7/31/21
FreePN's infrastructure servers are currently offline. If you wish to use FreePN, you will need to configure your own infrastructure, as detailed in this repo's documentation.
FreePN is a set of open source (see FLOSS definition) privacy tools for an improved online user experience (and yes, there's even an ISO standard for that).
The FreePN network daemon (fpnd) is a P2P implementation of a distributed virtual private network (dVPN) that creates an anonymous "cloud" of peers where each peer is both a client node and an exit node. Peers are randomly connected on startup and reconnected to new (random) peers as needed.
The FreePN desktop user interface (freepn-gtk3-tray) currently supports GTK3-based XDG-compliant desktop environments, eg, Gnome, Unity, XFCE, and derivatives.
FreePN is not a full VPN solution (eg, openvpn or vpnc) and does not require setup of any pre-shared keys or certs. Traffic over FreePN network links is always encrypted, however, since each network link is independent, the traffic must be decrypted as it passes out of each peer host. When running in "peer" mode, each peer is assumed to be an untrusted host; when running in "adhoc" mode, the hosts can be assumed to be trusted hosts (as they belong to the user).
- we only route www (http and https) and dns (optional) traffic
- traffic routing supports IPv4 only (IPv6 is dropped unless configured not to)
- DNS privacy depends entirely on your DNS config
- the most common local-only DNS config is not routable out-of-the-box
- it takes you to make the changes to stop DNS privacy leaks
- DNS Privacy - DNS and your online privacy
- DNS Setup - Local DNS setup
- DNS Examples - Example configs for systemd, stubby, dnsmasq
- Quick Start - Quick install and setup instructions
- Release Notes - fpnd Software Version Description (latest release)
- Change Log - detailed change history
- Old README - previous (template-based) FOSS readme
Important
If you already installed one of the early 0.9.x or older releases, please upgrade to the latest release (as a bonus you will get an stunnel upgrade plus several lemony-fresh bug fixes). See issue #88 for more details.
We assume you're reading this because you want to take back some control over your online privacy, so the first thing you should do is read the short DNS Privacy doc and then evaluate your own DNS Setup and decide which secure DNS providers suit your needs. If you've already done that (or you're just super impatient ;) then proceed with the following to install the software.
Note
You will need one of the supported Linux distributions below with at least Python 3.6 in order to run this software. On Gentoo you should also have a 5.x kernel.
We test mainly on Gentoo, Ubuntu LTS (Bionic, Focal, Groovy) and Kali Linux. However, the default Python on Xenial lacks sufficient asyncio support, so will not work out-of-the-box.
Before you can install any FreePN packages, you'll need to add the required package repository or overlay.
For all Ubuntu series, make sure you have the gpg and add-apt-repository commands installed and then add the PPA:
$ sudo apt-get install -y software-properties-common
$ sudo add-apt-repository -y -s ppa:nerdboy/embeddedNote that on kali you will need to edit the file created under /etc/apt/sources.list.d for the PPA and change the series name to focal, then run sudo apt-get update again.
For Gentoo or derivatives based on Portage, first install the portage overlay.
Create a repos.conf file for the overlay and place the file in the /etc/portage/repos.conf directory. Run:
$ sudo nano /etc/portage/repos.conf/freepn-overlay.confand add the following content to the new file:
[freepn-overlay]
# Various python ebuilds for FreePN
# Maintainer: nerdboy <[email protected]>
location = /var/db/repos/freepn-overlay
sync-type = git
sync-uri = https://github.com/freepn/freepn-overlay.git
priority = 50
auto-sync = yesAdjust the path in the location field as needed, then save and exit nano.
Run the following command to sync the repo:
$ sudo emaint sync --repo freepn-overlayAfter following the pre-install setup, use the appropriate package manager to install the package for your distro:
- Gentoo -
sudo emerge freepn-gtk3-tray - Ubuntu -
sudo apt-get install freepn-gtk3-indicator
Then add your local <username> to the fpnd group:
sudo usermod -aG fpnd <username>
Note
Replace <username> with your actual login ID when you run the above command, then log out and log back in again.
Check your group memberships with the id command:
$ id
uid=1000(ubuntu) gid=1000(ubuntu) groups=1000(ubuntu),4(adm),20(dialout),24(cdrom),25(floppy),27(sudo),29(audio),30(dip),44(video),46(plugdev),115(netdev),118(lxd),995(fpnd)If you really don't want/need a desktop, you can still install the network component:
- Gentoo -
sudo emerge net-misc/fpnd - Ubuntu -
sudo apt-get install python3-fpnd
Once installed, the above packages should update normally along with any other updated system packages (both @world and dependencies). It's very important to keep all your system packages up to date, and especially important when running an alpha release (eg, fpnd-0.9.x) since (software) interfaces may (and probably will) break between releases. Both Gentoo and Ubuntu have ways to notify you when you have updates waiting (or at least when your package tree is getting stale).
- Gentoo
- Use your preferred tools to keep the overlay synced and check for updates frequently; using the "live" ebuild is left as an exercise for the reader...
- Ubuntu
- Use the Software Updater GUI -- or --
- Use
apt|apt-getfrom a terminal window.
When packages update on Ubuntu, you might see something like "The following packages have been kept back:" followed by one or more package names. This might happen with FreePN packages if new dependencies are added between releases. If you see python3-fpnd in the list of packages kept back, you can try one of the following commands (instead of the typical sudo apt-get upgrade) to resolve dependencies. Start with the first one:
sudo apt-get --with-new-pkgs upgradesudo apt upgradesudo apt-get install python3-fpnd
Although there is currently no user config file for the GUI component, the fpnd package installs the system settings file /etc/fpnd.ini. Most of the entries are there to provide a consistent set of defaults for different runtime environments, but some are intended for the end-user to adjust when appropriate.
DNS settings:
- route_dns: Default is
False; only set toTrueif you've configured your global (plain-text) DNS settings to use an external/public DNS server, eg Cloudflare (or you already have secure DNS in place) - private_dns_only: Default is
False; only set toTruewhen you're already running a secure local DNS resolver, eg stubby
Misc settings:
- drop_ip6: Default is
True; you can disable this if you need local IPv6 working, but you should have your own ipv6 firewall rules in place - default_iface: Default is
None; you should only need this if you have multiple network interfaces with active routes, then you should set this to the interface name you want FreePN to use - debug: Default is
True; set this toFalsefor slightly smaller log files
Select FreePN Tray Control from the Applications View or the Internet menu in your desktop of choice, eg, Gnome, Unity, XFCE, etc. You can also run it from an X terminal to get some debug output.
$ freepn-gtk3-indicator
![Mate Bionic Desktop (pi-top[1] Rpi 3B Rev 1.2)](images/freepn-mate-bionic.png)
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent