Search the Community

I will be testing it on Xbian today since I have the same use case, but find that with proper resource management I can have my RPi 2 do double duty as a Deluge box and a mediacentre. I would actually prefer to bring things up using eddie-cli automatically at boot without user intervention, preferably as a service or alternately via rc.local. Almost there, after hours of struggling because I was trying to run eddie-cli as superuser, in my eddie-cli upstart configuration (Yay - no systemd!). Now that I am not, I get this, though: # /etc/rc.local . 2021.01.27 08:37:47 - Eddie version: 2.19.7 / linux_armv7l, System: Linux, Name: XBian GNU/Linux 10 \n \l, Version: Linux xbian 4.19.90+ #1 SMP PREEMPT Wed Dec 18 20:39:10 CET 2019 armv7l GNU/Linux, Mono/.Net: 5.18.0.240 (Debian 5.18.0.240+dfsg-3 Wed Apr 17 18:28:16 UTC 2019); Framework: v4.0.30319 . 2021.01.27 08:37:48 - Command line arguments (7): path.resources="/usr/share/eddie-cli" path.exec="/usr/bin/eddie-cli" netlock="True" login="airvpnclient" password="My.cat.has.pings." server="Rotanev" connect="True" . 2021.01.27 08:37:48 - Raise system privileges sudo: no tty present and no askpass program specified F 2021.01.27 08:37:48 - Unable to obtain elevated privileges (required): Unable to start (already exit) . 2021.01.27 08:37:48 - Shutdown in progress . 2021.01.27 08:37:48 - Shutdown complete ... Also, the script should work on this Debian based box since firewalld exists: root@xbian:/home/xbian# whereis firewalld firewalld: /usr/local/lib/firewalld

Hello, after I posted some suggestions for Eddie's CLI version in this thread and received some helpful information there, I set out to write my own little interface in bash for it to implement the suggestions. Being no programmer it turned out to be quite a project for me, and I would like to share it here in case anybody else prefers to run Eddie in the terminal rather than as a full GUI application. This script still uses Eddie itself, it's just a wrapper to make it as easy to use in the command line as it is as a desktop application. Screenshots are attached. Some features and advantages: uses less resources (top shows usually 0.3% CPU usage compared to 4-5% for the desktop version) can be exited without disconnecting interactive, sortable server list option to connect to another VPN with openconnect (since I need to do that from time to time, but it should be easy to add other connection methods as well) option to lock down the system's network traffic by default, so even without Eddie running with its own network lock there will be no leaks What to watch out for: The default network lock works with direct rules in firewalld because I'm using Fedora. It should be easy to change it to use iptables directly on other distributions since firewalld's direct rules are just a way to directly manipulate iptables. Once activated, the lock will stay in place until manually deactivated (also surviving reboots), so no internet connection will be possible unless connected to AirVPN or other whitelisted VPNs. AirVPN's network lock overwrites the default network lock, so there will be no interference. Check your /etc/resolv.conf file while not running Eddie (because Eddie's network lock replaces that file temporarily) to make sure your router is not set as a nameserver (so no 192.168... address). Some routers will push themselves on that list by DHCP whenever you connect to their network. Since communication with the router is allowed in the lock rules, DNS requests will be handled by the router and sent to whatever DNS server is configured there even when network traffic should be blocked. There are ways to prevent that file from being changed by DHCP, best configure network manager for that if you use it. To connect to other VPNs, their IPs must be whitelisted and DNS requests for their domains must be allowed in the default network lock rules. The rules for airvpn.org can be copied and adjusted. I haven't yet included an option to pass command line arguments to Eddie. So if you need to set more advanced options like black-/whitelists, use of certain protocols etc., you need to set them manually in the connect_server function. All the possible options can be found in 'man eddie-ui'. You need to insert your own API key in line 5. It can be found in your account under Client Area -> API. Without this, connections will still work, but user info and connection status in the main window will not be properly updated. I tried to only use basic system tools. The script relies mostly on dialog, awk and curl (and firewalld as described and openconnect if needed), so it should work on most systems, but I'm not sure. And, lastly, VERY IMPORTANT: As I said, I'm no programmer and new to this, so even though I tried my best to make this script secure and error free, there might very well be some bad practice, never-ever-do-this mistakes or other hiccups in there. It works well for me, but better check it yourself. Feel free to use this as you wish, I hope someone can benefit from this. I'm happy about any improvements and corrections and will update this if I find the time. UPDATE: A new version which uses Hummingbird and has been improved in many aspects (including automatic connection at boot) can be found here. #!/bin/bash # an interactive shell script to control the command line version of the AirVPN Eddie client and openconnect more comfortably PROFILE_PATH="$HOME/.airvpn/default.xml" API_KEY="<your api key>" DIALOG_OK=0 DIALOG_CANCEL=1 DIALOG_EXTRA=3 DIALOG_ESC=255 HEIGHT=0 WIDTH=0 BACKTITLE="VPN Control" FORMAT="text" URL="https://airvpn.org/api/" PID=$$ function check_sudo { # check if user has sudo privileges sudo -vn &> /dev/null # gain sudo privileges for commands that need it (better than running everything with sudo) if [ $? = "1" ] then unset EXIT_STATUS_SUDO PASS_PROMPT="Establishing VPN connections and changing network traffic rules requires root privileges. Please enter your password:" until [ "$EXIT_STATUS_SUDO" = "0" ] do dialog \ --backtitle "$BACKTITLE" \ --title "Password Needed" \ --output-fd 1 \ --insecure \ --passwordbox "$PASS_PROMPT" 11 35 | xargs printf '%s\n' | sudo -Svp '' &> /dev/null EXIT_STATUS_PIPE=( "${PIPESTATUS[@]}" ) EXIT_STATUS_DIALOG="${EXIT_STATUS_PIPE[0]}" EXIT_STATUS_SUDO="${EXIT_STATUS_PIPE[2]}" EXIT_SUDO_TEST="${EXIT_STATUS_PIPE[2]}" PASS_PROMPT="The password you entered is incorrect. Please try again:" case $EXIT_STATUS_DIALOG in $DIALOG_CANCEL|$DIALOG_ESC) return 1 ;; esac done # keep sudo permission until script exits or permissions are revoked (e.g. when computer goes to sleep) while [ "$EXIT_SUDO_TEST" = "0" ]; do sudo -vn; EXIT_SUDO_TEST=$?; sleep 60; kill -0 "$PID" || exit; done &> /dev/null & fi return 0 } function get_list { SERVICE_NAME="status" ARGS="{ \"format\":\"$FORMAT\", \"service\":\"$SERVICE_NAME\" }" timeout --signal=SIGINT 10 curl -s -d "$ARGS" -X POST "$URL" > "/tmp/.eddie_server_list.txt" } function sort_list { # pipe server status list to awk, filter out unnecessary stuff, # combine lines that relate to same server into single lines which are saved as array, # loop through array to format info, # print array and sort according to options, # add numbers to list for menu LIST=$(awk -F '[.]' \ 'BEGIN{OFS=";"} \ /^servers/ && !/ip_/ && !/country_code/ {c=$2; \ if (c in servers) servers[c]=servers[c] OFS $3; \ else servers[c]=$3; \ for (k in servers) gsub(/;bw=/, " :", servers[k]); \ for (k in servers) gsub(/;bw_max=/, "/", servers[k]); \ for (k in servers) gsub(/;currentload=/, " :", servers[k]); \ for (k in servers) gsub(/;health=/, "%:", servers[k]); \ for (k in servers) gsub(/;.*=/, ":", servers[k]); \ for (k in servers) gsub(/^.*=/, "", servers[k])} \ END{ \ for (c in servers) print servers[c]}' "/tmp/.eddie_server_list.txt" | sort -t ":" $1 | awk -F '[;]' 'BEGIN{OFS=":"} {print v++";"$1}') } function get_userinfo { SERVICE_NAME="userinfo" ARGS="{ \"format\":\"$FORMAT\", \"service\":\"$SERVICE_NAME\", \"key\":\"$API_KEY\" }" # filter specific lines, save values to variables after protecting whitespace read U_LOGIN U_EXP U_CONNECTED U_DEVICE U_SERVER_NAME U_SERVER_COUNTRY U_SERVER_LOCATION U_TIME <<< $( \ timeout --signal=SIGINT 10 curl -s -d "$ARGS" -X POST "$URL" | \ awk -F '[=]' \ 'BEGIN{ORS=";"} \ /^user.login|^user.expiration_days|^user.connected|^sessions.*device_name|^connection.server_name|^connection.server_country=|^connection.server_location|^connection.connected_since_date/ \ {print $2}' | \ sed 's/\ /\\\ /g' | sed 's/;/\ /g' \ ) if [ "$U_CONNECTED" = "1" ] then U_CONNECTED="connected" U_SERVER_FULL="$U_SERVER_NAME ($U_SERVER_LOCATION, $U_SERVER_COUNTRY)" U_TIME=$(date -d "$U_TIME UTC" +"%m/%d/%Y %H:%M:%S") else U_CONNECTED="not connected" U_SERVER_FULL="--" U_TIME="--" fi } function connect_server { if [ "$KILLED" = "true" ] then # create pipes to process status of client if [ ! -p "/tmp/.eddie_fifo1" ] then mkfifo "/tmp/.eddie_fifo1" fi if [ ! -p "/tmp/.eddie_fifo2" ] then mkfifo "/tmp/.eddie_fifo2" fi # run eddie in background and detached from current window, pipe output to named pipe (sudo eddie-ui --cli --netlock --connect --server="$1" --profile="$PROFILE_PATH" | tee "/tmp/.eddie_fifo2" &> "/tmp/.eddie_fifo1" &) cat "/tmp/.eddie_fifo2" | dialog --backtitle "$BACKTITLE" --title "Connecting to AirVPN..." --progressbox 20 80 & timeout --signal=SIGINT 60 grep -q -m 1 "Initialization Sequence Completed" "/tmp/.eddie_fifo1" INIT_EXIT=$? pkill -f cat.*eddie_fifo2 if [ $INIT_EXIT = "0" ] then get_userinfo else U_CONNECTED="error during connection attempt" U_SERVER_FULL="--" U_TIME="--" fi else U_CONNECTED="error during disconnection" U_SERVER_FULL="--" U_TIME="--" fi } function disconnect_server { # check for running instance of eddie pgrep -f mono.*eddie-ui &> /dev/null if [ $? = 0 ] then # kill process and wait for confirmation from process output if [ -p "/tmp/.eddie_fifo1" -a -p "/tmp/.eddie_fifo2" ] then sudo pkill -2 -f mono.*eddie-ui & cat "/tmp/.eddie_fifo1" | dialog --backtitle "$BACKTITLE" --title "Disconnecting AirVPN..." --progressbox 20 80 & timeout --signal=SIGINT 10 grep -q -m 1 "Shutdown complete" "/tmp/.eddie_fifo2" else # in case connection was started without this script sudo pkill -2 -f mono.*eddie-ui sleep 5 fi # give some time to completely close process, without sleep it's too early for new connection sleep 3 pgrep -f mono.*eddie-ui &> /dev/null if [ $? = 1 ] then KILLED1="true" else KILLED1="false" fi else KILLED1="true" fi # check for running instance of openconnect pgrep -f "openconnect.*--" &> /dev/null if [ $? = 0 ] then sudo pkill -2 -f "openconnect.*--" sleep 1 pgrep -f "openconnect.*--" &> /dev/null if [ $? = 1 ] then KILLED2="true" # somehow openconnect doesn't receive SIGINT and shuts down improperly, # so vpnc can't restore resolv.conf by itself sudo cp "/var/run/vpnc/resolv.conf-backup" "/etc/resolv.conf" else KILLED2="false" fi else KILLED2="true" fi if [ "$KILLED1" = "true" -a "$KILLED2" = "true" ] then KILLED="true" else KILLED="false" fi } function define_lock { if [ "$1" = "activate" ] then GAUGE_TITLE="Activating Network Lock" RULE_ACTION="add-rule" elif [ "$1" = "deactivate" ] then GAUGE_TITLE="Deactivating Network Lock" RULE_ACTION="remove-rule" else return 1 fi GAUGE_BODY="$1" IPRULES=(\ #allow loopback "sudo firewall-cmd --direct --permanent --$RULE_ACTION ipv4 filter INPUT 0 -i lo -j ACCEPT" \ "sudo firewall-cmd --direct --permanent --$RULE_ACTION ipv4 filter OUTPUT 0 -o lo -j ACCEPT" \ #allow lan (out) and broadcasting/dhcp "sudo firewall-cmd --direct --permanent --$RULE_ACTION ipv4 filter OUTPUT 0 -s 192.168.0.0/16 -d 192.168.0.0/16 -j ACCEPT" \ "sudo firewall-cmd --direct --permanent --$RULE_ACTION ipv4 filter INPUT 0 -s 255.255.255.255 -j ACCEPT" \ "sudo firewall-cmd --direct --permanent --$RULE_ACTION ipv4 filter OUTPUT 0 -d 255.255.255.255 -j ACCEPT" \ # allow tun device to communicate (so any VPN connection should be possible, also without Air, but respective DNS requests must be allowed) "sudo firewall-cmd --direct --permanent --$RULE_ACTION ipv4 filter FORWARD 0 -o tun+ -j ACCEPT" \ "sudo firewall-cmd --direct --permanent --$RULE_ACTION ipv4 filter FORWARD 0 -i tun+ -j ACCEPT" \ "sudo firewall-cmd --direct --permanent --$RULE_ACTION ipv4 filter OUTPUT 998 -o tun+ -j ACCEPT" \ # optional masquerade rule (NAT/ports) "sudo firewall-cmd --direct --permanent --$RULE_ACTION ipv4 nat POSTROUTING 0 -o tun+ -j MASQUERADE" \ # allow ipv4 only to airvpn.org for status update # allow DNS query to resolve hostname (hex string reads "06 airvpn 03 org" - numbers are counting bits), # restrict packet length to length of this specific request package (might change?) to avoid hijacking # of query (very unlikely I guess, but who cares if we're already being paranoid for the fun of it), # whitelist destination IP for TCP handshake "sudo firewall-cmd --direct --permanent --$RULE_ACTION ipv4 filter OUTPUT 1 -p udp --dport 53 -m string --hex-string '|06 61697276706e 03 6f7267|' --algo bm -m length --length 0:126 -m recent --set -j ACCEPT" \ "sudo firewall-cmd --direct --permanent --$RULE_ACTION ipv4 filter OUTPUT 1 -p tcp --dport 53 -m string --hex-string '|06 61697276706e 03 6f7267|' --algo bm -m length --length 0:126 -m recent --set -j ACCEPT" \ # add rules for other domains you wish to allow DNS requests to here (packet length can be determined with e.g. wireshark) and adjust array index # # allow SYN request to whitelisted IP to initiate handshake, remove IP from whitelist "sudo firewall-cmd --direct --permanent --$RULE_ACTION ipv4 filter OUTPUT 1 -p tcp --syn --dport 53 -m recent --remove -j ACCEPT" \ # allow outgoing connection to Air's IP "sudo firewall-cmd --direct --permanent --$RULE_ACTION ipv4 filter OUTPUT 1 -d 5.196.64.52 -j ACCEPT" \ # add rules for other IPs you wish to allow connections to here # # allow communication "sudo firewall-cmd --direct --permanent --$RULE_ACTION ipv4 filter INPUT 1 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT" \ # drop outgoing ipv4 (if not specifically allowed by other rules) "sudo firewall-cmd --direct --permanent --$RULE_ACTION ipv4 filter OUTPUT 999 -j DROP" \ # block incoming ipv4 "sudo firewall-cmd --direct --permanent --$RULE_ACTION ipv4 filter INPUT 999 -j DROP" \ # drop all ipv6 "sudo firewall-cmd --direct --permanent --$RULE_ACTION ipv6 filter OUTPUT 0 -j DROP" \ "sudo firewall-cmd --direct --permanent --$RULE_ACTION ipv6 filter INPUT 0 -j DROP" \ # reload and restart firewalld to activate permanent rule changes "sudo firewall-cmd --reload" \ "sudo systemctl restart firewalld"\ ) toggle_lock } function toggle_lock { PERCENTAGE_STEP=$(awk -v rules="${#IPRULES[@]}" 'BEGIN {print 100/rules}') PERCENTAGE=0 COUNTER=0 # initial window dialog --backtitle "$BACKTITLE" \ --title "$GAUGE_TITLE" \ --mixedgauge "Applying iptable rules to $GAUGE_BODY the default network lock..." 35 80 "$(awk -v per="$PERCENTAGE" 'BEGIN {printf "%.0f", per}')" \ "Allow Loopback IN" "${RESULT[0]}" \ "Allow Loopback OUT" "${RESULT[1]}" \ "Allow LAN OUT" "${RESULT[2]}" \ "Allow DHCP IN" "${RESULT[3]}" \ "Allow DHCP OUT" "${RESULT[4]}" \ "Allow tun out FORWARD" "${RESULT[5]}" \ "Allow tun in FORWARD" "${RESULT[6]}" \ "Allow tun out OUT" "${RESULT[7]}" \ "tun masquerade" "${RESULT[8]}" \ "Allow DNS via UDP to airvpn.org" "${RESULT[9]}" \ "Allow DNS via TCP to airvpn.org" "${RESULT[10]}" \ "Allow connection initiation" "${RESULT[11]}" \ "Allow traffic to airvpn.org" "${RESULT[12]}" \ "Allow established connections" "${RESULT[13]}" \ "Block IPv4 OUT" "${RESULT[14]}" \ "Block IPv4 IN" "${RESULT[15]}" \ "Block IPv6 OUT" "${RESULT[16]}" \ "Block IPv6 IN" "${RESULT[17]}" \ "activate changes" "${RESULT[18]}" \ "restart firewalld" "${RESULT[19]}" for i in "${IPRULES[@]}" do RESULT["$COUNTER"]=$(eval $i) (( COUNTER++ )) PERCENTAGE=$(awk -v per="$PERCENTAGE" -v per_step="$PERCENTAGE_STEP" 'BEGIN {print per+per_step}') # progress window dialog --backtitle "$BACKTITLE" \ --title "$GAUGE_TITLE" \ --mixedgauge "Applying iptable rules to $GAUGE_BODY the default network lock..." 35 80 "$(awk -v per="$PERCENTAGE" 'BEGIN {printf "%.0f", per}')" \ "Allow Loopback IN" "${RESULT[0]}" \ "Allow Loopback OUT" "${RESULT[1]}" \ "Allow LAN OUT" "${RESULT[2]}" \ "Allow DHCP IN" "${RESULT[3]}" \ "Allow DHCP OUT" "${RESULT[4]}" \ "Allow tun out FORWARD" "${RESULT[5]}" \ "Allow tun in FORWARD" "${RESULT[6]}" \ "Allow tun out OUT" "${RESULT[7]}" \ "tun masquerade" "${RESULT[8]}" \ "Allow DNS via UDP to airvpn.org" "${RESULT[9]}" \ "Allow DNS via TCP to airvpn.org" "${RESULT[10]}" \ "Allow connection initiation" "${RESULT[11]}" \ "Allow traffic to airvpn.org" "${RESULT[12]}" \ "Allow established connections" "${RESULT[13]}" \ "Block IPv4 OUT" "${RESULT[14]}" \ "Block IPv4 IN" "${RESULT[15]}" \ "Block IPv6 OUT" "${RESULT[16]}" \ "Block IPv6 IN" "${RESULT[17]}" \ "activate changes" "${RESULT[18]}" \ "restart firewalld" "${RESULT[19]}" done # final window to show results dialog --backtitle "$BACKTITLE" \ --title "$GAUGE_TITLE" \ --mixedgauge "Applying iptable rules to $GAUGE_BODY the default network lock..." 35 80 "$(awk -v per="$PERCENTAGE" 'BEGIN {printf "%.0f", per}')" \ "Allow Loopback IN" "${RESULT[0]}" \ "Allow Loopback OUT" "${RESULT[1]}" \ "Allow LAN OUT" "${RESULT[2]}" \ "Allow DHCP IN" "${RESULT[3]}" \ "Allow DHCP OUT" "${RESULT[4]}" \ "Allow tun out FORWARD" "${RESULT[5]}" \ "Allow tun in FORWARD" "${RESULT[6]}" \ "Allow tun out OUT" "${RESULT[7]}" \ "tun masquerade" "${RESULT[8]}" \ "Allow DNS via UDP to airvpn.org" "${RESULT[9]}" \ "Allow DNS via TCP to airvpn.org" "${RESULT[10]}" \ "Allow connection initiation" "${RESULT[11]}" \ "Allow traffic to airvpn.org" "${RESULT[12]}" \ "Allow established connections" "${RESULT[13]}" \ "Block IPv4 OUT" "${RESULT[14]}" \ "Block IPv4 IN" "${RESULT[15]}" \ "Block IPv6 OUT" "${RESULT[16]}" \ "Block IPv6 IN" "${RESULT[17]}" \ "activate changes" "${RESULT[18]}" \ "restart firewalld" "${RESULT[19]}" sleep 2 unset RESULT check_lock } function check_lock { # check for success (not really though, needs improvement) LOCK_RULES=$( sudo firewall-cmd --direct --permanent --get-all-rules | wc -l ) if [ "$LOCK_RULES" -gt 16 ] then LOCK_ACTIVE="active" else LOCK_ACTIVE="inactive" fi } function yesno { dialog \ --backtitle "$BACKTITLE" \ --title "$1" \ --clear \ --yesno "$2" \ $HEIGHT $WIDTH EXIT_STATUS=$? } check_sudo if [ $? = "1" ] then clear exit fi get_userinfo # if currently connected by openconnect, set status to unknown (connection could have been established outside of this script) pgrep openconnect &> /dev/null if [ $? = 0 ] then U_CONNECTED="connected (openconnect)" U_SERVER_FULL="unknown" U_TIME="unknown" fi check_lock while true; do exec 3>&1 selection=$(dialog \ --cr-wrap \ --backtitle "$BACKTITLE" \ --title "Main Menu" \ --clear \ --cancel-label "Quit" \ --menu "This is a control script for VPN connections, primarily for Eddie, the AirVPN client.\nThis script can be exited and re-entered without affecting a running connection.\n\nUser: $U_LOGIN\nDays Until Expiration: $U_EXP\n\nDefault Network Lock: $LOCK_ACTIVE\n\nStatus: $U_CONNECTED\nServer: $U_SERVER_FULL\nConnected Since: $U_TIME\n\nPlease select one of the following options:" $HEIGHT $WIDTH 6 \ "0" "Connect to Recommended Server" \ "1" "Connect to Specific Server" \ "2" "Connect via openconnect" \ "3" "Disconnect" \ "4" "Refresh User Info" \ "5" "Toggle Default Network Lock" \ 2>&1 1>&3) EXIT_STATUS=$? exec 3>&- case $EXIT_STATUS in $DIALOG_CANCEL|$DIALOG_ESC) yesno "Quit" "Exit Script?" case $EXIT_STATUS in $DIALOG_CANCEL|$DIALOG_ESC) ;; $DIALOG_OK) break ;; esac ;; esac case $selection in 0 ) check_sudo if [ $? = "0" ] then disconnect_server connect_server "" fi ;; 1 ) while true; do exec 3>&1 SERVER_SORT=$(dialog \ --backtitle "$BACKTITLE" \ --title "Sort Server List" \ --no-collapse \ --ok-label "sort ascending" \ --extra-button \ --extra-label "sort descending" \ --menu "Please choose how you want to sort the server list." \ 14 0 7 \ "1" "Name" \ "2" "Country" \ "3" "Location" \ "4" "Continent" \ "5" "Bandwidth" \ "6" "Users" \ "7" "Load" \ 2>&1 1>&3) EXIT_STATUS=$? exec 3>&- case $EXIT_STATUS in $DIALOG_CANCEL|$DIALOG_ESC) break ;; $DIALOG_EXTRA) SERVER_SORT_OPTION="r" ;; $DIALOG_OK) SERVER_SORT_OPTION="" ;; esac if [ "$SERVER_SORT" = "5" -o "$SERVER_SORT" = "6" -o "$SERVER_SORT" = "7" ] then SERVER_NUM_OPTION="n" else SERVER_NUM_OPTION="" fi if [ ! -f "/tmp/.eddie_server_list.txt" ] then get_list fi while true do sort_list "-k$SERVER_SORT,$SERVER_SORT$SERVER_SORT_OPTION$SERVER_NUM_OPTION" IFS=$';\n' exec 3>&1 SERVER_NMBR=$(dialog \ --backtitle "$BACKTITLE" \ --title "Server List" \ --colors \ --no-collapse \ --extra-button \ --extra-label "Refresh List" \ --column-separator ":" \ --menu "Choose a server from the list to connect to it. (Press ESC to go back.)\n\n\Zb # Name Country Location Continent Bandwidth Users Load Health\ZB" \ 40 102 31 $LIST 2>&1 1>&3) EXIT_STATUS=$? exec 3>&- IFS=$' \t\n' case $EXIT_STATUS in $DIALOG_CANCEL) break 2 ;; $DIALOG_ESC) break ;; $DIALOG_EXTRA) get_list ;; $DIALOG_OK) check_sudo if [ $? = "0" ] then SELECTED_SERVER=$(printf -- '%s\n' "${LIST[@]}" | grep "^$SERVER_NMBR;" | cut -d ";" -f 2 | cut -d ":" -f 1) disconnect_server connect_server "$SELECTED_SERVER" break 2 fi ;; esac done done ;; 2 ) exec 3>&1 # adjust field lengths if necessary CONNECT_INFO=$(dialog \ --backtitle "$BACKTITLE" \ --title "VPN via openconnect" \ --insecure \ --mixedform "Please provide your login credentials to connect to a VPN via openconnect:\n(Leave unneeded fields blank and type options as in command line, separated by space.)" $HEIGHT $WIDTH 6 \ "Server:" 1 1 "" 1 21 25 0 0 \ "Group:" 2 1 "" 2 21 25 0 0 \ "User:" 3 1 "" 3 21 25 0 0 \ "Password:" 4 1 "" 4 21 25 0 1 \ "Additional Options:" 5 1 "" 5 21 25 0 0 \ 2>&1 1>&3) EXIT_STATUS=$? exec 3>&- case $EXIT_STATUS in $DIALOG_CANCEL|$DIALOG_ESC) ;; $DIALOG_OK) check_sudo if [ $? = "0" ] then disconnect_server if [ "$KILLED" = "true" ] then if [ ! -p "/tmp/.eddie_fifo1" ] then mkfifo "/tmp/.eddie_fifo1" fi ALT_SERVER=$(echo -n "$CONNECT_INFO" | cut -d$'\n' -f 1) ALT_GROUP=$(echo -n "$CONNECT_INFO" | cut -d$'\n' -f 2) ALT_USER=$(echo -n "$CONNECT_INFO" | cut -d$'\n' -f 3) ALT_PASS=$(echo -n "$CONNECT_INFO" | cut -d$'\n' -f 4) ALT_OPTS=$(echo -n "$CONNECT_INFO" | cut -d$'\n' -f 5) echo "$ALT_PASS" | (sudo openconnect $ALT_OPTS --authgroup=$ALT_GROUP --user=$ALT_USER --passwd-on-stdin $ALT_SERVER &> "/tmp/.eddie_fifo1" &) timeout --signal=SIGINT 3 cat "/tmp/.eddie_fifo1" | dialog --backtitle "$BACKTITLE" --title "Connecting via openconnect..." --timeout 5 --programbox 20 80 U_CONNECTED="connected" U_SERVER_FULL="$ALT_SERVER" U_TIME=$(date +"%m/%d/%Y %H:%M:%S") else U_CONNECTED="error during disconnection" U_SERVER_FULL="--" U_TIME="--" fi fi ;; esac ;; 3 ) check_sudo if [ $? = "0" ] then disconnect_server if [ "$KILLED" = "true" ] then get_userinfo else U_CONNECTED="error during disconnection" U_SERVER_FULL="--" U_TIME="--" fi if [ -p "/tmp/.eddie_fifo1" ] then rm "/tmp/.eddie_fifo1" fi if [ -p "/tmp/.eddie_fifo2" ] then rm "/tmp/.eddie_fifo2" fi fi ;; 4 ) get_userinfo ;; 5 ) pgrep -f mono.*eddie-ui &> /dev/null if [ $? = 0 ] then dialog --backtitle "$BACKTITLE" --title "Toggle Network Lock" --timeout 3 --msgbox "You need to be disconnected to change network traffic rules." 10 35 else if [ "$LOCK_ACTIVE" = "inactive" ] then yesno "Toggle Network Lock" "Are you sure you want to activate the default network lock and block all connections while not connected to (any) VPN?" case $EXIT_STATUS in $DIALOG_CANCEL|$DIALOG_ESC) ;; $DIALOG_OK) check_sudo if [ $? = "0" ] then define_lock "activate" fi ;; esac else yesno "Toggle Network Lock" "Are you sure you want to deactivate the default network lock and allow all connections, even when not connected to a VPN?" case $EXIT_STATUS in $DIALOG_CANCEL|$DIALOG_ESC) ;; $DIALOG_OK) check_sudo if [ $? = "0" ] then define_lock "deactivate" fi ;; esac fi fi ;; esac done clear

Hello. I've been very happy with Air so far, thank you for the great service! I have some improvement suggestions/requests for the CLI version of the Eddie client though. I prefer to not run the GUI version for everyday use since it uses up more resources (not crazy much, but mono has 4-5% CPU usage while the CLI version always uses <1%). But what keeps me from using it is that there seems to be no way to disconnect from a server or reconnect to another without exiting Eddie and thus disabling the network lock. It would be great to make the client more interactive as in being able to disconnect from a server and have Eddie be in "idle" with still having the network lock enabled and, as another suggestion, be able to connect to a specific server from there again (rather than the recommended one). Maybe even implement a possibility to request an interactive server list like the ProtonVPN CLI client has it. Also as a minor improvement I would suggest that the CLI client defaults to loading the default profile from ~/.airvpn and not the one in the root folder since the first one is where the login data is stored. Thank you!

Hi I am using eddie-ui 2.14.5 on ubuntu 18.04. I was used to start eddie from the terminal using the command: eddie-ui -cli -netlock -connect Then when i wanted to disconnect, I used to do Ctrl+c and it would shutdown the connection and then kill the process. But now using ctrl+c doesn't work anymore. It just get me back to the terminal but the process is still running in the background. I need to use "pkill -f eddie" to kill the process. Is this normal or is this a bug? I tried on Kali and i have the same issue. thanks

I apologize in advance for such a (I hope) simple problem. I'm trying to start Airvpn on Lunix using config file and the terminal per the instructions in the "how to." It runs, then the last line on the terminal is "Initialization sequence completed." It hangs there with internet dead, and never does anything else. If I ctl. C, it continues and terminates whatever it was doing. I've tried this on several systems with the same result. My question is, is there something else I have to do? OpenVPN is installed, is there anything else that has to be there? I'm doing this because there seems to be no other way to start Airvpn on KaOS. Below is the terminal printout. I know this shows that I only gave it less then a minute, but prior attempts on several systems showed that it would never do anything. Thanks, Pete [pete@pete-pc Downloads]$ sudo openvpn vpn.ovpn Thu Mar 15 16:08:32 2018 OpenVPN 2.4.5 x86_64-pc-linux-gnu [sSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Mar 1 2018 Thu Mar 15 16:08:32 2018 library versions: OpenSSL 1.1.0g 2 Nov 2017, LZO 2.10 Thu Mar 15 16:08:32 2018 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Thu Mar 15 16:08:32 2018 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Thu Mar 15 16:08:32 2018 TCP/UDP: Preserving recently used remote address: [AF_INET]104.254.90.234:443 Thu Mar 15 16:08:32 2018 Socket Buffers: R=[212992->212992] S=[212992->212992] Thu Mar 15 16:08:32 2018 UDP link local: (not bound) Thu Mar 15 16:08:32 2018 UDP link remote: [AF_INET]104.254.90.234:443 Thu Mar 15 16:08:32 2018 TLS: Initial packet from [AF_INET]104.254.90.234:443, sid=aa8cd42a 332651f4 Thu Mar 15 16:08:32 2018 VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org Thu Mar 15 16:08:32 2018 VERIFY KU OK Thu Mar 15 16:08:32 2018 Validating certificate extended key usage Thu Mar 15 16:08:32 2018 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication Thu Mar 15 16:08:32 2018 VERIFY EKU OK Thu Mar 15 16:08:32 2018 VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=server, emailAddress=info@airvpn.org Thu Mar 15 16:08:33 2018 Control Channel: TLSv1.2, cipher TLSv1.2 DHE-RSA-AES256-GCM-SHA384, 4096 bit RSA Thu Mar 15 16:08:33 2018 [server] Peer Connection Initiated with [AF_INET]104.254.90.234:443 Thu Mar 15 16:08:34 2018 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1) Thu Mar 15 16:08:34 2018 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 10.4.0.1,comp-lzo no,route-gateway 10.4.0.1,topology subnet,ping 10,ping-restart 60,ifconfig 10.4.13.251 255.255.0.0' Thu Mar 15 16:08:34 2018 OPTIONS IMPORT: timers and/or timeouts modified Thu Mar 15 16:08:34 2018 OPTIONS IMPORT: compression parms modified Thu Mar 15 16:08:34 2018 OPTIONS IMPORT: --ifconfig/up options modified Thu Mar 15 16:08:34 2018 OPTIONS IMPORT: route options modified Thu Mar 15 16:08:34 2018 OPTIONS IMPORT: route-related options modified Thu Mar 15 16:08:34 2018 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified Thu Mar 15 16:08:34 2018 Outgoing Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key Thu Mar 15 16:08:34 2018 Outgoing Data Channel: Using 160 bit message hash 'SHA1' for HMAC authentication Thu Mar 15 16:08:34 2018 Incoming Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key Thu Mar 15 16:08:34 2018 Incoming Data Channel: Using 160 bit message hash 'SHA1' for HMAC authentication Thu Mar 15 16:08:34 2018 ROUTE_GATEWAY 192.168.1.254/255.255.255.0 IFACE=enp10s0 HWADDR=08:62:66:c7:b0:29 Thu Mar 15 16:08:34 2018 TUN/TAP device tun0 opened Thu Mar 15 16:08:34 2018 TUN/TAP TX queue length set to 100 Thu Mar 15 16:08:34 2018 do_ifconfig, tt->did_ifconfig_ipv6_setup=0 Thu Mar 15 16:08:34 2018 /usr/bin/ip link set dev tun0 up mtu 1500 Thu Mar 15 16:08:34 2018 /usr/bin/ip addr add dev tun0 10.4.13.251/16 broadcast 10.4.255.255 Thu Mar 15 16:08:40 2018 /usr/bin/ip route add 104.254.90.234/32 via 192.168.1.254 Thu Mar 15 16:08:40 2018 /usr/bin/ip route add 0.0.0.0/1 via 10.4.0.1 Thu Mar 15 16:08:40 2018 /usr/bin/ip route add 128.0.0.0/1 via 10.4.0.1 Thu Mar 15 16:08:40 2018 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this Thu Mar 15 16:08:40 2018 Initialization Sequence Completed ^CThu Mar 15 16:09:18 2018 event_wait : Interrupted system call (code=4) Thu Mar 15 16:09:18 2018 SIGTERM received, sending exit notification to peer Thu Mar 15 16:09:23 2018 /usr/bin/ip route del 104.254.90.234/32 Thu Mar 15 16:09:23 2018 /usr/bin/ip route del 0.0.0.0/1 Thu Mar 15 16:09:23 2018 /usr/bin/ip route del 128.0.0.0/1 Thu Mar 15 16:09:23 2018 Closing TUN/TAP interface Thu Mar 15 16:09:23 2018 /usr/bin/ip addr del dev tun0 10.4.13.251/16 Thu Mar 15 16:09:23 2018 SIGTERM[soft,exit-with-notification] received, process exiting

I wanted to install airvpn software on a linux terminal, but I can't find any tutorials or even commands that I should run, I'm a beginner so I don't know how should I do it without tutorial. I searched around and there is nothing that helped. I don't want to mess around through ftp and move .deb packages to linux, is there a way to run one command and do it all? I read some discussions here and I suppose those people who downloaded openvpn configs had graphical interface. The only thing I did was Import our maintainer key for validating signature: wget -qO - https://eddie.website/repository/keys/eddie_maintainer_gpg.key|sudo apt-key add - Couldn't run deb commands because I don't have the deb package. deb http://eddie.website/repository/apt stable main -bash: deb: command not found sudo apt-get install deb Reading package lists... Done Building dependency tree Reading state information... Done E: Unable to locate package deb I tried to download linux > 64bit > portable > command line, but again, it's just a tar.gz file, there are no commands on how to do it via ssh. Tried to download deb package remotely via SSH, but the link is encrypted or dynamic and not a direct link, also showing error 500...It seems in the past there were direct links (https://askubuntu.com/questions/825193/how-can-apt-get-deal-with-dependency-problems-associated-with-a-slightly-problem) /home# wget https://eddie.website/download/?platform=linux&arch=x64&ui=cli&format=portable.tar.gz&version=2.12.4&r=0.8266051129146859 [1] 28514 [2] 28515 [3] 28516 [4] 28517 [5] 28518 [2] Done arch=x64 [3] Done ui=cli [4]- Done format=portable.tar.gz [5]+ Done version=2.12.4 root@...:~/home# --2017-07-04 02:22:53-- https://eddie.website/download/?platform=linux Resolving eddie.website (eddie.website)... 2a03:b0c0:2:d0::11b4:6001, 188.166.41.48 Connecting to eddie.website (eddie.website)|2a03:b0c0:2:d0::11b4:6001|:443... connected. HTTP request sent, awaiting response... 500 Internal Server Error 2017-07-04 02:22:53 ERROR 500: Internal Server Error. There are like 10 dependencies for this to run and not one command or guide on how to install airvpn easily via terminal... I have to waste my time to reupload .deb file on some file hosting now to download it by using wget... Instead of 5 minutes this will take me 1 hour now... ~/home# apt-get install gksu mono-runtime mono-utils libmono-system-runtime2.0-cil libmono-winforms2.0-cil libmono-corlib2.0-cil openvpn stunnel4 Reading package lists... Done Building dependency tree... 50% Building dependency tree Reading state information... Done Package libmono-corlib2.0-cil is not available, but is referred to by another package. This may mean that the package is missing, has been obsoleted, or is only available from another source However the following packages replace it: mono-reference-assemblies-2.0 mono-devel Package libmono-system-runtime2.0-cil is not available, but is referred to by another package. This may mean that the package is missing, has been obsoleted, or is only available from another source However the following packages replace it: mono-reference-assemblies-2.0 mono-devel Package libmono-winforms2.0-cil is not available, but is referred to by another package. This may mean that the package is missing, has been obsoleted, or is only available from another source However the following packages replace it: mono-reference-assemblies-2.0 mono-devel E: Package 'libmono-system-runtime2.0-cil' has no installation candidate E: Package 'libmono-winforms2.0-cil' has no installation candidate E: Package 'libmono-corlib2.0-cil' has no installation candidate Doing this from this tutorial https://askubuntu.com/a/80593 /home# tar xvzf eddie-cli_2.12.4_linux_x64_portable.tar.gz eddie-cli_2.12.4_linux_x64_portable/ eddie-cli_2.12.4_linux_x64_portable/libgdiplus.so.0 eddie-cli_2.12.4_linux_x64_portable/openvpn eddie-cli_2.12.4_linux_x64_portable/cacert.pem eddie-cli_2.12.4_linux_x64_portable/update-resolv-conf eddie-cli_2.12.4_linux_x64_portable/stunnel eddie-cli_2.12.4_linux_x64_portable/eddie-cli eddie-cli_2.12.4_linux_x64_portable/libMonoPosixHelper.so root@...:~/home# ./configure -bash: ./configure: No such file or directory root@...:~/home# cd eddie-cli_2.12.4_linux_x64_portable root@...:~/home/eddie-cli_2.12.4_linux_x64_portable# ./configure -bash: ./configure: No such file or directory tar -xzf eddie-cli_2.12.4_linux_x64_portable.tar.gz root@...:~/home# cd eddie-cli_2.12.4_linux_x64_portable root@...:~/home/eddie-cli_2.12.4_linux_x64_portable# ./configure -bash: ./configure: No such file or directory root@...:~/home/eddie-cli_2.12.4_linux_x64_portable# make make: *** No targets specified and no makefile found. Stop. root@...:~/home/eddie-cli_2.12.4_linux_x64_portable# sudo make install make: *** No rule to make target 'install'. Stop. root@...:~/home/eddie-cli_2.12.4_linux_x64_portable# I installed .deb with a UI - there were no .deb without UI, hoping that it also can work only via command line. This is the error I got when running it, I suppose it's only for graphical UI ('Could not open display') sudo dpkg -i --ignore-depends=libmono-system-runtime2.0-cil --ignore-depends=libmono-winforms2.0-cil --ignore-depends=libmono-corlib2.0-cil eddie-ui_2.12.4_linux_x64_debian.deb Selecting previously unselected package airvpn. (Reading database ... 64452 files and directories currently installed.) Preparing to unpack eddie-ui_2.12.4_linux_x64_debian.deb ... Unpacking airvpn (2.12.4) ... Setting up airvpn (2.12.4) ... Processing triggers for man-db (2.7.6.1-2) ... Processing triggers for mime-support (3.60ubuntu1) ... root@...:~/home# airvpn I 2017.07.04 02:47:26 - Eddie client version: 2.12.4 / linux_x64, System: Linux, Name: Ubuntu 17.04 Linux generic #22-Ubuntu SMP Thu Apr 20 09:22:42 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux Server : 546655 IPv4 : IPv6 : ... Hostname : ..., Mono/.Net Framework: v4.0.30319 . 2017.07.04 02:47:26 - Reading options from /root/.airvpn/AirVPN.xml . 2017.07.04 02:47:26 - Profile options not found, using defaults. Unhandled Exception: System.TypeInitializationException: The type initializer for 'System.Windows.Forms.WindowsFormsSynchronizationContext' threw an exception. ---> System.TypeInitializationException: The type initializer for 'System.Windows.Forms.XplatUI' threw an exception. ---> System.ArgumentNullException: Could not open display (X-Server required. Check your DISPLAY environment variable) Parameter name: Display at System.Windows.Forms.XplatUIX11.SetDisplay (System.IntPtr display_handle) [0x00435] in <d5b72d15d4f7424c8a1538e3f19ec2e3>:0 at System.Windows.Forms.XplatUIX11..ctor () [0x00077] in <d5b72d15d4f7424c8a1538e3f19ec2e3>:0 at System.Windows.Forms.XplatUIX11.GetInstance () [0x0001c] in <d5b72d15d4f7424c8a1538e3f19ec2e3>:0 at System.Windows.Forms.XplatUI..cctor () [0x0007d] in <d5b72d15d4f7424c8a1538e3f19ec2e3>:0 --- End of inner exception stack trace --- at System.Windows.Forms.Theme.get_MenuAccessKeysUnderlined () [0x00000] in <d5b72d15d4f7424c8a1538e3f19ec2e3>:0 at System.Windows.Forms.SystemInformation.get_MenuAccessKeysUnderlined () [0x00005] in <d5b72d15d4f7424c8a1538e3f19ec2e3>:0 at System.Windows.Forms.Control..ctor () [0x000ea] in <d5b72d15d4f7424c8a1538e3f19ec2e3>:0 at (wrapper remoting-invoke-with-check) System.Windows.Forms.Control:.ctor () at System.Windows.Forms.WindowsFormsSynchronizationContext..cctor () [0x00000] in <d5b72d15d4f7424c8a1538e3f19ec2e3>:0 --- End of inner exception stack trace --- at (wrapper managed-to-native) System.Object:__icall_wrapper_mono_generic_class_init (intptr) at System.Windows.Forms.WindowsFormsSynchronizationContext.get_AutoInstall () [0x00000] in <d5b72d15d4f7424c8a1538e3f19ec2e3>:0 at System.Windows.Forms.Control..ctor () [0x00014] in <d5b72d15d4f7424c8a1538e3f19ec2e3>:0 at System.Windows.Forms.ScrollableControl..ctor () [0x00000] in <d5b72d15d4f7424c8a1538e3f19ec2e3>:0 at System.Windows.Forms.ContainerControl..ctor () [0x0000e] in <d5b72d15d4f7424c8a1538e3f19ec2e3>:0 at System.Windows.Forms.Form..ctor () [0x00012] in <d5b72d15d4f7424c8a1538e3f19ec2e3>:0 at System.Windows.Forms.MessageBox+MessageBoxForm..ctor (System.Windows.Forms.IWin32Window owner, System.String text, System.String caption, System.Windows.Forms.MessageBoxButtons buttons, System.Windows.Forms.MessageBoxIcon icon, System.Boolean displayHelpButton) [0x0000c] in <d5b72d15d4f7424c8a1538e3f19ec2e3>:0 at System.Windows.Forms.MessageBox+MessageBoxForm..ctor (System.Windows.Forms.IWin32Window owner, System.String text, System.String caption, System.Windows.Forms.MessageBoxButtons buttons, System.Windows.Forms.MessageBoxIcon icon) [0x00000] in <d5b72d15d4f7424c8a1538e3f19ec2e3>:0 at (wrapper remoting-invoke-with-check) System.Windows.Forms.MessageBox+MessageBoxForm:.ctor (System.Windows.Forms.IWin32Window,string,string,System.Windows.Forms.MessageBoxButtons,System.Windows.Forms.MessageBoxIcon) at System.Windows.Forms.MessageBox.Show (System.String text, System.String caption, System.Windows.Forms.MessageBoxButtons buttons, System.Windows.Forms.MessageBoxIcon icon) [0x00000] in <d5b72d15d4f7424c8a1538e3f19ec2e3>:0 at Eddie.UI.Linux.Program.Main () [0x000c3] in <827d8be374f3486292e08d514075969c>:0 [ERROR] FATAL UNHANDLED EXCEPTION: System.TypeInitializationException: The type initializer for 'System.Windows.Forms.WindowsFormsSynchronizationContext' threw an exception. ---> System.TypeInitializationException: The type initializer for 'System.Windows.Forms.XplatUI' threw an exception. ---> System.ArgumentNullException: Could not open display (X-Server required. Check your DISPLAY environment variable) Parameter name: Display at System.Windows.Forms.XplatUIX11.SetDisplay (System.IntPtr display_handle) [0x00435] in <d5b72d15d4f7424c8a1538e3f19ec2e3>:0 at System.Windows.Forms.XplatUIX11..ctor () [0x00077] in <d5b72d15d4f7424c8a1538e3f19ec2e3>:0 at System.Windows.Forms.XplatUIX11.GetInstance () [0x0001c] in <d5b72d15d4f7424c8a1538e3f19ec2e3>:0 at System.Windows.Forms.XplatUI..cctor () [0x0007d] in <d5b72d15d4f7424c8a1538e3f19ec2e3>:0 --- End of inner exception stack trace --- at System.Windows.Forms.Theme.get_MenuAccessKeysUnderlined () [0x00000] in <d5b72d15d4f7424c8a1538e3f19ec2e3>:0 at System.Windows.Forms.SystemInformation.get_MenuAccessKeysUnderlined () [0x00005] in <d5b72d15d4f7424c8a1538e3f19ec2e3>:0 at System.Windows.Forms.Control..ctor () [0x000ea] in <d5b72d15d4f7424c8a1538e3f19ec2e3>:0 at (wrapper remoting-invoke-with-check) System.Windows.Forms.Control:.ctor () at System.Windows.Forms.WindowsFormsSynchronizationContext..cctor () [0x00000] in <d5b72d15d4f7424c8a1538e3f19ec2e3>:0 --- End of inner exception stack trace --- at (wrapper managed-to-native) System.Object:__icall_wrapper_mono_generic_class_init (intptr) at System.Windows.Forms.WindowsFormsSynchronizationContext.get_AutoInstall () [0x00000] in <d5b72d15d4f7424c8a1538e3f19ec2e3>:0 at System.Windows.Forms.Control..ctor () [0x00014] in <d5b72d15d4f7424c8a1538e3f19ec2e3>:0 at System.Windows.Forms.ScrollableControl..ctor () [0x00000] in <d5b72d15d4f7424c8a1538e3f19ec2e3>:0 at System.Windows.Forms.ContainerControl..ctor () [0x0000e] in <d5b72d15d4f7424c8a1538e3f19ec2e3>:0 at System.Windows.Forms.Form..ctor () [0x00012] in <d5b72d15d4f7424c8a1538e3f19ec2e3>:0 at System.Windows.Forms.MessageBox+MessageBoxForm..ctor (System.Windows.Forms.IWin32Window owner, System.String text, System.String caption, System.Windows.Forms.MessageBoxButtons buttons, System.Windows.Forms.MessageBoxIcon icon, System.Boolean displayHelpButton) [0x0000c] in <d5b72d15d4f7424c8a1538e3f19ec2e3>:0 at System.Windows.Forms.MessageBox+MessageBoxForm..ctor (System.Windows.Forms.IWin32Window owner, System.String text, System.String caption, System.Windows.Forms.MessageBoxButtons buttons, System.Windows.Forms.MessageBoxIcon icon) [0x00000] in <d5b72d15d4f7424c8a1538e3f19ec2e3>:0 at (wrapper remoting-invoke-with-check) System.Windows.Forms.MessageBox+MessageBoxForm:.ctor (System.Windows.Forms.IWin32Window,string,string,System.Windows.Forms.MessageBoxButtons,System.Windows.Forms.MessageBoxIcon) at System.Windows.Forms.MessageBox.Show (System.String text, System.String caption, System.Windows.Forms.MessageBoxButtons buttons, System.Windows.Forms.MessageBoxIcon icon) [0x00000] in <d5b72d15d4f7424c8a1538e3f19ec2e3>:0 at Eddie.UI.Linux.Program.Main () [0x000c3] in <827d8be374f3486292e08d514075969c>:0 Edit: Just figured out that if I want to use command-line I have to add -cli... Edit2: After connecting to best available server, linux crashed.. Now can't connect. 17:40:55.181 Key exchange #36 started by client. 17:40:55.744 Key exchange #36 completed. 18:11:01.036 The SSH2 session has terminated with error. Reason: FlowSocketReader: Error receiving bytes. Windows error 10060: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond. 18:11:01.041 Automatic reconnection started. Reconnection attempt is scheduled at 18:11:03. This is the last log before crashing . 2017.07.04 03:16:39 - OpenVPN > Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 4096 bit RSA . 2017.07.04 03:16:39 - OpenVPN > [server] Peer Connection Initiated with [AF_INET]... . 2017.07.04 03:16:40 - OpenVPN > SENT CONTROL [server]: 'PUSH_REQUEST' (status=1) . 2017.07.04 03:16:40 - OpenVPN > PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 10.4.0.1,comp-lzo no,route-gateway 10.4.0.1,topology subnet,ping 10,ping-restart 60,ifconfig 10.4.113.245 255.255.0.0' . 2017.07.04 03:16:40 - OpenVPN > OPTIONS IMPORT: timers and/or timeouts modified . 2017.07.04 03:16:40 - OpenVPN > OPTIONS IMPORT: compression parms modified . 2017.07.04 03:16:40 - OpenVPN > OPTIONS IMPORT: --ifconfig/up options modified . 2017.07.04 03:16:40 - OpenVPN > OPTIONS IMPORT: route options modified . 2017.07.04 03:16:40 - OpenVPN > OPTIONS IMPORT: route-related options modified . 2017.07.04 03:16:40 - OpenVPN > OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified . 2017.07.04 03:16:40 - OpenVPN > Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key . 2017.07.04 03:16:40 - OpenVPN > Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication . 2017.07.04 03:16:40 - OpenVPN > Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key . 2017.07.04 03:16:40 - OpenVPN > Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication . 2017.07.04 03:16:40 - OpenVPN > ROUTE_GATEWAY .../255.255.255.0 IFACE=eth0 HWADDR=... . 2017.07.04 03:16:40 - OpenVPN > TUN/TAP device tun0 opened . 2017.07.04 03:16:40 - OpenVPN > TUN/TAP TX queue length set to 100 . 2017.07.04 03:16:40 - OpenVPN > do_ifconfig, tt->did_ifconfig_ipv6_setup=0 . 2017.07.04 03:16:40 - OpenVPN > /sbin/ip link set dev tun0 up mtu 1500 . 2017.07.04 03:16:40 - OpenVPN > /sbin/ip addr add dev tun0 .../16 broadcast ... . 2017.07.04 03:16:45 - OpenVPN > /sbin/ip route add .../32 via ... . 2017.07.04 03:16:45 - OpenVPN > /sbin/ip route add 0.0.0.0/1 via 10.4.0.1

I am experiencing something strange when I try to connect my Ubuntu server to the service. Log: user@ubuntu:~$ sudo openvpn --config AirVPN_GB-London_Bellatrix_UDP-443.ovpn [sudo] password for user: Sun Jun 25 20:37:13 2017 OpenVPN 2.3.10 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Jun 22 2017 Sun Jun 25 20:37:13 2017 library versions: OpenSSL 1.0.2g 1 Mar 2016, LZO 2.08 Sun Jun 25 20:37:13 2017 Control Channel Authentication: tls-auth using INLINE static key file Sun Jun 25 20:37:13 2017 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Sun Jun 25 20:37:13 2017 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Sun Jun 25 20:37:13 2017 Socket Buffers: R=[212992->212992] S=[212992->212992] Sun Jun 25 20:37:13 2017 UDPv4 link local: [undef] Sun Jun 25 20:37:13 2017 UDPv4 link remote: [AF_INET]88.150.240.7:443 Sun Jun 25 20:37:13 2017 TLS: Initial packet from [AF_INET]88.150.240.7:443, sid=43e3bb88 272c22d6 Sun Jun 25 20:37:13 2017 VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org Sun Jun 25 20:37:13 2017 Validating certificate key usage Sun Jun 25 20:37:13 2017 ++ Certificate has key usage 00a0, expects 00a0 Sun Jun 25 20:37:13 2017 VERIFY KU OK Sun Jun 25 20:37:13 2017 Validating certificate extended key usage Sun Jun 25 20:37:13 2017 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication Sun Jun 25 20:37:13 2017 VERIFY EKU OK Sun Jun 25 20:37:13 2017 VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=server, emailAddress=info@airvpn.org Sun Jun 25 20:37:13 2017 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key Sun Jun 25 20:37:13 2017 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Sun Jun 25 20:37:13 2017 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key Sun Jun 25 20:37:13 2017 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Sun Jun 25 20:37:13 2017 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 4096 bit RSA Sun Jun 25 20:37:13 2017 [server] Peer Connection Initiated with [AF_INET]88.150.240.7:443 Sun Jun 25 20:37:15 2017 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1) Sun Jun 25 20:37:15 2017 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 10.4.0.1,comp-lzo no,route-gateway 10.4.0.1,topology subnet,ping 10,ping-restart 60,ifconfig 10.4.4.110 255.255.0.0' Sun Jun 25 20:37:15 2017 OPTIONS IMPORT: timers and/or timeouts modified Sun Jun 25 20:37:15 2017 OPTIONS IMPORT: LZO parms modified Sun Jun 25 20:37:15 2017 OPTIONS IMPORT: --ifconfig/up options modified Sun Jun 25 20:37:15 2017 OPTIONS IMPORT: route options modified Sun Jun 25 20:37:15 2017 OPTIONS IMPORT: route-related options modified Sun Jun 25 20:37:15 2017 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified Sun Jun 25 20:37:15 2017 ROUTE_GATEWAY 94.23.43.254 Sun Jun 25 20:37:15 2017 TUN/TAP device tun1 opened Sun Jun 25 20:37:15 2017 TUN/TAP TX queue length set to 100 Sun Jun 25 20:37:15 2017 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0 Sun Jun 25 20:37:15 2017 /sbin/ip link set dev tun1 up mtu 1500 Sun Jun 25 20:37:15 2017 /sbin/ip addr add dev tun1 10.4.4.110/16 broadcast 10.4.255.255 Sun Jun 25 20:37:20 2017 /sbin/ip route add 88.150.240.7/32 via 94.23.43.254 RTNETLINK answers: Network is unreachable Sun Jun 25 20:37:20 2017 ERROR: Linux route add command failed: external program exited with error status: 2 Sun Jun 25 20:37:20 2017 /sbin/ip route add 0.0.0.0/1 via 10.4.0.1 Sun Jun 25 20:37:20 2017 /sbin/ip route add 128.0.0.0/1 via 10.4.0.1 Here I lose my connection with the machine via SSH. The only error what I see is something with the routing. If I log in to the machine with a kvm extender I can run commands. If I try to run the command "route" it is extremely slow. I toke 20-30s to show anything after the headlines. (see the attached picture, please)Ping outside doesn't work but the interface addresses are pingable. When I check here how many client connected - this connection is not on the list. (not even for a second) I tried to connect using this method from my Ubuntu laptop and I could connect without problem. I tried to sniffing around in the /etc/openvpn folder but I found nothing what can help at the first look. I believe that something around the routing cause the problem but I am afraid I am not experienced enough to spot the problem. See the attached pictures for the interface information. I am really appreciate any help

Hi, I am used to using *sudo openvpn --config file.ovpn* and will not switch to use any GUI. However after switching to Ubuntu 16.04 LTS I cannot connect to AirVPN - the log looks like connection succeeded but I have no internet connection. Could you please point me to a tutorial on how to connect from terminal? I cannot find any. ~/AirVPN$ sudo openvpn --config germany.ovpn Mon Mar 27 09:40:44 2017 OpenVPN 2.3.10 x86_64-pc-linux-gnu [sSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [iPv6] built on Feb 2 2016Mon Mar 27 09:40:44 2017 library versions: OpenSSL 1.0.2g 1 Mar 2016, LZO 2.08Mon Mar 27 09:40:44 2017 Control Channel Authentication: tls-auth using INLINE static key fileMon Mar 27 09:40:44 2017 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authenticationMon Mar 27 09:40:44 2017 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authenticationMon Mar 27 09:40:44 2017 Socket Buffers: R=[212992->212992] S=[212992->212992]Mon Mar 27 09:40:44 2017 UDPv4 link local: [undef]Mon Mar 27 09:40:44 2017 UDPv4 link remote: [AF_INET]178.162.198.112:2018Mon Mar 27 09:40:46 2017 TLS: Initial packet from [AF_INET]178.162.198.112:2018, sid=5f8e2f65 10b9f080Mon Mar 27 09:40:46 2017 VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.orgMon Mar 27 09:40:46 2017 Validating certificate key usageMon Mar 27 09:40:46 2017 ++ Certificate has key usage 00a0, expects 00a0Mon Mar 27 09:40:46 2017 VERIFY KU OKMon Mar 27 09:40:46 2017 Validating certificate extended key usageMon Mar 27 09:40:46 2017 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server AuthenticationMon Mar 27 09:40:46 2017 VERIFY EKU OKMon Mar 27 09:40:46 2017 VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=server, emailAddress=info@airvpn.orgMon Mar 27 09:40:47 2017 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit keyMon Mar 27 09:40:47 2017 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authenticationMon Mar 27 09:40:47 2017 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit keyMon Mar 27 09:40:47 2017 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authenticationMon Mar 27 09:40:47 2017 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 4096 bit RSAMon Mar 27 09:40:47 2017 [server] Peer Connection Initiated with [AF_INET]178.162.198.112:2018Mon Mar 27 09:40:49 2017 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)Mon Mar 27 09:40:49 2017 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 10.30.0.1,comp-lzo no,route-gateway 10.30.0.1,topology subnet,ping 10,ping-restart 60,ifconfig 10.30.0.155 255.255.0.0'Mon Mar 27 09:40:49 2017 OPTIONS IMPORT: timers and/or timeouts modifiedMon Mar 27 09:40:49 2017 OPTIONS IMPORT: LZO parms modifiedMon Mar 27 09:40:49 2017 OPTIONS IMPORT: --ifconfig/up options modifiedMon Mar 27 09:40:49 2017 OPTIONS IMPORT: route options modifiedMon Mar 27 09:40:49 2017 OPTIONS IMPORT: route-related options modifiedMon Mar 27 09:40:49 2017 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modifiedMon Mar 27 09:40:49 2017 ROUTE_GATEWAY 192.168.0.1/255.255.255.0 IFACE=wlp2s0 HWADDR=48:51:b7:b2:37:2fMon Mar 27 09:40:49 2017 TUN/TAP device tun0 openedMon Mar 27 09:40:49 2017 TUN/TAP TX queue length set to 100Mon Mar 27 09:40:49 2017 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0Mon Mar 27 09:40:49 2017 /sbin/ip link set dev tun0 up mtu 1500Mon Mar 27 09:40:49 2017 /sbin/ip addr add dev tun0 10.30.0.155/16 broadcast 10.30.255.255Mon Mar 27 09:40:49 2017 /sbin/ip route add 178.162.198.112/32 via 192.168.0.1Mon Mar 27 09:40:49 2017 /sbin/ip route add 0.0.0.0/1 via 10.30.0.1Mon Mar 27 09:40:49 2017 /sbin/ip route add 128.0.0.0/1 via 10.30.0.1Mon Mar 27 09:40:49 2017 Initialization Sequence Completed

Hey Everyone, Just learning the ropes with vpn's, got it working on my mac and my android phone, but having a bit of trouble with my arch linux laptop. I feel like I am just missing a step somewhere, but I following the instructions for the terminal setup (couldn't get the app to work, I'll play with it later). I made the config files, run 'openvpn configfile', it does its thing and I get the 'Initialization Sequence Completed'. But thats as far as I got becuase after that I have no internet. I feel like it must be a firewall issue or something isn't configured right. Anyone have any ideas? Thanks,

Hello everyone, I've been an AirVPN customer for about a year now and absolutely love it for many reasons. The only issue I really have is Raspberry Pi support. I just got an RPi3 a few weeks ago and want to set it up as a media server/P2P box. This makes a stable VPN connection with a network lock an absolute necessity. From what I've read here, Eddie is not and probably will never be supported on any Raspberry Pi. I can understand that's a relatively small concern for Air considering the limited use compared to OSX, Linux, and Windows, so I'm not going to complain too much. I will say that it's really a bummer as I love Eddie and it's always running on my PC. So far, I've had to settle by running openvpn with a config file from the terminal (I should mention i'm running Raspbian) with Firestarter as a kill-switch. The problem is I can rarely stay connected for more than 12 hours. This may be due to my internet connection, or a problem with one of Air's servers, but it's a problem either way. This means every day, usually more than once a day, I have to plug my RPi into my TV (or SSH into it) to kill my P2P client, restart openvpn, and restart the firewall. This really isn't the seamless P2P/media center experience I was looking for. I've done a fair amount of searching and can't come up with anything. I was thinking about trying the Debain network manager, but I see that it is not recommended for security reasons, and I'm not sure it would solve my problem anyway. If anyone has any suggestions, I'm open to try just about anything as I really wan't to get this up and running. I'm even open to trying out a different OS for the pi if anyone thinks it will make a difference. Worst case scenario, I will try to write up something that does all of this manually. In that case I think my main problem would be detecting when the vpn connection goes down. If anyone knows of a good way to do that (i'll be using Java to make it), please let me know. This post got much longer than I had planned. Thanks for taking the time to read it and helping me out

Hi, I would like to access AirVPN through the command line on my Mac (OSX). Is this possible? Is there a command line interface (CLI)? Do I need to install OpenVPN first? Thank you.

Hey, I'm running Airvpn via the terminal, I get my .ovpn from the generator and it works just fine. But how do I terminate the vpn and drop back to my normal IP? Thanks.

Download your configuration file from the page Config Generator. If you don't already have the OpenVPN package installed in your system, you can tick Advanced Mode and tick Bundle executable (only for x86/amd64 based systems). Have a look here to take care of DNS push (OpenVPN will not do that for you by default): https://airvpn.org/topic/9608-how-to-accept-dns-push-on-linux-systems-with-resolvconf/Open a terminal console, reach the directory where you stored the files generated by the Configuration Generator and launchsudo openvpn foo.ovpnif you already have installed the OpenVPN package, orsudo ./openvpn foo.ovpnif you have downloaded our bundled executable. foo.ovpn is any *.ovpn files generated by the Config Generator. In the example we report "sudo" to run OpenVPN with root privileges. In some systems you might not have "sudo" available, or your account might be not included in the "sudo-ers". In these cases, you just need to run a terminal as root, or become root with "su" command.