I want OpenVPN support

[kar]

Lots of users asking for this.

[DarkenLX]

I always assumed it was a vpn but it was using a workaround so you didn't need the lock screen with a pin or password etc.

[peterroth]

Don't you need a running VPN service to connect to to achieve it?

[cron410]

It is a VPN client that connects to a local VPN server running on your own device. This would require blokada to manage two VPNs and in a specific order so your IP is not exposed. This adds lots of complexity.

[peterroth]

Technically not. Technically you need a device/service to connect to, as your ISP won't give you another IP, that means your router/switch's IP will be used, just like now.

[cron410]

No need for another IP, we are talking about blokada first connecting to a 3rd party commercial VPN provider first, then connecting to the blokada local VPN. The order of those connections probably doesn't matter. It might be easier to fork this project and split the functions of this app, instead of running a VPN server on the phone, run one with the same config on a VPS and use the Blokada app to manage that connection.

[peterroth]

That's the goal, as otherwise the real VPN is meaningless.

[nezzox]

Couldn't you achieve the IP hiding with a custom dns?

I also want to hide IP btw! This is high on my list.

[peterroth]

@nezzox DNS and VPN are for different purposes. The DNS just resolves the hostname to IP address, the VPN creates an encrypted tunnel.

[cron410]

@nezzox none of your traffic goes through dns, only a very tiny bit goes TO it and comes back, just for looking up a domain name to find out it's IP so your computer can communicate with it. With a VPN, all of your traffic goes through the VPN server and when it exits, everything you do online appears to come from the IP of that server.

On Wed, May 2, 2018, 2:17 PM Peter notifications@github.com wrote:

@nezzox https://github.com/nezzox DNS and VPN are for different purposes. The DNS just resolves the hostname to IP address, the VPN creates an encrypted tunnel.

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/blokadaorg/blokada/issues/111#issuecomment-386072064, or mute the thread https://github.com/notifications/unsubscribe-auth/AC8Kkwbh9IdWBUvaCcdJaGpH8rYdvXMfks5tufgdgaJpZM4STaW9 .

[ghost]

This is a wonderful idea,though eventually I’d like to add a ovpn profile file,as I usually can find high quality ones with database apps

[ghost]

Is someone working on this? I want to use a VPN but am also worried about 2000+ hosts that Blokada has blocked in 2 days. This would be a good feature!

[nezzox]

Agree.

Den lör 19 maj 2018 16:49Avizini notifications@github.com skrev:

Is someone working on this? I want to use a VPN but am also worried about 2000+ hosts that Blokada has blocked in 2 days. This would be a good feature!

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/blokadaorg/blokada/issues/111#issuecomment-390410020, or mute the thread https://github.com/notifications/unsubscribe-auth/AfcNkZGe9Yq45QO1bALWIzr217j9gJQJks5t0DDjgaJpZM4STaW9 .

--

Jonathan Gryveken

[kar]

It's the current donation campaign goal. A few other features will come before it though which are already scheduled, like block history / log. So it'll be a while before this one comes in.

[surfrescue]

Yes this would be fantastic for people like me that uses a paid VPN LIKE VPNunlimited to get good bandwidth and other useful privacy and funtionality...pairing that with the add block and blacklist manual add of Blokada would be fantastic flexibility ! So yes for the win on this development !!!

[jeroenev]

this would be really nice I alreaddy have a vpn and i'm currently happy with it While Wireguard would be a nice-to-have, OpenVPN would definitely give it the widest support for multiple different VPN providers

[jeroenev]

Also would be nice to exclude specific apps in the vpn connection (e.g. Netflix blocks vpns) Or the opposite: only route certain apps through the VPN

[ghost]

@jeroen7s That would be extremely nice,but adds a bit of complexity I'd imagine

[jeroenev]

Yes i'd imagine quite some, but it really is necessary for apps like Netflix Not expecting them to do it immediately, but it would be nice Having some kind of whitelist/blacklisting of apps like we have with adblocking, but for openVPN I know it is possible (openvpn for android can do this)

[ghost]

@animeking9901 That shouldn't be complex probably many apps already have that feature. Orbot being the open source one, maybe that could help.

[ghost]

@surfrescue Did you make this account just for advertising that VPN service? Get lost!

[jeroenev]

@Avizini Orbot has a proxy to setup per app, and a VPNmode for use among all apps Not sure it has whitelisting capabilities on VPN mode EDIT: apparently it does have whitelisting in vpn mode

[ghost]

@jeroen7s You can use the VPN mode on orbot with the apps you want. It displays a pop up asking for the apps you want to whitelist, blacklisted apps can't connect to the internet. (That's how it used to work about ~ 6 months ago)

[ghost]

What is the status of this feature request? Is it fully funded? Do we have an ETA? I don't see it listed as a project.

[mach20x]

I think it might be easy enough to implement wireguard into this app as it is a much cleaner codebase than openvpn. Also the connection negotiation is less problematic, and being that the lines of code used with WireGuard is far less than that of OpenVPN OPSEC is much more secure so that patching vulnerabilities and zero days are less likely to occur. The only issues I see are a user space implementation and the 128 bit encryption that some might balk at. Looking forward to the VPN service.

[jeroenev]

Sadly barely any VPN providers currently support it, while virtually all of them support OpenVPN

So while Wireguard is definitely superior in many ways, and cleaner to implement/easier to maintain, OpenVPN support will definitely be a bigger net privacy gain for the average Blokada+VPN user

[TavisJohn]

With the V4 release, and their own VPN service, I doubt that we will ever see OpenVPN support. They are going to push their service and they are not going to add a feature that would let people use a competitor VPN service.

I would LOVE OpenVPN support. I already have a VPN service I pay for that supports 5 devices and they have client software for WIndows, Mac, Linux, Android, and even a browser addon.

[Tobias-B-Besemer]

I second that!

[FliegendeWurst]

I second that!

Btw: on Github, the thumbs up emoji is normally used to express support. You can react to messages by clicking on the emojis below them or by using the +☺️ button. You can automatically get notifications about new comments on issues using the 'Subscribe' button in the right sidebar :-)

[Tobias-B-Besemer]

I second that!

Btw: on Github, the thumbs up emoji is normally used to express support. You can react to messages by clicking on the emojis below them or by using the + button. You can automatically get notifications about new comments on issues using the 'Subscribe' button in the right sidebar :-)

The subscribe button I forgot, sorry!

[kojid0]

Any news on this issue? I would like to stress that I am even willing to pay some money (up to 5€/month) in order to unlock OpenVPN support, so I can choose the VPN provider I want (BlokadaVPN, OpenVPN, Wireguard,...). It's not that I don't trust blokada but I have an existing VPN provider I am happy with and they provide more closer servers (better ping, more speed,...).

[TavisJohn]

Any news on this issue? I would like to stress that I am even willing to pay some money (up to 5€/month) in order to unlock OpenVPN support, so I can choose the VPN provider I want (BlokadaVPN, OpenVPN, Wireguard,...). It's not that I don't trust blokada but I have an existing VPN provider I am happy with and they provide more closer servers (better ping, more speed,...).

I would not be willing to pay a monthly fee to access a VPN I am already paying for. However I can see this being a premium option, and I would be willing to make a one time purchase.

[DSDV]

I cant wrap my head around the fact that they force a (sorry but) 'shitty' vpn service down the throat of probabbly privacy minded people.

Why should i entrust all my data within my datastream to a company which basacly made a good adblocker and now claims to be able to run a vpn service (which is a hughely complex topic).

Either incorperate the normal open vpn client or at least let us use our normal vpn services /apps and add the blockada dns services

[peterroth]

Could you elaborate a bit on "shitty VPN", why do you think it is so, what issues do you see or face with it? Additionally I'm also curious why you feel the service is "forced down the throat", why you have this feeling.

[androidacy-user]

@rpeter85 just going to input my thoughts on your VPN here: 1) I don't particularly mistrust it myself. Feel the same way I do about RiseUp VPN. Theoretically you could be selling my traffic to Google or whatever but I see no logical reason for it 2) Let's be frank it's not too fast. My normal LTE speed is about 6-7MB/ (bytes not bits). With your VPN it maxes out at 1.7MB/s. Which brings me to point number 3 3) Holy crap there is a lot of overhead. I have an Oneplus device which has network indicators in the status bar. While speed tests are showing less than1MB/s, the tra indicator show almost 2-3MB/s. Being a VPN you do expect some overhead due to encryption etc, that much? 4) Personally I feel this was presented as the support for OpenVPN but its not. Just because it uses that interface doesn't mean that it truly supports it. IMHO to "support" it I should be able to connect to my own (significantly faster in my case) OPENVPN server. So maybe by "cramming it down our throats" he really means "you have to use your services and what we really want is to connect to our own"

Just my two cents. It's good for a starter service but definitely has room for growth

[peterroth]

@alexa-v2 Now that's a feedback we can use to make the VPN better. But saying it's "shitty" and saying no anything else is... less constructive.

The reason behind the own VPN and (yet) no OpenVPN support is the complexity to implement it, to distinguish what should go to the real VPN service (OpenVPN server) and what to filter. As the Blokada VPN is "solved in our house", it's easy to synchronize. OpenVPN support is on the roadmap, but it's not the most easiest task.

[thecyberd3m0n]

I don't think it would require 2 vpns. 1) app uses local vpn server to connect to remote one 2) local vpn (that works in app) uses custom dns and blocklists. It can optionally connect remote vpn, without losing blocklists and custom dns (remote vpn can push proposed dns servers but it can be ignored if user configured so) 3) local vpn can be a bridge between remote vpns. Your vpns or defined by user. Of course you should block using both at same time. Nobody even expects that, but you can still block connections and configure custom dns

Please correct me am I right.