TunSafe Changelog

What's new in TunSafe 1.5 RC 2

• Don't add endpoint route if route is not in included_routes
• In BSD network code, don't add a route that's a subset of an Address
• Don't add Excluded routes when Table=off
• Display packet loss in Windows UI
• Enable DNS block only if the DNS addr is a part of the routes
• Support for WireGuard over TCP. Use Endpoint=tcp:// to connect to a TCP server, and use ListenPortTCP=12345 to listen on TCP.
• Add support for Two Factor authentication. Read more on:
• https://github.com/TunSafe/TunSafe/wiki/Two-Factor-Authentication-with-TunSafe
• Add support for a hybrid TCP/UDP mode that uses TCP for handshakes and UDP for data traffic. This means that PersistentKeepalive can be significantly raised to for example 300 seconds, since as long as the TCP connection remains open through NAT then the WireGuard connection will stay alive. Enable with Features=hybrid_tcp
• Support for obfuscated WireGuard connections. Use ObfuscateKey=foo in the [Interface] section to setup the obfuscator key. It needs to be set to the same thing on both sides. There's also another setting to masquerade TCP connections as TLS. Use ObfuscateTCP to setup how TCP gets obfuscated. The default is to just make everything look totally random. It can also be set to tls-chrome or tls-firefox to make the traffic look like HTTPS traffic.
• Display incoming invalid packets in Windows UI
• Hide files not ending with .conf from list in Windows UI