hwdsl2
ca8619476d
New Libreswan version
...
- Support upgrading to Libreswan 4.15.
2024-04-17 20:43:02 -05:00
hwdsl2
3b24405cdd
New Libreswan version
...
- Support upgrading to Libreswan 4.14.
2024-03-16 11:52:16 -05:00
hwdsl2
198bd98fbb
Update year
2024-02-03 15:31:58 -06:00
hwdsl2
c8bb2bc36c
New Libreswan version
...
- Support upgrading to Libreswan 4.12.
2023-08-11 00:08:25 -05:00
hwdsl2
efcfbe8da3
New Libreswan version
...
- Support upgrading to Libreswan 4.11.
2023-05-05 00:07:07 -05:00
hwdsl2
1a79a5cfce
New Libreswan version
...
- Support upgrading to Libreswan 4.10.
2023-03-01 08:55:12 -06:00
hwdsl2
c356a75bca
Update docs
2023-01-04 18:58:29 -06:00
hwdsl2
2bd37ccf66
Cleanup
...
- Save a redirect and make VPN setup slightly faster by using
raw.githubusercontent.com directly instead of
https://github.com/hwdsl2/setup-ipsec-vpn/raw/ ...
2022-10-23 14:05:57 -05:00
hwdsl2
d1da04b1d4
New Libreswan version
...
- Support upgrading to Libreswan 4.9.
- Compilation of Libreswan 4.9 on Ubuntu 18.04 requires newer
versions of NSS packages. They are installed in a similar way
as apply_ubuntu1804_nss_fix in ikev2setup.sh.
Ref: https://github.com/libreswan/libreswan/issues/892
2022-10-21 00:11:15 -05:00
hwdsl2
6e596825e2
Improve VPN ciphers
...
- Improve security by removing support for modp1536 (DH group 5),
which is less secure and rarely used by VPN clients. To do this,
we specify modp2048 on the "ike=" line in ipsec.conf.
2022-09-30 01:11:18 -05:00
hwdsl2
025387df91
Improve VPN ciphers
...
- Improve security by removing support for modp1024 (DH group 2),
which is less secure and no longer enabled in Libreswan by default.
- The native VPN client on Android devices uses modp1024 for the
IPsec/L2TP and IPsec/XAuth ("Cisco IPsec") modes. After this change,
Android users should instead connect using IKEv2 mode (recommended).
2022-09-29 22:52:40 -05:00
hwdsl2
cc99e18123
Cleanup
2022-09-24 18:56:27 -05:00
hwdsl2
32faed40d5
Improve IP check
...
- Instead of finding the server's public IP, use the IP address
on the default route if it is not a private IP. This makes VPN
setup slightly faster by skipping IP detection.
- Add a fallback URL for finding the server's public IP.
- Cleanup
2022-09-24 00:58:16 -05:00
hwdsl2
e2f211c678
Improve OS detection
...
- Improve OS detection and clean up
2022-08-10 22:41:55 -05:00
hwdsl2
1dbf897500
Cleanup
...
- Fix OS checking: Don't show errors for /etc/redhat-release.
- Fixes #1211 .
2022-08-09 19:34:32 -05:00
hwdsl2
10d54262fb
Add CentOS 9
...
- Add support for version 9 of CentOS Stream, RHEL, Rocky Linux
and AlmaLinux.
2022-07-30 02:59:49 -05:00
hwdsl2
066cb14e14
Cleanup
2022-07-30 00:50:40 -05:00
hwdsl2
34d9ad06d5
New Libreswan version
...
- Support upgrading to Libreswan 4.7.
2022-05-25 23:59:21 -05:00
hwdsl2
b2626dc921
Cleanup
2022-04-27 00:05:45 -05:00
hwdsl2
629b39d3b3
Add Oracle Linux
...
- Add support for Oracle Linux 8 and 7.
2022-03-20 23:10:11 -05:00
hwdsl2
beb756f1f2
Remove CentOS 8
...
- Remove support for CentOS Linux 8, which is EOL.
Ref: https://www.centos.org/centos-linux-eol/
2022-03-08 21:39:19 -06:00
hwdsl2
e5703d8aaa
Cleanup
2022-03-07 21:29:13 -06:00
hwdsl2
42c8d288e2
Cleanup
...
- Improve backup of VPN config files
2022-02-18 21:42:37 -06:00
hwdsl2
5c85b5693c
Cleanup
...
- Change the default action to 'continue' in VPN scripts
2022-02-12 12:24:26 -06:00
hwdsl2
6dbc47e0db
Improve upgrade scripts
...
- Stop IPsec service before updating Libreswan
2022-02-08 23:46:11 -06:00
hwdsl2
35c23f1144
Improve upgrade scripts
...
- Make specifying Libreswan version optional. Retrieve and install
the latest supported version by default.
- Other minor improvements
2022-01-29 12:34:10 -06:00
hwdsl2
e16151f183
Improve upgrade scripts
...
- Cleanup
2022-01-29 01:47:45 -06:00
hwdsl2
c56ebe9cfe
Improve upgrade scripts
...
- Make specifying Libreswan version optional in vpnupgrade.sh.
Install the latest supported version by default.
- Remove Libreswan version check
2022-01-22 22:30:39 -06:00
hwdsl2
5b1377dcf3
Cleanup
2022-01-22 21:34:53 -06:00
hwdsl2
6393470f46
Cleanup
2022-01-15 23:41:00 -06:00
hwdsl2
62723fe0c6
Update IKEv2 script
...
- When upgrading Libreswan using vpnupgrade.sh, also update the
IKEv2 helper script to the latest version.
2022-01-13 23:47:27 -06:00
hwdsl2
18b830c998
New Libreswan version
...
- Support updating to Libreswan 4.6
2022-01-11 22:47:18 -06:00
hwdsl2
c25baaf9a9
Cleanup
2022-01-04 23:01:14 -06:00
hwdsl2
c78b398057
Update year
2022-01-02 00:09:03 -06:00
hwdsl2
a47ced7899
Cleanup
2021-09-19 21:51:14 -05:00
hwdsl2
e2a9c4a0c3
Cleanup
2021-09-11 10:07:33 -05:00
hwdsl2
263ffe97cc
Cleanup
2021-09-07 09:02:22 -05:00
hwdsl2
da7697a5b0
Cleanup
...
- Update scripts to use bash instead of sh
- Update docs
2021-08-27 23:35:31 -05:00
hwdsl2
0e8e6a020c
New Libreswan version
...
- Support updating to Libreswan 4.5
2021-08-22 11:49:35 -05:00
hwdsl2
52216d8f59
Improve update scripts
...
- Refactor VPN update scripts into functions
- Cleanup
2021-08-22 00:43:14 -05:00
hwdsl2
8e570129b2
Cleanup
2021-08-14 00:26:27 -05:00
hwdsl2
6daacff466
Cleanup
2021-08-07 16:12:26 -05:00
hwdsl2
2e17ef68ce
Update OS detection
2021-07-27 00:59:15 -05:00
hwdsl2
61025818bb
Optimize binary size
...
- Use the gcc "-s" option when compiling Libreswan. This reduces
binary size by ~80%.
2021-07-10 01:57:11 -05:00
hwdsl2
64eb0e1f49
Cleanup
2021-06-09 00:42:28 -05:00
hwdsl2
ac0bde54bb
New Libreswan version
...
- Use new Libreswan version 4.4
- Support updating to Libreswan 4.4
- Other small improvements and cleanup
2021-04-24 16:15:05 -05:00
hwdsl2
d90c6121b6
Improve OS detection
2021-04-20 00:09:00 -05:00
hwdsl2
804856064b
Minor fix and cleanup
...
- Minor fix for CentOS 8 for the uncommon scenario where the server has
"nftables" service enabled
- Cleanup
2021-04-01 23:06:36 -05:00
hwdsl2
1972501725
New Libreswan version
...
- Use new Libreswan version 4.3
- Support updating to Libreswan 4.3
- Other small improvements
- Update tests
2021-02-21 23:54:37 -06:00
hwdsl2
4deb437562
Fix permissions
...
- Set the executable bit for .sh files. Ref: #910 . Thanks @reuixiy!
2021-02-13 14:40:48 -06:00