openvpn-install

mirror of https://github.com/Nyr/openvpn-install.git synced 2024-11-23 21:46:08 +03:00

Author	SHA1	Message	Date
Nyr	5e29198c21	Offer updated	2016-07-23 16:44:41 +02:00
Nyr	ef1ae85797	Change cipher to AES-128-CBC	2016-05-16 02:52:33 +02:00
Nyr	ae5b5ce2be	Drop privileges after initialization	2016-05-15 20:50:37 +02:00
Nyr	c5b4907fd6	Enable tls-auth	2016-05-15 19:22:32 +02:00
Nyr	acca10ba1a	Prevent DNS leaks on Windows 10 - This will generate a warning in unsupported environments. - This will not work if the client is using an OpenVPN version lower than 2.3.9 - For OpenVPN 2.3.3+, ignore-unknown-option could be used instead of setenv opt to prevent a warning. TL;DR: upgrade to the latest OpenVPN on Windows, ignore the warning elsewhere. Thanks a lot for your continuous work on OpenVPN, @ValdikSS.	2016-05-15 01:49:50 +02:00
Nyr	52f419e0d5	Detect users running with "sh" instead of bash And changed error codes. Sorry, not sorry.	2016-05-10 14:12:32 +02:00
Nyr	2bcb4681a1	Added Verisign DNS	2016-04-07 16:57:47 +02:00
Nyr	7fb12dc5cb	Use "hash" instead of "which" Always better to use builtins, and “which” is even missing in some minimal templates.	2016-03-14 19:41:39 +01:00
Nyr	91b9373311	TAP is not needed Not sure why it was there in the first place.	2016-03-13 22:45:34 +01:00
Nyr	3a96224d1f	Revoking doesn't need a restart The CRL is checked with every new connection and channel renegotiation, no need to restart the server.	2016-03-08 01:12:43 +01:00
Nyr	96108e6b2e	Clarify NAT question	2016-02-29 19:18:32 +01:00
Nyr	e8958b969e	Avoid error message if sestatus isn't available Just a cosmetic change.	2016-02-19 21:50:28 +01:00
Nyr	eaf6f1fed4	Removed Level 3 DNS For some countries, Level 3 is now hijacking NXDOMAIN responses, so removed.	2016-02-14 22:26:10 +01:00
Nyr	cf60872eae	SELinux improvements - Now the port exception is removed when uninstalling. - sestatus seems to be more widely available.	2016-02-13 19:09:16 +01:00
Nyr	f9dafd6ec6	SELinux compatibility This should’ve been supported for a long time.	2016-02-12 23:46:53 +01:00
Nyr	186737c769	Improved one-liner git.io now supports HTTPS :)	2016-02-12 23:21:32 +01:00
Nyr	9779b817b6	Update README.md The “isn’t bulletproof” part was confusing to some users which were emailing me about security. I was just talking about compatibility.	2016-02-05 21:36:41 +01:00
Nyr	aa5c024b8e	Merge pull request #107 from angrysnarl/master Fixed rm -rf commands for revoking user certs	2015-12-15 17:17:31 +01:00
angrysnarl	a1b57a1c31	Fixed rm -rf commands for revoking user certs	2015-12-16 00:15:08 +08:00
Nyr	0df84e4541	Fix #105	2015-12-14 22:36:40 +01:00
Nyr	e58addc2c5	Verify server certificate during easy-rsa download	2015-11-24 23:04:56 +01:00
Nyr	d55effb08c	Update to easy-rsa 3.0.1	2015-11-21 15:35:51 +01:00
Nyr	73da43b872	Merge pull request #88 from ValdikSS/buf Do not allow OpenVPN to set (low) buffer sizes	2015-11-15 19:36:15 +01:00
Nyr	51998f0d56	Merge pull request #87 from ValdikSS/euid Use EUID to check root	2015-11-15 19:35:26 +01:00
Nyr	5a0babb807	Merge pull request #86 from ValdikSS/exit Use different exit codes on error	2015-11-15 19:35:13 +01:00
ValdikSS	0265fc0e06	Use different exit codes on error	2015-11-15 13:37:22 +03:00
ValdikSS	15a39afd11	Do not allow OpenVPN to set (low) buffer sizes	2015-11-15 13:36:20 +03:00
ValdikSS	2574097eb4	Use EUID to check root	2015-11-15 13:34:19 +03:00
Nyr	d32416561b	Grep for DROP as well as REJECT	2015-10-07 19:57:04 +02:00
Nyr	5c65625bcc	Merge pull request #76 from PeterDaveHello/patch-1 Don't run the script if download failed	2015-10-07 13:38:21 +02:00
Peter Dave Hello	5741989e69	Update README.md Use `&&` instead of `;` in the command, do not run the script if download failed.	2015-10-07 16:00:06 +08:00
Nyr	eb8d8257a0	The BIG commit - Upgrade to easy-rsa 3.0.0 - Firewall support: rules are added for both FirewallD and iptables if needed. - Creation of our own configuration files for both the server and clients. - Using subnet topology instead of the deprecated net30. - Removed port 53 question during install: user can just choose that port during setup. - Removed internal networking option: this is a road warrior installer after all. - Bugfix: the default easy-rsa directory was not correctly deleted if one was already there.	2015-09-12 21:48:08 +02:00
Nyr	abe2ac44b1	Offer updated	2015-09-04 20:56:25 +02:00
Nyr	e176938ecd	Offer updated	2015-08-06 19:43:23 +02:00
Nyr	b46a0541dd	Replaced Yandex DNS with Google Yandex DNS is not stable enough, Google was previously missing.	2015-08-05 02:17:24 +02:00
Nyr	67b4cd68e2	Merge pull request #57 from hcartiaux/master Remove a useless wc	2015-08-04 16:27:58 +02:00
Hyacinthe Cartiaux	91e09dedf1	Remove a useless use of wc	2015-08-01 20:27:30 +02:00
Nyr	7d467d9666	Multiple improvements - Better UX for client certificate revocation: a list of the current client names is shown to the user - easy-rsa 2.2.2 now used by default: it’s easier for me to maintain a single version	2015-07-22 08:02:59 +02:00
Nyr	b778c1aed9	Cosmetic bugfix	2015-06-29 09:23:44 +02:00
Nyr	e6168baf80	Offer updated	2015-06-29 08:53:13 +02:00
Nyr	cf48ecd3b0	Bugfixes - Little fix for Debian Jessie - Better systemd detection - Fixed revocation on CentOS	2015-04-28 18:35:54 +02:00
Nyr	68b5ff7e99	Revert "Cleaner port 53 setup" This reverts commit `fb036d575b`.	2015-03-10 10:44:47 +01:00
Nyr	fb036d575b	Cleaner port 53 setup	2015-02-16 17:33:22 +01:00
Nyr	fad088013c	CentOS support and other improvements	2015-02-11 19:51:19 +01:00
Nyr	a256194ecb	Add feedback during removal abortion	2015-01-25 20:45:07 +01:00
Nyr	98b39e7354	Added a confirmation dialog before removing	2015-01-21 03:03:14 +01:00
Nyr	135db489b7	Update README.md	2014-12-10 23:31:04 +01:00
Nyr	6d4af520b8	Bugfix for systems with a non-standard rc.local	2014-11-07 00:53:28 +01:00
Nyr	215140b682	Options for custom DNS and intra-VPN connectivity	2014-11-04 21:57:36 +01:00
Nyr	2174037768	Now using in-line certificates	2014-10-23 03:16:09 +02:00

1 2 3 4

178 Commits