setup-ipsec-vpn

mirror of https://github.com/hwdsl2/setup-ipsec-vpn.git synced 2024-07-03 19:15:40 +02:00

Author	SHA1	Message	Date
hwdsl2	d1da04b1d4	New Libreswan version - Support upgrading to Libreswan 4.9. - Compilation of Libreswan 4.9 on Ubuntu 18.04 requires newer versions of NSS packages. They are installed in a similar way as apply_ubuntu1804_nss_fix in ikev2setup.sh. Ref: https://github.com/libreswan/libreswan/issues/892	2022-10-21 00:11:15 -05:00
hwdsl2	bd291e91a1	Cleanup	2022-10-07 00:19:00 -05:00
hwdsl2	6e596825e2	Improve VPN ciphers - Improve security by removing support for modp1536 (DH group 5), which is less secure and rarely used by VPN clients. To do this, we specify modp2048 on the "ike=" line in ipsec.conf.	2022-09-30 01:11:18 -05:00
hwdsl2	025387df91	Improve VPN ciphers - Improve security by removing support for modp1024 (DH group 2), which is less secure and no longer enabled in Libreswan by default. - The native VPN client on Android devices uses modp1024 for the IPsec/L2TP and IPsec/XAuth ("Cisco IPsec") modes. After this change, Android users should instead connect using IKEv2 mode (recommended).	2022-09-29 22:52:40 -05:00
hwdsl2	cc99e18123	Cleanup	2022-09-24 18:56:27 -05:00
hwdsl2	32faed40d5	Improve IP check - Instead of finding the server's public IP, use the IP address on the default route if it is not a private IP. This makes VPN setup slightly faster by skipping IP detection. - Add a fallback URL for finding the server's public IP. - Cleanup	2022-09-24 00:58:16 -05:00
hwdsl2	35969d2bbb	Update Alpine Linux versions - Add Alpine Linux 3.16 and remove 3.14.	2022-06-19 22:41:21 -05:00
hwdsl2	34d9ad06d5	New Libreswan version - Support upgrading to Libreswan 4.7.	2022-05-25 23:59:21 -05:00
hwdsl2	b2626dc921	Cleanup	2022-04-27 00:05:45 -05:00
hwdsl2	a891b7613c	Fix for Alpine Linux - Fix IPsec service on Alpine Linux. Fixes #1123. - Clean up unneeded /etc/rc.local code for this OS.	2022-03-12 23:55:32 -06:00
hwdsl2	e5703d8aaa	Cleanup	2022-03-07 21:29:13 -06:00
hwdsl2	42c8d288e2	Cleanup - Improve backup of VPN config files	2022-02-18 21:42:37 -06:00
hwdsl2	5c85b5693c	Cleanup - Change the default action to 'continue' in VPN scripts	2022-02-12 12:24:26 -06:00
hwdsl2	6dbc47e0db	Improve upgrade scripts - Stop IPsec service before updating Libreswan	2022-02-08 23:46:11 -06:00
hwdsl2	35c23f1144	Improve upgrade scripts - Make specifying Libreswan version optional. Retrieve and install the latest supported version by default. - Other minor improvements	2022-01-29 12:34:10 -06:00
hwdsl2	e16151f183	Improve upgrade scripts - Cleanup	2022-01-29 01:47:45 -06:00
hwdsl2	c56ebe9cfe	Improve upgrade scripts - Make specifying Libreswan version optional in vpnupgrade.sh. Install the latest supported version by default. - Remove Libreswan version check	2022-01-22 22:30:39 -06:00
hwdsl2	5b1377dcf3	Cleanup	2022-01-22 21:34:53 -06:00
hwdsl2	6393470f46	Cleanup	2022-01-15 23:41:00 -06:00
hwdsl2	62723fe0c6	Update IKEv2 script - When upgrading Libreswan using vpnupgrade.sh, also update the IKEv2 helper script to the latest version.	2022-01-13 23:47:27 -06:00
hwdsl2	18b830c998	New Libreswan version - Support updating to Libreswan 4.6	2022-01-11 22:47:18 -06:00
hwdsl2	4403c9c241	Update Alpine scripts - Install nss, nss-tools and nss-dev from 3.14/3.15 repository. It is not necessary to install from edge because the latest 3.14/3.15 nss related packages are already patched to fix CVE-2021-43527. Ref: https://git.alpinelinux.org/aports/tree/community/nss?h=3.15-stable https://git.alpinelinux.org/aports/tree/community/nss?h=3.14-stable `603b198`	2022-01-05 19:33:08 -06:00
hwdsl2	c25baaf9a9	Cleanup	2022-01-04 23:01:14 -06:00
hwdsl2	c78b398057	Update year	2022-01-02 00:09:03 -06:00
hwdsl2	603b198613	Add Alpine 3.15 - Add support for Alpine Linux 3.15 - Install nss, nss-tools and nss-dev packages from edge for CVE-2021-43527 Ref: https://lists.libreswan.org/pipermail/swan-announce/2021/000044.html	2021-12-29 23:12:24 -06:00
hwdsl2	3c557c7f22	Add Alpine Linux	2021-09-11 15:00:29 -05:00

26 Commits