admin/gluetun
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Maint: OpenVPN option: remove all ping-* options

Browse Source 
- Use the built-in healthcheck vpn restart mechanism instead
- Restarting with `ping-restart` or `ping-exit` would only restart with the same `remote` connection
- Specify `ping` options as VPN specific to ensure the server doesn't disconnect us
This commit is contained in:
Quentin McGaw (desktop)
2021-09-14 15:23:56 +00:00
parent 9f65157a0d
commit c3078f84e8
13 changed files with 11 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
internal/provider/cyberghost/openvpnconf.go
View File

@@ -25,11 +25,10 @@ func (c *Cyberghost) BuildConf(connection models.Connection,
"dev " + settings.Interface, "dev " + settings.Interface,
"nobind", "nobind",
"remote-cert-tls server", "remote-cert-tls server",
"ping 10",
"ping-exit 60",
"tls-exit", "tls-exit",
// Cyberghost specific // Cyberghost specific
"ping 10",
// Added constant values // Added constant values
"auth-nocache", "auth-nocache",

4
internal/provider/fastestvpn/openvpnconf.go
View File

@@ -25,12 +25,10 @@ func (f *Fastestvpn) BuildConf(connection models.Connection,
"client", "client",
"dev " + settings.Interface, "dev " + settings.Interface,
"nobind", "nobind",
"ping 15",
"ping-exit 60",
"tls-exit", "tls-exit",
// Fastestvpn specific // Fastestvpn specific
"ping-restart 0", "ping 15",
"tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256:TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA:TLS-DHE-RSA-WITH-AES-256-CBC-SHA:TLS-RSA-WITH-CAMELLIA-256-CBC-SHA:TLS-RSA-WITH-AES-256-CBC-SHA", //nolint:lll "tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256:TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA:TLS-DHE-RSA-WITH-AES-256-CBC-SHA:TLS-RSA-WITH-CAMELLIA-256-CBC-SHA:TLS-RSA-WITH-AES-256-CBC-SHA", //nolint:lll
"key-direction 1", "key-direction 1",
"tun-mtu-extra 32", "tun-mtu-extra 32",

3
internal/provider/hidemyass/openvpnconf.go
View File

@@ -19,11 +19,10 @@ func (h *HideMyAss) BuildConf(connection models.Connection,
"client", "client",
"dev " + settings.Interface, "dev " + settings.Interface,
"nobind", "nobind",
"ping 5",
"ping-exit 30",
"tls-exit", "tls-exit",
// HideMyAss specific // HideMyAss specific
"ping 5",
"remote-cert-tls server", // updated name of ns-cert-type "remote-cert-tls server", // updated name of ns-cert-type
// "route-metric 1", // "route-metric 1",

3
internal/provider/ivpn/openvpnconf.go
View File

@@ -22,11 +22,10 @@ func (i *Ivpn) BuildConf(connection models.Connection,
"client", "client",
"dev " + settings.Interface, "dev " + settings.Interface,
"nobind", "nobind",
"ping 5",
"ping-exit 30",
"tls-exit", "tls-exit",
// IVPN specific // IVPN specific
"ping 5",
"remote-cert-tls server", // updated name of ns-cert-type "remote-cert-tls server", // updated name of ns-cert-type
"key-direction 1", "key-direction 1",
"tls-cipher TLS-DHE-RSA-WITH-AES-256-CBC-SHA:TLS-DHE-DSS-WITH-AES-256-CBC-SHA:TLS-RSA-WITH-AES-256-CBC-SHA", "tls-cipher TLS-DHE-RSA-WITH-AES-256-CBC-SHA:TLS-DHE-DSS-WITH-AES-256-CBC-SHA:TLS-RSA-WITH-AES-256-CBC-SHA",

3
internal/provider/mullvad/openvpnconf.go
View File

@@ -20,11 +20,10 @@ func (m *Mullvad) BuildConf(connection models.Connection,
"dev " + settings.Interface, "dev " + settings.Interface,
"nobind", "nobind",
"remote-cert-tls server", "remote-cert-tls server",
"ping 10",
"ping-exit 60",
"tls-exit", "tls-exit",
// Mullvad specific // Mullvad specific
"ping 10",
"sndbuf 524288", "sndbuf 524288",
"rcvbuf 524288", "rcvbuf 524288",
"tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA", "tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA",

1
internal/provider/nordvpn/openvpnconf.go
View File

@@ -36,7 +36,6 @@ func (n *Nordvpn) BuildConf(connection models.Connection,
"reneg-sec 0", "reneg-sec 0",
"key-direction 1", "key-direction 1",
"ping 15", "ping 15",
"ping-restart 0",
// Added constant values // Added constant values
"auth-nocache", "auth-nocache",

3
internal/provider/privado/openvpnconf.go
View File

@@ -23,11 +23,10 @@ func (p *Privado) BuildConf(connection models.Connection,
"client", "client",
"dev " + settings.Interface, "dev " + settings.Interface,
"nobind", "nobind",
"ping 10",
"ping-exit 60",
"tls-exit", "tls-exit",
// Privado specific // Privado specific
"ping 10",
"tls-cipher TLS-DHE-RSA-WITH-AES-256-CBC-SHA:TLS-DHE-DSS-WITH-AES-256-CBC-SHA:TLS-RSA-WITH-AES-256-CBC-SHA", "tls-cipher TLS-DHE-RSA-WITH-AES-256-CBC-SHA:TLS-DHE-DSS-WITH-AES-256-CBC-SHA:TLS-RSA-WITH-AES-256-CBC-SHA",
"verify-x509-name " + connection.Hostname + " name", "verify-x509-name " + connection.Hostname + " name",

3
internal/provider/purevpn/openvpnconf.go
View File

@@ -20,11 +20,10 @@ func (p *Purevpn) BuildConf(connection models.Connection,
"dev " + settings.Interface, "dev " + settings.Interface,
"nobind", "nobind",
"remote-cert-tls server", "remote-cert-tls server",
"ping 10",
"ping-exit 60",
"tls-exit", "tls-exit",
// Purevpn specific // Purevpn specific
"ping 10",
"key-direction 1", "key-direction 1",
"remote-cert-tls server", "remote-cert-tls server",
"cipher AES-256-CBC", "cipher AES-256-CBC",

3
internal/provider/surfshark/openvpnconf.go
View File

@@ -29,15 +29,14 @@ func (s *Surfshark) BuildConf(connection models.Connection,
"dev " + settings.Interface, "dev " + settings.Interface,
"nobind", "nobind",
"remote-cert-tls server", "remote-cert-tls server",
"ping 15",
"tls-exit", "tls-exit",
// Surfshark specific // Surfshark specific
"ping 15",
"tun-mtu-extra 32", "tun-mtu-extra 32",
"mssfix " + strconv.Itoa(int(settings.MSSFix)), "mssfix " + strconv.Itoa(int(settings.MSSFix)),
"reneg-sec 0", "reneg-sec 0",
"key-direction 1", "key-direction 1",
"ping-restart 0",
// Added constant values // Added constant values
"auth-nocache", "auth-nocache",

3
internal/provider/torguard/openvpnconf.go
View File

@@ -29,11 +29,10 @@ func (t *Torguard) BuildConf(connection models.Connection,
"dev " + settings.Interface, "dev " + settings.Interface,
"nobind", "nobind",
"remote-cert-tls server", "remote-cert-tls server",
"ping 5",
"ping-restart 30",
"tls-exit", "tls-exit",
// Torguard specific // Torguard specific
"ping 5",
"tun-mtu-extra 32", "tun-mtu-extra 32",
"mssfix " + strconv.Itoa(int(settings.MSSFix)), "mssfix " + strconv.Itoa(int(settings.MSSFix)),
"reneg-sec 0", "reneg-sec 0",

1
internal/provider/vpnunlimited/openvpnconf.go
View File

@@ -21,7 +21,6 @@ func (p *Provider) BuildConf(connection models.Connection,
// VPNUnlimited specific // VPNUnlimited specific
"reneg-sec 0", "reneg-sec 0",
"ping 5", "ping 5",
"ping-exit 30",
"route-metric 1", "route-metric 1",
// Added constant values // Added constant values

3
internal/provider/vyprvpn/openvpnconf.go
View File

@@ -24,11 +24,10 @@ func (v *Vyprvpn) BuildConf(connection models.Connection,
"dev " + settings.Interface, "dev " + settings.Interface,
"nobind", "nobind",
"remote-cert-tls server", "remote-cert-tls server",
"ping 10",
"ping-exit 60",
"tls-exit", "tls-exit",
// Vyprvpn specific // Vyprvpn specific
"ping 10",
// "verify-x509-name lu1.vyprvpn.com name", // "verify-x509-name lu1.vyprvpn.com name",
"tls-cipher TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256:TLS-DHE-RSA-WITH-AES-256-CBC-SHA", //nolint:lll "tls-cipher TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256:TLS-DHE-RSA-WITH-AES-256-CBC-SHA", //nolint:lll

3
internal/provider/windscribe/openvpnconf.go
View File

@@ -25,11 +25,10 @@ func (w *Windscribe) BuildConf(connection models.Connection,
"dev " + settings.Interface, "dev " + settings.Interface,
"nobind", "nobind",
"remote-cert-tls server", "remote-cert-tls server",
"ping 10",
"ping-exit 60",
"tls-exit", "tls-exit",
// Windscribe specific // Windscribe specific
"ping 10",
"key-direction 1", "key-direction 1",
"reneg-sec 0", "reneg-sec 0",