Jump to content
Not connected, Your IP: 44.222.90.25

Search the Community

Showing results for tags 'Ubuntu'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • AirVPN
    • News and Announcement
    • How-To
    • Databases
  • Community
    • General & Suggestions
    • Troubleshooting and Problems
    • Blocked websites warning
    • Eddie - AirVPN Client
    • DNS Lists
    • Reviews
    • Other VPN competitors or features
    • Nonprofit
    • Off-Topic
  • Other Projects
    • IP Leak
    • XMPP

Product Groups

  • AirVPN Access
  • Coupons
  • Misc

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Website URL


Twitter


Mastodon


AIM


MSN


ICQ


Yahoo


XMPP / Jabber


Skype


Location


Interests

Found 98 results

  1. Personally I'm using gufw for linux, and it works very well. However, it's important to remember that gufw is just a graphical frontend for ufw, and ufw, in turn, is just a friendlier system for manipulating IPTABLES (which is again a system for manipulating netfilter directly in the running kernel). Gufw is perhaps over simplified, which is why I find it not really that great for anything else than providing an overview of your rules and turning the firewall on an off. With regards to firestarter, I have tried it once, but I didn't really have any good experience with it, since, as you guys have already posted, it seems rather poorly coded and does some odd things when manipulating IPTABLES. What I found invaluable about ufw is its ability to specify rules based on interface and its simplictity even though its quite powerful. This was my main motivation for using it over other solutions like Firestarter, and Shorewall was too complicated for my taste. My rule approach goes like this: Allow connections OUT to AirVPN servers I use the most (for connecting/reconnecting to the AirVPN service, entry IP's, marked RED on the screenshot) Allow connections OUT FROM the tun0 interface TO anywhere (when I'm connected, this is the interface used to communicate to the Internet, marked GREEN on the screenshot) Allow connections (UDP/TCP) IN TO the tun0 interface to a specific port (to enable AirVPN's port forwarding feature, marked BLUE on the screeshot) Allow connections IN FROM the 192.168.1.0/24 network TO the eth0 interface (enable home networking. Notice how it's on a different interface, YELLOW) Allow connections OUT FROM the eth0 interface TO the 192.168.1.0/24 network (enable home networking, also on the eth0 interface, YELLOW) Block ALL other traffic (by choosing DENY/DENY in gufw) When the VPN drops (and the tun0 interface is disabled), the only connections allowed OUT from the computer are to the AirVPN server IP's (to reconnect) and the local 192.168.1.0/24 network (to still function in the LAN). And the only connections allowed TO the computer are from the local network as well. No leaks. Now, the gufw GUI doesn't allow for specifying the interface (remember, it's over simplified), so to do that, it's necessary to use ufw directly. Gufw can, however, display the rules when created by ufw. For example: "sudo allow out on tun0 from any to any" - is quite straightforward, and of course creates the rule that allows for communication TO the Internet when connected to AirVPN. "sudo allow in on tun0 from any to any port xxxxx" - enables the port forwarding feature by allowing packets to the specified port on the tun0 interface to pass through. Tips: - the order of the rules is very important - mimic mine on the screenshot attached - to add rules in a specific order from the command line, use "insert x": "sudo insert 3 allow in on tun0 from any to any port xxxxx" - inserts the rule at the 3rd position and moves rules below it downward, includin the previous rule nr 3. - when adding rules via the commandline, press F5 in gufw to force a refresh and view the newly added rule - the UFW manual is well worth reading, although you may not need any more information than offered in this post - with this approach, you're blocking multicasting addresses possibly forwarded by your router. Just a thing to have in mind in case you need it; it is of couse easily remedied by creating a new rule allowing the address(es). Let me know how this works for ya
  2. last Thursday (31st of August), I installed hummingbird on a mini-PC with Ubuntu 23.04 as described on the download page. Using the generated OVPN file as argument, I started hummingbird successfully. And according to ipleak.net, everything looked fine. After a couple of hours, I noticed that hummingbird kept trying to reconnect. I stopped hummingbird, and at first glance, there was not network connection. It was late, so I shut the PC down. The next day, I booted the mini-PC and noticed that DNS was broken. I could ping the router, ping the other PC connected to the router, but there was no name resolution. It appears I can ping an IP address like 5.196.64.52, but not www.airvpn.org. At this point, I must admit my understanding of DNS resolution on Ubuntu is very limited. I don't know how to proceed to diagnose and solve the problem. My initial thought was that hummingbird did not shut down properly and left the system in a state where DNS is broken... except I don't know if that is even possible. Could you point me to a resource with the steps to follow for addressing the problem? What do I need to look at, in what order? Do I need to disable something? Enable something? Reinstall something?
  3. Hi there, Long time hassle-free AirVPN user with a first troubleshooting request after switching from Eddie-UI to the Bluetit stack (love your work!) Looks as though the two processes are fighting for `/etc/resolv.conf` and causing issues with DNS. NetworkManager will rewrite the file on a Wi-Fi network change, causing loss of connectivity as local DNS is disallowed by the network lock. Can be worked around by stopping the Bluetit service, toggling Wi-Fi, then re-enabling; but this is tedious to repeat if the network is at marginal signal strength. Is there a way to configure NetworkManager not to mess with DNS? I think that would largely resolve the issue. But, in an ideal world I would be able to have NetworkManager still manage the DNS if Bluetit is not active so that I can still operate normally on local networks without routing through AirVPN if I choose to. Seems unlikely to be simple, but worth asking. Given that I am getting two warnings about DNS, I wonder if `systemd-resolved` could also be interfering and if there are other configuration steps I can take to ensure compatibility with it- ``` bluetit: WARNING: NetworkManager is running on this system and may interfere with DNS management and cause DNS leaks bluetit: WARNING: systemd-resolved is running on this system and may interfere with DNS management and cause DNS leaks ``` I also wonder whether use of Goldcrest could avoid some of these problems. Personally I have not understood the need for the utility and have been interacting with Bluetit directly via systemctl and `/etc/airvpn/bluetit.rc`. As far as I can tell, Goldcrest just moves configuration stuff out of the `.rc` file into CLI args?
  4. Hi, After many hours of trying to fix this, I am asking for help. I uninstalled Eddie from Ubuntu 22.04 and I think the Network Lock was on. Now, there is no internet access and I can't reinstall the eddie-ui_2.21.8_linux_x64_debian.deb because it requires other packages that I can't download. I've tried: sudo iptables -F and sudo ip6tables -F and rebooted multiple times with no luck. Any help is appreciated! Thank you.
  5. When I run the eddie client on my laptop with ubuntu 16.04, and network lock activated and allow LAN/private ticked in preferences (see attached), some services will connect, e.g. emby and others will not, e.g. KDEconnect. When eddie is not running I can connect. I saw that on this thread https://airvpn.org/topic/29634-wonky-lan-access/ someone was maybe having a similar with MAC and wondered if there was a workaround for ubuntu/linux? I am not very technical and only understand about 5% of what I'm reading on these forums so need it simple, apologies if asking for the impossible!!
  6. Hey. I'm running OpenVPN 2.3.2 on Ubuntu server 14.04 in a VirtualBox 5.0.14 instance on a Win-64 box to connect to AirVPN using the config file generated from the AirVPN site. The VirtualBox instance is bridged to my host NIC using a PCnet-FAST III driver in Ubuntu. Set to auto-start with the AirVPN config file as the default in /etc/openvpn so I control it with service stop / start. The tunnel will work for somewhere between 1 and 6 hours and then it will remain established but no traffic will move through it. I've tried adding keepalive 10 60 to the config but no change. I've anecdotally seen that it could be related to interruption in the internet connection. How can I either a. get the openvpn service to withstand internet connectivity interruptions or b. cron a script to test and if fail restart the openvpn service. FYI I'm reasonably strong technically but my Linux skill is newbie.
  7. Hello, I'm using Ubuntu for the very first time on my new raspberry pi 4 B and I'm struggling to install the Eddie Client 2.16.3. When "choosing my flavor" of Eddie I'm selecting "Linux", then "ARM Raspberry PI", then "Debian / Ubuntu". I then get an error come up "Error: Wrong architecture 'armhf' -- Run dpkg -- add-architecture to add it and update afterwards". I must be doing something wrong somewhere? Help please! Thank you
  8. Ed. actually see my latest reply to this topic for some python code to modify all all your ovpn files at once ---------- Hi all - inspired by some other threads I've been involved in here is part 1 of my Ubuntu setup - please don't hesitate to correct or comment: The OS ====== I use Ubuntu 16.04.5 LTS. I don't use 18.04 LTS as I have found it difficult get it set up just right. In particular I find preventing DNS leakage almost impossible. Software & Updates ================== Change the update server to the main server because you'll want to use apt while connected to your VPN and you don't want it connecting back to your country of origin's mirror GRUB ==== I modify /etc/default/grub thus: GRUB_CMDLINE_LINUX_DEFAULT="ipv6.disable=1 quiet splash" i.e. I disable ipv6 in GRUB as it's been my experience I cannot stop leaks and other unwanted peer communication whilever ipv6 is enabled. (don't forget to run update-grub after) UFW === This is my minimal ufw init script: ufw reset ufw enable ufw default deny incoming ufw allow in 67/udp # for DHCP ufw allow in 53/udp # DNS ufw deny out 22,23/tcp # deny telnet and ssh ufw reload ufw status verbose FIREFOX -P ========== In Terminal run firefox -P, create a new profile "maxprivacy" and deselect the option for the default profile. Find the section on WebRTC and further securing firefox at https://privacytools.io (i.e. go through all the instructions to modify the settings such as geo.enabled and webgl.disabled etc.) OPENVPN 2.4 =========== Ubuntu 16.04.5 doesn't come with OpenVPN 2.4 so you have to install it using the instructions here: https://community.openvpn.net/openvpn/wiki/OpenvpnSoftwareRepos AIRVPN CONFIG GENERATOR (https://airvpn.org/generator/) ======================================================= Check "Advanced Mode" Click Linux Check "Separate keys/certs from .ovpn file" Check "Resolved hosts in .ovpn file" <-- VERY IMPORTANT - STOPS YOUR ISP KNOWING YOU'RE CONNECTING TO AN AIRVPN SERVER Scroll down to where the "Entry IP" 3 and 4 are (i.e. we only want to use the servers with TLS encryption enabled) Select protocols UDP 443, 2018, 41185 for Entry 3 and Entry 4 Scroll down to where the individual servers are listed and click "Invert Selection" - now all the individual servers will be downloaded with resolved hostnames Scroll to bottom of page and select both checkboxes then click Generate On the generated settings page scroll all the way down till you see the ZIP file and download it. In Terminal: ------------ mkdir ~/mytemp && mkdir ~/mytemp/ovpntemp cd ~/mytemp/ovpntemp unzip ~/Downloads/AirVPN.zip rm ~/Downloads/AirVPN.zip chmod 600 *key # this makes sure only your user account can access your key files mkdir ~/.airvpn mv *key ~/.airvpn mv *crt ~/.airvpn # moving keys and certs to upper level directory - you only need one copy mkdir ~/.airvpn/UDP-443-TLS-PRI && mkdir ~/.airvpn/UDP-443-TLS-ALT mv Air*443*Entry3* ~/.airvpn/UDP-443-TLS-PRI mv Air*443*Entry4* ~/.airvpn/UDP-443-TLS-ALT repeat for ports 2018 and 41185 (i.e. make directories UDP-2018-TLS-PRI etc. and move the ovpn files) MODIFY OVPN FILES ================= This part is a little laborious unless you're handy with python or something to write a script to modify all your ovpn files. Basically before you connect to a particular server change the following lines in the ovpn file: ca "../ca.crt" # remember our key and crt files are one level above cert "../user.crt" key "../user.key" remote-cert-tls server cipher AES-256-CBC comp-lzo no proto udp tls-crypt "../tls-crypt.key" auth sha512 # the following part locks down the DNS when connected script-security 2 up /etc/openvpn/update-resolv-conf down /etc/openvpn/update-resolv-conf CONNECT TO VPN SERVER IN TERMINAL ================================= sudo openvpn <the ovpn file you just modified - be in the same directory as it> In the output you should see something like this: ... Mon Nov 12 18:53:38 2018 /etc/openvpn/update-resolv-conf tun0 1500 1553 x1.x2.x3.x4 255.255.255.0 init dhcp-option DNS y1.y2.y3.y4 Mon Nov 12 18:53:44 2018 /sbin/ip route add z1.z2.z3.z4/32 via m1.m2.m3.m4 Mon Nov 12 18:53:44 2018 /sbin/ip route add 0.0.0.0/1 via y1.y2.y3.y4 Mon Nov 12 18:53:44 2018 /sbin/ip route add 128.0.0.0/1 via y1.y2.y3.y4 Mon Nov 12 18:53:44 2018 Initialization Sequence Completed ... but CHECK THE DNS resolver using dig: dig www.ubuntu.com ... ;; Query time: 422 msec ;; SERVER: y1.y2.y3.y4#53(y1.y2.y3.y4) <-- if you see 127.0.0.1 here something is wrong! ;; WHEN: Mon Nov 12 20:02:37 AEDT 2018 ;; MSG SIZE rcvd: 59 CHECK YOU HAVE NO DNS LEAKAGE and WebRTC is DISABLED ==================================================== Run firefox and select the maxprivacy profile https://ipleak.net/ https://dnsleaktest.com/ (run exteneded tests) Also in a separate terminal window you can run: sudo tcpdump -v -n 'port 53' -i tun0 which will show you all DNS resolution - you should only see server y1.y2.y3.y4 being used ----------- This is a work in progress - I'm yet to add sections for setting up rtorrent and running Tor browser ----------- DISCLAIMER: I have no formal training in Linux everything i know I've learnt from books or online. If I am in error anywhere don't hesitate to let me know - I welcome constructive feedback
  9. To connect I usually just download an .ovpn file and type in terminal "sudo openvpn <.ovpn file>" and the connection works. Or I go to gnome connection manager and "import saved configuration", import the .ovpn file and use that to connect graphically. However, I have noticed other vpn providers - they only provide these .ovpn files for Android. For ubuntu linux set ups they recommend manually importing the certificates and changing the settings in the advanced settings manually. Is there a difference in these methods? is one method more secure ? is it okay to just import a whole saved configuration from an .ovpn file for ubuntu linux, rather than manually entering the certificate etc ?
  10. Hi it seems that on Ubuntu 16.04 LTS, Eddie2.16.3 uses OpenVPN client:2.3.10. anyway to force using the airvpn openvpn/stunnel version instead?
  11. I bought an Ubuntu phone mainly because of privacy concerns I have with IOS & Android. I was disappointed to see that they don't have the built in support for Network Manager like the Ubuntu desktop does, is it possible to run Airvpn on the Ubuntu EQ5 phone?
  12. ​ ​ ​Hi, ​ ​I went to this page https://airvpn.org/linux/ selected Linux, 64bit, Debian/Ubuntu, Graphical UI, and then downloaded the file "eddie-ui_2.12.4_linux_x64_debian.deb". ​ ​So then I right clicked & selected "open with software install"​, then selected "Install" and nothing happens. It does not install. ​ I'm new to Ubuntu/Linux and I'm just wondering if someone can point me to a guide or can help me solve this issue. On OS X its just a matter installing it and signing in, simple. Not so simple with Ubuntu. ​ ​Thanks ​ ​ ​
  13. Platform: Ubuntu 16.04 Eddie version 2.16.3 (same behaviour on 2.16.1) Recently my VPN connection has started breaking down at irregular intervals (sometimes within 24 hours of a successful reconnect, sometimes after a few days). I only see a simple error pop-up displayed, telling me that there is "no server available". There are still servers listed in the overview, but I'm not able to automatically or manually reconnect until I force quit Eddie altogether and restart. After that, it works normally again - until the next drop. The behavior started about a 1-2 months ago, when I was still using Eddie 2.16.1, but has continued after a recent upgrade to 2.16.3. Log file attached; saved after the most recent occurrence. Eddie_20181115_092221.txt
  14. I'm getting this https://i.imgur.com/QsHdko8.png when I click hide main window it stays on the desktop which is annoying can't make it disappear when I press show interface the normal interface shows up just fine Ubuntu 18.04 updated
  15. I upgraded my ubuntu to 18.10 from 18.04 yesterday and the eddie airvpn client no longer seems to work, is this a current known issue to be resolved? or will it no longer be supported on ubuntu going forward?
  16. Hi I am using eddie-ui 2.14.5 on ubuntu 18.04. I was used to start eddie from the terminal using the command: eddie-ui -cli -netlock -connect Then when i wanted to disconnect, I used to do Ctrl+c and it would shutdown the connection and then kill the process. But now using ctrl+c doesn't work anymore. It just get me back to the terminal but the process is still running in the background. I need to use "pkill -f eddie" to kill the process. Is this normal or is this a bug? I tried on Kali and i have the same issue. thanks
  17. Hi everyone, I would like to set up a local webserver on a VM that is accessible through a public URL while sitting behind airvpn. Here is what I have got: QNAP NAS with Ubuntu 16.04 Server VM up and running (LAMP Server)PFSENSE Router that holds the openvpn connection to airvpn for all devices passing through the routerDnamic URL through https://www.dynu.com resolving to airvpn IP NOTE: I live in a restricted country where domains such as those of VPN providers are blocked (so I can't easily portforward and create a dynamic URL with a airvpn TLD.. QUESTION: is there a way I can have this setup work (and if so, how)? mydomain.com => AIRVPN => PFSENSE => VM (https and https, possibly also S/FTP and SSH) Most guides speak about the port forwarding with a URL that contains the airvpn domain name. I can't use that as mentioned above... Thanks for your support, I'll probably still need to setup the firewall rules on pfsense but that's the easier part I believe...
  18. Hello I have a very strange problem with my Windows 10 laptop. I try to make a VPN chain. My host OS is a freshly and clean installed Windows 10 Professional without any third party antivirus or firewall installed. I set up an Ubuntu virtual machine in vmware workstation player with NAT network setting. I can successfully connect to the first VPN server on my host OS and start up the virtual machine. When I go to ipleak.net (in the Ubuntu guest OS) i can see the ip address from the first VPN server, so far so good. But when I try to fire up the eddie client in the Ubuntu guest OS and make the second VPN connection it's always stuck on checking route and it fails to connect. After that, I tried to disable the VPN connection on my host OS. I can now make a VPN connection inside the Ubuntu guest OS without any errors. So, a VPN connection is possible on the host and guest OS, but chaining doesn't work. I tried exactly the same on my friends Windows 10 host machine and it worked right away. Why it doesn't on my Windows 10 Laptop?
  19. Trying to install it using the .deb package gives dependencies error. Using the portable version asks for "gksu" package. But afaik gksu has been removed from Ubuntu 18.04. Anyone who has got it to run?
  20. I currently running version 2.13.6 on Ubuntu Mate 16.04 in a Virtual Box machine on Windows 7 host. Ive been running this setup for a year or so with no real issues, but today I have experienced a very strange situation. As usual I connect to a USA server and have Network Lock activated at startup, I start my downloading, lock my machine and walk away for a while. Today when I came back after about an hour my Eddie client was not running at all, nor was the network lock active as I could still browse the web. Its as if I never started the Eddie client at all. I have experienced this only once before around 6 months ago but thought nothing of it. I have had Eddie crash in the past but the Network Lock would remain active and would require me to reboot the Virtual Machine and restart the Eddie client which would then take back control of the IPTables. Anyone else have this issue?
  21. Since yesterday I cant connect to any address without using Eddie. I deactivated network lock but I'm still not able to connect. IPtables state: sudo iptables --list Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination sudo ip6tables --list Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Content of /etc/resolv.conf: # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8) # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN # 127.0.0.53 is the systemd-resolved stub resolver. # run "systemd-resolve --status" to see details about the actual nameservers. nameserver 127.0.0.53 Also ping to any address isnt working: ping: google.com: Name or service not known The connection through Eddie in any server of airVPN works without any troubles. Any ideas what is wrong?
  22. running headless eddie 2.12.4 on ubuntu 14.04 using this command sudo /usr/bin/airvpn -cli -login='xxx' -password='xxx' -connect -netlock i got hit with a dmca notice on my server ip. i checked logs and saw that the vpn disconnected for a moment and it looks like the netlock did not work as the real ip was exposed.
  23. Hello, I've seen a few forum posts on this topic, but nothing that provides consistent direction. Setting up an Ubuntu server that's command line only (no GUI.) There seem to be a few options here to: 1. Connect the VPN on boot. 2. Lock traffic if the VPN drops. You could use Eddie via CLI and set it up to run on boot. You could call a generated openvpn config directly on boot and add appropriate iptables rules. Is one method preferred over the other from a security perspective? Does anyone have a good list of iptables rules I could combine with auto-launching openvpn if Eddie is not used? I could copy the rules applied by Eddie, but those are dynamically updated based on the AirVPN server list it seems (to allow those connections). Thanks! Jeff
  24. Eddie on Ubuntu 17, first install attempt did not complete sucessfully, due to other packages not being installed first. I did not keep track of what order I tried what commands, unfortunately. before the reboot, I did however, after searching on the forms, do this: sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 3FA7E0328081BFF6A14DA29AA6A19B38D3D831EF echo "deb http://download.mono-project.com/repo/debian wheezy main" | sudo tee /etc/apt/sources.list.d/mono-xamarin.list sudo apt-get update then sudo apt-get install mono-complete After these otehr steps,, a reboot was required. After reboot, I tried again, and am prompted for root password, but then nothing else happens in terminal window. rebooted, tried again, no change. Thanks for any assistance
×
×
  • Create New...