Jump to content
Not connected, Your IP: 3.233.217.242

Staff

Staff
  • Content Count

    8086
  • Joined

    ...
  • Last visited

    ...
  • Days Won

    1083

Reputation Activity

  1. Haha
    Staff reacted to Flx in Cloudflare WARP VPN   ...
    Yup useless to the users. The only one thing it is good for "Collecting data and more data".
  2. Thanks
    Staff reacted to mith_y2k in Cloudflare WARP VPN   ...
    I didn’t know about the IP, I verified and Cloudflare confirmed it. It looks like it’s useless.

    it’s a shame because performance looked good.

    I’d love Airvpn with ChaCha for iOS
  3. Thanks
    Staff reacted to giganerd in AirVPN client based on OpenVPN 3.3 AirVPN   ...
    Hmm, I'm sorry, but it's still mixing up v4 and v6...
    $ sudo ./airvpn -N off -i -6 yes IPv6.ovpn
    AirVPN OpenVPN 3 Client 1.0 alpha 2 - 7 November 2019

    CONNECTING...
    Starting thread
    Thu Nov  7 18:28:12.805 2019 OpenVPN core 3.3.2 AirVPN linux x86_64 64-bit
    Thu Nov  7 18:28:12.809 2019 Frame=512/2048/512 mssfix-ctrl=1250
    Thu Nov  7 18:28:12.812 2019 UNUSED OPTIONS
    3 [resolv-retry] [infinite]
    4 [nobind]
    5 [persist-key]
    6 [persist-tun]
    7 [auth-nocache]
    8 [route-delay] [5]
    9 [verb] [3]
    10 [explicit-exit-notify] [5]
    18 [pull-filter] [ignore] [dhcp-option DNS]
    Thu Nov  7 18:28:12.812 2019 EVENT: RESOLVE
    Thu Nov  7 18:28:12.813 2019 WARNING: Network filter and lock is disabled
    Thu Nov  7 18:28:12.813 2019 Contacting [2001:ac8:20:2b:fbca:14fa:873e:4051]:443 via UDP
    Thu Nov  7 18:28:12.813 2019 EVENT: WAIT
    Thu Nov  7 18:28:12.813 2019 net_route_best_gw query IPv6: 2001:ac8:20:2b:fbca:14fa:873e:4051/128
    Thu Nov  7 18:28:12.813 2019 sitnl_route_best_gw result: via fe80::9a9b:cbff:fe6d:a378 dev enp35s0
    Thu Nov  7 18:28:12.813 2019 Thu Nov  7 18:28:12.813 2019 EVENT: DISCONNECTED
    connect error: ipv4_exception: error parsing IPv4 address '2001:ac8:20:2b:fbca:14fa:873e:4051' : Invalid argument
    Thread finished
    STATS:

    Profile is the same.
  4. Thanks
    Staff got a reaction from colorman in AirVPN client based on OpenVPN 3.3 AirVPN   ...
    Hello!

    AirVPN OpenVPN 3 client version 1.0 alpha 2 is now available. It addresses reported bugs and should resolve them.

    AirVPN OpenVPN 3 Client 1.0 alpha 2 - 7 November 2019
     
    Changelog
      [ProMIND] DNS resolver has now a better management of IPv6 domains [ProMIND] DNS resolver has now a better management of multi IP domains [ProMIND] Minor bug fixes ========

    Linux 64 bit build can be downloaded here:
    https://eddie.website/repository/eddie/airvpn-static1.0alpha/airvpn-static-linux-1.0-alpha2.tar.gz
    SHA512: https://eddie.website/repository/eddie/airvpn-static1.0alpha/airvpn-static-linux-1.0-alpha2.tar.gz.sha512

    Linux Raspbian 32 bit build can be downloaded here:
    https://eddie.website/repository/eddie/airvpn-static1.0alpha/airvpn-static-raspberry-1.0-alpha2.tar.gz
    SHA 512: https://eddie.website/repository/eddie/airvpn-static1.0alpha/airvpn-static-raspberry-1.0-alpha2.tar.gz.sha512

    Thank you for your tests!

    Kind regards
     
  5. Thanks
    Staff reacted to maxandjim in AirVPN client based on OpenVPN 3.3 AirVPN   ...
    Did a clean install and fully updated. Buster on a headless Pi4 and set up my wifi AP with this https://www.raspberrypi.org/documentation/configuration/wireless/access-point.md#internet-sharing

    Installed the Alpha1 and tried various config files and all seem to work and connect seamlessly, good speeds.
    Nothing works on the AP though through the VPN, I can connect and ping wlan0 and tun0 from windows but no internet. This is probably blatantly obvious to most but I'm sadly out of my depth here so I'll leave this thread to the pros.

    --recover-network gives the same fault as I mentioned earlier, no backup of resolv.conf, though when killing the connection with ctrl/c the last thing it says is "successfully restored DNS"

    Ctrl/C kills everything, kills the ssh shell and I can't ssh back in to either eth0 or wlan0 #poweroff

    Good luck with the project, I will keep my eye on it :-)



     
  6. Thanks
    Staff reacted to QueenSasha in AirVPN client based on OpenVPN 3.3 AirVPN   ...
    Bug report to check:

    the software freezes when it runs with a profile containing a remote line with a name resolving to multiple addresses . After a forced kill, software doesn't restore fw rules correctly with --recover-network when launched again

    Test for example with:
    remote europe.all.vpn.airdns.org 443

    -- qs
     
  7. Like
    Staff got a reaction from Pi77Bull in AirVPN client based on OpenVPN 3.3 AirVPN   ...
    Hello!

    We are very glad to introduce a new client software for Linux 64 bit and Linux Raspbian 32 bit (which is frequently installed in Raspberry PI), based on our own AirVPN OpenVPN 3 library.

    The software is an initial and temporary step toward a more refined product to meet right now various demands by many Linux and *BSD users. It does not have a code name yet, and it is just "AirVPN OpenVPN 3 client" at the moment. It will evolve in to an integrated client and daemon targeting Linux, Mac, OpenBSD and FreeBSD platforms.

    Main features:
    lightweight and stand alone binary no heavy framework required, no GUI tiny RAM footprint (less than 3 MB currently) lightning fast based on OpenVPN 3 library fork by AirVPN with tons of critical bug fixes from the main branch, new ciphers support and never seen before features ChaCha20-Poly1305 cipher support on both Control and Data Channel providing great performance boost on Raspberry PI and any Linux-based platform not supporting AES-NI robust leaks prevention through Network Lock based either on iptables or nftables through automatic detection proper handling of DNS push by VPN servers, working with resolv.conf as well as any operational mode of systemd-resolved additional features
    Versions for Mac, FreeBSD and OpenBSD will follow in the near future.

    The software is currently in alpha stage and it must be therefore and implicitly considered unstable and under development. Source code will be made public at the release of a stable version. If you wish to test, feel free to download the binaries here and report in this very thread any bug, glitch and anything you wish:

    Linux 64 bit version: https://eddie.website/repository/eddie/airvpn-static1.0alpha/airvpn-static-linux-1.0-alpha2.tar.gz

    Raspbian 32 bit version: https://eddie.website/repository/eddie/airvpn-static1.0alpha/airvpn-static-raspberry-1.0-alpha2.tar.gz
      How to install AirVPN client for Linux x86_64 and Raspberry
    Requirements
    ------------

    Linux x86-64 CPU/architecture A reasonably recent 64 bit Linux distribution tar sha512sum (optional)
    Raspberry Linux Raspbian distribution tar sha512sum (optional)   Linux Installation
    ------------------
    Download airvpn-static-linux-1.0-alpha2.tar.gz [optional] Download airvpn-static-linux-1.0-alpha2.tar.gz.sha512 This file is required to check the integrity of the above tar archive. It is not mandatory but it is strongly advised to download this file and check the tar archive [optional] Open a terminal window [optional] Check the integrity of the tar archive by issuing this command: "sha512sum --check airvpn-static-linux-1.0-alpha.tar.gz.sha512" (without quotes) [optional] Make sure the command responds with "airvpn-static-linux-1.0-alpha.tar.gz: OK" Change your current directory to a convenient place, such as your home directory. This can be done by issuing the command "cd ~" (without quotes) Extract the tart archive by issuing this command on your terminal window: tar xvf airvpn-static-linux-1.0-alpha.tar.gz The process will create a directory airvpn-static-linux-x86_64 Issue the "cd airvpn-static-linux-x86_64" (without quotes) [optional] Check the integrity of the binary file airvpn. Issue this command from your terminal window: sha512sum --check airvpn.sha512" (without quotes) [optional] Make sure the command responds with "airvpn: OK" [optional] Check dynamic library availability. Issue the command "ldd airvpn" and make sure all the required dynamic libraries are available. No line of the output must contain "not found" the Linux client is now ready to be used and possibly copied to a different directory of your system. Please note the client needs root privileges. Your user must therefore be included in your system's "sudoers" (depending on specific Linux distribution)   Raspberry/Raspbian Installation
    -------------------------------
      Download airvpn-static-raspberry-1.0-alpha2.tar.gz [optional] Download airvpn-static-raspberry-1.0-alpha2.tar.gz.sha512 This file is required to check the integrity of the above tar archive. It is not mandatory but it is strongly advised to download this file and check the tar archive [optional] Open a terminal window [optional] Check the integrity of the tar archive by issuing this command: "sha512sum --check airvpn-static-raspberry-1.0-alpha.tar.gz.sha512" (without quotes) [optional] Make sure the command responds with "airvpn-static-raspberry-1.0-alpha.tar.gz: OK" Change you current directory to a convenient place, such as your home directory. This can be done by issuing the command "cd ~" (without quotes) Extract the tart archive by issuing this command on your terminal window: tar xvf airvpn-static-raspberry-1.0-alpha.tar.gz The process will create a directory airvpn-static-raspberry Issue the "cd airvpn-static-raspberry" (without quotes) [optional] Check the integrity of the binary file airvpn. Issue this command from your terminal window: sha512sum --check airvpn.sha512" (without quotes) [optional] Make sure the command responds with "airvpn: OK" [optional] Check dynamic library availability. Issue the command "ldd airvpn" and make sure all the required dynamic libraries are available. No line of the output must contain "not found" the Raspberry/Raspbian client is now ready to be used and possibly copied to a different directory of your system. Please note the client needs root privileges. Your user must therefore be included in your system's "sudoers"   Running the Client
    ------------------

    Run the client and display its help and become familiar with its options. From your terminal window issue this command:

      sudo ./airvpn --help
    After having entered root password, the client responds with:
      AirVPN OpenVPN 3 Client 1.0 alpha 1 usage: ./airvpn [options] <config-file> [extra-config-directives...] --help, -h : show this help page --version, -v : show version info --eval, -e : evaluate profile only (standalone) --merge, -m : merge profile into unified format (standalone) --username, -u : username --password, -p : password --response, -r : static response --dc, -D : dynamic challenge/response cookie --cipher, -C : encrypt packets with specific cipher algorithm (alg) --proto, -P : protocol override (udp|tcp) --server, -s : server override --port, -R : port override --ncp-disable, -n : disable negotiable crypto parameters --network-lock, -N : enable/disable network filter and lock (on|off, default on) --gui-version, -E : set custom gui version (text) --ignore-dns-push, -i : ignore DNS push request and use system DNS settings --ipv6, -6 : IPv6 (yes|no|default) --timeout, -t : timeout --compress, -c : compression mode (yes|no|asym) --pk-password, -z : private key password --tvm-override, -M : tls-version-min override (disabled, default, tls_1_x) --tcprof-override, -X : tls-cert-profile override (legacy, preferred, etc.) --proxy-host, -y : HTTP proxy hostname/IP --proxy-port, -q : HTTP proxy port --proxy-username, -U : HTTP proxy username --proxy-password, -W : HTTP proxy password --proxy-basic, -B : allow HTTP basic auth --alt-proxy, -A : enable alternative proxy module --dco, -d : enable data channel offload --cache-password, -H : cache password --no-cert, -x : disable client certificate --def-keydir, -k : default key direction ('bi', '0', or '1') --force-aes-cbc, -f : force AES-CBC ciphersuites --ssl-debug : SSL debug level --google-dns, -g : enable Google DNS fallback --auto-sess, -a : request autologin session --auth-retry, -Y : retry connection on auth failure --persist-tun, -j : keep TUN interface open across reconnects --peer-info, -I : peer info key/value list in the form K1=V1,K2=V2,... --gremlin, -G : gremlin info (send_delay_ms, recv_delay_ms, send_drop_prob, recv_drop_prob) --epki-ca : simulate external PKI cert supporting intermediate/root certs --epki-cert : simulate external PKI cert --epki-key : simulate external PKI private key --recover-network : recover network settings after a crash or unexpected exit
    The client needs a valid OpenVPN profile in order to connect to a server. You can create an OpenVPN profile by using the config generator available at airvpn website in your account "Client Area"

    To start a connection:

        sudo ./airvpn your_openvpn_file.ovpn
    To stop a connection, just type CTRL+C. The client will initiate the disconnection process and will restore your original network settings according to your options.


    To start a connection with a specific cipher:

        sudo ./airvpn --ncp-disable --cipher CHACHA20-POLY1305 your_openvpn_file.ovpn
    Please note, in order to properly work, the server you are connecting to must support the cipher specified with the "--cipher" option. If you wish to use CHACHA20-POLY1305 cipher, you can find AirVPN servers supporting it in our real time servers monitor https://airvpn.org/status : they are marked in yellow as "Experimental ChaCha20".

    To disable the network filter and lock: sudo ./airvpn --network-lock off your_openvpn_file.ovpn
    To ignore the DNS servers pushed by the VPN server:
      sudo ./airvpn --ignore-dns-push your_openvpn_file.ovpn
    Please note: the above options can be combined together according to their use and function.

      Note on network filter and lock
    -------------------------------

    The client's network filter and lock uses natively iptables and nftables. The client will automatically use the infrastructure available on your system. Please note: services firewalld and ufw may interfere with the client's network filter and lock and you are strongly advised to not issue any firewall related command while the VPN connection is active.
      Note on DNS
    -----------

    The client currently supports both resolv.conf and systemd-resolved service. When the client is running you are strongly advised to not issue any resolved related command (such as resolvectl) or change the resolv.conf file in order to make sure the system properly uses DNS pushed by the VPN server. Please note: DNS system settings are not changed in case the client has been started with "--ignore-dns-push". In this specific case, the connection will use your system's DNS.
    Recover your network settings
    -----------------------------

    The client is currently in alpha stage and it must be therefore and implicitly considered unstable and under development. In case the client crashes or it is killed by the user (i.e. kill -9 `pidof airvpn`) as well as in case of system reboot while the connection is active, the system will keep and use all the network settings determined by the client; hence, your network connection will not work as expected, every connection is refused and the system will seem to be "network locked". To restore and recover your system network, you can use the client with the "--recover-network" option
      sudo ./airvpn --recover-network

    Please note in case of crash or unexpected exit, when you subsequently run the client it will warn you about the unexpected exit and will require you to run it again with the "--recover-network" option. It will also refuse to start any connection until the network has been properly restored and recovered.


    Kind regards and datalove
    AirVPN Staff




     
  8. Thanks
    Staff got a reaction from giganerd in AirVPN client based on OpenVPN 3.3 AirVPN   ...
    Hello!


    @giganerd

    Bug detected and fixed, a new testing version is almost ready to be deployed. Thanks!


    @QueenSasha

    Thank you, actually speed, efficiency and low RAM footprint have been a priority in OpenVPN 3.3 AirVPN design. Glad to hear that you get remarkable performance boost in Raspberry. Our OpenVPN 3 development goes on and is aimed as usual to bug fixing and new features implementation.

    Developer will answer soon to your technical questions, in the meantime feel free to keep us posted if you find any glitch or bug.


    @usr32

    Great comparison thank you! We are surprised that you could beat AES with ChaCha20 in an AES-NI supporting machine. Can you please specify the whole architecture? We would like to make some verifications with OpenVPN 3+mbedTLS for AES-NI support in specific archs.


    @GJElde

    So you made an OpenVPN text configuration file +x and you tried to run it?


    @maxandjim

    Thank you, we will investigate asap.

    Kind regards
  9. Thanks
    Staff got a reaction from giganerd in AirVPN client based on OpenVPN 3.3 AirVPN   ...
    Hello!


    @giganerd

    Bug detected and fixed, a new testing version is almost ready to be deployed. Thanks!


    @QueenSasha

    Thank you, actually speed, efficiency and low RAM footprint have been a priority in OpenVPN 3.3 AirVPN design. Glad to hear that you get remarkable performance boost in Raspberry. Our OpenVPN 3 development goes on and is aimed as usual to bug fixing and new features implementation.

    Developer will answer soon to your technical questions, in the meantime feel free to keep us posted if you find any glitch or bug.


    @usr32

    Great comparison thank you! We are surprised that you could beat AES with ChaCha20 in an AES-NI supporting machine. Can you please specify the whole architecture? We would like to make some verifications with OpenVPN 3+mbedTLS for AES-NI support in specific archs.


    @GJElde

    So you made an OpenVPN text configuration file +x and you tried to run it?


    @maxandjim

    Thank you, we will investigate asap.

    Kind regards
  10. Thanks
    Staff reacted to maxandjim in AirVPN client based on OpenVPN 3.3 AirVPN   ...
    Trying a clean Raspian install on a Pi4 and noticed typos in the instructions.

    Files are named alpha and the shell commands are alfa.
  11. Thanks
    Staff got a reaction from luxc0r0 in AirVPN supports Johnstone's journalistic work   ...
    Hello!

    We're glad to inform you that we support the journalistic work of Caitlin Johnstone, "rogue journalist". Her journalistic work is entirely supported by her readers. Her articles are not copyrighted and she gives unconditional permissions to republish them or part of them free of charge.

    https://caitlinjohnstone.com

    Check our mission page: https://airvpn.org/mission

    Kind regards and datalove
    AirVPN Staff
     
  12. Like
    Staff got a reaction from Weasel in AirVPN does not recognize ICANN authority anymore   ...
    AIRVPN DOES NOT RECOGNIZE ANYMORE VERISIGN, AFILIAS AND ICANN AUTHORITY. OUR COMMITMENT AGAINST UNITED STATES OF AMERICA UNFAIR AND ILLEGAL DOMAIN NAMES SEIZURES.

    The United States of America authorities have been performing domain names seizures since the end of 2010. The seizures have been performed against perfectly legal web-sites and/or against web-sites outside US jurisdiction.

    Administrators of some of those web-sites had been previously acquitted of any charge by courts in the European Union.

    The domain name seizures affect the world wide web in its entirety since they are performed bypassing the original registrar and forcing VeriSign and Afilias (american companies which administer TLDs like .org, .net, .info and .com) to transfer the domain name to USA authorities property. No proper judicial overview is guaranteed during the seizure.

    Given all of the above, we repute that these acts:

    - are a violation of EU citizens fundamental rights, as enshrined in the European Convention on Human Rights;
    - are an attack against the Internet infrastructure and the cyberspace;
    - are a strong hint which shows that decision capacities of USA Department of Justice and ICE are severely impaired;

    and therefore from now on AirVPN does not recognize VeriSign, Afilias and/or ICANN authority over domain names. AirVPN refuses to resolve "seized" domain names to the IP address designated by USA authorities, allowing normal access to the original servers' websites / legitimate Ip addresses.

    In order to fulfil the objective, we have put in place an experimental service which is already working fine. If you find anomalies, please let us know, the system will surely improve in time.

    Kind regards
    AirVPN admins
  13. Like
    Staff reacted to usr32 in AirVPN client based on OpenVPN 3.3 AirVPN   ...
    That is great news, thank you, keep up the good work.

    I performed a small benchmark for fun, comparing the throughput in a VM. What is weird is the Tx/Rx "reversal" with OpenVPN 2.4.4 versus 3.3.2 but probably just the peak values are relevant.

    ~30% more performance is something. Expected a little more but the CPU is heavily throttled (and supports AES-NI), so I guess this is a very good result. Here is the test.
     
    ### All tests performed on lowest cheapo cloud instance with Luhman ## No VPN # Baseline iperf3 Network Speed Tests (IPv4): --------------------------------- Provider | Location (Link) | Send Speed | Recv Speed | | | Bouygues Telecom | Paris, FR (10G) | 967 Mbits/sec | 7.44 Gbits/sec Online.net | Paris, FR (10G) | 962 Mbits/sec | 7.88 Gbits/sec Severius | The Netherlands (10G) | 966 Mbits/sec | 2.72 Gbits/sec Worldstream | The Netherlands (10G) | 966 Mbits/sec | 7.51 Gbits/sec wilhelm.tel | Hamburg, DE (10G) | 948 Mbits/sec | 7.20 Gbits/sec Hostkey | Moscow, RU (1G) | 624 Mbits/sec | 909 Mbits/sec Velocity Online | Tallahassee, FL, US (10G) | 878 Mbits/sec | 958 Mbits/sec Airstream Communications | Eau Claire, WI, US (10G) | 834 Mbits/sec | 294 Mbits/sec ## With OpenVPN 2.4.4 and AES-256-GCM # Test 1 iperf3 Network Speed Tests (IPv4): --------------------------------- Provider | Location (Link) | Send Speed | Recv Speed | | | Bouygues Telecom | Paris, FR (10G) | 200 Mbits/sec | 162 Mbits/sec Online.net | Paris, FR (10G) | 210 Mbits/sec | 120 Mbits/sec Severius | The Netherlands (10G) | 183 Mbits/sec | 67.5 Mbits/sec Worldstream | The Netherlands (10G) | 206 Mbits/sec | 68.5 Mbits/sec wilhelm.tel | Hamburg, DE (10G) | 216 Mbits/sec | 59.7 Mbits/sec Hostkey | Moscow, RU (1G) | 135 Mbits/sec | 78.7 Mbits/sec Velocity Online | Tallahassee, FL, US (10G) | 69.6 Mbits/sec | 61.6 Mbits/sec Airstream Communications | Eau Claire, WI, US (10G) | 62.6 Mbits/sec | 45.4 Mbits/sec # Test 2 iperf3 Network Speed Tests (IPv4): --------------------------------- Provider | Location (Link) | Send Speed | Recv Speed | | | Bouygues Telecom | Paris, FR (10G) | 216 Mbits/sec | 104 Mbits/sec Online.net | Paris, FR (10G) | 252 Mbits/sec | 101 Mbits/sec Severius | The Netherlands (10G) | 198 Mbits/sec | 84.6 Mbits/sec Worldstream | The Netherlands (10G) | 226 Mbits/sec | 73.3 Mbits/sec wilhelm.tel | Hamburg, DE (10G) | 238 Mbits/sec | 62.4 Mbits/sec Hostkey | Moscow, RU (1G) | 129 Mbits/sec | 160 Mbits/sec Velocity Online | Tallahassee, FL, US (10G) | 62.1 Mbits/sec | 75.7 Mbits/sec Airstream Communications | Eau Claire, WI, US (10G) | 77.9 Mbits/sec | 67.6 Mbits/sec ## With AirVPN OpenVPN 3 Client 1.0 alpha 1 and CHACHA20-POLY1305 # Test 1 iperf3 Network Speed Tests (IPv4): --------------------------------- Provider | Location (Link) | Send Speed | Recv Speed | | | Bouygues Telecom | Paris, FR (10G) | 40.3 Mbits/sec | 303 Mbits/sec Online.net | Paris, FR (10G) | 56.7 Mbits/sec | 264 Mbits/sec Severius | The Netherlands (10G) | 83.2 Mbits/sec | 213 Mbits/sec Worldstream | The Netherlands (10G) | 47.8 Mbits/sec | 283 Mbits/sec wilhelm.tel | Hamburg, DE (10G) | 83.5 Mbits/sec | 285 Mbits/sec Hostkey | Moscow, RU (1G) | 65.4 Mbits/sec | 106 Mbits/sec Velocity Online | Tallahassee, FL, US (10G) | 48.9 Mbits/sec | 106 Mbits/sec Airstream Communications | Eau Claire, WI, US (10G) | 12.0 Mbits/sec | 55.6 Mbits/sec # Test 2 iperf3 Network Speed Tests (IPv4): --------------------------------- Provider | Location (Link) | Send Speed | Recv Speed | | | Bouygues Telecom | Paris, FR (10G) | 134 Mbits/sec | 333 Mbits/sec Online.net | Paris, FR (10G) | 166 Mbits/sec | 274 Mbits/sec Severius | The Netherlands (10G) | busy | 254 Mbits/sec Worldstream | The Netherlands (10G) | 121 Mbits/sec | 334 Mbits/sec wilhelm.tel | Hamburg, DE (10G) | 157 Mbits/sec | 304 Mbits/sec Hostkey | Moscow, RU (1G) | 50.2 Mbits/sec | 208 Mbits/sec Velocity Online | Tallahassee, FL, US (10G) | 45.9 Mbits/sec | 92.5 Mbits/sec Airstream Communications | Eau Claire, WI, US (10G) | 98.3 Mbits/sec | 74.1 Mbits/sec
  14. Like
    Staff got a reaction from Pi77Bull in AirVPN client based on OpenVPN 3.3 AirVPN   ...
    Hello!

    We are very glad to introduce a new client software for Linux 64 bit and Linux Raspbian 32 bit (which is frequently installed in Raspberry PI), based on our own AirVPN OpenVPN 3 library.

    The software is an initial and temporary step toward a more refined product to meet right now various demands by many Linux and *BSD users. It does not have a code name yet, and it is just "AirVPN OpenVPN 3 client" at the moment. It will evolve in to an integrated client and daemon targeting Linux, Mac, OpenBSD and FreeBSD platforms.

    Main features:
    lightweight and stand alone binary no heavy framework required, no GUI tiny RAM footprint (less than 3 MB currently) lightning fast based on OpenVPN 3 library fork by AirVPN with tons of critical bug fixes from the main branch, new ciphers support and never seen before features ChaCha20-Poly1305 cipher support on both Control and Data Channel providing great performance boost on Raspberry PI and any Linux-based platform not supporting AES-NI robust leaks prevention through Network Lock based either on iptables or nftables through automatic detection proper handling of DNS push by VPN servers, working with resolv.conf as well as any operational mode of systemd-resolved additional features
    Versions for Mac, FreeBSD and OpenBSD will follow in the near future.

    The software is currently in alpha stage and it must be therefore and implicitly considered unstable and under development. Source code will be made public at the release of a stable version. If you wish to test, feel free to download the binaries here and report in this very thread any bug, glitch and anything you wish:

    Linux 64 bit version: https://eddie.website/repository/eddie/airvpn-static1.0alpha/airvpn-static-linux-1.0-alpha2.tar.gz

    Raspbian 32 bit version: https://eddie.website/repository/eddie/airvpn-static1.0alpha/airvpn-static-raspberry-1.0-alpha2.tar.gz
      How to install AirVPN client for Linux x86_64 and Raspberry
    Requirements
    ------------

    Linux x86-64 CPU/architecture A reasonably recent 64 bit Linux distribution tar sha512sum (optional)
    Raspberry Linux Raspbian distribution tar sha512sum (optional)   Linux Installation
    ------------------
    Download airvpn-static-linux-1.0-alpha2.tar.gz [optional] Download airvpn-static-linux-1.0-alpha2.tar.gz.sha512 This file is required to check the integrity of the above tar archive. It is not mandatory but it is strongly advised to download this file and check the tar archive [optional] Open a terminal window [optional] Check the integrity of the tar archive by issuing this command: "sha512sum --check airvpn-static-linux-1.0-alpha.tar.gz.sha512" (without quotes) [optional] Make sure the command responds with "airvpn-static-linux-1.0-alpha.tar.gz: OK" Change your current directory to a convenient place, such as your home directory. This can be done by issuing the command "cd ~" (without quotes) Extract the tart archive by issuing this command on your terminal window: tar xvf airvpn-static-linux-1.0-alpha.tar.gz The process will create a directory airvpn-static-linux-x86_64 Issue the "cd airvpn-static-linux-x86_64" (without quotes) [optional] Check the integrity of the binary file airvpn. Issue this command from your terminal window: sha512sum --check airvpn.sha512" (without quotes) [optional] Make sure the command responds with "airvpn: OK" [optional] Check dynamic library availability. Issue the command "ldd airvpn" and make sure all the required dynamic libraries are available. No line of the output must contain "not found" the Linux client is now ready to be used and possibly copied to a different directory of your system. Please note the client needs root privileges. Your user must therefore be included in your system's "sudoers" (depending on specific Linux distribution)   Raspberry/Raspbian Installation
    -------------------------------
      Download airvpn-static-raspberry-1.0-alpha2.tar.gz [optional] Download airvpn-static-raspberry-1.0-alpha2.tar.gz.sha512 This file is required to check the integrity of the above tar archive. It is not mandatory but it is strongly advised to download this file and check the tar archive [optional] Open a terminal window [optional] Check the integrity of the tar archive by issuing this command: "sha512sum --check airvpn-static-raspberry-1.0-alpha.tar.gz.sha512" (without quotes) [optional] Make sure the command responds with "airvpn-static-raspberry-1.0-alpha.tar.gz: OK" Change you current directory to a convenient place, such as your home directory. This can be done by issuing the command "cd ~" (without quotes) Extract the tart archive by issuing this command on your terminal window: tar xvf airvpn-static-raspberry-1.0-alpha.tar.gz The process will create a directory airvpn-static-raspberry Issue the "cd airvpn-static-raspberry" (without quotes) [optional] Check the integrity of the binary file airvpn. Issue this command from your terminal window: sha512sum --check airvpn.sha512" (without quotes) [optional] Make sure the command responds with "airvpn: OK" [optional] Check dynamic library availability. Issue the command "ldd airvpn" and make sure all the required dynamic libraries are available. No line of the output must contain "not found" the Raspberry/Raspbian client is now ready to be used and possibly copied to a different directory of your system. Please note the client needs root privileges. Your user must therefore be included in your system's "sudoers"   Running the Client
    ------------------

    Run the client and display its help and become familiar with its options. From your terminal window issue this command:

      sudo ./airvpn --help
    After having entered root password, the client responds with:
      AirVPN OpenVPN 3 Client 1.0 alpha 1 usage: ./airvpn [options] <config-file> [extra-config-directives...] --help, -h : show this help page --version, -v : show version info --eval, -e : evaluate profile only (standalone) --merge, -m : merge profile into unified format (standalone) --username, -u : username --password, -p : password --response, -r : static response --dc, -D : dynamic challenge/response cookie --cipher, -C : encrypt packets with specific cipher algorithm (alg) --proto, -P : protocol override (udp|tcp) --server, -s : server override --port, -R : port override --ncp-disable, -n : disable negotiable crypto parameters --network-lock, -N : enable/disable network filter and lock (on|off, default on) --gui-version, -E : set custom gui version (text) --ignore-dns-push, -i : ignore DNS push request and use system DNS settings --ipv6, -6 : IPv6 (yes|no|default) --timeout, -t : timeout --compress, -c : compression mode (yes|no|asym) --pk-password, -z : private key password --tvm-override, -M : tls-version-min override (disabled, default, tls_1_x) --tcprof-override, -X : tls-cert-profile override (legacy, preferred, etc.) --proxy-host, -y : HTTP proxy hostname/IP --proxy-port, -q : HTTP proxy port --proxy-username, -U : HTTP proxy username --proxy-password, -W : HTTP proxy password --proxy-basic, -B : allow HTTP basic auth --alt-proxy, -A : enable alternative proxy module --dco, -d : enable data channel offload --cache-password, -H : cache password --no-cert, -x : disable client certificate --def-keydir, -k : default key direction ('bi', '0', or '1') --force-aes-cbc, -f : force AES-CBC ciphersuites --ssl-debug : SSL debug level --google-dns, -g : enable Google DNS fallback --auto-sess, -a : request autologin session --auth-retry, -Y : retry connection on auth failure --persist-tun, -j : keep TUN interface open across reconnects --peer-info, -I : peer info key/value list in the form K1=V1,K2=V2,... --gremlin, -G : gremlin info (send_delay_ms, recv_delay_ms, send_drop_prob, recv_drop_prob) --epki-ca : simulate external PKI cert supporting intermediate/root certs --epki-cert : simulate external PKI cert --epki-key : simulate external PKI private key --recover-network : recover network settings after a crash or unexpected exit
    The client needs a valid OpenVPN profile in order to connect to a server. You can create an OpenVPN profile by using the config generator available at airvpn website in your account "Client Area"

    To start a connection:

        sudo ./airvpn your_openvpn_file.ovpn
    To stop a connection, just type CTRL+C. The client will initiate the disconnection process and will restore your original network settings according to your options.


    To start a connection with a specific cipher:

        sudo ./airvpn --ncp-disable --cipher CHACHA20-POLY1305 your_openvpn_file.ovpn
    Please note, in order to properly work, the server you are connecting to must support the cipher specified with the "--cipher" option. If you wish to use CHACHA20-POLY1305 cipher, you can find AirVPN servers supporting it in our real time servers monitor https://airvpn.org/status : they are marked in yellow as "Experimental ChaCha20".

    To disable the network filter and lock: sudo ./airvpn --network-lock off your_openvpn_file.ovpn
    To ignore the DNS servers pushed by the VPN server:
      sudo ./airvpn --ignore-dns-push your_openvpn_file.ovpn
    Please note: the above options can be combined together according to their use and function.

      Note on network filter and lock
    -------------------------------

    The client's network filter and lock uses natively iptables and nftables. The client will automatically use the infrastructure available on your system. Please note: services firewalld and ufw may interfere with the client's network filter and lock and you are strongly advised to not issue any firewall related command while the VPN connection is active.
      Note on DNS
    -----------

    The client currently supports both resolv.conf and systemd-resolved service. When the client is running you are strongly advised to not issue any resolved related command (such as resolvectl) or change the resolv.conf file in order to make sure the system properly uses DNS pushed by the VPN server. Please note: DNS system settings are not changed in case the client has been started with "--ignore-dns-push". In this specific case, the connection will use your system's DNS.
    Recover your network settings
    -----------------------------

    The client is currently in alpha stage and it must be therefore and implicitly considered unstable and under development. In case the client crashes or it is killed by the user (i.e. kill -9 `pidof airvpn`) as well as in case of system reboot while the connection is active, the system will keep and use all the network settings determined by the client; hence, your network connection will not work as expected, every connection is refused and the system will seem to be "network locked". To restore and recover your system network, you can use the client with the "--recover-network" option
      sudo ./airvpn --recover-network

    Please note in case of crash or unexpected exit, when you subsequently run the client it will warn you about the unexpected exit and will require you to run it again with the "--recover-network" option. It will also refuse to start any connection until the network has been properly restored and recovered.


    Kind regards and datalove
    AirVPN Staff




     
  15. Thanks
    Staff reacted to colorman in AirVPN client based on OpenVPN 3.3 AirVPN   ...
    A problem.......
    error
  16. Thanks
    Staff reacted to colorman in eddie-ui_2.13.6_linux_x64   ...
    Am now trying out the latest AirVPN client based on OpenVPN 3.3 AirVPN.
    No problems discovered so far.
  17. Thanks
    Staff reacted to Magenof in Weird connection drop outs during high download   ...
    Ow lord I figured it out. In the synology reconnection script mentioned here:
    There is a part where it will get your public IP address to see if you're still online. While that script works normally, if you're connection is maxed out by torrent connections, it will not be able to reach the website and return nothing, thus triggering the reconnect in the script. 😬
    Took me way too long to figure this out ...
  18. Thanks
    Staff reacted to giganerd in AirVPN client based on OpenVPN 3.3 AirVPN   ...
    It mixes up v4 and v6 somewhere.
    $ sudo ./airvpn IPv6.ovpn -i --ipv6 yes IPv6.ovpn
    AirVPN OpenVPN 3 Client 1.0 alpha 1

    CONNECTING...
    Starting thread
    Fri Nov  1 18:00:43.484 2019 OpenVPN core 3.3.2 AirVPN linux x86_64 64-bit
    Fri Nov  1 18:00:43.485 2019 Frame=512/2048/512 mssfix-ctrl=1250
    Fri Nov  1 18:00:43.487 2019 UNUSED OPTIONS
    3 [resolv-retry] [infinite]
    4 [nobind]
    5 [persist-key]
    6 [persist-tun]
    7 [auth-nocache]
    8 [route-delay] [5]
    9 [verb] [3]
    10 [explicit-exit-notify] [5]
    18 [pull-filter] [ignore] [dhcp-option DNS]
    39 [IPv6.ovpn]
    Fri Nov  1 18:00:43.487 2019 EVENT: RESOLVE
    Fri Nov  1 18:00:43.487 2019 Network filter and lock is using iptables
    Fri Nov  1 18:00:43.491 2019 Successfully loaded kernel module iptable_filter
    Fri Nov  1 18:00:43.500 2019 Successfully loaded kernel module iptable_nat
    Fri Nov  1 18:00:43.503 2019 Successfully loaded kernel module iptable_mangle
    Fri Nov  1 18:00:43.506 2019 Successfully loaded kernel module iptable_security
    Fri Nov  1 18:00:43.509 2019 Successfully loaded kernel module iptable_raw
    Fri Nov  1 18:00:43.512 2019 Successfully loaded kernel module ip6table_filter
    Fri Nov  1 18:00:43.519 2019 Successfully loaded kernel module ip6table_nat
    Fri Nov  1 18:00:43.522 2019 Successfully loaded kernel module ip6table_mangle
    Fri Nov  1 18:00:43.525 2019 Successfully loaded kernel module ip6table_security
    Fri Nov  1 18:00:43.527 2019 Successfully loaded kernel module ip6table_raw
    # Warning: iptables-legacy tables present, use iptables-legacy-save to see them
    # Warning: ip6tables-legacy tables present, use ip6tables-legacy-save to see them
    Fri Nov  1 18:00:43.536 2019 Network filter successfully initialized
    Fri Nov  1 18:00:43.536 2019 Local IPv4 address 192.168.110.11
    Fri Nov  1 18:00:43.536 2019 Local IPv4 address 192.168.122.1
    Fri Nov  1 18:00:43.536 2019 Local IPv6 address 2003:f5:f713:6500:da0f:dfee:ec7:71ae
    Fri Nov  1 18:00:43.536 2019 Local IPv6 address fe80::588d:c0ef:5820:9720
    Fri Nov  1 18:00:43.536 2019 Local interface enp35s0
    Fri Nov  1 18:00:43.536 2019 Local interface virbr0
    Fri Nov  1 18:00:43.536 2019 Local interface virbr0-nic
    Fri Nov  1 18:00:43.536 2019 Setting up network filter and lock
    Fri Nov  1 18:00:43.536 2019 OpenVPN profile has multiple remote directives. Temporarily adding remote servers to network filter.
    Fri Nov  1 18:00:43.536 2019 WARNING: Cannot resolve 2001:ac8:20:2b:fbca:14fa:873e:4051
    Fri Nov  1 18:00:43.536 2019 WARNING: Cannot resolve 2001:ac8:20:2c:463c:42f4:f700:3d77
    Fri Nov  1 18:00:43.536 2019 WARNING: Cannot resolve 2a00:c98:2050:a007:b750:ad0d:3df1:5950
    Fri Nov  1 18:00:43.536 2019 WARNING: Cannot resolve 2001:ac8:20:99:744e:9a79:9f43:89c7
    Fri Nov  1 18:00:43.536 2019 WARNING: Cannot resolve 2a00:c98:2050:a02f:d4fa:1823:c0b2:2a77
    Fri Nov  1 18:00:43.536 2019 WARNING: Cannot resolve 2a02:c205:0:1031:79f8:734d:afb7:43c
    Fri Nov  1 18:00:43.536 2019 WARNING: Cannot resolve 2a00:c98:2050:a02f:b240:4a82:7fb6:af29
    Fri Nov  1 18:00:43.536 2019 WARNING: Cannot resolve 2001:ac8:20:97:ec6c:776:1763:3ee7
    Fri Nov  1 18:00:43.536 2019 WARNING: Cannot resolve 2001:ac8:20:98:5307:a6cf:d139:d129
    Fri Nov  1 18:00:43.536 2019 WARNING: Cannot resolve 2001:ac8:20:2a:fa58:8bc5:ea41:6ecc
    Fri Nov  1 18:00:43.536 2019 WARNING: Cannot resolve 2001:ac8:20:9a:9a5a:d9af:457a:bae8
    Fri Nov  1 18:00:43.536 2019 WARNING: Cannot resolve 2001:ac8:20:5:6000:4b07:7b1c:4c0
    Fri Nov  1 18:00:43.536 2019 WARNING: Cannot resolve 2a00:c98:2050:a02f:9a5:8bac:eb1d:d313
    Fri Nov  1 18:00:43.536 2019 WARNING: Cannot resolve 2001:ac8:20:96:b054:682e:3392:c1ff
    Fri Nov  1 18:00:43.536 2019 Allowing system DNS 192.168.110.22 to pass through the network filter
    Fri Nov  1 18:00:43.561 2019 Network filter and lock successfully activated
    Fri Nov  1 18:00:43.561 2019 Contacting [2001:ac8:20:2a:fa58:8bc5:ea41:6ecc]:443 via UDP
    Fri Nov  1 18:00:43.561 2019 EVENT: WAIT
    Fri Nov  1 18:00:43.561 2019 net_route_best_gw query IPv6: 2001:ac8:20:2a:fa58:8bc5:ea41:6ecc/128
    Fri Nov  1 18:00:43.562 2019 sitnl_route_best_gw result: via fe80::9a9b:cbff:fe6d:a378 dev enp35s0
    Fri Nov  1 18:00:43.562 2019 Fri Nov  1 18:00:43.562 2019 EVENT: DISCONNECTED
    Fri Nov  1 18:00:43.581 2019 Network filter successfully restored
    connect error: ipv4_exception: error parsing IPv4 address '2001:ac8:20:2a:fa58:8bc5:ea41:6ecc' : Invalid argument
    Thread finished
  19. Thanks
    Staff reacted to giganerd in AirVPN client based on OpenVPN 3.3 AirVPN   ...
    # --------------------------------------------------------
    # Air VPN | https://airvpn.org | Monday 3rd of December 2018 07:15:00 PM
    # OpenVPN Client Configuration
    # AirVPN_DE-Frankfurt_Ogma_UDP-443
    # --------------------------------------------------------

    client
    dev tun
    proto udp6
    resolv-retry infinite
    nobind
    persist-key
    persist-tun
    auth-nocache
    route-delay 5
    verb 3
    explicit-exit-notify 5
    push-peer-info
    setenv UV_IPV6 yes
    remote-cert-tls server
    cipher AES-256-CBC
    comp-lzo no
    key-direction 1
    remote-random
    pull-filter ignore "dhcp-option DNS"

    ### ROUTEN ###
    route 192.168.0.0 255.255.0.0 192.168.110.1

    # Ogma
    remote 2001:ac8:20:2b:fbca:14fa:873e:4051 443
    # Cervantes
    remote 2001:ac8:20:2c:463c:42f4:f700:3d77 443
    # Serpens
    remote 2a00:c98:2050:a007:b750:ad0d:3df1:5950 443
    # Mirfak
    remote 2001:ac8:20:99:744e:9a79:9f43:89c7 443
    # Veritate
    remote 2a00:c98:2050:a02f:d4fa:1823:c0b2:2a77 443
    # Mesarthim
    remote 2a02:c205:0:1031:79f8:734d:afb7:43c 443
    # Tucana
    remote 2a00:c98:2050:a02f:b240:4a82:7fb6:af29 443
    # Alsephina
    remote 2001:ac8:20:97:ec6c:776:1763:3ee7 443
    # Menkalinan
    remote 2001:ac8:20:98:5307:a6cf:d139:d129 443

    # unknown yet
    remote 2001:ac8:20:2a:fa58:8bc5:ea41:6ecc 443
    remote 2001:ac8:20:9a:9a5a:d9af:457a:bae8 443
    remote 2001:ac8:20:5:6000:4b07:7b1c:4c0 443
    remote 2a00:c98:2050:a02f:9a5:8bac:eb1d:d313 443
    remote 2001:ac8:20:96:b054:682e:3392:c1ff 443
     
  20. Thanks
    Staff reacted to colorman in AirVPN client based on OpenVPN 3.3 AirVPN   ...
    interesting, we are going to test on openSUSE 15.1.

    Thanks GJ
    no problems so far, only internet a bit slow
     
  21. Like
    Staff got a reaction from Pi77Bull in AirVPN client based on OpenVPN 3.3 AirVPN   ...
    Hello!

    We are very glad to introduce a new client software for Linux 64 bit and Linux Raspbian 32 bit (which is frequently installed in Raspberry PI), based on our own AirVPN OpenVPN 3 library.

    The software is an initial and temporary step toward a more refined product to meet right now various demands by many Linux and *BSD users. It does not have a code name yet, and it is just "AirVPN OpenVPN 3 client" at the moment. It will evolve in to an integrated client and daemon targeting Linux, Mac, OpenBSD and FreeBSD platforms.

    Main features:
    lightweight and stand alone binary no heavy framework required, no GUI tiny RAM footprint (less than 3 MB currently) lightning fast based on OpenVPN 3 library fork by AirVPN with tons of critical bug fixes from the main branch, new ciphers support and never seen before features ChaCha20-Poly1305 cipher support on both Control and Data Channel providing great performance boost on Raspberry PI and any Linux-based platform not supporting AES-NI robust leaks prevention through Network Lock based either on iptables or nftables through automatic detection proper handling of DNS push by VPN servers, working with resolv.conf as well as any operational mode of systemd-resolved additional features
    Versions for Mac, FreeBSD and OpenBSD will follow in the near future.

    The software is currently in alpha stage and it must be therefore and implicitly considered unstable and under development. Source code will be made public at the release of a stable version. If you wish to test, feel free to download the binaries here and report in this very thread any bug, glitch and anything you wish:

    Linux 64 bit version: https://eddie.website/repository/eddie/airvpn-static1.0alpha/airvpn-static-linux-1.0-alpha2.tar.gz

    Raspbian 32 bit version: https://eddie.website/repository/eddie/airvpn-static1.0alpha/airvpn-static-raspberry-1.0-alpha2.tar.gz
      How to install AirVPN client for Linux x86_64 and Raspberry
    Requirements
    ------------

    Linux x86-64 CPU/architecture A reasonably recent 64 bit Linux distribution tar sha512sum (optional)
    Raspberry Linux Raspbian distribution tar sha512sum (optional)   Linux Installation
    ------------------
    Download airvpn-static-linux-1.0-alpha2.tar.gz [optional] Download airvpn-static-linux-1.0-alpha2.tar.gz.sha512 This file is required to check the integrity of the above tar archive. It is not mandatory but it is strongly advised to download this file and check the tar archive [optional] Open a terminal window [optional] Check the integrity of the tar archive by issuing this command: "sha512sum --check airvpn-static-linux-1.0-alpha.tar.gz.sha512" (without quotes) [optional] Make sure the command responds with "airvpn-static-linux-1.0-alpha.tar.gz: OK" Change your current directory to a convenient place, such as your home directory. This can be done by issuing the command "cd ~" (without quotes) Extract the tart archive by issuing this command on your terminal window: tar xvf airvpn-static-linux-1.0-alpha.tar.gz The process will create a directory airvpn-static-linux-x86_64 Issue the "cd airvpn-static-linux-x86_64" (without quotes) [optional] Check the integrity of the binary file airvpn. Issue this command from your terminal window: sha512sum --check airvpn.sha512" (without quotes) [optional] Make sure the command responds with "airvpn: OK" [optional] Check dynamic library availability. Issue the command "ldd airvpn" and make sure all the required dynamic libraries are available. No line of the output must contain "not found" the Linux client is now ready to be used and possibly copied to a different directory of your system. Please note the client needs root privileges. Your user must therefore be included in your system's "sudoers" (depending on specific Linux distribution)   Raspberry/Raspbian Installation
    -------------------------------
      Download airvpn-static-raspberry-1.0-alpha2.tar.gz [optional] Download airvpn-static-raspberry-1.0-alpha2.tar.gz.sha512 This file is required to check the integrity of the above tar archive. It is not mandatory but it is strongly advised to download this file and check the tar archive [optional] Open a terminal window [optional] Check the integrity of the tar archive by issuing this command: "sha512sum --check airvpn-static-raspberry-1.0-alpha.tar.gz.sha512" (without quotes) [optional] Make sure the command responds with "airvpn-static-raspberry-1.0-alpha.tar.gz: OK" Change you current directory to a convenient place, such as your home directory. This can be done by issuing the command "cd ~" (without quotes) Extract the tart archive by issuing this command on your terminal window: tar xvf airvpn-static-raspberry-1.0-alpha.tar.gz The process will create a directory airvpn-static-raspberry Issue the "cd airvpn-static-raspberry" (without quotes) [optional] Check the integrity of the binary file airvpn. Issue this command from your terminal window: sha512sum --check airvpn.sha512" (without quotes) [optional] Make sure the command responds with "airvpn: OK" [optional] Check dynamic library availability. Issue the command "ldd airvpn" and make sure all the required dynamic libraries are available. No line of the output must contain "not found" the Raspberry/Raspbian client is now ready to be used and possibly copied to a different directory of your system. Please note the client needs root privileges. Your user must therefore be included in your system's "sudoers"   Running the Client
    ------------------

    Run the client and display its help and become familiar with its options. From your terminal window issue this command:

      sudo ./airvpn --help
    After having entered root password, the client responds with:
      AirVPN OpenVPN 3 Client 1.0 alpha 1 usage: ./airvpn [options] <config-file> [extra-config-directives...] --help, -h : show this help page --version, -v : show version info --eval, -e : evaluate profile only (standalone) --merge, -m : merge profile into unified format (standalone) --username, -u : username --password, -p : password --response, -r : static response --dc, -D : dynamic challenge/response cookie --cipher, -C : encrypt packets with specific cipher algorithm (alg) --proto, -P : protocol override (udp|tcp) --server, -s : server override --port, -R : port override --ncp-disable, -n : disable negotiable crypto parameters --network-lock, -N : enable/disable network filter and lock (on|off, default on) --gui-version, -E : set custom gui version (text) --ignore-dns-push, -i : ignore DNS push request and use system DNS settings --ipv6, -6 : IPv6 (yes|no|default) --timeout, -t : timeout --compress, -c : compression mode (yes|no|asym) --pk-password, -z : private key password --tvm-override, -M : tls-version-min override (disabled, default, tls_1_x) --tcprof-override, -X : tls-cert-profile override (legacy, preferred, etc.) --proxy-host, -y : HTTP proxy hostname/IP --proxy-port, -q : HTTP proxy port --proxy-username, -U : HTTP proxy username --proxy-password, -W : HTTP proxy password --proxy-basic, -B : allow HTTP basic auth --alt-proxy, -A : enable alternative proxy module --dco, -d : enable data channel offload --cache-password, -H : cache password --no-cert, -x : disable client certificate --def-keydir, -k : default key direction ('bi', '0', or '1') --force-aes-cbc, -f : force AES-CBC ciphersuites --ssl-debug : SSL debug level --google-dns, -g : enable Google DNS fallback --auto-sess, -a : request autologin session --auth-retry, -Y : retry connection on auth failure --persist-tun, -j : keep TUN interface open across reconnects --peer-info, -I : peer info key/value list in the form K1=V1,K2=V2,... --gremlin, -G : gremlin info (send_delay_ms, recv_delay_ms, send_drop_prob, recv_drop_prob) --epki-ca : simulate external PKI cert supporting intermediate/root certs --epki-cert : simulate external PKI cert --epki-key : simulate external PKI private key --recover-network : recover network settings after a crash or unexpected exit
    The client needs a valid OpenVPN profile in order to connect to a server. You can create an OpenVPN profile by using the config generator available at airvpn website in your account "Client Area"

    To start a connection:

        sudo ./airvpn your_openvpn_file.ovpn
    To stop a connection, just type CTRL+C. The client will initiate the disconnection process and will restore your original network settings according to your options.


    To start a connection with a specific cipher:

        sudo ./airvpn --ncp-disable --cipher CHACHA20-POLY1305 your_openvpn_file.ovpn
    Please note, in order to properly work, the server you are connecting to must support the cipher specified with the "--cipher" option. If you wish to use CHACHA20-POLY1305 cipher, you can find AirVPN servers supporting it in our real time servers monitor https://airvpn.org/status : they are marked in yellow as "Experimental ChaCha20".

    To disable the network filter and lock: sudo ./airvpn --network-lock off your_openvpn_file.ovpn
    To ignore the DNS servers pushed by the VPN server:
      sudo ./airvpn --ignore-dns-push your_openvpn_file.ovpn
    Please note: the above options can be combined together according to their use and function.

      Note on network filter and lock
    -------------------------------

    The client's network filter and lock uses natively iptables and nftables. The client will automatically use the infrastructure available on your system. Please note: services firewalld and ufw may interfere with the client's network filter and lock and you are strongly advised to not issue any firewall related command while the VPN connection is active.
      Note on DNS
    -----------

    The client currently supports both resolv.conf and systemd-resolved service. When the client is running you are strongly advised to not issue any resolved related command (such as resolvectl) or change the resolv.conf file in order to make sure the system properly uses DNS pushed by the VPN server. Please note: DNS system settings are not changed in case the client has been started with "--ignore-dns-push". In this specific case, the connection will use your system's DNS.
    Recover your network settings
    -----------------------------

    The client is currently in alpha stage and it must be therefore and implicitly considered unstable and under development. In case the client crashes or it is killed by the user (i.e. kill -9 `pidof airvpn`) as well as in case of system reboot while the connection is active, the system will keep and use all the network settings determined by the client; hence, your network connection will not work as expected, every connection is refused and the system will seem to be "network locked". To restore and recover your system network, you can use the client with the "--recover-network" option
      sudo ./airvpn --recover-network

    Please note in case of crash or unexpected exit, when you subsequently run the client it will warn you about the unexpected exit and will require you to run it again with the "--recover-network" option. It will also refuse to start any connection until the network has been properly restored and recovered.


    Kind regards and datalove
    AirVPN Staff




     
  22. Like
    Staff reacted to air521745 in AirVPN becomes an EFF Super Major Donor   ...
    Just wanted to add my thanks as well. Private companies are under no such obligations, so every gesture in helping out like this is really appreciated.
    Couldn't find Air's banner on the EFF's Thanks page though, so make sure they actually add it at some point.

    Next stop; FSFE.org.
  23. Like
    Staff reacted to Flic in AirVPN becomes an EFF Super Major Donor   ...
    Now this is great news. Well done Air.
    I have done lots of checking up on EFF, and I am a fan of their work.
    Now it feels to me that your 'super contributions' to EFF includes just a little bit from me via my Air subscription.... ... I like it 
  24. Like
    Staff got a reaction from Flic in AirVPN becomes an EFF Super Major Donor   ...
    Hello!

    We proudly announce that today AirVPN has become an Electronic Frontier Foundation "Super Major Donor".

    The Electronic Frontier Foundation is the leading nonprofit organization defending civil liberties in the digital world. Founded in 1990, EFF champions user privacy, free expression, and innovation through impact litigation, policy analysis, grassroots activism, and technology development. We work to ensure that rights and freedoms are enhanced and protected as our use of technology grows. https://www.eff.org

    Check our mission page: https://airvpn.org/mission

    Kind regards and datalove
    AirVPN Staff
     
  25. Like
    Staff reacted to maxx0r in Spooky Halloween Deals   ...
    Thanks, Guys! Renewed for another year.
×
×
  • Create New...