Use xl2tpd 1.3.12

- Install xl2tpd 1.3.12 for systems with Linux kernel 4.14/4.15
- This version fixes an xl2tpd issue under the above Linux kernels
- Remove Linux kernel check and notes which are no longer needed
- Ref: xelerance/xl2tpd#147
- Ref: https://github.com/xelerance/xl2tpd/releases

README-zh.md

@@ -28,7 +28,7 @@ IPsec VPN 可以加密你的网络流量，以防止在通过因特网传送时
 
 ## 快速开始
 
-首先，在你的 Linux 服务器[*](#quick-start-note) 上全新安装一个 Ubuntu 16.04/14.04 LTS, Debian 或者 CentOS 系统。
+首先，在你的 Linux 服务器[*](#quick-start-note) 上全新安装一个 Ubuntu LTS, Debian 或者 CentOS 系统。
 
 使用以下命令快速搭建 IPsec VPN 服务器：
 
@@ -58,7 +58,7 @@ wget https://git.io/vpnsetup -O vpnsetup.sh && sudo sh vpnsetup.sh
 ## 系统要求
 
 一个新创建的 <a href="https://aws.amazon.com/ec2/" target="_blank">Amazon EC2</a> 实例，使用这些映像 (AMIs):
-- <a href="https://cloud-images.ubuntu.com/locator/" target="_blank">Ubuntu 16.04 (Xenial) or 14.04 (Trusty)</a> [*](#ubuntu-1804-note)
+- <a href="https://cloud-images.ubuntu.com/locator/" target="_blank">Ubuntu 16.04 (Xenial) or 14.04 (Trusty)</a>
 - <a href="https://wiki.debian.org/Cloud/AmazonEC2Image" target="_blank">Debian 9 (Stretch) or 8 (Jessie)</a>
 - <a href="https://aws.amazon.com/marketplace/pp/B00O7WM7QW" target="_blank">CentOS 7 (x86_64) with Updates</a>
 - <a href="https://aws.amazon.com/marketplace/pp/B00NQAYLWO" target="_blank">CentOS 6 (x86_64) with Updates</a>
@@ -77,9 +77,6 @@ wget https://git.io/vpnsetup -O vpnsetup.sh && sudo sh vpnsetup.sh
 
 高级用户可以在 $35 <a href="https://blog.elasticbyte.net/setting-up-a-native-cisco-ipsec-vpn-server-using-a-raspberry-pi/" target="_blank">Raspberry Pi 3</a> 上搭建 VPN 服务器。
 
-<a name="ubuntu-1804-note"></a>
-\* **注：** 目前脚本还不支持 Ubuntu 18.04，因为一个 xl2tpd 的 <a href="https://github.com/xelerance/xl2tpd/issues/147" target="_blank">问题</a>。你可以换用 <a href="https://github.com/hwdsl2/docker-ipsec-vpn-server/blob/master/README-zh.md" target="_blank">这个 Docker 镜像</a>。
-
 :warning: **不要** 在你的 PC 或者 Mac 上运行这些脚本！它们只能用在服务器上！
 
 ## 安装说明

README.md

@@ -28,7 +28,7 @@ We will use <a href="https://libreswan.org/" target="_blank">Libreswan</a> as th
 
 ## Quick start
 
-First, prepare your Linux server[*](#quick-start-note) with a fresh install of Ubuntu 16.04/14.04 LTS, Debian or CentOS.
+First, prepare your Linux server[*](#quick-start-note) with a fresh install of Ubuntu LTS, Debian or CentOS.
 
 Use this one-liner to set up an IPsec VPN server:
 
@@ -58,7 +58,7 @@ For other installation options and how to set up VPN clients, read the sections
 ## Requirements
 
 A newly created <a href="https://aws.amazon.com/ec2/" target="_blank">Amazon EC2</a> instance, from these images (AMIs):
-- <a href="https://cloud-images.ubuntu.com/locator/" target="_blank">Ubuntu 16.04 (Xenial) or 14.04 (Trusty)</a> [*](#ubuntu-1804-note)
+- <a href="https://cloud-images.ubuntu.com/locator/" target="_blank">Ubuntu 16.04 (Xenial) or 14.04 (Trusty)</a>
 - <a href="https://wiki.debian.org/Cloud/AmazonEC2Image" target="_blank">Debian 9 (Stretch) or 8 (Jessie)</a>
 - <a href="https://aws.amazon.com/marketplace/pp/B00O7WM7QW" target="_blank">CentOS 7 (x86_64) with Updates</a>
 - <a href="https://aws.amazon.com/marketplace/pp/B00NQAYLWO" target="_blank">CentOS 6 (x86_64) with Updates</a>
@@ -77,9 +77,6 @@ This also includes Linux VMs in public clouds, such as <a href="https://blog.ls2
 
 Advanced users can set up the VPN server on a $35 <a href="https://blog.elasticbyte.net/setting-up-a-native-cisco-ipsec-vpn-server-using-a-raspberry-pi/" target="_blank">Raspberry Pi 3</a>.
 
-<a name="ubuntu-1804-note"></a>
-\* **Note:** Ubuntu 18.04 is not yet supported due to an xl2tpd <a href="https://github.com/xelerance/xl2tpd/issues/147" target="_blank">issue</a>. Use <a href="https://github.com/hwdsl2/docker-ipsec-vpn-server" target="_blank">this Docker image</a> instead.
-
 :warning: **DO NOT** run these scripts on your PC or Mac! They should only be used on a server!
 
 ## Installation

vpnsetup.sh

@@ -69,17 +69,6 @@ if [ "$(id -u)" != 0 ]; then
   exiterr "Script must be run as root. Try 'sudo sh $0'"
 fi
 
-case "$(uname -r)" in
-  4.14*)
-    if uname -m | grep -qi '^arm'; then
-      exiterr "Linux kernel 4.14 is not supported due to an xl2tpd issue."
-    fi
-    ;;
-  4.15*)
-    exiterr "Linux kernel 4.15 is not supported due to an xl2tpd issue."
-    ;;
-esac
-
 net_iface=${VPN_NET_IFACE:-'eth0'}
 def_iface="$(route 2>/dev/null | grep '^default' | grep -o '[^ ]*$')"
 [ -z "$def_iface" ] && def_iface="$(ip -4 route list 0/0 2>/dev/null | grep -Po '(?<=dev )(\S+)')"
@@ -184,6 +173,25 @@ apt-get -yq install libnss3-dev libnspr4-dev pkg-config \
   libcurl4-nss-dev flex bison gcc make libnss3-tools \
   libevent-dev ppp xl2tpd || exiterr2
 
+case "$(uname -r)" in
+  4.14*|4.15*)
+    L2TP_VER=1.3.12
+    l2tp_file="xl2tpd-$L2TP_VER.tar.gz"
+    l2tp_url1="https://github.com/xelerance/xl2tpd/archive/v$L2TP_VER.tar.gz"
+    l2tp_url2="https://mirrors.kernel.org/ubuntu/pool/universe/x/xl2tpd/xl2tpd_$L2TP_VER.orig.tar.gz"
+    apt-get -yq install libpcap0.8-dev || exiterr2
+    if ! { wget -t 3 -T 30 -nv -O "$l2tp_file" "$l2tp_url1" || wget -t 3 -T 30 -nv -O "$l2tp_file" "$l2tp_url2"; }; then
+      exiterr "Cannot download xl2tpd source."
+    fi
+    /bin/rm -rf "/opt/src/xl2tpd-$L2TP_VER"
+    tar xzf "$l2tp_file" && /bin/rm -f "$l2tp_file"
+    cd "xl2tpd-$L2TP_VER" || exiterr "Cannot enter xl2tpd source dir."
+    make -s 2>/dev/null && PREFIX=/usr make -s install
+    cd /opt/src || exiterr "Cannot enter /opt/src."
+    /bin/rm -rf "/opt/src/xl2tpd-$L2TP_VER"
+    ;;
+esac
+
 bigecho "Installing Fail2Ban to protect SSH..."
 
 apt-get -yq install fail2ban || exiterr2