- CentOS 6 was EOL as of Nov. 30, 2020, and the default yum repos are
no longer available for installing new packages
Ref: https://wiki.centos.org/About/Product
- Remove workaround for EPEL repo issues (bff3fe5)
- "yum makecache" may have higher disk space requirements that could
cause issues on systems with low free disk space
- Use nftables only if firewalld is active (CentOS/RHEL 8)
- Fix RHEL 7 server-optional repo names. See:
https://access.redhat.com/articles/4599971
- Fix an issue where the codeready-builder repo cannot be enabled
on EC2 (RHEL 8). Fixes#804.
- Use nftables instead of iptables-services for CentOS 8
- Existing firewalld rules are now preserved during VPN setup,
which will be saved as part of nftables rules
- This fixes VPN connection issues on iOS 13
- Android 6.x and 7.x users may require sha2-truncbug=yes. Will note
this in the documentation
- Fixes#638
- Improve modecfgdns format
- Better parsing of DNS servers in upgrade scripts
- Add usage of DNS server variables to README and allow users to specify
only one or both alternative DNS servers
- Optimize VPN ciphers and their order for improved security and
compatibility with different OS. Remove 3DES algorithm
- Change 'sha2-truncbug' from 'yes' to 'no'
- Update docs
- Add compilation workarounds specific to Libreswan 3.23/3.25 to the VPN
setup scripts, so that users may install those versions by modifying
SWAN_VER before running the scripts
- Cleanup
- Exclude Ubuntu from xl2tpd 1.3.12 workaround (Ref: 3f8e79b), because
updated xl2tpd packages are now available for Ubuntu 16.04 and 18.04
See: https://bugs.launchpad.net/ubuntu/+source/xl2tpd/+bug/1760796
- Add Linux kernel 4.16 to the list of kernels to work around
- Cleanup
- Improve handling of the EPEL repository. Although uncommon, some systems
can have epel-release installed but disabled in /etc/yum.repos.d/epel.repo
- Fixes#210
- Install xl2tpd 1.3.12 for CentOS 6 with Linux kernel 4.14/4.15
- This version fixes an xl2tpd issue under the above Linux kernels
- Remove Linux kernel check which is no longer needed
- Ref: 3f8e79b (fix for Ubuntu/Debian)
