2 version. Please test it and feel free to keep us posted at your convenience. You can download Eddie 2.22.2 on the usual download page for your system by clicking "Switch to experimental". In spite of the name, Eddie 2.22.2 is quite stable and after several weeks of public testing no serious bug has been found or reported. The second problem is related to OpenSSL 3 rejecting certificates signed via SHA1 (therefore it won't be resolved by the upgrade). Please see here for an explanation and a very quick solution: https://airvpn.org/forums/topic/53004-openssl-error-restart-every-3-seconds/ Kind regards

Hello! We're very glad to inform you that we have just released Hummingbird 1.2.1 for macOS (High Sierra or higher version required). Hummingbird is available natively both for Intel and M1 based Mac computers. Hummingbird is free and open source released under GPLv3: https://gitlab.com/AirVPN/hummingbird Main features Lightweight and stand alone binary No heavy framework required, no GUI Small RAM footprint Lightning fast Up to 100% higher throughput than OpenVPN 2.5 (on 1 Gbit/s lines) Based on OpenVPN 3 library fork by AirVPN Robust leaks prevention through Network Lock based on pf Proper handling of DNS push by VPN servers What's new all libraries and dependencies have been updated Important note for high speed line users Because of some architectural specifications and implementation in macOS, in particular in case of high speed traffic Hummingbird may warn the user about shortage of buffer space, specifically when connected with the UDP. This condition is signaled by Hummingbird with the below messages in the log: UDP send exception: send: No buffer space available ERROR: NETWORK_SEND_ERROR The error is caused by the maximum network sockets size set in macOS, a value usually small and unsuited for modern high speed networks. The solution consists in increasing the maximum allowed size for socket buffers and, in case the problem persists, the number of mbuf clusters. The procedure is simple, please find out all the details in the manual. Open the README.md file with any viewer and search for "SEND_ERROR", or consult the online manual. Download the software here: https://airvpn.org/macos/hummingbird/ Kind regards & datalove AirVPN Staff

Hello! We're very glad to inform you that AirVPN Suite version 1.2.1 is now available. The suite includes: Bluetit: lightweight, ultra-fast D-Bus controlled system daemon providing full connectivity and integration to AirVPN servers, or generic OpenVPN servers. Bluetit can also enforce Network Lock and/or connect the system to AirVPN during the bootstrap Goldcrest: Bluetit client, allowing full integration with AirVPN servers, users, keys, profiles as well as generic OpenVPN servers Hummingbird: lightweight and standalone binary for generic OpenVPN server connections What's new in 1.2.1 Packages are available both for OpenSSL 3 and OpenSSL 1.1.x (legacy). Pick one according to the version you have in your system. If in doubt, run openssl version command from a terminal. bluetit.rc new directive forbidquickhomecountry to allow or forbid quick connections to home country servers Goldcrest bluetit-status option now shows the status of network lock and connection update of all support libraries, including OpenVPN-AirVPN bug fix: invalid user key label issue. Now, in case an invalid user key label is provided, the proper error is returned Please check the changelog included, as usual, in the packages for detailed information. AirVPN Suite is free and open source software released under GPLv3. Source code is available here: https://gitlab.com/AirVPN/AirVPN-Suite Download page: https://airvpn.org/linux/suite/ User's manual: https://airvpn.org/suite/readme/ Bluetit Developer's reference manual: https://gitlab.com/AirVPN/AirVPN-Suite/-/blob/master/docs/Bluetit-Developers-Reference-Manual.pdf Some notes: for Raspberry OS pick the ARM 64 bit legacy package, because Raspberry OS is based on Debian 11 and uses OpenSSL 1.1.x by default. for old Raspbian operating system and other 32 bit ARM systems pick the ARM 32 bit legacy package for Ubuntu 22 for Raspberry, pick ARM 64 bit mainline package (not legacy) if you run some i686 Linux let us know. You can still run AirVPN Suite 1.10 but if we have requests we can prepare a package for abandoned systems. Link to AirVPN Suite 1.1.0 for i686: https://eddie.website/repository/AirVPN-Suite/1.1/AirVPN-Suite-i686-1.1.0.tar.gz sha256 checksum: 6454cafc860ccc89da5da933c5bed279b1e1534a750f4423e6937e4fb84779e1 Kind regards & Datalove AirVPN Staff

@htpc Hello and thank you! Eddie 3.0 is currently under review on the Amazon Appstore. The review started on December the 1st, so approval (or rejection) should arrive very soon. In the meantime a side load is mandatory if you don't have access to the Google Play Store (where Eddie 3 is live). Kind regards

Hello! Let's see the new OpenVPN log, after the previously mentioned changes, at your convenience. Kind regards