hwdsl2
8a3f22ba65
Update Debian check
...
- Add check for Debian 8 (not supported)
2020-12-04 23:39:35 -06:00
hwdsl2
00f9d2ba86
Clean up build flags
...
- Clean up build flags for Libreswan. In Libreswan 4.1, these flags are
now set automatically based on Ubuntu/Debian versions, and no longer
needed for CentOS/RHEL 7 and 8.
- Ref: https://github.com/libreswan/libreswan/blob/main/mk/defaults/linux.mk
https://github.com/libreswan/libreswan/commit/c01ffcc1
2020-12-04 23:36:53 -06:00
hwdsl2
41142ee915
Remove CentOS 6
...
- CentOS 6 was EOL as of Nov. 30, 2020, and the default yum repos are
no longer available for installing new packages
Ref: https://wiki.centos.org/About/Product
2020-12-02 23:40:54 -06:00
hwdsl2
427e50a9ed
Update upgrade scripts
...
- Set sha2-truncbug to "no" when upgrading. This is required for
iOS 13/14 and macOS 10.15/11 VPN clients to connect.
- References: 3353888
#882
2020-11-27 11:16:12 -06:00
hwdsl2
cf1865a66e
Improve RPi detection
...
- Add check for 64-bit versions of Raspberry Pi OS, e.g. Ubuntu 20.04
on Raspberry Pi 4
- Ref: #852
2020-11-24 21:27:40 -06:00
hwdsl2
ccd072541b
Update Debian check
...
- Add check for Debian 10. See: https://git.io/vpndebian10
- Remove Debian 7 check
2020-11-17 00:50:35 -06:00
hwdsl2
b57678b893
Update upgrade scripts
...
- Remove support for upgrading to old Libreswan versions 3.19-3.25
- Minor improvements
2020-11-15 11:47:14 -06:00
hwdsl2
ecd99a6bba
Fix version detection
...
- Fix Libreswan version detection in upgrade scripts
2020-11-12 10:25:09 -06:00
hwdsl2
694679b59c
Update upgrade scripts
...
- Replace the obsolete ike-frag option in ikev2.conf (if exists),
which was removed in Libreswan 4.1.
2020-11-12 00:39:20 -06:00
hwdsl2
5a13026701
Apply Libreswan fix
...
- Fix detection for sysvinit initsystem:
cfe4dabab4
2020-11-11 23:05:29 -06:00
hwdsl2
1dee0d4262
Update upgrade scripts
...
- Support upgrading to Libreswan 4.1
2020-11-11 01:10:27 -06:00
hwdsl2
afb8a7acce
New Libreswan version
...
- Upgrade Libreswan from 3.32 to 4.1
2020-11-11 00:27:44 -06:00
hwdsl2
4fa17ce958
Fix for EPEL repo
...
- Remove workaround for EPEL repo issues (bff3fe5
)
- "yum makecache" may have higher disk space requirements that could
cause issues on systems with low free disk space
2020-09-30 22:49:49 -05:00
hwdsl2
5e090770c8
Update IKEv2 script
...
- Allow specifying custom DNS servers
- Add notes about the IKEv2 MOBIKE extension
- Cleanup
2020-07-12 17:14:30 -05:00
hwdsl2
bff3fe5a4b
Fix for EPEL repo
...
- Add workaround for EPEL repo issues
2020-07-06 23:03:13 -05:00
hwdsl2
012c19fed1
Update IKEv2 script
...
- Allow specifying the validity period of client certificates
2020-07-02 11:48:35 -05:00
hwdsl2
cf2ed17ae6
Update IKEv2 script
...
- Improve error handling and move ikev2 config to the last step
2020-06-11 01:32:31 -05:00
hwdsl2
b7293e95da
Cleanup
2020-06-05 11:00:23 -05:00
hwdsl2
333a63850e
Update IKEv2 script
...
- Support adding IKEv2 VPN clients
- Users can specify name for the first VPN client
2020-06-05 00:29:15 -05:00
hwdsl2
e1e1b67afd
Improve IKEv2 setup
...
- Use /etc/ipsec.d/ikev2.conf for IKEv2 configuration
- Allow running from inside a container, so that it can be used with:
https://github.com/hwdsl2/docker-ipsec-vpn-server
2020-05-30 23:09:32 -05:00
hwdsl2
5894ea2e1f
Update IKEv2 script
...
- Allow running from inside a container, so that it can be used with:
https://github.com/hwdsl2/docker-ipsec-vpn-server
2020-05-30 17:35:27 -05:00
hwdsl2
5fe5f04835
Update upgrade scripts
...
- Ref: 71d67ae
2020-05-25 13:40:04 -05:00
hwdsl2
0a0607feb9
Update IKEv2 script
...
- Save client configuration to home folder
2020-05-17 18:09:40 -05:00
hwdsl2
b028661f6f
Update IKEv2 script
...
- Raspberry Pi (Raspbian) kernels do not support MOBIKE
2020-05-16 22:11:01 -05:00
hwdsl2
f38e2ea4f2
Cleanup
2020-05-14 23:07:47 -05:00
hwdsl2
5bf8b86192
Update IKEv2 script
...
- Fix CentOS detection
- Set MOBIKE question default to 'yes'
2020-05-11 23:15:05 -05:00
hwdsl2
6a285499e3
Update upgrade scripts
...
- Support upgrading to Libreswan 3.32
- Update ikev2 setup helper script
2020-05-11 11:28:37 -05:00
hwdsl2
ace41ebc29
Add IKEv2 script
...
- Add a helper script for automatic IKEv2 setup
- Update IKEv2 docs
2020-05-11 01:18:34 -05:00
hwdsl2
f15db57ea5
Fix upgrade bug
...
- Fixed an issue where the upgrade script could break the IKEv2 section
of /etc/ipsec.conf for users who manually added IKEv2
2020-04-30 00:12:56 -05:00
hwdsl2
dae0c03356
Improve output
...
- Inhibit warning messages from Libreswan compilation
2020-04-29 11:00:25 -05:00
hwdsl2
5983c79904
Fix IKEv2
...
- Apply fix for an IKEv2 regression in Libreswan
- Ref: https://github.com/libreswan/libreswan/commit/90f8a09
https://github.com/libreswan/libreswan/issues/333
https://github.com/libreswan/libreswan/issues/329
2020-04-26 16:27:00 -05:00
hwdsl2
dbb3c6b436
Improve RPi workaround
...
- Newer Raspbian kernels now support SHA512
2020-04-26 00:32:54 -05:00
hwdsl2
48d9b06bab
Update upgrade scripts
...
- Support upgrading to Libreswan 3.31
2020-04-12 00:28:00 -05:00
hwdsl2
53a4bbb06a
Add install note
2020-01-13 00:09:30 -08:00
hwdsl2
4360737eaf
Improve OS detection
2020-01-13 00:07:39 -08:00
hwdsl2
99e194e683
Add CentOS 8
...
- Add support for CentOS/RHEL 8
2019-11-01 13:31:23 -07:00
hwdsl2
609f24257d
New Libreswan version
...
- Upgrade Libreswan to 3.29
2019-06-10 21:05:51 -05:00
hwdsl2
6c0c006d24
Cleanup
2019-06-09 00:14:33 -05:00
hwdsl2
62d9b845d6
Cleanup
2019-06-03 22:02:14 -05:00
hwdsl2
1659d0336c
Support Libreswan 3.28
...
- Support upgrading to new Libreswan version 3.28
- Patch applied for Debian 9/8. See:
https://lists.libreswan.org/pipermail/swan/2019/003210.html
- Patch applied for CentOS 6. See:
5db185497d
and 4b93354f35
2019-06-02 21:08:43 -05:00
hwdsl2
d382350bde
Improve VPN users
...
- Check VPN users for duplicates in the helper script
2019-01-13 11:51:47 -06:00
hwdsl2
6fb35e25cb
Update year
2019-01-12 11:34:10 -06:00
hwdsl2
997cacdaeb
Cleanup
2019-01-12 01:08:04 -06:00
hwdsl2
03e587d834
Cleanup
2018-12-19 00:14:31 -06:00
hwdsl2
ddaa0ee99c
Improve DNS servers
...
- Improve modecfgdns format
- Better parsing of DNS servers in upgrade scripts
- Add usage of DNS server variables to README and allow users to specify
only one or both alternative DNS servers
2018-12-17 00:07:04 -06:00
hwdsl2
ff82c3fb6e
Improve VPN ciphers
...
- Optimize order of VPN ciphers for performance
2018-11-24 10:30:42 -06:00
hwdsl2
83b0663318
Add more helper scripts
...
- Create additional helper scripts for managing VPN users
- Update docs
- Closes : #355
2018-11-22 16:49:56 -06:00
hwdsl2
b979d1f15d
Add helper script
...
- Create a helper script for updating VPN users
- Update docs
2018-11-22 02:46:28 -06:00
hwdsl2
f1c8c06af1
Improve VPN ciphers
...
- Replace "aes_gcm256-null,aes_gcm128-null" with "aes_gcm-null" to
improve compatibility with some Linux kernels
- Ref: https://libreswan.org/wiki/FAQ#Using_aes_gcm_or_aes_ctr_results_in_ERROR:_netlink_response_for_Add_SA_esp.XXXXXXXX.40IPADDRESS_included_errno_22:_Invalid_argument
2018-11-02 01:54:49 -05:00
hwdsl2
5f75a7306a
Improve VPN ciphers
...
- Revert 'sha2-truncbug' from 'no' to 'yes' to fix compatibility with
Android versions 6.x and 7.x.
- Remove aes128-sha2_512 algorithm
- Ref: 732ad1e
2018-10-28 00:33:42 -05:00