WebRTC Blocked at Router Level + Google finding non-vpn Location

[mirage22]

Hello,

I have an OpenVPN client running on my router, connected to a VPN provider. The IP address shown is that of my VPN Provider, as confirmed on ipleak.net

However, under the webrtc section on ipleak.net, it shows the IP address assigned by the VPN provider and three other IPs. 169.254.xxx.xxx and 169.90.xxx.xxx and my PC's IP address 192.168.xxx.xxx. (but not my ISP provided IP address)

1) Can we block the three additional IPs from showing up in the WebRTC leak?

2) In google.com i search IP and it gives my public ip address (the one assigned by the VPN Provider) via google's latest feature to give answers without opening links. but at the bottom of the search page, it gives my correct (non vpn) location stating that it received this "From your Internet address".

3) If i click on "use precise location" it actually picks my correct (non vpn) location again. How does this happen? This is just a PC. It doesn't have a GSM connection. The only other device that connects to the router is my blackberry phone. As I am not logged into any of google's services such as google maps or google now etc, there is no real integration of google to my blackberry. So how does the search page on my PC show my non-vpn location.

I had also setup the '_nomap' rule on all SSIDs when I bought the router. Even before setting up the internet connection on the router.

The concern is not about google knowing my location. But in general, the fact that I am unable to beat a website at actually knowing my location - that seems frustrating. How long before other websites catch up on this method to find the actual location of VPN users.

 

[cosmoxl]

WebRTC detection is polling your browser, the router can do nothing to prevent that.

Can you provide screenshots of what you are seeing at google? I tried to replicate your situation but I don't see anything at the bottom of the page regarding IP address.

 

[mirage22]

WebRTC detection is polling your browser, the router can do nothing to prevent that.

Can you provide screenshots of what you are seeing at google? I tried to replicate your situation but I don't see anything at the bottom of the page regarding IP address.

 

[mirage22]

btw, while your point is true, how are some VPN providers actually building WebRTC leaks protection in the VPN software you install on your PC. they are doing something, which we could also implement at the router level, isn't it?

 

[cosmoxl]

btw, while your point is true, how are some VPN providers actually building WebRTC leaks protection in the VPN software you install on your PC. they are doing something, which we could also implement at the router level, isn't it?

they are blocking access to anything outside the subnet of the VPN with firewall and/or iptables.

keep in mind WebRTC isn't seeing your ISP IP address and this is because you're running VPN on your router.

My suggestion is to turn off webRTC in browser if you don't want any website to detect anything by WebRTC.

It looks as though you've also got geolocation enabled in your browser. That's how google is able to pinpoint your real location. Turn that off too, in browser.

 

[mirage22]

they are blocking access to anything outside the subnet of the VPN with firewall and/or iptables.

keep in mind WebRTC isn't seeing your ISP IP address and this is because you're running VPN on your router.

My suggestion is to turn off webRTC in browser if you don't want any website to detect anything by WebRTC.

It looks as though you've also got geolocation enabled in your browser. That's how google is able to pinpoint your real location. Turn that off too, in browser.

So how is google picking up my geo-location from my IP address? Cause the Ip address is provided by my VPN provider in a totally different location. But google is showing my correct (non-vpn) location!

 

[cosmoxl]

So how is google picking up my geo-location from my IP address? Cause the Ip address is provided by my VPN provider in a totally different location. But google is showing my correct (non-vpn) location!

geolocation in browser has been known to elucidate real location. I haven't studied it but sounds like you may want to. I think you should look up how to disable it for your browser.

 

[mirage22]

Ok thanks!

I had geolocation disabled, but google had an exception with port 443 in the exceptions page. I removed google from there.

However, the problem is still not going away

I click on "use precise location" it says 'location unavailable'. I close the browser and reopen it, bam!!! the location is back. I deleted the locations from google locations history too! What is google doing so magically?

Finally, how does this geo-location feature work? router has _nomap. ip address is a totally different location. How does the browser actually get my precise location with geolocation 'on'.

 

[Cake]

You might be snitched on by a smart phone too. Lets say someone got a new android and clicked/selected during setup- Allow google to backup up stuff like passwords including wifi password (bad idea)... Allow google to use gps and networks for faster locations... ect. Phone connects to your Asus router and sends router's MAC, SSID and geolocation/long/lat to Google.
Some VPN providers share a single IP with many, but I put the blame on the tattler phone. LoL

 

[cosmoxl]

yeah, I really don't know why the geolocation problem. I tested a stock Internet Explorer (Just to test a common situation) and google still couldn't determine my real location.

 

[mirage22]

You might be snitched on by a smart phone too. Lets say someone got a new android and clicked/selected during setup- Allow google to backup up stuff like passwords including wifi password (bad idea)... Allow google to use gps and networks for faster locations... ect. Phone connects to your Asus router and sends router's MAC, SSID and geolocation/long/lat to Google.
Some VPN providers share a single IP with many, but I put the blame on the tattler phone. LoL

i would have agreed, but i own a blackberry. it dosn't connect to any google services..

 

[mirage22]

yeah, I really don't know why the geolocation problem. I tested a stock Internet Explorer (Just to test a common situation) and google still couldn't determine my real location.

I use chrome. maybe that's the problem. Yet, what is it, that google is doing?

 

[cosmoxl]

yeah, chrome is known these days to be very un-private. can't even really disable WebRTC in it.

 

[Cake]

I just caught firefox going to some kind of selfheal website on its own yesterday. I disabled it after searching what it was. Seems everyday these browsers are doing "extra homework" in the background. I feel At times it feels like a old game called clue. Professor plum did it with the gloves in the library.

 

[RMerlin]

I just caught firefox going to some kind of selfheal website on its own yesterday. I disabled it after searching what it was. Seems everyday these browsers are doing "extra homework" in the background. I feel At times it feels like a old game called clue. Professor plum did it with the gloves in the library.

Browsers nowadays do prefetches, download blacklist files, contact CRL servers to verify for certificate revocations, sync your data with the cloud... It never ends.

 

[faria]

So how is google picking up my geo-location from my IP address? Cause the Ip address is provided by my VPN provider in a totally different location. But google is showing my correct (non-vpn) location!

I came across that od behavior a couple of weeks ago , in my case it was when i added port 443 to my Vpn selective routing script, while doing some tests a few days earlier and forgot to remove the entry from the script.
Basically all traffic on port 443 was being routed via the isp, once i removed the port from the script the was no more IP leaks.

 

[mirage22]

I came across that od behavior a couple of weeks ago , in my case it was when i added port 443 to my Vpn selective routing script, while doing some tests a few days earlier and forgot to remove the entry from the script.
Basically all traffic on port 443 was being routed via the isp, once i removed the port from the script the was no more IP leaks.

no, that isn't my case. I have no dns leak. so i am pretty sure no such traffic leak is happening.

 

[SN382]

1) Can we block the three additional IPs from showing up in the WebRTC leak?

Yes, here is one example.

2) at the bottom of the search page, it gives my correct (non vpn) location stating that it received this "From your Internet address"

Are you signed in with a Google account? This is Google's official statement on the tracking methodology:

https://support.google.com/websearch/answer/179386

If i click on "use precise location" it actually picks my correct (non vpn) location again. How does this happen?

Is the PC's WiFi turned on? Google can still locate you if they know the physical location of a nearby WiFi router that your device can see. They are building a database for that purpose, from spyware and StreetView scans. If none of the above conditions apply, it sounds like IPV6 traffic is leaking outside your VPN tunnel and WebRTC in the browser is exploiting this security hole. Disable IPV6 in the router and see what happens. If your router cant do that, check if your router is supported by another firmware like Tomato, OpenWRT, DD-WRT.