66b9f71ecf
hotfix(openvpn): fix support for tcp-client
...
- always use `proto tcp-client` when using TCP
- parses `tcp-client` (on top of `tcp`, `tcp4`, `tcp6`) as meaning TCP
- Fix #3302
2026-05-01 00:39:58 +00:00
f615e3c780
feat(openvpn): reduce handshake window to 10 seconds for faster failure detection
2026-04-30 23:55:59 +00:00
c473579261
chore(provider/utils): remove unused code
2026-04-19 01:31:09 +00:00
d5eeec6fb3
feat(protonvpn): support up to 5 forwarded ports ( #3208 )
2026-04-18 02:36:06 +02:00
5b88c76a14
fix(openvpn): bundle provider CA certificates in one block ( #3258 )
2026-03-26 22:32:43 +01:00
8a2e8bda0f
hotfix(amneziawg): fix errors ( #3240 )
2026-03-21 23:24:03 +01:00
97ccadfd33
chore(vpn): moved wireguard settings helpers from provider/utils to vpn as unexported functions
2026-03-11 14:05:55 +00:00
e6fc792f4f
feat(wireguard): amneziawg implementation ( #3150 )
2026-03-11 14:55:28 +01:00
be92aa2ac4
Path MTU discovery fixes and improvements ( #3109 )
...
- Existing option `WIREGUARD_MTU` , if set, disables PMTUD and is used
- New option `PMTUD_ICMP_ADDRESSES=1.1.1.1,8.8.8.8` and `PMTUD_TCP_ADDRESSES=1.1.1.1:443,8.8.8.8:443`
- ICMP PMTUD now targets external-by-default IP addresses
- New TCP PMTUD (binary search only) as a second MTU confirmation and fallback mechanism.
- Force set TCP MSS to MTU - IP header - TCP base header - "magic 20 bytes" 🎆
- Fix #3108
2026-02-14 19:40:34 -05:00
31284542a2
fix(wireguard): WIREGUARD_ENDPOINT_IP overrides the IP address of a picked connection
...
- Regression introduced in v3.39.0
- Fix #2759
2025-11-19 13:11:43 +00:00
76a4bb5dc3
chore: use gofumpt for code formatting
2024-10-11 19:27:29 +00:00
abe9dcbe33
chore(lint): add new linters and update codebase
...
- add canonicalheader
- add copyloopvar
- add fatcontext
- add intrange
2024-10-11 18:28:00 +00:00
5191f3558f
hotfix(protonvpn): drop P2P_ONLY in favor of PORT_FORWARD_ONLY
2024-07-31 14:29:31 +00:00
7bc2972b27
feat(perfectprivacy): port forwarding support ( #2378 )
2024-07-30 22:00:26 +02:00
cb99f90bb5
feat(protonvpn): feature filters ( #2182 )
...
- `SECURE_CORE_ONLY`
- `TOR_ONLY`
- `P2P_ONLY`
2024-07-29 08:57:31 +02:00
0501743814
feat(pia): port forwarding options VPN_PORT_FORWARDING_USERNAME and VPN_PORT_FORWARDING_PASSWORD
...
- Retro-compatible with `OPENVPN_USER` + `OPENVPN_PASSWORD`
- No more reading for the OpenVPN auth file
- Allow to use PIA port forwarding with Wireguard
2024-07-09 14:44:46 +00:00
6dd27e53d4
chore(portforward): remove PIA dependency on storage package
2024-05-02 09:18:35 +00:00
c87c0e12fe
feat(wireguard): WIREGUARD_PERSISTENT_KEEPALIVE_INTERVAL option
2024-04-25 10:44:13 +00:00
4d9c619b24
chore(config): use openvpn protocol string field instead of TCP bool
2024-03-25 18:29:51 +00:00
b3ceece779
feat(nordvpn): filter with SERVER_CATEGORIES ( #1806 )
...
- update NordVPN servers data built-in
2024-03-22 10:02:31 +01:00
b51aa0c6b9
feat(pia): PORT_FORWARD_ONLY variable ( #2070 )
2024-03-18 18:40:09 +01:00
5467652b8b
chore(openvpn): support multiple CAs in generated config
2023-12-19 18:21:03 +00:00
a194906bdd
chore(protonvpn): add debug logs for keeping port forwarded
2023-09-28 07:08:07 +00:00
aa6dc786a4
chore(provider): use type assertion for port forwarders
2023-09-23 13:02:09 +00:00
0406de399d
chore(portforward): move vpn gateway obtention within port forwarding service
2023-09-23 12:03:06 +00:00
919b55c3aa
feat(wireguard): WIREGUARD_ALLOWED_IPS variable ( #1291 )
2023-07-06 09:08:59 +02:00
8ad16cdc12
feat(protonvpn): port forwarding support with NAT-PMP ( #1543 )
...
Co-authored-by: Nicholas Xavier <nicho@nicho.dev >
2023-06-30 20:09:44 +02:00
e8f2296a0d
change(openvpn): Openvpn 2.4 no longer supported
2023-05-21 13:20:02 +00:00
1dd38bc658
feat(wireguard): WIREGUARD_MTU enviromnent variable ( #1571 )
2023-05-21 15:11:07 +02:00
5200ee5722
chore(settings): use generics for helping functions ( #1427 )
2023-05-20 22:37:23 +02:00
86ec75722a
chore(wireguard): use netip.AddrPort instead of *net.UDPAddr
2023-05-20 20:06:12 +00:00
0a29337c3b
chore(all): replace net.IP with netip.Addr
2023-05-20 20:06:12 +00:00
d21a943779
chore(all): use netip.Prefix for ip networks
...
- remove usage of `net.IPNet`
- remove usage of `netaddr.IPPrefix`
2023-04-27 13:42:50 +00:00
723d0f5e12
chore(lint): upgrade from v1.51.2 to v1.52.2
2023-04-12 09:40:00 +00:00
3b86927ca7
fix(vpnsecure): upgrade Openvpn key encryption if needed ( #1471 )
2023-04-03 03:40:09 -07:00
4ba159e483
chore(all): review error wrappings
...
- remove repetitive `cannot` and `failed` prefixes
- rename `unmarshaling` to `decoding`
2023-04-01 16:57:18 +00:00
2e3eb1fd7b
fix(wireguard): ignore IPv6 addresses if IPv6 is not supported
2022-12-14 11:52:03 +00:00
03ed3cb1c8
feat(wireguard): WIREGUARD_IMPLEMENTATION variable
...
- Can be `auto` (default), `userspace` or `kernelspace`
2022-12-02 11:16:27 +00:00
f15dde6502
feat(providers): add AirVPN support ( #1145 )
2022-10-17 02:54:56 -04:00
6a5aa8eddb
fix(openvpn): do not set tun-ipv6
...
- Server should push `tun-ipv6` if it is available
- Add ignore filter for `tun-ipv6` if ipv6 is not supported on client
- Fixes #435
2022-09-14 00:03:31 +00:00
7fdc7de210
feat(ipv6): use ipv6 endpoint IPs if supported
2022-09-12 21:31:37 +00:00
dd7630997b
fix(vpnsecure): allow empty OpenVPN user+password
2022-09-10 14:46:17 +00:00
5ddd703f6a
feat(vpn): auto detection of IPv6 support
...
- `OPENVPN_IPV6` removed
- Affects OpenVPN
- Use the same mechanism for OpenVPN and Wireguard
- Check only once at program start since this is unlikely to change at runtime
- Log if IPv6 is supported
- Remove `IPv6` boolean from settings structs
- Move IPv6 detection as a method on NetLinker
2022-09-06 12:16:29 +00:00
71c51a7455
chore(provider/utils): do not check for empty wg keys
2022-09-05 15:50:02 +00:00
062b6a276c
fix(settings): read PEM files but b64 env vars
...
- Extract base64 data from PEM files and secret files
- Environment variables are not PEM encoded and only the base64 data
- Affects OpenVPN certificate, key and encrypted key
2022-08-24 17:48:45 +00:00
a182e3503b
feat: add VPNsecure.me support ( #848 )
...
- `OPENVPN_ENCRYPTED_KEY` environment variable
- `OPENVPN_ENCRYPTED_KEY_SECRETFILE` environment variable
- `OPENVPN_KEY_PASSPHRASE` environment variable
- `OPENVPN_KEY_PASSPHRASE_SECRETFILE` environment variable
- `PREMIUM_ONLY` environment variable
- OpenVPN user and password not required for vpnsecure provider
2022-08-15 16:54:58 -07:00
8db2944749
chore(settings): OpenVPN ClientCrt -> Cert
2022-08-13 18:59:07 +00:00
5986432a22
chore(settings): OpenVPN ClientKey -> Key
2022-08-13 18:58:09 +00:00
9f959dbc6a
fix(expressvpn): OpenVPN fragment option and add ciphers ( #1047 )
...
* Fragment was defined in `OpenVPNProviderSettings` but was not written to the OpenVPN configuration file.
* Added two additional ciphers to the configuration for ExpressVPN
Authored-by: barino86 <barino@mac.com >
2022-06-29 05:23:16 -07:00
535297dcf5
chore: extract.PEM replaces PEM parse functions
2022-06-24 23:10:00 +00:00
Quentin McGaw