- Add an option for specifying a Libreswan version to install,
using variable VPN_SWAN_VER. Currently supported values are
4.15 and 5.0. This could be useful for users who want to
install the older Libreswan version 4.
- For IKEv2 mode, add a new variable VPN_CLIENT_VALIDITY for specifying
the client certificate validity period (in months). Must be an integer
between 1 and 120. Default value is 120. Users can define it as an
environment variable when setting up IKEv2 in auto mode, or when
adding a new IKEv2 client using "--addclient".
- Instead of finding the server's public IP, use the IP address
on the default route if it is not a private IP. This makes VPN
setup slightly faster by skipping IP detection.
- Add a fallback URL for finding the server's public IP.
- Cleanup
- Add an option to skip IKEv2 setup when installing the IPsec VPN.
Example: sudo VPN_SKIP_IKEV2=yes sh vpn.sh
- This allows users to set up an IKEv1-only VPN, or install IKEv2
interactively using "sudo ikev2.sh" after VPN setup.
- Make the VPN setup scripts work on Kali Linux (based on Debian).
- Update IKEv2 helper script to check for OpenSSL 3 first when
exporting the .p12 file.
- Show a warning instead of exiting with an error for missing /dev/ppp,
which could happen on Debian 11/10 with certain Linux kernels. Users
can use the IKEv2 or IPsec/XAuth ("Cisco IPsec") mode to connect.
Ref: https://git.io/vpndebian10
- In rare cases, if a parent process traps SIGPIPE, the 'tr'
command in the VPN setup scripts could output an error
'tr: write error: Broken pipe'. This is a cosmetic error
that does NOT affect the functionality of the scripts. This
commit hides the error in such cases.
