Dan Guido
f9f7be7b0d
Fix a typo from #439
8 years ago
Dan Guido
1778cb1f45
disable dpd #430 ( #437 )
...
Closes #430
8 years ago
Dan Guido
8e5e6d5088
remove extraneous integrity algos from AEAD ciphers ( #439 )
...
In reference to
https://github.com/trailofbits/algo/issues/9#issuecomment-294370560
8 years ago
Jauder Ho
5b2e13d18f
Only enable ChaCha cipher ( #412 )
...
* Only enable ChaCha cipher
* Add back a few ciphers for compatability
8 years ago
Jack Ivanov
fa5a956193
Add URLStringProbe ( #428 )
...
* Add URLStringProbe
* switch to Apple's hotspot-detect.html
8 years ago
Jack Ivanov
ea5976f49b
write logs to file if BSD only
8 years ago
Jack Ivanov
9c12272c8c
Python False-y values should be accepted. #417 ( #426 )
8 years ago
Jack Ivanov
16329fe088
Instance size ( #404 )
...
* Escaping Special Characters #388
* Make instance sizes more flexible to edit #355
8 years ago
Jack Ivanov
bf75a1bb03
move generating of the known_hosts file to local_action ( #425 )
8 years ago
MiWCryptAnalytics
04b61ca3d2
Increase CA key entropy to 128bit ( #415 )
...
Changes the default CA key size from 48 bit to 128bit with OpenSSL usermode CSPRNG with hex encoding
8 years ago
Jack Ivanov
02f363d825
change the order of ciphers
8 years ago
mathew19
ae43ed6f81
Update client_ipsec.secrets.j2 ( #414 )
...
Fix filename in client ipsec_user.secrets
8 years ago
mathew19
5e56996f5c
Fix name ( #411 )
8 years ago
Jack Ivanov
c61a07fb60
Escaping Special Characters #388 ( #403 )
8 years ago
Jack Ivanov
56a72e5af2
New ciphers implementing #247 ( #352 )
...
Switches to SHA2_512_256 HMAC integrity algorithm and adds cipher compatibility for other platforms.
8 years ago
Jack Ivanov
70738ed8be
Enable IP forwarding GCE #369
8 years ago
Jack Ivanov
95e0134f21
1. Disable SSH key deploying if installation on existing server
...
2. Move to the ed25519 algorithm
3. Delete unneeded option RSAAuthentication
Fixes #272
8 years ago
Dan Guido
e55ce03906
URLStringProbe with this URL does not work as intended
8 years ago
Dan Guido
5e22b79033
Add configuration for URL probes to Apple profile
...
Chrome and Android both request a known URL that generates HTTP 204 No Content responses to determine if they have internet connectivity. In Apple profiles, we can use the same URL to determine whether the VPN needs to connect. Using this feature will help save battery life for lots of users.
8 years ago
Jack Ivanov
47515154bb
add mtu in the sswan profile
8 years ago
Casey Lang
8b977afd99
Modify creation of GCE Instance ( #363 )
...
Update deprecated GCE metadata options
8 years ago
Jack Ivanov
3b8d04d06c
remove the logging role
8 years ago
Jack Ivanov
6e61a51aca
rewrite the sysctl task
8 years ago
Jack Ivanov
c0f4b5fa41
Enable default values if the role is skipped #313
8 years ago
Josh Soref
84bbcb88d0
Spelling fixes ( #342 )
...
* spelling: algorithm
* spelling: bertrand
* spelling: between
* spelling: checking
* spelling: conjunction
* spelling: contributor
* spelling: delimited
* spelling: fashion
* spelling: droplet
* spelling: javascript
* spelling: nameserver
* spelling: obligatory
* spelling: official
* spelling: overridden
* spelling: overwrite
* spelling: parameter
* spelling: suppressing
8 years ago
James Hale
41ed682213
Reduce VPC CIDR size to /16 ( #341 )
8 years ago
Josh Meisels
d37c6b72c5
Add new Azure regions and allow user to select VM size ( #332 )
...
* Update Azure Region List
Included several additional regions in the Azure list.
In a future version we may want to ask users to choose a continent, then present region options since this list is getting long.
* Add VM size selection
Added prompt for user to choose VM size. Useful because the default size is not available in all regions, and there are cheaper sizes.
* Handle vm_size choice in "Create an Instance" step
Use the variable passed in that the user chose for vm_size.
* Differentiate Basic A0 and Standard A0
* Remove vm_size D1 since it's being deprecated
* Fix syntax issue - missing semicolons
* Remove note to self comment
* Remove changes to let user select VM size
Removing my previous additions that let the user select their Azure VM size.
* Hard code VM size to cheapest size
Remove my usage of a variable for VM size. Update to use the Basic_A0, which is the cheapest size of VM.
8 years ago
Matt Mankins
b8d2dc68bb
Change EC2 VPC CIDR blocks to uncommon non-routable addresses ( #335 )
8 years ago
Josh Watson
84a3b5f675
Change EC2 VPC CIDR blocks to non-routable addresses. ( #330 )
...
The previous address ranges were actually routable addresses, which caused some concern for some people because it looked suspicious in tracert. The new CIDR blocks are non-routable addresses, which resolves this concern.
8 years ago
brad2014
09e5d87c7b
Minor name and documentation edits ( #327 )
8 years ago
James Hale
3b3fb601ef
Fix name tag key ( #282 )
8 years ago
Dan Guido
655a917dd2
iptables filter table fix ( #285 )
8 years ago
Jack Ivanov
6facb6cb4f
FreeBSD / HardenedBSD ( #262 )
...
* FreeBSD draft
ifconfig fix
Pre-tasks fixes
fix hardcoded IP
some refactoring
disable system-based tags
disable freebsd tags
FreeBSD vpn role
add defaults
ssh role freebsd
default fix
dns_adblocking freebsd
ubuntu dict fix
* HardenedBSD
update-users BSD
* Rebuild the kernel
docs changing
8 years ago
Jack Ivanov
49ba1f76b4
Some improvements in the mobileconfig. Fixes #270
8 years ago
Jack Ivanov
045ff4bb9f
Azure security group. Fixes #264
8 years ago
Jack Ivanov
906d962d4d
GCE. env variables #195
8 years ago
Jack Ivanov
573c2f2322
DO. env variables #195
8 years ago
Jack Ivanov
fc30f8bb10
GCE. Tags fixed #267
8 years ago
Jack Ivanov
0aff3ebb6f
EC2 instance_initiated_shutdown_behavior to terminate. Close #124
8 years ago
Jack Ivanov
c52024d4cc
Azure. Add to the inventory #30
8 years ago
Jack Ivanov
0d1731e058
update tags for azure resources
8 years ago
Jack Ivanov
6e538627db
gce inventory #30
8 years ago
Jack Ivanov
9cc9cf7b5f
local inventory #30
8 years ago
Jack Ivanov
69ff22f9bb
fix typo
8 years ago
Jack Ivanov
dfb1cbc282
DigitalOcean dynamic inventory
8 years ago
Jack Ivanov
f7da2e3888
EC2 dynamic enventory. Fixes #73
8 years ago
Jack Ivanov
5cbf125202
Some refactoring. Disable unneeded variables.
8 years ago
Jack Ivanov
237fcc7a7f
additional variables
8 years ago
Jack Ivanov
2a4d1837b5
Some fixes. Fedora client. Close #44
8 years ago
Jack Ivanov
0bf3e809a4
Linux clients installation vpn #44
8 years ago