ℹ️ This is a bugfix release for v3.37.0. If you can, please instead use the newer v3.39.0 release.
Fixes
VPN_PORT_FORWARDING_LISTENING_PORTfixed- IPv6 support detection ignores loopback route destinations
STREAM_ONLYbehavior fixed (#2126)- Custom provider:
- handle
portoption line for OpenVPN - ignore comments in an OpenVPN configuration file
- assume port forwarding is always supported by a custom server
- handle
- VPN Unlimited:
- change default UDP port from 1194 to 1197
- allow OpenVPN TCP on port 1197
- Private Internet Access Wireguard and port forwarding
- Set server name if names filter is set with the custom provider (see #2147)
- PrivateVPN: updater now sets openvpn vpn type for the no-hostname server
- Torguard: update OpenVPN configuration
- add aes-128-gcm and aes-128-cbc to the ciphers option
- remove mssfix, sndbuf, rcvbuf, ping and reneg options
- set HTTP user agent to be allowed to download zip files
- VPNSecure: associate
N / Awith no data for servers - AirVPN: set default mssfix to 1320-28=1292
- Surfshark:
- remove outdated hardcoded retro servers
- Remove no longer valid multi hop regions
- Fail validation for empty string region
- Clearer error message for surfshark regions: only log possible 'new' server regions, do not log old retro-compatible server regions
- Privado: update OpenVPN zip file URL
internal/server:/openvpnroute status get and put- get status return stopped if running Wireguard
- put status changes vpn type if running Wireguard
- Log out last Gluetun release by semver tag name instead of by date
format-serversfixed missing VPN type header for providers supporting Wireguard: NordVPN and Surfsharkinternal/tun: only create tun device if it does not exist, do not create if it exists and does not work- Bump github.com/breml/rootcerts from 0.2.14 to 0.2.17
PS: sorry for re-releasing this one 3 times, CI has been capricious with passing