9be2fc827b
Chore(ci): Bump docker/build-push-action from 6 to 7 ( #3197 )
2026-03-07 00:20:51 -05:00
b63702cf63
Chore(ci): Bump peter-evans/create-pull-request from 7 to 8 ( #3175 )
2026-03-07 00:19:12 -05:00
ede2509132
Chore(deps): Bump gopkg.in/ini.v1 from 1.67.0 to 1.67.1 ( #3090 )
2026-03-07 00:16:20 -05:00
100124e8b8
Chore(github): Bump crazy-max/ghaction-github-labeler from 5 to 6 ( #3174 )
2026-03-07 00:15:46 -05:00
850a91b35f
Chore(deps): Bump github.com/klauspost/compress from 1.18.1 to 1.18.4 ( #3198 )
2026-03-07 00:14:23 -05:00
4a40f0fdee
chore(deps): Bump DavidAnson/markdownlint-cli2-action from 21 to 22 ( #3041 )
2026-03-07 00:13:52 -05:00
b7735ecc00
fix(updater): only uses DoH to cloudflare+google
...
- prevent dns plaintext manipulation both the periodic update and when running in cli mode
- possibly higher reliability on poor connections versus UDP
- drop `-dns` flag in update command
- for now no configuration allowed since it makes everything rather complex
2026-03-06 21:01:52 +00:00
457e5597bb
feat(others): optional BORINGPOLL_GLUETUNCOM to fight AI slop scammy gluetun[dot]com
2026-03-06 16:27:16 +00:00
2460b56c2b
chore(github): make closed issue message cleaner
2026-03-06 16:05:17 +00:00
5b2f86f4e7
fix(expressvpn): remove pakistan server
2026-03-06 14:03:15 +00:00
49317ecb8a
Chore(deps): Bump golang.org/x/net from 0.49.0 to 0.51.0 ( #3200 )
2026-03-06 14:56:57 +01:00
bd275aaea8
chore(github): add MTU discovery category label
2026-03-05 17:03:17 +00:00
39bd9854f7
chore(vpn): find VPN route earlier in MTU update function
2026-03-05 16:56:42 +00:00
c2c9504e94
hotfix(pmtud): set TCP MSS before changing MTU, and revert to original MTU if TCP MSS route set fails
2026-03-05 16:53:26 +00:00
48317a0d55
feat(main): log out OS, kernel version and architecture on start
2026-03-05 16:50:26 +00:00
6c3f519c62
Chore(deps): Bump docker/login-action from 3 to 4 ( #3189 )
2026-03-05 17:15:36 +01:00
b7cbea1ce6
fix(expressvpn): fix missing characters in CA string ( #3192 )
2026-03-05 17:15:07 +01:00
d8a3cc3dfa
hotfix(constants/providers): remove TestWorkflowHasAll to decouple CI files from tests
2026-03-04 22:54:28 +00:00
b1da4c4b86
hotfix(lint): fix lint errors introduced with expressvpn commit
2026-03-04 22:02:29 +00:00
579bd8e416
feat(airvpn): update servers data ( #3186 )
2026-03-04 20:53:28 +01:00
7bf59ebfb4
chore(ci): set PR title and description for updating servers workflow PR
2026-03-04 19:51:40 +00:00
4ac25b9dd1
hotfix(ci): fix file changes detection in update servers workflow
2026-03-04 19:43:39 +00:00
4bcbd29fb9
chore(ci): allow to specify provider to update servers data on dispatch
2026-03-04 19:24:53 +00:00
a8ee1d7a63
fix(expressvpn): add new CA3 certificate to fix TLS handshake failure ( #3184 )
2026-03-04 20:01:24 +01:00
c6c3a2bf1b
fix(openvpn/extract): restrict custom openvpn config protocol to tcp or udp internally
...
- Fix #3179
- I believe specifying tcp4, tcp6 or tcp-client does not change anything versus tcp + remote ip address
- I believe specifying udp4 or udp6 does not change anything versus tcp + remote ip address
- Simplify firewall code to not account for tcp-client etc.
2026-03-04 18:58:33 +00:00
e7b25a0d5e
chore(mod): simplify code and add more kernel config constants
2026-03-03 00:32:08 +00:00
11cd62f6b1
feat(ci): periodic workflow to update the maintainers servers list with pull requests ( #3010 )
2026-03-03 01:32:05 +01:00
ed26957a1a
fix(privado): allow additional OpenVPN ports 443, 8080 and 8443 for both tcp and udp
2026-03-01 11:59:03 +00:00
54b55c594f
fix(privado): allow OpenVPN TCP protocol
2026-03-01 11:58:16 +00:00
ec24ffdfd8
hotfix(firewall): save and restore behavior fixed
...
- restore if IPv4 set all policies fails
- fix deadlock when using iptables custom rules
- fix setting ipv6 rules when running runMixedIptablesInstruction
2026-02-28 14:37:58 +00:00
b9d49e0661
Chore(deps): Bump github.com/breml/rootcerts from 0.3.3 to 0.3.4 ( #3128 )
2026-02-27 02:16:31 +01:00
2bb4deccd5
feat(firewall): atomic iptables operations
...
- all operations rollback on failure
- disabling the firewall means rolling back to its state before enabling it
- aligns with nftables atomicity feature
2026-02-26 22:58:52 +00:00
0d0c0fb143
feat(dns): update block files after DNS server is up for a faster bootup
2026-02-26 18:45:52 +00:00
885e491bb7
chore(dns): clarify "ready" dns message when DNS server is up and being used
2026-02-26 18:45:52 +00:00
e75ae21dcd
fix(mod): probe searches for features built-in the kernel
2026-02-26 18:45:52 +00:00
4b8dc8ded7
fix(privado): update servers data using JSON API
...
- Fixes #3159
- Fixes #2118
- Fixes #2657
2026-02-25 16:02:52 +00:00
0eeee5c496
chore(pmtud): clarify debug logs and fix log error message
2026-02-25 04:23:56 +00:00
d21953f62e
chore(firewall): split apart iptables specific code in internal/firewall/iptables
2026-02-25 04:23:53 +00:00
034f8f6331
hotfix(netlink): specify IP family for conntrack calls and make conntrack failure a warning
2026-02-25 02:44:07 +00:00
01487b5caf
feat(protonvpn): add suggestions on some port forwarding errors
2026-02-23 21:19:08 +00:00
625a63e7c2
fix(firewall): flush conntrack table after enabling firewall at container start
...
- prevent leaks for connections made the first ~10 milliseconds when Gluetun starts
- seems critical, but in practice this very rarely happen and it very hard to reproduce
2026-02-22 13:31:38 +00:00
0c3e5d94d8
change!(server): auth is now required for all routes ( #2980 )
2026-02-20 18:10:53 +01:00
d586793169
fix(all): increase global http client timeout to 35s and precise lower timeouts where needed
...
- Fix DNS blocklists slow downloads, fix #3102
- Leave 35s timeout for updaters
- Set timeouts to 1s for local calls
- Set timeouts to 5s for LAN VPN calls and small external calls
- Set timeouts to 10s external VPN API calls
2026-02-20 16:40:51 +00:00
c5eacac644
chore(pmtud/tcp): remove unused TCP flags
2026-02-20 16:25:14 +00:00
7fbf2cbee3
hotfix(pmtud/tcp): return an error if no MSS destination server worked
2026-02-20 16:25:02 +00:00
1dee183a70
chore(pmtud/tcp): silently discard IPv6 network unreachable errors
2026-02-20 16:24:25 +00:00
c66d8bed00
hotfix(pmtud/tcp): fix code for IPv6 destinations
2026-02-20 16:23:40 +00:00
73b3e2c88a
chore(pmtud/tcp): remove unused test code
2026-02-20 15:37:56 +00:00
ea87c0a2aa
hotfix(pmtud): lower min MTU to MSS-matching-MTU minus 100 in case MSS is very small
2026-02-19 22:39:24 +00:00
2192874de8
hotfix(pmtud/icmp): ignore non echo messages instead of returning an error
2026-02-19 18:05:48 +00:00
dependabot[bot]