My location data is leaking even if I have VPN on. I can confirm that this is not because of the router, browser, or wifi or DNS, or etc, but a problem of Fedora. Accessing certain sites that acquires my location (such as google maps) shows my real location even though I have a working VPN. System wide GPS is disabled. I disabled the access to location on firefox and brave browser, and still somehow websites have access to my real location data. This is a fucking insane behavior and why is this happening and how do I fix it? I am a light user and I just want things to work without so much tweaking or modifying the linux system.
Have you tried looking for clues to the reason, try https://ipleak.net/
1 Like
Thank you for sharing the website. Site detects IPv4 as the VPN server, but IPv6 shows my location. I am not sure how to fix that.
Use nmcli to find the external device name
nmcli
Example
# nmcli
enp1s0: connected to enp1s0
"Red Hat Virtio 1.0"
ethernet (virtio_net), 52:54:00:A6:95:73, hw, mtu 1500
ip4 default
inet4 192.168.0.26/24
route4 192.168.0.0/24 metric 100
route4 default via 192.168.0.1 metric 100
lo: connected (externally) to lo
"lo"
loopback (unknown), 00:00:00:00:00:00, sw, mtu 65536
inet4 127.0.0.1/8
inet6 ::1/128
Change device name to suit (enp1s0)
sudo nmcli connection modify enp1s0 ipv6.method "disabled"
sudo nmcli connection up enp1s0
3 Likes
Thank you! I followed the solution and it worked. But why was this happening? Based on my understanding, is it because the router had some kind of IPv6 enabled? Also the command worked without sudo.
If the router uses ipv4 and ipv6 the vpn needs to provide both, if not it exposes the real ipv6 address.
Some vpn providers do both.
The nmcli command will work without sudo and edit just the user setting, if sudo is used it does it for the whole system.
3 Likes
Does disabling location in Settings → Privacy & Security not work on Gnome? Also, one can perhaps specifically disable the geoclue systemd service and that should do it?
(If you’d like to debug this further, please start a new topic)
I assume that controls the use of “location” APIs not the meta data leaking that is going on here. It’s the use of the IPv6 address that is the issue.
This is not a location leak, but IPv6 leak, blame your VPN provider for being IPv4-only.
Decent VPN providers operate in dual-stack, half-decent ones block IPv6 with a kill switch.
NetworkManager operates on system level, there’s no user settings.
Polkit elevates nmcli calls with auth_self_keep for local consoles.