Releases
v3.29.0
qdm12
released this
11 May 23:11
Features
Firewall
Auto-detect iptables
and iptables-nft
for IPv4 and IPv6
Improve error message when NET_ADMIN
capability is missing
Support all default routes instead of only the first one
Accept output traffic from all default routes through VPN interface
Accept output from all default routes to outbound subnets
Accept all input traffic on ports for all default routes
Add IP rules for all default routes
Add IPv6 inbound routing
Provider specific
Servers update: Mullvad, Privado, PrivateVPN, ProtonVPN, PureVPN, NordVPN, Private Internet Access, Torguard, FastestVPN (thanks @mircoianese #923 )
NordVPN: remove OpenVPN compression
Ivpn: allow no password for account IDs matching i-xxxx-xxxx-xxxx
or ivpn-xxxx-xxxx-xxxx
Other
Fixes
Health check:
HEALTH_TARGET_ADDRESS
to replace HEALTH_ADDRESS_TO_PING
Remove github.com/go-ping/ping
dependency
Dial TCP the target address, appending :443
if port is not set
Target address defaults to cloudflare.com:443
OPENVPN_FLAGS
working fixed
HEALTH_VPN_DURATION_ADDITION
working fixed
Privado: fix OPENVPN_PORT
usage, thanks @cacti-user
Firewall: only set routes for IPv4 default routes
Use openvpn 2.4.12-r0
in CI build for openvpn 2.4
Fix PureVPN zip file download link (#915 thanks @mircoianese )
Private Internet Access: hide escaped url query values (token etc.)
NordVPN: allow aes-256-gcm for Openvpn 2.4
Private Internet Access: fix certificate validation (use OS certificates instead of custom certificate)
Port forwarding: loop exit from vpn loop
PUID and PGID as 32 bit unsigned integers instead of 16 bit
Documentation
Readme: re-add /dev/net/tun
device since some OSes need it
Readme: remove old announcement (#938 , thanks @martinbjeldbak )
Maintenance
CI
Add CodeQL analysis workflow
Bump actions/checkout from 2.4.0 to 3 (#870 )
Bump docker/build-push-action from 2.8.0 to 2.10.0 (#832 , #893 )
Bump peter-evans/dockerhub-description from 2 to 3 (#908 )
Code
New internal packages:
internal/constants/providers
internal/constants/vpn
Protonvpn: remove unused exit IPs field in server model
ProtonVPN: Change server name JSON field from name
to server_name
Generic server models:
Streamline all server models IP addresses:
Use IPs []net.IP
for all server models
Use ips
JSON field for all server models
Merge IPv4 and IPv6 addresses together for Mullvad
Specify UDP and TCP compatibility for all servers in servers.json
Specify VPN protocol for all servers in servers.json
Common Server
model and Servers
model for all providers (#943 )
Common filtering builder for all providers
Common GetConnection
for all providers
Bump github.com/stretchr/testify from 1.7.0 to 1.7.1 (#897 )
Bump github.com/breml/rootcerts
from 0.2.2 to 0.2.3 (#926 )
Routing: remove unused LocalSubnetGetter
internal/httpserver
: remove name
field and prefix in logs
Use internal/httpserver
for control server
Add defensive check for zero connection found from servers (if no IP is defined)
Simplify reading of servers JSON file
Dev environment
Development container
Fix windows script sourcing
Remove image name to avoid conflicts
Bind mount normally without :z
Install htop
Update maintenance document
You can’t perform that action at this time.