Jump to content
Not connected, Your IP: 54.226.4.91

Search the Community

Showing results for tags 'firewall'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • AirVPN
    • News and Announcement
    • How-To
    • Frequently asked questions
    • Databases
  • Community
    • General & Suggestions
    • Troubleshooting and Problems
    • Blocked websites warning
    • Eddie - AirVPN Client
    • Reviews
    • Other VPN competitors or features
    • No-Profit
    • Off-Topic
  • Other Projects
    • IP Leak
    • XMPP
    • Mirrors
    • Net Neutrality Monitor

Product Groups

  • AirVPN Access
  • Coupons
  • Misc

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Website URL


Twitter


Mastodon


AIM


MSN


ICQ


Yahoo


XMPP / Jabber


Skype


Location


Interests

Found 66 results

  1. Hi, I have written an alternative client for AirVPN that I would like to share with you. Just as Eddie, it supports other providers, too, as long as OpenVPN config files are provided. For AirVPN and Mullvad it offers a convenient update function that just requires you to enter your credentials in order to download the latest server configurations. Furthermore, it allows you to choose among the plethora of protocols offered by AirVPN (including OpenVPN over SSL/SSH) except the experimental ones (I might add support for those in the future, once they become available for all servers). Qomui (Qt OpenVPN management UI) as I have named it, is written in Python and PyQt and should run on any GNU/Linux distribution. It allows you to easily create double-hop connections. In other words, you can route your requests via two OpenVPN servers. This feature works provider-independent. For example, you could choose a Mullvad server for the first hop, and AirVPN for the second (I have successfully tested this with AirVPN, Mullvad and ProtonVPN). Thereby, it avoids a major downside of similar offers by some providers, namely the fact that if one provider controls all "hops" he or she could potentially still see, log or inspect all your traffic. In the latter case, you would gain little in terms of privacy. With the ability to "mix" providers, Qomui does not suffer from the same problem and hence offers some tangible benefits. Obviously, you would still have to sacrifice some speed/bandwith, though. Depending on your DE (looking at you, Gnome!), Qomui will also display a systray icon that shows the country of the server you are currently connected to. Additional features include protection against DNS leaks and a firewall that optionally blocks all outgoing network connections except for the OpenVPN server you have chosen. Since it is never recommended to run graphical applications as root, which is a major flaw of most OpenVPN clients, all commands that require root privileges are handled by a background service that can be controlled via systemd. The following screenshot gives you an idea of what Qomui looks like (on Arch/Arc Dark Theme). If you are interested, you can download Qomui from github: https://github.com/corrad1nho/qomui Of course, I'd be happy for any kind of feedback. If you find bugs or Qomui does not run properly or not at all on your machine, please let me know. I'm happy to help! At last, a big thank you to AirVPN and its amazing community. The fact that you rely more on explaining technical details than empty promises, has helped me to learn a lot. It is also one of the main reason why I chose AirVPN. Commendably, Eddie is also released as open-source software. Only Mullvad does that, too, to my knowledge. Why doesn't every provider do that? You are selling a service, not software! Why would I trust in proprietary software? Funnily, I have never really used Eddie, though, since I was accustomed to manually adding config files to NetworkManager as my first provider did not offer a GNU/Linux client. My interest in features such as OpenVPN over SSL made me look into more convenient solutions, though. Ultimately I decided to write my own program as I wanted to learn some Python and this provided a perfect practical challenge. I have actually used Qomui daily on multiple machines during the past few months and constantly tried to improve it. So I'd thought it'd be about to time to share it (it's an alpha release, though). Have a nice weekend! Corrado
  2. Since it is not very easy to use a VPN from countries like Iran a recorded a tutorial on how to use airvpn from these countries: https://usefulvid.com/bypass-the-persian-and-chinese-firewall-by-using-airvpn-with-ssl/ The videos are hosted on my website and on youtube. The reason is that it is not possible to access youtube from Iran. https://youtu.be/jl8I2-GQF94 It would be nice if you could share this with your friends in Iran, China, Turkey, Russia, UAE, Saudi Arabia and provide feedback if this method works. You can also download this video from my website to make it easier to share and spread the word. A video on how to use stunnel on android will follow and also published on this site. Update on 6.1.2018: The Video for Android is finally published: https://www.youtube.com/watch?v=zwf5JI6t0TI For all who suffer from youtube censorship this is the link for you: https://usefulvid.com/bypass-the-persian-and-chinese-firewall-by-using-airvpn-with-ssl/ Second Video on the page
  3. I understand that with the new Eddie version, the Comodo Firewall settings are no longer up to date. I am now getting a whole slew of errors (e.g., not connecting, IPv6 tunnel errors, connection loops, etc.). Instead of trying to fix the problem, I shut the entire firewall down and went back to the basic Windows 8.1 firewall on default settings. At least now airvpn is connecting. There used to be a sticky tutorial here on the AirVPN forums on how to configure Comodo Firewall with AirVPN, but I do not see it anymore (nor can I find it). Is it safe to assume that Comodo Firewall is no longer recommended by the admins? If it is still recommended, what is the recommended setup? Warm regards, Jopa
  4. Hello, Everything was working just fine till recently. Every time I boot up and connect to the AirVPN client, it is always unsuccessful. I check and found out the Windows 10 Firewall is on. When I turn it off, I can connect. When I look at Private Networks active networks, I see Linksys43709. I am guessing I have to add this as an exception - but don't see where. I can add apps (AirVPN-ICMP, AirVPN-In-Allow local, AirVPN-In-AllowVPN) Private networks have been select to be allowed. Settings for AirVPN. Right now I have the FW turned off so it works See attachments, please Help? Thanks, Mr. V
  5. Hi, I am getting several alert entries in my pfsense firewall. There are connections denied to 4 different TOR relays in the US, Switzerland, Germany and the Netherlands. I never had these entries before so I am a bit worried. Example: AirVPN_LAN Source: 192.168.1.xxx:476xx Destination:176.10.104.240:443 Any ideas?
  6. Hi, I would like to use AirVPN on my Android device but am concerned about leaking. I have seen some posts on here about using AfWall+ and was wondering if this is the best way to go. Android now also natively has a kind of Network Lock feature. But then there is also the boot leak (discussed here, along with providing a userinit script for droidwall to disable network connectivity during boot and also a script to prevent Google portal capture during wifi connection: https://blog.torproject.org/mission-impossible-hardening-android-security-and-privacy). My thinking is to use OpenVPN on the latest Lineage OS and would appreciate any assistance on the matter. Thank you.
  7. Hello all, I use a very restrictive firewall for Windows 7 known as TinyWall. I made it only allow programs I specifically let through it. The issue is I've allowed the AirVPN.exe executable through the firewall with no restrictions, but even so I'm not able to connect to a server until I disable the firewall. After I connect to a server, I can then reactivate the firewall. If I have the SSL protocol activated though, and I re-enable the firewall after connecting, it just disconnects from the server. If I let Eddie choose the protocol automatically, it doesn't disconnect after re-enabling the firewall. Judging from the attached screenshot of blocked processes by the firewall and Eddie's logs, it seems it's trying to connect to port 80? Though I'm not sure what exactly is trying to do so, since the executable is not shown. Any ideas? Thanks for any help. system log info.txt
  8. Hi, After I've forwarded the right port in AirVPN client area and put the right settings in qBittorrent, I finally get great speeds while connected to the VPN service. However, the speeds (for torrents), seem to fluctuate heavily between 0 and 200Mbit (my max speed). I have the feeling it is because of some setting or limit somewhere that high speeds cannot be sustained. Here is a screenshot of the Eddie speed: More info: - Using network lock - Using OS X 10.12.6 - Using an SSD - Using Asus AC-3200 router - Only using the utun3 network interface in qBittorrent - Used settings described here for qBittorrent - Disabled firewall on router - Looked for any settings in my router that might impede sustained speed like ICMP flood detection but cannot find those - Using port forwarding in client area Is this normal behaviour? I don't really mind it for the time being, as speed is much faster than before, however maybe I'm missing a setting that could prevent this?
  9. How do I do this on Windows Firewall? I couldn't find anything on this subject. Let's say that I forwarded port 10000 (TCP). I open Windows Firewall, choose to create a new rule for incoming connections, tick "TCP", type "10000"... and then what rule do I set for this port? That's where I get stuck.
  10. I've been having this problem for months now. I'm running Windows 7 and Windows 10 and use Bitdefender Internet Security on both machines. I want to be able to access certain websites outside of the VPN tunnel (so they see my real IP), but still force all other traffic through the VPN tunnel. To achieve this, I added the exceptions inside Eddie under Settings -> Routes. The problem is: they only work as long as I don't have network lock enabled. How do I know this? I'm testing these routes with sites like ipleak.net, doileak.com, ifconfig.co etc. As soon as I activate network lock, I can't access the sites I specified under "routes" anymore. I can ping them just fine, and run a traceroute command, but I can't access them inside any web browser. I also tried adding them under "allowed addresses" inside the "network lock" settings without any luck. I've been trying to solve this issue with staff for almost two months now, but without luck so far. It would be awesome if some of you could try to reproduce the same error, i.e. setting up these routes to see if you can access these sites while network lock is active. "Disclaimer": I'm using the "Windows Filtering Platform" method for network lock. (Which is the default method anyway as far as I'm aware) Everything is working just fine when I'm using the "Windows Firewall" method, even with network lock enabled. However, I don't want to rely on the Windows Firewall, so I'm using the firewall from Bitdefender Internet Security instead Any ideas or suggestions? Can any of you reproduce this same issue? Are any of you using another third party firewall that doesn't cause this issue? If so, which one? PS: Here are the IPs for some of the sites I used for testing so you can just copy and paste them if you want to test it for yourselves: 95.85.16.212 (ipleak.net) 62.243.70.171 (doileak.com) 188.113.88.193 (ifconfig.co)
  11. Hello everyone, I am TheDarkOnyx. That aside, I am facing problems with connecting with SSL to any server, for that matter. In my case, my school has a hefty firewall that has DPI recently, and it has been effective. I have since been using STunnel and I am using SSL port 28439, and oddly enough, it has been resetting connection by peer by almost every single server available except the Dheneb server. Is there something I should fix? Thanks.
  12. Hey, everyone: Not sure if this is the best place to post this or not, or if this is being discussed elsewhere; I tried to search for topics related to this, but couldn't find anything, so I figured I'd start my own. If it needs to be moved or is already being discussed, please change it, or let me know where I can find the information. I'm not really a fan of Windows 10 firewall, and was hoping there is now a way to use Network lock with Kaspersky firewall? I know a year or so ago, there wasn't really a way, but now I'm seeing something about "Windows Filtering Platform" to help with that? What is WFP? Is there a way to get Eddie and the Network Lock to work with Kaspersky? If so, how would I go about setting it up, and testing to make sure it's setup correctly? If not, how can I make sure that my Network Lock and Kaspersky aren't interfering with one another and are setup correctly? Thank you, Kevin
  13. Hello everyone, I would like to create rules in the Windows 7 firewall so the AirVPN Edie client can work properly. Right now I have to allow all outbound connections for the client to work, which is not that secure. I want to have my Windows 7 firewall block all inbound and outbound connections unless I make a rule which allows a connection. I tried to make new rules in the Windows 7 firewall which included the AirVPN client files located in C:\Program Files\AirVPN to allow the connections but this did not work. I am fairly new to making firewall rules and using a VPN, so I need a basic explanation how to do this. Any advice would be appreciated.
  14. Hi all, I have a little problem. I try to tell it with my terrible English. So i like to setup this VPN(airvpn client) >>> SOCKS PROXY>>> Browsers and others, virtual machines etc... (all socks traffic over vpn). The host os is linux.
  15. Hello, I've recently installed OpenVPN for Android (the open-source recommended choice) but I'm concerned about different issues. For instance, this app doesn't autostart at boot / reboot but has to be manually started. BTW Android uses wifi's previous state after reboot : when Wifi was "on" our real IP is visible until OpenVPN is manually started. When it crashes (it happens with the latest version) our real IP gets exposed too. I wonder if it could be possible to configure a firewall (AfWall+ or Droidwall) to block all the traffic excepting the one which transits through OpenVPN for both Wifi and data (3G/4G) ? These two apps are using iptables but I don't know how to write the custom rules matching my requirements. The help and knowledge of some computer savvy members would be appreciated. If it works we could maybe create a tutorial for the "How to" section of this forum ? I've collected several articles regarding Android and iptables but I've no idea how I could adapt all this for AirVPN .ovpn default config file (Europe). https://android.stackexchange.com/questions/14455/how-can-i-block-the-traffic-outside-the-vpn-even-if-the-vpn-is-down https://github.com/ukanth/afwall/wiki/Apps-leak-private-user-data-during-boot https://blog.torproject.org/blog/mission-impossible-hardening-android-security-and-privacy https://droidvpn.com/page/stopping-leaks-with-droidwall-when-using-droidvpn-8/ https://airvpn.org/faq/software_lock/ Any idea ? Thanks
  16. Hi, Long-time AirVPN user, I'm on a linux PC, using the ufw method described here: (https://airvpn.org/topic/5586-prevent-leaks-with-linux-firestarter-also-stop-traffic-when-vpn-drops/?p=14095). I would like to share this connection with other devices, having my PC serve as a kind of router. Assume I cannot modify my router or the other devices to natively use AirVPN. I have been able to create a wifi hotspot using an ethernet connection. However, my devices are unable to complete the connection until I disable the firewall. Obviously, this is not an acceptable solution as it will allow leaks and I was wondering if anyone here in the community could modify randombit and worric's method to allow hotspot usage.
  17. Hello all, I'm having issues Eddie - Network Lock at Windows startup. I have to manually turn off Windows Firewall every time Windows starts. I don't understand why it automatically turns on if Service is set to "Manual". Can you please tell me if you need any more info to understand the issue? Thanks.
  18. Hello, I have a question that maybe someone more knowledgeable can answer. I have a computer at home that runs airvpn client and a remote computer. I want to be able to connect from either computer to another one with ssh. Without airvpn client, everything works (obviously). If I run airvpn without network lock, I can ssh from home to remote (it goes via the AirVPN server) but not from remote to home. I tried to start airvpn with the parameter "routes.custom=my.remote.ip.addr,255.255.255.255,out" but it didn't help - the required route was not added to the routing table. However, that problem was easily solved: I added the route separately with "route add -host my.remote.ip.address gw 192.168.1.1" and all was well: ssh works from home to remote and from remote to home bypassing AirVPN as I want it to do. Now, I enable network lock. This time I need to add "allowed IP" parameter to be able to ssh from home to remote: ./airvpn -cli -connect -netlock -login=**** password=**** netlock.allowed_ips=my.remote.ip.addr But ssh from remote to home is blocked by the firewall. I can't find any airvpn parameter that can be used to create custom firewall rules. So I ended up with adding the required rule myself. Before: # iptables -L -v --line-numbers Chain INPUT (policy ACCEPT 0 packets, 0 bytes) num pkts bytes target prot opt in out source destination 1 177 16717 ACCEPT all -- lo any anywhere anywhere 2 0 0 ACCEPT all -- any any 255.255.255.255 anywhere 3 93 8963 ACCEPT all -- any any 192.168.0.0/16 192.168.0.0/16 4 26 4651 ACCEPT all -- any any 10.0.0.0/8 10.0.0.0/8 5 0 0 ACCEPT all -- any any 172.16.0.0/12 172.16.0.0/12 6 0 0 ACCEPT icmp -- any any anywhere anywhere icmp echo-request 7 1890 460K ACCEPT all -- any any anywhere anywhere state RELATED,ESTABLISHED 8 0 0 ACCEPT all -- tun+ any anywhere anywhere 9 6 502 DROP all -- any any anywhere anywhere Add the rule: iptables -t filter -I INPUT 9 -i eth0 -p tcp -s my.remote.ip.addr --dport 22 -j ACCEPT After: # iptables -L -v --line-numbers Chain INPUT (policy ACCEPT 0 packets, 0 bytes) num pkts bytes target prot opt in out source destination 1 182 17197 ACCEPT all -- lo any anywhere anywhere 2 0 0 ACCEPT all -- any any 255.255.255.255 anywhere 3 107 10296 ACCEPT all -- any any 192.168.0.0/16 192.168.0.0/16 4 41 6945 ACCEPT all -- any any 10.0.0.0/8 10.0.0.0/8 5 0 0 ACCEPT all -- any any 172.16.0.0/12 172.16.0.0/12 6 0 0 ACCEPT icmp -- any any anywhere anywhere icmp echo-request 7 1981 480K ACCEPT all -- any any anywhere anywhere state RELATED,ESTABLISHED 8 0 0 ACCEPT all -- tun+ any anywhere anywhere 9 0 0 ACCEPT tcp -- eth0 any my.remote.ip.addr anywhere tcp dpt:22 10 6 502 DROP all -- any any anywhere anywhere Now everything works again, but the question remains: what is the best way to achieve that ? In the worst case scenario, I can just start airvpn in the background, wait a minute or so and then run iptables with my additional rule. But that looks ugly. Can anyone think of a better way ? Maybe some "event.session..." or "event.vpn..." parameter will do the trick ? Thanks for any help.
  19. So I have software on my machine which i wish to block connection to the internet on. ​ ​ ​ ​ ​I have my machine set to boot up, run air vpn, air vpn automaticly activates network lock ( this is where the issue occurs ) , then air vpn connects to a whitelisted server. ​ ​ ​ ​Now the problem is that airvpn removes my blocked in and out traffic rules in my firewall for the software i wish to prevent from connecting to the internet at all. ​ ​ ​ ​ ​Is there a way to add rules that airvpn writes when it re configures the firewall settings
  20. hey guys, with ufw enabled, vpn connects but wget and web pages don't resolve: $uname -a Linux 4.4.0-38-generic #57-Ubuntu SMP Tue Sep 6 2016 x86_64 x86_64 x86_64 GNU/Linux $ufw reset $ufw allow out on wlp1s0 to 213.152.161.180 port 443 proto udp $ufw allow out on tun0 $ufw status verbose Status: active Logging: on (low) Default: deny (incoming), deny (outgoing), disabled (routed) New profiles: skip To Action From -- ------ ---- 213.152.161.180 443/udp ALLOW OUT Anywhere on wlp1s0 # NL-Alblasserdam_Alchiba_UDP-443.ovpn Anywhere ALLOW OUT Anywhere on tun0 # tun0 $openvpn --config ~/VPN/NL-Alblasserdam_Alchiba_UDP-443.ovpn Mon Oct 3 2016 OpenVPN 2.3.10 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Feb 2 2016 Mon Oct 3 2016 library versions: OpenSSL 1.0.2g 1 Mar 2016, LZO 2.08 Mon Oct 3 2016 Control Channel Authentication: tls-auth using INLINE static key file Mon Oct 3 2016 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Mon Oct 3 2016 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Mon Oct 3 2016 Socket Buffers: R=[212992->212992] S=[212992->212992] Mon Oct 3 2016 UDPv4 link local: [undef] Mon Oct 3 2016 UDPv4 link remote: [AF_INET]213.152.161.180:443 Mon Oct 3 2016 TLS: Initial packet from [AF_INET]213.152.161.180:443, sid=b2d0c912 4505e529 Mon Oct 3 2016 VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org Mon Oct 3 2016 Validating certificate key usage Mon Oct 3 2016 ++ Certificate has key usage 00a0, expects 00a0 Mon Oct 3 2016 VERIFY KU OK Mon Oct 3 2016 Validating certificate extended key usage Mon Oct 3 2016 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication Mon Oct 3 2016 VERIFY EKU OK Mon Oct 3 2016 VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=server, emailAddress=info@airvpn.org Mon Oct 3 2016 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key Mon Oct 3 2016 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Mon Oct 3 2016 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key Mon Oct 3 2016 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Mon Oct 3 2016 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 4096 bit RSA Mon Oct 3 2016 [server] Peer Connection Initiated with [AF_INET]213.152.161.180:443 Mon Oct 3 2016 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1) Mon Oct 3 2016 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 10.4.0.1,comp-lzo no,route-gateway 10.4.0.1,topology subnet,ping 10,ping-restart 60,ifconfig 10.4.48.174 255.255.0.0' Mon Oct 3 2016 OPTIONS IMPORT: timers and/or timeouts modified Mon Oct 3 2016 OPTIONS IMPORT: LZO parms modified Mon Oct 3 2016 OPTIONS IMPORT: --ifconfig/up options modified Mon Oct 3 2016 OPTIONS IMPORT: route options modified Mon Oct 3 2016 OPTIONS IMPORT: route-related options modified Mon Oct 3 2016 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified Mon Oct 3 2016 ROUTE_GATEWAY 10.42.0.1/255.255.255.0 IFACE=wlp1s0 HWADDR=xx:xx:xx:xx:xx:xx Mon Oct 3 2016 TUN/TAP device tun0 opened Mon Oct 3 2016 TUN/TAP TX queue length set to 100 Mon Oct 3 2016 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0 Mon Oct 3 2016 /sbin/ip link set dev tun0 up mtu 1500 Mon Oct 3 2016 /sbin/ip addr add dev tun0 10.4.48.174/16 broadcast 10.4.255.255 Mon Oct 3 2016 /sbin/ip route add 213.152.161.180/32 via 10.42.0.1 Mon Oct 3 2016 /sbin/ip route add 0.0.0.0/1 via 10.4.0.1 Mon Oct 3 2016 /sbin/ip route add 128.0.0.0/1 via 10.4.0.1 Mon Oct 3 2016 Initialization Sequence Completed $route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 10.4.0.1 128.0.0.0 UG 0 0 0 tun0 0.0.0.0 10.42.0.1 0.0.0.0 UG 600 0 0 wlp1s0 10.4.0.0 0.0.0.0 255.255.0.0 U 0 0 0 tun0 10.42.0.0 0.0.0.0 255.255.255.0 U 600 0 0 wlp1s0 128.0.0.0 10.4.0.1 128.0.0.0 UG 0 0 0 tun0 169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 wlp1s0 213.152.161.180 10.42.0.1 255.255.255.255 UGH 0 0 0 wlp1s0 $ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: wlp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000 link/ether xx:xx:xx:xx:xx:xx brd ff:ff:ff:ff:ff:ff inet 10.42.0.9/24 brd 10.42.0.255 scope global wlp1s0 valid_lft forever preferred_lft forever inet6 <removed>/64 scope link valid_lft forever preferred_lft forever 3: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN group default qlen 100 link/none inet 10.4.48.174/16 brd 10.4.255.255 scope global tun0 valid_lft forever preferred_lft forever inet6 <removed>/64 scope link flags 800 valid_lft forever preferred_lft forever i don't usually touch my iptables directly but here's the output: $iptables -L Chain INPUT (policy DROP) target prot opt source destination ufw-before-logging-input all -- anywhere anywhere ufw-before-input all -- anywhere anywhere ufw-after-input all -- anywhere anywhere ufw-after-logging-input all -- anywhere anywhere ufw-reject-input all -- anywhere anywhere ufw-track-input all -- anywhere anywhere Chain FORWARD (policy DROP) target prot opt source destination ufw-before-logging-forward all -- anywhere anywhere ufw-before-forward all -- anywhere anywhere ufw-after-forward all -- anywhere anywhere ufw-after-logging-forward all -- anywhere anywhere ufw-reject-forward all -- anywhere anywhere ufw-track-forward all -- anywhere anywhere Chain OUTPUT (policy DROP) target prot opt source destination ufw-before-logging-output all -- anywhere anywhere ufw-before-output all -- anywhere anywhere ufw-after-output all -- anywhere anywhere ufw-after-logging-output all -- anywhere anywhere ufw-reject-output all -- anywhere anywhere ufw-track-output all -- anywhere anywhere Chain ufw-after-forward (1 references) target prot opt source destination Chain ufw-after-input (1 references) target prot opt source destination ufw-skip-to-policy-input udp -- anywhere anywhere udp dpt:netbios-ns ufw-skip-to-policy-input udp -- anywhere anywhere udp dpt:netbios-dgm ufw-skip-to-policy-input tcp -- anywhere anywhere tcp dpt:netbios-ssn ufw-skip-to-policy-input tcp -- anywhere anywhere tcp dpt:microsoft-ds ufw-skip-to-policy-input udp -- anywhere anywhere udp dpt:bootps ufw-skip-to-policy-input udp -- anywhere anywhere udp dpt:bootpc ufw-skip-to-policy-input all -- anywhere anywhere ADDRTYPE match dst-type BROADCAST Chain ufw-after-logging-forward (1 references) target prot opt source destination LOG all -- anywhere anywhere limit: avg 3/min burst 10 LOG level warning prefix "[UFW BLOCK] " Chain ufw-after-logging-input (1 references) target prot opt source destination LOG all -- anywhere anywhere limit: avg 3/min burst 10 LOG level warning prefix "[UFW BLOCK] " Chain ufw-after-logging-output (1 references) target prot opt source destination LOG all -- anywhere anywhere limit: avg 3/min burst 10 LOG level warning prefix "[UFW BLOCK] " Chain ufw-after-output (1 references) target prot opt source destination Chain ufw-before-forward (1 references) target prot opt source destination ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED ACCEPT icmp -- anywhere anywhere icmp destination-unreachable ACCEPT icmp -- anywhere anywhere icmp source-quench ACCEPT icmp -- anywhere anywhere icmp time-exceeded ACCEPT icmp -- anywhere anywhere icmp parameter-problem ACCEPT icmp -- anywhere anywhere icmp echo-request ufw-user-forward all -- anywhere anywhere Chain ufw-before-input (1 references) target prot opt source destination ACCEPT all -- anywhere anywhere ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED ufw-logging-deny all -- anywhere anywhere ctstate INVALID DROP all -- anywhere anywhere ctstate INVALID ACCEPT icmp -- anywhere anywhere icmp destination-unreachable ACCEPT icmp -- anywhere anywhere icmp source-quench ACCEPT icmp -- anywhere anywhere icmp time-exceeded ACCEPT icmp -- anywhere anywhere icmp parameter-problem ACCEPT icmp -- anywhere anywhere icmp echo-request ACCEPT udp -- anywhere anywhere udp spt:bootps dpt:bootpc ufw-not-local all -- anywhere anywhere ACCEPT udp -- anywhere 224.0.0.251 udp dpt:mdns ACCEPT udp -- anywhere 239.255.255.250 udp dpt:1900 ufw-user-input all -- anywhere anywhere Chain ufw-before-logging-forward (1 references) target prot opt source destination Chain ufw-before-logging-input (1 references) target prot opt source destination Chain ufw-before-logging-output (1 references) target prot opt source destination Chain ufw-before-output (1 references) target prot opt source destination ACCEPT all -- anywhere anywhere ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED ufw-user-output all -- anywhere anywhere Chain ufw-logging-allow (0 references) target prot opt source destination LOG all -- anywhere anywhere limit: avg 3/min burst 10 LOG level warning prefix "[UFW ALLOW] " Chain ufw-logging-deny (2 references) target prot opt source destination RETURN all -- anywhere anywhere ctstate INVALID limit: avg 3/min burst 10 LOG all -- anywhere anywhere limit: avg 3/min burst 10 LOG level warning prefix "[UFW BLOCK] " Chain ufw-not-local (1 references) target prot opt source destination RETURN all -- anywhere anywhere ADDRTYPE match dst-type LOCAL RETURN all -- anywhere anywhere ADDRTYPE match dst-type MULTICAST RETURN all -- anywhere anywhere ADDRTYPE match dst-type BROADCAST ufw-logging-deny all -- anywhere anywhere limit: avg 3/min burst 10 DROP all -- anywhere anywhere Chain ufw-reject-forward (1 references) target prot opt source destination Chain ufw-reject-input (1 references) target prot opt source destination Chain ufw-reject-output (1 references) target prot opt source destination Chain ufw-skip-to-policy-forward (0 references) target prot opt source destination DROP all -- anywhere anywhere Chain ufw-skip-to-policy-input (7 references) target prot opt source destination DROP all -- anywhere anywhere Chain ufw-skip-to-policy-output (0 references) target prot opt source destination DROP all -- anywhere anywhere Chain ufw-track-forward (1 references) target prot opt source destination Chain ufw-track-input (1 references) target prot opt source destination Chain ufw-track-output (1 references) target prot opt source destination Chain ufw-user-forward (1 references) target prot opt source destination Chain ufw-user-input (1 references) target prot opt source destination Chain ufw-user-limit (0 references) target prot opt source destination LOG all -- anywhere anywhere limit: avg 3/min burst 5 LOG level warning prefix "[UFW LIMIT BLOCK] " REJECT all -- anywhere anywhere reject-with icmp-port-unreachable Chain ufw-user-limit-accept (0 references) target prot opt source destination ACCEPT all -- anywhere anywhere Chain ufw-user-logging-forward (0 references) target prot opt source destination Chain ufw-user-logging-input (0 references) target prot opt source destination Chain ufw-user-logging-output (0 references) target prot opt source destination Chain ufw-user-output (1 references) target prot opt source destination ACCEPT udp -- anywhere 213.152.161.180 udp dpt:https ACCEPT all -- anywhere anywhere any help would be great. let me know if you need anymore info.
  21. Hello, I have this problem which is not going away since I installed Eddie. It occurs with stable Eddie 2.10 and the new 2.11.3 beta. Installed new windows 10 x64, no anti-virus software whatsoever, only windows firewall and windows defender (I somehow can't deactive windows defender) I did not changed windows firewall settings. The mainboard got only 1 ethernet port. Router is working with no errors. I did not configure the router - just installed and it worked 100%. Cut to the chase: Case 1: - My internet connection is only working, when Eddie is running and I'm connected to an airvpn-server. Whether Windows firewall is running or not, doesn't matter. Whether network lock is enabled/disabled doesn't matter. With this, I can do everything: browse internet, listen to internet radio stream, play online games. http://www.pic-upload.de/view-31678207/working.png.html Case 2: - Eddie is running but not connected to an airvpn server, network lock is deactivated; windows firewall enabled/disabled The tap-windows-adapter V9, which was installed during the Eddie installation, is disconnected (windows diagnosis: Ethernet cable is not connected). I can't browse website, listen to internet radio BUT I can play my online game unreal tournament 2004. Peculiar: I can't browse or whatsoever, BUT whenever I try to load a website, the orange mainboard LED (ethernet port) begins to blink - this means it's up and working. The green LED is always on, indicating that the hardware is working. http://www.pic-upload.de/view-31678297/notworking.png.html Case 3: - Eddie is closed, windows firewall enabled/disabled. Same result as in case 2, except again: UT2k4. Eddie is starting with windows. Even when I disable autostart and windows starts without eddie, I get same result as in case 2/3. As I already mentioned, there is one strange exception: it's the online game I play, u2k4. In case 2/3, I start the game, I go to the ingame tab "Servers" and the game is showing me the ut2004-servers, up and running, so I can connect to them and play online. But the even strager thing is: case 2/3 with network locked disabled (ofc. I need to disable network lock when Eddie is up and running, or else every traffic would got blocked). I start the game, go to "Join Game" and the "news feed" is showing me that the game can't connect to the "UT2k4 Master Server" -> "Querying Master Server: The UT2004 master server could not be reached. Please try again later." This normally means that I'm offline and can't connect, but as already mentioned: In the other tab, servers are shown to me and I can play online. So I thought that windows firewall/eddie set up some strange internet connection rules. I checked the windows firewall setting and reseted them to the default settings, but nothing changed. I checked HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules, there are ~100 registry keys. But as mentioned: I did not change anything. I think this is not how this Eddie is supposed to work. thanks in advance
  22. A maybe quick and probably elementary question: In a Linux Mint Virtualbox installation running Eddie with Network Lock active, do I need to/should I have any additional firewall going?
  23. My hardward/firmware: Router ModelLinksys WRT 1200AC Firmware VersionDD-WRT v3.0-r28788 std (01/13/16)Kernel VersionLinux 3.18.25 #59 SMP Mon Jan 11 11:48:34 CET 2016 armv7l My goal: To open ports 8000 and 8001 on my router to allow shoutcast server to livestream from static ip 192.168.10.172 on the network. Hi, After reading https://airvpn.org/external_link/?url=https%3A%2F%2Fwww.dd-wrt.com%2Fwiki%2Findex.php%2FIptables_command%23Port_Forwarding_to_a_specific_LAN_IP and also being told that the GUI interface only forwards from WAN to LAN and not from TUN to LAN... it seems this is my last obstacle to streaming with Shoutcast. I still haven't been able to get IPTABLES to work for me yet. I tried different variations of the commands, but nothing worked for me... then I didn't know if I was putting the right information into the variables. Has anyone with this or similar dd-wrt set up successfully added open ports to your router firewall using IPTABLES? If so, can I see how your commands look? Currently, all I have for my firewall commands are, Firewall iptables -I FORWARD -i br0 -o tun0 -j ACCEPT iptables -I FORWARD -i tun0 -o br0 -j ACCEPT iptables -I INPUT -i tun0 -j REJECT iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE What else should be there to open port 8000 and 8001 to the static IP listed above? Thanks for any help and directions.
  24. I've been trying to set my plex server up on a windows machine to be visible outside my network. I've tried port forwards on the client page, the airVPN-configured router, and through the windows firewall. What am I missing to make plex visible through the VPN? note: I have another non-VPN router which allows the plex server out... but I want to keep the windows machine on the VPN router all the time. Any suggestions?
  25. Hello everybody, i suscribed few days ago to airvpn and i'm looking for a solution to make an "ip binding" system to prevent connection to internet when the VPN is offline. The point is that i read a lot of informations about the network locker and windows firewall, but i only have Gdata firewall (i don't know if it's good to launch two firewalls at the same time...) I don't really have a brillant computering knowledge si i'm kind of lost with all theses procedures. can you help me with this ? I specially want ipbinding when i'm using utorrent, to avoid data sharing when my public IP can me seen by everybody.. thank you a lot
×
×
  • Create New...