diff --git a/README-zh.md b/README-zh.md
index 3397df9..fe0279d 100644
--- a/README-zh.md
+++ b/README-zh.md
@@ -28,7 +28,7 @@ IPsec VPN 可以加密你的网络流量,以防止在通过因特网传送时
## 快速开始
-首先,在你的 Linux 服务器[*](#quick-start-note) 上全新安装一个 Ubuntu 16.04/14.04 LTS, Debian 或者 CentOS 系统。
+首先,在你的 Linux 服务器[*](#quick-start-note) 上全新安装一个 Ubuntu LTS, Debian 或者 CentOS 系统。
使用以下命令快速搭建 IPsec VPN 服务器:
@@ -58,7 +58,7 @@ wget https://git.io/vpnsetup -O vpnsetup.sh && sudo sh vpnsetup.sh
## 系统要求
一个新创建的 Amazon EC2 实例,使用这些映像 (AMIs):
-- Ubuntu 16.04 (Xenial) or 14.04 (Trusty) [*](#ubuntu-1804-note)
+- Ubuntu 16.04 (Xenial) or 14.04 (Trusty)
- Debian 9 (Stretch) or 8 (Jessie)
- CentOS 7 (x86_64) with Updates
- CentOS 6 (x86_64) with Updates
@@ -77,9 +77,6 @@ wget https://git.io/vpnsetup -O vpnsetup.sh && sudo sh vpnsetup.sh
高级用户可以在 $35 Raspberry Pi 3 上搭建 VPN 服务器。
-
-\* **注:** 目前脚本还不支持 Ubuntu 18.04,因为一个 xl2tpd 的 问题。你可以换用 这个 Docker 镜像。
-
:warning: **不要** 在你的 PC 或者 Mac 上运行这些脚本!它们只能用在服务器上!
## 安装说明
diff --git a/README.md b/README.md
index 65db8da..3210566 100644
--- a/README.md
+++ b/README.md
@@ -28,7 +28,7 @@ We will use Libreswan as th
## Quick start
-First, prepare your Linux server[*](#quick-start-note) with a fresh install of Ubuntu 16.04/14.04 LTS, Debian or CentOS.
+First, prepare your Linux server[*](#quick-start-note) with a fresh install of Ubuntu LTS, Debian or CentOS.
Use this one-liner to set up an IPsec VPN server:
@@ -58,7 +58,7 @@ For other installation options and how to set up VPN clients, read the sections
## Requirements
A newly created Amazon EC2 instance, from these images (AMIs):
-- Ubuntu 16.04 (Xenial) or 14.04 (Trusty) [*](#ubuntu-1804-note)
+- Ubuntu 16.04 (Xenial) or 14.04 (Trusty)
- Debian 9 (Stretch) or 8 (Jessie)
- CentOS 7 (x86_64) with Updates
- CentOS 6 (x86_64) with Updates
@@ -77,9 +77,6 @@ This also includes Linux VMs in public clouds, such as Raspberry Pi 3.
-
-\* **Note:** Ubuntu 18.04 is not yet supported due to an xl2tpd issue. Use this Docker image instead.
-
:warning: **DO NOT** run these scripts on your PC or Mac! They should only be used on a server!
## Installation
diff --git a/vpnsetup.sh b/vpnsetup.sh
index 576f361..b8d4867 100755
--- a/vpnsetup.sh
+++ b/vpnsetup.sh
@@ -69,17 +69,6 @@ if [ "$(id -u)" != 0 ]; then
exiterr "Script must be run as root. Try 'sudo sh $0'"
fi
-case "$(uname -r)" in
- 4.14*)
- if uname -m | grep -qi '^arm'; then
- exiterr "Linux kernel 4.14 is not supported due to an xl2tpd issue."
- fi
- ;;
- 4.15*)
- exiterr "Linux kernel 4.15 is not supported due to an xl2tpd issue."
- ;;
-esac
-
net_iface=${VPN_NET_IFACE:-'eth0'}
def_iface="$(route 2>/dev/null | grep '^default' | grep -o '[^ ]*$')"
[ -z "$def_iface" ] && def_iface="$(ip -4 route list 0/0 2>/dev/null | grep -Po '(?<=dev )(\S+)')"
@@ -184,6 +173,25 @@ apt-get -yq install libnss3-dev libnspr4-dev pkg-config \
libcurl4-nss-dev flex bison gcc make libnss3-tools \
libevent-dev ppp xl2tpd || exiterr2
+case "$(uname -r)" in
+ 4.14*|4.15*)
+ L2TP_VER=1.3.12
+ l2tp_file="xl2tpd-$L2TP_VER.tar.gz"
+ l2tp_url1="https://github.com/xelerance/xl2tpd/archive/v$L2TP_VER.tar.gz"
+ l2tp_url2="https://mirrors.kernel.org/ubuntu/pool/universe/x/xl2tpd/xl2tpd_$L2TP_VER.orig.tar.gz"
+ apt-get -yq install libpcap0.8-dev || exiterr2
+ if ! { wget -t 3 -T 30 -nv -O "$l2tp_file" "$l2tp_url1" || wget -t 3 -T 30 -nv -O "$l2tp_file" "$l2tp_url2"; }; then
+ exiterr "Cannot download xl2tpd source."
+ fi
+ /bin/rm -rf "/opt/src/xl2tpd-$L2TP_VER"
+ tar xzf "$l2tp_file" && /bin/rm -f "$l2tp_file"
+ cd "xl2tpd-$L2TP_VER" || exiterr "Cannot enter xl2tpd source dir."
+ make -s 2>/dev/null && PREFIX=/usr make -s install
+ cd /opt/src || exiterr "Cannot enter /opt/src."
+ /bin/rm -rf "/opt/src/xl2tpd-$L2TP_VER"
+ ;;
+esac
+
bigecho "Installing Fail2Ban to protect SSH..."
apt-get -yq install fail2ban || exiterr2