Commit Graph

538 Commits

Author SHA1 Message Date
Angristan
6480c8fbf3 Merge pull request #2 from Harvester57/master
Remove old fix about buffers
2016-03-22 18:14:10 +01:00
Florian STOSSE
9aeb5b7c47 Remove old fix
This fix was intended to overcome hardcoded buffers values in old OpenVPN revisions (see https://www.lowendtalk.com/discussion/40099/why-openvpn-is-so-slow-cool-story). This is not needed anymore, as OpenVPN now use OS buffers (see https://community.openvpn.net/openvpn/ticket/461 and https://community.openvpn.net/openvpn/changeset/c72dbb8b470ab7b25fc74e41aed4212db48a9d2f/). It should lead to better performances over fast networks.

Signed-off-by: Florian STOSSE <contact@harvester.fr>
2016-03-22 11:47:24 +01:00
Angristan
6b4c00c394 Clarification for NAT 2016-03-21 21:43:34 +01:00
Angristan
a44539c571 Update README.md 2016-03-21 18:36:08 +01:00
Angristan
0f21c29afa Update README.md 2016-03-21 18:34:09 +01:00
Angristan
21d8f78f4f Disable compression 2016-03-21 17:43:48 +01:00
Angristan
651b7c29d9 Merge pull request #1 from Harvester57/patch-1
Disable compression
2016-03-21 17:42:08 +01:00
Harvester
bf97d67f26 Revert ciphers
My bad !
2016-03-21 17:13:36 +01:00
Harvester
787784058a Disable compression client-side too 2016-03-21 16:18:18 +01:00
Florian Stosse
064c5bfe4a Typo
OpenVPN doesn't really like the way it was written
2016-03-21 13:30:17 +01:00
Florian Stosse
1a73a20240 Also change tls-cipher for clients 2016-03-21 13:26:37 +01:00
Florian Stosse
b15cd6cf81 Add more than one cipogers to tls-cipher
Just in case we need to fallback or downgrade
2016-03-21 13:20:35 +01:00
Florian Stosse
8b89b1743c Disable compression
For a hardened OpenVPN configuration, compression should be disabled : https://github.com/BetterCrypto/Applied-Crypto-Hardening/pull/91#issuecomment-75388575
2016-03-21 13:13:57 +01:00
Angristan
faaa48d372 Fix ca-certificates errors 2016-03-19 22:51:00 +01:00
Angristan
1bf105e809 The BIG update
Deleted latest and legacy mode
Use OpenVPN 2.3.10 with custom repo
Add a check at start for Debian/Ubuntu
Fast mode with 2048 bits RSA and DH, 128 bits AES, SHA-256 certificate
Slow mode with 4096 bits RSA and DH, 256 bits AES, SHA-384 certificate
AES-256-CBC and SHA512 for HMAC auth
Add OpenNIC as a DNS option + GeoIP API
Delete NTT and Huricane Electric DNS
Other improvements
2016-03-19 17:41:18 +01:00
Angristan
25448611c2 The BIG update 2016-03-19 17:38:34 +01:00
Angristan
0667668937 Update README.md 2016-03-16 16:21:11 +01:00
Angristan
3897bc32ff Update README.md 2016-03-15 21:37:58 +01:00
Angristan
e5ce2da2ee Update README.md 2016-03-15 21:36:05 +01:00
Angristan
f94a2a736d Delete openvpn-install-legacy.sh
157c27512a
2016-03-15 20:19:18 +01:00
Angristan
157c27512a Combine latest and legacy version 2016-03-15 19:11:35 +01:00
Angristan
f5ebe9d01d Fix which bug on CentOS 7 minimal
7fb12dc5cb
2016-03-14 21:38:40 +01:00
Angristan
4fef7869d9 Fix which bug on CentOS 7 minimal
7fb12dc5cb
2016-03-14 21:37:14 +01:00
Angristan
7694be3672 TAP is not needed 2016-03-14 21:27:18 +01:00
Angristan
1be02be239 TAP is not needed 2016-03-14 21:22:08 +01:00
Angristan
a658d8d04b Clear up supported OS 2016-03-14 21:20:03 +01:00
Angristan
27b6247d0f Add Ubuntu 15.04 to legacy 2016-03-14 21:18:03 +01:00
Angristan
cbc7abc3dd Clarifies that it supports Scaleway NATed servers 2016-03-14 18:03:02 +01:00
Angristan
2c7d211b04 Clarifies that it supports Scaleway NATed servers 2016-03-14 18:02:01 +01:00
Angristan
f815715c45 Update README.md 2016-03-13 22:33:29 +01:00
Angristan
3546f8b63a Fix typo 2016-03-13 21:51:50 +01:00
Angristan
eea2e86557 Fix typo 2016-03-13 21:51:31 +01:00
Angristan
bcb5daa6c9 Add feature 2016-03-13 21:50:54 +01:00
Angristan
88f550fb9a Not compatible with Fedora 2016-03-13 21:18:46 +01:00
Angristan
9bd9dabafa Revert changes 2016-03-13 20:47:39 +01:00
Angristan
48252378ff Revert changes 2016-03-13 20:47:18 +01:00
Angristan
beb61502fa Add support for Fedora 2016-03-13 20:15:06 +01:00
Angristan
3b49c12f2c Update version : latest is only for 2.3.3 and higher 2016-03-13 20:02:32 +01:00
Angristan
b8c7775ca7 Add support for Fedora 20 2016-03-13 19:46:58 +01:00
Angristan
90a4bdb63e Install which on CentOS 2016-03-13 19:28:49 +01:00
Angristan
f49f187de2 Install which 2016-03-13 19:21:58 +01:00
Angristan
59dc02a8bd Add CentOS 6 support 2016-03-13 18:48:13 +01:00
Angristan
e5e0249ee4 Update README.md 2016-03-13 17:54:12 +01:00
Angristan
90acfa2582 fix markdown 2016-03-13 15:53:43 +01:00
Angristan
5020395502 Add a little explanation 2016-03-13 15:53:09 +01:00
Angristan
c69134434a Add legacy version 2016-03-13 15:41:05 +01:00
Angristan
148498e462 Set FDN as default DNS 2016-03-13 15:14:12 +01:00
Angristan
e9d6191925 Set FDN as default DNS 2016-03-13 15:13:46 +01:00
Angristan
471f82af26 Using cipher instead of tls-cipher and AES-256-CBC instead of AES-128-GCM 2016-03-13 14:38:45 +01:00
Angristan
65ef1944e0 Old versions don't support TLS 1.2 2016-03-13 14:31:02 +01:00