Marown/setup-ipsec-vpn
1
0
Fork 0
mirror of https://github.com/hwdsl2/setup-ipsec-vpn.git synced 2024-06-29 17:15:43 +02:00
Code Issues Packages Projects Releases Wiki Activity
792 Commits 1 Branch 0 Tags 20 MiB
688a700fd6
Commit Graph

105 Commits

Author SHA1 Message Date
hwdsl2
61025818bb Optimize binary size 
- Use the gcc "-s" option when compiling Libreswan. This reduces
  binary size by ~80%.
 2021-07-10 01:57:11 -05:00
hwdsl2
64eb0e1f49 Cleanup 2021-06-09 00:42:28 -05:00
hwdsl2
ac0bde54bb New Libreswan version 
- Use new Libreswan version 4.4
- Support updating to Libreswan 4.4
- Other small improvements and cleanup
 2021-04-24 16:15:05 -05:00
hwdsl2
1972501725 New Libreswan version 
- Use new Libreswan version 4.3
- Support updating to Libreswan 4.3
- Other small improvements
- Update tests
 2021-02-21 23:54:37 -06:00
hwdsl2
4deb437562 Fix permissions 
- Set the executable bit for .sh files. Ref: #910. Thanks @reuixiy!
 2021-02-13 14:40:48 -06:00
hwdsl2
5779b2e6c8 Improve output 
- Improve output for the VPN setup and upgrade scripts. The outputs
  of the scripts are now significantly reduced and only include the
  most useful information for users.
- Other minor cleanup
 2021-02-05 21:49:35 -06:00
hwdsl2
1808095bb7 New Libreswan version 
- Use new Libreswan version 4.2
- Support updating to Libreswan 4.2 from older versions. The upgrade
  scripts can now install one of these versions: 3.32, 4.1 or 4.2.
- Other small improvements
- Update tests
 2021-02-04 01:47:04 -06:00
hwdsl2
3b90d2d394 Cleanup 2021-01-07 12:02:44 -06:00
hwdsl2
a5a1f4adb1 Cleanup 2021-01-03 14:05:13 -06:00
hwdsl2
dabf765978 Update year 2021-01-03 00:35:24 -06:00
hwdsl2
de7a529c6c Cleanup 
- Remove Debian 8 from VPN upgrade script, which is EOL on 06/30/2020
- Include OS arch when checking Libreswan version
- Other minor improvements
 2021-01-02 14:25:50 -06:00
hwdsl2
b3ad82fd48 Cleanup 2020-12-31 23:09:58 -06:00
hwdsl2
cac5191155 Add version check 
- Check for latest supported Libreswan version, and remind users who use
  a non-latest version of the VPN scripts that they can upgrade
- Other minor improvements
 2020-12-31 18:24:41 -06:00
hwdsl2
3b1403668d Update upgrade scripts 
- Clean up Libreswan build flags for CentOS
- Minor improvements
 2020-12-14 23:12:15 -06:00
hwdsl2
f9d84216d6 Fix Libreswan flags 
- Fix Libreswan flags on e.g. Raspbian 10
 2020-12-14 14:17:54 -06:00
hwdsl2
027c70edb0 Update Debian check 
- Update upgrade scripts to work on Debian 8 for now. Debian 8 (Jessie)
  is EOL and users should upgrade to a newer Debian version.
 2020-12-07 10:28:28 -06:00
hwdsl2
8a3f22ba65 Update Debian check 
- Add check for Debian 8 (not supported)
 2020-12-04 23:39:35 -06:00
hwdsl2
00f9d2ba86 Clean up build flags 
- Clean up build flags for Libreswan. In Libreswan 4.1, these flags are
  now set automatically based on Ubuntu/Debian versions, and no longer
  needed for CentOS/RHEL 7 and 8.
- Ref: https://github.com/libreswan/libreswan/blob/main/mk/defaults/linux.mk
       https://github.com/libreswan/libreswan/commit/c01ffcc1
 2020-12-04 23:36:53 -06:00
hwdsl2
427e50a9ed Update upgrade scripts 
- Set sha2-truncbug to "no" when upgrading. This is required for
  iOS 13/14 and macOS 10.15/11 VPN clients to connect.
- References: 3353888 #882
 2020-11-27 11:16:12 -06:00
hwdsl2
ccd072541b Update Debian check 
- Add check for Debian 10. See: https://git.io/vpndebian10
- Remove Debian 7 check
 2020-11-17 00:50:35 -06:00
hwdsl2
b57678b893 Update upgrade scripts 
- Remove support for upgrading to old Libreswan versions 3.19-3.25
- Minor improvements
 2020-11-15 11:47:14 -06:00
hwdsl2
ecd99a6bba Fix version detection 
- Fix Libreswan version detection in upgrade scripts
 2020-11-12 10:25:09 -06:00
hwdsl2
694679b59c Update upgrade scripts 
- Replace the obsolete ike-frag option in ikev2.conf (if exists),
  which was removed in Libreswan 4.1.
 2020-11-12 00:39:20 -06:00
hwdsl2
5a13026701 Apply Libreswan fix 
- Fix detection for sysvinit initsystem:
  cfe4dabab4
 2020-11-11 23:05:29 -06:00
hwdsl2
1dee0d4262 Update upgrade scripts 
- Support upgrading to Libreswan 4.1
 2020-11-11 01:10:27 -06:00
hwdsl2
5fe5f04835 Update upgrade scripts 
- Ref: 71d67ae
 2020-05-25 13:40:04 -05:00
hwdsl2
f38e2ea4f2 Cleanup 2020-05-14 23:07:47 -05:00
hwdsl2
6a285499e3 Update upgrade scripts 
- Support upgrading to Libreswan 3.32
- Update ikev2 setup helper script
 2020-05-11 11:28:37 -05:00
hwdsl2
f15db57ea5 Fix upgrade bug 
- Fixed an issue where the upgrade script could break the IKEv2 section
  of /etc/ipsec.conf for users who manually added IKEv2
 2020-04-30 00:12:56 -05:00
hwdsl2
dae0c03356 Improve output 
- Inhibit warning messages from Libreswan compilation
 2020-04-29 11:00:25 -05:00
hwdsl2
5983c79904 Fix IKEv2 
- Apply fix for an IKEv2 regression in Libreswan
- Ref: https://github.com/libreswan/libreswan/commit/90f8a09
  https://github.com/libreswan/libreswan/issues/333
  https://github.com/libreswan/libreswan/issues/329
 2020-04-26 16:27:00 -05:00
hwdsl2
dbb3c6b436 Improve RPi workaround 
- Newer Raspbian kernels now support SHA512
 2020-04-26 00:32:54 -05:00
hwdsl2
48d9b06bab Update upgrade scripts 
- Support upgrading to Libreswan 3.31
 2020-04-12 00:28:00 -05:00
hwdsl2
53a4bbb06a Add install note 2020-01-13 00:09:30 -08:00
hwdsl2
4360737eaf Improve OS detection 2020-01-13 00:07:39 -08:00
hwdsl2
609f24257d New Libreswan version 
- Upgrade Libreswan to 3.29
 2019-06-10 21:05:51 -05:00
hwdsl2
6c0c006d24 Cleanup 2019-06-09 00:14:33 -05:00
hwdsl2
62d9b845d6 Cleanup 2019-06-03 22:02:14 -05:00
hwdsl2
1659d0336c Support Libreswan 3.28 
- Support upgrading to new Libreswan version 3.28
- Patch applied for Debian 9/8. See:
  https://lists.libreswan.org/pipermail/swan/2019/003210.html
- Patch applied for CentOS 6. See:
  5db185497d
  and 4b93354f35
 2019-06-02 21:08:43 -05:00
hwdsl2
6fb35e25cb Update year 2019-01-12 11:34:10 -06:00
hwdsl2
997cacdaeb Cleanup 2019-01-12 01:08:04 -06:00
hwdsl2
03e587d834 Cleanup 2018-12-19 00:14:31 -06:00
hwdsl2
ddaa0ee99c Improve DNS servers 
- Improve modecfgdns format
- Better parsing of DNS servers in upgrade scripts
- Add usage of DNS server variables to README and allow users to specify
  only one or both alternative DNS servers
 2018-12-17 00:07:04 -06:00
hwdsl2
ff82c3fb6e Improve VPN ciphers 
- Optimize order of VPN ciphers for performance
 2018-11-24 10:30:42 -06:00
hwdsl2
f1c8c06af1 Improve VPN ciphers 
- Replace "aes_gcm256-null,aes_gcm128-null" with "aes_gcm-null" to
  improve compatibility with some Linux kernels
- Ref: https://libreswan.org/wiki/FAQ#Using_aes_gcm_or_aes_ctr_results_in_ERROR:_netlink_response_for_Add_SA_esp.XXXXXXXX.40IPADDRESS_included_errno_22:_Invalid_argument
 2018-11-02 01:54:49 -05:00
hwdsl2
5f75a7306a Improve VPN ciphers 
- Revert 'sha2-truncbug' from 'no' to 'yes' to fix compatibility with
  Android versions 6.x and 7.x.
- Remove aes128-sha2_512 algorithm
- Ref: 732ad1e
 2018-10-28 00:33:42 -05:00
hwdsl2
732ad1e941 Improve VPN ciphers 
- Optimize VPN ciphers and their order for improved security and
  compatibility with different OS. Remove 3DES algorithm
- Change 'sha2-truncbug' from 'yes' to 'no'
- Update docs
 2018-10-27 00:53:19 -05:00
hwdsl2
9db710090d Improve VPN ciphers 
- Add AES-GCM cipher for Chromebook compatibility and performance
 2018-10-25 01:25:35 -05:00
hwdsl2
804211c101 Cleanup 2018-10-21 00:20:54 -05:00
hwdsl2
a04d2d32e8 New Libreswan version 
- Upgrade Libreswan to 3.27
- Cleanup
 2018-10-09 12:32:28 -05:00