diff --git a/extras/ikev2setup.sh b/extras/ikev2setup.sh
index cc486a7..f4dedbb 100644
--- a/extras/ikev2setup.sh
+++ b/extras/ikev2setup.sh
@@ -2,6 +2,9 @@
 #
 # Script to set up IKEv2 on Ubuntu, Debian and CentOS/RHEL
 #
+# The latest version of this script is available at:
+# https://github.com/hwdsl2/setup-ipsec-vpn
+#
 # Copyright (C) 2020 Lin Song <linsongui@gmail.com>
 #
 # This work is licensed under the Creative Commons Attribution-ShareAlike 3.0
diff --git a/extras/vpnupgrade.sh b/extras/vpnupgrade.sh
index 820d67c..1285d1c 100644
--- a/extras/vpnupgrade.sh
+++ b/extras/vpnupgrade.sh
@@ -2,6 +2,9 @@
 #
 # Script to upgrade Libreswan on Ubuntu and Debian
 #
+# The latest version of this script is available at:
+# https://github.com/hwdsl2/setup-ipsec-vpn
+#
 # Copyright (C) 2016-2020 Lin Song <linsongui@gmail.com>
 #
 # This work is licensed under the Creative Commons Attribution-ShareAlike 3.0
@@ -55,18 +58,15 @@ EOF
     ;;
 esac
 
-dns_state=0
-DNS_SRV1=$(grep "modecfgdns1=" /etc/ipsec.conf | head -n 1 | cut -d '=' -f 2)
-DNS_SRV2=$(grep "modecfgdns2=" /etc/ipsec.conf | head -n 1 | cut -d '=' -f 2)
-[ -n "$DNS_SRV1" ] && dns_state=2
-[ -n "$DNS_SRV1" ] && [ -n "$DNS_SRV2" ] && dns_state=1
-[ "$(grep -c "modecfgdns1=" /etc/ipsec.conf)" -gt "1" ] && dns_state=3
-
 ipsec_ver=$(/usr/local/sbin/ipsec --version 2>/dev/null)
 ipsec_ver_short=$(printf '%s' "$ipsec_ver" | sed -e 's/Linux Libreswan/Libreswan/' -e 's/ (netkey) on .*//')
 swan_ver_old=$(printf '%s' "$ipsec_ver_short" | sed -e 's/Libreswan //')
 if ! printf '%s' "$ipsec_ver" | grep -q "Libreswan"; then
-  exiterr "This script requires Libreswan already installed."
+cat 1>&2 <<'EOF'
+Error: This script requires Libreswan already installed.
+  See: https://github.com/hwdsl2/setup-ipsec-vpn
+EOF
+  exit 1
 fi
 
 if [ "$swan_ver_old" = "$SWAN_VER" ]; then
@@ -101,7 +101,6 @@ EOF
 
 cat <<'EOF'
 NOTE: This script will make the following changes to your IPsec config:
-
     - Fix obsolete ipsec.conf and/or ikev2.conf options
     - Optimize VPN ciphers
 
@@ -222,6 +221,13 @@ if uname -m | grep -qi '^arm'; then
   fi
 fi
 
+dns_state=0
+DNS_SRV1=$(grep "modecfgdns1=" /etc/ipsec.conf | head -n 1 | cut -d '=' -f 2)
+DNS_SRV2=$(grep "modecfgdns2=" /etc/ipsec.conf | head -n 1 | cut -d '=' -f 2)
+[ -n "$DNS_SRV1" ] && dns_state=2
+[ -n "$DNS_SRV1" ] && [ -n "$DNS_SRV2" ] && dns_state=1
+[ "$(grep -c "modecfgdns1=" /etc/ipsec.conf)" -gt "1" ] && dns_state=3
+
 sed -i".old-$(date +%F-%T)" \
     -e "s/^[[:space:]]\+auth=/  phase2=/" \
     -e "s/^[[:space:]]\+forceencaps=/  encapsulation=/" \
@@ -256,11 +262,11 @@ service ipsec restart
 cat <<EOF
 
 
-===========================================
+================================================
 
-Libreswan $SWAN_VER successfully installed!
+Libreswan $SWAN_VER has been successfully installed!
 
-===========================================
+================================================
 
 EOF
 
@@ -268,12 +274,10 @@ if [ "$dns_state" = "3" ]; then
 cat <<'EOF'
 IMPORTANT: Users upgrading to Libreswan 3.23 or newer must edit /etc/ipsec.conf
     and replace all occurrences of these two lines:
-
       modecfgdns1=DNS_SERVER_1
       modecfgdns2=DNS_SERVER_2
 
     with a single line like this:
-
       modecfgdns="DNS_SERVER_1 DNS_SERVER_2"
 
     Then run "sudo service ipsec restart".
diff --git a/extras/vpnupgrade_centos.sh b/extras/vpnupgrade_centos.sh
index 364658e..3bbd298 100644
--- a/extras/vpnupgrade_centos.sh
+++ b/extras/vpnupgrade_centos.sh
@@ -2,6 +2,9 @@
 #
 # Script to upgrade Libreswan on CentOS and RHEL
 #
+# The latest version of this script is available at:
+# https://github.com/hwdsl2/setup-ipsec-vpn
+#
 # Copyright (C) 2016-2020 Lin Song <linsongui@gmail.com>
 #
 # This work is licensed under the Creative Commons Attribution-ShareAlike 3.0
@@ -50,18 +53,15 @@ EOF
     ;;
 esac
 
-dns_state=0
-DNS_SRV1=$(grep "modecfgdns1=" /etc/ipsec.conf | head -n 1 | cut -d '=' -f 2)
-DNS_SRV2=$(grep "modecfgdns2=" /etc/ipsec.conf | head -n 1 | cut -d '=' -f 2)
-[ -n "$DNS_SRV1" ] && dns_state=2
-[ -n "$DNS_SRV1" ] && [ -n "$DNS_SRV2" ] && dns_state=1
-[ "$(grep -c "modecfgdns1=" /etc/ipsec.conf)" -gt "1" ] && dns_state=3
-
 ipsec_ver=$(/usr/local/sbin/ipsec --version 2>/dev/null)
 ipsec_ver_short=$(printf '%s' "$ipsec_ver" | sed -e 's/Linux Libreswan/Libreswan/' -e 's/ (netkey) on .*//')
 swan_ver_old=$(printf '%s' "$ipsec_ver_short" | sed -e 's/Libreswan //')
 if ! printf '%s' "$ipsec_ver" | grep -q "Libreswan"; then
-  exiterr "This script requires Libreswan already installed."
+cat 1>&2 <<'EOF'
+Error: This script requires Libreswan already installed.
+  See: https://github.com/hwdsl2/setup-ipsec-vpn
+EOF
+  exit 1
 fi
 
 if [ "$swan_ver_old" = "$SWAN_VER" ]; then
@@ -96,7 +96,6 @@ EOF
 
 cat <<'EOF'
 NOTE: This script will make the following changes to your IPsec config:
-
     - Fix obsolete ipsec.conf and/or ikev2.conf options
     - Optimize VPN ciphers
 
@@ -178,14 +177,6 @@ cat > Makefile.inc.local <<'EOF'
 WERROR_CFLAGS=-w
 USE_DNSSEC=false
 EOF
-if [ "$SWAN_VER" != "4.1" ]; then
-cat >> Makefile.inc.local <<'EOF'
-USE_DH31=false
-USE_NSS_AVA_COPY=true
-USE_NSS_IPSEC_PROFILE=false
-USE_GLIBC_KERN_FLIP_HEADERS=true
-EOF
-fi
 if [ "$SWAN_VER" = "3.31" ] || [ "$SWAN_VER" = "3.32" ] || [ "$SWAN_VER" = "4.1" ]; then
   echo "USE_DH2=true" >> Makefile.inc.local
   if ! grep -qs IFLA_XFRM_LINK /usr/include/linux/if_link.h; then
@@ -216,6 +207,13 @@ restorecon /usr/local/libexec/ipsec -Rv 2>/dev/null
 IKE_NEW="  ike=aes256-sha2,aes128-sha2,aes256-sha1,aes128-sha1,aes256-sha2;modp1024,aes128-sha1;modp1024"
 PHASE2_NEW="  phase2alg=aes_gcm-null,aes128-sha1,aes256-sha1,aes256-sha2_512,aes128-sha2,aes256-sha2"
 
+dns_state=0
+DNS_SRV1=$(grep "modecfgdns1=" /etc/ipsec.conf | head -n 1 | cut -d '=' -f 2)
+DNS_SRV2=$(grep "modecfgdns2=" /etc/ipsec.conf | head -n 1 | cut -d '=' -f 2)
+[ -n "$DNS_SRV1" ] && dns_state=2
+[ -n "$DNS_SRV1" ] && [ -n "$DNS_SRV2" ] && dns_state=1
+[ "$(grep -c "modecfgdns1=" /etc/ipsec.conf)" -gt "1" ] && dns_state=3
+
 sed -i".old-$(date +%F-%T)" \
     -e "s/^[[:space:]]\+auth=/  phase2=/" \
     -e "s/^[[:space:]]\+forceencaps=/  encapsulation=/" \
@@ -250,11 +248,11 @@ service ipsec restart
 cat <<EOF
 
 
-===========================================
+================================================
 
-Libreswan $SWAN_VER successfully installed!
+Libreswan $SWAN_VER has been successfully installed!
 
-===========================================
+================================================
 
 EOF
 
@@ -262,12 +260,10 @@ if [ "$dns_state" = "3" ]; then
 cat <<'EOF'
 IMPORTANT: Users upgrading to Libreswan 3.23 or newer must edit /etc/ipsec.conf
     and replace all occurrences of these two lines:
-
       modecfgdns1=DNS_SERVER_1
       modecfgdns2=DNS_SERVER_2
 
     with a single line like this:
-
       modecfgdns="DNS_SERVER_1 DNS_SERVER_2"
 
     Then run "sudo service ipsec restart".