diff --git a/.github/workflows/test_set_1.yml b/.github/workflows/test_set_1.yml
index f2d4182..882a840 100644
--- a/.github/workflows/test_set_1.yml
+++ b/.github/workflows/test_set_1.yml
@@ -17,7 +17,7 @@ jobs:
     if: github.repository_owner == 'hwdsl2'
     strategy:
       matrix:
-        os_version: ["centos:8s", "centos:7", "rockylinux:8", "almalinux:8", "amazonlinux:2", "oraclelinux:8", "oraclelinux:7"]
+        os_version: ["centos:8s", "centos:7", "rockylinux:9", "rockylinux:8", "almalinux:9", "almalinux:8", "amazonlinux:2", "oraclelinux:9", "oraclelinux:8", "oraclelinux:7"]
       fail-fast: false
     env:
       OS_VERSION: ${{ matrix.os_version }}
@@ -51,7 +51,7 @@ jobs:
           }
 
           restart_ipsec() {
-            if grep -qs 'release 8' /etc/oracle-release; then
+            if grep -qs -E 'release (8|9)' /etc/oracle-release; then
               sleep 3
             fi
             if ! command -v amazon-linux-extras; then
@@ -85,58 +85,75 @@ jobs:
           cd /opt/src
           yum -y -q update
           yum -y -q install wget rsyslog
+          if grep -qs 'release 9' /etc/redhat-release; then
+            if grep -qi rocky /etc/redhat-release \
+              || grep -qi alma /etc/redhat-release; then
+              yum -y -q install diffutils
+            fi
+          fi
           systemctl start rsyslog
 
           cp -f /opt/src/scripts/vpnsetup.sh .
-          cp -f /opt/src/scripts/extras/quickstart.sh .
           cp -f /opt/src/scripts/extras/vpnuninstall.sh ./vpnunst.sh
           sed -i -e '/curl /a sed -i "/swan_ver_latest=/s/^/#/" "$tmpdir/vpn.sh"' \
             -e '/curl /a sed -i \x27/status=0/a sed -i "/swan_ver_latest=/s/^/#/" /opt/src/ikev2.sh\x27 "$tmpdir/vpn.sh"' \
-            vpnsetup.sh quickstart.sh
+            vpnsetup.sh
 
-          for vpnsc in vpnsetup.sh quickstart.sh; do
-            sh "$vpnsc"
+          sh vpnsetup.sh
 
-            systemctl restart xl2tpd
-            restart_ipsec
+          systemctl restart xl2tpd
+          restart_ipsec
+          if ! grep -qs 'release 9' /etc/oracle-release; then
             restart_fail2ban
             cat /var/log/fail2ban.log
+          fi
 
-            netstat -anpu | grep pluto
-            netstat -anpu | grep xl2tpd
+          netstat -anpu | grep pluto
+          netstat -anpu | grep xl2tpd
+          if grep -qs 'release 9' /etc/redhat-release; then
+            nft list ruleset
+            nft list ruleset | grep -q '192\.168\.42\.0/24'
+            nft list ruleset | grep -q '192\.168\.43\.0/24'
+          else
             iptables -nvL
             iptables -nvL | grep -q 'ppp+'
             iptables -nvL | grep -q '192\.168\.43\.0/24'
             iptables -nvL -t nat
             iptables -nvL -t nat | grep -q '192\.168\.42\.0/24'
             iptables -nvL -t nat | grep -q '192\.168\.43\.0/24'
-            grep pluto "$log1"
-            grep xl2tpd "$log2"
-            ipsec status
-            ipsec status | grep -q l2tp-psk
-            ipsec status | grep -q xauth-psk
-            ipsec status | grep -q ikev2-cp
+          fi
+          grep pluto "$log1"
+          grep xl2tpd "$log2"
+          ipsec status
+          ipsec status | grep -q l2tp-psk
+          ipsec status | grep -q xauth-psk
+          ipsec status | grep -q ikev2-cp
 
-            ls -ld /etc/ipsec.d/vpnclient.mobileconfig
-            ls -ld /etc/ipsec.d/vpnclient.sswan
-            ls -ld /etc/ipsec.d/vpnclient.p12
+          ls -ld /etc/ipsec.d/vpnclient.mobileconfig
+          ls -ld /etc/ipsec.d/vpnclient.sswan
+          ls -ld /etc/ipsec.d/vpnclient.p12
 
-            ls -l /usr/bin/ikev2.sh
-            ls -l /usr/bin/addvpnuser.sh
-            ls -l /usr/bin/delvpnuser.sh
-            ls -l /opt/src/ikev2.sh
-            ls -l /opt/src/addvpnuser.sh
-            ls -l /opt/src/delvpnuser.sh
+          ls -l /usr/bin/ikev2.sh
+          ls -l /usr/bin/addvpnuser.sh
+          ls -l /usr/bin/delvpnuser.sh
+          ls -l /opt/src/ikev2.sh
+          ls -l /opt/src/addvpnuser.sh
+          ls -l /opt/src/delvpnuser.sh
 
           bash vpnunst.sh <<ANSWERS
           y
           ANSWERS
-            rm -f /etc/ipsec.d/vpnclient*
-            if grep -qi stream /etc/redhat-release \
-              || grep -qs 'release 8' /etc/oracle-release; then
+          rm -f /etc/ipsec.d/vpnclient*
+          if grep -qi stream /etc/redhat-release \
+            || grep -qs -E 'release (8|9)' /etc/oracle-release; then
+            mkdir /etc/xl2tpd
+          fi
+          if grep -qs 'release 9' /etc/redhat-release; then
+            if grep -qi rocky /etc/redhat-release \
+              || grep -qi alma /etc/redhat-release; then
               mkdir /etc/xl2tpd
             fi
-          done
+          fi
 
           if [ "$1" != "amazon" ]; then
             cp -f /opt/src/scripts/vpnsetup_centos.sh ./vpnsetup.sh
@@ -161,12 +178,18 @@ jobs:
 
           netstat -anpu | grep pluto
           netstat -anpu | grep xl2tpd
-          iptables -nvL
-          iptables -nvL | grep -q 'ppp+'
-          iptables -nvL | grep -q '192\.168\.43\.0/24'
-          iptables -nvL -t nat
-          iptables -nvL -t nat | grep -q '192\.168\.42\.0/24'
-          iptables -nvL -t nat | grep -q '192\.168\.43\.0/24'
+          if grep -qs 'release 9' /etc/redhat-release; then
+            nft list ruleset
+            nft list ruleset | grep -q '192\.168\.42\.0/24'
+            nft list ruleset | grep -q '192\.168\.43\.0/24'
+          else
+            iptables -nvL
+            iptables -nvL | grep -q 'ppp+'
+            iptables -nvL | grep -q '192\.168\.43\.0/24'
+            iptables -nvL -t nat
+            iptables -nvL -t nat | grep -q '192\.168\.42\.0/24'
+            iptables -nvL -t nat | grep -q '192\.168\.43\.0/24'
+          fi
           ipsec status
           ipsec status | grep -q l2tp-psk
           ipsec status | grep -q xauth-psk
diff --git a/.github/workflows/test_set_2.yml b/.github/workflows/test_set_2.yml
index 52f8102..25a2491 100644
--- a/.github/workflows/test_set_2.yml
+++ b/.github/workflows/test_set_2.yml
@@ -17,7 +17,7 @@ jobs:
     if: github.repository_owner == 'hwdsl2'
     strategy:
       matrix:
-        os_version: ["ubuntu:22.04", "ubuntu:20.04", "ubuntu:18.04", "debian:11", "debian:10", "debian:9", "alpine:3.15", "alpine:3.16"]
+        os_version: ["ubuntu:22.04", "ubuntu:20.04", "ubuntu:18.04", "debian:11", "debian:10", "alpine:3.15", "alpine:3.16"]
       fail-fast: false
     container:
       image: ${{ matrix.os_version }}
@@ -92,59 +92,56 @@ jobs:
           fi
 
           cp -f "$GITHUB_WORKSPACE"/vpnsetup.sh .
-          cp -f "$GITHUB_WORKSPACE"/extras/quickstart.sh .
           cp -f "$GITHUB_WORKSPACE"/extras/vpnuninstall.sh ./vpnunst.sh
           sed -i -e '/curl /a sed -i "/swan_ver_latest=/s/^/#/" "$tmpdir/vpn.sh"' \
             -e '/curl /a sed -i \x27/status=0/a sed -i "/swan_ver_latest=/s/^/#/" /opt/src/ikev2.sh\x27 "$tmpdir/vpn.sh"' \
-            vpnsetup.sh quickstart.sh
+            vpnsetup.sh
 
-          for vpnsc in vpnsetup.sh quickstart.sh; do
-            sh "$vpnsc"
+          sh vpnsetup.sh
 
-            if [ "$os_type" = "alpine" ]; then
-              xl2tpd -c /etc/xl2tpd/xl2tpd.conf
-              restart_ipsec
-            else
-              restart_ipsec
-              restart_fail2ban
-              cat /var/log/fail2ban.log
-            fi
+          if [ "$os_type" = "alpine" ]; then
+            xl2tpd -c /etc/xl2tpd/xl2tpd.conf
+            restart_ipsec
+          else
+            restart_ipsec
+            restart_fail2ban
+            cat /var/log/fail2ban.log
+          fi
 
-            netstat -anpu | grep pluto
-            netstat -anpu | grep xl2tpd
-            iptables -nvL
-            iptables -nvL | grep -q 'ppp+'
-            iptables -nvL | grep -q '192\.168\.43\.0/24'
-            iptables -nvL -t nat
-            iptables -nvL -t nat | grep -q '192\.168\.42\.0/24'
-            iptables -nvL -t nat | grep -q '192\.168\.43\.0/24'
-            grep pluto "$log1"
-            grep xl2tpd "$log2"
-            ipsec status
-            ipsec status | grep -q l2tp-psk
-            ipsec status | grep -q xauth-psk
-            ipsec status | grep -q ikev2-cp
+          netstat -anpu | grep pluto
+          netstat -anpu | grep xl2tpd
+          iptables -nvL
+          iptables -nvL | grep -q 'ppp+'
+          iptables -nvL | grep -q '192\.168\.43\.0/24'
+          iptables -nvL -t nat
+          iptables -nvL -t nat | grep -q '192\.168\.42\.0/24'
+          iptables -nvL -t nat | grep -q '192\.168\.43\.0/24'
+          grep pluto "$log1"
+          grep xl2tpd "$log2"
+          ipsec status
+          ipsec status | grep -q l2tp-psk
+          ipsec status | grep -q xauth-psk
+          ipsec status | grep -q ikev2-cp
 
-            ls -ld /etc/ipsec.d/vpnclient.mobileconfig
-            ls -ld /etc/ipsec.d/vpnclient.sswan
-            ls -ld /etc/ipsec.d/vpnclient.p12
+          ls -ld /etc/ipsec.d/vpnclient.mobileconfig
+          ls -ld /etc/ipsec.d/vpnclient.sswan
+          ls -ld /etc/ipsec.d/vpnclient.p12
 
-            ls -l /usr/bin/ikev2.sh
-            ls -l /usr/bin/addvpnuser.sh
-            ls -l /usr/bin/delvpnuser.sh
-            ls -l /opt/src/ikev2.sh
-            ls -l /opt/src/addvpnuser.sh
-            ls -l /opt/src/delvpnuser.sh
+          ls -l /usr/bin/ikev2.sh
+          ls -l /usr/bin/addvpnuser.sh
+          ls -l /usr/bin/delvpnuser.sh
+          ls -l /opt/src/ikev2.sh
+          ls -l /opt/src/addvpnuser.sh
+          ls -l /opt/src/delvpnuser.sh
 
           bash vpnunst.sh <<ANSWERS
           y
           ANSWERS
-            rm -f /etc/ipsec.d/vpnclient*
-            if [ "$os_type" = "alpine" ]; then
-              killall pluto || true
-              killall xl2tpd || true
-            fi
-          done
+          rm -f /etc/ipsec.d/vpnclient*
+          if [ "$os_type" = "alpine" ]; then
+            killall pluto || true
+            killall xl2tpd || true
+          fi
 
           if [ "$os_type" = "alpine" ]; then
             cp -f "$GITHUB_WORKSPACE"/vpnsetup_alpine.sh ./vpnsetup.sh