Bump version to 4.8.1.0

Merge pull request #1076 from amnezia-vpn/fix/android-protocol-libs
Exclude protocol libraries from loading at application startup
2026-06-22 02:01:08 +07:00 · 2024-09-20 13:08:28 +01:00 · 2024-09-20 05:06:41 -07:00 · 2024-09-20 04:38:24 -07:00 · 2024-09-20 15:36:20 +04:00 · 2024-09-20 12:12:22 +01:00
133 changed files with 11130 additions and 6325 deletions
@@ -16,6 +16,7 @@ jobs:
      QT_VERSION: 6.6.2
      QIF_VERSION: 4.7
      PROD_AGW_PUBLIC_KEY: ${{ secrets.PROD_AGW_PUBLIC_KEY }}
      DEV_AGW_PUBLIC_KEY: ${{ secrets.DEV_AGW_PUBLIC_KEY }}
    steps:
    - name: 'Install Qt'
@@ -82,6 +83,7 @@ jobs:
      QIF_VERSION: 4.7
      BUILD_ARCH: 64
      PROD_AGW_PUBLIC_KEY: ${{ secrets.PROD_AGW_PUBLIC_KEY }}
      DEV_AGW_PUBLIC_KEY: ${{ secrets.DEV_AGW_PUBLIC_KEY }}
    steps:
    - name: 'Get sources'
@@ -144,6 +146,7 @@ jobs:
      CC: cc
      CXX: c++
      PROD_AGW_PUBLIC_KEY: ${{ secrets.PROD_AGW_PUBLIC_KEY }}
      DEV_AGW_PUBLIC_KEY: ${{ secrets.DEV_AGW_PUBLIC_KEY }}
    steps:
    - name: 'Setup xcode'
@@ -178,7 +181,7 @@ jobs:
    - name: 'Install go'
      uses: actions/setup-go@v5
      with:
-        go-version: '1.20'
+        go-version: '1.22.1'
        cache: false
    - name: 'Setup gomobile'
@@ -235,6 +238,7 @@ jobs:
      QT_VERSION: 6.4.3
      QIF_VERSION: 4.6
      PROD_AGW_PUBLIC_KEY: ${{ secrets.PROD_AGW_PUBLIC_KEY }}
      DEV_AGW_PUBLIC_KEY: ${{ secrets.DEV_AGW_PUBLIC_KEY }}
    steps:
    - name: 'Setup xcode'
@@ -297,24 +301,25 @@ jobs:
    env:
      ANDROID_BUILD_PLATFORM: android-34
-      QT_VERSION: 6.6.2
+      QT_VERSION: 6.7.2
      QT_MODULES: 'qtremoteobjects qt5compat qtimageformats qtshadertools'
      PROD_AGW_PUBLIC_KEY: ${{ secrets.PROD_AGW_PUBLIC_KEY }}
      DEV_AGW_PUBLIC_KEY: ${{ secrets.DEV_AGW_PUBLIC_KEY }}
    steps:
    - name: 'Install desktop Qt'
-      uses: jurplel/install-qt-action@v3
+      uses: jurplel/install-qt-action@v4
      with:
        version: ${{ env.QT_VERSION }}
        host: 'linux'
        target: 'desktop'
-        arch: 'gcc_64'
+        arch: 'linux_gcc_64'
        modules: ${{ env.QT_MODULES }}
        dir: ${{ runner.temp }}
        extra: '--external 7z --base ${{ env.QT_MIRROR }}'
    - name: 'Install android_x86_64 Qt'
-      uses: jurplel/install-qt-action@v3
+      uses: jurplel/install-qt-action@v4
      with:
        version: ${{ env.QT_VERSION }}
        host: 'linux'
@@ -325,7 +330,7 @@ jobs:
        extra: '--external 7z --base ${{ env.QT_MIRROR }}'
    - name: 'Install android_x86 Qt'
-      uses: jurplel/install-qt-action@v3
+      uses: jurplel/install-qt-action@v4
      with:
        version: ${{ env.QT_VERSION }}
        host: 'linux'
@@ -336,7 +341,7 @@ jobs:
        extra: '--external 7z --base ${{ env.QT_MIRROR }}'
    - name: 'Install android_armv7 Qt'
-      uses: jurplel/install-qt-action@v3
+      uses: jurplel/install-qt-action@v4
      with:
        version: ${{ env.QT_VERSION }}
        host: 'linux'
@@ -347,7 +352,7 @@ jobs:
        extra: '--external 7z --base ${{ env.QT_MIRROR }}'
    - name: 'Install android_arm64_v8a Qt'
-      uses: jurplel/install-qt-action@v3
+      uses: jurplel/install-qt-action@v4
      with:
        version: ${{ env.QT_VERSION }}
        host: 'linux'
@@ -16,6 +16,7 @@ jobs:
      QT_VERSION: 6.4.1
      QIF_VERSION: 4.5
      PROD_AGW_PUBLIC_KEY: ${{ secrets.PROD_AGW_PUBLIC_KEY }}
      DEV_AGW_PUBLIC_KEY: ${{ secrets.DEV_AGW_PUBLIC_KEY }}
    steps:
    - name: 'Install desktop Qt'
@@ -2,7 +2,7 @@ cmake_minimum_required(VERSION 3.25.0 FATAL_ERROR)
 set(PROJECT AmneziaVPN)
-project(${PROJECT} VERSION 4.7.0.0
+project(${PROJECT} VERSION 4.8.1.0
        DESCRIPTION "AmneziaVPN"
        HOMEPAGE_URL "https://amnezia.org/"
 )
@@ -11,7 +11,7 @@ string(TIMESTAMP CURRENT_DATE "%Y-%m-%d")
 set(RELEASE_DATE "${CURRENT_DATE}")
 set(APP_MAJOR_VERSION ${CMAKE_PROJECT_VERSION_MAJOR}.${CMAKE_PROJECT_VERSION_MINOR}.${CMAKE_PROJECT_VERSION_PATCH})
-set(APP_ANDROID_VERSION_CODE 57)
+set(APP_ANDROID_VERSION_CODE 62)
 if(${CMAKE_SYSTEM_NAME} STREQUAL "Linux")
    set(MZ_PLATFORM_NAME "linux")
@@ -10,10 +10,10 @@ Amnezia is an open-source VPN client, with a key feature that enables you to dep
 <br>
-<a href="https://github.com/amnezia-vpn/amnezia-client/releases/download/4.6.0.3/AmneziaVPN_4.6.0.3_x64.exe"><img src="https://github.com/amnezia-vpn/amnezia-client/blob/dev/metadata/img-readme/win.png" width="150" style="max-width: 100%;"></a> 
+<a href="https://github.com/amnezia-vpn/amnezia-client/releases/download/4.7.0.0/AmneziaVPN_4.7.0.0_x64.exe"><img src="https://github.com/amnezia-vpn/amnezia-client/blob/dev/metadata/img-readme/win.png" width="150" style="max-width: 100%;"></a> 
-<a href="https://github.com/amnezia-vpn/amnezia-client/releases/download/4.6.0.3/AmneziaVPN_4.6.0.3.dmg"><img src="https://github.com/amnezia-vpn/amnezia-client/blob/dev/metadata/img-readme/mac.png" width="150" style="max-width: 100%;"></a> 
+<a href="https://github.com/amnezia-vpn/amnezia-client/releases/download/4.7.0.0/AmneziaVPN_4.7.0.0.dmg"><img src="https://github.com/amnezia-vpn/amnezia-client/blob/dev/metadata/img-readme/mac.png" width="150" style="max-width: 100%;"></a> 
-<a href="https://github.com/amnezia-vpn/amnezia-client/releases/download/4.6.0.3/AmneziaVPN_Linux_4.6.0.3.tar.zip"><img src="https://github.com/amnezia-vpn/amnezia-client/blob/dev/metadata/img-readme/lin.png" width="150" style="max-width: 100%;"></a>
+<a href="https://github.com/amnezia-vpn/amnezia-client/releases/download/4.7.0.0/AmneziaVPN_Linux_4.7.0.0.tar.zip"><img src="https://github.com/amnezia-vpn/amnezia-client/blob/dev/metadata/img-readme/lin.png" width="150" style="max-width: 100%;"></a>
-<a href="https://github.com/amnezia-vpn/amnezia-client/releases/tag/4.6.0.3"><img src="https://github.com/amnezia-vpn/amnezia-client/blob/dev/metadata/img-readme/andr.png" width="150" style="max-width: 100%;"></a>
+<a href="https://github.com/amnezia-vpn/amnezia-client/releases/tag/4.7.0.0"><img src="https://github.com/amnezia-vpn/amnezia-client/blob/dev/metadata/img-readme/andr.png" width="150" style="max-width: 100%;"></a>
 <br>
@@ -28,11 +28,12 @@ Amnezia is an open-source VPN client, with a key feature that enables you to dep
 ## Features
- Very easy to use - enter your IP address, SSH login, and password, and Amnezia will automatically install VPN docker containers to your server and connect to the VPN.
+- Very easy to use - enter your IP address, SSH login, password and Amnezia will automatically install VPN docker containers to your server and connect to the VPN.
- OpenVPN, Shadowsocks, WireGuard, and IKEv2 protocols support.
+- Classic VPN-protocols: OpenVPN, WireGuard and IKEv2 protocols.
- Masking VPN with OpenVPN over Cloak plugin
+- Protocols with traffic Masking (Obfuscation): OpenVPN over [Cloak](https://github.com/cbeuw/Cloak) plugin, Shadowsocks (OpenVPN over Shadowsocks), [AmneziaWG](https://docs.amnezia.org/documentation/amnezia-wg/) and XRay.
- Split tunneling support - add any sites to the client to enable VPN only for them (only for desktops)
+- Split tunneling support - add any sites to the client to enable VPN only for them or add Apps (only for Android and Desktop).
 - Windows, MacOS, Linux, Android, iOS releases.
 - Support for AmneziaWG protocol configuration on [Keenetic beta firmware](https://docs.keenetic.com/ua/air/kn-1611/en/6319-latest-development-release.html#UUID-186c4108-5afd-c10b-f38a-cdff6c17fab3_section-idm33192196168192-improved).
 ## Links
@@ -41,7 +42,8 @@ Amnezia is an open-source VPN client, with a key feature that enables you to dep
 - [https://t.me/amnezia_vpn_en](https://t.me/amnezia_vpn_en) - Telegram support channel (English) 
 - [https://t.me/amnezia_vpn_ir](https://t.me/amnezia_vpn_ir) - Telegram support channel (Farsi) 
 - [https://t.me/amnezia_vpn_mm](https://t.me/amnezia_vpn_mm) - Telegram support channel (Myanmar)  
- [https://t.me/amnezia_vpn](https://t.me/amnezia_vpn) - Telegram support channel (Russian)  
+- [https://t.me/amnezia_vpn](https://t.me/amnezia_vpn) - Telegram support channel (Russian)
 - [https://vpnpay.io/en/amnezia-premium/](https://vpnpay.io/en/amnezia-premium/) - Amnezia Premium
 ## Tech
@@ -27,6 +27,9 @@ add_definitions(-DGIT_COMMIT_HASH="${GIT_COMMIT_HASH}")
 add_definitions(-DPROD_AGW_PUBLIC_KEY="$ENV{PROD_AGW_PUBLIC_KEY}")
 add_definitions(-DPROD_PROXY_STORAGE_KEY="$ENV{PROD_PROXY_STORAGE_KEY}")
 add_definitions(-DDEV_AGW_PUBLIC_KEY="$ENV{DEV_AGW_PUBLIC_KEY}")
 add_definitions(-DDEV_AGW_ENDPOINT="$ENV{DEV_AGW_ENDPOINT}")
 if(IOS)
    set(PACKAGES ${PACKAGES} Multimedia)
 endif()
@@ -58,6 +61,7 @@ qt_add_executable(${PROJECT} MANUAL_FINALIZATION)
 if(WIN32 OR (APPLE AND NOT IOS) OR (LINUX AND NOT ANDROID))
    qt_add_repc_replicas(${PROJECT} ${CMAKE_CURRENT_LIST_DIR}/../ipc/ipc_interface.rep)
    qt_add_repc_replicas(${PROJECT} ${CMAKE_CURRENT_LIST_DIR}/../ipc/ipc_process_interface.rep)
    qt_add_repc_replicas(${PROJECT} ${CMAKE_CURRENT_LIST_DIR}/../ipc/ipc_process_tun2socks.rep)
 endif()
 qt6_add_resources(QRC ${QRC} ${CMAKE_CURRENT_LIST_DIR}/resources.qrc)
@@ -110,6 +114,7 @@ include(${CMAKE_CURRENT_LIST_DIR}/cmake/3rdparty.cmake)
 include_directories(
    ${CMAKE_CURRENT_LIST_DIR}/../ipc
    ${CMAKE_CURRENT_LIST_DIR}/../common/logger
    ${CMAKE_CURRENT_LIST_DIR}
    ${CMAKE_CURRENT_BINARY_DIR}
 )
@@ -131,7 +136,6 @@ set(HEADERS ${HEADERS}
    ${CMAKE_CURRENT_LIST_DIR}/protocols/protocols_defs.h
    ${CMAKE_CURRENT_LIST_DIR}/protocols/qml_register_protocols.h
    ${CMAKE_CURRENT_LIST_DIR}/ui/pages.h
    ${CMAKE_CURRENT_LIST_DIR}/ui/property_helper.h
    ${CMAKE_CURRENT_LIST_DIR}/ui/qautostart.h
    ${CMAKE_CURRENT_LIST_DIR}/protocols/vpnprotocol.h
    ${CMAKE_CURRENT_BINARY_DIR}/version.h
@@ -140,6 +144,7 @@ set(HEADERS ${HEADERS}
    ${CMAKE_CURRENT_LIST_DIR}/core/serialization/serialization.h
    ${CMAKE_CURRENT_LIST_DIR}/core/serialization/transfer.h
    ${CMAKE_CURRENT_LIST_DIR}/core/enums/apiEnums.h
    ${CMAKE_CURRENT_LIST_DIR}/../common/logger/logger.h
 )
 # Mozilla headres
@@ -190,6 +195,7 @@ set(SOURCES ${SOURCES}
    ${CMAKE_CURRENT_LIST_DIR}/core/serialization/trojan.cpp
    ${CMAKE_CURRENT_LIST_DIR}/core/serialization/vmess.cpp
    ${CMAKE_CURRENT_LIST_DIR}/core/serialization/vmess_new.cpp
    ${CMAKE_CURRENT_LIST_DIR}/../common/logger/logger.cpp
 )
 # Mozilla sources
@@ -164,7 +164,7 @@ void AmneziaApplication::init()
    bool enabled = m_settings->isSaveLogs();
 #ifndef Q_OS_ANDROID
    if (enabled) {
-        if (!Logger::init()) {
+        if (!Logger::init(false)) {
            qWarning() << "Initialization of debug subsystem failed";
        }
    }
@@ -3,7 +3,6 @@
 <manifest
    xmlns:android="http://schemas.android.com/apk/res/android"
    xmlns:tools="http://schemas.android.com/tools"
    package="org.amnezia.vpn"
    android:versionName="-- %%INSERT_VERSION_NAME%% --"
    android:versionCode="-- %%INSERT_VERSION_CODE%% --"
    android:installLocation="auto">
@@ -46,7 +45,7 @@
            android:configChanges="uiMode|screenSize|smallestScreenSize|screenLayout|orientation|density
                |fontScale|layoutDirection|locale|keyboard|keyboardHidden|navigation|mcc|mnc"
            android:launchMode="singleInstance"
-            android:windowSoftInputMode="adjustResize"
+            android:windowSoftInputMode="stateUnchanged|adjustResize"
            android:exported="true">
            <intent-filter>
@@ -68,9 +67,6 @@
                android:name="android.app.lib_name"
                android:value="-- %%INSERT_APP_LIB_NAME%% --" />
            <meta-data
                android:name="android.app.extract_android_style"
                android:value="minimal" />
        </activity>
        <activity
@@ -88,6 +84,13 @@
            android:exported="false"
            android:theme="@style/Translucent" />
        <activity android:name=".AuthActivity"
            android:excludeFromRecents="true"
            android:launchMode="singleTask"
            android:taskAffinity=""
            android:exported="false"
            android:theme="@style/Translucent" />
        <activity
            android:name=".ImportConfigActivity"
            android:excludeFromRecents="true"
@@ -1,81 +1,28 @@
 package org.amnezia.vpn.protocol.awg
 import org.amnezia.vpn.protocol.wireguard.Wireguard
 import org.amnezia.vpn.util.optStringOrNull
 import org.json.JSONObject
 /**
 *    Config example:
 *    {
 *        "protocol": "awg",
 *        "description": "Server 1",
 *        "dns1": "1.1.1.1",
 *        "dns2": "1.0.0.1",
 *        "hostName": "100.100.100.0",
 *        "splitTunnelSites": [
 *        ],
 *        "splitTunnelType": 0,
 *        "awg_config_data": {
 *            "H1": "969537490",
 *            "H2": "481688153",
 *            "H3": "2049399200",
 *            "H4": "52029755",
 *            "Jc": "3",
 *            "Jmax": "1000",
 *            "Jmin": "50",
 *            "S1": "49",
 *            "S2": "60",
 *            "client_ip": "10.8.1.1",
 *            "hostName": "100.100.100.0",
 *            "port": 12345,
 *            "client_pub_key": "clientPublicKeyBase64",
 *            "client_priv_key": "privateKeyBase64",
 *            "psk_key": "presharedKeyBase64",
 *            "server_pub_key": "publicKeyBase64",
 *            "config": "[Interface]
 *                       Address = 10.8.1.1/32
 *                       DNS = 1.1.1.1, 1.0.0.1
 *                       PrivateKey = privateKeyBase64
 *                       Jc = 3
 *                       Jmin = 50
 *                       Jmax = 1000
 *                       S1 = 49
 *                       S2 = 60
 *                       H1 = 969537490
 *                       H2 = 481688153
 *                       H3 = 2049399200
 *                       H4 = 52029755
 *
 *                       [Peer]
 *                       PublicKey = publicKeyBase64
 *                       PresharedKey = presharedKeyBase64
 *                       AllowedIPs = 0.0.0.0/0, ::/0
 *                       Endpoint = 100.100.100.0:12345
 *                       PersistentKeepalive = 25
 *                       "
 *        }
 *    }
 */
 class Awg : Wireguard() {
    override val ifName: String = "awg0"
    override fun parseConfig(config: JSONObject): AwgConfig {
-        val configDataJson = config.getJSONObject("awg_config_data")
+        val configData = config.getJSONObject("awg_config_data")
        val configData = parseConfigData(configDataJson.getString("config"))
        return AwgConfig.build {
-            configWireguard(configData, configDataJson)
+            configWireguard(config, configData)
            configSplitTunneling(config)
            configAppSplitTunneling(config)
-            configData["Jc"]?.let { setJc(it.toInt()) }
+            configData.optStringOrNull("Jc")?.let { setJc(it.toInt()) }
-            configData["Jmin"]?.let { setJmin(it.toInt()) }
+            configData.optStringOrNull("Jmin")?.let { setJmin(it.toInt()) }
-            configData["Jmax"]?.let { setJmax(it.toInt()) }
+            configData.optStringOrNull("Jmax")?.let { setJmax(it.toInt()) }
-            configData["S1"]?.let { setS1(it.toInt()) }
+            configData.optStringOrNull("S1")?.let { setS1(it.toInt()) }
-            configData["S2"]?.let { setS2(it.toInt()) }
+            configData.optStringOrNull("S2")?.let { setS2(it.toInt()) }
-            configData["H1"]?.let { setH1(it.toLong()) }
+            configData.optStringOrNull("H1")?.let { setH1(it.toLong()) }
-            configData["H2"]?.let { setH2(it.toLong()) }
+            configData.optStringOrNull("H2")?.let { setH2(it.toLong()) }
-            configData["H3"]?.let { setH3(it.toLong()) }
+            configData.optStringOrNull("H3")?.let { setH3(it.toLong()) }
-            configData["H4"]?.let { setH4(it.toLong()) }
+            configData.optStringOrNull("H4")?.let { setH4(it.toLong()) }
        }
    }
 }
@@ -3,3 +3,6 @@
 // android.bundle.enableUncompressedNativeLibs is deprecated
 // disable adding gradle property android.bundle.enableUncompressedNativeLibs by androiddeployqt
 useLegacyPackaging
 // package name for androiddeployqt
 namespace = "org.amnezia.vpn"
@@ -115,9 +115,11 @@ dependencies {
    implementation(project(":xray"))
    implementation(libs.androidx.core)
    implementation(libs.androidx.activity)
    implementation(libs.androidx.fragment)
    implementation(libs.kotlinx.coroutines)
    implementation(libs.kotlinx.serialization.protobuf)
    implementation(libs.bundles.androidx.camera)
    implementation(libs.google.mlkit)
    implementation(libs.androidx.datastore)
    implementation(libs.androidx.biometric)
 }
@@ -3,40 +3,16 @@ package org.amnezia.vpn.protocol.cloak
 import android.util.Base64
 import net.openvpn.ovpn3.ClientAPI_Config
 import org.amnezia.vpn.protocol.openvpn.OpenVpn
 import org.amnezia.vpn.util.LibraryLoader.loadSharedLibrary
 import org.json.JSONObject
 /**
 *    Config Example:
 *    {
 *     "protocol": "cloak",
 *     "description": "Server 1",
 *     "dns1": "1.1.1.1",
 *     "dns2": "1.0.0.1",
 *     "hostName": "100.100.100.0",
 *     "splitTunnelSites": [
 *     ],
 *     "splitTunnelType": 0,
 *     "openvpn_config_data": {
 *           "config": "openVpnConfig"
 *     }
 *     "cloak_config_data": {
 *          "BrowserSig": "chrome",
 *          "EncryptionMethod": "aes-gcm",
 *          "NumConn": 1,
 *          "ProxyMethod": "openvpn",
 *          "PublicKey": "PublicKey=",
 *          "RemoteHost": "100.100.100.0",
 *          "RemotePort": "443",
 *          "ServerName": "servername",
 *          "StreamTimeout": 300,
 *          "Transport": "direct",
 *          "UID": "UID="
 *     }
 * }
 */
 class Cloak : OpenVpn() {
    override fun internalInit() {
        super.internalInit()
        if (!isInitialized) loadSharedLibrary(context, "ck-ovpn-plugin")
    }
    override fun parseConfig(config: JSONObject): ClientAPI_Config {
        val openVpnConfig = ClientAPI_Config()
@@ -1,24 +1,28 @@
 [versions]
-agp = "8.2.0"
+agp = "8.5.2"
-kotlin = "1.9.20"
+kotlin = "1.9.24"
-androidx-core = "1.12.0"
+androidx-core = "1.13.1"
-androidx-activity = "1.8.1"
+androidx-activity = "1.9.1"
-androidx-annotation = "1.7.0"
+androidx-annotation = "1.8.2"
-androidx-camera = "1.3.0"
+androidx-biometric = "1.2.0-alpha05"
 androidx-camera = "1.3.4"
 androidx-fragment = "1.8.2"
 androidx-security-crypto = "1.1.0-alpha06"
-androidx-datastore = "1.1.0-beta01"
+androidx-datastore = "1.1.1"
-kotlinx-coroutines = "1.7.3"
+kotlinx-coroutines = "1.8.1"
 kotlinx-serialization = "1.6.3"
-google-mlkit = "17.2.0"
+google-mlkit = "17.3.0"
 [libraries]
 androidx-core = { module = "androidx.core:core-ktx", version.ref = "androidx-core" }
 androidx-activity = { module = "androidx.activity:activity-ktx", version.ref = "androidx-activity" }
 androidx-annotation = { module = "androidx.annotation:annotation", version.ref = "androidx-annotation" }
 androidx-biometric = { module = "androidx.biometric:biometric-ktx", version.ref = "androidx-biometric" }
 androidx-camera-core = { module = "androidx.camera:camera-core", version.ref = "androidx-camera" }
 androidx-camera-camera2 = { module = "androidx.camera:camera-camera2", version.ref = "androidx-camera" }
 androidx-camera-lifecycle = { module = "androidx.camera:camera-lifecycle", version.ref = "androidx-camera" }
 androidx-camera-view = { module = "androidx.camera:camera-view", version.ref = "androidx-camera" }
 androidx-fragment = { module = "androidx.fragment:fragment-ktx", version.ref = "androidx-fragment" }
 androidx-security-crypto = { module = "androidx.security:security-crypto-ktx", version.ref = "androidx-security-crypto" }
 androidx-datastore = { module = "androidx.datastore:datastore-preferences", version.ref = "androidx-datastore" }
 kotlinx-coroutines = { module = "org.jetbrains.kotlinx:kotlinx-coroutines-android", version.ref = "kotlinx-coroutines" }
@@ -1,7 +1,5 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-8.5-bin.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-8.10-bin.zip
 networkTimeout=10000
 validateDistributionUrl=true
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists
@@ -15,6 +15,8 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
 # SPDX-License-Identifier: Apache-2.0
 #
 ##############################################################################
 #
@@ -55,7 +57,7 @@
 #       Darwin, MinGW, and NonStop.
 #
 #   (3) This script is generated from the Groovy template
-#       https://github.com/gradle/gradle/blob/HEAD/subprojects/plugins/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt
+#       https://github.com/gradle/gradle/blob/HEAD/platforms/jvm/plugins-application/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt
 #       within the Gradle project.
 #
 #       You can find Gradle at https://github.com/gradle/gradle/.
@@ -84,7 +86,8 @@ done
 # shellcheck disable=SC2034
 APP_BASE_NAME=${0##*/}
 # Discard cd standard output in case $CDPATH is set (https://github.com/gradle/gradle/issues/25036)
-APP_HOME=$( cd "${APP_HOME:-./}" > /dev/null && pwd -P ) || exit
+APP_HOME=$( cd -P "${APP_HOME:-./}" > /dev/null && printf '%s
 ' "$PWD" ) || exit
 # Use the maximum available, or set MAX_FD != -1 to use that value.
 MAX_FD=maximum
@@ -13,6 +13,8 @@
@rem See the License for the specific language governing permissions and
@rem limitations under the License.
@rem
@rem SPDX-License-Identifier: Apache-2.0
@rem
@if "%DEBUG%"=="" @echo off
@rem ##########################################################################
@@ -43,11 +45,11 @@ set JAVA_EXE=java.exe
 %JAVA_EXE% -version >NUL 2>&1
 if %ERRORLEVEL% equ 0 goto execute
-echo.
+echo. 1>&2
-echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
+echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. 1>&2
-echo.
+echo. 1>&2
-echo Please set the JAVA_HOME variable in your environment to match the
+echo Please set the JAVA_HOME variable in your environment to match the 1>&2
-echo location of your Java installation.
+echo location of your Java installation. 1>&2
 goto fail
@@ -57,11 +59,11 @@ set JAVA_EXE=%JAVA_HOME%/bin/java.exe
 if exist "%JAVA_EXE%" goto execute
-echo.
+echo. 1>&2
-echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME%
+echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME% 1>&2
-echo.
+echo. 1>&2
-echo Please set the JAVA_HOME variable in your environment to match the
+echo Please set the JAVA_HOME variable in your environment to match the 1>&2
-echo location of your Java installation.
+echo location of your Java installation. 1>&2
 goto fail
@@ -11,28 +11,12 @@ import org.amnezia.vpn.protocol.Protocol
 import org.amnezia.vpn.protocol.ProtocolState.DISCONNECTED
 import org.amnezia.vpn.protocol.Statistics
 import org.amnezia.vpn.protocol.VpnStartException
 import org.amnezia.vpn.util.LibraryLoader.loadSharedLibrary
 import org.amnezia.vpn.util.net.InetNetwork
 import org.amnezia.vpn.util.net.getLocalNetworks
 import org.amnezia.vpn.util.net.parseInetAddress
 import org.json.JSONObject
 /**
 *    Config Example:
 *    {
 *     "protocol": "openvpn",
 *     "description": "Server 1",
 *     "dns1": "1.1.1.1",
 *     "dns2": "1.0.0.1",
 *     "hostName": "100.100.100.0",
 *     "splitTunnelSites": [
 *     ],
 *     "splitTunnelType": 0,
 *     "openvpn_config_data": {
 *           "config": "openVpnConfig"
 *     }
 * }
 */
 open class OpenVpn : Protocol() {
    private var openVpnClient: OpenVpnClient? = null
@@ -51,14 +35,17 @@ open class OpenVpn : Protocol() {
        }
    override fun internalInit() {
-        if (!isInitialized) loadSharedLibrary(context, "ovpn3")
+        if (!isInitialized) {
            loadSharedLibrary(context, "ovpn3")
            loadSharedLibrary(context, "ovpnutil")
        }
        if (this::scope.isInitialized) {
            scope.cancel()
        }
        scope = CoroutineScope(Dispatchers.IO)
    }
-    override fun startVpn(config: JSONObject, vpnBuilder: Builder, protect: (Int) -> Boolean) {
+    override suspend fun startVpn(config: JSONObject, vpnBuilder: Builder, protect: (Int) -> Boolean) {
        val configBuilder = OpenVpnConfig.Builder()
        openVpnClient = OpenVpnClient(
@@ -2,7 +2,6 @@ package org.amnezia.vpn.protocol
 sealed class ProtocolException(message: String? = null, cause: Throwable? = null) : Exception(message, cause)
 class LoadLibraryException(message: String? = null, cause: Throwable? = null) : ProtocolException(message, cause)
 class BadConfigException(message: String? = null, cause: Throwable? = null) : ProtocolException(message, cause)
 class VpnStartException(message: String? = null, cause: Throwable? = null) : ProtocolException(message, cause)
@@ -42,7 +42,7 @@ abstract class Protocol {
    protected abstract fun internalInit()
-    abstract fun startVpn(config: JSONObject, vpnBuilder: Builder, protect: (Int) -> Boolean)
+    abstract suspend fun startVpn(config: JSONObject, vpnBuilder: Builder, protect: (Int) -> Boolean)
    abstract fun stopVpn()
@@ -158,60 +158,6 @@ abstract class Protocol {
        if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.Q)
            vpnBuilder.setMetered(false)
    }
    companion object {
        private fun extractLibrary(context: Context, libraryName: String, destination: File): Boolean {
            Log.d(TAG, "Extracting library: $libraryName")
            val apks = hashSetOf<String>()
            context.applicationInfo.run {
                sourceDir?.let { apks += it }
                splitSourceDirs?.let { apks += it }
            }
            for (abi in Build.SUPPORTED_ABIS) {
                for (apk in apks) {
                    ZipFile(File(apk), ZipFile.OPEN_READ).use { zipFile ->
                        val mappedName = System.mapLibraryName(libraryName)
                        val libraryZipPath = listOf("lib", abi, mappedName).joinToString(File.separator)
                        val zipEntry = zipFile.getEntry(libraryZipPath)
                        zipEntry?.let {
                            Log.d(TAG, "Extracting apk:/$libraryZipPath to ${destination.absolutePath}")
                            FileOutputStream(destination).use { outStream ->
                                zipFile.getInputStream(zipEntry).use { inStream ->
                                    inStream.copyTo(outStream, 32 * 1024)
                                    outStream.fd.sync()
                                }
                            }
                        }
                        return true
                    }
                }
            }
            return false
        }
        @SuppressLint("UnsafeDynamicallyLoadedCode")
        fun loadSharedLibrary(context: Context, libraryName: String) {
            Log.d(TAG, "Loading library: $libraryName")
            try {
                System.loadLibrary(libraryName)
                return
            } catch (_: UnsatisfiedLinkError) {
                Log.d(TAG, "Failed to load library, try to extract it from apk")
            }
            var tempFile: File? = null
            try {
                tempFile = File.createTempFile("lib", ".so", context.codeCacheDir)
                if (extractLibrary(context, libraryName, tempFile)) {
                    System.load(tempFile.absolutePath)
                    return
                }
            } catch (e: Exception) {
                throw LoadLibraryException("Failed to load library apk: $libraryName", e)
            } finally {
                tempFile?.delete()
            }
        }
    }
 }
 private fun VpnService.Builder.addAddress(addr: InetNetwork) = addAddress(addr.address, addr.mask)
@@ -21,5 +21,5 @@ android {
 }
 dependencies {
-    implementation(fileTree(mapOf("dir" to "../libs", "include" to listOf("*.jar"))))
+    api(fileTree(mapOf("dir" to "../libs", "include" to listOf("*.jar"))))
 }
@@ -3,7 +3,6 @@
    <!-- DO NOT EDIT THIS: This file is populated automatically by the deployment tool. -->
    <array name="bundled_libs">
        <!-- %%INSERT_EXTRA_LIBS%% -->
    </array>
    <array name="qt_libs">
@@ -1,6 +1,9 @@
 <?xml version="1.0" encoding="utf-8"?>
 <resources>
    <color name="black">#FF0E0E11</color>
    <style name="NoActionBar">
        <item name="android:windowBackground">@color/black</item>
        <item name="android:colorBackground">@color/black</item>
        <item name="android:windowActionBar">false</item>
        <item name="android:windowNoTitle">true</item>
    </style>
@@ -22,7 +22,7 @@ dependencyResolutionManagement {
 includeBuild("./gradle/plugins")
 plugins {
-    id("com.android.settings") version "8.2.0"
+    id("com.android.settings") version "8.5.2"
    id("settings-property-delegate")
 }
@@ -43,6 +43,7 @@ import kotlinx.coroutines.withContext
 import org.amnezia.vpn.protocol.getStatistics
 import org.amnezia.vpn.protocol.getStatus
 import org.amnezia.vpn.qt.QtAndroidController
 import org.amnezia.vpn.util.LibraryLoader.loadSharedLibrary
 import org.amnezia.vpn.util.Log
 import org.amnezia.vpn.util.Prefs
 import org.json.JSONException
@@ -158,6 +159,11 @@ class AmneziaActivity : QtActivity() {
    override fun onCreate(savedInstanceState: Bundle?) {
        super.onCreate(savedInstanceState)
        Log.d(TAG, "Create Amnezia activity: $intent")
        loadLibs()
        window.apply {
            addFlags(LayoutParams.FLAG_DRAWS_SYSTEM_BAR_BACKGROUNDS)
            statusBarColor = getColor(R.color.black)
        }
        mainScope = CoroutineScope(SupervisorJob() + Dispatchers.Main.immediate)
        val proto = mainScope.async(Dispatchers.IO) {
            VpnStateStore.getVpnState().vpnProto
@@ -175,6 +181,17 @@ class AmneziaActivity : QtActivity() {
        runBlocking { vpnProto = proto.await() }
    }
    private fun loadLibs() {
        listOf(
            "rsapss",
            "crypto_3",
            "ssl_3",
            "ssh"
        ).forEach {
            loadSharedLibrary(this.applicationContext, it)
        }
    }
    private fun registerBroadcastReceivers() {
        notificationStateReceiver = if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.P) {
            registerBroadcastReceiver(
@@ -610,6 +627,14 @@ class AmneziaActivity : QtActivity() {
        }
    }
    @Suppress("unused")
    fun setNavigationBarColor(color: Int) {
        Log.v(TAG, "Change navigation bar color: ${"#%08X".format(color)}")
        mainScope.launch {
            window.navigationBarColor = color
        }
    }
    @Suppress("unused")
    fun minimizeApp() {
        Log.v(TAG, "Minimize application")
@@ -684,6 +709,17 @@ class AmneziaActivity : QtActivity() {
            .show()
    }
    @Suppress("unused")
    fun requestAuthentication() {
        Log.v(TAG, "Request authentication")
        mainScope.launch {
            qtInitialized.await()
            Intent(this@AmneziaActivity, AuthActivity::class.java).also {
                startActivity(it)
            }
        }
    }
    /**
     * Utils methods
     */
@@ -31,6 +31,7 @@ import kotlinx.coroutines.Job
 import kotlinx.coroutines.SupervisorJob
 import kotlinx.coroutines.TimeoutCancellationException
 import kotlinx.coroutines.cancel
 import kotlinx.coroutines.cancelAndJoin
 import kotlinx.coroutines.delay
 import kotlinx.coroutines.flow.MutableStateFlow
 import kotlinx.coroutines.flow.drop
@@ -39,7 +40,6 @@ import kotlinx.coroutines.launch
 import kotlinx.coroutines.runBlocking
 import kotlinx.coroutines.withTimeout
 import org.amnezia.vpn.protocol.BadConfigException
 import org.amnezia.vpn.protocol.LoadLibraryException
 import org.amnezia.vpn.protocol.ProtocolState.CONNECTED
 import org.amnezia.vpn.protocol.ProtocolState.CONNECTING
 import org.amnezia.vpn.protocol.ProtocolState.DISCONNECTED
@@ -49,6 +49,7 @@ import org.amnezia.vpn.protocol.ProtocolState.UNKNOWN
 import org.amnezia.vpn.protocol.VpnException
 import org.amnezia.vpn.protocol.VpnStartException
 import org.amnezia.vpn.protocol.putStatus
 import org.amnezia.vpn.util.LoadLibraryException
 import org.amnezia.vpn.util.Log
 import org.amnezia.vpn.util.Prefs
 import org.amnezia.vpn.util.net.NetworkState
@@ -111,6 +112,10 @@ open class AmneziaVpnService : VpnService() {
        get() = clientMessengers.any { it.value.name == ACTIVITY_MESSENGER_NAME }
    private val connectionExceptionHandler = CoroutineExceptionHandler { _, e ->
        connectionJob?.cancel()
        connectionJob = null
        disconnectionJob?.cancel()
        disconnectionJob = null
        protocolState.value = DISCONNECTED
        when (e) {
            is IllegalArgumentException,
@@ -531,7 +536,7 @@ open class AmneziaVpnService : VpnService() {
        protocolState.value = DISCONNECTING
        disconnectionJob = connectionScope.launch {
-            connectionJob?.join()
+            connectionJob?.cancelAndJoin()
            connectionJob = null
            vpnProto?.protocol?.stopVpn()
@@ -0,0 +1,97 @@
 package org.amnezia.vpn
 import android.os.Build
 import android.os.Bundle
 import androidx.biometric.BiometricManager
 import androidx.biometric.BiometricManager.Authenticators.BIOMETRIC_STRONG
 import androidx.biometric.BiometricManager.Authenticators.DEVICE_CREDENTIAL
 import androidx.biometric.BiometricPrompt
 import androidx.biometric.BiometricPrompt.AuthenticationResult
 import androidx.core.content.ContextCompat
 import androidx.fragment.app.FragmentActivity
 import org.amnezia.vpn.qt.QtAndroidController
 import org.amnezia.vpn.util.Log
 private const val TAG = "AuthActivity"
 private const val AUTHENTICATORS = BIOMETRIC_STRONG or DEVICE_CREDENTIAL
 class AuthActivity : FragmentActivity() {
    override fun onCreate(savedInstanceState: Bundle?) {
        super.onCreate(savedInstanceState)
        val biometricManager = BiometricManager.from(applicationContext)
        when (biometricManager.canAuthenticate(AUTHENTICATORS)) {
            BiometricManager.BIOMETRIC_SUCCESS -> {
                showBiometricPrompt(biometricManager)
                return
            }
            BiometricManager.BIOMETRIC_STATUS_UNKNOWN -> {
                Log.w(TAG, "Unknown biometric status")
                showBiometricPrompt(biometricManager)
                return
            }
            BiometricManager.BIOMETRIC_ERROR_UNSUPPORTED -> {
                Log.e(TAG, "The specified options are incompatible with the current Android " +
                    "version ${Build.VERSION.SDK_INT}")
            }
            BiometricManager.BIOMETRIC_ERROR_HW_UNAVAILABLE -> {
                Log.w(TAG, "The hardware is unavailable")
            }
            BiometricManager.BIOMETRIC_ERROR_NONE_ENROLLED -> {
                Log.w(TAG, "No biometric or device credential is enrolled")
            }
            BiometricManager.BIOMETRIC_ERROR_NO_HARDWARE -> {
                Log.w(TAG, "There is no suitable hardware")
            }
            BiometricManager.BIOMETRIC_ERROR_SECURITY_UPDATE_REQUIRED -> {
                Log.w(TAG, "A security vulnerability has been discovered with one or " +
                    "more hardware sensors")
            }
        }
        QtAndroidController.onAuthResult(true)
        finish()
    }
    private fun showBiometricPrompt(biometricManager: BiometricManager) {
        val executor = ContextCompat.getMainExecutor(applicationContext)
        val biometricPrompt = BiometricPrompt(this, executor,
            object : BiometricPrompt.AuthenticationCallback() {
                override fun onAuthenticationSucceeded(result: AuthenticationResult) {
                    super.onAuthenticationSucceeded(result)
                    Log.d(TAG, "Authentication succeeded")
                    QtAndroidController.onAuthResult(true)
                    finish()
                }
                override fun onAuthenticationFailed() {
                    super.onAuthenticationFailed()
                    Log.w(TAG, "Authentication failed")
                }
                override fun onAuthenticationError(errorCode: Int, errString: CharSequence) {
                    super.onAuthenticationError(errorCode, errString)
                    Log.e(TAG, "Authentication error $errorCode: $errString")
                    QtAndroidController.onAuthResult(false)
                    finish()
                }
            })
        val promptInfo = BiometricPrompt.PromptInfo.Builder()
            .setAllowedAuthenticators(AUTHENTICATORS)
            .setTitle("AmneziaVPN")
            .setSubtitle(biometricManager.getStrings(AUTHENTICATORS)?.promptMessage)
            .build()
        biometricPrompt.authenticate(promptInfo)
    }
 }
@@ -1,24 +0,0 @@
 package org.amnezia.vpn;
 import android.content.Context;
 import android.app.KeyguardManager;
 import android.content.Intent;
 import org.qtproject.qt.android.bindings.QtActivity;
 import static android.content.Context.KEYGUARD_SERVICE;
 public class AuthHelper extends QtActivity {
   static final String TAG = "AuthHelper";
   public static Intent getAuthIntent(Context context) {
   	KeyguardManager mKeyguardManager = (KeyguardManager)context.getSystemService(KEYGUARD_SERVICE);
   	if (mKeyguardManager.isDeviceSecure()) {
                return mKeyguardManager.createConfirmDeviceCredentialIntent(null, null);
        } else {
        	return null;
        }     
   }
 }
@@ -33,10 +33,10 @@ class ImportConfigActivity : ComponentActivity() {
        intent?.let(::readConfig)
    }
-    override fun onNewIntent(intent: Intent?) {
+    override fun onNewIntent(intent: Intent) {
        super.onNewIntent(intent)
        Log.d(TAG, "onNewIntent: $intent")
-        intent?.let(::readConfig)
+        intent.let(::readConfig)
    }
    private fun readConfig(intent: Intent) {
@@ -25,5 +25,7 @@ object QtAndroidController {
    external fun onConfigImported(data: String)
    external fun onAuthResult(result: Boolean)
    external fun decodeQrCode(data: String): Boolean
 }
@@ -0,0 +1,9 @@
 package org.amnezia.vpn.util
 import org.json.JSONArray
 import org.json.JSONObject
 inline fun <reified T> JSONArray.asSequence(): Sequence<T> =
    (0..<length()).asSequence().map { get(it) as T }
 fun JSONObject.optStringOrNull(name: String) = optString(name).ifEmpty { null }
@@ -0,0 +1,66 @@
 package org.amnezia.vpn.util
 import android.annotation.SuppressLint
 import android.content.Context
 import android.os.Build
 import java.io.File
 import java.io.FileOutputStream
 import java.util.zip.ZipFile
 private const val TAG = "LibraryLoader"
 object LibraryLoader {
    private fun extractLibrary(context: Context, libraryName: String, destination: File): Boolean {
        Log.d(TAG, "Extracting library: $libraryName")
        val apks = hashSetOf<String>()
        context.applicationInfo.run {
            sourceDir?.let { apks += it }
            splitSourceDirs?.let { apks += it }
        }
        for (abi in Build.SUPPORTED_ABIS) {
            for (apk in apks) {
                ZipFile(File(apk), ZipFile.OPEN_READ).use { zipFile ->
                    val mappedName = System.mapLibraryName(libraryName)
                    val libraryZipPath = listOf("lib", abi, mappedName).joinToString(File.separator)
                    val zipEntry = zipFile.getEntry(libraryZipPath)
                    zipEntry?.let {
                        Log.d(TAG, "Extracting apk:/$libraryZipPath to ${destination.absolutePath}")
                        FileOutputStream(destination).use { outStream ->
                            zipFile.getInputStream(zipEntry).use { inStream ->
                                inStream.copyTo(outStream, 32 * 1024)
                                outStream.fd.sync()
                            }
                        }
                    }
                    return true
                }
            }
        }
        return false
    }
    @SuppressLint("UnsafeDynamicallyLoadedCode")
    fun loadSharedLibrary(context: Context, libraryName: String) {
        Log.d(TAG, "Loading library: $libraryName")
        try {
            System.loadLibrary(libraryName)
            return
        } catch (_: UnsatisfiedLinkError) {
            Log.d(TAG, "Failed to load library, try to extract it from apk")
        }
        var tempFile: File? = null
        try {
            tempFile = File.createTempFile("lib", ".so", context.codeCacheDir)
            if (extractLibrary(context, libraryName, tempFile)) {
                System.load(tempFile.absolutePath)
                return
            }
        } catch (e: Exception) {
            throw LoadLibraryException("Failed to load library apk: $libraryName", e)
        } finally {
            tempFile?.delete()
        }
    }
 }
 class LoadLibraryException(message: String? = null, cause: Throwable? = null) : Exception(message, cause)
@@ -88,7 +88,7 @@ class NetworkState(
        if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.S) {
            connectivityManager.registerBestMatchingNetworkCallback(networkRequest, networkCallback, handler)
        } else if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.O) {
-            val numberAttempts = 3
+            val numberAttempts = 300
            var attemptCount = 0
            while(true) {
                try {
@@ -35,7 +35,7 @@ fun getLocalNetworks(context: Context, ipv6: Boolean): List<InetNetwork> {
    return emptyList()
 }
-fun parseInetAddress(address: String): InetAddress = parseNumericAddressCompat(address)
+fun parseInetAddress(address: String): InetAddress = InetAddress.getByName(address)
 private val parseNumericAddressCompat: (String) -> InetAddress =
    if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.Q) {
@@ -60,7 +60,7 @@ private val parseNumericAddressCompat: (String) -> InetAddress =
 internal fun convertIpv6ToCanonicalForm(ipv6: String): String = ipv6
    .replace("((?:(?:^|:)0+\\b){2,}):?(?!\\S*\\b\\1:0+\\b)(\\S*)".toRegex(), "::$2")
-internal val InetAddress.ip: String
+val InetAddress.ip: String
    get() = if (this is Inet4Address) {
        hostAddress!!
    } else {
@@ -1,54 +1,26 @@
 package org.amnezia.vpn.protocol.wireguard
 import android.net.VpnService.Builder
-import java.util.TreeMap
+import java.io.IOException
 import java.util.Locale
 import kotlinx.coroutines.Dispatchers
 import kotlinx.coroutines.delay
 import kotlinx.coroutines.withContext
 import org.amnezia.awg.GoBackend
 import org.amnezia.vpn.protocol.Protocol
 import org.amnezia.vpn.protocol.ProtocolState.CONNECTED
 import org.amnezia.vpn.protocol.ProtocolState.DISCONNECTED
 import org.amnezia.vpn.protocol.Statistics
 import org.amnezia.vpn.protocol.VpnStartException
 import org.amnezia.vpn.util.LibraryLoader.loadSharedLibrary
 import org.amnezia.vpn.util.Log
 import org.amnezia.vpn.util.asSequence
 import org.amnezia.vpn.util.net.InetEndpoint
 import org.amnezia.vpn.util.net.InetNetwork
 import org.amnezia.vpn.util.net.parseInetAddress
 import org.amnezia.vpn.util.optStringOrNull
 import org.json.JSONObject
 /**
 *    Config example:
 *    {
 *        "protocol": "wireguard",
 *        "description": "Server 1",
 *        "dns1": "1.1.1.1",
 *        "dns2": "1.0.0.1",
 *        "hostName": "100.100.100.0",
 *        "splitTunnelSites": [
 *        ],
 *        "splitTunnelType": 0,
 *        "wireguard_config_data": {
 *            "client_ip": "10.8.1.1",
 *            "hostName": "100.100.100.0",
 *            "port": 12345,
 *            "client_pub_key": "clientPublicKeyBase64",
 *            "client_priv_key": "privateKeyBase64",
 *            "psk_key": "presharedKeyBase64",
 *            "server_pub_key": "publicKeyBase64",
 *            "config": "[Interface]
 *                       Address = 10.8.1.1/32
 *                       DNS = 1.1.1.1, 1.0.0.1
 *                       PrivateKey = privateKeyBase64
 *
 *                       [Peer]
 *                       PublicKey = publicKeyBase64
 *                       PresharedKey = presharedKeyBase64
 *                       AllowedIPs = 0.0.0.0/0, ::/0
 *                       Endpoint = 100.100.100.0:12345
 *                       PersistentKeepalive = 25
 *                       "
 *        }
 *    }
 */
 private const val TAG = "Wireguard"
 open class Wireguard : Protocol() {
@@ -79,67 +51,88 @@ open class Wireguard : Protocol() {
        if (!isInitialized) loadSharedLibrary(context, "wg-go")
    }
-    override fun startVpn(config: JSONObject, vpnBuilder: Builder, protect: (Int) -> Boolean) {
+    override suspend fun startVpn(config: JSONObject, vpnBuilder: Builder, protect: (Int) -> Boolean) {
        val wireguardConfig = parseConfig(config)
        val startTime = System.currentTimeMillis()
        start(wireguardConfig, vpnBuilder, protect)
        waitForConnection(startTime)
        state.value = CONNECTED
    }
    private suspend fun waitForConnection(startTime: Long) {
        Log.d(TAG, "Waiting for connection")
        withContext(Dispatchers.IO) {
            val time = String.format(Locale.ROOT,"%.3f", startTime / 1000.0)
            try {
                delay(1000)
                var log = getLogcat(time)
                Log.d(TAG, "First waiting log: $log")
                // check that there is a connection log,
                // to avoid infinite connection
                if (!log.contains("Attaching to interface")) {
                    Log.w(TAG, "Logs do not contain a connection log")
                    return@withContext
                }
                while (!log.contains("Received handshake response")) {
                    delay(1000)
                    log = getLogcat(time)
                }
            } catch (e: IOException) {
                Log.e(TAG, "Failed to get logcat: $e")
            }
        }
    }
    private fun getLogcat(time: String): String =
        ProcessBuilder("logcat", "--buffer=main", "--format=raw", "*:S AmneziaWG/awg0", "-t", time)
            .redirectErrorStream(true)
            .start()
            .inputStream.reader().readText()
    protected open fun parseConfig(config: JSONObject): WireguardConfig {
-        val configDataJson = config.getJSONObject("wireguard_config_data")
+        val configData = config.getJSONObject("wireguard_config_data")
        val configData = parseConfigData(configDataJson.getString("config"))
        return WireguardConfig.build {
-            configWireguard(configData, configDataJson)
+            configWireguard(config, configData)
            configSplitTunneling(config)
            configAppSplitTunneling(config)
        }
    }
-    protected fun WireguardConfig.Builder.configWireguard(configData: Map<String, String>, configDataJson: JSONObject) {
+    protected fun WireguardConfig.Builder.configWireguard(config: JSONObject, configData: JSONObject) {
-        configData["Address"]?.split(",")?.map { address ->
+        configData.getString("client_ip").split(",").map { address ->
            InetNetwork.parse(address.trim())
-        }?.forEach(::addAddress)
+        }.forEach(::addAddress)
-        configData["DNS"]?.split(",")?.map { dns ->
+        config.optStringOrNull("dns1")?.let { dns ->
-            parseInetAddress(dns.trim())
+            addDnsServer(parseInetAddress(dns.trim()))
-        }?.forEach(::addDnsServer)
+        }
        config.optStringOrNull("dns2")?.let { dns ->
            addDnsServer(parseInetAddress(dns.trim()))
        }
        val defRoutes = hashSetOf(
            InetNetwork("0.0.0.0", 0),
            InetNetwork("::", 0)
        )
        val routes = hashSetOf<InetNetwork>()
-        configData["AllowedIPs"]?.split(",")?.map { route ->
+        configData.getJSONArray("allowed_ips").asSequence<String>().map { route ->
            InetNetwork.parse(route.trim())
-        }?.forEach(routes::add)
+        }.forEach(routes::add)
        // if the allowed IPs list contains at least one non-default route, disable global split tunneling
        if (routes.any { it !in defRoutes }) disableSplitTunneling()
        addRoutes(routes)
-        configDataJson.optString("mtu").let { mtu ->
+        configData.optStringOrNull("mtu")?.let { setMtu(it.toInt()) }
            if (mtu.isNotEmpty()) {
                setMtu(mtu.toInt())
            } else {
                configData["MTU"]?.let { setMtu(it.toInt()) }
            }
        }
-        configData["Endpoint"]?.let { setEndpoint(InetEndpoint.parse(it)) }
+        val host = configData.getString("hostName").let { parseInetAddress(it.trim()) }
-        configData["PersistentKeepalive"]?.let { setPersistentKeepalive(it.toInt()) }
+        val port = configData.getInt("port")
-        configData["PrivateKey"]?.let { setPrivateKeyHex(it.base64ToHex()) }
+        setEndpoint(InetEndpoint(host, port))
        configData["PublicKey"]?.let { setPublicKeyHex(it.base64ToHex()) }
        configData["PresharedKey"]?.let { setPreSharedKeyHex(it.base64ToHex()) }
    }
-    protected fun parseConfigData(data: String): Map<String, String> {
+        configData.optStringOrNull("persistent_keep_alive")?.let { setPersistentKeepalive(it.toInt()) }
-        val parsedData = TreeMap<String, String>(String.CASE_INSENSITIVE_ORDER)
+        configData.getString("client_priv_key").let { setPrivateKeyHex(it.base64ToHex()) }
-        data.lineSequence()
+        configData.getString("server_pub_key").let { setPublicKeyHex(it.base64ToHex()) }
-            .filter { it.isNotEmpty() && !it.startsWith('[') }
+        configData.optStringOrNull("psk_key")?.let { setPreSharedKeyHex(it.base64ToHex()) }
            .forEach { line ->
                val attr = line.split("=", limit = 2)
                parsedData[attr.first().trim()] = attr.last().trim()
            }
        return parsedData
    }
    private fun start(config: WireguardConfig, vpnBuilder: Builder, protect: (Int) -> Boolean) {
@@ -17,72 +17,10 @@ import org.amnezia.vpn.protocol.xray.libXray.Logger
 import org.amnezia.vpn.protocol.xray.libXray.Tun2SocksConfig
 import org.amnezia.vpn.util.Log
 import org.amnezia.vpn.util.net.InetNetwork
 import org.amnezia.vpn.util.net.ip
 import org.amnezia.vpn.util.net.parseInetAddress
 import org.json.JSONObject
 /**
 *    Config example:
 * {
 *     "appSplitTunnelType": 0,
 *     "config_version": 0,
 *     "description": "Server 1",
 *     "dns1": "1.1.1.1",
 *     "dns2": "1.0.0.1",
 *     "hostName": "100.100.100.0",
 *     "protocol": "xray",
 *     "splitTunnelApps": [],
 *     "splitTunnelSites": [],
 *     "splitTunnelType": 0,
 *     "xray_config_data": {
 *         "inbounds": [
 *             {
 *                 "listen": "127.0.0.1",
 *                 "port": 8080,
 *                 "protocol": "socks",
 *                 "settings": {
 *                     "udp": true
 *                 }
 *             }
 *         ],
 *         "log": {
 *             "loglevel": "error"
 *         },
 *         "outbounds": [
 *             {
 *                 "protocol": "vless",
 *                 "settings": {
 *                     "vnext": [
 *                         {
 *                             "address": "100.100.100.0",
 *                             "port": 443,
 *                             "users": [
 *                                 {
 *                                     "encryption": "none",
 *                                     "flow": "xtls-rprx-vision",
 *                                     "id": "id"
 *                                 }
 *                             ]
 *                         }
 *                     ]
 *                 },
 *                 "streamSettings": {
 *                     "network": "tcp",
 *                     "realitySettings": {
 *                         "fingerprint": "chrome",
 *                         "publicKey": "publicKey",
 *                         "serverName": "google.com",
 *                         "shortId": "id",
 *                         "spiderX": ""
 *                     },
 *                     "security": "reality"
 *                 }
 *             }
 *         ]
 *     }
 * }
 *
 */
 private const val TAG = "Xray"
 private const val LIBXRAY_TAG = "libXray"
@@ -109,7 +47,7 @@ class Xray : Protocol() {
        }
    }
-    override fun startVpn(config: JSONObject, vpnBuilder: Builder, protect: (Int) -> Boolean) {
+    override suspend fun startVpn(config: JSONObject, vpnBuilder: Builder, protect: (Int) -> Boolean) {
        if (isRunning) {
            Log.w(TAG, "XRay already running")
            return
@@ -124,7 +62,15 @@ class Xray : Protocol() {
            .put("loglevel", "warning")
            .put("access", "none") // disable access log
-        start(xrayConfig, xrayJsonConfig.toString(), vpnBuilder, protect)
+        var xrayJsonConfigString = xrayJsonConfig.toString()
        config.getString("hostName").let { hostName ->
            val ipAddress = parseInetAddress(hostName).ip
            if (hostName != ipAddress) {
                xrayJsonConfigString = xrayJsonConfigString.replace(hostName, ipAddress)
            }
        }
        start(xrayConfig, xrayJsonConfigString, vpnBuilder, protect)
        state.value = CONNECTED
        isRunning = true
    }
@@ -27,7 +27,6 @@ link_directories(${CMAKE_CURRENT_SOURCE_DIR}/platforms/android)
 set(HEADERS ${HEADERS}
    ${CMAKE_CURRENT_SOURCE_DIR}/platforms/android/android_controller.h
    ${CMAKE_CURRENT_SOURCE_DIR}/platforms/android/android_utils.h
    ${CMAKE_CURRENT_SOURCE_DIR}/platforms/android/authResultReceiver.h
    ${CMAKE_CURRENT_SOURCE_DIR}/protocols/android_vpnprotocol.h
    ${CMAKE_CURRENT_SOURCE_DIR}/core/installedAppsImageProvider.h
 )
@@ -35,7 +34,6 @@ set(HEADERS ${HEADERS}
 set(SOURCES ${SOURCES}
    ${CMAKE_CURRENT_SOURCE_DIR}/platforms/android/android_controller.cpp
    ${CMAKE_CURRENT_SOURCE_DIR}/platforms/android/android_utils.cpp
    ${CMAKE_CURRENT_SOURCE_DIR}/platforms/android/authResultReceiver.cpp
    ${CMAKE_CURRENT_SOURCE_DIR}/protocols/android_vpnprotocol.cpp
    ${CMAKE_CURRENT_SOURCE_DIR}/core/installedAppsImageProvider.cpp
 )
@@ -95,6 +95,18 @@ WireguardConfigurator::ConnectionData WireguardConfigurator::prepareWireguardCon
        stdOut.replace("/32", "");
        QStringList ips = stdOut.split("\n", Qt::SkipEmptyParts);
        // remove extra IPs from each line for case when user manually edited the wg0.conf
        // and added there more IPs for route his itnernal networks, like:
        //     ...
        //     AllowedIPs = 10.8.1.6/32, 192.168.1.0/24, 192.168.2.0/24, ...
        //     ...
        // without this code - next IP would be 1 if last item in 'ips' has format above
        QStringList vpnIps;
        for (const auto &ip : ips) {
          vpnIps.append(ip.split(",", Qt::SkipEmptyParts).first().trimmed());
        }
        ips = vpnIps;
        // Calc next IP address
        if (ips.isEmpty()) {
            nextIpNumber = "2";
@@ -187,6 +199,10 @@ QString WireguardConfigurator::createConfig(const ServerCredentials &credentials
    jConfig[config_key::server_pub_key] = connData.serverPubKey;
    jConfig[config_key::mtu] = wireguarConfig.value(config_key::mtu).toString(protocols::wireguard::defaultMtu);
    jConfig[config_key::persistent_keep_alive] = "25";
    QJsonArray allowedIps { "0.0.0.0/0", "::/0" };
    jConfig[config_key::allowed_ips] = allowedIps;
    jConfig[config_key::clientId] = connData.clientPubKey;
    return QJsonDocument(jConfig).toJson();
@@ -9,8 +9,8 @@
 #include "QRsa.h"
 #include "amnezia_application.h"
 #include "core/enums/apiEnums.h"
 #include "configurators/wireguard_configurator.h"
 #include "core/enums/apiEnums.h"
 #include "version.h"
 namespace
@@ -42,7 +42,7 @@ namespace
        constexpr char keyPayload[] = "key_payload";
    }
-    const QStringList proxyStorageUrl = {""};
+    const QStringList proxyStorageUrl = { "" };
    ErrorCode checkErrors(const QList<QSslError> &sslErrors, QNetworkReply *reply)
    {
@@ -65,7 +65,8 @@ namespace
    }
 }
-ApiController::ApiController(const QString &gatewayEndpoint, QObject *parent) : QObject(parent), m_gatewayEndpoint(gatewayEndpoint)
+ApiController::ApiController(const QString &gatewayEndpoint, bool isDevEnvironment, QObject *parent)
    : QObject(parent), m_gatewayEndpoint(gatewayEndpoint), m_isDevEnvironment(isDevEnvironment)
 {
 }
@@ -143,7 +144,7 @@ QStringList ApiController::getProxyUrls()
    QEventLoop wait;
    QList<QSslError> sslErrors;
-    QNetworkReply* reply;
+    QNetworkReply *reply;
    for (const auto &proxyStorageUrl : proxyStorageUrl) {
        request.setUrl(proxyStorageUrl);
@@ -281,7 +282,7 @@ ErrorCode ApiController::getServicesList(QByteArray &responseBody)
    request.setUrl(QString("%1v1/services").arg(m_gatewayEndpoint));
-    QNetworkReply* reply;
+    QNetworkReply *reply;
    reply = amnApp->manager()->get(request);
    QEventLoop wait;
@@ -300,7 +301,8 @@ ErrorCode ApiController::getServicesList(QByteArray &responseBody)
            QObject::connect(reply, &QNetworkReply::finished, &wait, &QEventLoop::quit);
            connect(reply, &QNetworkReply::sslErrors, [this, &sslErrors](const QList<QSslError> &errors) { sslErrors = errors; });
            wait.exec();
-            if (reply->error() != QNetworkReply::NetworkError::TimeoutError && reply->error() != QNetworkReply::NetworkError::OperationCanceledError) {
+            if (reply->error() != QNetworkReply::NetworkError::TimeoutError
                && reply->error() != QNetworkReply::NetworkError::OperationCanceledError) {
                break;
            }
            reply->deleteLater();
@@ -355,7 +357,7 @@ ErrorCode ApiController::getConfigForService(const QString &installationUuid, co
        EVP_PKEY *publicKey = nullptr;
        try {
-            QByteArray key = PROD_AGW_PUBLIC_KEY;
+            QByteArray key = m_isDevEnvironment ? DEV_AGW_PUBLIC_KEY : PROD_AGW_PUBLIC_KEY;
            QSimpleCrypto::QRsa rsa;
            publicKey = rsa.getPublicKeyFromByteArray(key);
        } catch (...) {
@@ -375,7 +377,7 @@ ErrorCode ApiController::getConfigForService(const QString &installationUuid, co
    requestBody[configKey::keyPayload] = QString(encryptedKeyPayload.toBase64());
    requestBody[configKey::apiPayload] = QString(encryptedApiPayload.toBase64());
-    QNetworkReply* reply = manager.post(request, QJsonDocument(requestBody).toJson());
+    QNetworkReply *reply = manager.post(request, QJsonDocument(requestBody).toJson());
    QEventLoop wait;
    connect(reply, &QNetworkReply::finished, &wait, &QEventLoop::quit);
@@ -395,7 +397,8 @@ ErrorCode ApiController::getConfigForService(const QString &installationUuid, co
            QObject::connect(reply, &QNetworkReply::finished, &wait, &QEventLoop::quit);
            connect(reply, &QNetworkReply::sslErrors, [this, &sslErrors](const QList<QSslError> &errors) { sslErrors = errors; });
            wait.exec();
-            if (reply->error() != QNetworkReply::NetworkError::TimeoutError && reply->error() != QNetworkReply::NetworkError::OperationCanceledError) {
+            if (reply->error() != QNetworkReply::NetworkError::TimeoutError
                && reply->error() != QNetworkReply::NetworkError::OperationCanceledError) {
                break;
            }
            reply->deleteLater();
@@ -14,7 +14,7 @@ class ApiController : public QObject
    Q_OBJECT
 public:
-    explicit ApiController(const QString &gatewayEndpoint, QObject *parent = nullptr);
+    explicit ApiController(const QString &gatewayEndpoint, bool isDevEnvironment, QObject *parent = nullptr);
 public slots:
    void updateServerConfigFromApi(const QString &installationUuid, const int serverIndex, QJsonObject serverConfig);
@@ -44,6 +44,7 @@ private:
    QString m_gatewayEndpoint;
    QStringList m_proxyUrls;
    bool m_isDevEnvironment = false;
 };
 #endif // APICONTROLLER_H
@@ -83,7 +83,6 @@ ErrorCode ServerController::runScript(const ServerCredentials &credentials, QStr
        }
        qDebug().noquote() << lineToExec;
        Logger::appendSshLog("Run command:" + lineToExec);
        error = m_sshClient.executeCommand(lineToExec, cbReadStdOut, cbReadStdErr);
        if (error != ErrorCode::NoError) {
@@ -100,13 +99,13 @@ ErrorCode ServerController::runContainerScript(const ServerCredentials &credenti
                                               const std::function<ErrorCode(const QString &, libssh::Client &)> &cbReadStdErr)
 {
    QString fileName = "/opt/amnezia/" + Utils::getRandomString(16) + ".sh";
    Logger::appendSshLog("Run container script for " + ContainerProps::containerToString(container) + ":\n" + script);
    ErrorCode e = uploadTextFileToContainer(container, credentials, script, fileName);
    if (e)
        return e;
-    QString runner = QString("sudo docker exec -i $CONTAINER_NAME %2 %1 ").arg(fileName, (container == DockerContainer::Socks5Proxy ? "sh" : "bash"));
+    QString runner =
            QString("sudo docker exec -i $CONTAINER_NAME %2 %1 ").arg(fileName, (container == DockerContainer::Socks5Proxy ? "sh" : "bash"));
    e = runScript(credentials, replaceVars(runner, genVarsForScript(credentials, container)), cbReadStdOut, cbReadStdErr);
    QString remover = QString("sudo docker exec -i $CONTAINER_NAME rm %1 ").arg(fileName);
@@ -426,7 +425,7 @@ ErrorCode ServerController::buildContainerWorker(const ServerCredentials &creden
    if (errorCode)
        return errorCode;
-    errorCode = uploadFileToHost(credentials, amnezia::scriptData(ProtocolScriptType::dockerfile, container).toUtf8(),dockerFilePath);
+    errorCode = uploadFileToHost(credentials, amnezia::scriptData(ProtocolScriptType::dockerfile, container).toUtf8(), dockerFilePath);
    if (errorCode)
        return errorCode;
@@ -437,9 +436,10 @@ ErrorCode ServerController::buildContainerWorker(const ServerCredentials &creden
        return ErrorCode::NoError;
    };
-    errorCode = runScript(credentials,
+    errorCode =
-                  replaceVars(amnezia::scriptData(SharedScriptType::build_container), genVarsForScript(credentials, container, config)),
+            runScript(credentials,
-                  cbReadStdOut);
+                      replaceVars(amnezia::scriptData(SharedScriptType::build_container), genVarsForScript(credentials, container, config)),
                      cbReadStdOut);
    if (errorCode)
        return errorCode;
@@ -621,13 +621,15 @@ ServerController::Vars ServerController::genVarsForScript(const ServerCredential
    // Socks5 proxy vars
    vars.append({ { "$SOCKS5_PROXY_PORT", socks5ProxyConfig.value(config_key::port).toString(protocols::socks5Proxy::defaultPort) } });
-    auto username =  socks5ProxyConfig.value(config_key:: userName).toString();
+    auto username = socks5ProxyConfig.value(config_key::userName).toString();
    auto password = socks5ProxyConfig.value(config_key::password).toString();
    QString socks5user = (!username.isEmpty() && !password.isEmpty()) ? QString("users %1:CL:%2").arg(username, password) : "";
-    vars.append({ { "$SOCKS5_USER",  socks5user } });
+    vars.append({ { "$SOCKS5_USER", socks5user } });
-    vars.append({ { "$SOCKS5_AUTH_TYPE",  socks5user.isEmpty() ? "none" : "strong" } });
+    vars.append({ { "$SOCKS5_AUTH_TYPE", socks5user.isEmpty() ? "none" : "strong" } });
-    QString serverIp = NetworkUtilities::getIPAddress(credentials.hostName);
+    QString serverIp = (container != DockerContainer::Awg && container != DockerContainer::WireGuard && container != DockerContainer::Xray)
            ? NetworkUtilities::getIPAddress(credentials.hostName)
            : credentials.hostName;
    if (!serverIp.isEmpty()) {
        vars.append({ { "$SERVER_IP_ADDRESS", serverIp } });
    } else {
@@ -713,7 +715,8 @@ ErrorCode ServerController::isServerPortBusy(const ServerCredentials &credential
        udpProtoScript.append("' | grep -i udp");
        tcpProtoScript.append(" | grep LISTEN");
-        ErrorCode errorCode = runScript(credentials, replaceVars(tcpProtoScript, genVarsForScript(credentials, container)), cbReadStdOut, cbReadStdErr);
+        ErrorCode errorCode =
                runScript(credentials, replaceVars(tcpProtoScript, genVarsForScript(credentials, container)), cbReadStdOut, cbReadStdErr);
        if (errorCode != ErrorCode::NoError) {
            return errorCode;
        }
@@ -100,7 +100,13 @@ QJsonObject VpnConfigurationsController::createVpnConfiguration(const QPair<QStr
        protocolConfigString = configurator->processConfigWithLocalSettings(dns, isApiConfig, protocolConfigString);
        QJsonObject vpnConfigData = QJsonDocument::fromJson(protocolConfigString.toUtf8()).object();
-        vpnConfigData = QJsonDocument::fromJson(protocolConfigString.toUtf8()).object();
+        if (container == DockerContainer::Awg || container == DockerContainer::WireGuard) {
            // add mtu for old configs
            if (vpnConfigData[config_key::mtu].toString().isEmpty()) {
                vpnConfigData[config_key::mtu] = container == DockerContainer::Awg ? protocols::awg::defaultMtu : protocols::wireguard::defaultMtu;
            }
        }
        vpnConfiguration.insert(ProtocolProps::key_proto_config_data(proto), vpnConfigData);
    }
@@ -29,6 +29,12 @@ QSharedPointer<IpcInterfaceReplica> IpcClient::Interface()
    return Instance()->m_ipcClient;
 }
 QSharedPointer<IpcProcessTun2SocksReplica> IpcClient::InterfaceTun2Socks()
 {
    if (!Instance()) return nullptr;
    return Instance()->m_Tun2SocksClient;
 }
 bool IpcClient::init(IpcClient *instance)
 {
    m_instance = instance;
@@ -44,6 +50,12 @@ bool IpcClient::init(IpcClient *instance)
            qWarning() << "IpcClient replica is not connected!";
        }
        Instance()->m_Tun2SocksClient.reset(Instance()->m_ClientNode.acquire<IpcProcessTun2SocksReplica>());
        Instance()->m_Tun2SocksClient->waitForSource(1000);
        if (!Instance()->m_Tun2SocksClient->isReplicaValid()) {
            qWarning() << "IpcClient::m_Tun2SocksClient replica is not connected!";
        }
    });
    connect(Instance()->m_localSocket, &QLocalSocket::disconnected, [instance](){
@@ -51,16 +63,16 @@ bool IpcClient::init(IpcClient *instance)
    });
    Instance()->m_localSocket->connectToServer(amnezia::getIpcServiceUrl());
    Instance()->m_localSocket->waitForConnected();
    if (!Instance()->m_ipcClient) {
        qDebug() << "IpcClient::init failed";
        return false;
    }
    qDebug() << "IpcClient::init succeed";
-    return Instance()->m_ipcClient->isReplicaValid();
+    return (Instance()->m_ipcClient->isReplicaValid() && Instance()->m_Tun2SocksClient->isReplicaValid());
 }
 QSharedPointer<PrivilegedProcess> IpcClient::CreatePrivilegedProcess()
@@ -6,6 +6,7 @@
 #include "ipc.h"
 #include "rep_ipc_interface_replica.h"
 #include "rep_ipc_process_tun2socks_replica.h"
 #include "privileged_process.h"
@@ -18,6 +19,7 @@ public:
   static IpcClient *Instance();
   static bool init(IpcClient *instance);
   static QSharedPointer<IpcInterfaceReplica> Interface();
   static QSharedPointer<IpcProcessTun2SocksReplica> InterfaceTun2Socks();
   static QSharedPointer<PrivilegedProcess> CreatePrivilegedProcess();
   bool isSocketConnected() const;
@@ -28,8 +30,11 @@ private:
    ~IpcClient() override;
    QRemoteObjectNode m_ClientNode;
    QRemoteObjectNode m_Tun2SocksNode;
    QSharedPointer<IpcInterfaceReplica> m_ipcClient;
    QPointer<QLocalSocket> m_localSocket;
    QPointer<QLocalSocket> m_tun2socksSocket;
    QSharedPointer<IpcProcessTun2SocksReplica> m_Tun2SocksClient;
    struct ProcessDescriptor {
        ProcessDescriptor () {
@@ -109,7 +109,10 @@ QStringList NetworkUtilities::summarizeRoutes(const QStringList &ips, const QStr
 QString NetworkUtilities::getIPAddress(const QString &host)
 {
-    if (ipAddressRegExp().match(host).hasMatch()) {
+    QHostAddress address(host);
    if (QAbstractSocket::IPv4Protocol == address.protocol()) {
        return host;
    } else if (QAbstractSocket::IPv6Protocol == address.protocol()) {
        return host;
    }
@@ -1,107 +0,0 @@
 #ifndef LOGGER_H
 #define LOGGER_H
 #include <QDebug>
 #include <QDir>
 #include <QFile>
 #include <QString>
 #include <QTextStream>
 #include "ui/property_helper.h"
 #include "mozilla/shared/loglevel.h"
 class Logger : public QObject
 {
    Q_OBJECT
    AUTO_PROPERTY(QString, sshLog)
    AUTO_PROPERTY(QString, allLog)
 public:
    static Logger& Instance();
    static void appendSshLog(const QString &log);
    static void appendAllLog(const QString &log);
    static bool init();
    static void deInit();
    static bool setServiceLogsEnabled(bool enabled);
    static bool openLogsFolder();
    static bool openServiceLogsFolder();
    static QString appLogFileNamePath();
    static void clearLogs();
    static void clearServiceLogs();
    static void cleanUp();
    static QString userLogsFilePath();
    static QString getLogFile();
    // compat with Mozilla logger
    Logger(const QString &className) { m_className = className; }
    const QString& className() const { return m_className; }
    class Log {
    public:
        Log(Logger* logger, LogLevel level);
        ~Log();
        Log& operator<<(uint64_t t);
        Log& operator<<(const char* t);
        Log& operator<<(const QString& t);
        Log& operator<<(const QStringList& t);
        Log& operator<<(const QByteArray& t);
        Log& operator<<(const QJsonObject& t);
        Log& operator<<(QTextStreamFunction t);
        Log& operator<<(const void* t);
        // Q_ENUM
        template <typename T>
        typename std::enable_if<QtPrivate::IsQEnumHelper<T>::Value, Log&>::type
        operator<<(T t) {
            const QMetaObject* meta = qt_getEnumMetaObject(t);
            const char* name = qt_getEnumName(t);
            addMetaEnum(typename QFlags<T>::Int(t), meta, name);
            return *this;
        }
    private:
        void addMetaEnum(quint64 value, const QMetaObject* meta, const char* name);
        Logger* m_logger;
        LogLevel m_logLevel;
        struct Data {
            Data() : m_ts(&m_buffer, QIODevice::WriteOnly) {}
            QString m_buffer;
            QTextStream m_ts;
        };
        Data* m_data;
    };
    Log error();
    Log warning();
    Log info();
    Log debug();
    QString sensitive(const QString& input);
 private:
    Logger() {}
    Logger(Logger const &) = delete;
    Logger& operator= (Logger const&) = delete;
    static QString userLogsDir();
    static QFile m_file;
    static QTextStream m_textStream;
    static QString m_logFileName;
    friend void debugMessageHandler(QtMsgType type, const QMessageLogContext& context, const QString& msg);
    // compat with Mozilla logger
    QString m_className;
 };
 #endif // LOGGER_H
@@ -149,7 +149,7 @@ void LocalSocketController::activate(const QJsonObject &rawConfig) {
  QJsonArray jsAllowedIPAddesses;
  QJsonArray plainAllowedIP = wgConfig.value(amnezia::config_key::allowed_ips).toArray();
-  QJsonArray defaultAllowedIP = QJsonArray::fromStringList(QString("0.0.0.0/0, ::/0").split(","));
+  QJsonArray defaultAllowedIP = { "0.0.0.0/0", "::/0" };
  if (plainAllowedIP != defaultAllowedIP && !plainAllowedIP.isEmpty()) {
    // Use AllowedIP list from WG config because of higher priority
@@ -98,6 +98,7 @@ bool AndroidController::initialize()
        {"onStatisticsUpdate", "(JJ)V", reinterpret_cast<void *>(onStatisticsUpdate)},
        {"onFileOpened", "(Ljava/lang/String;)V", reinterpret_cast<void *>(onFileOpened)},
        {"onConfigImported", "(Ljava/lang/String;)V", reinterpret_cast<void *>(onConfigImported)},
        {"onAuthResult", "(Z)V", reinterpret_cast<void *>(onAuthResult)},
        {"decodeQrCode", "(Ljava/lang/String;)Z", reinterpret_cast<bool *>(decodeQrCode)}
    };
@@ -210,6 +211,11 @@ void AndroidController::setScreenshotsEnabled(bool enabled)
    callActivityMethod("setScreenshotsEnabled", "(Z)V", enabled);
 }
 void AndroidController::setNavigationBarColor(unsigned int color)
 {
    callActivityMethod("setNavigationBarColor", "(I)V", color);
 }
 void AndroidController::minimizeApp()
 {
    callActivityMethod("minimizeApp", "()V");
@@ -265,6 +271,22 @@ void AndroidController::requestNotificationPermission()
    callActivityMethod("requestNotificationPermission", "()V");
 }
 bool AndroidController::requestAuthentication()
 {
    QEventLoop wait;
    bool result;
    connect(this, &AndroidController::authenticationResult, this,
            [&result, &wait](const bool &authResult){
                qDebug() << "Android authentication result:" << authResult;
                result = authResult;
                wait.quit();
            },
            static_cast<Qt::ConnectionType>(Qt::QueuedConnection | Qt::SingleShotConnection));
    callActivityMethod("requestAuthentication", "()V");
    wait.exec();
    return result;
 }
 // Moving log processing to the Android side
 jclass AndroidController::log;
 jmethodID AndroidController::logDebug;
@@ -462,6 +484,14 @@ void AndroidController::onConfigImported(JNIEnv *env, jobject thiz, jstring data
    emit AndroidController::instance()->configImported(AndroidUtils::convertJString(env, data));
 }
 // static
 void AndroidController::onAuthResult(JNIEnv *env, jobject thiz, jboolean result)
 {
    Q_UNUSED(thiz);
    emit AndroidController::instance()->authenticationResult(result);
 }
 // static
 bool AndroidController::decodeQrCode(JNIEnv *env, jobject thiz, jstring data)
 {
@@ -41,11 +41,13 @@ public:
    void exportLogsFile(const QString &fileName);
    void clearLogs();
    void setScreenshotsEnabled(bool enabled);
    void setNavigationBarColor(unsigned int color);
    void minimizeApp();
    QJsonArray getAppList();
    QPixmap getAppIcon(const QString &package, QSize *size, const QSize &requestedSize);
    bool isNotificationPermissionGranted();
    void requestNotificationPermission();
    bool requestAuthentication();
    static bool initLogging();
    static void messageHandler(QtMsgType type, const QMessageLogContext &context, const QString &message);
@@ -63,6 +65,7 @@ signals:
    void configImported(QString config);
    void importConfigFromOutside(QString config);
    void initConnectionState(Vpn::ConnectionState state);
    void authenticationResult(bool result);
 private:
    bool isWaitingStatus = true;
@@ -89,6 +92,7 @@ private:
    static void onStatisticsUpdate(JNIEnv *env, jobject thiz, jlong rxBytes, jlong txBytes);
    static void onConfigImported(JNIEnv *env, jobject thiz, jstring data);
    static void onFileOpened(JNIEnv *env, jobject thiz, jstring uri);
    static void onAuthResult(JNIEnv *env, jobject thiz, jboolean result);
    static bool decodeQrCode(JNIEnv *env, jobject thiz, jstring data);
    template <typename Ret, typename ...Args>
@@ -1,16 +0,0 @@
 #include "authResultReceiver.h"
 AuthResultReceiver::AuthResultReceiver(QSharedPointer<AuthResultNotifier> &notifier) : m_notifier(notifier)
 {
 }
 void AuthResultReceiver::handleActivityResult(int receiverRequestCode, int resultCode, const QJniObject &data)
 {
    qDebug() << "receiverRequestCode" << receiverRequestCode << "resultCode" << resultCode;
    if (resultCode == -1) { // ResultOK
        emit m_notifier->authSuccessful();
    } else {
        emit m_notifier->authFailed();
    }
 }
@@ -1,32 +0,0 @@
 #ifndef AUTHRESULTRECEIVER_H
 #define AUTHRESULTRECEIVER_H
 #include <QJniObject>
 #include <private/qandroidextras_p.h>
 class AuthResultNotifier : public QObject
 {
    Q_OBJECT
 public:
    AuthResultNotifier(QObject *parent = nullptr) : QObject(parent) {};
 signals:
    void authFailed();
    void authSuccessful();
 };
 /* Auth result handler for Android */
 class AuthResultReceiver final : public QAndroidActivityResultReceiver
 {
 public:
    AuthResultReceiver(QSharedPointer<AuthResultNotifier> &notifier);
    void handleActivityResult(int receiverRequestCode, int resultCode, const QJniObject &data) override;
 private:
    QSharedPointer<AuthResultNotifier> m_notifier;
 };
 #endif // AUTHRESULTRECEIVER_H
@@ -351,8 +351,6 @@ void IosController::vpnStatusDidChange(void *pNotification)
                                }
                            }
                        }
                    } else {
                        qDebug() << "Disconnect error is absent";
                    }
                }];
            } else {
@@ -835,7 +833,7 @@ QString IosController::openFile() {
 void IosController::requestInetAccess() {
    NSURL *url = [NSURL URLWithString:@"http://captive.apple.com/generate_204"];
-    if (url) {
+    if (!url) {
        qDebug() << "IosController::requestInetAccess URL error";
        return;
    }
@@ -847,7 +845,6 @@ void IosController::requestInetAccess() {
        } else {
            NSHTTPURLResponse *httpResponse = (NSHTTPURLResponse *)response;
            QString responseBody = QString::fromUtf8((const char*)data.bytes, data.length);
            qDebug() << "IosController::requestInetAccess server response:" << httpResponse.statusCode << "\n\n" <<responseBody;
        }
    }];
    [task resume];
@@ -12,7 +12,7 @@
 #include "Winsvc.h"
 /**
- * @brief The WindowsServiceManager provides controll over the MozillaVPNBroker
+ * @brief The WindowsServiceManager provides control over the MozillaVPNBroker
 * service via SCM
 */
 class WindowsServiceManager : public QObject {
@@ -10,6 +10,7 @@
 #include "ikev2_vpn_protocol_windows.h"
 #include "utilities.h"
 static Ikev2Protocol* self = nullptr;
 static std::mutex rasDialFuncMutex;
@@ -80,10 +81,10 @@ void Ikev2Protocol::newConnectionStateEventReceived(UINT unMsg, tagRASCONNSTATE
    case RASCS_AuthNotify:
        //qDebug()<<__FUNCTION__ << __LINE__;
        if (dwError != 0) {
-            //qDebug() << "have error" << dwError;
+            qDebug() << "have error" << dwError;
            setConnectionState(Vpn::ConnectionState::Disconnected);
        } else {
-            //qDebug() << "RASCS_AuthNotify but no error" << dwError;
+            qDebug() << "RASCS_AuthNotify but no error" << dwError;
        }
        break;
    case RASCS_AuthRetry:
@@ -179,11 +180,13 @@ ErrorCode Ikev2Protocol::start()
    QByteArray cert = QByteArray::fromBase64(m_config[config_key::cert].toString().toUtf8());
    setConnectionState(Vpn::ConnectionState::Connecting);
-    QTemporaryFile certFile;
+    QTemporaryFile * certFile = new QTemporaryFile;
-    certFile.setAutoRemove(false);
+    certFile->setAutoRemove(false);
-    certFile.open();
+    certFile->open();
-    certFile.write(cert);
+    QString m_filename = certFile->fileName();
-    certFile.close();
+    certFile->write(cert);
    certFile->close();
    delete certFile;
    {
        auto certInstallProcess = IpcClient::CreatePrivilegedProcess();
@@ -193,19 +196,19 @@ ErrorCode Ikev2Protocol::start()
            return ErrorCode::AmneziaServiceConnectionFailed;
        }
-        certInstallProcess->waitForSource(1000);
+        certInstallProcess->waitForSource();
        if (!certInstallProcess->isInitialized()) {
            qWarning() << "IpcProcess replica is not connected!";
            setLastError(ErrorCode::AmneziaServiceConnectionFailed);
            return ErrorCode::AmneziaServiceConnectionFailed;
        }
        certInstallProcess->setProgram(PermittedProcess::CertUtil);
        QStringList arguments({"-f" , "-importpfx",
                               "-p", m_config[config_key::password].toString(),
                               certFile.fileName(), "NoExport"
                              });
        certInstallProcess->setArguments(arguments);
        QStringList arguments({"-f", "-importpfx", "-p", m_config[config_key::password].toString(),
            QDir::toNativeSeparators(m_filename), "NoExport"
        });
        certInstallProcess->setArguments(arguments);
        certInstallProcess->start();
    }
    // /*
@@ -219,40 +222,40 @@ ErrorCode Ikev2Protocol::start()
    }
    {
-        {
+     {
-            if ( !create_new_vpn(tunnelName(), m_config[config_key::hostName].toString())){
+      if ( !create_new_vpn(tunnelName(), m_config[config_key::hostName].toString())){
-                qDebug() <<"Can't create the VPN connect";
+                                                                                    qDebug() <<"Can't create the VPN connect";
-            }
+}
-        }
+}
-    }
+}
-    {
+{
-        auto adapterConfigProcess = new QProcess;
+    QProcess adapterConfigProcess;
    adapterConfigProcess.setProgram("powershell");
    QString arguments = QString("-command \"Set-VpnConnectionIPsecConfiguration\" "
                                "-ConnectionName '%1' "
                                "-AuthenticationTransformConstants GCMAES128 "
                                "-CipherTransformConstants GCMAES128 "
                                "-EncryptionMethod AES256 "
                                "-IntegrityCheckMethod SHA256 "
                                "-PfsGroup None "
                                "-DHGroup Group14 "
                                "-PassThru -Force\"")
                            .arg(tunnelName());
-        adapterConfigProcess->setProgram("powershell");
+    adapterConfigProcess.setNativeArguments(arguments);
        QString arguments = QString("-command \"Set-VpnConnectionIPsecConfiguration\" "
                                    "-ConnectionName '%1' "
                                    "-AuthenticationTransformConstants GCMAES128 "
                                    "-CipherTransformConstants GCMAES128 "
                                    "-EncryptionMethod AES256 "
                                    "-IntegrityCheckMethod SHA256 "
                                    "-PfsGroup None "
                                    "-DHGroup Group14 "
                                    "-PassThru -Force\"")
                .arg(tunnelName());
        adapterConfigProcess->setNativeArguments(arguments);
-        adapterConfigProcess->start();
+    adapterConfigProcess.start();
-        adapterConfigProcess->waitForFinished(5000);
+    adapterConfigProcess.waitForFinished(5000);
 }
 //*/
 {
    if (!connect_to_vpn(tunnelName())) {
        qDebug()<<"We can't connect to VPN";
    }
-    //*/
+}
-    {
+//setConnectionState(Connecting);
-        if (!connect_to_vpn(tunnelName())) {
+return ErrorCode::NoError;
            qDebug()<<"We can't connect to VPN";
        }
    }
    //setConnectionState(Connecting);
    return ErrorCode::NoError;
 }
 //~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 bool Ikev2Protocol::create_new_vpn(const QString & vpn_name,
@@ -299,6 +302,7 @@ bool Ikev2Protocol::connect_to_vpn(const QString & vpn_name){
    auto ret = RasDial(NULL, NULL, &RasDialParams, 0,
                       &RasDialFuncCallback,
                       &hRasConn);
    if (ret == ERROR_SUCCESS){
        return true;
    }
@@ -6,6 +6,7 @@
 #include <QTcpSocket>
 #include <QNetworkInterface>
 #include "core/networkUtilities.h"
 #include "logger.h"
 #include "openvpnprotocol.h"
 #include "utilities.h"
@@ -127,7 +128,6 @@ void OpenVpnProtocol::sendManagementCommand(const QString &command)
 uint OpenVpnProtocol::selectMgmtPort()
 {
    for (int i = 0; i < 100; ++i) {
        quint32 port = QRandomGenerator::global()->generate();
        port = (double)(65000 - 15001) * port / UINT32_MAX + 15001;
@@ -137,7 +137,6 @@ uint OpenVpnProtocol::selectMgmtPort()
        if (ok)
            return port;
    }
    return m_managementPort;
 }
@@ -343,7 +342,8 @@ void OpenVpnProtocol::updateVpnGateway(const QString &line)
                            }
                            m_configData.insert("vpnAdapterIndex", netInterfaces.at(i).index());
                            m_configData.insert("vpnGateway", m_vpnGateway);
-                            m_configData.insert("vpnServer", m_configData.value(amnezia::config_key::hostName).toString());
+                            m_configData.insert("vpnServer",
                                                NetworkUtilities::getIPAddress(m_configData.value(amnezia::config_key::hostName).toString()));
                            IpcClient::Interface()->enablePeerTraffic(m_configData);
                        }
                    }
@@ -352,6 +352,8 @@ void OpenVpnProtocol::updateVpnGateway(const QString &line)
 #if defined(Q_OS_LINUX) || defined(Q_OS_MACOS)
                // killSwitch toggle
                if (QVariant(m_configData.value(config_key::killSwitchOption).toString()).toBool()) {
                    m_configData.insert("vpnServer",
                                        NetworkUtilities::getIPAddress(m_configData.value(amnezia::config_key::hostName).toString()));
                    IpcClient::Interface()->enableKillSwitch(m_configData, 0);
                }
 #endif
@@ -4,9 +4,8 @@
 #include <QTcpSocket>
 #include <QThread>
 #include "logger.h"
 #include "utilities.h"
 #include "wireguardprotocol.h"
 #include "core/networkUtilities.h"
 #include "mozilla/localsocketcontroller.h"
@@ -37,6 +36,12 @@ void WireguardProtocol::stop()
 ErrorCode WireguardProtocol::startMzImpl()
 {
    QString protocolName = m_rawConfig.value("protocol").toString();
    QJsonObject vpnConfigData = m_rawConfig.value(protocolName + "_config_data").toObject();
    vpnConfigData[config_key::hostName] = NetworkUtilities::getIPAddress(vpnConfigData.value(config_key::hostName).toString());
    m_rawConfig.insert(protocolName + "_config_data", vpnConfigData);
    m_rawConfig[config_key::hostName] = NetworkUtilities::getIPAddress(m_rawConfig[config_key::hostName].toString());
    m_impl->activate(m_rawConfig);
    return ErrorCode::NoError;
 }
@@ -17,6 +17,7 @@ XrayProtocol::XrayProtocol(const QJsonObject &configuration, QObject *parent):
    m_routeGateway = NetworkUtilities::getGatewayAndIface();
    m_vpnGateway = amnezia::protocols::xray::defaultLocalAddr;
    m_vpnLocalAddress = amnezia::protocols::xray::defaultLocalAddr;
    m_t2sProcess = IpcClient::InterfaceTun2Socks();
 }
 XrayProtocol::~XrayProtocol()
@@ -43,7 +44,9 @@ ErrorCode XrayProtocol::start()
    m_xrayCfgFile.setAutoRemove(false);
 #endif
    m_xrayCfgFile.open();
-    m_xrayCfgFile.write(QJsonDocument(m_xrayConfig).toJson());
+    QString config = QJsonDocument(m_xrayConfig).toJson();
    config.replace(m_remoteHost, m_remoteAddress);
    m_xrayCfgFile.write(config.toUtf8());
    m_xrayCfgFile.close();
    QStringList args = QStringList() << "-c" << m_xrayCfgFile.fileName() << "-format=json";
@@ -63,7 +66,7 @@ ErrorCode XrayProtocol::start()
    });
    connect(&m_xrayProcess, QOverload<int, QProcess::ExitStatus>::of(&QProcess::finished), this, [this](int exitCode, QProcess::ExitStatus exitStatus) {
-        qDebug().noquote() << "XrayProtocol finished, exitCode, exiStatus" << exitCode << exitStatus;
+        qDebug().noquote() << "XrayProtocol finished, exitCode, exitStatus" << exitCode << exitStatus;
        setConnectionState(Vpn::ConnectionState::Disconnected);
        if (exitStatus != QProcess::NormalExit) {
            emit protocolError(amnezia::ErrorCode::XrayExecutableCrashed);
@@ -89,116 +92,80 @@ ErrorCode XrayProtocol::start()
 ErrorCode XrayProtocol::startTun2Sock()
 {
    if (!QFileInfo::exists(Utils::tun2socksPath())) {
        setLastError(ErrorCode::Tun2SockExecutableMissing);
        return lastError();
    }
    m_t2sProcess = IpcClient::CreatePrivilegedProcess();
    if (!m_t2sProcess) {
        setLastError(ErrorCode::AmneziaServiceConnectionFailed);
        return ErrorCode::AmneziaServiceConnectionFailed;
    }
    m_t2sProcess->waitForSource(1000);
    if (!m_t2sProcess->isInitialized()) {
        qWarning() << "IpcProcess replica is not connected!";
        setLastError(ErrorCode::AmneziaServiceConnectionFailed);
        return ErrorCode::AmneziaServiceConnectionFailed;
    }
    QString XrayConStr = "socks5://127.0.0.1:" + QString::number(m_localPort);
    m_t2sProcess->setProgram(PermittedProcess::Tun2Socks);
 #ifdef Q_OS_WIN
    m_configData.insert("inetAdapterIndex", NetworkUtilities::AdapterIndexTo(QHostAddress(m_remoteAddress)));
    QStringList arguments({"-device", "tun://tun2", "-proxy", XrayConStr, "-tun-post-up",
                           QString("cmd /c netsh interface ip set address name=\"tun2\" static %1 255.255.255.255").arg(amnezia::protocols::xray::defaultLocalAddr)});
 #endif
 #ifdef Q_OS_LINUX
    QStringList arguments({"-device", "tun://tun2", "-proxy", XrayConStr});
 #endif
 #ifdef Q_OS_MAC
    QStringList arguments({"-device", "utun22", "-proxy", XrayConStr});
 #endif
    m_t2sProcess->setArguments(arguments);
    qDebug() << arguments.join(" ");
    connect(m_t2sProcess.data(), &PrivilegedProcess::errorOccurred,
            [&](QProcess::ProcessError error) { qDebug() << "PrivilegedProcess errorOccurred" << error; });
    connect(m_t2sProcess.data(), &PrivilegedProcess::stateChanged,
            [&](QProcess::ProcessState newState) {
                qDebug() << "PrivilegedProcess stateChanged" << newState;
        if (newState == QProcess::Running)
        {
            setConnectionState(Vpn::ConnectionState::Connecting);
            QList<QHostAddress> dnsAddr;
            dnsAddr.push_back(QHostAddress(m_configData.value(config_key::dns1).toString()));
            dnsAddr.push_back(QHostAddress(m_configData.value(config_key::dns2).toString()));
 #ifdef Q_OS_MACOS
            QThread::msleep(5000);
            IpcClient::Interface()->createTun("utun22", amnezia::protocols::xray::defaultLocalAddr);
            IpcClient::Interface()->updateResolvers("utun22", dnsAddr);
 #endif
 #ifdef Q_OS_WINDOWS
            QThread::msleep(15000);
 #endif
 #ifdef Q_OS_LINUX
            QThread::msleep(1000);
            IpcClient::Interface()->createTun("tun2", amnezia::protocols::xray::defaultLocalAddr);
            IpcClient::Interface()->updateResolvers("tun2", dnsAddr);
 #endif
 #if defined(Q_OS_LINUX) || defined(Q_OS_MACOS)
            // killSwitch toggle
            if (QVariant(m_configData.value(config_key::killSwitchOption).toString()).toBool()) {
                IpcClient::Interface()->enableKillSwitch(m_configData, 0);
            }
 #endif
            if (m_routeMode == 0) {
                IpcClient::Interface()->routeAddList(m_vpnGateway, QStringList() << "0.0.0.0/1");
                IpcClient::Interface()->routeAddList(m_vpnGateway, QStringList() << "128.0.0.0/1");
                IpcClient::Interface()->routeAddList(m_routeGateway, QStringList() << m_remoteAddress);
            }
            IpcClient::Interface()->StopRoutingIpv6();
 #ifdef Q_OS_WIN
            IpcClient::Interface()->updateResolvers("tun2", dnsAddr);
            QList<QNetworkInterface> netInterfaces = QNetworkInterface::allInterfaces();
            for (int i = 0; i < netInterfaces.size(); i++) {
                for (int j=0; j < netInterfaces.at(i).addressEntries().size(); j++)
                {
                    // killSwitch toggle
                    if (m_vpnLocalAddress == netInterfaces.at(i).addressEntries().at(j).ip().toString()) {
                        if (QVariant(m_configData.value(config_key::killSwitchOption).toString()).toBool()) {
                            IpcClient::Interface()->enableKillSwitch(QJsonObject(), netInterfaces.at(i).index());
                        }
                        m_configData.insert("vpnAdapterIndex", netInterfaces.at(i).index());
                        m_configData.insert("vpnGateway", m_vpnGateway);
                        m_configData.insert("vpnServer", m_remoteAddress);
                        IpcClient::Interface()->enablePeerTraffic(m_configData);
                    }
                }
            }
 #endif
            setConnectionState(Vpn::ConnectionState::Connected);
        }
    });
 #if !defined(Q_OS_MACOS)
    connect(m_t2sProcess.data(), &PrivilegedProcess::finished, this,
            [&]() {
                setConnectionState(Vpn::ConnectionState::Disconnected);
                IpcClient::Interface()->deleteTun("tun2");
                IpcClient::Interface()->StartRoutingIpv6();
                IpcClient::Interface()->clearSavedRoutes();
    });
 #endif
    m_t2sProcess->start();
 #ifdef Q_OS_WIN
    m_configData.insert("inetAdapterIndex", NetworkUtilities::AdapterIndexTo(QHostAddress(m_remoteAddress)));
 #endif
    connect(m_t2sProcess.data(), &IpcProcessTun2SocksReplica::stateChanged, this,
            [&](QProcess::ProcessState newState) { qDebug() << "PrivilegedProcess stateChanged" << newState; });
    connect(m_t2sProcess.data(), &IpcProcessTun2SocksReplica::setConnectionState, this,
            [&](int vpnState) {
                qDebug() << "PrivilegedProcess setConnectionState " << vpnState;
                if (vpnState == Vpn::ConnectionState::Connected)
                {
                    setConnectionState(Vpn::ConnectionState::Connecting);
                    QList<QHostAddress> dnsAddr;
                    dnsAddr.push_back(QHostAddress(m_configData.value(config_key::dns1).toString()));
                    dnsAddr.push_back(QHostAddress(m_configData.value(config_key::dns2).toString()));
 #ifdef Q_OS_WIN
                    QThread::msleep(8000);
 #endif
 #ifdef Q_OS_MACOS
                    QThread::msleep(5000);
                    IpcClient::Interface()->createTun("utun22", amnezia::protocols::xray::defaultLocalAddr);
                    IpcClient::Interface()->updateResolvers("utun22", dnsAddr);
 #endif
 #ifdef Q_OS_LINUX
                    QThread::msleep(1000);
                    IpcClient::Interface()->createTun("tun2", amnezia::protocols::xray::defaultLocalAddr);
                    IpcClient::Interface()->updateResolvers("tun2", dnsAddr);
 #endif
 #if defined(Q_OS_LINUX) || defined(Q_OS_MACOS)
                    // killSwitch toggle
                    if (QVariant(m_configData.value(config_key::killSwitchOption).toString()).toBool()) {
                        m_configData.insert("vpnServer", m_remoteAddress);
                        IpcClient::Interface()->enableKillSwitch(m_configData, 0);
                    }
 #endif
                    if (m_routeMode == 0) {
                        IpcClient::Interface()->routeAddList(m_vpnGateway, QStringList() << "0.0.0.0/1");
                        IpcClient::Interface()->routeAddList(m_vpnGateway, QStringList() << "128.0.0.0/1");
                        IpcClient::Interface()->routeAddList(m_routeGateway, QStringList() << m_remoteAddress);
                    }
                    IpcClient::Interface()->StopRoutingIpv6();
 #ifdef Q_OS_WIN
                    IpcClient::Interface()->updateResolvers("tun2", dnsAddr);
                    QList<QNetworkInterface> netInterfaces = QNetworkInterface::allInterfaces();
                    for (int i = 0; i < netInterfaces.size(); i++) {
                        for (int j = 0; j < netInterfaces.at(i).addressEntries().size(); j++)
                        {
                            // killSwitch toggle
                            if (m_vpnLocalAddress == netInterfaces.at(i).addressEntries().at(j).ip().toString()) {
                                if (QVariant(m_configData.value(config_key::killSwitchOption).toString()).toBool()) {
                                    IpcClient::Interface()->enableKillSwitch(QJsonObject(), netInterfaces.at(i).index());
                                }
                                m_configData.insert("vpnAdapterIndex", netInterfaces.at(i).index());
                                m_configData.insert("vpnGateway", m_vpnGateway);
                                m_configData.insert("vpnServer", m_remoteAddress);
                                IpcClient::Interface()->enablePeerTraffic(m_configData);
                            }
                        }
                    }
 #endif
                    setConnectionState(Vpn::ConnectionState::Connected);
                }
 #if !defined(Q_OS_MACOS)
                if (vpnState == Vpn::ConnectionState::Disconnected) {
                    setConnectionState(Vpn::ConnectionState::Disconnected);
                    IpcClient::Interface()->deleteTun("tun2");
                    IpcClient::Interface()->StartRoutingIpv6();
                    IpcClient::Interface()->clearSavedRoutes();
                }
 #endif
            });
    return ErrorCode::NoError;
 }
@@ -212,7 +179,7 @@ void XrayProtocol::stop()
    qDebug() << "XrayProtocol::stop()";
    m_xrayProcess.terminate();
    if (m_t2sProcess) {
-        m_t2sProcess->close();
+        m_t2sProcess->stop();
    }
 #ifdef Q_OS_WIN
@@ -238,7 +205,8 @@ void XrayProtocol::readXrayConfiguration(const QJsonObject &configuration)
    }
    m_xrayConfig = xrayConfiguration;
    m_localPort = QString(amnezia::protocols::xray::defaultLocalProxyPort).toInt();
-    m_remoteAddress = configuration.value(amnezia::config_key::hostName).toString();
+    m_remoteHost = configuration.value(amnezia::config_key::hostName).toString();
    m_remoteAddress = NetworkUtilities::getIPAddress(m_remoteHost);
    m_routeMode = configuration.value(amnezia::config_key::splitTunnelType).toInt();
    m_primaryDNS = configuration.value(amnezia::config_key::dns1).toString();
    m_secondaryDNS = configuration.value(amnezia::config_key::dns2).toString();
@@ -26,6 +26,7 @@ private:
    static QString tun2SocksExecPath();
 private:
    int m_localPort;
    QString m_remoteHost;
    QString m_remoteAddress;
    int m_routeMode;
    QJsonObject m_configData;
@@ -33,9 +34,10 @@ private:
    QString m_secondaryDNS;
 #ifndef Q_OS_IOS
    QProcess m_xrayProcess;
-    QSharedPointer<PrivilegedProcess> m_t2sProcess;
+    QSharedPointer<IpcProcessTun2SocksReplica> m_t2sProcess;
 #endif
    QTemporaryFile m_xrayCfgFile;
 };
 #endif // XRAYPROTOCOL_H
@@ -199,6 +199,8 @@
        <file>server_scripts/socks5_proxy/Dockerfile</file>
        <file>server_scripts/socks5_proxy/configure_container.sh</file>
        <file>server_scripts/socks5_proxy/start.sh</file>
        <file>ui/qml/Pages2/PageProtocolAwgClientSettings.qml</file>
        <file>ui/qml/Pages2/PageProtocolWireGuardClientSettings.qml</file>
        <file>ui/qml/Pages2/PageSetupWizardApiServicesList.qml</file>
        <file>ui/qml/Pages2/PageSetupWizardApiServiceInfo.qml</file>
        <file>ui/qml/Controls2/CardWithIconsType.qml</file>
@@ -174,13 +174,25 @@ bool SecureQSettings::restoreAppConfig(const QByteArray &json)
 QByteArray SecureQSettings::encryptText(const QByteArray &value) const
 {
    QSimpleCrypto::QBlockCipher cipher;
-    return cipher.encryptAesBlockCipher(value, getEncKey(), getEncIv());
+    QByteArray result;
    try {
        result = cipher.encryptAesBlockCipher(value, getEncKey(), getEncIv());
    } catch (...) { // todo change error handling in QSimpleCrypto?
        qCritical() << "error when encrypting the settings value";
    }
    return result;
 }
 QByteArray SecureQSettings::decryptText(const QByteArray &ba) const
 {
    QSimpleCrypto::QBlockCipher cipher;
-    return cipher.decryptAesBlockCipher(ba, getEncKey(), getEncIv());
+    QByteArray result;
    try {
        result = cipher.decryptAesBlockCipher(ba, getEncKey(), getEncIv());
    } catch (...) { // todo change error handling in QSimpleCrypto?
        qCritical() << "error when decrypting the settings value";
    }
    return result;
 }
 bool SecureQSettings::encryptionRequired() const
@@ -13,5 +13,5 @@ sudo docker network connect amnezia-dns-net $CONTAINER_NAME
 sudo docker exec -i $CONTAINER_NAME bash -c 'mkdir -p /dev/net; if [ ! -c /dev/net/tun ]; then mknod /dev/net/tun c 10 200; fi'
 # Prevent to route packets outside of the container in case if server behind of the NAT
-sudo docker exec -i $CONTAINER_NAME sh -c "ifconfig eth0:0 $SERVER_IP_ADDRESS netmask 255.255.255.255 up"
+#sudo docker exec -i $CONTAINER_NAME sh -c "ifconfig eth0:0 $SERVER_IP_ADDRESS netmask 255.255.255.255 up"
@@ -3,7 +3,7 @@
 # This scripts copied from Amnezia client to Docker container to /opt/amnezia and launched every time container starts
 echo "Container startup"
-ifconfig eth0:0 $SERVER_IP_ADDRESS netmask 255.255.255.255 up
+#ifconfig eth0:0 $SERVER_IP_ADDRESS netmask 255.255.255.255 up
 iptables -A INPUT -i lo -j ACCEPT
 iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
@@ -227,7 +227,7 @@ void Settings::setSaveLogs(bool enabled)
    if (!isSaveLogs()) {
        Logger::deInit();
    } else {
-        if (!Logger::init()) {
+        if (!Logger::init(false)) {
            qWarning() << "Initialization of debug subsystem failed";
        }
    }
@@ -519,7 +519,22 @@ void Settings::setGatewayEndpoint(const QString &endpoint)
    m_gatewayEndpoint = endpoint;
 }
 void Settings::setDevGatewayEndpoint()
 {
    m_gatewayEndpoint = DEV_AGW_ENDPOINT;
 }
 QString Settings::getGatewayEndpoint()
 {
    return m_gatewayEndpoint;
 }
 bool Settings::isDevGatewayEnv()
 {
    return m_isDevGatewayEnv;
 }
 void Settings::toggleDevGatewayEnv(bool enabled)
 {
    m_isDevGatewayEnv = enabled;
 }
@@ -183,7 +183,7 @@ public:
    bool isScreenshotsEnabled() const
    {
-        return value("Conf/screenshotsEnabled", false).toBool();
+        return value("Conf/screenshotsEnabled", true).toBool();
    }
    void setScreenshotsEnabled(bool enabled)
    {
@@ -217,7 +217,10 @@ public:
    void resetGatewayEndpoint();
    void setGatewayEndpoint(const QString &endpoint);
    void setDevGatewayEndpoint();
    QString getGatewayEndpoint();
    bool isDevGatewayEnv();
    void toggleDevGatewayEnv(bool enabled);
 signals:
    void saveLogsChanged(bool enabled);
@@ -234,6 +237,7 @@ private:
    mutable SecureQSettings m_settings;
    QString m_gatewayEndpoint;
    bool m_isDevGatewayEnv;
 };
 #endif // SETTINGS_H
@@ -10,9 +10,6 @@
 #include "core/controllers/vpnConfigurationController.h"
 #include "systemController.h"
 #ifdef Q_OS_ANDROID
    #include "platforms/android/android_utils.h"
 #endif
 #include "qrcodegen.hpp"
 ExportController::ExportController(const QSharedPointer<ServersModel> &serversModel, const QSharedPointer<ContainersModel> &containersModel,
@@ -24,12 +21,6 @@ ExportController::ExportController(const QSharedPointer<ServersModel> &serversMo
      m_clientManagementModel(clientManagementModel),
      m_settings(settings)
 {
 #ifdef Q_OS_ANDROID
    m_authResultNotifier.reset(new AuthResultNotifier);
    m_authResultReceiver.reset(new AuthResultReceiver(m_authResultNotifier));
    connect(m_authResultNotifier.get(), &AuthResultNotifier::authFailed, this, [this]() { emit exportErrorOccurred(tr("Access error!")); });
    connect(m_authResultNotifier.get(), &AuthResultNotifier::authSuccessful, this, &ExportController::generateFullAccessConfig);
 #endif
 }
 void ExportController::generateFullAccessConfig()
@@ -63,26 +54,6 @@ void ExportController::generateFullAccessConfig()
    emit exportConfigChanged();
 }
 #if defined(Q_OS_ANDROID)
 void ExportController::generateFullAccessConfigAndroid()
 {
    /* We use builtin keyguard for ssh key export protection on Android */
    QJniObject activity = AndroidUtils::getActivity();
    auto appContext = activity.callObjectMethod("getApplicationContext", "()Landroid/content/Context;");
    if (appContext.isValid()) {
        auto intent = QJniObject::callStaticObjectMethod("org/amnezia/vpn/AuthHelper", "getAuthIntent",
                                                         "(Landroid/content/Context;)Landroid/content/Intent;", appContext.object());
        if (intent.isValid()) {
            if (intent.object<jobject>() != nullptr) {
                QtAndroidPrivate::startActivity(intent.object<jobject>(), 1, m_authResultReceiver.get());
            }
        } else {
            generateFullAccessConfig();
        }
    }
 }
 #endif
 void ExportController::generateConnectionConfig(const QString &clientName)
 {
    clearPreviousConfig();
@@ -6,9 +6,6 @@
 #include "ui/models/clientManagementModel.h"
 #include "ui/models/containers_model.h"
 #include "ui/models/servers_model.h"
 #ifdef Q_OS_ANDROID
    #include "platforms/android/authResultReceiver.h"
 #endif
 class ExportController : public QObject
 {
@@ -25,9 +22,6 @@ public:
 public slots:
    void generateFullAccessConfig();
 #if defined(Q_OS_ANDROID)
    void generateFullAccessConfigAndroid();
 #endif
    void generateConnectionConfig(const QString &clientName);
    void generateOpenVpnConfig(const QString &clientName);
    void generateWireGuardConfig(const QString &clientName);
@@ -74,11 +68,6 @@ private:
    QString m_config;
    QString m_nativeConfigString;
    QList<QString> m_qrCodes;
 #ifdef Q_OS_ANDROID
    QSharedPointer<AuthResultNotifier> m_authResultNotifier;
    QSharedPointer<QAndroidActivityResultReceiver> m_authResultReceiver;
 #endif
 };
 #endif // EXPORTCONTROLLER_H
@@ -4,12 +4,12 @@
 #include <QFileInfo>
 #include <QQuickItem>
 #include <QRandomGenerator>
 #include <QUrlQuery>
 #include <QStandardPaths>
 #include <QUrlQuery>
 #include "utilities.h"
 #include "core/serialization/serialization.h"
 #include "core/errorstrings.h"
 #include "core/serialization/serialization.h"
 #include "utilities.h"
 #ifdef Q_OS_ANDROID
    #include "platforms/android/android_controller.h"
@@ -96,36 +96,40 @@ bool ImportController::extractConfigFromData(QString data)
    if (config.startsWith("vless://")) {
        m_configType = ConfigTypes::Xray;
-        m_config = extractXrayConfig(Utils::JsonToString(serialization::vless::Deserialize(config, &prefix, &errormsg),
+        m_config = extractXrayConfig(
-                                                         QJsonDocument::JsonFormat::Compact), prefix);
+                Utils::JsonToString(serialization::vless::Deserialize(config, &prefix, &errormsg), QJsonDocument::JsonFormat::Compact),
                prefix);
        return m_config.empty() ? false : true;
    }
    if (config.startsWith("vmess://") && config.contains("@")) {
        m_configType = ConfigTypes::Xray;
-        m_config = extractXrayConfig(Utils::JsonToString(serialization::vmess_new::Deserialize(config, &prefix, &errormsg),
+        m_config = extractXrayConfig(
-                                                         QJsonDocument::JsonFormat::Compact), prefix);
+                Utils::JsonToString(serialization::vmess_new::Deserialize(config, &prefix, &errormsg), QJsonDocument::JsonFormat::Compact),
                prefix);
        return m_config.empty() ? false : true;
    }
    if (config.startsWith("vmess://")) {
        m_configType = ConfigTypes::Xray;
-        m_config = extractXrayConfig(Utils::JsonToString(serialization::vmess::Deserialize(config, &prefix, &errormsg),
+        m_config = extractXrayConfig(
-                                                         QJsonDocument::JsonFormat::Compact), prefix);
+                Utils::JsonToString(serialization::vmess::Deserialize(config, &prefix, &errormsg), QJsonDocument::JsonFormat::Compact),
                prefix);
        return m_config.empty() ? false : true;
    }
    if (config.startsWith("trojan://")) {
        m_configType = ConfigTypes::Xray;
-        m_config = extractXrayConfig(Utils::JsonToString(serialization::trojan::Deserialize(config, &prefix, &errormsg),
+        m_config = extractXrayConfig(
-                                                         QJsonDocument::JsonFormat::Compact), prefix);
+                Utils::JsonToString(serialization::trojan::Deserialize(config, &prefix, &errormsg), QJsonDocument::JsonFormat::Compact),
                prefix);
        return m_config.empty() ? false : true;
    }
    if (config.startsWith("ss://") && !config.contains("plugin=")) {
        m_configType = ConfigTypes::ShadowSocks;
-        m_config = extractXrayConfig(Utils::JsonToString(serialization::ss::Deserialize(config, &prefix, &errormsg),
+        m_config = extractXrayConfig(
-                                                         QJsonDocument::JsonFormat::Compact), prefix);
+                Utils::JsonToString(serialization::ss::Deserialize(config, &prefix, &errormsg), QJsonDocument::JsonFormat::Compact), prefix);
        return m_config.empty() ? false : true;
    }
@@ -173,6 +177,7 @@ bool ImportController::extractConfigFromData(QString data)
    }
    case ConfigTypes::Amnezia: {
        m_config = QJsonDocument::fromJson(config.toUtf8()).object();
        processAmneziaConfig(m_config);
        if (!m_config.empty()) {
            checkForMaliciousStrings(m_config);
            return true;
@@ -353,20 +358,19 @@ QJsonObject ImportController::extractWireGuardConfig(const QString &data)
    QJsonObject lastConfig;
    lastConfig[config_key::config] = data;
-    const static QRegularExpression hostNameAndPortRegExp("Endpoint = (.*):([0-9]*)");
+    auto url { QUrl::fromUserInput(configMap.value("Endpoint")) };
    QRegularExpressionMatch hostNameAndPortMatch = hostNameAndPortRegExp.match(data);
    QString hostName;
    QString port;
-    if (hostNameAndPortMatch.hasCaptured(1)) {
+    if (!url.host().isEmpty()) {
-        hostName = hostNameAndPortMatch.captured(1);
+        hostName = url.host();
    } else {
-        qDebug() << "Key parameter 'Endpoint' is missing";
+        qDebug() << "Key parameter 'Endpoint' is missing or has an invalid format";
        emit importErrorOccurred(ErrorCode::ImportInvalidConfigError, false);
        return QJsonObject();
    }
-    if (hostNameAndPortMatch.hasCaptured(2)) {
+    if (url.port() != -1) {
-        port = hostNameAndPortMatch.captured(2);
+        port = QString::number(url.port());
    } else {
        port = protocols::wireguard::defaultPort;
    }
@@ -395,7 +399,11 @@ QJsonObject ImportController::extractWireGuardConfig(const QString &data)
        lastConfig[config_key::mtu] = configMap.value("MTU");
    }
-    QJsonArray allowedIpsJsonArray = QJsonArray::fromStringList(configMap.value("AllowedIPs").split(","));
+    if (!configMap.value("PersistentKeepalive").isEmpty()) {
        lastConfig[config_key::persistent_keep_alive] = configMap.value("PersistentKeepalive");
    }
    QJsonArray allowedIpsJsonArray = QJsonArray::fromStringList(configMap.value("AllowedIPs").split(", "));
    lastConfig[config_key::allowed_ips] = allowedIpsJsonArray;
@@ -419,6 +427,12 @@ QJsonObject ImportController::extractWireGuardConfig(const QString &data)
        m_configType = ConfigTypes::Awg;
    }
    if (!configMap.value("MTU").isEmpty()) {
        lastConfig[config_key::mtu] = configMap.value("MTU");
    } else {
        lastConfig[config_key::mtu] = protocolName == "awg" ? protocols::awg::defaultMtu : protocols::wireguard::defaultMtu;
    }
    QJsonObject wireguardConfig;
    wireguardConfig[config_key::last_config] = QString(QJsonDocument(lastConfig).toJson());
    wireguardConfig[config_key::isThirdPartyConfig] = true;
@@ -488,7 +502,7 @@ QJsonObject ImportController::extractXrayConfig(const QString &data, const QStri
    if (m_configType == ConfigTypes::ShadowSocks) {
        config[config_key::defaultContainer] = "amnezia-ssxray";
    } else {
-       config[config_key::defaultContainer] = "amnezia-xray";
+        config[config_key::defaultContainer] = "amnezia-xray";
    }
    if (description.isEmpty()) {
        config[config_key::description] = m_settings->nextAvailableServerName();
@@ -646,3 +660,28 @@ void ImportController::checkForMaliciousStrings(const QJsonObject &serverConfig)
        }
    }
 }
 void ImportController::processAmneziaConfig(QJsonObject &config)
 {
    auto containers = config.value(config_key::containers).toArray();
    for (auto i = 0; i < containers.size(); i++) {
        auto container = containers.at(i).toObject();
        auto dockerContainer = ContainerProps::containerFromString(container.value(config_key::container).toString());
        if (dockerContainer == DockerContainer::Awg || dockerContainer == DockerContainer::WireGuard) {
            auto containerConfig = container.value(ContainerProps::containerTypeToString(dockerContainer)).toObject();
            auto protocolConfig = containerConfig.value(config_key::last_config).toString();
            if (protocolConfig.isEmpty()) {
                return;
            }
            QJsonObject jsonConfig = QJsonDocument::fromJson(protocolConfig.toUtf8()).object();
            jsonConfig[config_key::mtu] = dockerContainer == DockerContainer::Awg ? protocols::awg::defaultMtu : protocols::wireguard::defaultMtu;
            containerConfig[config_key::last_config] = QString(QJsonDocument(jsonConfig).toJson());
            container[ContainerProps::containerTypeToString(dockerContainer)] = containerConfig;
            containers.replace(i, container);
            config.insert(config_key::containers, containers);
        }
    }
 }
@@ -68,6 +68,8 @@ private:
    void checkForMaliciousStrings(const QJsonObject &protocolConfig);
    void processAmneziaConfig(QJsonObject &config);
 #if defined Q_OS_ANDROID || defined Q_OS_IOS
    void stopDecodingQr();
 #endif
@@ -799,7 +799,7 @@ void InstallController::addEmptyServer()
 bool InstallController::fillAvailableServices()
 {
-    ApiController apiController(m_settings->getGatewayEndpoint());
+    ApiController apiController(m_settings->getGatewayEndpoint(), m_settings->isDevGatewayEnv());
    QByteArray responseBody;
    ErrorCode errorCode = apiController.getServicesList(responseBody);
@@ -821,7 +821,7 @@ bool InstallController::installServiceFromApi()
        return false;
    }
-    ApiController apiController(m_settings->getGatewayEndpoint());
+    ApiController apiController(m_settings->getGatewayEndpoint(), m_settings->isDevGatewayEnv());
    QJsonObject serverConfig;
    ErrorCode errorCode = apiController.getConfigForService(m_settings->getInstallationUuid(true), m_apiServicesModel->getCountryCode(),
@@ -849,7 +849,7 @@ bool InstallController::installServiceFromApi()
 bool InstallController::updateServiceFromApi(const int serverIndex, const QString &newCountryCode, const QString &newCountryName,
                                             bool reloadServiceConfig)
 {
-    ApiController apiController(m_settings->getGatewayEndpoint());
+    ApiController apiController(m_settings->getGatewayEndpoint(), m_settings->isDevGatewayEnv());
    auto serverConfig = m_serversModel->getServerConfig(serverIndex);
    auto apiConfig = serverConfig.value(configKey::apiConfig).toObject();
@@ -885,7 +885,7 @@ bool InstallController::updateServiceFromApi(const int serverIndex, const QStrin
 void InstallController::updateServiceFromTelegram(const int serverIndex)
 {
-    ApiController *apiController = new ApiController(m_settings->getGatewayEndpoint());
+    ApiController *apiController = new ApiController(m_settings->getGatewayEndpoint(), m_settings->isDevGatewayEnv());
    auto serverConfig = m_serversModel->getServerConfig(serverIndex);
@@ -10,8 +10,6 @@
 #ifdef Q_OS_ANDROID
    #include "platforms/android/android_controller.h"
    #include "platforms/android/android_utils.h"
    #include <QJniObject>
 #endif
 #if defined Q_OS_MAC
    #include "ui/macos_util.h"
@@ -22,18 +20,8 @@ PageController::PageController(const QSharedPointer<ServersModel> &serversModel,
    : QObject(parent), m_serversModel(serversModel), m_settings(settings)
 {
 #ifdef Q_OS_ANDROID
    // Change color of navigation and status bar's
    auto initialPageNavigationBarColor = getInitialPageNavigationBarColor();
-    AndroidUtils::runOnAndroidThreadSync([&initialPageNavigationBarColor]() {
+    AndroidController::instance()->setNavigationBarColor(initialPageNavigationBarColor);
        QJniObject activity = AndroidUtils::getActivity();
        QJniObject window = activity.callObjectMethod("getWindow", "()Landroid/view/Window;");
        if (window.isValid()) {
            window.callMethod<void>("addFlags", "(I)V", 0x80000000);
            window.callMethod<void>("clearFlags", "(I)V", 0x04000000);
            window.callMethod<void>("setStatusBarColor", "(I)V", 0xFF0E0E11);
            window.callMethod<void>("setNavigationBarColor", "(I)V", initialPageNavigationBarColor);
        }
    });
 #endif
 #if defined Q_OS_MACX
@@ -115,14 +103,7 @@ unsigned int PageController::getInitialPageNavigationBarColor()
 void PageController::updateNavigationBarColor(const int color)
 {
 #ifdef Q_OS_ANDROID
-    // Change color of navigation bar
+    AndroidController::instance()->setNavigationBarColor(color);
    AndroidUtils::runOnAndroidThreadSync([&color]() {
        QJniObject activity = AndroidUtils::getActivity();
        QJniObject window = activity.callObjectMethod("getWindow", "()Landroid/view/Window;");
        if (window.isValid()) {
            window.callMethod<void>("setNavigationBarColor", "(I)V", color);
        }
    });
 #endif
 }
@@ -131,7 +112,7 @@ void PageController::showOnStartup()
    if (!m_settings->isStartMinimized()) {
        emit raiseMainWindow();
    } else {
-#ifdef Q_OS_WIN
+#if defined(Q_OS_WIN) || (defined(Q_OS_LINUX) && !defined(Q_OS_ANDROID))
        emit hideMainWindow();
 #elif defined Q_OS_MACX
        setDockIconVisible(false);
@@ -59,6 +59,9 @@ namespace PageLoader
        PageProtocolIKev2Settings,
        PageProtocolRaw,
        PageProtocolWireGuardClientSettings,
        PageProtocolAwgClientSettings,
        PageShareFullAccess,
        PageDevMenu
@@ -88,7 +88,12 @@ void SettingsController::toggleLogging(bool enable)
 void SettingsController::openLogsFolder()
 {
-    Logger::openLogsFolder();
+    Logger::openLogsFolder(false);
 }
 void SettingsController::openServiceLogsFolder()
 {
    Logger::openLogsFolder(true);
 }
 void SettingsController::exportLogsFile(const QString &fileName)
@@ -100,12 +105,21 @@ void SettingsController::exportLogsFile(const QString &fileName)
 #endif
 }
 void SettingsController::exportServiceLogsFile(const QString &fileName)
 {
 #ifdef Q_OS_ANDROID
    AndroidController::instance()->exportLogsFile(fileName);
 #else
    SystemController::saveFile(fileName, Logger::getServiceLogFile());
 #endif
 }
 void SettingsController::clearLogs()
 {
 #ifdef Q_OS_ANDROID
    AndroidController::instance()->clearLogs();
 #else
-    Logger::clearLogs();
+    Logger::clearLogs(false);
    Logger::clearServiceLogs();
 #endif
 }
@@ -283,5 +297,31 @@ void SettingsController::setGatewayEndpoint(const QString &endpoint)
 QString SettingsController::getGatewayEndpoint()
 {
-    return m_settings->getGatewayEndpoint();
+    return m_settings->isDevGatewayEnv() ? "Dev endpoint" : m_settings->getGatewayEndpoint();
 }
 bool SettingsController::isDevGatewayEnv()
 {
    return m_settings->isDevGatewayEnv();
 }
 void SettingsController::toggleDevGatewayEnv(bool enabled)
 {
    m_settings->toggleDevGatewayEnv(enabled);
    if (enabled) {
        m_settings->setDevGatewayEndpoint();
    } else {
        m_settings->resetGatewayEndpoint();
    }
    emit gatewayEndpointChanged(m_settings->getGatewayEndpoint());
    emit devGatewayEnvChanged(enabled);
 }
 bool SettingsController::isOnTv()
 {
 #ifdef Q_OS_ANDROID
    return AndroidController::instance()->isOnTv();
 #else
    return false;
 #endif
 }
@@ -27,6 +27,7 @@ public:
    Q_PROPERTY(bool isDevModeEnabled READ isDevModeEnabled NOTIFY devModeEnabled)
    Q_PROPERTY(QString gatewayEndpoint READ getGatewayEndpoint WRITE setGatewayEndpoint NOTIFY gatewayEndpointChanged)
    Q_PROPERTY(bool isDevGatewayEnv READ isDevGatewayEnv WRITE toggleDevGatewayEnv NOTIFY devGatewayEnvChanged)
 public slots:
    void toggleAmneziaDns(bool enable);
@@ -42,7 +43,9 @@ public slots:
    void toggleLogging(bool enable);
    void openLogsFolder();
    void openServiceLogsFolder();
    void exportLogsFile(const QString &fileName);
    void exportServiceLogsFile(const QString &fileName);
    void clearLogs();
    void backupAppConfig(const QString &fileName);
@@ -81,6 +84,10 @@ public slots:
    void resetGatewayEndpoint();
    void setGatewayEndpoint(const QString &endpoint);
    QString getGatewayEndpoint();
    bool isDevGatewayEnv();
    void toggleDevGatewayEnv(bool enabled);
    bool isOnTv();
 signals:
    void primaryDnsChanged();
@@ -103,6 +110,7 @@ signals:
    void devModeEnabled();
    void gatewayEndpointChanged(const QString &endpoint);
    void devGatewayEnvChanged(bool enabled);
 private:
    QSharedPointer<ServersModel> m_serversModel;
@@ -125,3 +125,12 @@ void SystemController::setQmlRoot(QObject *qmlRoot)
 {
    m_qmlRoot = qmlRoot;
 }
 bool SystemController::isAuthenticated()
 {
 #ifdef Q_OS_ANDROID
    return AndroidController::instance()->requestAuthentication();
 #else
    return true;
 #endif
 }
@@ -19,6 +19,7 @@ public slots:
    void setQmlRoot(QObject *qmlRoot);
    bool isAuthenticated();
 signals:
    void fileDialogClosed(const bool isAccepted);
@@ -25,6 +25,8 @@ namespace
        constexpr char availableCountries[] = "available_countries";
        constexpr char storeEndpoint[] = "store_endpoint";
        constexpr char isAvailable[] = "is_available";
    }
    namespace serviceType
@@ -63,8 +65,12 @@ QVariant ApiServicesModel::data(const QModelIndex &index, int role) const
            return tr("Classic VPN for comfortable work, downloading large files and watching videos. "
                      "Works for any sites. Speed up to %1 MBit/s")
                    .arg(speed);
-        } else {
+        } else if (serviceType == serviceType::amneziaFree){
-            return tr("VPN to access blocked sites in regions with high levels of Internet censorship. ");
+            QString description = tr("VPN to access blocked sites in regions with high levels of Internet censorship. ");
            if (service.value(configKey::isAvailable).isBool() && !service.value(configKey::isAvailable).toBool()) {
                description += tr("<p><a style=\"color: #EB5757;\">Not available in your region. If you have VPN enabled, disable it, return to the previous screen, and try again.</a>");
            }
            return description;
        }
    }
    case ServiceDescriptionRole: {
@@ -75,6 +81,14 @@ QVariant ApiServicesModel::data(const QModelIndex &index, int role) const
            return tr("Amnezia Free is a free VPN to bypass blocking in countries with high levels of internet censorship");
        }
    }
    case IsServiceAvailableRole: {
        if (serviceType == serviceType::amneziaFree) {
            if (service.value(configKey::isAvailable).isBool() && !service.value(configKey::isAvailable).toBool()) {
                return false;
            }
        }
        return true;
    }
    case SpeedRole: {
        auto speed = serviceInfo.value(configKey::speed).toString();
        return tr("%1 MBit/s").arg(speed);
@@ -193,6 +207,7 @@ QHash<int, QByteArray> ApiServicesModel::roleNames() const
    roles[NameRole] = "name";
    roles[CardDescriptionRole] = "cardDescription";
    roles[ServiceDescriptionRole] = "serviceDescription";
    roles[IsServiceAvailableRole] = "isServiceAvailable";
    roles[SpeedRole] = "speed";
    roles[WorkPeriodRole] = "workPeriod";
    roles[RegionRole] = "region";
@@ -13,6 +13,7 @@ public:
        NameRole = Qt::UserRole + 1,
        CardDescriptionRole,
        ServiceDescriptionRole,
        IsServiceAvailableRole,
        SpeedRole,
        WorkPeriodRole,
        RegionRole,
@@ -20,6 +20,7 @@ namespace
        constexpr char latestHandshake[] = "latestHandshake";
        constexpr char dataReceived[] = "dataReceived";
        constexpr char dataSent[] = "dataSent";
        constexpr char allowedIps[] = "allowedIps";
    }
 }
@@ -49,6 +50,7 @@ QVariant ClientManagementModel::data(const QModelIndex &index, int role) const
    case LatestHandshakeRole: return userData.value(configKey::latestHandshake).toString();
    case DataReceivedRole: return userData.value(configKey::dataReceived).toString();
    case DataSentRole: return userData.value(configKey::dataSent).toString();
    case AllowedIpsRole: return userData.value(configKey::allowedIps).toString();
    }
    return QVariant();
@@ -141,6 +143,10 @@ ErrorCode ClientManagementModel::updateModel(const DockerContainer container, co
                        userData[configKey::dataSent] = client.dataSent;
                    }
                    if (!client.allowedIps.isEmpty()) {
                        userData[configKey::allowedIps] = client.allowedIps;
                    }
                    obj[configKey::userData] = userData;
                    m_clientsTable.replace(i, obj);
                    break;
@@ -266,8 +272,9 @@ ErrorCode ClientManagementModel::wgShow(const DockerContainer container, const S
    const auto peerList = parts.filter("peer:");
    const auto latestHandshakeList = parts.filter("latest handshake:");
    const auto transferredDataList = parts.filter("transfer:");
    const auto allowedIpsList = parts.filter("allowed ips:");
-    if (latestHandshakeList.isEmpty() || transferredDataList.isEmpty() || peerList.isEmpty()) {
+    if (allowedIpsList.isEmpty() || latestHandshakeList.isEmpty() || transferredDataList.isEmpty() || peerList.isEmpty()) {
        return error;
    }
@@ -281,19 +288,20 @@ ErrorCode ClientManagementModel::wgShow(const DockerContainer container, const S
        }
    };
-    for (int i = 0; i < peerList.size() && i < transferredDataList.size() && i < latestHandshakeList.size(); ++i) {
+    for (int i = 0; i < peerList.size() && i < transferredDataList.size() && i < latestHandshakeList.size() && i < allowedIpsList.size(); ++i) {
        const auto transferredData = getStrValue(transferredDataList[i]).split(",");
        auto latestHandshake = getStrValue(latestHandshakeList[i]);
        auto serverBytesReceived = transferredData.front().trimmed();
        auto serverBytesSent = transferredData.back().trimmed();
        auto allowedIps = getStrValue(allowedIpsList[i]);
        changeHandshakeFormat(latestHandshake);
        serverBytesReceived.chop(QStringLiteral(" received").length());
        serverBytesSent.chop(QStringLiteral(" sent").length());
-        data.push_back({ getStrValue(peerList[i]), latestHandshake, serverBytesSent, serverBytesReceived });
+        data.push_back({ getStrValue(peerList[i]), latestHandshake, serverBytesSent, serverBytesReceived, allowedIps });
    }
    return error;
@@ -17,7 +17,8 @@ public:
        CreationDateRole,
        LatestHandshakeRole,
        DataReceivedRole,
-        DataSentRole
+        DataSentRole,
        AllowedIpsRole
    };
    struct WgShowData
@@ -26,6 +27,7 @@ public:
        QString latestHandshake;
        QString dataReceived;
        QString dataSent;
        QString allowedIps;
    };
    ClientManagementModel(std::shared_ptr<Settings> settings, QObject *parent = nullptr);
@@ -21,17 +21,30 @@ bool AwgConfigModel::setData(const QModelIndex &index, const QVariant &value, in
    }
    switch (role) {
-    case Roles::PortRole: m_protocolConfig.insert(config_key::port, value.toString()); break;
+    case Roles::PortRole: m_serverProtocolConfig.insert(config_key::port, value.toString()); break;
-    case Roles::MtuRole: m_protocolConfig.insert(config_key::mtu, value.toString()); break;
+
-    case Roles::JunkPacketCountRole: m_protocolConfig.insert(config_key::junkPacketCount, value.toString()); break;
+    case Roles::ClientMtuRole: m_clientProtocolConfig.insert(config_key::mtu, value.toString()); break;
-    case Roles::JunkPacketMinSizeRole: m_protocolConfig.insert(config_key::junkPacketMinSize, value.toString()); break;
+    case Roles::ClientJunkPacketCountRole: m_clientProtocolConfig.insert(config_key::junkPacketCount, value.toString()); break;
-    case Roles::JunkPacketMaxSizeRole: m_protocolConfig.insert(config_key::junkPacketMaxSize, value.toString()); break;
+    case Roles::ClientJunkPacketMinSizeRole: m_clientProtocolConfig.insert(config_key::junkPacketMinSize, value.toString()); break;
-    case Roles::InitPacketJunkSizeRole: m_protocolConfig.insert(config_key::initPacketJunkSize, value.toString()); break;
+    case Roles::ClientJunkPacketMaxSizeRole: m_clientProtocolConfig.insert(config_key::junkPacketMaxSize, value.toString()); break;
-    case Roles::ResponsePacketJunkSizeRole: m_protocolConfig.insert(config_key::responsePacketJunkSize, value.toString()); break;
+
-    case Roles::InitPacketMagicHeaderRole: m_protocolConfig.insert(config_key::initPacketMagicHeader, value.toString()); break;
+    case Roles::ServerJunkPacketCountRole: m_serverProtocolConfig.insert(config_key::junkPacketCount, value.toString()); break;
-    case Roles::ResponsePacketMagicHeaderRole: m_protocolConfig.insert(config_key::responsePacketMagicHeader, value.toString()); break;
+    case Roles::ServerJunkPacketMinSizeRole: m_serverProtocolConfig.insert(config_key::junkPacketMinSize, value.toString()); break;
-    case Roles::UnderloadPacketMagicHeaderRole: m_protocolConfig.insert(config_key::underloadPacketMagicHeader, value.toString()); break;
+    case Roles::ServerJunkPacketMaxSizeRole: m_serverProtocolConfig.insert(config_key::junkPacketMaxSize, value.toString()); break;
-    case Roles::TransportPacketMagicHeaderRole: m_protocolConfig.insert(config_key::transportPacketMagicHeader, value.toString()); break;
+    case Roles::ServerInitPacketJunkSizeRole: m_serverProtocolConfig.insert(config_key::initPacketJunkSize, value.toString()); break;
    case Roles::ServerResponsePacketJunkSizeRole:
        m_serverProtocolConfig.insert(config_key::responsePacketJunkSize, value.toString());
        break;
    case Roles::ServerInitPacketMagicHeaderRole: m_serverProtocolConfig.insert(config_key::initPacketMagicHeader, value.toString()); break;
    case Roles::ServerResponsePacketMagicHeaderRole:
        m_serverProtocolConfig.insert(config_key::responsePacketMagicHeader, value.toString());
        break;
    case Roles::ServerUnderloadPacketMagicHeaderRole:
        m_serverProtocolConfig.insert(config_key::underloadPacketMagicHeader, value.toString());
        break;
    case Roles::ServerTransportPacketMagicHeaderRole:
        m_serverProtocolConfig.insert(config_key::transportPacketMagicHeader, value.toString());
        break;
    }
    emit dataChanged(index, index, QList { role });
@@ -45,17 +58,22 @@ QVariant AwgConfigModel::data(const QModelIndex &index, int role) const
    }
    switch (role) {
-    case Roles::PortRole: return m_protocolConfig.value(config_key::port).toString();
+    case Roles::PortRole: return m_serverProtocolConfig.value(config_key::port).toString();
-    case Roles::MtuRole: return m_protocolConfig.value(config_key::mtu).toString();
+
-    case Roles::JunkPacketCountRole: return m_protocolConfig.value(config_key::junkPacketCount);
+    case Roles::ClientMtuRole: return m_clientProtocolConfig.value(config_key::mtu);
-    case Roles::JunkPacketMinSizeRole: return m_protocolConfig.value(config_key::junkPacketMinSize);
+    case Roles::ClientJunkPacketCountRole: return m_clientProtocolConfig.value(config_key::junkPacketCount);
-    case Roles::JunkPacketMaxSizeRole: return m_protocolConfig.value(config_key::junkPacketMaxSize);
+    case Roles::ClientJunkPacketMinSizeRole: return m_clientProtocolConfig.value(config_key::junkPacketMinSize);
-    case Roles::InitPacketJunkSizeRole: return m_protocolConfig.value(config_key::initPacketJunkSize);
+    case Roles::ClientJunkPacketMaxSizeRole: return m_clientProtocolConfig.value(config_key::junkPacketMaxSize);
-    case Roles::ResponsePacketJunkSizeRole: return m_protocolConfig.value(config_key::responsePacketJunkSize);
+
-    case Roles::InitPacketMagicHeaderRole: return m_protocolConfig.value(config_key::initPacketMagicHeader);
+    case Roles::ServerJunkPacketCountRole: return m_serverProtocolConfig.value(config_key::junkPacketCount);
-    case Roles::ResponsePacketMagicHeaderRole: return m_protocolConfig.value(config_key::responsePacketMagicHeader);
+    case Roles::ServerJunkPacketMinSizeRole: return m_serverProtocolConfig.value(config_key::junkPacketMinSize);
-    case Roles::UnderloadPacketMagicHeaderRole: return m_protocolConfig.value(config_key::underloadPacketMagicHeader);
+    case Roles::ServerJunkPacketMaxSizeRole: return m_serverProtocolConfig.value(config_key::junkPacketMaxSize);
-    case Roles::TransportPacketMagicHeaderRole: return m_protocolConfig.value(config_key::transportPacketMagicHeader);
+    case Roles::ServerInitPacketJunkSizeRole: return m_serverProtocolConfig.value(config_key::initPacketJunkSize);
    case Roles::ServerResponsePacketJunkSizeRole: return m_serverProtocolConfig.value(config_key::responsePacketJunkSize);
    case Roles::ServerInitPacketMagicHeaderRole: return m_serverProtocolConfig.value(config_key::initPacketMagicHeader);
    case Roles::ServerResponsePacketMagicHeaderRole: return m_serverProtocolConfig.value(config_key::responsePacketMagicHeader);
    case Roles::ServerUnderloadPacketMagicHeaderRole: return m_serverProtocolConfig.value(config_key::underloadPacketMagicHeader);
    case Roles::ServerTransportPacketMagicHeaderRole: return m_serverProtocolConfig.value(config_key::transportPacketMagicHeader);
    }
    return QVariant();
@@ -68,51 +86,63 @@ void AwgConfigModel::updateModel(const QJsonObject &config)
    m_fullConfig = config;
-    QJsonObject protocolConfig = config.value(config_key::awg).toObject();
+    QJsonObject serverProtocolConfig = config.value(config_key::awg).toObject();
    auto defaultTransportProto = ProtocolProps::transportProtoToString(ProtocolProps::defaultTransportProto(Proto::Awg), Proto::Awg);
-    m_protocolConfig.insert(config_key::transport_proto, protocolConfig.value(config_key::transport_proto).toString(defaultTransportProto));
+    m_serverProtocolConfig.insert(config_key::transport_proto,
-    m_protocolConfig[config_key::last_config] = protocolConfig.value(config_key::last_config);
+                                  serverProtocolConfig.value(config_key::transport_proto).toString(defaultTransportProto));
-    m_protocolConfig[config_key::port] = protocolConfig.value(config_key::port).toString(protocols::awg::defaultPort);
+    m_serverProtocolConfig[config_key::last_config] = serverProtocolConfig.value(config_key::last_config);
-    m_protocolConfig[config_key::mtu] = protocolConfig.value(config_key::mtu).toString(protocols::awg::defaultMtu);
+    m_serverProtocolConfig[config_key::port] = serverProtocolConfig.value(config_key::port).toString(protocols::awg::defaultPort);
-    m_protocolConfig[config_key::junkPacketCount] =
+    m_serverProtocolConfig[config_key::junkPacketCount] =
-            protocolConfig.value(config_key::junkPacketCount).toString(protocols::awg::defaultJunkPacketCount);
+            serverProtocolConfig.value(config_key::junkPacketCount).toString(protocols::awg::defaultJunkPacketCount);
-    m_protocolConfig[config_key::junkPacketMinSize] =
+    m_serverProtocolConfig[config_key::junkPacketMinSize] =
-            protocolConfig.value(config_key::junkPacketMinSize).toString(protocols::awg::defaultJunkPacketMinSize);
+            serverProtocolConfig.value(config_key::junkPacketMinSize).toString(protocols::awg::defaultJunkPacketMinSize);
-    m_protocolConfig[config_key::junkPacketMaxSize] =
+    m_serverProtocolConfig[config_key::junkPacketMaxSize] =
-            protocolConfig.value(config_key::junkPacketMaxSize).toString(protocols::awg::defaultJunkPacketMaxSize);
+            serverProtocolConfig.value(config_key::junkPacketMaxSize).toString(protocols::awg::defaultJunkPacketMaxSize);
-    m_protocolConfig[config_key::initPacketJunkSize] =
+    m_serverProtocolConfig[config_key::initPacketJunkSize] =
-            protocolConfig.value(config_key::initPacketJunkSize).toString(protocols::awg::defaultInitPacketJunkSize);
+            serverProtocolConfig.value(config_key::initPacketJunkSize).toString(protocols::awg::defaultInitPacketJunkSize);
-    m_protocolConfig[config_key::responsePacketJunkSize] =
+    m_serverProtocolConfig[config_key::responsePacketJunkSize] =
-            protocolConfig.value(config_key::responsePacketJunkSize).toString(protocols::awg::defaultResponsePacketJunkSize);
+            serverProtocolConfig.value(config_key::responsePacketJunkSize).toString(protocols::awg::defaultResponsePacketJunkSize);
-    m_protocolConfig[config_key::initPacketMagicHeader] =
+    m_serverProtocolConfig[config_key::initPacketMagicHeader] =
-            protocolConfig.value(config_key::initPacketMagicHeader).toString(protocols::awg::defaultInitPacketMagicHeader);
+            serverProtocolConfig.value(config_key::initPacketMagicHeader).toString(protocols::awg::defaultInitPacketMagicHeader);
-    m_protocolConfig[config_key::responsePacketMagicHeader] =
+    m_serverProtocolConfig[config_key::responsePacketMagicHeader] =
-            protocolConfig.value(config_key::responsePacketMagicHeader).toString(protocols::awg::defaultResponsePacketMagicHeader);
+            serverProtocolConfig.value(config_key::responsePacketMagicHeader).toString(protocols::awg::defaultResponsePacketMagicHeader);
-    m_protocolConfig[config_key::underloadPacketMagicHeader] =
+    m_serverProtocolConfig[config_key::underloadPacketMagicHeader] =
-            protocolConfig.value(config_key::underloadPacketMagicHeader).toString(protocols::awg::defaultUnderloadPacketMagicHeader);
+            serverProtocolConfig.value(config_key::underloadPacketMagicHeader).toString(protocols::awg::defaultUnderloadPacketMagicHeader);
-    m_protocolConfig[config_key::transportPacketMagicHeader] =
+    m_serverProtocolConfig[config_key::transportPacketMagicHeader] =
-            protocolConfig.value(config_key::transportPacketMagicHeader).toString(protocols::awg::defaultTransportPacketMagicHeader);
+            serverProtocolConfig.value(config_key::transportPacketMagicHeader).toString(protocols::awg::defaultTransportPacketMagicHeader);
    auto lastConfig = m_serverProtocolConfig.value(config_key::last_config).toString();
    QJsonObject clientProtocolConfig = QJsonDocument::fromJson(lastConfig.toUtf8()).object();
    m_clientProtocolConfig[config_key::mtu] = clientProtocolConfig[config_key::mtu].toString(protocols::awg::defaultMtu);
    m_clientProtocolConfig[config_key::junkPacketCount] =
            clientProtocolConfig.value(config_key::junkPacketCount).toString(m_serverProtocolConfig[config_key::junkPacketCount].toString());
    m_clientProtocolConfig[config_key::junkPacketMinSize] =
            clientProtocolConfig.value(config_key::junkPacketMinSize).toString(m_serverProtocolConfig[config_key::junkPacketMinSize].toString());
    m_clientProtocolConfig[config_key::junkPacketMaxSize] =
            clientProtocolConfig.value(config_key::junkPacketMaxSize).toString(m_serverProtocolConfig[config_key::junkPacketMaxSize].toString());
    endResetModel();
 }
 QJsonObject AwgConfigModel::getConfig()
 {
    const AwgConfig oldConfig(m_fullConfig.value(config_key::awg).toObject());
-    const AwgConfig newConfig(m_protocolConfig);
+    const AwgConfig newConfig(m_serverProtocolConfig);
    if (!oldConfig.hasEqualServerSettings(newConfig)) {
-        m_protocolConfig.remove(config_key::last_config);
+        m_serverProtocolConfig.remove(config_key::last_config);
    } else {
-        auto lastConfig = m_protocolConfig.value(config_key::last_config).toString();
+        auto lastConfig = m_serverProtocolConfig.value(config_key::last_config).toString();
        QJsonObject jsonConfig = QJsonDocument::fromJson(lastConfig.toUtf8()).object();
-        jsonConfig[config_key::mtu] = newConfig.mtu;
+        jsonConfig[config_key::mtu] = m_clientProtocolConfig[config_key::mtu];
        jsonConfig[config_key::junkPacketCount] = m_clientProtocolConfig[config_key::junkPacketCount];
        jsonConfig[config_key::junkPacketMinSize] = m_clientProtocolConfig[config_key::junkPacketMinSize];
        jsonConfig[config_key::junkPacketMaxSize] = m_clientProtocolConfig[config_key::junkPacketMaxSize];
-        m_protocolConfig[config_key::last_config] = QString(QJsonDocument(jsonConfig).toJson());
+        m_serverProtocolConfig[config_key::last_config] = QString(QJsonDocument(jsonConfig).toJson());
    }
-    m_fullConfig.insert(config_key::awg, m_protocolConfig);
+    m_fullConfig.insert(config_key::awg, m_serverProtocolConfig);
    return m_fullConfig;
 }
@@ -126,50 +156,73 @@ bool AwgConfigModel::isPacketSizeEqual(const int s1, const int s2)
    return (AwgConstant::messageInitiationSize + s1 == AwgConstant::messageResponseSize + s2);
 }
 bool AwgConfigModel::isServerSettingsEqual()
 {
    const AwgConfig oldConfig(m_fullConfig.value(config_key::awg).toObject());
    const AwgConfig newConfig(m_serverProtocolConfig);
    return oldConfig.hasEqualServerSettings(newConfig);
 }
 QHash<int, QByteArray> AwgConfigModel::roleNames() const
 {
    QHash<int, QByteArray> roles;
    roles[PortRole] = "port";
-    roles[MtuRole] = "mtu";
+
-    roles[JunkPacketCountRole] = "junkPacketCount";
+    roles[ClientMtuRole] = "clientMtu";
-    roles[JunkPacketMinSizeRole] = "junkPacketMinSize";
+    roles[ClientJunkPacketCountRole] = "clientJunkPacketCount";
-    roles[JunkPacketMaxSizeRole] = "junkPacketMaxSize";
+    roles[ClientJunkPacketMinSizeRole] = "clientJunkPacketMinSize";
-    roles[InitPacketJunkSizeRole] = "initPacketJunkSize";
+    roles[ClientJunkPacketMaxSizeRole] = "clientJunkPacketMaxSize";
-    roles[ResponsePacketJunkSizeRole] = "responsePacketJunkSize";
+
-    roles[InitPacketMagicHeaderRole] = "initPacketMagicHeader";
+    roles[ServerJunkPacketCountRole] = "serverJunkPacketCount";
-    roles[ResponsePacketMagicHeaderRole] = "responsePacketMagicHeader";
+    roles[ServerJunkPacketMinSizeRole] = "serverJunkPacketMinSize";
-    roles[UnderloadPacketMagicHeaderRole] = "underloadPacketMagicHeader";
+    roles[ServerJunkPacketMaxSizeRole] = "serverJunkPacketMaxSize";
-    roles[TransportPacketMagicHeaderRole] = "transportPacketMagicHeader";
+    roles[ServerInitPacketJunkSizeRole] = "serverInitPacketJunkSize";
    roles[ServerResponsePacketJunkSizeRole] = "serverResponsePacketJunkSize";
    roles[ServerInitPacketMagicHeaderRole] = "serverInitPacketMagicHeader";
    roles[ServerResponsePacketMagicHeaderRole] = "serverResponsePacketMagicHeader";
    roles[ServerUnderloadPacketMagicHeaderRole] = "serverUnderloadPacketMagicHeader";
    roles[ServerTransportPacketMagicHeaderRole] = "serverTransportPacketMagicHeader";
    return roles;
 }
-AwgConfig::AwgConfig(const QJsonObject &jsonConfig)
+AwgConfig::AwgConfig(const QJsonObject &serverProtocolConfig)
 {
-    port = jsonConfig.value(config_key::port).toString(protocols::awg::defaultPort);
+    auto lastConfig = serverProtocolConfig.value(config_key::last_config).toString();
-    mtu = jsonConfig.value(config_key::mtu).toString(protocols::awg::defaultMtu);
+    QJsonObject clientProtocolConfig = QJsonDocument::fromJson(lastConfig.toUtf8()).object();
-    junkPacketCount = jsonConfig.value(config_key::junkPacketCount).toString(protocols::awg::defaultJunkPacketCount);
+    clientMtu = clientProtocolConfig[config_key::mtu].toString(protocols::awg::defaultMtu);
-    junkPacketMinSize = jsonConfig.value(config_key::junkPacketMinSize).toString(protocols::awg::defaultJunkPacketMinSize);
+    clientJunkPacketCount = clientProtocolConfig.value(config_key::junkPacketCount).toString(protocols::awg::defaultJunkPacketCount);
-    junkPacketMaxSize = jsonConfig.value(config_key::junkPacketMaxSize).toString(protocols::awg::defaultJunkPacketMaxSize);
+    clientJunkPacketMinSize = clientProtocolConfig.value(config_key::junkPacketMinSize).toString(protocols::awg::defaultJunkPacketMinSize);
-    initPacketJunkSize = jsonConfig.value(config_key::initPacketJunkSize).toString(protocols::awg::defaultInitPacketJunkSize);
+    clientJunkPacketMaxSize = clientProtocolConfig.value(config_key::junkPacketMaxSize).toString(protocols::awg::defaultJunkPacketMaxSize);
-    responsePacketJunkSize = jsonConfig.value(config_key::responsePacketJunkSize).toString(protocols::awg::defaultResponsePacketJunkSize);
+
-    initPacketMagicHeader = jsonConfig.value(config_key::initPacketMagicHeader).toString(protocols::awg::defaultInitPacketMagicHeader);
+    port = serverProtocolConfig.value(config_key::port).toString(protocols::awg::defaultPort);
-    responsePacketMagicHeader =
+    serverJunkPacketCount = serverProtocolConfig.value(config_key::junkPacketCount).toString(protocols::awg::defaultJunkPacketCount);
-            jsonConfig.value(config_key::responsePacketMagicHeader).toString(protocols::awg::defaultResponsePacketMagicHeader);
+    serverJunkPacketMinSize = serverProtocolConfig.value(config_key::junkPacketMinSize).toString(protocols::awg::defaultJunkPacketMinSize);
-    underloadPacketMagicHeader =
+    serverJunkPacketMaxSize = serverProtocolConfig.value(config_key::junkPacketMaxSize).toString(protocols::awg::defaultJunkPacketMaxSize);
-            jsonConfig.value(config_key::underloadPacketMagicHeader).toString(protocols::awg::defaultUnderloadPacketMagicHeader);
+    serverInitPacketJunkSize = serverProtocolConfig.value(config_key::initPacketJunkSize).toString(protocols::awg::defaultInitPacketJunkSize);
-    transportPacketMagicHeader =
+    serverResponsePacketJunkSize =
-            jsonConfig.value(config_key::transportPacketMagicHeader).toString(protocols::awg::defaultTransportPacketMagicHeader);
+            serverProtocolConfig.value(config_key::responsePacketJunkSize).toString(protocols::awg::defaultResponsePacketJunkSize);
    serverInitPacketMagicHeader =
            serverProtocolConfig.value(config_key::initPacketMagicHeader).toString(protocols::awg::defaultInitPacketMagicHeader);
    serverResponsePacketMagicHeader =
            serverProtocolConfig.value(config_key::responsePacketMagicHeader).toString(protocols::awg::defaultResponsePacketMagicHeader);
    serverUnderloadPacketMagicHeader =
            serverProtocolConfig.value(config_key::underloadPacketMagicHeader).toString(protocols::awg::defaultUnderloadPacketMagicHeader);
    serverTransportPacketMagicHeader =
            serverProtocolConfig.value(config_key::transportPacketMagicHeader).toString(protocols::awg::defaultTransportPacketMagicHeader);
 }
 bool AwgConfig::hasEqualServerSettings(const AwgConfig &other) const
 {
-    if (port != other.port || junkPacketCount != other.junkPacketCount || junkPacketMinSize != other.junkPacketMinSize
+    if (port != other.port || serverJunkPacketCount != other.serverJunkPacketCount
-        || junkPacketMaxSize != other.junkPacketMaxSize || initPacketJunkSize != other.initPacketJunkSize
+        || serverJunkPacketMinSize != other.serverJunkPacketMinSize || serverJunkPacketMaxSize != other.serverJunkPacketMaxSize
-        || responsePacketJunkSize != other.responsePacketJunkSize || initPacketMagicHeader != other.initPacketMagicHeader
+        || serverInitPacketJunkSize != other.serverInitPacketJunkSize || serverResponsePacketJunkSize != other.serverResponsePacketJunkSize
-        || responsePacketMagicHeader != other.responsePacketMagicHeader || underloadPacketMagicHeader != other.underloadPacketMagicHeader
+        || serverInitPacketMagicHeader != other.serverInitPacketMagicHeader
-        || transportPacketMagicHeader != other.transportPacketMagicHeader) {
+        || serverResponsePacketMagicHeader != other.serverResponsePacketMagicHeader
        || serverUnderloadPacketMagicHeader != other.serverUnderloadPacketMagicHeader
        || serverTransportPacketMagicHeader != other.serverTransportPacketMagicHeader) {
        return false;
    }
    return true;
@@ -177,7 +230,8 @@ bool AwgConfig::hasEqualServerSettings(const AwgConfig &other) const
 bool AwgConfig::hasEqualClientSettings(const AwgConfig &other) const
 {
-    if (mtu != other.mtu) {
+    if (clientMtu != other.clientMtu || clientJunkPacketCount != other.clientJunkPacketCount
        || clientJunkPacketMinSize != other.clientJunkPacketMinSize || clientJunkPacketMaxSize != other.clientJunkPacketMaxSize) {
        return false;
    }
    return true;
@@ -16,16 +16,21 @@ struct AwgConfig
    AwgConfig(const QJsonObject &jsonConfig);
    QString port;
-    QString mtu;
+
-    QString junkPacketCount;
+    QString clientMtu;
-    QString junkPacketMinSize;
+    QString clientJunkPacketCount;
-    QString junkPacketMaxSize;
+    QString clientJunkPacketMinSize;
-    QString initPacketJunkSize;
+    QString clientJunkPacketMaxSize;
-    QString responsePacketJunkSize;
+
-    QString initPacketMagicHeader;
+    QString serverJunkPacketCount;
-    QString responsePacketMagicHeader;
+    QString serverJunkPacketMinSize;
-    QString underloadPacketMagicHeader;
+    QString serverJunkPacketMaxSize;
-    QString transportPacketMagicHeader;
+    QString serverInitPacketJunkSize;
    QString serverResponsePacketJunkSize;
    QString serverInitPacketMagicHeader;
    QString serverResponsePacketMagicHeader;
    QString serverUnderloadPacketMagicHeader;
    QString serverTransportPacketMagicHeader;
    bool hasEqualServerSettings(const AwgConfig &other) const;
    bool hasEqualClientSettings(const AwgConfig &other) const;
@@ -39,16 +44,21 @@ class AwgConfigModel : public QAbstractListModel
 public:
    enum Roles {
        PortRole = Qt::UserRole + 1,
-        MtuRole,
+
-        JunkPacketCountRole,
+        ClientMtuRole,
-        JunkPacketMinSizeRole,
+        ClientJunkPacketCountRole,
-        JunkPacketMaxSizeRole,
+        ClientJunkPacketMinSizeRole,
-        InitPacketJunkSizeRole,
+        ClientJunkPacketMaxSizeRole,
-        ResponsePacketJunkSizeRole,
+
-        InitPacketMagicHeaderRole,
+        ServerJunkPacketCountRole,
-        ResponsePacketMagicHeaderRole,
+        ServerJunkPacketMinSizeRole,
-        UnderloadPacketMagicHeaderRole,
+        ServerJunkPacketMaxSizeRole,
-        TransportPacketMagicHeaderRole
+        ServerInitPacketJunkSizeRole,
        ServerResponsePacketJunkSizeRole,
        ServerInitPacketMagicHeaderRole,
        ServerResponsePacketMagicHeaderRole,
        ServerUnderloadPacketMagicHeaderRole,
        ServerTransportPacketMagicHeaderRole
    };
    explicit AwgConfigModel(QObject *parent = nullptr);
@@ -65,12 +75,15 @@ public slots:
    bool isHeadersEqual(const QString &h1, const QString &h2, const QString &h3, const QString &h4);
    bool isPacketSizeEqual(const int s1, const int s2);
    bool isServerSettingsEqual();
 protected:
    QHash<int, QByteArray> roleNames() const override;
 private:
    DockerContainer m_container;
-    QJsonObject m_protocolConfig;
+    QJsonObject m_serverProtocolConfig;
    QJsonObject m_clientProtocolConfig;
    QJsonObject m_fullConfig;
 };
@@ -21,8 +21,8 @@ bool WireGuardConfigModel::setData(const QModelIndex &index, const QVariant &val
    }
    switch (role) {
-        case Roles::PortRole: m_protocolConfig.insert(config_key::port, value.toString()); break;
+    case Roles::PortRole: m_serverProtocolConfig.insert(config_key::port, value.toString()); break;
-        case Roles::MtuRole: m_protocolConfig.insert(config_key::mtu, value.toString()); break;
+    case Roles::ClientMtuRole: m_clientProtocolConfig.insert(config_key::mtu, value.toString()); break;
    }
    emit dataChanged(index, index, QList { role });
@@ -36,8 +36,8 @@ QVariant WireGuardConfigModel::data(const QModelIndex &index, int role) const
    }
    switch (role) {
-        case Roles::PortRole: return m_protocolConfig.value(config_key::port).toString();
+    case Roles::PortRole: return m_serverProtocolConfig.value(config_key::port).toString();
-        case Roles::MtuRole: return m_protocolConfig.value(config_key::mtu).toString();
+    case Roles::ClientMtuRole: return m_clientProtocolConfig.value(config_key::mtu);
    }
    return QVariant();
@@ -49,17 +49,18 @@ void WireGuardConfigModel::updateModel(const QJsonObject &config)
    m_container = ContainerProps::containerFromString(config.value(config_key::container).toString());
    m_fullConfig = config;
-    QJsonObject protocolConfig = config.value(config_key::wireguard).toObject();
+    QJsonObject serverProtocolConfig = config.value(config_key::wireguard).toObject();
-    auto defaultTransportProto = ProtocolProps::transportProtoToString(ProtocolProps::defaultTransportProto(Proto::WireGuard), Proto::WireGuard);
+    auto defaultTransportProto =
-    m_protocolConfig.insert(config_key::transport_proto,
+            ProtocolProps::transportProtoToString(ProtocolProps::defaultTransportProto(Proto::WireGuard), Proto::WireGuard);
-                            protocolConfig.value(config_key::transport_proto).toString(defaultTransportProto));
+    m_serverProtocolConfig.insert(config_key::transport_proto,
-    m_protocolConfig[config_key::last_config] = protocolConfig.value(config_key::last_config);
+                                  serverProtocolConfig.value(config_key::transport_proto).toString(defaultTransportProto));
-    m_protocolConfig[config_key::port] =
+    m_serverProtocolConfig[config_key::last_config] = serverProtocolConfig.value(config_key::last_config);
-        protocolConfig.value(config_key::port).toString(protocols::wireguard::defaultPort);
+    m_serverProtocolConfig[config_key::port] = serverProtocolConfig.value(config_key::port).toString(protocols::wireguard::defaultPort);
-    m_protocolConfig[config_key::mtu] =
+    auto lastConfig = m_serverProtocolConfig.value(config_key::last_config).toString();
-        protocolConfig.value(config_key::mtu).toString(protocols::wireguard::defaultMtu);
+    QJsonObject clientProtocolConfig = QJsonDocument::fromJson(lastConfig.toUtf8()).object();
    m_clientProtocolConfig[config_key::mtu] = clientProtocolConfig[config_key::mtu].toString(protocols::wireguard::defaultMtu);
    endResetModel();
 }
@@ -67,36 +68,47 @@ void WireGuardConfigModel::updateModel(const QJsonObject &config)
 QJsonObject WireGuardConfigModel::getConfig()
 {
    const WgConfig oldConfig(m_fullConfig.value(config_key::wireguard).toObject());
-    const WgConfig newConfig(m_protocolConfig);
+    const WgConfig newConfig(m_serverProtocolConfig);
    if (!oldConfig.hasEqualServerSettings(newConfig)) {
-        m_protocolConfig.remove(config_key::last_config);
+        m_serverProtocolConfig.remove(config_key::last_config);
    } else {
-        auto lastConfig = m_protocolConfig.value(config_key::last_config).toString();
+        auto lastConfig = m_serverProtocolConfig.value(config_key::last_config).toString();
        QJsonObject jsonConfig = QJsonDocument::fromJson(lastConfig.toUtf8()).object();
-        jsonConfig[config_key::mtu] = newConfig.mtu;
+        jsonConfig[config_key::mtu] = m_clientProtocolConfig[config_key::mtu];
-        m_protocolConfig[config_key::last_config] = QString(QJsonDocument(jsonConfig).toJson());
+        m_serverProtocolConfig[config_key::last_config] = QString(QJsonDocument(jsonConfig).toJson());
    }
-    m_fullConfig.insert(config_key::wireguard, m_protocolConfig);
+    m_fullConfig.insert(config_key::wireguard, m_serverProtocolConfig);
    return m_fullConfig;
 }
 bool WireGuardConfigModel::isServerSettingsEqual()
 {
    const WgConfig oldConfig(m_fullConfig.value(config_key::wireguard).toObject());
    const WgConfig newConfig(m_serverProtocolConfig);
    return oldConfig.hasEqualServerSettings(newConfig);
 }
 QHash<int, QByteArray> WireGuardConfigModel::roleNames() const
 {
    QHash<int, QByteArray> roles;
    roles[PortRole] = "port";
-    roles[MtuRole] = "mtu";
+    roles[ClientMtuRole] = "clientMtu";
    return roles;
 }
-WgConfig::WgConfig(const QJsonObject &jsonConfig)
+WgConfig::WgConfig(const QJsonObject &serverProtocolConfig)
 {
-    port = jsonConfig.value(config_key::port).toString(protocols::wireguard::defaultPort);
+    auto lastConfig = serverProtocolConfig.value(config_key::last_config).toString();
-    mtu = jsonConfig.value(config_key::mtu).toString(protocols::wireguard::defaultMtu);
+    QJsonObject clientProtocolConfig = QJsonDocument::fromJson(lastConfig.toUtf8()).object();
    clientMtu = clientProtocolConfig[config_key::mtu].toString(protocols::wireguard::defaultMtu);
    port = serverProtocolConfig.value(config_key::port).toString(protocols::wireguard::defaultPort);
 }
 bool WgConfig::hasEqualServerSettings(const WgConfig &other) const
@@ -109,7 +121,7 @@ bool WgConfig::hasEqualServerSettings(const WgConfig &other) const
 bool WgConfig::hasEqualClientSettings(const WgConfig &other) const
 {
-    if (mtu != other.mtu) {
+    if (clientMtu != other.clientMtu) {
        return false;
    }
    return true;
@@ -11,7 +11,7 @@ struct WgConfig
    WgConfig(const QJsonObject &jsonConfig);
    QString port;
-    QString mtu;
+    QString clientMtu;
    bool hasEqualServerSettings(const WgConfig &other) const;
    bool hasEqualClientSettings(const WgConfig &other) const;
@@ -25,7 +25,7 @@ class WireGuardConfigModel : public QAbstractListModel
 public:
    enum Roles {
        PortRole = Qt::UserRole + 1,
-        MtuRole
+        ClientMtuRole
    };
    explicit WireGuardConfigModel(QObject *parent = nullptr);
@@ -39,12 +39,15 @@ public slots:
    void updateModel(const QJsonObject &config);
    QJsonObject getConfig();
    bool isServerSettingsEqual();
 protected:
    QHash<int, QByteArray> roleNames() const override;
 private:
    DockerContainer m_container;
-    QJsonObject m_protocolConfig;
+    QJsonObject m_serverProtocolConfig;
    QJsonObject m_clientProtocolConfig;
    QJsonObject m_fullConfig;
 };
@@ -16,9 +16,11 @@ QHash<int, QByteArray> ProtocolsModel::roleNames() const
    QHash<int, QByteArray> roles;
    roles[ProtocolNameRole] = "protocolName";
-    roles[ProtocolPageRole] = "protocolPage";
+    roles[ServerProtocolPageRole] = "serverProtocolPage";
    roles[ClientProtocolPageRole] = "clientProtocolPage";
    roles[ProtocolIndexRole] = "protocolIndex";
    roles[RawConfigRole] = "rawConfig";
    roles[IsClientProtocolExistsRole] = "isClientProtocolExists";
    return roles;
 }
@@ -34,8 +36,10 @@ QVariant ProtocolsModel::data(const QModelIndex &index, int role) const
        amnezia::Proto proto = ProtocolProps::protoFromString(m_content.keys().at(index.row()));
        return ProtocolProps::protocolHumanNames().value(proto);
    }
-    case ProtocolPageRole:
+    case ServerProtocolPageRole:
-        return static_cast<int>(protocolPage(ProtocolProps::protoFromString(m_content.keys().at(index.row()))));
+        return static_cast<int>(serverProtocolPage(ProtocolProps::protoFromString(m_content.keys().at(index.row()))));
    case ClientProtocolPageRole:
        return static_cast<int>(clientProtocolPage(ProtocolProps::protoFromString(m_content.keys().at(index.row()))));
    case ProtocolIndexRole: return ProtocolProps::protoFromString(m_content.keys().at(index.row()));
    case RawConfigRole: {
        auto protocolConfig = m_content.value(ContainerProps::containerTypeToString(m_container)).toObject();
@@ -50,6 +54,15 @@ QVariant ProtocolsModel::data(const QModelIndex &index, int role) const
        }
        return rawConfig;
    }
    case IsClientProtocolExistsRole: {
        auto protocolConfig = m_content.value(ContainerProps::containerTypeToString(m_container)).toObject();
        auto lastConfigJsonDoc =
                QJsonDocument::fromJson(protocolConfig.value(config_key::last_config).toString().toUtf8());
        auto lastConfigJson = lastConfigJsonDoc.object();
        auto configString = lastConfigJson.value(config_key::config).toString();
        return !configString.isEmpty();
    }
    }
    return QVariant();
@@ -70,7 +83,7 @@ QJsonObject ProtocolsModel::getConfig()
    return config;
 }
-PageLoader::PageEnum ProtocolsModel::protocolPage(Proto protocol) const
+PageLoader::PageEnum ProtocolsModel::serverProtocolPage(Proto protocol) const
 {
    switch (protocol) {
    case Proto::OpenVpn: return PageLoader::PageEnum::PageProtocolOpenVpnSettings;
@@ -90,3 +103,12 @@ PageLoader::PageEnum ProtocolsModel::protocolPage(Proto protocol) const
    default: return PageLoader::PageEnum::PageProtocolOpenVpnSettings;
    }
 }
 PageLoader::PageEnum ProtocolsModel::clientProtocolPage(Proto protocol) const
 {
    switch (protocol) {
    case Proto::WireGuard: return PageLoader::PageEnum::PageProtocolWireGuardClientSettings;
    case Proto::Awg: return PageLoader::PageEnum::PageProtocolAwgClientSettings;
    default: return PageLoader::PageEnum::PageProtocolOpenVpnSettings;
    }
 }
@@ -13,9 +13,11 @@ class ProtocolsModel : public QAbstractListModel
 public:
    enum Roles {
        ProtocolNameRole = Qt::UserRole + 1,
-        ProtocolPageRole,
+        ServerProtocolPageRole,
        ClientProtocolPageRole,
        ProtocolIndexRole,
-        RawConfigRole
+        RawConfigRole,
        IsClientProtocolExistsRole
    };
    ProtocolsModel(std::shared_ptr<Settings> settings, QObject *parent = nullptr);
@@ -33,7 +35,8 @@ protected:
    QHash<int, QByteArray> roleNames() const override;
 private:
-    PageLoader::PageEnum protocolPage(Proto protocol) const;
+    PageLoader::PageEnum serverProtocolPage(Proto protocol) const;
    PageLoader::PageEnum clientProtocolPage(Proto protocol) const;
    std::shared_ptr<Settings> m_settings;
@@ -1,27 +0,0 @@
 #ifndef PROPERTY_HELPER_H
 #define PROPERTY_HELPER_H
 #include <QObject>
 #define AUTO_PROPERTY(TYPE, NAME) \
    Q_PROPERTY(TYPE NAME READ NAME WRITE set_ ## NAME NOTIFY NAME ## Changed ) \
    public: \
       TYPE NAME() const { return m_ ## NAME ; } \
       void set_ ## NAME(TYPE value) { \
          if (m_ ## NAME == value)  return; \
          m_ ## NAME = value; \
          emit NAME ## Changed(value); \
        } \
       Q_SIGNAL void NAME ## Changed(TYPE value);\
    private: \
       TYPE m_ ## NAME{};
 #define READONLY_PROPERTY(TYPE, NAME) \
    Q_PROPERTY(TYPE NAME READ NAME CONSTANT ) \
    public: \
       TYPE NAME() const { return m_ ## NAME ; } \
    private: \
       void NAME(TYPE value) {m_ ## NAME = value; } \
       TYPE m_ ## NAME{};
 #endif // PROPERTY_HELPER_H
@@ -14,6 +14,7 @@ Button {
    property string defaultButtonColor: AmneziaStyle.color.paleGray
    property string progressButtonColor: AmneziaStyle.color.paleGray
    property string connectedButtonColor: AmneziaStyle.color.goldenApricot
    property bool buttonActiveFocus: activeFocus && (Qt.platform.os !== "android" || SettingsController.isOnTv())
    implicitWidth: 190
    implicitHeight: 190
@@ -50,14 +51,14 @@ Button {
                verticalOffset: 0
                radius: 10
                samples: 25
-                color: root.activeFocus ? AmneziaStyle.color.paleGray : AmneziaStyle.color.goldenApricot
+                color: root.buttonActiveFocus ? AmneziaStyle.color.paleGray : AmneziaStyle.color.goldenApricot
                source: backgroundCircle
            }
            ShapePath {
                fillColor: AmneziaStyle.color.transparent
                strokeColor: AmneziaStyle.color.paleGray
-                strokeWidth: root.activeFocus ? 1 : 0
+                strokeWidth: root.buttonActiveFocus ? 1 : 0
                capStyle: ShapePath.RoundCap
                PathAngleArc {
@@ -81,14 +82,14 @@ Button {
                        return defaultButtonColor
                    }
                }
-                strokeWidth: root.activeFocus ? 2 : 3
+                strokeWidth: root.buttonActiveFocus ? 2 : 3
                capStyle: ShapePath.RoundCap
                PathAngleArc {
                    centerX: backgroundCircle.width / 2
                    centerY: backgroundCircle.height / 2
-                    radiusX: 93 - (root.activeFocus ? 2 : 0)
+                    radiusX: 93 - (root.buttonActiveFocus ? 2 : 0)
-                    radiusY: 93 - (root.activeFocus ? 2 : 0)
+                    radiusY: 93 - (root.buttonActiveFocus ? 2 : 0)
                    startAngle: 0
                    sweepAngle: 360
                }
@@ -79,6 +79,7 @@ Button {
                    visible: text !== ""
                    color: AmneziaStyle.color.mutedGray
                    textFormat: Text.RichText
                    Layout.fillWidth: true
                    Layout.rightMargin: 16
@@ -20,7 +20,8 @@ Item {
    property string buttonImageSource
    property string rightImageSource
    property string leftImageSource
-    property bool isLeftImageHoverEnabled: true //todo separete this qml file to 3
+    property bool isLeftImageHoverEnabled: true
    property bool isSmallLeftImage: false
    property alias rightButton: rightImage
    property alias eyeButton: eyeImage
@@ -114,9 +115,9 @@ Item {
            visible: leftImageSource ? true : false
-            Layout.preferredHeight: rightImageSource || !isLeftImageHoverEnabled ? leftImage.implicitHeight : 56
+            Layout.preferredHeight: (rightImageSource || !isLeftImageHoverEnabled || isSmallLeftImage) ? 40 : 56
-            Layout.preferredWidth: rightImageSource || !isLeftImageHoverEnabled ? leftImage.implicitWidth : 56
+            Layout.preferredWidth: (rightImageSource || !isLeftImageHoverEnabled || isSmallLeftImage)? 40 : 56
-            Layout.rightMargin: rightImageSource || !isLeftImageHoverEnabled ? 16 : 0
+            Layout.rightMargin: isSmallLeftImage ? 8 : (rightImageSource || !isLeftImageHoverEnabled) ? 16 : 0
            radius: 12
            color: AmneziaStyle.color.transparent
@@ -102,8 +102,7 @@ Switch {
    contentItem: ColumnLayout {
        id: content
-        anchors.top: parent.top
+        anchors.verticalCenter: parent.verticalCenter
        anchors.bottom: parent.bottom
        anchors.left: parent.left
        ListItemTitleType {
@@ -89,6 +89,21 @@ PageType {
                // KeyNavigation.tab: saveButton
            }
            SwitcherType {
                id: switcher
                Layout.fillWidth: true
                Layout.rightMargin: 16
                Layout.leftMargin: 16
                Layout.topMargin: 16
                text: qsTr("Dev gateway environment")
                checked: SettingsController.isDevGatewayEnv
                onToggled: function() {
                    SettingsController.isDevGatewayEnv = checked
                }
            }
        }
    }
 }
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
pokamest	c681611102	Bump version to 4.8.1.0	2024-09-20 13:08:28 +01:00
pokamest	4fc2a23f49	Merge pull request #1076 from amnezia-vpn/fix/android-protocol-libs Exclude protocol libraries from loading at application startup	2024-09-20 05:06:41 -07:00
pokamest	23f4a6ec8e	Merge pull request #1077 from amnezia-vpn/bugfix/linux-page-home-drawer-size bugfix: fixed drawer size to pageHome on first startup	2024-09-20 04:38:24 -07:00
vladimir.kuznetsov	504862c2b8	bugfix: fixed drawer size to pageHome on first startup	2024-09-20 15:36:20 +04:00
Mykola Baibuz	a22a9448ca	Some XRay improvements (#1075 )	2024-09-20 12:12:22 +01:00
pokamest	862e83ddf5	Merge pull request #1073 from amnezia-vpn/bugfix/awg-wg-persistent-keep-alive-variable-type returned awg/wg persistentKeepAlive variable type to string	2024-09-20 03:08:27 -07:00
albexk	8735eee662	Exclude protocol libraries from loading at application startup	2024-09-19 23:41:37 +03:00
pokamest	ff82cf5dc4	Merge pull request #1074 from amnezia-vpn/fix/gh-ios-build Fix iOS build on GHA	2024-09-19 09:24:32 -07:00
Iurii Egorov	8648790583	Fix iOS build on GHA	2024-09-19 18:47:20 +03:00
vladimir.kuznetsov	b881d92a80	bugfix: returned awg/wg persistentKeepAlive variable type to string	2024-09-19 16:04:36 +04:00
pokamest	7ad7f31e4d	Merge pull request #1072 from amnezia-vpn/fix/android-xray-domain-name Fix domain name resolution for XRay	2024-09-19 13:59:06 +03:00
albexk	138e6f70a4	Fix domain name resolution for XRay	2024-09-19 13:31:59 +03:00
Pokamest Nikak	6f94f4646a	Fix Xray connection timeout for Windows	2024-09-19 11:18:40 +01:00
pokamest	4a01d2cf20	Merge pull request #1070 from amnezia-vpn/bugfix/awg-wg-persistent-keep-alive-variable-type bugfix: fixed awg/wg persistentKeepAlive variable type	2024-09-18 17:13:53 +03:00
vladimir.kuznetsov	8948601caa	bugfix: fixed awg/wg persistentKeepAlive variable type	2024-09-17 15:11:14 +04:00
Vitaly	aa92ccd06d	Small improve on next IP generation / WireGuard, AWG (#1054 ) Small improve on next IP generation	2024-09-17 13:29:01 +07:00
Vitaly	253ae75795	Added list of AllowedIPs for WireGuard/AWG connections on Share -> Users ->ExpandedContent page (#1055 ) Added list of AllowedIPs for WireGuard/AWG connections on Share -> Users ->ExpandedContent page	2024-09-17 13:28:44 +07:00
pokamest	87cb5f620a	Bump version to 4.8.0.4	2024-09-16 22:18:45 +01:00
Nethius	46cd740a84	added domain name resolving before connection for wg/awg and xray protocols (#814 ) added domain name resolving before connection	2024-09-16 22:14:13 +01:00
Pokamest Nikak	76e5039578	Update translations	2024-09-15 11:09:59 +01:00
Pokamest Nikak	c6b131aa4c	Bump version to 4.8.0.1	2024-09-13 18:25:04 +01:00
pokamest	5e72bf945c	Merge pull request #1064 from amnezia-vpn/fix/android-window-hiding Fix window hiding on startup on Android	2024-09-13 18:21:49 +03:00
albexk	eebf7eccec	Fix window hiding on startup on Android	2024-09-13 18:14:25 +03:00
pokamest	168c293bfe	Merge pull request #979 from amnezia-vpn/feature/update-tap Update TAP-Windows driver	2024-09-13 15:00:31 +03:00
Nethius	aae3cdcac1	added saving allowed_ips to the array of strings for old configs (#926 ) * added saving allowed_ips to the array of strings for old configs * Remove config string processing, add getting all AWG, WG parameters from JSON * fixed checking of default routes when adding split tunneling from the application * added check when processing siteBasedSplitTunneling	2024-09-13 10:53:21 +01:00
Nethius	96566f04ee	feature/mtu connection config (#833 ) * added the ability to change mtu for connection-only configs * added replacing MTU with default when importing awg/wg configs in amnezia	2024-09-13 09:38:48 +01:00
pokamest	fff15fffe2	Bug fix for iOS	2024-09-11 09:51:07 -07:00
pokamest	4e5a03e7f1	Merge pull request #1059 from amnezia-vpn/chore/dev-key	2024-09-10 21:38:45 +03:00
vladimir.kuznetsov	7571bbc36e	chore: added dev key to deploy workflow - added m_isDevEnvironment initialization	2024-09-10 22:03:10 +04:00
pokamest	db4a1a62e5	Merge pull request #1058 from amnezia-vpn/version-bump	2024-09-09 22:17:47 +03:00
albexk	581773ce03	Bump version to 4.8.0.0	2024-09-09 22:11:18 +03:00
albexk	46058f614e	Add connection checking for WG/AWG via logs (#1056 )	2024-09-09 22:08:06 +03:00
Nethius	9cab51fb00	added open service logs to logs page (#951 ) * added open service logs to logs page * redesign of log saving buttons * hide service logs buttons for mobile platforms * refactoring: moved logger to common folder * feature: added the ability to enable logs to the start screen	2024-09-09 17:53:44 +01:00
Nethius	918be16372	feature: added isAvailable flag support (#1032 ) * feature: added isAvailable flag support * added the option to switch to dev env	2024-09-09 13:27:29 +01:00
albexk	175477d31f	Android qt 6.7 (#1024 ) * Up Gradle to 8.10 * Update Android dependencies * Up Qt to 6.7.2 * Up qtkeychain to 0.14.3 * Move function of changing the color of the navigation bar to the android side * Fix splashscreen and recent apps thumbnail backgrounds * Android authentication refactoring * Fix GitHub action * Fix the extra circle around the connect button on Android * Fix keyboard popup * Increase the amount of requestNetwork attempts on Android 11	2024-09-09 12:36:33 +01:00
KsZnak	cd70b7e619	Translation updated (ukrainian) (#1048 ) * Update amneziavpn_uk_UA.ts	2024-09-06 15:54:47 +03:00
pokamest	22011e263e	Merge pull request #1051 from amnezia-vpn/bugfix/startup-crush fixed a possible unhandled exception	2024-09-06 15:53:59 +03:00
Shehab Ahmed	88a2b9a07a	Update Arabic, Burmese translation (#1022 ) Update Arabic and Burmese translation	2024-09-03 10:06:13 +01:00
KsZnak	248f487d4e	Update amneziavpn_fa_IR.ts (#1005 ) Persian language updated	2024-09-03 10:03:42 +01:00
pokamest	572ef09296	Merge pull request #1030 from amnezia-vpn/chore/screenshots-enabled-true chore/screenshots enabled true	2024-08-30 15:56:10 +03:00
pokamest	03078236ab	Merge pull request #1028 from amnezia-vpn/feature/copy-mail-button feature: added 'copy mail' button on about page	2024-08-30 15:54:26 +03:00
Shehab Ahmed	b39a0a1d94	fix start Minimized feature issue on linux, Closes #1016 (#1021 ) fix start Minized feature issue on linux	2024-08-30 15:53:48 +03:00
vladimir.kuznetsov	e94fc688ba	chore: set screenshotsEnabled to true by default	2024-08-30 16:32:40 +04:00
vladimir.kuznetsov	558f613acc	feature: added 'copy mail' button on about page	2024-08-30 16:19:11 +04:00
pokamest	d800a95a1d	Merge pull request #1003 from eltociear/patch-1 chore: update windowsservicemanager.h	2024-08-28 17:26:21 +03:00
pokamest	b8f100d4fa	Merge pull request #1015 from amnezia-vpn/Links-updated-4.7.0.0-in-readme Update README.md	2024-08-28 17:08:56 +03:00
vladimir.kuznetsov	51618fb882	fixed a possible unhandled exception	2024-08-27 13:14:15 +03:00
KsZnak	14f537ba76	Update README.md links updated 4.7.0.0	2024-08-26 16:41:25 +03:00
pokamest	3458ed78d7	Merge pull request #1004 from amnezia-vpn/Update-amneziavpn_ru_RU.ts Update amneziavpn_ru_RU.ts	2024-08-23 14:17:56 -07:00
KsZnak	4bc571f609	Update amneziavpn_ru_RU.ts Russian language updated	2024-08-23 22:07:40 +03:00
Ikko Eltociear Ashimine	ee61f842e5	chore: update windowsservicemanager.h controll -> control	2024-08-24 00:32:58 +09:00
Mykola Baibuz	758b25947c	Fix Windows IPsec (#909 ) * Fix Windows IPsec * Fix work wth PKCS12 TempFile	2024-08-23 14:23:19 +01:00
Pokamest Nikak	b036c38981	Update translations	2024-08-22 21:09:01 +01:00
pokamest	eab2b8e45a	Merge pull request #990 from NetworkWorm123/readme-update Update README.md	2024-08-21 09:09:58 -07:00
Timon	dfdec2bf4b	Update README.md	2024-08-21 15:25:47 +00:00
Mykola Baibuz	b83e74427e	Update TAP-Windows driver	2024-08-15 19:51:49 +03:00