Jump to content
Not connected, Your IP: 18.206.14.36

Search the Community

Showing results for tags 'Eddie'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • AirVPN
    • News and Announcement
    • How-To
    • Databases
  • Community
    • General & Suggestions
    • Troubleshooting and Problems
    • Blocked websites warning
    • Eddie - AirVPN Client
    • DNS Lists
    • Reviews
    • Other VPN competitors or features
    • Nonprofit
    • Off-Topic
  • Other Projects
    • IP Leak
    • XMPP

Product Groups

  • AirVPN Access
  • Coupons
  • Misc

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Website URL


Twitter


Mastodon


AIM


MSN


ICQ


Yahoo


XMPP / Jabber


Skype


Location


Interests

Found 271 results

  1. I just today updated Eddie to latest 2.21.8 on Win10 Home x64 (21H2 build ID 19044.1706) and now i cannot connect - i am getting a netsh error 1 every single time I DID start logging after about 5 errors and i let it log the fails on run about 10-15 more times lol i am not able to connect to ANY AirVPN servers! Eddie and AirVPN BOTH WORKED GREAT last week or 2 weeks ago when i last logged in, BEFORE i upgraded. Should i DOWNGRADE Eddie? that is my next try... but i'd rather wait to have an expert read my logfiles here?? i did recently upgrade my network drivers, and i replaced a CPU and my video card, and upped my memory and added a new SSD drive -- could that have affected it? --- Log file attached what do i need to do? Thanks so much eddie_2022-05-27.log
  2. I cannot choose another server in Eddie. There is no option to do so. Could you please help me with that. Adding a screenshot
  3. I have a mac running MacOS 12.3 that shares internet to other devices. Eddie 2.20 is installed on the mac, however once eddie is turned on internet sharing stops working. With the network lock on, the other devices are blocked from everything - the internet and local things like screen sharing. With network lock off, the internet works but local things are hit or miss. What are the best settings for eddie to get internet sharing to work? I don't care if the other devices go through the tunnel or not, I just care that they have access to the internet and local network. Thank you!
  4. Hey guys Long term user of AirVPN here. I love it, never EVER had any issues with it. I currently use on a media server that sits in the corner of a room. No monitor, etc. I use TeamViewer to connect to the machine (Peppermint Linux) and connect Eddie. When I activate the network lock, over TeamViewer, the connection stays up and I can click the "Connect to recommended server" no problem. However, when I'm finished, and I disconnect Eddie, the TeamViewer connection drops and I cannot use it to deactivate the network lock (clearly because the network lock has stopped TeamViewer from connecting) My questions are: Why doesn't activating the network lock block TeamViewer before connecting (although I'm not overly fussed about knowing why) Is there a way of telling the network lock to allow connections from the LAN? At least if TeamViewer dropped off, I could then perhaps SSH in from another machine and deactivate the network block, for instance Anyway, its a pure annoyance, and not really AirVPN's fault - its doing its job. I'd just like to know if there is a solution, currently I have to hard reset the server when it happens (I could turn on the monitor but more often than not, it doesn't receive a signal from the graphics card - dodgy GVX card I think) I'm using Eddie 2.19.7 Thanks in advance, uwu73
  5. Hi, I am taking the test here https://www.dnsleaktest.com Both 'standard test' and 'extended test' list my AirVPN server along with 1-4 DNS servers of my ISP provider (I can provide screenshot if needed). 'Reset to Default Settings' and reboot was performed before the final test and post here. There is no other VPN installed/used right now. Some info: * Eddie UI Logs: . 2022.03.09 21:15:39 - Eddie version: 2.21.5beta / linux_x64, System: Linux, Name: Arch Linux, Version: Linux myhostname 5.16.13-arch1-1 #1 SMP PREEMPT Tue, 08 Mar 2022 20:07:36 +0000 x86_64 GNU/Linux, Mono/.Net: 6.12.0 (makepkg/c621c35ffa0 Thu Jun 17 02:48:02 PM -03 2021); Framework: v4.0.30319 . 2022.03.09 21:15:39 - Command line arguments (2): path.resources="/usr/share/eddie-ui" path.exec="/usr/bin/eddie-ui" . 2022.03.09 21:15:39 - Raise system privileges . 2022.03.09 21:15:46 - Reading options from /home/myuser/.config/eddie/default.profile . 2022.03.09 21:15:47 - OpenVPN - Version: 2.5.5 - OpenSSL 1.1.1m 14 Dec 2021, LZO 2.10 (/usr/bin/openvpn) . 2022.03.09 21:15:47 - SSH - Version: OpenSSH_8.9p1, OpenSSL 1.1.1m 14 Dec 2021 (/usr/bin/ssh) I 2022.03.09 21:15:47 - SSL - Not available . 2022.03.09 21:15:47 - curl - Version: 7.82.0 (/usr/bin/curl) . 2022.03.09 21:15:47 - Recovery. Unexpected crash? . 2022.03.09 21:15:47 - IPv6 restored on network adapter (eno2) . 2022.03.09 21:15:47 - IPv6 restored on network adapter (ipv6leakintrf0) . 2022.03.09 21:15:47 - IPv6 restored on network adapter (wlo1) ! 2022.03.09 21:15:47 - Deactivation of Network Lock I 2022.03.09 21:15:50 - Ready . 2022.03.09 21:15:51 - Collect information about AirVPN completed I 2022.03.09 21:15:58 - Session starting. I 2022.03.09 21:15:58 - Checking authorization ... W 2022.03.09 21:15:59 - The server supports IPv6, but IPv6 is disabled at OS level. You need to re-enable it manually (reboot is required) or disable this warning by setting Preferences > Networking > Layer IPv6: Block. W 2022.03.09 21:15:59 - 'Preferences > Networking > Layer IPv6' automatically switched to 'Block'. . 2022.03.09 21:15:59 - IPv6 disabled on network adapter (eno2) . 2022.03.09 21:15:59 - IPv6 disabled on network adapter (wlo1) ! 2022.03.09 21:15:59 - Connecting to Lacaille (Singapore, Singapore) . 2022.03.09 21:15:59 - Routes, add 209.58.173.159/32 for interface "eno2". . 2022.03.09 21:15:59 - Routes, add 209.58.173.159/32 for interface "eno2", already exists. . 2022.03.09 21:15:59 - OpenVPN > OpenVPN 2.5.5 [git:makepkg/869f194c23ae93c4+] x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Dec 15 2021 . 2022.03.09 21:15:59 - OpenVPN > library versions: OpenSSL 1.1.1m 14 Dec 2021, LZO 2.10 . 2022.03.09 21:15:59 - OpenVPN > Outgoing Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key . 2022.03.09 21:15:59 - OpenVPN > Outgoing Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication . 2022.03.09 21:15:59 - OpenVPN > Incoming Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key . 2022.03.09 21:15:59 - OpenVPN > Incoming Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication . 2022.03.09 21:15:59 - OpenVPN > TCP/UDP: Preserving recently used remote address: [AF_INET]209.58.173.159:443 . 2022.03.09 21:15:59 - OpenVPN > Socket Buffers: R=[212992->212992] S=[212992->212992] . 2022.03.09 21:15:59 - OpenVPN > UDP link local: (not bound) . 2022.03.09 21:15:59 - OpenVPN > UDP link remote: [AF_INET]209.58.173.159:443 . 2022.03.09 21:15:59 - OpenVPN > TLS: Initial packet from [AF_INET]209.58.173.159:443, sid=0ef8b0c3 c6186b17 . 2022.03.09 21:15:59 - OpenVPN > VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org . 2022.03.09 21:15:59 - OpenVPN > VERIFY KU OK . 2022.03.09 21:15:59 - OpenVPN > Validating certificate extended key usage . 2022.03.09 21:15:59 - OpenVPN > ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication . 2022.03.09 21:15:59 - OpenVPN > VERIFY EKU OK . 2022.03.09 21:15:59 - OpenVPN > VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=Lacaille, emailAddress=info@airvpn.org . 2022.03.09 21:16:00 - OpenVPN > Control Channel: TLSv1.3, cipher TLSv1.3 TLS_CHACHA20_POLY1305_SHA256, peer certificate: 4096 bit RSA, signature: RSA-SHA512 . 2022.03.09 21:16:00 - OpenVPN > [Lacaille] Peer Connection Initiated with [AF_INET]209.58.173.159:443 . 2022.03.09 21:16:00 - OpenVPN > SENT CONTROL [Lacaille]: 'PUSH_REQUEST' (status=1) . 2022.03.09 21:16:00 - OpenVPN > PUSH: Received control message: 'PUSH_REPLY,comp-lzo no,redirect-gateway ipv6 def1 bypass-dhcp,dhcp-option DNS 10.28.34.1,dhcp-option DNS6 fde6:7a:7d20:1822::1,tun-ipv6,route-gateway 10.28.34.1,topology subnet,ping 10,ping-restart 60,ifconfig-ipv6 fde6:7a:7d20:1822::1034/64 fde6:7a:7d20:1822::1,ifconfig 10.28.34.54 255.255.255.0,peer-id 1,cipher AES-256-GCM' . 2022.03.09 21:16:00 - OpenVPN > Pushed option removed by filter: 'redirect-gateway ipv6 def1 bypass-dhcp' . 2022.03.09 21:16:00 - OpenVPN > Pushed option removed by filter: 'dhcp-option DNS 10.28.34.1' . 2022.03.09 21:16:00 - OpenVPN > Pushed option removed by filter: 'dhcp-option DNS6 fde6:7a:7d20:1822::1' . 2022.03.09 21:16:00 - OpenVPN > Pushed option removed by filter: 'tun-ipv6' . 2022.03.09 21:16:00 - OpenVPN > Pushed option removed by filter: 'ifconfig-ipv6 fde6:7a:7d20:1822::1034/64 fde6:7a:7d20:1822::1' . 2022.03.09 21:16:00 - OpenVPN > OPTIONS IMPORT: timers and/or timeouts modified . 2022.03.09 21:16:00 - OpenVPN > OPTIONS IMPORT: compression parms modified . 2022.03.09 21:16:00 - OpenVPN > OPTIONS IMPORT: --ifconfig/up options modified . 2022.03.09 21:16:00 - OpenVPN > OPTIONS IMPORT: route-related options modified . 2022.03.09 21:16:00 - OpenVPN > OPTIONS IMPORT: peer-id set . 2022.03.09 21:16:00 - OpenVPN > OPTIONS IMPORT: adjusting link_mtu to 1625 . 2022.03.09 21:16:00 - OpenVPN > OPTIONS IMPORT: data channel crypto options modified . 2022.03.09 21:16:00 - OpenVPN > Data Channel: using negotiated cipher 'AES-256-GCM' . 2022.03.09 21:16:00 - OpenVPN > Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key . 2022.03.09 21:16:00 - OpenVPN > Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key . 2022.03.09 21:16:00 - OpenVPN > TUN/TAP device tun0 opened . 2022.03.09 21:16:00 - OpenVPN > net_iface_mtu_set: mtu 1500 for tun0 . 2022.03.09 21:16:00 - OpenVPN > net_iface_up: set tun0 up . 2022.03.09 21:16:00 - OpenVPN > net_addr_v4_add: 10.28.34.54/24 dev tun0 . 2022.03.09 21:16:05 - OpenVPN > Initialization Sequence Completed . 2022.03.09 21:16:06 - DNS of the system updated to VPN DNS (Rename method: /etc/resolv.conf generated) . 2022.03.09 21:16:06 - Routes, add 0.0.0.0/1 for interface "tun0". . 2022.03.09 21:16:06 - Routes, add 128.0.0.0/1 for interface "tun0". . 2022.03.09 21:16:06 - Routes, add 209.58.173.138/32 for interface "tun0". . 2022.03.09 21:16:06 - Routes, skipped for 2001:df1:800:a00e:4::a44e : IPv6 blocked. . 2022.03.09 21:16:06 - Flushing DNS . 2022.03.09 21:16:06 - Flush DNS - nscd I 2022.03.09 21:16:06 - Checking route IPv4 I 2022.03.09 21:16:07 - Checking DNS ! 2022.03.09 21:16:09 - Connected Eddie's System Report: Eddie System/Environment Report - 3/9/2022 - 7:31 PM UTC Eddie version: 2.21.5beta Eddie OS build: linux_x64 Eddie architecture: x64 OS type: Linux OS name: Arch Linux OS version: Linux myhostname 5.16.13-arch1-1 #1 SMP PREEMPT Tue, 08 Mar 2022 20:07:36 +0000 x86_64 GNU/Linux OS architecture: x64 Mono /.Net Framework: 6.12.0 (makepkg/c621c35ffa0 Thu Jun 17 02:48:02 PM -03 2021); Framework: v4.0.30319 OpenVPN: 2.5.5 - OpenSSL 1.1.1m 14 Dec 2021, LZO 2.10 (/usr/bin/openvpn) Hummingbird: 3.3.2 - Hummingbird - AirVPN OpenVPN 3 Client 1.1.2 - 4 June 2021 (/usr/local/bin/hummingbird) WireGuard: 1.0.0 SSH: OpenSSH_8.9p1, OpenSSL 1.1.1m 14 Dec 2021 (/usr/bin/ssh) SSL: Not available curl: 7.82.0 (/usr/bin/curl) Profile path: /home/myuser/.config/eddie/default.profile Data path: /home/myuser/.config/eddie Application path: /usr/lib/eddie-ui Executable path: /usr/lib/eddie-ui/eddie-ui.exe Command line arguments: (2 args) path.resources="/usr/share/eddie-ui" path.exec="/usr/bin/eddie-ui" Network Lock Active: No Connected to VPN: Yes, Lacaille OS support IPv4: Yes OS support IPv6: No Detected DNS: 10.28.34.1 Test DNS IPv4: Ok Test DNS IPv6: Failed Test Ping IPv4: 365 ms Test Ping IPv6: Failed Test HTTP IPv4: Ok Test HTTP IPv6: Error: curl: (7) Couldn't connect to server Test HTTPS: Ok ---------------------------- Important options not at defaults: login: (omissis) password: (omissis) remember: True servers.allowlist: a61744e4ad91aec37c94aeffc2d7344e79400c541b06df8f1d7773b130529191 areas.allowlist: ca,jp,nl,sg,es,br,ie proxy.mode: none network.ipv6.mode: block ---------------------------- Logs: . 2022.03.09 21:30:11 - Eddie version: 2.21.5beta / linux_x64, System: Linux, Name: Arch Linux, Version: Linux myhostname 5.16.13-arch1-1 #1 SMP PREEMPT Tue, 08 Mar 2022 20:07:36 +0000 x86_64 GNU/Linux, Mono/.Net: 6.12.0 (makepkg/c621c35ffa0 Thu Jun 17 02:48:02 PM -03 2021); Framework: v4.0.30319 . 2022.03.09 21:30:11 - Command line arguments (2): path.resources="/usr/share/eddie-ui" path.exec="/usr/bin/eddie-ui" . 2022.03.09 21:30:11 - Raise system privileges . 2022.03.09 21:30:14 - Reading options from /home/myuser/.config/eddie/default.profile . 2022.03.09 21:30:15 - OpenVPN - Version: 2.5.5 - OpenSSL 1.1.1m 14 Dec 2021, LZO 2.10 (/usr/bin/openvpn) . 2022.03.09 21:30:15 - SSH - Version: OpenSSH_8.9p1, OpenSSL 1.1.1m 14 Dec 2021 (/usr/bin/ssh) I 2022.03.09 21:30:15 - SSL - Not available . 2022.03.09 21:30:15 - curl - Version: 7.82.0 (/usr/bin/curl) . 2022.03.09 21:30:15 - DNS of the system restored to original settings (Rename method) . 2022.03.09 21:30:15 - Recovery. Unexpected crash? . 2022.03.09 21:30:15 - IPv6 restored on network adapter (eno2) . 2022.03.09 21:30:15 - IPv6 restored on network adapter (wlo1) I 2022.03.09 21:30:18 - Ready . 2022.03.09 21:30:22 - Collect information about AirVPN completed ! 2022.03.09 21:30:35 - Activation of Network Lock - Linux nftables . 2022.03.09 21:30:35 - Network lock not enabled on IPv6 layer. IPv6 seems disabled at system level. I 2022.03.09 21:30:37 - Session starting. F 2022.03.09 21:30:37 - OpenVPN is already running (/usr/bin/openvpn Resolv.conf: $ cat /etc/resolv.conf # Generated by Eddie v2.21.5beta - https://eddie.website - Wednesday, March 9, 2022 7:31:11 PM UTC nameserver 10.28.34.1 $ cat /etc/resolv.conf.eddie # Generated by NetworkManager search home nameserver 192.168.1.1 NetworkManager: $ tree /etc/NetworkManager/ /etc/NetworkManager/ ├── conf.d ├── dispatcher.d │ ├── no-wait.d │ ├── pre-down.d │ └── pre-up.d ├── dnsmasq.d ├── dnsmasq-shared.d ├── NetworkManager.conf └── system-connections [error opening dir] $ cat /etc/NetworkManager/NetworkManager.conf # Configuration file for NetworkManager. # See "man 5 NetworkManager.conf" for details. Openvpn: $ sudo tree /etc/openvpn/ /etc/openvpn/ ├── client └── server 2 directories, 0 files Networking: $ ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 2: eno2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether 00:00:00:00:00:01 brd ff:ff:ff:ff:ff:ff altname enp0s31f6 inet 192.168.1.2/24 brd 192.168.1.255 scope global dynamic eno2 valid_lft 84892sec preferred_lft 84892sec 3: wlo1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000 link/ether 00:00:00:00:00:02 brd ff:ff:ff:ff:ff:ff permaddr 24:41:8c:ab:a6:ad altname wlp0s20f3 4: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000 link/ether 00:00:00:00:00:03 brd ff:ff:ff:ff:ff:ff inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0 valid_lft forever preferred_lft forever 5: virbr2: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000 link/ether 00:00:00:00:00:04 brd ff:ff:ff:ff:ff:ff 6: virbr1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000 link/ether 00:00:00:00:00:05 brd ff:ff:ff:ff:ff:ff inet 10.0.2.2/24 brd 10.0.2.255 scope global virbr1 valid_lft forever preferred_lft forever 8: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UNKNOWN group default qlen 500 link/none inet 10.28.34.54/24 scope global tun0 valid_lft forever preferred_lft forever $ route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 0.0.0.0 128.0.0.0 U 0 0 0 tun0 0.0.0.0 192.168.1.1 0.0.0.0 UG 100 0 0 eno2 0.0.0.0 192.168.1.1 0.0.0.0 UG 100 0 0 eno2 10.0.2.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr1 10.28.34.0 0.0.0.0 255.255.255.0 U 0 0 0 tun0 128.0.0.0 0.0.0.0 128.0.0.0 U 0 0 0 tun0 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eno2 192.168.1.0 0.0.0.0 255.255.255.0 U 100 0 0 eno2 192.168.1.1 0.0.0.0 255.255.255.255 UH 100 0 0 eno2 192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0 209.58.173.138 0.0.0.0 255.255.255.255 UH 0 0 0 tun0 209.58.173.159 192.168.1.1 255.255.255.255 UGH 0 0 0 eno2 $ route -6 Kernel IPv6 routing table Destination Next Hop Flag Met Ref Use If [::]/0 [::] !n -1 1 0 lo [::]/0 [::] !n -1 1 0 lo What else I have tried: Deleted /etc/resolv.conf.eddie Enabling network-lock (doesn't matter I assume, just mentioning) Settings->DNS->DNS Switch Mode: Disabled -> Disconnect -> Connect -> leads to infinite Looping between server pool, can't connect, I assume it fails at "checking DNS" stdout log after setting DNS Switch Mode to Disabled: [...] I 2022.03.09 21:50:25 - Checking authorization ... . 2022.03.09 21:50:26 - IPv6 disabled on network adapter (eno2) . 2022.03.09 21:50:26 - IPv6 disabled on network adapter (wlo1) ! 2022.03.09 21:50:26 - Connecting to Azmidiske (Sweden, Uppsala) . 2022.03.09 21:50:26 - Routes, add 62.102.148.208/32 for interface "eno2". . 2022.03.09 21:50:26 - Routes, add 62.102.148.208/32 for interface "eno2", already exists. . 2022.03.09 21:50:26 - OpenVPN > OpenVPN 2.5.5 [git:makepkg/869f194c23ae93c4+] x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Dec 15 2021 . 2022.03.09 21:50:26 - OpenVPN > library versions: OpenSSL 1.1.1m 14 Dec 2021, LZO 2.10 . 2022.03.09 21:50:26 - OpenVPN > Outgoing Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key . 2022.03.09 21:50:26 - OpenVPN > Outgoing Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication . 2022.03.09 21:50:26 - OpenVPN > Incoming Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key . 2022.03.09 21:50:26 - OpenVPN > Incoming Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication . 2022.03.09 21:50:26 - OpenVPN > TCP/UDP: Preserving recently used remote address: [AF_INET]62.102.148.208:443 . 2022.03.09 21:50:26 - OpenVPN > Socket Buffers: R=[212992->212992] S=[212992->212992] . 2022.03.09 21:50:26 - OpenVPN > UDP link local: (not bound) . 2022.03.09 21:50:26 - OpenVPN > UDP link remote: [AF_INET]62.102.148.208:443 . 2022.03.09 21:50:26 - OpenVPN > TLS: Initial packet from [AF_INET]62.102.148.208:443, sid=dab05c11 6caf74dc . 2022.03.09 21:50:26 - OpenVPN > VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org . 2022.03.09 21:50:26 - OpenVPN > VERIFY KU OK . 2022.03.09 21:50:26 - OpenVPN > Validating certificate extended key usage . 2022.03.09 21:50:26 - OpenVPN > ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication . 2022.03.09 21:50:26 - OpenVPN > VERIFY EKU OK . 2022.03.09 21:50:26 - OpenVPN > VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=Azmidiske, emailAddress=info@airvpn.org . 2022.03.09 21:50:26 - OpenVPN > Control Channel: TLSv1.3, cipher TLSv1.3 TLS_CHACHA20_POLY1305_SHA256, peer certificate: 4096 bit RSA, signature: RSA-SHA512 . 2022.03.09 21:50:26 - OpenVPN > [Azmidiske] Peer Connection Initiated with [AF_INET]62.102.148.208:443 . 2022.03.09 21:50:27 - OpenVPN > PUSH: Received control message: 'PUSH_REPLY,comp-lzo no,redirect-gateway ipv6 def1 bypass-dhcp,dhcp-option DNS 10.11.34.1,dhcp-option DNS6 fde6:7a:7d20:722::1,tun-ipv6,route-gateway 10.11.34.1,topology subnet,ping 10,ping-restart 60,ifconfig-ipv6 fde6:7a:7d20:722::1024/64 fde6:7a:7d20:722::1,ifconfig 10.11.34.38 255.255.255.0,peer-id 1,cipher AES-256-GCM' . 2022.03.09 21:50:27 - OpenVPN > Pushed option removed by filter: 'redirect-gateway ipv6 def1 bypass-dhcp' . 2022.03.09 21:50:27 - OpenVPN > Pushed option removed by filter: 'dhcp-option DNS 10.11.34.1' . 2022.03.09 21:50:27 - OpenVPN > Pushed option removed by filter: 'dhcp-option DNS6 fde6:7a:7d20:722::1' . 2022.03.09 21:50:27 - OpenVPN > Pushed option removed by filter: 'tun-ipv6' . 2022.03.09 21:50:27 - OpenVPN > Pushed option removed by filter: 'ifconfig-ipv6 fde6:7a:7d20:722::1024/64 fde6:7a:7d20:722::1' . 2022.03.09 21:50:27 - OpenVPN > OPTIONS IMPORT: timers and/or timeouts modified . 2022.03.09 21:50:27 - OpenVPN > OPTIONS IMPORT: compression parms modified . 2022.03.09 21:50:27 - OpenVPN > OPTIONS IMPORT: --ifconfig/up options modified . 2022.03.09 21:50:27 - OpenVPN > OPTIONS IMPORT: route-related options modified . 2022.03.09 21:50:27 - OpenVPN > OPTIONS IMPORT: peer-id set . 2022.03.09 21:50:27 - OpenVPN > OPTIONS IMPORT: adjusting link_mtu to 1625 . 2022.03.09 21:50:27 - OpenVPN > OPTIONS IMPORT: data channel crypto options modified . 2022.03.09 21:50:27 - OpenVPN > Data Channel: using negotiated cipher 'AES-256-GCM' . 2022.03.09 21:50:27 - OpenVPN > Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key . 2022.03.09 21:50:27 - OpenVPN > Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key . 2022.03.09 21:50:27 - OpenVPN > TUN/TAP device tun0 opened . 2022.03.09 21:50:27 - OpenVPN > net_iface_mtu_set: mtu 1500 for tun0 . 2022.03.09 21:50:27 - OpenVPN > net_iface_up: set tun0 up . 2022.03.09 21:50:27 - OpenVPN > net_addr_v4_add: 10.11.34.38/24 dev tun0 . 2022.03.09 21:50:31 - OpenVPN > Initialization Sequence Completed . 2022.03.09 21:50:31 - Routes, add 0.0.0.0/1 for interface "tun0". . 2022.03.09 21:50:31 - Routes, add 128.0.0.0/1 for interface "tun0". . 2022.03.09 21:50:31 - Routes, add 62.102.148.154/32 for interface "tun0". . 2022.03.09 21:50:31 - Routes, skipped for 2a00:1520:27:1:dc5a:b7fa:4950:47c4 : IPv6 blocked. . 2022.03.09 21:50:31 - Flushing DNS . 2022.03.09 21:50:31 - Flush DNS - nscd I 2022.03.09 21:50:31 - Checking route IPv4 I 2022.03.09 21:50:32 - Checking DNS . 2022.03.09 21:50:39 - Checking DNS (4° try) . 2022.03.09 21:50:44 - Checking DNS (5° try) E 2022.03.09 21:50:44 - Checking DNS failed, last reason: Checking DNS failed: ! 2022.03.09 21:50:44 - Disconnecting . 2022.03.09 21:50:44 - Sending soft termination signal . 2022.03.09 21:50:44 - OpenVPN > event_wait : Interrupted system call (code=4) . 2022.03.09 21:50:44 - OpenVPN > SIGTERM received, sending exit notification to peer . 2022.03.09 21:50:49 - OpenVPN > Closing TUN/TAP interface . 2022.03.09 21:50:49 - OpenVPN > net_addr_v4_del: 10.11.34.38 dev tun0 . 2022.03.09 21:50:49 - OpenVPN > SIGTERM[soft,exit-with-notification] received, process exiting . 2022.03.09 21:50:49 - Routes, delete 0.0.0.0/1 for interface "tun0", not exists. . 2022.03.09 21:50:49 - Routes, delete 128.0.0.0/1 for interface "tun0", not exists. . 2022.03.09 21:50:49 - Routes, delete 62.102.148.208/32 for interface "eno2". . 2022.03.09 21:50:49 - Routes, delete 62.102.148.154/32 for interface "tun0", not exists. . 2022.03.09 21:50:49 - Routes, skipped for 2a00:1520:27:1:dc5a:b7fa:4950:47c4 : IPv6 blocked. . 2022.03.09 21:50:49 - Routes, delete 62.102.148.208/32 for interface "eno2", not exists. . 2022.03.09 21:50:49 - IPv6 restored on network adapter (eno2) . 2022.03.09 21:50:49 - IPv6 restored on network adapter (wlo1) . 2022.03.09 21:50:49 - Connection terminated. [...] Any thoughts on how to troubleshoot further? Thanks
  6. If you encounter exactly this error under macOS: Unable to start (Client not allowed: Remote executable not signed) run from terminal (adjust the path if different) sudo rm /Applications/Eddie.app/Contents/Resources/mono_crash* This issue is resolved in Eddie version 2.21.5 and above.
  7. I am getting very high CPU usage with latest Eddie client on Windows 10. Same issue with beta. All it takes is for Eddie to run (idle) in the background without establishing connection and the CPU usage goes up to 15%. I tried this on 2 PCs (laptops) and the fans always go crazy as soon as the app is started. Never an issue with official OpenVPN client or Wireguard client. Am I the only one having this issue? I haven't come across any complaints in the forums.
  8. Hi I am unable to connect using eddie with wireguard protocol on my Mac mini, openvpn works fine, but if I activate fireguard protocol Eddie keeps reconnecting every 5 seconds without success. this is the log, what should I do? I 2022.02.10 15:16:43 - Session starting. I 2022.02.10 15:16:44 - Checking authorization ... ! 2022.02.10 15:16:44 - Connecting to Gorgonea (Canada, Toronto, Ontario) . 2022.02.10 15:16:44 - Routes, add 104.254.90.250/32 for interface "en0". . 2022.02.10 15:16:44 - Routes, add 104.254.90.250/32 for interface "en0", already exists. . 2022.02.10 15:16:44 - WireGuard > Setup start E 2022.02.10 15:16:45 - WireGuard > Error: Failed to configure interface 'utun1' . 2022.02.10 15:16:45 - WireGuard > Stopping . 2022.02.10 15:16:45 - WireGuard > end ! 2022.02.10 15:16:45 - Disconnecting . 2022.02.10 15:16:45 - Routes, delete 104.254.90.250/32 for interface "en0". . 2022.02.10 15:16:45 - Routes, delete 104.254.90.250/32 for interface "en0", not exists. . 2022.02.10 15:16:45 - Connection terminated. I 2022.02.10 15:16:48 - Checking authorization ... ! 2022.02.10 15:16:49 - Connecting to Enif (Canada, Toronto, Ontario) . 2022.02.10 15:16:49 - Routes, add 104.254.90.242/32 for interface "en0". . 2022.02.10 15:16:49 - Routes, add 104.254.90.242/32 for interface "en0", already exists. . 2022.02.10 15:16:49 - WireGuard > Setup start E 2022.02.10 15:16:49 - WireGuard > Error: Failed to configure interface 'utun1' . 2022.02.10 15:16:49 - WireGuard > Stopping . 2022.02.10 15:16:49 - WireGuard > end ! 2022.02.10 15:16:49 - Disconnecting . 2022.02.10 15:16:49 - Routes, delete 104.254.90.242/32 for interface "en0". . 2022.02.10 15:16:49 - Routes, delete 104.254.90.242/32 for interface "en0", not exists. . 2022.02.10 15:16:49 - Connection terminated. I 2022.02.10 15:16:52 - Checking authorization ... I 2022.02.10 15:16:53 - Cancel requested. ! 2022.02.10 15:16:53 - Session terminated. Thanks
  9. I am unable to install eddie on Debian 11 Buster (stable), so any help will be greatly appreciated. Toward the end of the steps, after I run: sudo apt-get install eddie-ui I get this: Reading package lists... Done Building dependency tree... Done Reading state information... Done Some packages could not be installed. This may mean that you have requested an impossible situation or if you are using the unstable distribution that some required packages have not yet been created or been moved out of Incoming. The following information may help to resolve the situation: The following packages have unmet dependencies: eddie-ui : Depends: libappindicator1 but it is not installable E: Unable to correct problems, you have held broken packages. Running "apt-get install libappindicator1" did not do any good either, as it doesn't seem to be in the Debian Main repositories: Package libappindicator1 is not available, but is referred to by another package. This may mean that the package is missing, has been obsoleted, or is only available from another source E: Package 'libappindicator1' has no installation candidate Thanks!
  10. Hello. I have a minor, yet quite an annoying problem here. After switching OS (Windows -> Linux), I have noticed pings in the server overview being quite a bit higher. Has anyone had the same problem? Maybe any suggestions? I use: Arch Linux x86_64 Eddie 2.19.7 I'm using NetworkManager I tried comparing the results from Eddie with results from pinging using the terminal. With the first four results, I picked the first server on list from each country (sorted by lowest latency) With the last two I picked one near 100ms and a server near 150ms to hopefully see a pattern in the results. The IPs I pinged, are the ones you find if you right click a server, click more, and then take the IP from "remote". These are my results: Anser (Netherlands) Eddie: 19ms Terminal: 12.5ms Arion (UK) Eddie: 24ms Terminal: 16.8ms Cervantes (Germany) Eddie: 25ms Terminal: 16.4ms Algorab (Sweden) Eddie: 26ms Terminal: 15.1ms Dimidium (NY USA) Eddie: 104ms Terminal: 93ms Ran (Texas USA) Eddie: 150ms Terminal: 121ms
  11. I use AirVPN with Eddie on Linux (Ubuntu 21.04). I have certain applications (and even websites if possible) I would like to exclude from the VPN. I have to open and close the AirVPN connection numerous times a day since I need to open a VPN connection to my work where I download updated data. I also have an IRC client running which does not like the changes and cut me off every time I turn the VPN on and off. Other applications like Signal Desktop or Slack seems to handle these changes. Best would of course be if I could add my work VPN (OpenVPN) to the Eddie or in addition to Eddie, but that means two VPN's open at the same time and I do not even know if that is possible. I also have problems with Pandora which won't play when I set up my AirVPN connection to overseas locations (I live and work in the US). On Android it's easy to exclude apps, but on Linux I have no idea if it's possible and how I would go about setting it up.
  12. After trying to connect to airvpn through eddie, multiple installs and re-installs as well as removing the checkmarks in the "check airvpn dns", "check if tunnel works" and "enable latency test", the best I'm able to achieve is what appears to be a connection but does not allow access to the internet. A program I use to connect to the internet, I've noticed, seems to share the "systemd" dependency, specifically "systemd-networkd". I've tried rechecking the previously unchecked boxes listed above, and eddie starts to check the latency of various servers, seems to start at least, and then freezes at 167. In the logs, I double-click to restart this check and in the 'pinger stats' row the following is displayed: 'Invalid: 167, Older check:-, Latest check: Just now (alternating between this and '1 second ago') (double-click to update). I've gone as far as stopping and restarting the network, still no luck. Attached is my log file. Using the default settings in android, I am unable to connect to the internet with eddie on, and SOMETIMES it refuses to connect at all. Either way, appearing to be connected or not, I cannot connect to the internet via airvpn. Thanks for your help. Eddie_20210328_180658.txt
  13. Dear Maintainers, The Eddie application icon is very blocky both in the Dock and in Task Switcher. Using Gnome 3.30.2 on Debian Buster. It's been like this for the past few versions, for as long as I can remember. I don't know if this is Debian/Buster specific. The icon referred to in the packaged .desktop file (/usr/share/pixmaps/eddie-ui.png) looks fine when opened in GIMP as can be seen attached. Anyone else have this issue or know a fix? Thanks!
  14. I will be testing it on Xbian today since I have the same use case, but find that with proper resource management I can have my RPi 2 do double duty as a Deluge box and a mediacentre. I would actually prefer to bring things up using eddie-cli automatically at boot without user intervention, preferably as a service or alternately via rc.local. Almost there, after hours of struggling because I was trying to run eddie-cli as superuser, in my eddie-cli upstart configuration (Yay - no systemd!). Now that I am not, I get this, though: # /etc/rc.local . 2021.01.27 08:37:47 - Eddie version: 2.19.7 / linux_armv7l, System: Linux, Name: XBian GNU/Linux 10 \n \l, Version: Linux xbian 4.19.90+ #1 SMP PREEMPT Wed Dec 18 20:39:10 CET 2019 armv7l GNU/Linux, Mono/.Net: 5.18.0.240 (Debian 5.18.0.240+dfsg-3 Wed Apr 17 18:28:16 UTC 2019); Framework: v4.0.30319 . 2021.01.27 08:37:48 - Command line arguments (7): path.resources="/usr/share/eddie-cli" path.exec="/usr/bin/eddie-cli" netlock="True" login="airvpnclient" password="My.cat.has.pings." server="Rotanev" connect="True" . 2021.01.27 08:37:48 - Raise system privileges sudo: no tty present and no askpass program specified F 2021.01.27 08:37:48 - Unable to obtain elevated privileges (required): Unable to start (already exit) . 2021.01.27 08:37:48 - Shutdown in progress . 2021.01.27 08:37:48 - Shutdown complete ... Also, the script should work on this Debian based box since firewalld exists: root@xbian:/home/xbian# whereis firewalld firewalld: /usr/local/lib/firewalld
  15. Is it possible to introduce a feature to save master password to android keystore and unlock the app with fingerprint? I am referring to the Android version of Eddie. It is quite a hassle to have to enter the password every time I want to connect to my VPN. An alternative is to make the master password optional. I understand how this will result in the user credentials not being encrypted, but it can be an option at the user's risk.
  16. Hello, after I posted some suggestions for Eddie's CLI version in this thread and received some helpful information there, I set out to write my own little interface in bash for it to implement the suggestions. Being no programmer it turned out to be quite a project for me, and I would like to share it here in case anybody else prefers to run Eddie in the terminal rather than as a full GUI application. This script still uses Eddie itself, it's just a wrapper to make it as easy to use in the command line as it is as a desktop application. Screenshots are attached. Some features and advantages: uses less resources (top shows usually 0.3% CPU usage compared to 4-5% for the desktop version) can be exited without disconnecting interactive, sortable server list option to connect to another VPN with openconnect (since I need to do that from time to time, but it should be easy to add other connection methods as well) option to lock down the system's network traffic by default, so even without Eddie running with its own network lock there will be no leaks What to watch out for: The default network lock works with direct rules in firewalld because I'm using Fedora. It should be easy to change it to use iptables directly on other distributions since firewalld's direct rules are just a way to directly manipulate iptables. Once activated, the lock will stay in place until manually deactivated (also surviving reboots), so no internet connection will be possible unless connected to AirVPN or other whitelisted VPNs. AirVPN's network lock overwrites the default network lock, so there will be no interference. Check your /etc/resolv.conf file while not running Eddie (because Eddie's network lock replaces that file temporarily) to make sure your router is not set as a nameserver (so no 192.168... address). Some routers will push themselves on that list by DHCP whenever you connect to their network. Since communication with the router is allowed in the lock rules, DNS requests will be handled by the router and sent to whatever DNS server is configured there even when network traffic should be blocked. There are ways to prevent that file from being changed by DHCP, best configure network manager for that if you use it. To connect to other VPNs, their IPs must be whitelisted and DNS requests for their domains must be allowed in the default network lock rules. The rules for airvpn.org can be copied and adjusted. I haven't yet included an option to pass command line arguments to Eddie. So if you need to set more advanced options like black-/whitelists, use of certain protocols etc., you need to set them manually in the connect_server function. All the possible options can be found in 'man eddie-ui'. You need to insert your own API key in line 5. It can be found in your account under Client Area -> API. Without this, connections will still work, but user info and connection status in the main window will not be properly updated. I tried to only use basic system tools. The script relies mostly on dialog, awk and curl (and firewalld as described and openconnect if needed), so it should work on most systems, but I'm not sure. And, lastly, VERY IMPORTANT: As I said, I'm no programmer and new to this, so even though I tried my best to make this script secure and error free, there might very well be some bad practice, never-ever-do-this mistakes or other hiccups in there. It works well for me, but better check it yourself. Feel free to use this as you wish, I hope someone can benefit from this. I'm happy about any improvements and corrections and will update this if I find the time. UPDATE: A new version which uses Hummingbird and has been improved in many aspects (including automatic connection at boot) can be found here. #!/bin/bash # an interactive shell script to control the command line version of the AirVPN Eddie client and openconnect more comfortably PROFILE_PATH="$HOME/.airvpn/default.xml" API_KEY="<your api key>" DIALOG_OK=0 DIALOG_CANCEL=1 DIALOG_EXTRA=3 DIALOG_ESC=255 HEIGHT=0 WIDTH=0 BACKTITLE="VPN Control" FORMAT="text" URL="https://airvpn.org/api/" PID=$$ function check_sudo { # check if user has sudo privileges sudo -vn &> /dev/null # gain sudo privileges for commands that need it (better than running everything with sudo) if [ $? = "1" ] then unset EXIT_STATUS_SUDO PASS_PROMPT="Establishing VPN connections and changing network traffic rules requires root privileges. Please enter your password:" until [ "$EXIT_STATUS_SUDO" = "0" ] do dialog \ --backtitle "$BACKTITLE" \ --title "Password Needed" \ --output-fd 1 \ --insecure \ --passwordbox "$PASS_PROMPT" 11 35 | xargs printf '%s\n' | sudo -Svp '' &> /dev/null EXIT_STATUS_PIPE=( "${PIPESTATUS[@]}" ) EXIT_STATUS_DIALOG="${EXIT_STATUS_PIPE[0]}" EXIT_STATUS_SUDO="${EXIT_STATUS_PIPE[2]}" EXIT_SUDO_TEST="${EXIT_STATUS_PIPE[2]}" PASS_PROMPT="The password you entered is incorrect. Please try again:" case $EXIT_STATUS_DIALOG in $DIALOG_CANCEL|$DIALOG_ESC) return 1 ;; esac done # keep sudo permission until script exits or permissions are revoked (e.g. when computer goes to sleep) while [ "$EXIT_SUDO_TEST" = "0" ]; do sudo -vn; EXIT_SUDO_TEST=$?; sleep 60; kill -0 "$PID" || exit; done &> /dev/null & fi return 0 } function get_list { SERVICE_NAME="status" ARGS="{ \"format\":\"$FORMAT\", \"service\":\"$SERVICE_NAME\" }" timeout --signal=SIGINT 10 curl -s -d "$ARGS" -X POST "$URL" > "/tmp/.eddie_server_list.txt" } function sort_list { # pipe server status list to awk, filter out unnecessary stuff, # combine lines that relate to same server into single lines which are saved as array, # loop through array to format info, # print array and sort according to options, # add numbers to list for menu LIST=$(awk -F '[.]' \ 'BEGIN{OFS=";"} \ /^servers/ && !/ip_/ && !/country_code/ {c=$2; \ if (c in servers) servers[c]=servers[c] OFS $3; \ else servers[c]=$3; \ for (k in servers) gsub(/;bw=/, " :", servers[k]); \ for (k in servers) gsub(/;bw_max=/, "/", servers[k]); \ for (k in servers) gsub(/;currentload=/, " :", servers[k]); \ for (k in servers) gsub(/;health=/, "%:", servers[k]); \ for (k in servers) gsub(/;.*=/, ":", servers[k]); \ for (k in servers) gsub(/^.*=/, "", servers[k])} \ END{ \ for (c in servers) print servers[c]}' "/tmp/.eddie_server_list.txt" | sort -t ":" $1 | awk -F '[;]' 'BEGIN{OFS=":"} {print v++";"$1}') } function get_userinfo { SERVICE_NAME="userinfo" ARGS="{ \"format\":\"$FORMAT\", \"service\":\"$SERVICE_NAME\", \"key\":\"$API_KEY\" }" # filter specific lines, save values to variables after protecting whitespace read U_LOGIN U_EXP U_CONNECTED U_DEVICE U_SERVER_NAME U_SERVER_COUNTRY U_SERVER_LOCATION U_TIME <<< $( \ timeout --signal=SIGINT 10 curl -s -d "$ARGS" -X POST "$URL" | \ awk -F '[=]' \ 'BEGIN{ORS=";"} \ /^user.login|^user.expiration_days|^user.connected|^sessions.*device_name|^connection.server_name|^connection.server_country=|^connection.server_location|^connection.connected_since_date/ \ {print $2}' | \ sed 's/\ /\\\ /g' | sed 's/;/\ /g' \ ) if [ "$U_CONNECTED" = "1" ] then U_CONNECTED="connected" U_SERVER_FULL="$U_SERVER_NAME ($U_SERVER_LOCATION, $U_SERVER_COUNTRY)" U_TIME=$(date -d "$U_TIME UTC" +"%m/%d/%Y %H:%M:%S") else U_CONNECTED="not connected" U_SERVER_FULL="--" U_TIME="--" fi } function connect_server { if [ "$KILLED" = "true" ] then # create pipes to process status of client if [ ! -p "/tmp/.eddie_fifo1" ] then mkfifo "/tmp/.eddie_fifo1" fi if [ ! -p "/tmp/.eddie_fifo2" ] then mkfifo "/tmp/.eddie_fifo2" fi # run eddie in background and detached from current window, pipe output to named pipe (sudo eddie-ui --cli --netlock --connect --server="$1" --profile="$PROFILE_PATH" | tee "/tmp/.eddie_fifo2" &> "/tmp/.eddie_fifo1" &) cat "/tmp/.eddie_fifo2" | dialog --backtitle "$BACKTITLE" --title "Connecting to AirVPN..." --progressbox 20 80 & timeout --signal=SIGINT 60 grep -q -m 1 "Initialization Sequence Completed" "/tmp/.eddie_fifo1" INIT_EXIT=$? pkill -f cat.*eddie_fifo2 if [ $INIT_EXIT = "0" ] then get_userinfo else U_CONNECTED="error during connection attempt" U_SERVER_FULL="--" U_TIME="--" fi else U_CONNECTED="error during disconnection" U_SERVER_FULL="--" U_TIME="--" fi } function disconnect_server { # check for running instance of eddie pgrep -f mono.*eddie-ui &> /dev/null if [ $? = 0 ] then # kill process and wait for confirmation from process output if [ -p "/tmp/.eddie_fifo1" -a -p "/tmp/.eddie_fifo2" ] then sudo pkill -2 -f mono.*eddie-ui & cat "/tmp/.eddie_fifo1" | dialog --backtitle "$BACKTITLE" --title "Disconnecting AirVPN..." --progressbox 20 80 & timeout --signal=SIGINT 10 grep -q -m 1 "Shutdown complete" "/tmp/.eddie_fifo2" else # in case connection was started without this script sudo pkill -2 -f mono.*eddie-ui sleep 5 fi # give some time to completely close process, without sleep it's too early for new connection sleep 3 pgrep -f mono.*eddie-ui &> /dev/null if [ $? = 1 ] then KILLED1="true" else KILLED1="false" fi else KILLED1="true" fi # check for running instance of openconnect pgrep -f "openconnect.*--" &> /dev/null if [ $? = 0 ] then sudo pkill -2 -f "openconnect.*--" sleep 1 pgrep -f "openconnect.*--" &> /dev/null if [ $? = 1 ] then KILLED2="true" # somehow openconnect doesn't receive SIGINT and shuts down improperly, # so vpnc can't restore resolv.conf by itself sudo cp "/var/run/vpnc/resolv.conf-backup" "/etc/resolv.conf" else KILLED2="false" fi else KILLED2="true" fi if [ "$KILLED1" = "true" -a "$KILLED2" = "true" ] then KILLED="true" else KILLED="false" fi } function define_lock { if [ "$1" = "activate" ] then GAUGE_TITLE="Activating Network Lock" RULE_ACTION="add-rule" elif [ "$1" = "deactivate" ] then GAUGE_TITLE="Deactivating Network Lock" RULE_ACTION="remove-rule" else return 1 fi GAUGE_BODY="$1" IPRULES=(\ #allow loopback "sudo firewall-cmd --direct --permanent --$RULE_ACTION ipv4 filter INPUT 0 -i lo -j ACCEPT" \ "sudo firewall-cmd --direct --permanent --$RULE_ACTION ipv4 filter OUTPUT 0 -o lo -j ACCEPT" \ #allow lan (out) and broadcasting/dhcp "sudo firewall-cmd --direct --permanent --$RULE_ACTION ipv4 filter OUTPUT 0 -s 192.168.0.0/16 -d 192.168.0.0/16 -j ACCEPT" \ "sudo firewall-cmd --direct --permanent --$RULE_ACTION ipv4 filter INPUT 0 -s 255.255.255.255 -j ACCEPT" \ "sudo firewall-cmd --direct --permanent --$RULE_ACTION ipv4 filter OUTPUT 0 -d 255.255.255.255 -j ACCEPT" \ # allow tun device to communicate (so any VPN connection should be possible, also without Air, but respective DNS requests must be allowed) "sudo firewall-cmd --direct --permanent --$RULE_ACTION ipv4 filter FORWARD 0 -o tun+ -j ACCEPT" \ "sudo firewall-cmd --direct --permanent --$RULE_ACTION ipv4 filter FORWARD 0 -i tun+ -j ACCEPT" \ "sudo firewall-cmd --direct --permanent --$RULE_ACTION ipv4 filter OUTPUT 998 -o tun+ -j ACCEPT" \ # optional masquerade rule (NAT/ports) "sudo firewall-cmd --direct --permanent --$RULE_ACTION ipv4 nat POSTROUTING 0 -o tun+ -j MASQUERADE" \ # allow ipv4 only to airvpn.org for status update # allow DNS query to resolve hostname (hex string reads "06 airvpn 03 org" - numbers are counting bits), # restrict packet length to length of this specific request package (might change?) to avoid hijacking # of query (very unlikely I guess, but who cares if we're already being paranoid for the fun of it), # whitelist destination IP for TCP handshake "sudo firewall-cmd --direct --permanent --$RULE_ACTION ipv4 filter OUTPUT 1 -p udp --dport 53 -m string --hex-string '|06 61697276706e 03 6f7267|' --algo bm -m length --length 0:126 -m recent --set -j ACCEPT" \ "sudo firewall-cmd --direct --permanent --$RULE_ACTION ipv4 filter OUTPUT 1 -p tcp --dport 53 -m string --hex-string '|06 61697276706e 03 6f7267|' --algo bm -m length --length 0:126 -m recent --set -j ACCEPT" \ # add rules for other domains you wish to allow DNS requests to here (packet length can be determined with e.g. wireshark) and adjust array index # # allow SYN request to whitelisted IP to initiate handshake, remove IP from whitelist "sudo firewall-cmd --direct --permanent --$RULE_ACTION ipv4 filter OUTPUT 1 -p tcp --syn --dport 53 -m recent --remove -j ACCEPT" \ # allow outgoing connection to Air's IP "sudo firewall-cmd --direct --permanent --$RULE_ACTION ipv4 filter OUTPUT 1 -d 5.196.64.52 -j ACCEPT" \ # add rules for other IPs you wish to allow connections to here # # allow communication "sudo firewall-cmd --direct --permanent --$RULE_ACTION ipv4 filter INPUT 1 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT" \ # drop outgoing ipv4 (if not specifically allowed by other rules) "sudo firewall-cmd --direct --permanent --$RULE_ACTION ipv4 filter OUTPUT 999 -j DROP" \ # block incoming ipv4 "sudo firewall-cmd --direct --permanent --$RULE_ACTION ipv4 filter INPUT 999 -j DROP" \ # drop all ipv6 "sudo firewall-cmd --direct --permanent --$RULE_ACTION ipv6 filter OUTPUT 0 -j DROP" \ "sudo firewall-cmd --direct --permanent --$RULE_ACTION ipv6 filter INPUT 0 -j DROP" \ # reload and restart firewalld to activate permanent rule changes "sudo firewall-cmd --reload" \ "sudo systemctl restart firewalld"\ ) toggle_lock } function toggle_lock { PERCENTAGE_STEP=$(awk -v rules="${#IPRULES[@]}" 'BEGIN {print 100/rules}') PERCENTAGE=0 COUNTER=0 # initial window dialog --backtitle "$BACKTITLE" \ --title "$GAUGE_TITLE" \ --mixedgauge "Applying iptable rules to $GAUGE_BODY the default network lock..." 35 80 "$(awk -v per="$PERCENTAGE" 'BEGIN {printf "%.0f", per}')" \ "Allow Loopback IN" "${RESULT[0]}" \ "Allow Loopback OUT" "${RESULT[1]}" \ "Allow LAN OUT" "${RESULT[2]}" \ "Allow DHCP IN" "${RESULT[3]}" \ "Allow DHCP OUT" "${RESULT[4]}" \ "Allow tun out FORWARD" "${RESULT[5]}" \ "Allow tun in FORWARD" "${RESULT[6]}" \ "Allow tun out OUT" "${RESULT[7]}" \ "tun masquerade" "${RESULT[8]}" \ "Allow DNS via UDP to airvpn.org" "${RESULT[9]}" \ "Allow DNS via TCP to airvpn.org" "${RESULT[10]}" \ "Allow connection initiation" "${RESULT[11]}" \ "Allow traffic to airvpn.org" "${RESULT[12]}" \ "Allow established connections" "${RESULT[13]}" \ "Block IPv4 OUT" "${RESULT[14]}" \ "Block IPv4 IN" "${RESULT[15]}" \ "Block IPv6 OUT" "${RESULT[16]}" \ "Block IPv6 IN" "${RESULT[17]}" \ "activate changes" "${RESULT[18]}" \ "restart firewalld" "${RESULT[19]}" for i in "${IPRULES[@]}" do RESULT["$COUNTER"]=$(eval $i) (( COUNTER++ )) PERCENTAGE=$(awk -v per="$PERCENTAGE" -v per_step="$PERCENTAGE_STEP" 'BEGIN {print per+per_step}') # progress window dialog --backtitle "$BACKTITLE" \ --title "$GAUGE_TITLE" \ --mixedgauge "Applying iptable rules to $GAUGE_BODY the default network lock..." 35 80 "$(awk -v per="$PERCENTAGE" 'BEGIN {printf "%.0f", per}')" \ "Allow Loopback IN" "${RESULT[0]}" \ "Allow Loopback OUT" "${RESULT[1]}" \ "Allow LAN OUT" "${RESULT[2]}" \ "Allow DHCP IN" "${RESULT[3]}" \ "Allow DHCP OUT" "${RESULT[4]}" \ "Allow tun out FORWARD" "${RESULT[5]}" \ "Allow tun in FORWARD" "${RESULT[6]}" \ "Allow tun out OUT" "${RESULT[7]}" \ "tun masquerade" "${RESULT[8]}" \ "Allow DNS via UDP to airvpn.org" "${RESULT[9]}" \ "Allow DNS via TCP to airvpn.org" "${RESULT[10]}" \ "Allow connection initiation" "${RESULT[11]}" \ "Allow traffic to airvpn.org" "${RESULT[12]}" \ "Allow established connections" "${RESULT[13]}" \ "Block IPv4 OUT" "${RESULT[14]}" \ "Block IPv4 IN" "${RESULT[15]}" \ "Block IPv6 OUT" "${RESULT[16]}" \ "Block IPv6 IN" "${RESULT[17]}" \ "activate changes" "${RESULT[18]}" \ "restart firewalld" "${RESULT[19]}" done # final window to show results dialog --backtitle "$BACKTITLE" \ --title "$GAUGE_TITLE" \ --mixedgauge "Applying iptable rules to $GAUGE_BODY the default network lock..." 35 80 "$(awk -v per="$PERCENTAGE" 'BEGIN {printf "%.0f", per}')" \ "Allow Loopback IN" "${RESULT[0]}" \ "Allow Loopback OUT" "${RESULT[1]}" \ "Allow LAN OUT" "${RESULT[2]}" \ "Allow DHCP IN" "${RESULT[3]}" \ "Allow DHCP OUT" "${RESULT[4]}" \ "Allow tun out FORWARD" "${RESULT[5]}" \ "Allow tun in FORWARD" "${RESULT[6]}" \ "Allow tun out OUT" "${RESULT[7]}" \ "tun masquerade" "${RESULT[8]}" \ "Allow DNS via UDP to airvpn.org" "${RESULT[9]}" \ "Allow DNS via TCP to airvpn.org" "${RESULT[10]}" \ "Allow connection initiation" "${RESULT[11]}" \ "Allow traffic to airvpn.org" "${RESULT[12]}" \ "Allow established connections" "${RESULT[13]}" \ "Block IPv4 OUT" "${RESULT[14]}" \ "Block IPv4 IN" "${RESULT[15]}" \ "Block IPv6 OUT" "${RESULT[16]}" \ "Block IPv6 IN" "${RESULT[17]}" \ "activate changes" "${RESULT[18]}" \ "restart firewalld" "${RESULT[19]}" sleep 2 unset RESULT check_lock } function check_lock { # check for success (not really though, needs improvement) LOCK_RULES=$( sudo firewall-cmd --direct --permanent --get-all-rules | wc -l ) if [ "$LOCK_RULES" -gt 16 ] then LOCK_ACTIVE="active" else LOCK_ACTIVE="inactive" fi } function yesno { dialog \ --backtitle "$BACKTITLE" \ --title "$1" \ --clear \ --yesno "$2" \ $HEIGHT $WIDTH EXIT_STATUS=$? } check_sudo if [ $? = "1" ] then clear exit fi get_userinfo # if currently connected by openconnect, set status to unknown (connection could have been established outside of this script) pgrep openconnect &> /dev/null if [ $? = 0 ] then U_CONNECTED="connected (openconnect)" U_SERVER_FULL="unknown" U_TIME="unknown" fi check_lock while true; do exec 3>&1 selection=$(dialog \ --cr-wrap \ --backtitle "$BACKTITLE" \ --title "Main Menu" \ --clear \ --cancel-label "Quit" \ --menu "This is a control script for VPN connections, primarily for Eddie, the AirVPN client.\nThis script can be exited and re-entered without affecting a running connection.\n\nUser: $U_LOGIN\nDays Until Expiration: $U_EXP\n\nDefault Network Lock: $LOCK_ACTIVE\n\nStatus: $U_CONNECTED\nServer: $U_SERVER_FULL\nConnected Since: $U_TIME\n\nPlease select one of the following options:" $HEIGHT $WIDTH 6 \ "0" "Connect to Recommended Server" \ "1" "Connect to Specific Server" \ "2" "Connect via openconnect" \ "3" "Disconnect" \ "4" "Refresh User Info" \ "5" "Toggle Default Network Lock" \ 2>&1 1>&3) EXIT_STATUS=$? exec 3>&- case $EXIT_STATUS in $DIALOG_CANCEL|$DIALOG_ESC) yesno "Quit" "Exit Script?" case $EXIT_STATUS in $DIALOG_CANCEL|$DIALOG_ESC) ;; $DIALOG_OK) break ;; esac ;; esac case $selection in 0 ) check_sudo if [ $? = "0" ] then disconnect_server connect_server "" fi ;; 1 ) while true; do exec 3>&1 SERVER_SORT=$(dialog \ --backtitle "$BACKTITLE" \ --title "Sort Server List" \ --no-collapse \ --ok-label "sort ascending" \ --extra-button \ --extra-label "sort descending" \ --menu "Please choose how you want to sort the server list." \ 14 0 7 \ "1" "Name" \ "2" "Country" \ "3" "Location" \ "4" "Continent" \ "5" "Bandwidth" \ "6" "Users" \ "7" "Load" \ 2>&1 1>&3) EXIT_STATUS=$? exec 3>&- case $EXIT_STATUS in $DIALOG_CANCEL|$DIALOG_ESC) break ;; $DIALOG_EXTRA) SERVER_SORT_OPTION="r" ;; $DIALOG_OK) SERVER_SORT_OPTION="" ;; esac if [ "$SERVER_SORT" = "5" -o "$SERVER_SORT" = "6" -o "$SERVER_SORT" = "7" ] then SERVER_NUM_OPTION="n" else SERVER_NUM_OPTION="" fi if [ ! -f "/tmp/.eddie_server_list.txt" ] then get_list fi while true do sort_list "-k$SERVER_SORT,$SERVER_SORT$SERVER_SORT_OPTION$SERVER_NUM_OPTION" IFS=$';\n' exec 3>&1 SERVER_NMBR=$(dialog \ --backtitle "$BACKTITLE" \ --title "Server List" \ --colors \ --no-collapse \ --extra-button \ --extra-label "Refresh List" \ --column-separator ":" \ --menu "Choose a server from the list to connect to it. (Press ESC to go back.)\n\n\Zb # Name Country Location Continent Bandwidth Users Load Health\ZB" \ 40 102 31 $LIST 2>&1 1>&3) EXIT_STATUS=$? exec 3>&- IFS=$' \t\n' case $EXIT_STATUS in $DIALOG_CANCEL) break 2 ;; $DIALOG_ESC) break ;; $DIALOG_EXTRA) get_list ;; $DIALOG_OK) check_sudo if [ $? = "0" ] then SELECTED_SERVER=$(printf -- '%s\n' "${LIST[@]}" | grep "^$SERVER_NMBR;" | cut -d ";" -f 2 | cut -d ":" -f 1) disconnect_server connect_server "$SELECTED_SERVER" break 2 fi ;; esac done done ;; 2 ) exec 3>&1 # adjust field lengths if necessary CONNECT_INFO=$(dialog \ --backtitle "$BACKTITLE" \ --title "VPN via openconnect" \ --insecure \ --mixedform "Please provide your login credentials to connect to a VPN via openconnect:\n(Leave unneeded fields blank and type options as in command line, separated by space.)" $HEIGHT $WIDTH 6 \ "Server:" 1 1 "" 1 21 25 0 0 \ "Group:" 2 1 "" 2 21 25 0 0 \ "User:" 3 1 "" 3 21 25 0 0 \ "Password:" 4 1 "" 4 21 25 0 1 \ "Additional Options:" 5 1 "" 5 21 25 0 0 \ 2>&1 1>&3) EXIT_STATUS=$? exec 3>&- case $EXIT_STATUS in $DIALOG_CANCEL|$DIALOG_ESC) ;; $DIALOG_OK) check_sudo if [ $? = "0" ] then disconnect_server if [ "$KILLED" = "true" ] then if [ ! -p "/tmp/.eddie_fifo1" ] then mkfifo "/tmp/.eddie_fifo1" fi ALT_SERVER=$(echo -n "$CONNECT_INFO" | cut -d$'\n' -f 1) ALT_GROUP=$(echo -n "$CONNECT_INFO" | cut -d$'\n' -f 2) ALT_USER=$(echo -n "$CONNECT_INFO" | cut -d$'\n' -f 3) ALT_PASS=$(echo -n "$CONNECT_INFO" | cut -d$'\n' -f 4) ALT_OPTS=$(echo -n "$CONNECT_INFO" | cut -d$'\n' -f 5) echo "$ALT_PASS" | (sudo openconnect $ALT_OPTS --authgroup=$ALT_GROUP --user=$ALT_USER --passwd-on-stdin $ALT_SERVER &> "/tmp/.eddie_fifo1" &) timeout --signal=SIGINT 3 cat "/tmp/.eddie_fifo1" | dialog --backtitle "$BACKTITLE" --title "Connecting via openconnect..." --timeout 5 --programbox 20 80 U_CONNECTED="connected" U_SERVER_FULL="$ALT_SERVER" U_TIME=$(date +"%m/%d/%Y %H:%M:%S") else U_CONNECTED="error during disconnection" U_SERVER_FULL="--" U_TIME="--" fi fi ;; esac ;; 3 ) check_sudo if [ $? = "0" ] then disconnect_server if [ "$KILLED" = "true" ] then get_userinfo else U_CONNECTED="error during disconnection" U_SERVER_FULL="--" U_TIME="--" fi if [ -p "/tmp/.eddie_fifo1" ] then rm "/tmp/.eddie_fifo1" fi if [ -p "/tmp/.eddie_fifo2" ] then rm "/tmp/.eddie_fifo2" fi fi ;; 4 ) get_userinfo ;; 5 ) pgrep -f mono.*eddie-ui &> /dev/null if [ $? = 0 ] then dialog --backtitle "$BACKTITLE" --title "Toggle Network Lock" --timeout 3 --msgbox "You need to be disconnected to change network traffic rules." 10 35 else if [ "$LOCK_ACTIVE" = "inactive" ] then yesno "Toggle Network Lock" "Are you sure you want to activate the default network lock and block all connections while not connected to (any) VPN?" case $EXIT_STATUS in $DIALOG_CANCEL|$DIALOG_ESC) ;; $DIALOG_OK) check_sudo if [ $? = "0" ] then define_lock "activate" fi ;; esac else yesno "Toggle Network Lock" "Are you sure you want to deactivate the default network lock and allow all connections, even when not connected to a VPN?" case $EXIT_STATUS in $DIALOG_CANCEL|$DIALOG_ESC) ;; $DIALOG_OK) check_sudo if [ $? = "0" ] then define_lock "deactivate" fi ;; esac fi fi ;; esac done clear
  17. Hello! I use Eddie for OSX on 10.13 and I'm trying to also use Zerotier One, because of other reasons not relevant in here. The thing is that the moment I activate Eddie the connection to Zerotier is lost. It may connect after a while (from 24 to 48 hs later) and everytime I reconnect with Eddie the same happens. I contacted the people from Zerotier and they told that maybe the VPN is blocking UDP ports. Zerotier creates a feth/ipv4 interface. I'm not a genius with networking, sorry for that ;·) Is there a something that I can do to improve the performance of Zerotier while using Eddie, or if there is an alternative way of using it like making Zerotier bypass the VPN? I can provide all the necessary information and make tests, but for the moment I'm a little bit lost. Any help will be appreciate it, thanks in advance. For more information, IPV6 is not being used.
  18. Hi there, A couple of times I've been torrenting overnight & found in the morning that Eddie was off & my internet was not blocked. Which is cause for concern... So today I upgraded Eddie to 2.18.9 & for the first time installed Hummingbird (I use MX Linux running sysv init). I have IPv6 blocked at the GRUB kernel line (& /etc/hosts for all its worth) & via the Eddie GUI interface as well. I believe that due to IPv6 being blocked I get a Hummingbird warning as follows (taken from the Eddie System Report) when I start Eddie: . 2020.09.21 12:21:54 - Elevated: __Shell, stderr: RTNETLINK answers: Operation not supported W 2020.09.21 12:21:54 - Routes, add 2606:6080:1002:7:def:437f:f6fa:7759 for gateway fde6:7a:7d20:1402::1 failed: Exception: RTNETLINK answers: Operation not supported This error doesn't really bother me, what does, is that the Eddie tray icon remains grey due to this warning (I think that's why, as in my ignorance I can see no other problems when I read the system report). Is there a way to get that tray icon to function properly - display blue when it is connected & grey when not? As I find that to be such a quick visual validation of what is happening with Eddie/Hummingbird. I made a conky script to display my external IP on desktop 1. only. As that is where I want to see it. This is nowhere near as good as the tray icon, as it is only hidden when I watch a video. Thanks for your time.
  19. So, yesterday night I logged in on airvpn to check the remaining time of my subscription and I randomly navigated through the forums to see what's new. And to my surprise I found that Eddie is on 2.14.4 version, while the version I was using was 2.10. And this has troubled me ever since. Is there a reason why there isn't an autoupdate/check for updates feature on Eddie? To my knowledge, even the most basic/indie/FOSS programs have a "check for update" option implemented. I would like to know the reasoning behind this. Thank you!
  20. When will the Eddie app on Android be updated again?😤 The latest update is from June 2019.
  21. I cannot have eddie's netlock feature working in a qube in Qubes OS 4. When trying to enable it within eddie-ui, I get a pop-up "Exception: Unable to initialize iptable_filter module". The same with the cli: $ eddie-ui -cli -netlock (...) Activation of Network Lock - Linux iptables Exception: Unable to initialize iptable_filter module (...) This behavior was observed both in a Debian 10 qube and in a Fedora 32 qube. I don't get this error in a Debian 10 installed over bare metal. eddie ver. 2.18.9
  22. Lately I get a lot of "netsh" errors, cannot connect to several servers (Canada).
  23. Here is the stack trace log to this problem: http://dpaste.com/1J8JFNS Kernel: 4.15.0-43-generic x86_64 (64 bit gcc: 5.4.0) Desktop: MATE 1.18.0 (Gtk 3.18.9-1ubuntu3.3) info: mate-panel dm: lightdm Distro: Linux Mint 18.3 Sylvia I do not know exactly when this problem started, but it is easily reproduced by exiting the client, that's all. Eddie has always been a little moody on my my machine. For example, if I disconnected from my modem or just turned off my ethernet connection in Network Manager or elsewhere before eddie was finished quitting, Eddie would freeze during exit and I would check in top see that xorg or mono would be at 100% cpu. Only way to get past it would be to ctrl-alt-bkspace or reboot from the terminal. A little worried by what is actually happening when my system freezes in this way. The log mentions something about raise.c not being found. Should I go back to 2.16? Please advise. I will post a trouble ticket if necessary but I figured someone else out there might be having this happening too.
  24. Hello, As the title suggests, I'm having issues with Eddie for Win10. The software works like a charm, I never had any problem with it. The only issue, if this deserves this name, is that everytime I shut down the computer, I have to manually close Eddie. When trying to automatically shutdown, the system complains saying that this software is preventing Win10 from shutting down properly. So, is there any configuration or setting I should modify to shut it down cleanly and automatically when I shut down windows or is just another security measure to prevent leakings? Thank you
  25. Hello. I recently looked for the newest servers (In hopes of finding one not being blocked yet by VPN blocklists). Unfortunately the servers I saw recently added isn't on the list. I tried refreshing (With the button in the bottom right in the server list). I also tried changing "Servers list update every" to "Every minute". I also tried switching between Stable and Beta Update channels. Nu luck. One of the servers I can't find is: https://airvpn.org/servers/alruba/ I also attached a screenshot of the country list. The server I was looking for is in Estonia, which is not on the list. Any suggestions to what I can try?
×
×
  • Create New...