You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Alpine upgraded from 3.18 to 3.20 (3.19 got skipped due to buggy iptables)
Healthcheck: change timeout mechanism
Healthcheck timeout is no longer fixed to 3 seconds
Healthcheck timeout increases from 2s to 4s, 6s, 8s, 10s
No 1 second wait time between check retries after failure
VPN internal restart may be delayed by a maximum of 10 seconds
Firewall:
Query iptables binary variants to find which one to use depending on the kernel
Prefer using iptables-nft over iptables-legacy (Alpine new default is nft backend iptables)
Wireguard:
WIREGUARD_PERSISTENT_KEEPALIVE_INTERVAL option
read configuration file without case sensitivity
VPN Port forwarding: only use port forwarding enabled servers if VPN_PORT_FORWARDING=on (applies only to PIA and ProtonVPN for now)
FastestVPN:
Wireguard support (#2383 - Credits to @Zerauskire for the initial investigation and @jvanderzande for an initial implementation as well as reviewing the pull request)
use API instead of openvpn zip file to fetch servers data
add city filter SERVER_CITY
update built-in servers data
Perfect Privacy: port forwarding support with VPN_PORT_FORWARDING=on (#2378)
Private Internet Access: port forwarding options VPN_PORT_FORWARDING_USERNAME and VPN_PORT_FORWARDING_PASSWORD (retro-compatible with OPENVPN_USER and OPENVPN_PASSWORD)
ip2location parsing for latitude and longitude fixed
abort ip data fetch if vpn context is canceled (prevents requesting the public IP address N times after N VPN failures)
internal/server: /openvpn route status get and put
get status return stopped if running Wireguard
put status changes vpn type if running Wireguard
Log out if PORT_FORWARD_ONLY is enabled in the server filtering tree of settings
Log last Gluetun release by tag name alphabetically instead of by release date
format-servers fixed missing VPN type header for providers supporting Wireguard: NordVPN and Surfshark
internal/tun: only create tun device if it does not exist, do not create if it exists and does not work
Documentation
readme:
clarify shadowsocks proxy is a server, not a client
update list of providers supporting Wireguard with the custom provider
add protonvpn as custom port forwarding implementation
disable Github blank issues
Bump github.com/qdm12/gosplash to v0.2.0
Add /choose suffix to github links in logs
add Github labels: "Custom provider", "Category: logs" and "Before next release"
rename FIREWALL_ENABLED to FIREWALL_ENABLED_DISABLING_IT_SHOOTS_YOU_IN_YOUR_FOOT due to the sheer amount of users misusing it. FIREWALL_ENABLED won't do anything anymore. At least you've been warned not to use it...
Maintenance
Code health
PIA port forwarding:
remove dependency on storage package
return an error to port forwarding loop if server cannot port forward
internal/config:
upgrade to github.com/qdm12/gosettings v0.4.2
drop github.com/qdm12/govalid dependency
upgrade github.com/qdm12/ss-server to v0.6.0
do not un-set sensitive config settings anymore
removed bad/invalid retro-compatible keys CONTROL_SERVER_ADDRESS and CONTROL_SERVER_PORT
OpenVPN protocol field is now a string instead of a TCP boolean
Split server filter validation for features and subscription-tier
provider name field as string instead of string pointer
internal/portforward: support multiple ports forwarded