Search the Community
Showing results for tags 'bluetit'.
Found 7 results
-
I'm back again! I have a scenario where I have a server on my home network. This server is intended to run all its traffic except for LAN traffic through airvpn using bluetit. I also have a Wireguard server running on the gateway of said device. The server is on the 192.168.1.0/24 subnet, and remote hosts are allocated to the 192.168.2.0/24 subnet. I do not have the ability to change IP allocation, but the gateway routes packets between the subnets just fine. What I would like, is to be able to access this server from the remote subnet, with bluetit active just as if I were locally connected, but it seems to drop all packets. This happens even with network lock set to "off". E.g. when bluetit is active (with network lock on OR off) I cannot even ping (or ssh, or access web services on) 192.168.2.x -> 192.168.1.y, but with bluetit disabled I can. Question is then, is there a configuration option to fix this? If not, is there a workaround?
-
Hello, sometimes I leave my notebook idle for a while and when I come back I see my vpn connection stopped working. When that happens, I need to change to superuser and run /etc/init.d/bluetit restart Sometimes I do that while the webpages are still loading (which is the moment when I realize that airvpn disconnected). My question is: while I restart bluetit, is my web traffic leaking? (I have option networklockpersist = on) Thanks.
-
Debian 11, nftables v1.0.6, Bluetit 1.3.0. Hello all, I'm trying to add an nftables input rule. In my very limited understanding the standard way to do this would be add it into /etc/nftables.conf. Would that still work if using bluetit persistent network-lock feature? Based on a cursory look through bluetit's code it seems that bluetit flushes the nftable rules and then replaces them with a full working kill-switch configuration. That would prevent my input rule from taking effect, correct? If so, how do I go about adding my nftables rule in conjunction with bluetit's killswitch? My first thought was a small daemon to nft insert rule filter input ip saddr <badip> drop After bluetit has loaded on boot, but it occurs to me that should bluetit ever disable/enable network-lock then the rule would get overwritten. Thanks!
-
Hi, when using airvpn, I have troubles sending emails via the smtp server of my provider. I guess that the ip is rejected. Hence, I would like to exclude the ip of the smtp server. When I used the Eddie GUI, there was an option in the settings. Now I have switched to bluetit (on Linux). How and where can I exclude certain IPs? Many thanks!
-
Hi there, Long time hassle-free AirVPN user with a first troubleshooting request after switching from Eddie-UI to the Bluetit stack (love your work!) Looks as though the two processes are fighting for `/etc/resolv.conf` and causing issues with DNS. NetworkManager will rewrite the file on a Wi-Fi network change, causing loss of connectivity as local DNS is disallowed by the network lock. Can be worked around by stopping the Bluetit service, toggling Wi-Fi, then re-enabling; but this is tedious to repeat if the network is at marginal signal strength. Is there a way to configure NetworkManager not to mess with DNS? I think that would largely resolve the issue. But, in an ideal world I would be able to have NetworkManager still manage the DNS if Bluetit is not active so that I can still operate normally on local networks without routing through AirVPN if I choose to. Seems unlikely to be simple, but worth asking. Given that I am getting two warnings about DNS, I wonder if `systemd-resolved` could also be interfering and if there are other configuration steps I can take to ensure compatibility with it- ``` bluetit: WARNING: NetworkManager is running on this system and may interfere with DNS management and cause DNS leaks bluetit: WARNING: systemd-resolved is running on this system and may interfere with DNS management and cause DNS leaks ``` I also wonder whether use of Goldcrest could avoid some of these problems. Personally I have not understood the need for the utility and have been interacting with Bluetit directly via systemctl and `/etc/airvpn/bluetit.rc`. As far as I can tell, Goldcrest just moves configuration stuff out of the `.rc` file into CLI args?
-
I have three devices, all linux, running airvpn suite (specifically bluetit on boot through systemd). All three devices are connected simulatenously and, therefore, use separate keys. All are configured to connect on boot to country ISO: US. Infrequently, but often enough, these three devices will happen to connect to the same server (whether that be 2/3 or 3/3). This creates a mess out of my port forwards. Is there a simple solution to this issue? I was thinking of setting up the server whitelist so that no device could possibly connect to another devices server, but this solution seems tedious. Is this my only option? Any suggestions are appreciated, thanks!
-
Just started working on setting up vpn on a clean server using the new Airvpn Suite. Nice work. Seems like a more robust architecture that doesn't need the manual System-D fixes that using Hummingbird did. Everything seems to be working as advertised when using goldcrest from a terminal prompt but does not work as expected via rc.local using this invocation: goldcrest --air-connect --air-country canada --air-user <myairvpnusername> --air-password <myairvpnpassword> Curiously, when I execute /etc/rc.local from the prompt, it works, but when rc.local is invoked on boot it fails to allow my user login (see post-boot journal grepped for bluetit below). Since my use case is to have vpn come up when the host boots and stay on permanently from then on, I am kinda stuck. Any help appreciated. Or maybe there is an easier way that I am missing? Dec 30 20:26:34 osmc bluetit[204]: Starting Bluetit - AirVPN OpenVPN 3 Service 1.0.0 RC 1 - 22 December 2020 Dec 30 20:26:34 osmc bluetit[204]: OpenVPN core 3.6.6 AirVPN linux arm 32-bit Dec 30 20:26:34 osmc bluetit[204]: Copyright (C) 2012-2020 OpenVPN Inc. All rights reserved. Dec 30 20:26:34 osmc bluetit[241]: Bluetit daemon started with PID 241 Dec 30 20:26:34 osmc bluetit[241]: Successfully connected to D-Bus Dec 30 20:26:34 osmc bluetit[241]: Reading run control directives from file /etc/airvpn/bluetit.rc Dec 30 20:26:34 osmc bluetit[241]: IPv6 is not available in this system Dec 30 20:26:34 osmc bluetit[241]: System country set to ca by Bluetit policy. Dec 30 20:26:34 osmc bluetit[241]: Bluetit successfully initialized and ready Dec 30 20:26:35 osmc bluetit[241]: AirVPN Manifest updater thread started Dec 30 20:26:35 osmc bluetit[241]: AirVPN Manifest update interval is 15 minutes Dec 30 20:26:35 osmc bluetit[241]: Updating AirVPN Manifest Dec 30 20:26:35 osmc bluetit[241]: AirVPN Manifest successfully retrieved from server Dec 30 20:26:36 osmc bluetit[241]: Requested method "version" Dec 30 20:26:36 osmc bluetit[241]: Requested method "openvpn_info" Dec 30 20:26:36 osmc bluetit[241]: Requested method "bluetit_status -> Bluetit is ready" Dec 30 20:26:36 osmc bluetit[241]: Requested method "reset_bluetit_options -> Bluetit options successfully reset" Dec 30 20:26:36 osmc bluetit[241]: Requested method "set_options: --air-ipv6 -> off" Dec 30 20:26:36 osmc bluetit[241]: Requested method "set_options: --proto -> tcp" Dec 30 20:26:36 osmc bluetit[241]: Requested method "set_options: --air-connect" Dec 30 20:26:36 osmc bluetit[241]: Requested method "set_options: --air-country -> canada" Dec 30 20:26:36 osmc bluetit[241]: Requested method "set_options: --air-user -> **********" <=== correct output obscured here for security Dec 30 20:26:36 osmc bluetit[241]: Requested method "set_options: --air-password -> ************" Dec 30 20:26:36 osmc bluetit[241]: Requested method "airvpn_start_connection" Dec 30 20:26:36 osmc bluetit[241]: OpenVPN3 connection successfully started Dec 30 20:26:36 osmc bluetit[241]: Logging in AirVPN user ********** <==== correct but obscured here for security Dec 30 20:26:36 osmc bluetit[241]: AirVPN login error: Login error Dec 30 20:26:36 osmc bluetit[241]: ERROR: AirVPN login failed for user ******** <=== obsured here Dec 30 20:41:46 osmc bluetit[241]: Updating AirVPN Manifest