From 449361007a7bd4e189789c6c4be9198e281929d2 Mon Sep 17 00:00:00 2001
From: Nicolas Duchon <nicolas.duchon@gmail.com>
Date: Wed, 29 Nov 2017 10:38:16 +0100
Subject: [PATCH 1/4] Add Quad9 DNS

---
 README.md          |  1 +
 openvpn-install.sh | 10 +++++++---
 2 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index 2b53e71..6bc46e9 100644
--- a/README.md
+++ b/README.md
@@ -96,6 +96,7 @@ Here are the possibilities :
 - [Google Public DNS](https://en.wikipedia.org/wiki/Google_Public_DNS), not recommended, but fast worldwide (Anycast servers)
 - [Yandex Basic DNS](https://dns.yandex.com/), not recommended, but fast in Russia
 - [AdGuard DNS](https://github.com/AdguardTeam/AdguardDNS), located in Russia, blocks ads and trackers
+- [IBM Quad9](https://www.quad9.net), security oriented, fast worldwide (Anycast servers)
 - Soon : local resolver :D
 
 Any other fast, trustable and neutral servers proposition is welcome.
diff --git a/openvpn-install.sh b/openvpn-install.sh
index ba86428..33485ec 100644
--- a/openvpn-install.sh
+++ b/openvpn-install.sh
@@ -227,7 +227,8 @@ else
 	echo "   5) Google (Anycast: worldwide)"
 	echo "   6) Yandex Basic (Russia)"
 	echo "   7) AdGuard DNS (Russia)"
-	while [[ $DNS != "1" && $DNS != "2" && $DNS != "3" && $DNS != "4" && $DNS != "5" && $DNS != "6" && $DNS != "7" ]]; do
+	echo "   8) Quad9 (Anycast: worldwide)"
+	while [[ $DNS != "1" && $DNS != "2" && $DNS != "3" && $DNS != "4" && $DNS != "5" && $DNS != "6" && $DNS != "7" && $DNS != "8" ]]; do
 		read -p "DNS [1-7]: " -e -i 1 DNS
 	done
 	echo ""
@@ -432,7 +433,7 @@ WantedBy=multi-user.target" > /etc/systemd/system/iptables.service
 			echo "Ok, bye !"
 			exit 4
 		fi
-		
+
 		if [[ "$OS" = 'arch' ]]; then
 			# Install dependencies
 			pacman -Syu openvpn iptables openssl wget ca-certificates curl --needed --noconfirm
@@ -524,6 +525,9 @@ ifconfig-pool-persist ipp.txt" >> /etc/openvpn/server.conf
 		echo 'push "dhcp-option DNS 176.103.130.130"' >> /etc/openvpn/server.conf
 		echo 'push "dhcp-option DNS 176.103.130.131"' >> /etc/openvpn/server.conf
 		;;
+		8) #Quad9
+		echo 'push "dhcp-option DNS 9.9.9.9"' >> /etc/openvpn/server.conf
+		;;
 	esac
 echo 'push "redirect-gateway def1 bypass-dhcp" '>> /etc/openvpn/server.conf
 echo "crl-verify crl.pem
@@ -681,4 +685,4 @@ verb 3" >> /etc/openvpn/client-template.txt
 	echo "Your client config is available at $homeDir/$CLIENT.ovpn"
 	echo "If you want to add more clients, you simply need to run this script another time!"
 fi
-exit 0;
\ No newline at end of file
+exit 0;

From a13745afbaf965b2c56f003ef41c1f914afdc5f0 Mon Sep 17 00:00:00 2001
From: Angristan <Angristan@users.noreply.github.com>
Date: Wed, 29 Nov 2017 11:15:14 +0100
Subject: [PATCH 2/4] Update Quad9 description

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 6bc46e9..a184e96 100644
--- a/README.md
+++ b/README.md
@@ -90,13 +90,13 @@ The script will ask you which DNS resolvers you want to use when connected to th
 Here are the possibilities :
 
 - Current system resolvers, those that are in `/etc/resolv.conf`
+- [Quad9](https://www.quad9.net), recommended, security and privacy oriented, fast worldwide (Anycast servers)
 - [FDN's DNS Servers](http://www.fdn.fr/actions/dns/), recommended if you're in western europe (France)
 - [DNS.WATCH DNS Servers](https://dns.watch/index), recommended if you're in western europe (Germany)
 - [OpenDNS](https://en.wikipedia.org/wiki/OpenDNS), not recommened but fast wordlwide (Anycast servers)
 - [Google Public DNS](https://en.wikipedia.org/wiki/Google_Public_DNS), not recommended, but fast worldwide (Anycast servers)
 - [Yandex Basic DNS](https://dns.yandex.com/), not recommended, but fast in Russia
 - [AdGuard DNS](https://github.com/AdguardTeam/AdguardDNS), located in Russia, blocks ads and trackers
-- [IBM Quad9](https://www.quad9.net), security oriented, fast worldwide (Anycast servers)
 - Soon : local resolver :D
 
 Any other fast, trustable and neutral servers proposition is welcome.

From 6ac1b185fa0050143bb4d062d70a1c531163744b Mon Sep 17 00:00:00 2001
From: Angristan <Angristan@users.noreply.github.com>
Date: Wed, 29 Nov 2017 11:17:06 +0100
Subject: [PATCH 3/4] Update DNS list with Quad9

---
 openvpn-install.sh | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/openvpn-install.sh b/openvpn-install.sh
index 33485ec..e25a44a 100644
--- a/openvpn-install.sh
+++ b/openvpn-install.sh
@@ -220,16 +220,16 @@ else
 	done
 	echo ""
 	echo "What DNS do you want to use with the VPN?"
-	echo "   1) Current system resolvers (in /etc/resolv.conf)"
-	echo "   2) FDN (France)"
-	echo "   3) DNS.WATCH (Germany)"
-	echo "   4) OpenDNS (Anycast: worldwide)"
-	echo "   5) Google (Anycast: worldwide)"
-	echo "   6) Yandex Basic (Russia)"
-	echo "   7) AdGuard DNS (Russia)"
-	echo "   8) Quad9 (Anycast: worldwide)"
+	echo "   1) Current system resolvers (from /etc/resolv.conf)"
+	echo "   2) Quad9 (Anycast: worldwide)"
+	echo "   3) FDN (France)"
+	echo "   4) DNS.WATCH (Germany)"
+	echo "   5) OpenDNS (Anycast: worldwide)"
+	echo "   6) Google (Anycast: worldwide)"
+	echo "   7) Yandex Basic (Russia)"
+	echo "   8) AdGuard DNS (Russia)"
 	while [[ $DNS != "1" && $DNS != "2" && $DNS != "3" && $DNS != "4" && $DNS != "5" && $DNS != "6" && $DNS != "7" && $DNS != "8" ]]; do
-		read -p "DNS [1-7]: " -e -i 1 DNS
+		read -p "DNS [1-8]: " -e -i 1 DNS
 	done
 	echo ""
 	echo "See https://github.com/Angristan/OpenVPN-install#encryption to learn more about "

From 3b8c5d776a067a1916238d05bf8d2c6160ac6186 Mon Sep 17 00:00:00 2001
From: Angristan <Angristan@users.noreply.github.com>
Date: Wed, 29 Nov 2017 11:21:33 +0100
Subject: [PATCH 4/4] Update DNS list with Quad9

---
 openvpn-install.sh | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/openvpn-install.sh b/openvpn-install.sh
index e25a44a..939a9d2 100644
--- a/openvpn-install.sh
+++ b/openvpn-install.sh
@@ -501,33 +501,33 @@ ifconfig-pool-persist ipp.txt" >> /etc/openvpn/server.conf
 			echo "push \"dhcp-option DNS $line\"" >> /etc/openvpn/server.conf
 		done
 		;;
-		2) #FDN
+		2) #Quad9
+		echo 'push "dhcp-option DNS 9.9.9.9"' >> /etc/openvpn/server.conf
+		;;
+		3) #FDN
 		echo 'push "dhcp-option DNS 80.67.169.12"' >> /etc/openvpn/server.conf
 		echo 'push "dhcp-option DNS 80.67.169.40"' >> /etc/openvpn/server.conf
 		;;
-		3) #DNS.WATCH
+		4) #DNS.WATCH
 		echo 'push "dhcp-option DNS 84.200.69.80"' >> /etc/openvpn/server.conf
 		echo 'push "dhcp-option DNS 84.200.70.40"' >> /etc/openvpn/server.conf
 		;;
-		4) #OpenDNS
+		5) #OpenDNS
 		echo 'push "dhcp-option DNS 208.67.222.222"' >> /etc/openvpn/server.conf
 		echo 'push "dhcp-option DNS 208.67.220.220"' >> /etc/openvpn/server.conf
 		;;
-		5) #Google
+		6) #Google
 		echo 'push "dhcp-option DNS 8.8.8.8"' >> /etc/openvpn/server.conf
 		echo 'push "dhcp-option DNS 8.8.4.4"' >> /etc/openvpn/server.conf
 		;;
-		6) #Yandex Basic
+		7) #Yandex Basic
 		echo 'push "dhcp-option DNS 77.88.8.8"' >> /etc/openvpn/server.conf
 		echo 'push "dhcp-option DNS 77.88.8.1"' >> /etc/openvpn/server.conf
 		;;
-		7) #AdGuard DNS
+		8) #AdGuard DNS
 		echo 'push "dhcp-option DNS 176.103.130.130"' >> /etc/openvpn/server.conf
 		echo 'push "dhcp-option DNS 176.103.130.131"' >> /etc/openvpn/server.conf
 		;;
-		8) #Quad9
-		echo 'push "dhcp-option DNS 9.9.9.9"' >> /etc/openvpn/server.conf
-		;;
 	esac
 echo 'push "redirect-gateway def1 bypass-dhcp" '>> /etc/openvpn/server.conf
 echo "crl-verify crl.pem