buildfix and naming

Review fixes
Add insertion of gateway address to strict killswitch exceptions
2026-06-21 02:01:03 +07:00 · 2025-04-24 18:31:26 +03:00 · 2025-04-24 16:35:37 +04:00 · 2025-04-24 01:55:29 +04:00 · 2025-04-24 01:53:12 +04:00 · 2025-04-17 02:22:46 +04:00
125 changed files with 8866 additions and 3508 deletions
@@ -10,7 +10,7 @@ env:
 jobs:
  Build-Linux-Ubuntu:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
    env:
      QT_VERSION: 6.6.2
@@ -190,7 +190,7 @@ jobs:
    - name: 'Install go'
      uses: actions/setup-go@v5
      with:
-        go-version: '1.22.1'
+        go-version: '1.24'
        cache: false
    - name: 'Setup gomobile'
@@ -1,64 +1,41 @@
 name: 'Upload a new version'
 on:
-  push:
+  workflow_dispatch:
-    tags:
+    inputs:
-    - '[0-9]+.[0-9]+.[0-9]+.[0-9]+'
+      RELEASE_VERSION:
        description: 'Release version (e.g. 1.2.3.4)'
        required: true
        type: string
 jobs:
-  upload:
+  Upload-S3:
    runs-on: ubuntu-latest
    name: upload
    steps:
-      - name: Checkout CMakeLists.txt
+      - name: Checkout
        uses: actions/checkout@v4
        with:
-          ref: ${{ github.ref_name }}
+          ref: ${{ inputs.RELEASE_VERSION }}
          sparse-checkout: |
            CMakeLists.txt
            deploy/deploy_s3.sh
          sparse-checkout-cone-mode: false
      - name: Verify git tag
        run: |
-          GIT_TAG=${{ github.ref_name }}
+          TAG_NAME=${{ inputs.RELEASE_VERSION }}
          CMAKE_TAG=$(grep 'project.*VERSION' CMakeLists.txt | sed -E 's/.* ([0-9]+.[0-9]+.[0-9]+.[0-9]+)$/\1/')
-
+          if [[ "$TAG_NAME" == "$CMAKE_TAG" ]]; then
-          if [[ "$GIT_TAG" == "$CMAKE_TAG" ]]; then
+            echo "Git tag ($TAG_NAME) matches CMakeLists.txt version ($CMAKE_TAG)."
            echo "Git tag ($GIT_TAG) and version in CMakeLists.txt ($CMAKE_TAG) are the same. Continuing..."
          else
-            echo "Git tag ($GIT_TAG) and version in CMakeLists.txt ($CMAKE_TAG) are not the same! Cancelling..."
+            echo "::error::Mismatch: Git tag ($TAG_NAME) != CMakeLists.txt version ($CMAKE_TAG). Exiting with error..."
            exit 1
          fi
-      - name: Download artifacts from the "${{ github.ref_name }}" tag
+      - name: Setup Rclone
-        uses: robinraju/release-downloader@v1.8
+        uses: AnimMouse/setup-rclone@v1
        with:
-          tag: ${{ github.ref_name }}
+          rclone_config: ${{ secrets.RCLONE_CONFIG }}
          fileName: "AmneziaVPN_(Linux_|)${{ github.ref_name }}*"
          out-file-path: ${{ github.ref_name }}
-      - name: Upload beta version
+      - name: Send dist to S3
-        uses: jakejarvis/s3-sync-action@master
+        run: bash deploy/deploy_s3.sh ${{ inputs.RELEASE_VERSION }}
        if: contains(github.event.base_ref, 'dev')
        with:
          args: --include "AmneziaVPN*" --delete
        env:
          AWS_S3_BUCKET: updates
          AWS_ACCESS_KEY_ID: ${{ secrets.CF_R2_ACCESS_KEY_ID }}
          AWS_SECRET_ACCESS_KEY: ${{ secrets.CF_R2_SECRET_ACCESS_KEY }}
          AWS_S3_ENDPOINT: https://${{ vars.CF_ACCOUNT_ID }}.r2.cloudflarestorage.com
          SOURCE_DIR: ${{ github.ref_name }}
          DEST_DIR: beta/${{ github.ref_name }}
      - name: Upload stable version
        uses: jakejarvis/s3-sync-action@master
        if: contains(github.event.base_ref, 'master')
        with:
          args: --include "AmneziaVPN*" --delete
        env:
          AWS_S3_BUCKET: updates
          AWS_ACCESS_KEY_ID: ${{ secrets.CF_R2_ACCESS_KEY_ID }}
          AWS_SECRET_ACCESS_KEY: ${{ secrets.CF_R2_SECRET_ACCESS_KEY }}
          AWS_S3_ENDPOINT: https://${{ vars.CF_ACCOUNT_ID }}.r2.cloudflarestorage.com
          SOURCE_DIR: ${{ github.ref_name }}
          DEST_DIR: stable/${{ github.ref_name }}
@@ -2,7 +2,7 @@ cmake_minimum_required(VERSION 3.25.0 FATAL_ERROR)
 set(PROJECT AmneziaVPN)
-project(${PROJECT} VERSION 4.8.4.3
+project(${PROJECT} VERSION 4.8.6.0
        DESCRIPTION "AmneziaVPN"
        HOMEPAGE_URL "https://amnezia.org/"
 )
@@ -11,7 +11,7 @@ string(TIMESTAMP CURRENT_DATE "%Y-%m-%d")
 set(RELEASE_DATE "${CURRENT_DATE}")
 set(APP_MAJOR_VERSION ${CMAKE_PROJECT_VERSION_MAJOR}.${CMAKE_PROJECT_VERSION_MINOR}.${CMAKE_PROJECT_VERSION_PATCH})
-set(APP_ANDROID_VERSION_CODE 2080)
+set(APP_ANDROID_VERSION_CODE 2083)
 if(${CMAKE_SYSTEM_NAME} STREQUAL "Linux")
    set(MZ_PLATFORM_NAME "linux")
@@ -6,11 +6,11 @@
 [![Gitpod ready-to-code](https://img.shields.io/badge/Gitpod-ready--to--code-blue?logo=gitpod)](https://gitpod.io/#https://github.com/amnezia-vpn/amnezia-client)
 ### [English](https://github.com/amnezia-vpn/amnezia-client/blob/dev/README.md) | Русский
-[AmneziaVPN](https://amnezia.org) — это open sourse VPN-клиент, ключевая особенность которого заключается в возможности развернуть собственный VPN на вашем сервере.
+[AmneziaVPN](https://amnezia.org) — это open source VPN-клиент, ключевая особенность которого заключается в возможности развернуть собственный VPN на вашем сервере.
 [![Image](https://github.com/amnezia-vpn/amnezia-client/blob/dev/metadata/img-readme/uipic4.png)](https://amnezia.org)
-### [Сайт](https://amnezia.org) | [Зеркало на сайт](https://storage.googleapis.com/amnezia/amnezia.org) | [Документация](https://docs.amnezia.org) | [Решение проблем](https://docs.amnezia.org/troubleshooting)
+### [Сайт](https://amnezia.org) | [Зеркало сайта](https://storage.googleapis.com/amnezia/amnezia.org) | [Документация](https://docs.amnezia.org) | [Решение проблем](https://docs.amnezia.org/troubleshooting)
 > [!TIP]
 > Если [сайт Amnezia](https://amnezia.org) заблокирован в вашем регионе, вы можете воспользоваться [ссылкой на зеркало](https://storage.googleapis.com/amnezia/amnezia.org).
@@ -30,7 +30,7 @@
 - Классические VPN-протоколы: OpenVPN, WireGuard и IKEv2.
 - Протоколы с маскировкой трафика (обфускацией): OpenVPN с плагином [Cloak](https://github.com/cbeuw/Cloak), Shadowsocks (OpenVPN over Shadowsocks), [AmneziaWG](https://docs.amnezia.org/documentation/amnezia-wg/) and XRay.
 - Поддержка Split Tunneling — добавляйте любые сайты или приложения в список, чтобы включить VPN только для них.
- Поддерживает платформы: Windows, MacOS, Linux, Android, iOS.
+- Поддерживает платформы: Windows, macOS, Linux, Android, iOS.
 - Поддержка конфигурации протокола AmneziaWG на [бета-прошивке Keenetic](https://docs.keenetic.com/ua/air/kn-1611/en/6319-latest-development-release.html#UUID-186c4108-5afd-c10b-f38a-cdff6c17fab3_section-idm33192196168192-improved).
 ## Ссылки
@@ -38,10 +38,10 @@
 - [https://amnezia.org](https://amnezia.org) - Веб-сайт проекта | [Альтернативная ссылка (зеркало)](https://storage.googleapis.com/kldscp/amnezia.org)
 - [https://docs.amnezia.org](https://docs.amnezia.org) - Документация
 - [https://www.reddit.com/r/AmneziaVPN](https://www.reddit.com/r/AmneziaVPN) - Reddit  
- [https://t.me/amnezia_vpn_en](https://t.me/amnezia_vpn_en) - Канал поддржки в Telegram (Английский)
+- [https://t.me/amnezia_vpn_en](https://t.me/amnezia_vpn_en) - Канал поддержки в Telegram (Английский)
- [https://t.me/amnezia_vpn_ir](https://t.me/amnezia_vpn_ir) - Канал поддржки в Telegram (Фарси)
+- [https://t.me/amnezia_vpn_ir](https://t.me/amnezia_vpn_ir) - Канал поддержки в Telegram (Фарси)
- [https://t.me/amnezia_vpn_mm](https://t.me/amnezia_vpn_mm) - Канал поддржки в Telegram (Мьянма) 
+- [https://t.me/amnezia_vpn_mm](https://t.me/amnezia_vpn_mm) - Канал поддержки в Telegram (Мьянма) 
- [https://t.me/amnezia_vpn](https://t.me/amnezia_vpn) - Канал поддржки в Telegram  (Русский)
+- [https://t.me/amnezia_vpn](https://t.me/amnezia_vpn) - Канал поддержки в Telegram  (Русский)
 - [https://vpnpay.io/en/amnezia-premium/](https://vpnpay.io/en/amnezia-premium/) - Amnezia Premium | [Зеркало](https://storage.googleapis.com/kldscp/vpnpay.io/ru/amnezia-premium\)
 ## Технологии
@@ -80,8 +80,8 @@ git submodule update --init --recursive
 Проверьте папку deploy для скриптов сборки.
 ### Как собрать iOS-приложение из исходного кода на MacOS
-1. Убедитесь, что у вас установлен XCode версии 14 или выше.
+1. Убедитесь, что у вас установлен Xcode версии 14 или выше.
-2. Для генерации проекта XCode используется QT. Требуется версия QT 6.6.2. Установите QT для MacOS здесь или через QT Online Installer. Необходимые модули:
+2. Для генерации проекта Xcode используется QT. Требуется версия QT 6.6.2. Установите QT для MacOS здесь или через QT Online Installer. Необходимые модули:
 - MacOS
 - iOS
 - Модуль совместимости с Qt 5
@@ -117,7 +117,7 @@ $QT_IOS_BIN/qt-cmake . -B build-ios -GXcode -DQT_HOST_PATH=$QT_MACOS_ROOT_DIR
 export PATH=$(PATH):/path/to/GOPATH/bin
 ```
-6. Откройте проект в XCode. Теперь вы можете тестировать, архивировать или публиковать приложение.
+6. Откройте проект в Xcode. Теперь вы можете тестировать, архивировать или публиковать приложение.
 Если сборка завершится с ошибкой:
 ```
@@ -31,10 +31,6 @@ add_definitions(-DDEV_AGW_PUBLIC_KEY="$ENV{DEV_AGW_PUBLIC_KEY}")
 add_definitions(-DDEV_AGW_ENDPOINT="$ENV{DEV_AGW_ENDPOINT}")
 add_definitions(-DDEV_S3_ENDPOINT="$ENV{DEV_S3_ENDPOINT}")
 if(IOS)
    set(PACKAGES ${PACKAGES} Multimedia)
 endif()
 if(WIN32 OR (APPLE AND NOT IOS) OR (LINUX AND NOT ANDROID))
    set(PACKAGES ${PACKAGES} Widgets)
 endif()
@@ -48,10 +44,6 @@ set(LIBS ${LIBS}
    Qt6::Core5Compat Qt6::Concurrent
 )
 if(IOS)
    set(LIBS ${LIBS} Qt6::Multimedia)
 endif()
 if(WIN32 OR (APPLE AND NOT IOS) OR (LINUX AND NOT ANDROID))
    set(LIBS ${LIBS} Qt6::Widgets)
 endif()
@@ -3,6 +3,7 @@
 #include <QDebug>
 #include <QJsonDocument>
 #include <QProcess>
 #include <QRegularExpression>
 #include <QString>
 #include <QTemporaryDir>
 #include <QTemporaryFile>
@@ -19,13 +20,17 @@
 #include "settings.h"
 #include "utilities.h"
-WireguardConfigurator::WireguardConfigurator(std::shared_ptr<Settings> settings, const QSharedPointer<ServerController> &serverController,
+WireguardConfigurator::WireguardConfigurator(std::shared_ptr<Settings> settings,
-                                             bool isAwg, QObject *parent)
+                                             const QSharedPointer<ServerController> &serverController, bool isAwg,
                                             QObject *parent)
    : ConfiguratorBase(settings, serverController, parent), m_isAwg(isAwg)
 {
-    m_serverConfigPath = m_isAwg ? amnezia::protocols::awg::serverConfigPath : amnezia::protocols::wireguard::serverConfigPath;
+    m_serverConfigPath =
-    m_serverPublicKeyPath = m_isAwg ? amnezia::protocols::awg::serverPublicKeyPath : amnezia::protocols::wireguard::serverPublicKeyPath;
+            m_isAwg ? amnezia::protocols::awg::serverConfigPath : amnezia::protocols::wireguard::serverConfigPath;
-    m_serverPskKeyPath = m_isAwg ? amnezia::protocols::awg::serverPskKeyPath : amnezia::protocols::wireguard::serverPskKeyPath;
+    m_serverPublicKeyPath =
            m_isAwg ? amnezia::protocols::awg::serverPublicKeyPath : amnezia::protocols::wireguard::serverPublicKeyPath;
    m_serverPskKeyPath =
            m_isAwg ? amnezia::protocols::awg::serverPskKeyPath : amnezia::protocols::wireguard::serverPskKeyPath;
    m_configTemplate = m_isAwg ? ProtocolScriptType::awg_template : ProtocolScriptType::wireguard_template;
    m_protocolName = m_isAwg ? config_key::awg : config_key::wireguard;
@@ -63,9 +68,31 @@ WireguardConfigurator::ConnectionData WireguardConfigurator::genClientKeys()
    return connData;
 }
 QList<QHostAddress> WireguardConfigurator::getIpsFromConf(const QString &input)
 {
    QRegularExpression regex("AllowedIPs = (\\d+\\.\\d+\\.\\d+\\.\\d+)");
    QRegularExpressionMatchIterator matchIterator = regex.globalMatch(input);
    QList<QHostAddress> ips;
    while (matchIterator.hasNext()) {
        QRegularExpressionMatch match = matchIterator.next();
        const QString address_string { match.captured(1) };
        const QHostAddress address { address_string };
        if (address.isNull()) {
            qWarning() << "Couldn't recognize the ip address: " << address_string;
        } else {
            ips << address;
        }
    }
    return ips;
 }
 WireguardConfigurator::ConnectionData WireguardConfigurator::prepareWireguardConfig(const ServerCredentials &credentials,
                                                                                    DockerContainer container,
-                                                                                    const QJsonObject &containerConfig, ErrorCode &errorCode)
+                                                                                    const QJsonObject &containerConfig,
                                                                                    ErrorCode &errorCode)
 {
    WireguardConfigurator::ConnectionData connData = WireguardConfigurator::genClientKeys();
    connData.host = credentials.hostName;
@@ -76,65 +103,45 @@ WireguardConfigurator::ConnectionData WireguardConfigurator::prepareWireguardCon
        return connData;
    }
-    // Get list of already created clients (only IP addresses)
+    QString getIpsScript = QString("cat %1 | grep AllowedIPs").arg(m_serverConfigPath);
-    QString nextIpNumber;
+    QString stdOut;
-    {
+    auto cbReadStdOut = [&](const QString &data, libssh::Client &) {
-        QString script = QString("cat %1 | grep AllowedIPs").arg(m_serverConfigPath);
+        stdOut += data + "\n";
-        QString stdOut;
+        return ErrorCode::NoError;
-        auto cbReadStdOut = [&](const QString &data, libssh::Client &) {
+    };
            stdOut += data + "\n";
            return ErrorCode::NoError;
        };
-        errorCode = m_serverController->runContainerScript(credentials, container, script, cbReadStdOut);
+    errorCode = m_serverController->runContainerScript(credentials, container, getIpsScript, cbReadStdOut);
-        if (errorCode != ErrorCode::NoError) {
+    if (errorCode != ErrorCode::NoError) {
-            return connData;
+        return connData;
-        }
+    }
    auto ips = getIpsFromConf(stdOut);
-        stdOut.replace("AllowedIPs = ", "");
+    QHostAddress nextIp = [&] {
-        stdOut.replace("/32", "");
+        QHostAddress result;
-        QStringList ips = stdOut.split("\n", Qt::SkipEmptyParts);
+        QHostAddress lastIp;
-
+        if (ips.empty()) {
-        // remove extra IPs from each line for case when user manually edited the wg0.conf
+            lastIp.setAddress(containerConfig.value(m_protocolName)
-        // and added there more IPs for route his itnernal networks, like:
+                                      .toObject()
-        //     ...
+                                      .value(config_key::subnet_address)
-        //     AllowedIPs = 10.8.1.6/32, 192.168.1.0/24, 192.168.2.0/24, ...
+                                      .toString(protocols::wireguard::defaultSubnetAddress));
        //     ...
        // without this code - next IP would be 1 if last item in 'ips' has format above
        QStringList vpnIps;
        for (const auto &ip : ips) {
          vpnIps.append(ip.split(",", Qt::SkipEmptyParts).first().trimmed());
        }
        ips = vpnIps;
        // Calc next IP address
        if (ips.isEmpty()) {
            nextIpNumber = "2";
        } else {
-            int next = ips.last().split(".").last().toInt() + 1;
+            lastIp = ips.last();
            if (next > 254) {
                errorCode = ErrorCode::AddressPoolError;
                return connData;
            }
            nextIpNumber = QString::number(next);
        }
-    }
+        quint8 lastOctet = static_cast<quint8>(lastIp.toIPv4Address());
-
+        switch (lastOctet) {
-    QString subnetIp = containerConfig.value(m_protocolName).toObject().value(config_key::subnet_address).toString(protocols::wireguard::defaultSubnetAddress);
+        case 254: result.setAddress(lastIp.toIPv4Address() + 3); break;
-    {
+        case 255: result.setAddress(lastIp.toIPv4Address() + 2); break;
-        QStringList l = subnetIp.split(".", Qt::SkipEmptyParts);
+        default: result.setAddress(lastIp.toIPv4Address() + 1); break;
        if (l.isEmpty()) {
            errorCode = ErrorCode::AddressPoolError;
            return connData;
        }
        l.removeLast();
        l.append(nextIpNumber);
-        connData.clientIP = l.join(".");
+        return result;
-    }
+    }();
    connData.clientIP = nextIp.toString();
    // Get keys
-    connData.serverPubKey = m_serverController->getTextFileFromContainer(container, credentials, m_serverPublicKeyPath, errorCode);
+    connData.serverPubKey =
            m_serverController->getTextFileFromContainer(container, credentials, m_serverPublicKeyPath, errorCode);
    connData.serverPubKey.replace("\n", "");
    if (errorCode != ErrorCode::NoError) {
        return connData;
@@ -161,10 +168,12 @@ WireguardConfigurator::ConnectionData WireguardConfigurator::prepareWireguardCon
        return connData;
    }
-    QString script = QString("sudo docker exec -i $CONTAINER_NAME bash -c 'wg syncconf wg0 <(wg-quick strip %1)'").arg(m_serverConfigPath);
+    QString script = QString("sudo docker exec -i $CONTAINER_NAME bash -c 'wg syncconf wg0 <(wg-quick strip %1)'")
                             .arg(m_serverConfigPath);
    errorCode = m_serverController->runScript(
-            credentials, m_serverController->replaceVars(script, m_serverController->genVarsForScript(credentials, container)));
+            credentials,
            m_serverController->replaceVars(script, m_serverController->genVarsForScript(credentials, container)));
    return connData;
 }
@@ -173,8 +182,8 @@ QString WireguardConfigurator::createConfig(const ServerCredentials &credentials
                                            const QJsonObject &containerConfig, ErrorCode &errorCode)
 {
    QString scriptData = amnezia::scriptData(m_configTemplate, container);
-    QString config =
+    QString config = m_serverController->replaceVars(
-            m_serverController->replaceVars(scriptData, m_serverController->genVarsForScript(credentials, container, containerConfig));
+            scriptData, m_serverController->genVarsForScript(credentials, container, containerConfig));
    ConnectionData connData = prepareWireguardConfig(credentials, container, containerConfig, errorCode);
    if (errorCode != ErrorCode::NoError) {
@@ -208,16 +217,16 @@ QString WireguardConfigurator::createConfig(const ServerCredentials &credentials
    return QJsonDocument(jConfig).toJson();
 }
-QString WireguardConfigurator::processConfigWithLocalSettings(const QPair<QString, QString> &dns, const bool isApiConfig,
+QString WireguardConfigurator::processConfigWithLocalSettings(const QPair<QString, QString> &dns,
-                                                              QString &protocolConfigString)
+                                                              const bool isApiConfig, QString &protocolConfigString)
 {
    processConfigWithDnsSettings(dns, protocolConfigString);
    return protocolConfigString;
 }
-QString WireguardConfigurator::processConfigWithExportSettings(const QPair<QString, QString> &dns, const bool isApiConfig,
+QString WireguardConfigurator::processConfigWithExportSettings(const QPair<QString, QString> &dns,
-                                                               QString &protocolConfigString)
+                                                               const bool isApiConfig, QString &protocolConfigString)
 {
    processConfigWithDnsSettings(dns, protocolConfigString);
@@ -1,6 +1,7 @@
 #ifndef WIREGUARD_CONFIGURATOR_H
 #define WIREGUARD_CONFIGURATOR_H
 #include <QHostAddress>
 #include <QObject>
 #include <QProcessEnvironment>
@@ -12,8 +13,8 @@ class WireguardConfigurator : public ConfiguratorBase
 {
    Q_OBJECT
 public:
-    WireguardConfigurator(std::shared_ptr<Settings> settings, const QSharedPointer<ServerController> &serverController, bool isAwg,
+    WireguardConfigurator(std::shared_ptr<Settings> settings, const QSharedPointer<ServerController> &serverController,
-                          QObject *parent = nullptr);
+                          bool isAwg, QObject *parent = nullptr);
    struct ConnectionData
    {
@@ -26,15 +27,18 @@ public:
        QString port;
    };
-    QString createConfig(const ServerCredentials &credentials, DockerContainer container, const QJsonObject &containerConfig,
+    QString createConfig(const ServerCredentials &credentials, DockerContainer container,
-                         ErrorCode &errorCode);
+                         const QJsonObject &containerConfig, ErrorCode &errorCode);
-    QString processConfigWithLocalSettings(const QPair<QString, QString> &dns, const bool isApiConfig, QString &protocolConfigString);
+    QString processConfigWithLocalSettings(const QPair<QString, QString> &dns, const bool isApiConfig,
-    QString processConfigWithExportSettings(const QPair<QString, QString> &dns, const bool isApiConfig, QString &protocolConfigString);
+                                           QString &protocolConfigString);
    QString processConfigWithExportSettings(const QPair<QString, QString> &dns, const bool isApiConfig,
                                            QString &protocolConfigString);
    static ConnectionData genClientKeys();
 private:
    QList<QHostAddress> getIpsFromConf(const QString &input);
    ConnectionData prepareWireguardConfig(const ServerCredentials &credentials, DockerContainer container,
                                          const QJsonObject &containerConfig, ErrorCode &errorCode);
@@ -10,7 +10,8 @@ namespace apiDefs
        AmneziaFreeV3,
        AmneziaPremiumV1,
        AmneziaPremiumV2,
-        SelfHosted
+        SelfHosted,
        ExternalPremium
    };
    enum ConfigSource {
@@ -43,6 +44,13 @@ namespace apiDefs
        constexpr QLatin1String maxDeviceCount("max_device_count");
        constexpr QLatin1String subscriptionEndDate("subscription_end_date");
        constexpr QLatin1String issuedConfigs("issued_configs");
        constexpr QLatin1String supportInfo("support_info");
        constexpr QLatin1String email("email");
        constexpr QLatin1String billingEmail("billing_email");
        constexpr QLatin1String website("website");
        constexpr QLatin1String websiteName("website_name");
        constexpr QLatin1String telegram("telegram");
    }
    const int requestTimeoutMsecs = 12 * 1000; // 12 secs
@@ -32,15 +32,17 @@ apiDefs::ConfigType apiUtils::getConfigType(const QJsonObject &serverConfigObjec
        constexpr QLatin1String servicePremium("amnezia-premium");
        constexpr QLatin1String serviceFree("amnezia-free");
        constexpr QLatin1String serviceExternalPremium("external-premium");
        auto apiConfigObject = serverConfigObject.value(apiDefs::key::apiConfig).toObject();
        auto stackType = apiConfigObject.value(apiDefs::key::stackType).toString();
        auto serviceType = apiConfigObject.value(apiDefs::key::serviceType).toString();
-        if (serviceType == servicePremium || stackType == stackPremium) {
+        if (serviceType == servicePremium) {
            return apiDefs::ConfigType::AmneziaPremiumV2;
-        } else if (serviceType == serviceFree || stackType == stackFree) {
+        } else if (serviceType == serviceFree) {
            return apiDefs::ConfigType::AmneziaFreeV3;
        } else if (serviceType == serviceExternalPremium) {
            return apiDefs::ConfigType::ExternalPremium;
        }
    }
    default: {
@@ -66,6 +68,7 @@ amnezia::ErrorCode apiUtils::checkNetworkReplyErrors(const QList<QSslError> &ssl
        return amnezia::ErrorCode::NoError;
    } else if (reply->error() == QNetworkReply::NetworkError::OperationCanceledError
               || reply->error() == QNetworkReply::NetworkError::TimeoutError) {
        qDebug() << reply->error();
        return amnezia::ErrorCode::ApiConfigTimeoutError;
    } else {
        QString err = reply->errorString();
@@ -85,3 +88,10 @@ amnezia::ErrorCode apiUtils::checkNetworkReplyErrors(const QList<QSslError> &ssl
    qDebug() << "something went wrong";
    return amnezia::ErrorCode::InternalError;
 }
 bool apiUtils::isPremiumServer(const QJsonObject &serverConfigObject)
 {
    static const QSet<apiDefs::ConfigType> premiumTypes = { apiDefs::ConfigType::AmneziaPremiumV1, apiDefs::ConfigType::AmneziaPremiumV2,
                                                            apiDefs::ConfigType::ExternalPremium };
    return premiumTypes.contains(getConfigType(serverConfigObject));
 }
@@ -13,6 +13,8 @@ namespace apiUtils
    bool isSubscriptionExpired(const QString &subscriptionEndDate);
    bool isPremiumServer(const QJsonObject &serverConfigObject);
    apiDefs::ConfigType getConfigType(const QJsonObject &serverConfigObject);
    apiDefs::ConfigSource getConfigSource(const QJsonObject &serverConfigObject);
@@ -1,5 +1,6 @@
 #include "coreController.h"
 #include <QDirIterator>
 #include <QTranslator>
 #if defined(Q_OS_ANDROID)
@@ -47,6 +48,9 @@ void CoreController::initModels()
    m_sitesModel.reset(new SitesModel(m_settings, this));
    m_engine->rootContext()->setContextProperty("SitesModel", m_sitesModel.get());
    m_allowedDnsModel.reset(new AllowedDnsModel(m_settings, this));
    m_engine->rootContext()->setContextProperty("AllowedDnsModel", m_allowedDnsModel.get());
    m_appSplitTunnelingModel.reset(new AppSplitTunnelingModel(m_settings, this));
    m_engine->rootContext()->setContextProperty("AppSplitTunnelingModel", m_appSplitTunnelingModel.get());
@@ -129,6 +133,9 @@ void CoreController::initControllers()
    m_sitesController.reset(new SitesController(m_settings, m_vpnConnection, m_sitesModel));
    m_engine->rootContext()->setContextProperty("SitesController", m_sitesController.get());
    m_allowedDnsController.reset(new AllowedDnsController(m_settings, m_allowedDnsModel));
    m_engine->rootContext()->setContextProperty("AllowedDnsController", m_allowedDnsController.get());
    m_appSplitTunnelingController.reset(new AppSplitTunnelingController(m_settings, m_appSplitTunnelingModel));
    m_engine->rootContext()->setContextProperty("AppSplitTunnelingController", m_appSplitTunnelingController.get());
@@ -213,6 +220,7 @@ void CoreController::initSignalHandlers()
    initAutoConnectHandler();
    initAmneziaDnsToggledHandler();
    initPrepareConfigHandler();
    initStrictKillSwitchHandler();
 }
 void CoreController::initNotificationHandler()
@@ -238,7 +246,23 @@ void CoreController::updateTranslator(const QLocale &locale)
        QCoreApplication::removeTranslator(m_translator.get());
    }
-    QString strFileName = QString(":/translations/amneziavpn") + QLatin1String("_") + locale.name() + ".qm";
+    QStringList availableTranslations;
    QDirIterator it(":/translations", QStringList("amneziavpn_*.qm"), QDir::Files);
    while (it.hasNext()) {
        availableTranslations << it.next();
    }
    // This code allow to load translation for the language only, without country code
    const QString lang = locale.name().split("_").first();
    const QString translationFilePrefix = QString(":/translations/amneziavpn_") + lang;
    QString strFileName = QString(":/translations/amneziavpn_%1.qm").arg(locale.name());
    for (const QString &translation : availableTranslations) {
        if (translation.contains(translationFilePrefix)) {
            strFileName = translation;
            break;
        }
    }
    if (m_translator->load(strFileName)) {
        if (QCoreApplication::installTranslator(m_translator.get())) {
            m_settings->setAppLanguage(locale);
@@ -339,6 +363,12 @@ void CoreController::initPrepareConfigHandler()
    });
 }
 void CoreController::initStrictKillSwitchHandler()
 {
    connect(m_settingsController.get(), &SettingsController::strictKillSwitchEnabledChanged, 
            m_vpnConnection.get(), &VpnConnection::onKillSwitchModeChanged);
 }
 QSharedPointer<PageController> CoreController::pageController() const
 {
    return m_pageController;
@@ -8,6 +8,7 @@
 #include "ui/controllers/api/apiConfigsController.h"
 #include "ui/controllers/api/apiSettingsController.h"
 #include "ui/controllers/appSplitTunnelingController.h"
 #include "ui/controllers/allowedDnsController.h"
 #include "ui/controllers/connectionController.h"
 #include "ui/controllers/exportController.h"
 #include "ui/controllers/focusController.h"
@@ -18,6 +19,7 @@
 #include "ui/controllers/sitesController.h"
 #include "ui/controllers/systemController.h"
 #include "ui/models/allowed_dns_model.h"
 #include "ui/models/containers_model.h"
 #include "ui/models/languageModel.h"
 #include "ui/models/protocols/cloakConfigModel.h"
@@ -80,6 +82,7 @@ private:
    void initAutoConnectHandler();
    void initAmneziaDnsToggledHandler();
    void initPrepareConfigHandler();
    void initStrictKillSwitchHandler();
    QQmlApplicationEngine *m_engine {}; // TODO use parent child system here?
    std::shared_ptr<Settings> m_settings;
@@ -102,6 +105,7 @@ private:
    QScopedPointer<SitesController> m_sitesController;
    QScopedPointer<SystemController> m_systemController;
    QScopedPointer<AppSplitTunnelingController> m_appSplitTunnelingController;
    QScopedPointer<AllowedDnsController> m_allowedDnsController;
    QScopedPointer<ApiSettingsController> m_apiSettingsController;
    QScopedPointer<ApiConfigsController> m_apiConfigsController;
@@ -112,6 +116,7 @@ private:
    QSharedPointer<LanguageModel> m_languageModel;
    QSharedPointer<ProtocolsModel> m_protocolsModel;
    QSharedPointer<SitesModel> m_sitesModel;
    QSharedPointer<AllowedDnsModel> m_allowedDnsModel;
    QSharedPointer<AppSplitTunnelingModel> m_appSplitTunnelingModel;
    QSharedPointer<ClientManagementModel> m_clientManagementModel;
@@ -7,6 +7,7 @@
 #include <QJsonDocument>
 #include <QJsonObject>
 #include <QNetworkReply>
 #include <QUrl>
 #include "QBlockCipher.h"
 #include "QRsa.h"
@@ -14,6 +15,11 @@
 #include "amnezia_application.h"
 #include "core/api/apiUtils.h"
 #include "utilities.h"
 #include "core/networkUtilities.h"
 #ifdef AMNEZIA_DESKTOP
    #include "core/ipcclient.h"
 #endif
 namespace
 {
@@ -26,6 +32,10 @@ namespace
        constexpr char apiPayload[] = "api_payload";
        constexpr char keyPayload[] = "key_payload";
    }
    constexpr QLatin1String errorResponsePattern1("No active configuration found for");
    constexpr QLatin1String errorResponsePattern2("No non-revoked public key found for");
    constexpr QLatin1String errorResponsePattern3("Account not found.");
 }
 GatewayController::GatewayController(const QString &gatewayEndpoint, bool isDevEnvironment, int requestTimeoutMsecs, QObject *parent)
@@ -46,6 +56,17 @@ ErrorCode GatewayController::get(const QString &endpoint, QByteArray &responseBo
    request.setUrl(QString(endpoint).arg(m_gatewayEndpoint));
    // bypass killSwitch exceptions for API-gateway
 #ifdef AMNEZIA_DESKTOP
    {
        QString host = QUrl(request.url()).host();
        QString ip = NetworkUtilities::getIPAddress(host);
        if (!ip.isEmpty()) {
            IpcClient::Interface()->addKillSwitchAllowedRange(QStringList{ip});
        }
    }
 #endif
    QNetworkReply *reply;
    reply = amnApp->networkManager()->get(request);
@@ -97,6 +118,17 @@ ErrorCode GatewayController::post(const QString &endpoint, const QJsonObject api
    request.setUrl(endpoint.arg(m_gatewayEndpoint));
    // bypass killSwitch exceptions for API-gateway
 #ifdef AMNEZIA_DESKTOP
    {
        QString host = QUrl(request.url()).host();
        QString ip = NetworkUtilities::getIPAddress(host);
        if (!ip.isEmpty()) {
            IpcClient::Interface()->addKillSwitchAllowedRange(QStringList{ip});
        }
    }
 #endif
    QSimpleCrypto::QBlockCipher blockCipher;
    QByteArray key = blockCipher.generatePrivateSalt(32);
    QByteArray iv = blockCipher.generatePrivateSalt(32);
@@ -194,16 +226,16 @@ QStringList GatewayController::getProxyUrls()
    QList<QSslError> sslErrors;
    QNetworkReply *reply;
-    QStringList proxyStorageUrl;
+    QStringList proxyStorageUrls;
    if (m_isDevEnvironment) {
-        proxyStorageUrl = QStringList { DEV_S3_ENDPOINT };
+        proxyStorageUrls = QString(DEV_S3_ENDPOINT).split(", ");
    } else {
-        proxyStorageUrl = QStringList { PROD_S3_ENDPOINT };
+        proxyStorageUrls = QString(PROD_S3_ENDPOINT).split(", ");
    }
    QByteArray key = m_isDevEnvironment ? DEV_AGW_PUBLIC_KEY : PROD_AGW_PUBLIC_KEY;
-    for (const auto &proxyStorageUrl : proxyStorageUrl) {
+    for (const auto &proxyStorageUrl : proxyStorageUrls) {
        request.setUrl(proxyStorageUrl);
        reply = amnApp->networkManager()->get(request);
@@ -247,6 +279,9 @@ QStringList GatewayController::getProxyUrls()
            }
            return endpoints;
        } else {
            apiUtils::checkNetworkReplyErrors(sslErrors, reply);
            qDebug() << "go to the next storage endpoint";
            reply->deleteLater();
        }
    }
@@ -257,17 +292,29 @@ bool GatewayController::shouldBypassProxy(QNetworkReply *reply, const QByteArray
                                          const QByteArray &iv, const QByteArray &salt)
 {
    if (reply->error() == QNetworkReply::NetworkError::OperationCanceledError || reply->error() == QNetworkReply::NetworkError::TimeoutError) {
-        qDebug() << "Timeout occurred";
+        qDebug() << "timeout occurred";
        qDebug() << reply->error();
        return true;
    } else if (responseBody.contains("html")) {
-        qDebug() << "The response contains an html tag";
+        qDebug() << "the response contains an html tag";
        return true;
-    } else if (reply->error() == QNetworkReply::NetworkError::NoError && checkEncryption) {
+    } else if (reply->error() == QNetworkReply::NetworkError::ContentNotFoundError) {
        if (responseBody.contains(errorResponsePattern1) || responseBody.contains(errorResponsePattern2)
            || responseBody.contains(errorResponsePattern3)) {
            return false;
        } else {
            qDebug() << reply->error();
            return true;
        }
    } else if (reply->error() != QNetworkReply::NetworkError::NoError) {
        qDebug() << reply->error();
        return true;
    } else if (checkEncryption) {
        try {
            QSimpleCrypto::QBlockCipher blockCipher;
            static_cast<void>(blockCipher.decryptAesBlockCipher(responseBody, key, iv, "", salt));
        } catch (...) {
-            qDebug() << "Failed to decrypt the data";
+            qDebug() << "failed to decrypt the data";
            return true;
        }
    }
@@ -288,7 +335,7 @@ void GatewayController::bypassProxy(const QString &endpoint, QNetworkReply *repl
    QByteArray responseBody;
    for (const QString &proxyUrl : proxyUrls) {
-        qDebug() << "Go to the next endpoint";
+        qDebug() << "go to the next proxy endpoint";
        reply->deleteLater(); // delete the previous reply
        reply = requestFunction(endpoint.arg(proxyUrl));
@@ -709,7 +709,7 @@ ErrorCode ServerController::isServerPortBusy(const ServerCredentials &credential
    QString transportProto = containerConfig.value(config_key::transport_proto).toString(defaultTransportProto);
    // TODO reimplement with netstat
-    QString script = QString("which lsof &>/dev/null || true && sudo lsof -i -P -n 2>/dev/null | grep -E ':%1 ").arg(port);
+    QString script = QString("which lsof > /dev/null 2>&1 || true && sudo lsof -i -P -n 2>/dev/null | grep -E ':%1 ").arg(port);
    for (auto &port : fixedPorts) {
        script = script.append("|:%1").arg(port);
    }
@@ -757,10 +757,6 @@ ErrorCode ServerController::isServerPortBusy(const ServerCredentials &credential
 ErrorCode ServerController::isUserInSudo(const ServerCredentials &credentials, DockerContainer container)
 {
    if (credentials.userName == "root") {
        return ErrorCode::NoError;
    }
    QString stdOut;
    auto cbReadStdOut = [&](const QString &data, libssh::Client &) {
        stdOut += data + "\n";
@@ -774,8 +770,16 @@ ErrorCode ServerController::isUserInSudo(const ServerCredentials &credentials, D
    const QString scriptData = amnezia::scriptData(SharedScriptType::check_user_in_sudo);
    ErrorCode error = runScript(credentials, replaceVars(scriptData, genVarsForScript(credentials)), cbReadStdOut, cbReadStdErr);
-    if (!stdOut.contains("sudo"))
+    if (credentials.userName != "root" && stdOut.contains("sudo:") && !stdOut.contains("uname:") && stdOut.contains("not found"))
        return ErrorCode::ServerSudoPackageIsNotPreinstalled;
    if (credentials.userName != "root" && !stdOut.contains("sudo") && !stdOut.contains("wheel"))
        return ErrorCode::ServerUserNotInSudo;
    if (stdOut.contains("can't cd to") || stdOut.contains("Permission denied") || stdOut.contains("No such file or directory"))
        return ErrorCode::ServerUserDirectoryNotAccessible;
    if (stdOut.contains("sudoers") || stdOut.contains("is not allowed to run sudo on"))
        return ErrorCode::ServerUserNotAllowedInSudoers;
    if (stdOut.contains("password is required"))
        return ErrorCode::ServerUserPasswordRequired;
    return error;
 }
@@ -54,6 +54,10 @@ namespace amnezia
        ServerCancelInstallation = 204,
        ServerUserNotInSudo = 205,
        ServerPacketManagerError = 206,
        ServerSudoPackageIsNotPreinstalled = 207,
        ServerUserDirectoryNotAccessible = 208,
        ServerUserNotAllowedInSudoers = 209,
        ServerUserPasswordRequired = 210,
        // Ssh connection errors
        SshRequestDeniedError = 300,
@@ -20,8 +20,12 @@ QString errorString(ErrorCode code) {
    case(ErrorCode::ServerContainerMissingError): errorMessage = QObject::tr("Server error: Docker container missing"); break;
    case(ErrorCode::ServerDockerFailedError): errorMessage = QObject::tr("Server error: Docker failed"); break;
    case(ErrorCode::ServerCancelInstallation): errorMessage = QObject::tr("Installation canceled by user"); break;
-    case(ErrorCode::ServerUserNotInSudo): errorMessage = QObject::tr("The user does not have permission to use sudo"); break;
+    case(ErrorCode::ServerUserNotInSudo): errorMessage = QObject::tr("The user is not a member of the sudo group"); break;
-    case(ErrorCode::ServerPacketManagerError): errorMessage = QObject::tr("Server error: Packet manager error"); break;
+    case(ErrorCode::ServerPacketManagerError): errorMessage = QObject::tr("Server error: Package manager error"); break;
    case(ErrorCode::ServerSudoPackageIsNotPreinstalled): errorMessage = QObject::tr("The sudo package is not pre-installed on the server"); break;
    case(ErrorCode::ServerUserDirectoryNotAccessible): errorMessage = QObject::tr("The server user's home directory is not accessible"); break;
    case(ErrorCode::ServerUserNotAllowedInSudoers): errorMessage = QObject::tr("Action not allowed in sudoers"); break;
    case(ErrorCode::ServerUserPasswordRequired): errorMessage = QObject::tr("The user's password is required"); break;
    // Libssh errors
    case(ErrorCode::SshRequestDeniedError): errorMessage = QObject::tr("SSH request was denied"); break;
@@ -371,6 +371,9 @@ bool Daemon::parseConfig(const QJsonObject& obj, InterfaceConfig& config) {
  if (!parseStringList(obj, "vpnDisabledApps", config.m_vpnDisabledApps)) {
    return false;
  }
  if (!parseStringList(obj, "allowedDnsServers", config.m_allowedDnsServers)) {
    return false;
  }
  config.m_killSwitchEnabled = QVariant(obj.value("killSwitchOption").toString()).toBool();
@@ -48,6 +48,13 @@ QJsonObject InterfaceConfig::toJson() const {
  }
  json.insert("excludedAddresses", jsExcludedAddresses);
  QJsonArray jsAllowedDnsServers;
  for (const QString& i : m_allowedDnsServers) {
    jsAllowedDnsServers.append(QJsonValue(i));
  }
  json.insert("allowedDnsServers", jsAllowedDnsServers);
  QJsonArray disabledApps;
  for (const QString& i : m_vpnDisabledApps) {
    disabledApps.append(QJsonValue(i));
@@ -37,6 +37,7 @@ class InterfaceConfig {
  QList<IPAddress> m_allowedIPAddressRanges;
  QStringList m_excludedAddresses;
  QStringList m_vpnDisabledApps;
  QStringList m_allowedDnsServers;
  bool m_killSwitchEnabled;
 #if defined(MZ_ANDROID) || defined(MZ_IOS)
  QString m_installationId;
@@ -123,6 +123,7 @@ void LocalSocketController::activate(const QJsonObject &rawConfig) {
  int appSplitTunnelType = rawConfig.value(amnezia::config_key::appSplitTunnelType).toInt();
  QJsonArray splitTunnelApps = rawConfig.value(amnezia::config_key::splitTunnelApps).toArray();
  QJsonArray allowedDns = rawConfig.value(amnezia::config_key::allowedDnsServers).toArray();
  QJsonObject wgConfig = rawConfig.value(protocolName + "_config_data").toObject();
@@ -226,6 +227,8 @@ void LocalSocketController::activate(const QJsonObject &rawConfig) {
  json.insert("vpnDisabledApps", splitTunnelApps);
  json.insert("allowedDnsServers", allowedDns);
  json.insert(amnezia::config_key::killSwitchOption, rawConfig.value(amnezia::config_key::killSwitchOption));
  if (protocolName == amnezia::config_key::awg) {
@@ -455,9 +455,6 @@ void LinuxFirewall::updateDNSServers(const QStringList& servers)
 void LinuxFirewall::updateAllowNets(const QStringList& servers)
 {
    static QStringList existingServers {};
    existingServers = servers;
    execute(QStringLiteral("iptables -F %1.110.allowNets").arg(kAnchorName));
    for (const QString& rule : getAllowRule(servers))
        execute(QStringLiteral("iptables -A %1.110.allowNets %2").arg(kAnchorName, rule));
@@ -17,6 +17,8 @@
 #include "leakdetector.h"
 #include "logger.h"
 #include "killswitch.h"
 constexpr const int WG_TUN_PROC_TIMEOUT = 5000;
 constexpr const char* WG_RUNTIME_DIR = "/var/run/amneziawg";
@@ -182,7 +184,7 @@ bool WireguardUtilsLinux::deleteInterface() {
    QFile::remove(wgRuntimeDir.filePath(QString(WG_INTERFACE) + ".name"));
    // double-check + ensure our firewall is installed and enabled
-    LinuxFirewall::uninstall();
+    KillSwitch::instance()->disableKillSwitch();
    return true;
 }
@@ -16,6 +16,8 @@
 #include "leakdetector.h"
 #include "logger.h"
 #include "killswitch.h"
 constexpr const int WG_TUN_PROC_TIMEOUT = 5000;
 constexpr const char* WG_RUNTIME_DIR = "/var/run/amneziawg";
@@ -180,7 +182,7 @@ bool WireguardUtilsMacos::deleteInterface() {
  QFile::remove(wgRuntimeDir.filePath(QString(WG_INTERFACE) + ".name"));
  // double-check + ensure our firewall is installed and enabled
-  MacOSFirewall::uninstall();
+  KillSwitch::instance()->disableKillSwitch();
  return true;
 }
@@ -29,6 +29,8 @@
 #include "logger.h"
 #include "platforms/windows/windowsutils.h"
 #include "killswitch.h"
 #define IPV6_ADDRESS_SIZE 16
 // ID for the Firewall Sublayer
@@ -180,16 +182,29 @@ bool WindowsFirewall::enableInterface(int vpnAdapterIndex) {
    }                                                                     \
  }
-  logger.info() << "Enabling firewall Using Adapter:" << vpnAdapterIndex;
+  logger.info() << "Enabling Killswitch Using Adapter:" << vpnAdapterIndex;
  if (vpnAdapterIndex < 0)
  {
    IPAddress allv4("0.0.0.0/0");
    if (!blockTrafficTo(allv4, MED_WEIGHT,
                        "Block Internet", "killswitch")) {
        return false;
    }
    IPAddress allv6("::/0");
    if (!blockTrafficTo(allv6, MED_WEIGHT,
                        "Block Internet", "killswitch")) {
      return false;
    }
  } else
  FW_OK(allowTrafficOfAdapter(vpnAdapterIndex, MED_WEIGHT,
-                              "Allow usage of VPN Adapter"));
+                                  "Allow usage of VPN Adapter"));
  FW_OK(allowDHCPTraffic(MED_WEIGHT, "Allow DHCP Traffic"));
-  FW_OK(allowHyperVTraffic(MED_WEIGHT, "Allow Hyper-V Traffic"));
+  FW_OK(allowHyperVTraffic(MAX_WEIGHT, "Allow Hyper-V Traffic"));
  FW_OK(allowTrafficForAppOnAll(getCurrentPath(), MAX_WEIGHT,
                                "Allow all for AmneziaVPN.exe"));
  FW_OK(blockTrafficOnPort(53, MED_WEIGHT, "Block all DNS"));
-  FW_OK(
+  FW_OK(allowLoopbackTraffic(MED_WEIGHT,
-      allowLoopbackTraffic(MED_WEIGHT, "Allow Loopback traffic on device %1"));
+                             "Allow Loopback traffic on device %1"));
  logger.debug() << "Killswitch on! Rules:" << m_activeRules.length();
  return true;
@@ -226,6 +241,37 @@ bool WindowsFirewall::enableLanBypass(const QList<IPAddress>& ranges) {
  return true;
 }
 // Allow unprotected traffic sent to the following address ranges.
 bool WindowsFirewall::allowTrafficRange(const QStringList& ranges) {
  // Start the firewall transaction
  auto result = FwpmTransactionBegin(m_sessionHandle, NULL);
  if (result != ERROR_SUCCESS) {
    disableKillSwitch();
    return false;
  }
  auto cleanup = qScopeGuard([&] {
      FwpmTransactionAbort0(m_sessionHandle);
      disableKillSwitch();
  });
  for (const QString& addr : ranges) {
    logger.debug() << "Allow killswitch exclude: " << addr;
    if (!allowTrafficTo(QHostAddress(addr), LOW_WEIGHT + 1, "Allow killswitch bypass traffic")) {
      return false;
    }
  }
  result = FwpmTransactionCommit0(m_sessionHandle);
  if (result != ERROR_SUCCESS) {
    logger.error() << "FwpmTransactionCommit0 failed with error:" << result;
    return false;
  }
  cleanup.dismiss();
  return true;
 }
 bool WindowsFirewall::enablePeerTraffic(const InterfaceConfig& config) {
  // Start the firewall transaction
  auto result = FwpmTransactionBegin(m_sessionHandle, NULL);
@@ -262,12 +308,20 @@ bool WindowsFirewall::enablePeerTraffic(const InterfaceConfig& config) {
    }
  }
  for (const QString& dns : config.m_allowedDnsServers) {
    logger.debug() << "Allow DNS: " << dns;
    if (!allowTrafficTo(QHostAddress(dns), 53, HIGH_WEIGHT,
                        "Allow DNS-Server", config.m_serverPublicKey)) {
      return false;
    }
  }
  if (!config.m_excludedAddresses.empty()) {
    for (const QString& i : config.m_excludedAddresses) {
      logger.debug() << "excludedAddresses range: " << i;
      if (!allowTrafficTo(i, HIGH_WEIGHT,
-                               "Allow Ecxlude route", config.m_serverPublicKey)) {
+                          "Allow Ecxlude route", config.m_serverPublicKey)) {
        return false;
      }
    }
@@ -313,37 +367,41 @@ bool WindowsFirewall::disablePeerTraffic(const QString& pubkey) {
 }
 bool WindowsFirewall::disableKillSwitch() {
-  auto result = FwpmTransactionBegin(m_sessionHandle, NULL);
+  return KillSwitch::instance()->disableKillSwitch();
-  auto cleanup = qScopeGuard([&] {
+}
 bool WindowsFirewall::allowAllTraffic() {
    auto result = FwpmTransactionBegin(m_sessionHandle, NULL);
    auto cleanup = qScopeGuard([&] {
        if (result != ERROR_SUCCESS) {
            FwpmTransactionAbort0(m_sessionHandle);
        }
    });
    if (result != ERROR_SUCCESS) {
-      FwpmTransactionAbort0(m_sessionHandle);
+      logger.error() << "FwpmTransactionBegin0 failed. Return value:.\n"
                     << result;
      return false;
    }
  });
  if (result != ERROR_SUCCESS) {
    logger.error() << "FwpmTransactionBegin0 failed. Return value:.\n"
                   << result;
    return false;
  }
-  for (const auto& filterID : m_peerRules.values()) {
+    for (const auto& filterID : m_peerRules.values()) {
-    FwpmFilterDeleteById0(m_sessionHandle, filterID);
+      FwpmFilterDeleteById0(m_sessionHandle, filterID);
-  }
+    }
-  for (const auto& filterID : qAsConst(m_activeRules)) {
+    for (const auto& filterID : qAsConst(m_activeRules)) {
-    FwpmFilterDeleteById0(m_sessionHandle, filterID);
+      FwpmFilterDeleteById0(m_sessionHandle, filterID);
-  }
+    }
-  // Commit!
+           // Commit!
-  result = FwpmTransactionCommit0(m_sessionHandle);
+    result = FwpmTransactionCommit0(m_sessionHandle);
-  if (result != ERROR_SUCCESS) {
+    if (result != ERROR_SUCCESS) {
-    logger.error() << "FwpmTransactionCommit0 failed. Return value:.\n"
+      logger.error() << "FwpmTransactionCommit0 failed. Return value:.\n"
-                   << result;
+                     << result;
-    return false;
+      return false;
-  }
+    }
-  m_peerRules.clear();
+    m_peerRules.clear();
-  m_activeRules.clear();
+    m_activeRules.clear();
-  logger.debug() << "Firewall Disabled!";
+    logger.debug() << "Firewall Disabled!";
-  return true;
+    return true;
 }
 bool WindowsFirewall::allowTrafficForAppOnAll(const QString& exePath,
@@ -43,6 +43,8 @@ class WindowsFirewall final : public QObject {
  bool enablePeerTraffic(const InterfaceConfig& config);
  bool disablePeerTraffic(const QString& pubkey);
  bool disableKillSwitch();
  bool allowAllTraffic();
  bool allowTrafficRange(const QStringList& ranges);
 private:
  static bool initSublayer();
@@ -171,6 +171,11 @@ ErrorCode OpenVpnProtocol::start()
        return lastError();
    }
 #if defined(Q_OS_LINUX) || defined(Q_OS_MACOS)
    IpcClient::Interface()->addKillSwitchAllowedRange(QStringList(NetworkUtilities::getIPAddress(
            m_configData.value(amnezia::config_key::hostName).toString())));
 #endif
    // Detect default gateway
 #ifdef Q_OS_MAC
    QProcess p;
@@ -95,6 +95,8 @@ namespace amnezia
        constexpr char splitTunnelApps[] = "splitTunnelApps";
        constexpr char appSplitTunnelType[] = "appSplitTunnelType";
        constexpr char allowedDnsServers[] = "allowedDnsServers";
        constexpr char killSwitchOption[] = "killSwitchOption";
        constexpr char crc[] = "crc";
@@ -129,6 +129,7 @@
        <file>ui/qml/Components/SettingsContainersListView.qml</file>
        <file>ui/qml/Components/ShareConnectionDrawer.qml</file>
        <file>ui/qml/Components/TransportProtoSelector.qml</file>
        <file>ui/qml/Components/AddSitePanel.qml</file>
        <file>ui/qml/Config/GlobalConfig.qml</file>
        <file>ui/qml/Config/qmldir</file>
        <file>ui/qml/Controls2/BackButtonType.qml</file>
@@ -143,7 +144,9 @@
        <file>ui/qml/Controls2/DropDownType.qml</file>
        <file>ui/qml/Controls2/FlickableType.qml</file>
        <file>ui/qml/Controls2/Header2Type.qml</file>
-        <file>ui/qml/Controls2/HeaderType.qml</file>
+        <file>ui/qml/Controls2/BaseHeaderType.qml</file>
        <file>ui/qml/Controls2/HeaderTypeWithButton.qml</file>
        <file>ui/qml/Controls2/HeaderTypeWithSwitcher.qml</file>
        <file>ui/qml/Controls2/HorizontalRadioButton.qml</file>
        <file>ui/qml/Controls2/ImageButtonType.qml</file>
        <file>ui/qml/Controls2/LabelWithButtonType.qml</file>
@@ -199,6 +202,8 @@
        <file>ui/qml/Pages2/PageSettingsBackup.qml</file>
        <file>ui/qml/Pages2/PageSettingsConnection.qml</file>
        <file>ui/qml/Pages2/PageSettingsDns.qml</file>
        <file>ui/qml/Pages2/PageSettingsKillSwitch.qml</file>
        <file>ui/qml/Pages2/PageSettingsKillSwitchExceptions.qml</file>
        <file>ui/qml/Pages2/PageSettingsLogging.qml</file>
        <file>ui/qml/Pages2/PageSettingsServerData.qml</file>
        <file>ui/qml/Pages2/PageSettingsServerInfo.qml</file>
@@ -1,7 +1,7 @@
 #include "secure_qsettings.h"
-#include "QAead.h"
+#include "../client/3rd/QSimpleCrypto/src/include/QAead.h"
-#include "QBlockCipher.h"
+#include "../client/3rd/QSimpleCrypto/src/include/QBlockCipher.h"
 #include "utilities.h"
 #include <QDataStream>
 #include <QDebug>
@@ -6,7 +6,7 @@
 #include <QObject>
 #include <QSettings>
-#include "keychain.h"
+#include "../client/3rd/qtkeychain/qtkeychain/keychain.h"
 class SecureQSettings : public QObject
 {
@@ -1,2 +1,13 @@
-CUR_USER=$(whoami);\
+if which apt-get > /dev/null 2>&1; then pm=$(which apt-get); opt="--version";\
-groups $CUR_USER
+elif which dnf > /dev/null 2>&1; then pm=$(which dnf); opt="--version";\
 elif which yum > /dev/null 2>&1; then pm=$(which yum); opt="--version";\
 elif which pacman > /dev/null 2>&1; then pm=$(which pacman); opt="--version";\
 else pm="uname"; opt="-a";\
 fi;\
 CUR_USER=$(whoami 2>/dev/null || echo $HOME | sed 's/.*\///');\
 echo $LANG | grep -qE '^(en_US.UTF-8|C.UTF-8|C)$' || export LC_ALL=C;\
 sudo -K;\
 cd ~;\
 if [ "$CUR_USER" = "root" ] || ( groups "$CUR_USER" | grep -E '\<(sudo|wheel)\>' ); then \
  sudo -nu $CUR_USER $pm $opt > /dev/null; sudo -n $pm $opt > /dev/null;\
 fi
@@ -1,4 +1,4 @@
-CUR_USER=$(whoami);\
+CUR_USER=$(whoami 2>/dev/null || echo $HOME | sed 's/.*\///');\
 sudo mkdir -p $DOCKERFILE_FOLDER;\
 sudo chown $CUR_USER $DOCKERFILE_FOLDER;\
 if ! sudo docker network ls | grep -q amnezia-dns-net; then sudo docker network create \
@@ -443,6 +443,16 @@ void Settings::setKillSwitchEnabled(bool enabled)
    setValue("Conf/killSwitchEnabled", enabled);
 }
 bool Settings::isStrictKillSwitchEnabled() const
 {
    return value("Conf/strictKillSwitchEnabled", false).toBool();
 }
 void Settings::setStrictKillSwitchEnabled(bool enabled)
 {
    setValue("Conf/strictKillSwitchEnabled", enabled);
 }
 QString Settings::getInstallationUuid(const bool needCreate)
 {
    auto uuid = value("Conf/installationUuid", "").toString();
@@ -548,3 +558,13 @@ void Settings::disableHomeAdLabel()
 {
    setValue("Conf/homeAdLabelVisible", false);
 }
 QStringList Settings::allowedDnsServers() const
 {
    return value("Conf/allowedDnsServers").toStringList();
 }
 void Settings::setAllowedDnsServers(const QStringList &servers)
 {
    setValue("Conf/allowedDnsServers", servers);
 }
@@ -213,6 +213,10 @@ public:
    bool isKillSwitchEnabled() const;
    void setKillSwitchEnabled(bool enabled);
    bool isStrictKillSwitchEnabled() const;
    void setStrictKillSwitchEnabled(bool enabled);
    QString getInstallationUuid(const bool needCreate);
    void resetGatewayEndpoint();
@@ -225,6 +229,9 @@ public:
    bool isHomeAdLabelVisible();
    void disableHomeAdLabel();
    QStringList allowedDnsServers() const;
    void setAllowedDnsServers(const QStringList &servers);
 signals:
    void saveLogsChanged(bool enabled);
    void screenshotsEnabledChanged(bool enabled);
@@ -0,0 +1,101 @@
 #include "allowedDnsController.h"
 #include <QFile>
 #include <QStandardPaths>
 #include <QJsonDocument>
 #include <QJsonArray>
 #include <QJsonObject>
 #include "systemController.h"
 #include "core/networkUtilities.h"
 #include "core/defs.h"
 AllowedDnsController::AllowedDnsController(const std::shared_ptr<Settings> &settings,
                                           const QSharedPointer<AllowedDnsModel> &allowedDnsModel,
                                           QObject *parent)
    : QObject(parent), m_settings(settings), m_allowedDnsModel(allowedDnsModel)
 {
 }
 void AllowedDnsController::addDns(QString ip)
 {
    if (ip.isEmpty()) {
        return;
    }
    if (!NetworkUtilities::ipAddressRegExp().match(ip).hasMatch()) {
        emit errorOccurred(tr("The address does not look like a valid IP address"));
        return;
    }
    if (m_allowedDnsModel->addDns(ip)) {
        emit finished(tr("New DNS server added: %1").arg(ip));
    } else {
        emit errorOccurred(tr("DNS server already exists: %1").arg(ip));
    }
 }
 void AllowedDnsController::removeDns(int index)
 {
    auto modelIndex = m_allowedDnsModel->index(index);
    auto ip = m_allowedDnsModel->data(modelIndex, AllowedDnsModel::Roles::IpRole).toString();
    m_allowedDnsModel->removeDns(modelIndex);
    emit finished(tr("DNS server removed: %1").arg(ip));
 }
 void AllowedDnsController::importDns(const QString &fileName, bool replaceExisting)
 {
    QByteArray jsonData;
    if (!SystemController::readFile(fileName, jsonData)) {
        emit errorOccurred(tr("Can't open file: %1").arg(fileName));
        return;
    }
    QJsonDocument jsonDocument = QJsonDocument::fromJson(jsonData);
    if (jsonDocument.isNull()) {
        emit errorOccurred(tr("Failed to parse JSON data from file: %1").arg(fileName));
        return;
    }
    if (!jsonDocument.isArray()) {
        emit errorOccurred(tr("The JSON data is not an array in file: %1").arg(fileName));
        return;
    }
    auto jsonArray = jsonDocument.array();
    QStringList dnsServers;
    for (auto jsonValue : jsonArray) {
        auto ip = jsonValue.toString();
        if (!NetworkUtilities::ipAddressRegExp().match(ip).hasMatch()) {
            qDebug() << ip << " is not a valid IP address";
            continue;
        }
        dnsServers.append(ip);
    }
    m_allowedDnsModel->addDnsList(dnsServers, replaceExisting);
    emit finished(tr("Import completed"));
 }
 void AllowedDnsController::exportDns(const QString &fileName)
 {
    auto dnsServers = m_allowedDnsModel->getCurrentDnsServers();
    QJsonArray jsonArray;
    for (const auto &ip : dnsServers) {
        jsonArray.append(ip);
    }
    QJsonDocument jsonDocument(jsonArray);
    QByteArray jsonData = jsonDocument.toJson();
    SystemController::saveFile(fileName, jsonData);
    emit finished(tr("Export completed"));
 } 
@@ -0,0 +1,35 @@
 #ifndef ALLOWEDDNSCONTROLLER_H
 #define ALLOWEDDNSCONTROLLER_H
 #include <QObject>
 #include "settings.h"
 #include "ui/models/allowed_dns_model.h"
 class AllowedDnsController : public QObject
 {
    Q_OBJECT
 public:
    explicit AllowedDnsController(const std::shared_ptr<Settings> &settings,
                                  const QSharedPointer<AllowedDnsModel> &allowedDnsModel,
                                  QObject *parent = nullptr);
 public slots:
    void addDns(QString ip);
    void removeDns(int index);
    void importDns(const QString &fileName, bool replaceExisting);
    void exportDns(const QString &fileName);
 signals:
    void errorOccurred(const QString &errorMessage);
    void finished(const QString &message);
    void saveFile(const QString &fileName, const QString &data);
 private:
    std::shared_ptr<Settings> m_settings;
    QSharedPointer<AllowedDnsModel> m_allowedDnsModel;
 };
 #endif // ALLOWEDDNSCONTROLLER_H 
@@ -19,7 +19,7 @@ namespace
        constexpr char cloak[] = "cloak";
        constexpr char awg[] = "awg";
-        constexpr char apiEdnpoint[] = "api_endpoint";
+        constexpr char apiEndpoint[] = "api_endpoint";
        constexpr char accessToken[] = "api_key";
        constexpr char certificate[] = "certificate";
        constexpr char publicKey[] = "public_key";
@@ -251,7 +251,6 @@ bool ApiConfigsController::updateServiceFromGateway(const int serverIndex, const
        newServerConfig.insert(configKey::apiConfig, newApiConfig);
        newServerConfig.insert(configKey::authData, authData);
        // newServerConfig.insert(
        m_serversModel->editServer(newServerConfig, serverIndex);
        if (reloadServiceConfig) {
@@ -270,54 +269,37 @@ bool ApiConfigsController::updateServiceFromGateway(const int serverIndex, const
 bool ApiConfigsController::updateServiceFromTelegram(const int serverIndex)
 {
    auto serverConfig = m_serversModel->getServerConfig(serverIndex);
    auto installationUuid = m_settings->getInstallationUuid(true);
 #ifdef Q_OS_IOS
    IosController::Instance()->requestInetAccess();
    QThread::msleep(10);
 #endif
-    if (serverConfig.value(config_key::configVersion).toInt()) {
+    GatewayController gatewayController(m_settings->getGatewayEndpoint(), m_settings->isDevGatewayEnv(), apiDefs::requestTimeoutMsecs);
        QNetworkRequest request;
        request.setTransferTimeout(apiDefs::requestTimeoutMsecs);
        request.setHeader(QNetworkRequest::ContentTypeHeader, "application/json");
        request.setRawHeader("Authorization", "Api-Key " + serverConfig.value(configKey::accessToken).toString().toUtf8());
        QString endpoint = serverConfig.value(configKey::apiEdnpoint).toString();
        request.setUrl(endpoint);
-        QString protocol = serverConfig.value(configKey::protocol).toString();
+    auto serverConfig = m_serversModel->getServerConfig(serverIndex);
    auto installationUuid = m_settings->getInstallationUuid(true);
-        ApiPayloadData apiPayloadData = generateApiPayloadData(protocol);
+    QString serviceProtocol = serverConfig.value(configKey::protocol).toString();
    ApiPayloadData apiPayloadData = generateApiPayloadData(serviceProtocol);
-        QJsonObject apiPayload = fillApiPayload(protocol, apiPayloadData);
+    QJsonObject apiPayload = fillApiPayload(serviceProtocol, apiPayloadData);
-        apiPayload[configKey::uuid] = installationUuid;
+    apiPayload[configKey::uuid] = installationUuid;
    apiPayload[configKey::accessToken] = serverConfig.value(configKey::accessToken).toString();
    apiPayload[configKey::apiEndpoint] = serverConfig.value(configKey::apiEndpoint).toString();
-        QByteArray requestBody = QJsonDocument(apiPayload).toJson();
+    QByteArray responseBody;
    ErrorCode errorCode = gatewayController.post(QString("%1v1/proxy_config"), apiPayload, responseBody);
-        QNetworkReply *reply = amnApp->networkManager()->post(request, requestBody);
+    if (errorCode == ErrorCode::NoError) {
        fillServerConfig(serviceProtocol, apiPayloadData, responseBody, serverConfig);
        QEventLoop wait;
        connect(reply, &QNetworkReply::finished, &wait, &QEventLoop::quit);
        QList<QSslError> sslErrors;
        connect(reply, &QNetworkReply::sslErrors, [this, &sslErrors](const QList<QSslError> &errors) { sslErrors = errors; });
        wait.exec();
        auto errorCode = apiUtils::checkNetworkReplyErrors(sslErrors, reply);
        if (errorCode != ErrorCode::NoError) {
            reply->deleteLater();
            emit errorOccurred(errorCode);
            return false;
        }
        auto apiResponseBody = reply->readAll();
        reply->deleteLater();
        fillServerConfig(protocol, apiPayloadData, apiResponseBody, serverConfig);
        m_serversModel->editServer(serverConfig, serverIndex);
        emit updateServerFromApiFinished();
        return true;
    } else {
        emit errorOccurred(errorCode);
        return false;
    }
    return true;
 }
 bool ApiConfigsController::deactivateDevice()
@@ -328,7 +310,7 @@ bool ApiConfigsController::deactivateDevice()
    auto serverConfigObject = m_serversModel->getServerConfig(serverIndex);
    auto apiConfigObject = serverConfigObject.value(configKey::apiConfig).toObject();
-    if (apiUtils::getConfigType(serverConfigObject) != apiDefs::ConfigType::AmneziaPremiumV2) {
+    if (!apiUtils::isPremiumServer(serverConfigObject)) {
        return true;
    }
@@ -363,7 +345,7 @@ bool ApiConfigsController::deactivateExternalDevice(const QString &uuid, const Q
    auto serverConfigObject = m_serversModel->getServerConfig(serverIndex);
    auto apiConfigObject = serverConfigObject.value(configKey::apiConfig).toObject();
-    if (apiUtils::getConfigType(serverConfigObject) != apiDefs::ConfigType::AmneziaPremiumV2) {
+    if (!apiUtils::isPremiumServer(serverConfigObject)) {
        return true;
    }
@@ -62,7 +62,7 @@ bool ApiSettingsController::getAccountInfo(bool reload)
    QByteArray responseBody;
-    if (apiUtils::getConfigType(serverConfig) == apiDefs::ConfigType::AmneziaPremiumV2) {
+    if (apiUtils::isPremiumServer(serverConfig)) {
        ErrorCode errorCode = gatewayController.post(QString("%1v1/account_info"), apiPayload, responseBody);
        if (errorCode != ErrorCode::NoError) {
            emit errorOccurred(errorCode);
@@ -27,8 +27,6 @@ namespace
    ConfigTypes checkConfigFormat(const QString &config)
    {
        const QString openVpnConfigPatternCli = "client";
        const QString openVpnConfigPatternProto1 = "proto tcp";
        const QString openVpnConfigPatternProto2 = "proto udp";
        const QString openVpnConfigPatternDriver1 = "dev tun";
        const QString openVpnConfigPatternDriver2 = "dev tap";
@@ -53,14 +51,13 @@ namespace
                   || (config.contains(amneziaConfigPatternHostName) && config.contains(amneziaConfigPatternUserName)
                       && config.contains(amneziaConfigPatternPassword))) {
            return ConfigTypes::Amnezia;
        } else if (config.contains(openVpnConfigPatternCli)
                   && (config.contains(openVpnConfigPatternProto1) || config.contains(openVpnConfigPatternProto2))
                   && (config.contains(openVpnConfigPatternDriver1) || config.contains(openVpnConfigPatternDriver2))) {
            return ConfigTypes::OpenVpn;
        } else if (config.contains(wireguardConfigPatternSectionInterface) && config.contains(wireguardConfigPatternSectionPeer)) {
            return ConfigTypes::WireGuard;
        } else if ((config.contains(xrayConfigPatternInbound)) && (config.contains(xrayConfigPatternOutbound))) {
            return ConfigTypes::Xray;
        } else if (config.contains(openVpnConfigPatternCli)
                   && (config.contains(openVpnConfigPatternDriver1) || config.contains(openVpnConfigPatternDriver2))) {
            return ConfigTypes::OpenVpn;
        }
        return ConfigTypes::Invalid;
    }
@@ -97,6 +94,8 @@ bool ImportController::extractConfigFromFile(const QString &fileName)
 bool ImportController::extractConfigFromData(QString data)
 {
    m_maliciousWarningText.clear();
    QString config = data;
    QString prefix;
    QString errormsg;
@@ -345,7 +344,7 @@ QJsonObject ImportController::extractOpenVpnConfig(const QString &data)
    arr.push_back(containers);
    QString hostName;
-    const static QRegularExpression hostNameRegExp("remote (.*) [0-9]*");
+    const static QRegularExpression hostNameRegExp("remote\\s+([^\\s]+)");
    QRegularExpressionMatch hostNameMatch = hostNameRegExp.match(data);
    if (hostNameMatch.hasMatch()) {
        hostName = hostNameMatch.captured(1);
@@ -661,6 +660,7 @@ void ImportController::checkForMaliciousStrings(const QJsonObject &serverConfig)
        if ((containerName == ContainerProps::containerToString(DockerContainer::OpenVpn))
            || (containerName == ContainerProps::containerToString(DockerContainer::Cloak))
            || (containerName == ContainerProps::containerToString(DockerContainer::ShadowSocks))) {
            QString protocolConfig =
                    containerConfig[ProtocolProps::protoToString(Proto::OpenVpn)].toObject()[config_key::last_config].toString();
            QString protocolConfigJson = QJsonDocument::fromJson(protocolConfig.toUtf8()).object()[config_key::config].toString();
@@ -682,8 +682,11 @@ void ImportController::checkForMaliciousStrings(const QJsonObject &serverConfig)
                }
            }
            m_maliciousWarningText = tr("This configuration contains an OpenVPN setup. OpenVPN configurations can include malicious "
                                        "scripts, so only add it if you fully trust the provider of this config. ");
            if (maliciousStrings.size() >= dangerousTagsMaxCount) {
-                m_maliciousWarningText = tr("In the imported configuration, potentially dangerous lines were found:");
+                m_maliciousWarningText.push_back(tr("<br>In the imported configuration, potentially dangerous lines were found:"));
                for (const auto &string : maliciousStrings) {
                    m_maliciousWarningText.push_back(QString("<br><i>%1</i>").arg(string));
                }
@@ -31,13 +31,15 @@ namespace PageLoader
        PageSettingsLogging,
        PageSettingsSplitTunneling,
        PageSettingsAppSplitTunneling,
        PageSettingsKillSwitch,
        PageSettingsApiServerInfo,
        PageSettingsApiAvailableCountries,
        PageSettingsApiSupport,
        PageSettingsApiInstructions,
        PageSettingsApiNativeConfigs,
        PageSettingsApiDevices,
-
+        PageSettingsKillSwitchExceptions,
        PageServiceSftpSettings,
        PageServiceTorWebsiteSettings,
        PageServiceDnsSettings,
@@ -245,6 +245,23 @@ bool SettingsController::isKillSwitchEnabled()
 void SettingsController::toggleKillSwitch(bool enable)
 {
    m_settings->setKillSwitchEnabled(enable);
    emit killSwitchEnabledChanged();
    if (enable == false) {
        emit strictKillSwitchEnabledChanged(false);
    } else {
        emit strictKillSwitchEnabledChanged(isStrictKillSwitchEnabled());
    }
 }
 bool SettingsController::isStrictKillSwitchEnabled()
 {
    return m_settings->isStrictKillSwitchEnabled();
 }
 void SettingsController::toggleStrictKillSwitch(bool enable)
 {
    m_settings->setStrictKillSwitchEnabled(enable);
    emit strictKillSwitchEnabledChanged(enable);
 }
 bool SettingsController::isNotificationPermissionGranted()
@@ -24,6 +24,8 @@ public:
    Q_PROPERTY(QString secondaryDns READ getSecondaryDns WRITE setSecondaryDns NOTIFY secondaryDnsChanged)
    Q_PROPERTY(bool isLoggingEnabled READ isLoggingEnabled WRITE toggleLogging NOTIFY loggingStateChanged)
    Q_PROPERTY(bool isNotificationPermissionGranted READ isNotificationPermissionGranted NOTIFY onNotificationStateChanged)
    Q_PROPERTY(bool isKillSwitchEnabled READ isKillSwitchEnabled WRITE toggleKillSwitch NOTIFY killSwitchEnabledChanged)
    Q_PROPERTY(bool strictKillSwitchEnabled READ isStrictKillSwitchEnabled WRITE toggleStrictKillSwitch NOTIFY strictKillSwitchEnabledChanged)
    Q_PROPERTY(bool isDevModeEnabled READ isDevModeEnabled NOTIFY devModeEnabled)
    Q_PROPERTY(QString gatewayEndpoint READ getGatewayEndpoint WRITE setGatewayEndpoint NOTIFY gatewayEndpointChanged)
@@ -75,6 +77,9 @@ public slots:
    bool isKillSwitchEnabled();
    void toggleKillSwitch(bool enable);
    bool isStrictKillSwitchEnabled();
    void toggleStrictKillSwitch(bool enable);
    bool isNotificationPermissionGranted();
    void requestNotificationPermission();
@@ -98,6 +103,8 @@ signals:
    void primaryDnsChanged();
    void secondaryDnsChanged();
    void loggingStateChanged();
    void killSwitchEnabledChanged();
    void strictKillSwitchEnabledChanged(bool enabled);
    void restoreBackupFinished();
    void changeSettingsFinished(const QString &finishedMessage);
@@ -44,7 +44,6 @@ void SitesController::addSite(QString hostname)
            QMetaObject::invokeMethod(m_vpnConnection.get(), "addRoutes", Qt::QueuedConnection,
                                      Q_ARG(QStringList, QStringList() << hostname));
        }
        QMetaObject::invokeMethod(m_vpnConnection.get(), "flushDns", Qt::QueuedConnection);
    };
    const auto &resolveCallback = [this, processSite](const QHostInfo &hostInfo) {
@@ -75,7 +74,6 @@ void SitesController::removeSite(int index)
    QMetaObject::invokeMethod(m_vpnConnection.get(), "deleteRoutes", Qt::QueuedConnection,
                              Q_ARG(QStringList, QStringList() << hostname));
    QMetaObject::invokeMethod(m_vpnConnection.get(), "flushDns", Qt::QueuedConnection);
    emit finished(tr("Site removed: %1").arg(hostname));
 }
@@ -124,7 +122,6 @@ void SitesController::importSites(const QString &fileName, bool replaceExisting)
    m_sitesModel->addSites(sites, replaceExisting);
    QMetaObject::invokeMethod(m_vpnConnection.get(), "addRoutes", Qt::QueuedConnection, Q_ARG(QStringList, ips));
    QMetaObject::invokeMethod(m_vpnConnection.get(), "flushDns", Qt::QueuedConnection);
    emit finished(tr("Import completed"));
 }
@@ -0,0 +1,86 @@
 #include "allowed_dns_model.h"
 AllowedDnsModel::AllowedDnsModel(std::shared_ptr<Settings> settings, QObject *parent)
    : QAbstractListModel(parent), m_settings(settings)
 {
    fillDnsServers();
 }
 int AllowedDnsModel::rowCount(const QModelIndex &parent) const
 {
    Q_UNUSED(parent)
    return m_dnsServers.size();
 }
 QVariant AllowedDnsModel::data(const QModelIndex &index, int role) const
 {
    if (!index.isValid() || index.row() < 0 || index.row() >= static_cast<int>(rowCount()))
        return QVariant();
    switch (role) {
    case IpRole:
        return m_dnsServers.at(index.row());
    default:
        return QVariant();
    }
 }
 bool AllowedDnsModel::addDns(const QString &ip)
 {
    if (m_dnsServers.contains(ip)) {
        return false;
    }
    beginInsertRows(QModelIndex(), rowCount(), rowCount());
    m_dnsServers.append(ip);
    m_settings->setAllowedDnsServers(m_dnsServers);
    endInsertRows();
    return true;
 }
 void AllowedDnsModel::addDnsList(const QStringList &dnsServers, bool replaceExisting)
 {
    beginResetModel();
    if (replaceExisting) {
        m_dnsServers.clear();
    }
    for (const QString &ip : dnsServers) {
        if (!m_dnsServers.contains(ip)) {
            m_dnsServers.append(ip);
        }
    }
    m_settings->setAllowedDnsServers(m_dnsServers);
    endResetModel();
 }
 void AllowedDnsModel::removeDns(QModelIndex index)
 {
    if (!index.isValid() || index.row() >= m_dnsServers.size()) {
        return;
    }
    beginRemoveRows(QModelIndex(), index.row(), index.row());
    m_dnsServers.removeAt(index.row());
    m_settings->setAllowedDnsServers(m_dnsServers);
    endRemoveRows();
 }
 QStringList AllowedDnsModel::getCurrentDnsServers()
 {
    return m_dnsServers;
 }
 QHash<int, QByteArray> AllowedDnsModel::roleNames() const
 {
    QHash<int, QByteArray> roles;
    roles[IpRole] = "ip";
    return roles;
 }
 void AllowedDnsModel::fillDnsServers()
 {
    m_dnsServers = m_settings->allowedDnsServers();
 }
@@ -0,0 +1,37 @@
 #ifndef ALLOWEDDNSMODEL_H
 #define ALLOWEDDNSMODEL_H
 #include <QAbstractListModel>
 #include "settings.h"
 class AllowedDnsModel : public QAbstractListModel
 {
    Q_OBJECT
 public:
    enum Roles {
        IpRole = Qt::UserRole + 1
    };
    explicit AllowedDnsModel(std::shared_ptr<Settings> settings, QObject *parent = nullptr);
    int rowCount(const QModelIndex &parent = QModelIndex()) const override;
    QVariant data(const QModelIndex &index, int role = Qt::DisplayRole) const override;
 public slots:
    bool addDns(const QString &ip);
    void addDnsList(const QStringList &dnsServers, bool replaceExisting);
    void removeDns(QModelIndex index);
    QStringList getCurrentDnsServers();
 protected:
    QHash<int, QByteArray> roleNames() const override;
 private:
    void fillDnsServers();
    std::shared_ptr<Settings> m_settings;
    QStringList m_dnsServers;
 };
 #endif // ALLOWEDDNSMODEL_H
@@ -48,15 +48,19 @@ QVariant ApiAccountInfoModel::data(const QModelIndex &index, int role) const
    }
    case ServiceDescriptionRole: {
        if (m_accountInfoData.configType == apiDefs::ConfigType::AmneziaPremiumV2) {
-            return tr("Classic VPN for seamless work, downloading large files, and watching videos. Access all websites and online resources. "
+            return tr("Classic VPN for seamless work, downloading large files, and watching videos. Access all websites and online "
                      "resources. "
                      "Speeds up to 200 Mbps");
        } else if (m_accountInfoData.configType == apiDefs::ConfigType::AmneziaFreeV3) {
            return tr("Free unlimited access to a basic set of websites such as Facebook, Instagram, Twitter (X), Discord, Telegram and "
                      "more. YouTube is not included in the free plan.");
        } else {
            return "";
        }
    }
    case IsComponentVisibleRole: {
-        return m_accountInfoData.configType == apiDefs::ConfigType::AmneziaPremiumV2;
+        return m_accountInfoData.configType == apiDefs::ConfigType::AmneziaPremiumV2
                || m_accountInfoData.configType == apiDefs::ConfigType::ExternalPremium;
    }
    case HasExpiredWorkerRole: {
        for (int i = 0; i < m_issuedConfigsInfo.size(); i++) {
@@ -93,6 +97,8 @@ void ApiAccountInfoModel::updateModel(const QJsonObject &accountInfoObject, cons
    m_accountInfoData = accountInfoData;
    m_supportInfo = accountInfoObject.value(apiDefs::key::supportInfo).toObject();
    endResetModel();
 }
@@ -121,12 +127,27 @@ QJsonArray ApiAccountInfoModel::getIssuedConfigsInfo()
 QString ApiAccountInfoModel::getTelegramBotLink()
 {
-    if (m_accountInfoData.configType == apiDefs::ConfigType::AmneziaFreeV3) {
+    return m_supportInfo.value(apiDefs::key::telegram).toString();
-        return tr("amnezia_free_support_bot");
+}
-    } else if (m_accountInfoData.configType == apiDefs::ConfigType::AmneziaPremiumV2) {
+
-        return tr("amnezia_premium_support_bot");
+QString ApiAccountInfoModel::getEmailLink()
-    }
+{
-    return "";
+    return m_supportInfo.value(apiDefs::key::email).toString();
 }
 QString ApiAccountInfoModel::getBillingEmailLink()
 {
    return m_supportInfo.value(apiDefs::key::billingEmail).toString();
 }
 QString ApiAccountInfoModel::getSiteLink()
 {
    return m_supportInfo.value(apiDefs::key::websiteName).toString();
 }
 QString ApiAccountInfoModel::getFullSiteLink()
 {
    return m_supportInfo.value(apiDefs::key::website).toString();
 }
 QHash<int, QByteArray> ApiAccountInfoModel::roleNames() const
@@ -33,7 +33,12 @@ public slots:
    QJsonArray getAvailableCountries();
    QJsonArray getIssuedConfigsInfo();
    QString getTelegramBotLink();
    QString getEmailLink();
    QString getBillingEmailLink();
    QString getSiteLink();
    QString getFullSiteLink();
 protected:
    QHash<int, QByteArray> roleNames() const override;
@@ -51,6 +56,7 @@ private:
    AccountInfoData m_accountInfoData;
    QJsonArray m_availableCountries;
    QJsonArray m_issuedConfigsInfo;
    QJsonObject m_supportInfo;
 };
 #endif // APIACCOUNTINFOMODEL_H
@@ -65,8 +65,8 @@ QVariant ApiServicesModel::data(const QModelIndex &index, int role) const
    case CardDescriptionRole: {
        auto speed = apiServiceData.serviceInfo.speed;
        if (serviceType == serviceType::amneziaPremium) {
-            return tr("Amnezia Premium is VPN for comfortable work, downloading large files and watching videos in 8K resolution. "
+            return tr("Amnezia Premium is classic VPN for seamless work, downloading large files, and watching videos. "
-                      "Works for any sites with no restrictions. Speed up to %1 MBit/s. Unlimited traffic.")
+                      "Access all websites and online resources. Speeds up to %1 Mbps.")
                    .arg(speed);
        } else if (serviceType == serviceType::amneziaFree) {
            QString description = tr("AmneziaFree provides free unlimited access to a basic set of web sites, such as Facebook, Instagram, Twitter (X), Discord, Telegram, and others. YouTube is not included in the free plan.");
@@ -79,8 +79,8 @@ QVariant ApiServicesModel::data(const QModelIndex &index, int role) const
    }
    case ServiceDescriptionRole: {
        if (serviceType == serviceType::amneziaPremium) {
-            return tr("Amnezia Premium is VPN for comfortable work, downloading large files and watching videos in 8K resolution. "
+            return tr("Amnezia Premium is classic VPN for for seamless work, downloading large files, and watching videos. "
-                      "Works for any sites with no restrictions.");
+                      "Access all websites and online resources.");
        } else {
            return tr("AmneziaFree provides free unlimited access to a basic set of web sites, such as Facebook, Instagram, Twitter (X), Discord, Telegram, and others. YouTube is not included in the free plan.");
        }
@@ -1,13 +1,11 @@
 #include "languageModel.h"
-LanguageModel::LanguageModel(std::shared_ptr<Settings> settings, QObject *parent)
+LanguageModel::LanguageModel(std::shared_ptr<Settings> settings, QObject *parent) : m_settings(settings), QAbstractListModel(parent)
    : m_settings(settings), QAbstractListModel(parent)
 {
    QMetaEnum metaEnum = QMetaEnum::fromType<LanguageSettings::AvailableLanguageEnum>();
    for (int i = 0; i < metaEnum.keyCount(); i++) {
-        m_availableLanguages.push_back(
+        m_availableLanguages.push_back(LanguageModelData { getLocalLanguageName(static_cast<LanguageSettings::AvailableLanguageEnum>(i)),
-            LanguageModelData {getLocalLanguageName(static_cast<LanguageSettings::AvailableLanguageEnum>(i)),
+                                                           static_cast<LanguageSettings::AvailableLanguageEnum>(i) });
                              static_cast<LanguageSettings::AvailableLanguageEnum>(i) });
    }
 }
@@ -50,8 +48,7 @@ QString LanguageModel::getLocalLanguageName(const LanguageSettings::AvailableLan
    case LanguageSettings::AvailableLanguageEnum::Burmese: strLanguage = "မြန်မာဘာသာ"; break;
    case LanguageSettings::AvailableLanguageEnum::Urdu: strLanguage = "اُرْدُوْ"; break;
    case LanguageSettings::AvailableLanguageEnum::Hindi: strLanguage = "हिन्दी"; break;
-    default:
+    default: break;
        break;
    }
    return strLanguage;
@@ -104,11 +101,12 @@ QString LanguageModel::getCurrentLanguageName()
    return m_availableLanguages[getCurrentLanguageIndex()].name;
 }
-QString LanguageModel::getCurrentSiteUrl()
+QString LanguageModel::getCurrentSiteUrl(const QString &path)
 {
    auto language = static_cast<LanguageSettings::AvailableLanguageEnum>(getCurrentLanguageIndex());
    switch (language) {
-    case LanguageSettings::AvailableLanguageEnum::Russian: return "https://storage.googleapis.com/amnezia/amnezia.org";
+    case LanguageSettings::AvailableLanguageEnum::Russian:
-    default: return "https://amnezia.org";
+        return "https://storage.googleapis.com/amnezia/amnezia.org" + (path.isEmpty() ? "" : (QString("?m-path=/%1").arg(path)));
    default: return QString("https://amnezia.org") + (path.isEmpty() ? "" : (QString("/%1").arg(path)));
    }
 }
@@ -59,7 +59,7 @@ public slots:
    int getCurrentLanguageIndex();
    int getLineHeightAppend();
    QString getCurrentLanguageName();
-    QString getCurrentSiteUrl();
+    QString getCurrentSiteUrl(const QString &path = "");
 signals:
    void updateTranslations(const QLocale &locale);
@@ -29,7 +29,7 @@ Rectangle {
        cursorShape: Qt.PointingHandCursor
        onClicked: function() {
-            Qt.openUrlExternally(LanguageModel.getCurrentSiteUrl() + "/premium")
+            Qt.openUrlExternally(LanguageModel.getCurrentSiteUrl("premium"))
        }
    }
@@ -54,7 +54,7 @@ Rectangle {
            Layout.rightMargin: 10
            Layout.leftMargin: 10
-            text: qsTr("Amnezia Premium - for access to any website")
+            text: qsTr("Amnezia Premium - for access to all websites and online resources")
            color: AmneziaStyle.color.pearlGray
            lineHeight: 18
@@ -0,0 +1,73 @@
 import QtQuick
 import QtQuick.Controls
 import QtQuick.Layouts
 import Style 1.0
 import "../Controls2"
 import "../Controls2/TextTypes"
 Item {
    id: root
    property bool enabled: true
    property string placeholderText: ""
    property alias textField: searchField.textField
    signal addClicked(string text)
    signal moreClicked()
    implicitWidth: 360
    implicitHeight: 96
    Rectangle {
        id: background
        anchors.fill: parent
        color: "#0E0F12"
        opacity: 0.85
        z: -1
    }
    RowLayout {
        id: addSiteButton
        enabled: root.enabled
        spacing: 2
        anchors {
            fill: parent
            topMargin: 16
            leftMargin: 16
            rightMargin: 16
            bottomMargin: 24
        }
        TextFieldWithHeaderType {
            id: searchField
            Layout.fillWidth: true
            rightButtonClickedOnEnter: true
            textField.placeholderText: root.placeholderText
            buttonImageSource: "qrc:/images/controls/plus.svg"
            clickedFunc: function() {
                root.addClicked(textField.text)
                textField.text = ""
            }
        }
        ImageButtonType {
            id: addSiteButtonImage
            implicitWidth: 56
            implicitHeight: 56
            image: "qrc:/images/controls/more-vertical.svg"
            imageColor: AmneziaStyle.color.paleGray
            onClicked: root.moreClicked()
            Keys.onReturnPressed: addSiteButtonImage.clicked()
            Keys.onEnterPressed: addSiteButtonImage.clicked()
        }
    }
 } 
@@ -0,0 +1,45 @@
 import QtQuick
 import QtQuick.Layouts
 import Style 1.0
 import "TextTypes"
 Item {
    id: root
    property string headerText
    property int headerTextMaximumLineCount: 2
    property int headerTextElide: Qt.ElideRight
    property string descriptionText
    property alias headerRow: headerRow
    implicitWidth: content.implicitWidth
    implicitHeight: content.implicitHeight
    ColumnLayout {
        id: content
        anchors.fill: parent
        RowLayout {
            id: headerRow
            Header1TextType {
                id: header
                Layout.fillWidth: true
                text: root.headerText
                maximumLineCount: root.headerTextMaximumLineCount
                elide: root.headerTextElide
            }
        }
        ParagraphTextType {
            id: description
            Layout.topMargin: 16
            Layout.fillWidth: true
            text: root.descriptionText
            color: AmneziaStyle.color.mutedGray
            visible: root.descriptionText !== ""
        }
    }
 } 
@@ -1,86 +0,0 @@
 import QtQuick
 import QtQuick.Layouts
 import Style 1.0
 import "TextTypes"
 Item {
    id: root
    property string actionButtonImage
    property var actionButtonFunction
    property alias actionButton: headerActionButton
    property string headerText
    property int headerTextMaximumLineCount: 2
    property int headerTextElide: Qt.ElideRight
    property string descriptionText
    implicitWidth: content.implicitWidth
    implicitHeight: content.implicitHeight
    ColumnLayout {
        id: content
        anchors.fill: parent
        RowLayout {
            Header1TextType {
                id: header
                Layout.fillWidth: true
                text: root.headerText
                maximumLineCount: root.headerTextMaximumLineCount
                elide: root.headerTextElide
            }
            ImageButtonType {
                id: headerActionButton
                implicitWidth: 40
                implicitHeight: 40
                Layout.alignment: Qt.AlignRight
                image: root.actionButtonImage
                imageColor: AmneziaStyle.color.paleGray
                visible: image ? true : false
                onClicked: {
                    if (actionButtonFunction && typeof actionButtonFunction === "function") {
                        actionButtonFunction()
                    }
                }
            }
        }
        ParagraphTextType {
            id: description
            Layout.topMargin: 16
            Layout.fillWidth: true
            text: root.descriptionText
            color: AmneziaStyle.color.mutedGray
            visible: root.descriptionText !== ""
        }
    }
    Keys.onEnterPressed: {
        if (actionButtonFunction && typeof actionButtonFunction === "function") {
            actionButtonFunction()
        }
    }
    Keys.onReturnPressed: {
        if (actionButtonFunction && typeof actionButtonFunction === "function") {
            actionButtonFunction()
        }
    }
 }
@@ -0,0 +1,44 @@
 import QtQuick
 import QtQuick.Layouts
 import Style 1.0
 BaseHeaderType {
    id: root
    property string actionButtonImage
    property var actionButtonFunction
    property alias actionButton: headerActionButton
    Component.onCompleted: {
        headerRow.children.push(headerActionButton)
    }
    ImageButtonType {
        id: headerActionButton
        implicitWidth: 40
        implicitHeight: 40
        Layout.alignment: Qt.AlignRight
        image: root.actionButtonImage
        imageColor: AmneziaStyle.color.paleGray
        visible: image ? true : false
        onClicked: {
            if (actionButtonFunction && typeof actionButtonFunction === "function") {
                actionButtonFunction()
            }
        }
    }
    Keys.onEnterPressed: {
        if (actionButtonFunction && typeof actionButtonFunction === "function") {
            actionButtonFunction()
        }
    }
    Keys.onReturnPressed: {
        if (actionButtonFunction && typeof actionButtonFunction === "function") {
            actionButtonFunction()
        }
    }
 } 
@@ -0,0 +1,28 @@
 import QtQuick
 import QtQuick.Layouts
 import Style 1.0
 BaseHeaderType {
    id: root
    property var switcherFunction
    property bool showSwitcher: false
    property alias switcher: headerSwitcher
    Component.onCompleted: {
        headerRow.children.push(headerSwitcher)
    }
    SwitcherType {
        id: headerSwitcher
        Layout.alignment: Qt.AlignRight
        visible: root.showSwitcher
        onToggled: {
            if (switcherFunction && typeof switcherFunction === "function") {
                switcherFunction(checked)
            }
        }
    }
 } 
@@ -20,7 +20,11 @@ RadioButton {
    property string selectedColor: AmneziaStyle.color.transparent
    property string textColor: AmneziaStyle.color.paleGray
    property string textDisabledColor: AmneziaStyle.color.mutedGray
    property string selectedTextColor: AmneziaStyle.color.goldenApricot
    property string selectedTextDisabledColor: AmneziaStyle.color.burntOrange
    property string descriptionColor: AmneziaStyle.color.mutedGray
    property string descriptionDisabledColor: AmneziaStyle.color.charcoalGray
    property string borderFocusedColor: AmneziaStyle.color.paleGray
    property int borderFocusedWidth: 1
@@ -30,6 +34,12 @@ RadioButton {
    property bool isFocusable: true
    property string radioButtonInnerCirclePressedSource: "qrc:/images/controls/radio-button-inner-circle-pressed.png"
    property string radioButtonInnerCircleSource: "qrc:/images/controls/radio-button-inner-circle.png"
    property string radioButtonPressedSource: "qrc:/images/controls/radio-button-pressed.svg"
    property string radioButtonDefaultSource: "qrc:/images/controls/radio-button.svg"
    Keys.onTabPressed: {
        FocusController.nextKeyTabItem()
    }
@@ -94,14 +104,15 @@ RadioButton {
                if (showImage) {
                    return imageSource
                } else if (root.pressed) {
-                    return "qrc:/images/controls/radio-button-inner-circle-pressed.png"
+                    return root.radioButtonInnerCirclePressedSource
                } else if (root.checked) {
-                    return "qrc:/images/controls/radio-button-inner-circle.png"
+                    return root.radioButtonInnerCircleSource
                }
                return ""
            }
            opacity: root.enabled ? 1.0 : 0.3
            anchors.centerIn: parent
            width: 24
@@ -113,12 +124,13 @@ RadioButton {
                if (showImage) {
                    return ""
                } else if (root.pressed || root.checked) {
-                    return "qrc:/images/controls/radio-button-pressed.svg"
+                    return root.radioButtonPressedSource
                } else {
-                    return "qrc:/images/controls/radio-button.svg"
+                    return root.radioButtonDefaultSource
                }
            }
            opacity: root.enabled ? 1.0 : 0.3
            anchors.centerIn: parent
            width: 24
@@ -148,10 +160,11 @@ RadioButton {
                elide: root.textElide
                color: {
-                    if (root.checked) {
+                    if (root.enabled) {
-                        return selectedTextColor
+                        return root.checked ? selectedTextColor : textColor
                    } else {
                        return root.checked ? selectedTextDisabledColor : textDisabledColor
                    }
                    return textColor
                }
                Layout.fillWidth: true
@@ -164,7 +177,7 @@ RadioButton {
            CaptionTextType {
                id: description
-                color: AmneziaStyle.color.mutedGray
+                color: root.enabled ? root.descriptionColor : root.descriptionDisabledColor
                text: root.descriptionText
                visible: root.descriptionText !== ""
@@ -56,7 +56,7 @@ PageType {
                        anchors.rightMargin: 16
                        anchors.leftMargin: 16
-                        HeaderType {
+                        BaseHeaderType {
                            Layout.fillWidth: true
                            Layout.topMargin: 20
@@ -39,7 +39,7 @@ PageType {
        header: ColumnLayout {
            width: listView.width
-            HeaderType {
+            BaseHeaderType {
                id: header
                Layout.fillWidth: true
@@ -91,7 +91,7 @@ PageType {
                spacing: 0
-                HeaderType {
+                BaseHeaderType {
                    Layout.fillWidth: true
                    headerText: qsTr("AmneziaWG settings")
@@ -91,7 +91,7 @@ PageType {
                spacing: 0
-                HeaderType {
+                BaseHeaderType {
                    Layout.fillWidth: true
                    headerText: qsTr("AmneziaWG settings")
@@ -76,7 +76,7 @@ PageType {
                        spacing: 0
-                        HeaderType {
+                        BaseHeaderType {
                            Layout.fillWidth: true
                            headerText: qsTr("Cloak settings")
@@ -75,7 +75,7 @@ PageType {
                        spacing: 0
-                        HeaderType {
+                        BaseHeaderType {
                            Layout.fillWidth: true
                            headerText: qsTr("OpenVPN settings")
@@ -32,7 +32,7 @@ PageType {
            id: backButton
        }
-        HeaderType {
+        BaseHeaderType {
            Layout.fillWidth: true
            Layout.leftMargin: 16
            Layout.rightMargin: 16
@@ -78,7 +78,7 @@ PageType {
                        spacing: 0
-                        HeaderType {
+                        BaseHeaderType {
                            Layout.fillWidth: true
                            headerText: qsTr("Shadowsocks settings")
@@ -85,7 +85,7 @@ PageType {
                        spacing: 0
-                        HeaderType {
+                        BaseHeaderType {
                            Layout.fillWidth: true
                            headerText: qsTr("WG settings")
@@ -77,7 +77,7 @@ PageType {
                        spacing: 0
-                        HeaderType {
+                        BaseHeaderType {
                            Layout.fillWidth: true
                            headerText: qsTr("WG settings")
                        }
@@ -75,7 +75,7 @@ PageType {
                        spacing: 0
-                        HeaderType {
+                        BaseHeaderType {
                            Layout.fillWidth: true
                            headerText: qsTr("XRay settings")
                        }
@@ -43,7 +43,7 @@ PageType {
            anchors.left: parent.left
            anchors.right: parent.right
-            HeaderType {
+            BaseHeaderType {
                id: header
                Layout.fillWidth: true
@@ -85,7 +85,7 @@ PageType {
                        spacing: 0
-                        HeaderType {
+                        BaseHeaderType {
                            Layout.fillWidth: true
                            Layout.leftMargin: 16
                            Layout.rightMargin: 16
@@ -77,7 +77,7 @@ PageType {
                    spacing: 0
-                    HeaderType {
+                    BaseHeaderType {
                        Layout.fillWidth: true
                        Layout.leftMargin: 16
                        Layout.rightMargin: 16
@@ -217,7 +217,7 @@ PageType {
                                }
                            }
-                            HeaderType {
+                            BaseHeaderType {
                                Layout.fillWidth: true
                                headerText: qsTr("SOCKS5 settings")
@@ -54,7 +54,7 @@ PageType {
            spacing: 0
-            HeaderType {
+            BaseHeaderType {
                Layout.fillWidth: true
                Layout.leftMargin: 16
                Layout.rightMargin: 16
@@ -29,7 +29,7 @@ PageType {
            spacing: 0
-            HeaderType {
+            BaseHeaderType {
                id: header
                Layout.fillWidth: true
                Layout.topMargin: 24
@@ -252,7 +252,7 @@ PageType {
                text: qsTr("Privacy Policy")
                clickedFunc: function() {
-                    Qt.openUrlExternally(LanguageModel.getCurrentSiteUrl() + "/policy")
+                    Qt.openUrlExternally(LanguageModel.getCurrentSiteUrl("policy"))
                }
            }
        }
@@ -69,7 +69,7 @@ PageType {
                Layout.topMargin: 20
            }
-            HeaderType {
+            HeaderTypeWithButton {
                id: headerContent
                objectName: "headerContent"
@@ -35,14 +35,14 @@ PageType {
                id: backButton
            }
-            HeaderType {
+            BaseHeaderType {
                id: header
                Layout.fillWidth: true
                Layout.rightMargin: 16
                Layout.leftMargin: 16
-                headerText: qsTr("Active devices")
+                headerText: qsTr("Active Devices")
                descriptionText: qsTr("Manage currently connected devices")
            }
@@ -91,7 +91,7 @@ PageType {
                id: backButton
            }
-            HeaderType {
+            BaseHeaderType {
                id: header
                Layout.fillWidth: true
@@ -38,14 +38,14 @@ PageType {
                id: backButton
            }
-            HeaderType {
+            BaseHeaderType {
                id: header
                Layout.fillWidth: true
                Layout.rightMargin: 16
                Layout.leftMargin: 16
-                headerText: qsTr("Configuration files")
+                headerText: qsTr("Configuration Files")
                descriptionText: qsTr("For router setup or the AmneziaWG app")
            }
        }
@@ -26,7 +26,7 @@ PageType {
    QtObject {
        id: statusObject
-        readonly property string title: qsTr("Subscription status")
+        readonly property string title: qsTr("Subscription Status")
        readonly property string contentKey: "subscriptionStatus"
        readonly property string objectImageSource: "qrc:/images/controls/info.svg"
    }
@@ -34,7 +34,7 @@ PageType {
    QtObject {
        id: endDateObject
-        readonly property string title: qsTr("Valid until")
+        readonly property string title: qsTr("Valid Until")
        readonly property string contentKey: "endDate"
        readonly property string objectImageSource: "qrc:/images/controls/history.svg"
    }
@@ -42,7 +42,7 @@ PageType {
    QtObject {
        id: deviceCountObject
-        readonly property string title: qsTr("Active connections")
+        readonly property string title: qsTr("Active Connections")
        readonly property string contentKey: "connectedDevices"
        readonly property string objectImageSource: "qrc:/images/controls/monitor.svg"
    }
@@ -93,7 +93,7 @@ PageType {
                Layout.topMargin: 20
            }
-            HeaderType {
+            HeaderTypeWithButton {
                id: headerContent
                objectName: "headerContent"
@@ -183,7 +183,7 @@ PageType {
                visible: false //footer.isVisibleForAmneziaFree
-                text: qsTr("Subscription key")
+                text: qsTr("Subscription Key")
                rightImageSource: "qrc:/images/controls/chevron-right.svg"
                clickedFunction: function() {
@@ -191,7 +191,7 @@ PageType {
                    shareConnectionDrawer.openTriggered()
                    shareConnectionDrawer.isSelfHostedConfig = false;
-                    shareConnectionDrawer.shareButtonText = qsTr("Save VPN key to file")
+                    shareConnectionDrawer.shareButtonText = qsTr("Save VPN key as a file")
                    shareConnectionDrawer.copyButtonText = qsTr("Copy VPN key")
@@ -213,7 +213,7 @@ PageType {
                visible: footer.isVisibleForAmneziaFree
-                text: qsTr("Configuration files")
+                text: qsTr("Configuration Files")
                descriptionText: qsTr("Manage configuration files")
                rightImageSource: "qrc:/images/controls/chevron-right.svg"
@@ -233,7 +233,7 @@ PageType {
                visible: footer.isVisibleForAmneziaFree
-                text: qsTr("Active devices")
+                text: qsTr("Active Devices")
                descriptionText: qsTr("Manage currently connected devices")
                rightImageSource: "qrc:/images/controls/chevron-right.svg"
@@ -27,25 +27,25 @@ PageType {
    QtObject {
        id: techSupport
-        readonly property string title: qsTr("Email Support")
+        readonly property string title: qsTr("Email")
-        readonly property string description: qsTr("support@amnezia.org")
+        readonly property string description: ApiAccountInfoModel.getEmailLink()
-        readonly property string link: "mailto:support@amnezia.org"
+        readonly property string link: "mailto:" + ApiAccountInfoModel.getEmailLink()
    }
    QtObject {
        id: paymentSupport
        readonly property string title: qsTr("Email Billing & Orders")
-        readonly property string description: qsTr("help@vpnpay.io")
+        readonly property string description: ApiAccountInfoModel.getBillingEmailLink()
-        readonly property string link: "mailto:help@vpnpay.io"
+        readonly property string link: "mailto:" + ApiAccountInfoModel.getBillingEmailLink()
    }
    QtObject {
        id: site
        readonly property string title: qsTr("Website")
-        readonly property string description: qsTr("amnezia.org")
+        readonly property string description: ApiAccountInfoModel.getSiteLink()
-        readonly property string link: LanguageModel.getCurrentSiteUrl()
+        readonly property string link: ApiAccountInfoModel.getFullSiteLink()
    }
    property list<QtObject> supportModel: [
@@ -71,7 +71,7 @@ PageType {
                id: backButton
            }
-            HeaderType {
+            BaseHeaderType {
                id: header
                Layout.fillWidth: true
@@ -79,29 +79,22 @@ PageType {
            id: backButton
        }
-        RowLayout {
+        HeaderTypeWithSwitcher {
-            HeaderType {
+            Layout.fillWidth: true
-                Layout.fillWidth: true
+            Layout.leftMargin: 16
-                Layout.leftMargin: 16
+            Layout.rightMargin: 16
-                headerText: qsTr("App split tunneling")
+            headerText: qsTr("App split tunneling")
            enabled: root.pageEnabled
            showSwitcher: true
            switcher {
                checked: AppSplitTunnelingModel.isTunnelingEnabled
                enabled: root.pageEnabled
            }
-
+            switcherFunction: function(checked) {
-            SwitcherType {
+                AppSplitTunnelingModel.toggleSplitTunneling(checked)
-                id: switcher
+                selector.text = root.routeModesModel[getRouteModesModelIndex()].name
                Layout.fillWidth: true
                Layout.rightMargin: 16
                enabled: root.pageEnabled
                checked: AppSplitTunnelingModel.isTunnelingEnabled
                onToggled: {                    
                    AppSplitTunnelingModel.toggleSplitTunneling(checked)
                    selector.text = root.routeModesModel[getRouteModesModelIndex()].name
                }
            }
        }
@@ -38,7 +38,7 @@ PageType {
            spacing: 0
-            HeaderType {
+            BaseHeaderType {
                Layout.fillWidth: true
                Layout.leftMargin: 16
                Layout.rightMargin: 16
@@ -60,7 +60,7 @@ PageType {
            spacing: 16
-            HeaderType {
+            BaseHeaderType {
                Layout.fillWidth: true
                headerText: qsTr("Back up your configuration")
@@ -36,7 +36,7 @@ PageType {
            anchors.left: parent.left
            anchors.right: parent.right
-            HeaderType {
+            BaseHeaderType {
                Layout.fillWidth: true
                Layout.leftMargin: 16
                Layout.rightMargin: 16
@@ -94,9 +94,7 @@ PageType {
                }
            }
-            DividerType {
+            DividerType {}
                visible: root.isAppSplitTinnelingEnabled
            }
            LabelWithButtonType {
                id: splitTunnelingButton2
@@ -119,29 +117,20 @@ PageType {
                visible: root.isAppSplitTinnelingEnabled
            }
-            SwitcherType {
+            LabelWithButtonType {
-                id: killSwitchSwitcher
+                id: killSwitchButton
                visible: !GC.isMobile()
                Layout.fillWidth: true
                Layout.margins: 16
                text: qsTr("KillSwitch")
-                descriptionText: qsTr("Disables your internet if your encrypted VPN connection drops out for any reason.")
+                descriptionText: qsTr("Blocks network connections without VPN")
                rightImageSource: "qrc:/images/controls/chevron-right.svg"
                parentFlickable: fl
-                checked: SettingsController.isKillSwitchEnabled()
+                clickedFunction: function() {
-                checkable: !ConnectionController.isConnected
+                    PageController.goToPage(PageEnum.PageSettingsKillSwitch)
                onCheckedChanged: {
                    if (checked !== SettingsController.isKillSwitchEnabled()) {
                        SettingsController.toggleKillSwitch(checked)
                    }
                }
                onClicked: {
                    if (!checkable) {
                        PageController.showNotificationMessage(qsTr("Cannot change killSwitch settings during active connection"))
                    }
                }
            }
@@ -50,7 +50,7 @@ PageType {
            spacing: 16
-            HeaderType {
+            BaseHeaderType {
                Layout.fillWidth: true
                headerText: qsTr("DNS servers")
@@ -0,0 +1,123 @@
 import QtQuick
 import QtQuick.Controls
 import QtQuick.Layouts
 import PageEnum 1.0
 import Style 1.0
 import "./"
 import "../Controls2"
 import "../Config"
 PageType {
    id: root
    BackButtonType {
        id: backButton
        anchors.top: parent.top
        anchors.left: parent.left
        anchors.right: parent.right
        anchors.topMargin: 20
    }
    FlickableType {
        id: fl
        anchors.top: backButton.bottom
        anchors.bottom: parent.bottom
        contentHeight: content.height
        ColumnLayout {
            id: content
            anchors.top: parent.top
            anchors.left: parent.left
            anchors.right: parent.right
            HeaderTypeWithSwitcher {
                Layout.fillWidth: true
                Layout.leftMargin: 16
                Layout.rightMargin: 16
                headerText: qsTr("KillSwitch")
                descriptionText: qsTr("Enable to ensure network traffic goes through a secure VPN tunnel, preventing accidental exposure of your IP and DNS queries if the connection drops")
                showSwitcher: true
                switcher {
                    checked: SettingsController.isKillSwitchEnabled
                    enabled: !ConnectionController.isConnected
                }
                switcherFunction: function(checked) {
                    if (!ConnectionController.isConnected) {
                        SettingsController.isKillSwitchEnabled = checked
                    } else {
                        PageController.showNotificationMessage(qsTr("Cannot change killSwitch settings during active connection"))
                        switcher.checked = SettingsController.isKillSwitchEnabled
                    }
                }
            }
            VerticalRadioButton {
                id: softKillSwitch
                Layout.fillWidth: true
                Layout.topMargin: 32
                Layout.leftMargin: 16
                Layout.rightMargin: 16
                enabled: SettingsController.isKillSwitchEnabled && !ConnectionController.isConnected
                checked: !SettingsController.strictKillSwitchEnabled
                text: qsTr("Soft KillSwitch")
                descriptionText: qsTr("Internet connection is blocked if VPN connection drops accidentally")
                onClicked: function() {
                    SettingsController.strictKillSwitchEnabled = false
                }
            }
            DividerType {}
            VerticalRadioButton {
                id: strictKillSwitch
                Layout.fillWidth: true
                Layout.leftMargin: 16
                Layout.rightMargin: 16
                enabled: SettingsController.isKillSwitchEnabled && !ConnectionController.isConnected
                checked: SettingsController.strictKillSwitchEnabled
                text: qsTr("Strict KillSwitch")
                descriptionText: qsTr("Internet connection is blocked even if VPN was turned off manually or not started")
                onClicked: function() {
                    var headerText = qsTr("Just a little heads-up")
                    var descriptionText = qsTr("If you disconnect from VPN or the VPN connection drops while the Strict Kill Switch is turned on, your internet access will be disabled. To restore it, connect to VPN, change the Kill Switch mode or turn the Kill Switch off.")
                    var yesButtonText = qsTr("Continue")
                    var noButtonText = qsTr("Cancel")
                    var yesButtonFunction = function() {
                        SettingsController.strictKillSwitchEnabled = true
                    }
                    var noButtonFunction = function() {
                    }
                    showQuestionDrawer(headerText, descriptionText, yesButtonText, noButtonText, yesButtonFunction, noButtonFunction)
                }
            }
            DividerType {}
            LabelWithButtonType {
                Layout.topMargin: 32
                Layout.fillWidth: true
                enabled: true
                text: qsTr("DNS Exceptions")
                descriptionText: qsTr("DNS servers from the list will remain accessible when Kill Switch is triggered")
                rightImageSource: "qrc:/images/controls/chevron-right.svg"
                clickedFunction: function() {
                    PageController.goToPage(PageEnum.PageSettingsKillSwitchExceptions)
                }
            }
        }
    }
 } 
@@ -0,0 +1,302 @@
 import QtQuick
 import QtQuick.Controls
 import QtQuick.Layouts
 import QtQuick.Dialogs
 import QtCore
 import SortFilterProxyModel 0.2
 import PageEnum 1.0
 import ProtocolEnum 1.0
 import ContainerProps 1.0
 import Style 1.0
 import "./"
 import "../Controls2"
 import "../Controls2/TextTypes"
 import "../Config"
 import "../Components"
 PageType {
    id: root
    property bool pageEnabled: true
    ColumnLayout {
        id: header
        anchors.top: parent.top
        anchors.left: parent.left
        anchors.right: parent.right
        anchors.topMargin: 20
        BackButtonType {
            id: backButton
        }
        BaseHeaderType {
            enabled: root.pageEnabled
            Layout.fillWidth: true
            Layout.leftMargin: 16
            headerText: qsTr("DNS Exceptions")
            descriptionText: qsTr("DNS servers from the list will remain accessible when Kill Switch is triggered")
        }
    }
    ListView {
        id: listView
        anchors.top: header.bottom
        anchors.topMargin: 16
        anchors.bottom: parent.bottom
        width: parent.width
        enabled: root.pageEnabled
        property bool isFocusable: true
        cacheBuffer: 200
        displayMarginBeginning: 40
        displayMarginEnd: 40
        ScrollBar.vertical: ScrollBarType { }
        footer: Item {
            width: listView.width
            height: addSitePanel.height
        }
        footerPositioning: ListView.InlineFooter
        model: SortFilterProxyModel {
            id: dnsFilterModel
            sourceModel: AllowedDnsModel
            filters: [
                RegExpFilter {
                    roleName: "ip"
                    pattern: ".*" + addSitePanel.textField.text + ".*"
                    caseSensitivity: Qt.CaseInsensitive
                }
            ]
        }
        clip: true
        reuseItems: true
        delegate: ColumnLayout {
            id: delegateContent
            width: listView.width
            LabelWithButtonType {
                id: site
                Layout.fillWidth: true
                text: ip
                rightImageSource: "qrc:/images/controls/trash.svg"
                rightImageColor: AmneziaStyle.color.paleGray
                clickedFunction: function() {
                    var headerText = qsTr("Delete ") + ip + "?"
                    var yesButtonText = qsTr("Continue")
                    var noButtonText = qsTr("Cancel")
                    var yesButtonFunction = function() {
                        AllowedDnsController.removeDns(dnsFilterModel.mapToSource(index))
                        if (!GC.isMobile()) {
                            site.rightButton.forceActiveFocus()
                        }
                    }
                    var noButtonFunction = function() {
                        if (!GC.isMobile()) {
                            site.rightButton.forceActiveFocus()
                        }
                    }
                    showQuestionDrawer(headerText, "", yesButtonText, noButtonText, yesButtonFunction, noButtonFunction)
                }
            }
            DividerType {}
        }
    }
    AddSitePanel {
        id: addSitePanel
        anchors.bottom: parent.bottom
        anchors.left: parent.left
        anchors.right: parent.right
        enabled: root.pageEnabled
        placeholderText: qsTr("IPv4 address")
        onAddClicked: function(text) {
            PageController.showBusyIndicator(true)
            AllowedDnsController.addDns(text)
            PageController.showBusyIndicator(false)
        }
        onMoreClicked: {
            moreActionsDrawer.openTriggered()
        }
    }
    DrawerType2 {
        id: moreActionsDrawer
        anchors.fill: parent
        expandedHeight: parent.height * 0.4375
        expandedStateContent: ColumnLayout {
            id: moreActionsDrawerContent
            anchors.top: parent.top
            anchors.left: parent.left
            anchors.right: parent.right
            Header2Type {
                Layout.fillWidth: true
                Layout.margins: 16
                headerText: qsTr("Import / Export addresses")
            }
            LabelWithButtonType {
                id: importSitesButton
                Layout.fillWidth: true
                text: qsTr("Import")
                rightImageSource: "qrc:/images/controls/chevron-right.svg"
                clickedFunction: function() {
                    importSitesDrawer.openTriggered()
                }
            }
            DividerType {}
            LabelWithButtonType {
                id: exportSitesButton
                Layout.fillWidth: true
                text: qsTr("Save address list")
                clickedFunction: function() {
                    var fileName = ""
                    if (GC.isMobile()) {
                        fileName = "amnezia_killswitch_exceptions.json"
                    } else {
                        fileName = SystemController.getFileName(qsTr("Save addresses"),
                                                                qsTr("Address files (*.json)"),
                                                                StandardPaths.standardLocations(StandardPaths.DocumentsLocation) + "/amnezia_killswitch_exceptions",
                                                                true,
                                                                ".json")
                    }
                    if (fileName !== "") {
                        PageController.showBusyIndicator(true)
                        AllowedDnsController.exportDns(fileName)
                        moreActionsDrawer.closeTriggered()
                        PageController.showBusyIndicator(false)
                    }
                }
            }
            DividerType {}
        }
    }
    DrawerType2 {
        id: importSitesDrawer
        anchors.fill: parent
        expandedHeight: parent.height * 0.4375
        expandedStateContent: Item {
            implicitHeight: importSitesDrawer.expandedHeight
            BackButtonType {
                id: importSitesDrawerBackButton
                anchors.top: parent.top
                anchors.left: parent.left
                anchors.right: parent.right
                anchors.topMargin: 16
                backButtonFunction: function() {
                    importSitesDrawer.closeTriggered()
                }
            }
            FlickableType {
                anchors.top: importSitesDrawerBackButton.bottom
                anchors.left: parent.left
                anchors.right: parent.right
                anchors.bottom: parent.bottom
                contentHeight: importSitesDrawerContent.height
                ColumnLayout {
                    id: importSitesDrawerContent
                    anchors.top: parent.top
                    anchors.left: parent.left
                    anchors.right: parent.right
                    Header2Type {
                        Layout.fillWidth: true
                        Layout.margins: 16
                        headerText: qsTr("Import address list")
                    }
                    LabelWithButtonType {
                        id: importSitesButton2
                        Layout.fillWidth: true
                        text: qsTr("Replace address list")
                        clickedFunction: function() {
                            var fileName = SystemController.getFileName(qsTr("Open address file"),
                                                                        qsTr("Address files (*.json)"))
                            if (fileName !== "") {
                                importSitesDrawerContent.importSites(fileName, true)
                            }
                        }
                    }
                    DividerType {}
                    LabelWithButtonType {
                        id: importSitesButton3
                        Layout.fillWidth: true
                        text: qsTr("Add imported addresses to existing ones")
                        clickedFunction: function() {
                            var fileName = SystemController.getFileName(qsTr("Open address file"),
                                                                        qsTr("Address files (*.json)"))
                            if (fileName !== "") {
                                importSitesDrawerContent.importSites(fileName, false)
                            }
                        }
                    }
                    function importSites(fileName, replaceExistingSites) {
                        PageController.showBusyIndicator(true)
                        AllowedDnsController.importDns(fileName, replaceExistingSites)
                        PageController.showBusyIndicator(false)
                        importSitesDrawer.closeTriggered()
                        moreActionsDrawer.closeTriggered()
                    }
                    DividerType {}
                }
            }
        }
    }
 }
@@ -40,7 +40,7 @@ PageType {
        header: ColumnLayout {
            width: listView.width
-            HeaderType {
+            BaseHeaderType {
                Layout.fillWidth: true
                Layout.leftMargin: 16
                Layout.rightMargin: 16
@@ -71,7 +71,7 @@ PageType {
            objectName: "backButton"
        }
-        HeaderType {
+        HeaderTypeWithButton {
            id: headerContent
            objectName: "headerContent"
@@ -34,7 +34,7 @@ PageType {
            id: backButton
        }
-        HeaderType {
+        BaseHeaderType {
            Layout.fillWidth: true
            Layout.leftMargin: 16
            Layout.rightMargin: 16
@@ -31,7 +31,7 @@ PageType {
            id: backButton
        }
-        HeaderType {
+        BaseHeaderType {
            Layout.fillWidth: true
            Layout.leftMargin: 16
            Layout.rightMargin: 16
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Mykola Baibuz	7cc8aad876	buildfix and naming	2025-04-24 18:31:26 +03:00
aiamnezia	6be32445ba	Review fixes	2025-04-24 16:35:37 +04:00
aiamnezia	5bf5cd43bd	Add insertion of gateway address to strict killswitch exceptions	2025-04-24 01:55:29 +04:00
aiamnezia	e46b51a833	Add method to killswitch for expanding strickt mode exceptions list and fix allowTrafficTo() for Windows. Also Added cache in KillSwitch class for exceptions	2025-04-24 01:53:12 +04:00
aiamnezia	b88cb4303a	Merge branch 'dev' into feature/killswitch-strict-mode	2025-04-17 02:22:46 +04:00
aiamnezia	c69c6ef002	Add qt standard path for build script	2025-04-17 02:20:29 +04:00
aiamnezia	97dc075f73	Add confirmation popup for strict killswitch mode	2025-04-17 02:19:32 +04:00
Nethius	7fd71a8408	feature: retrieving support info from gateway (#1483 ) * feature: retrieving support info from gateway * feature: added "external-premium" service-type * chore: fixed external premium visability	2025-04-16 09:58:44 +07:00
DarthSidious007	68db721089	add S3 deploy (#1530 )	2025-04-16 09:35:53 +07:00
MrMirDan	a180e12bdf	chore: updated ru translation (#1531 )	2025-04-12 22:04:34 +07:00
Yaroslav	f3a4a1b1be	feat: improve post uninstall script for macos to properly remove application and its components (#1521 )	2025-04-11 23:09:12 +07:00
Nethius	6977a8ecbc	chore: bump version and update translation files (#1526 )	2025-04-11 12:59:06 +07:00
Nethius	d00f64e6ad	feature: added export logs button on start page (#1525 )	2025-04-11 12:29:28 +07:00
Mykola Baibuz	d5b3da6ba3	Use older Ubuntu version for build job (#1523 )	2025-04-11 08:57:56 +07:00
aiamnezia	c245318339	bugfix: empty split tunneling list (#1520 ) * Disable split tunneling with empty list * Fix bug with Amnezia DNS in split tunneling list * update ubuntu version for linux deploy pipeline * Fix deploy script	2025-04-10 14:24:33 +07:00
Mykola Baibuz	298c9fef9d	Update ubuntu version in GH actions	2025-04-09 17:21:35 +03:00
aiamnezia	3faa16e892	Change ubuntu version in deploy script	2025-04-09 15:19:25 +04:00
Nethius	b3b0fec2e1	feature: additional logs for proxy bypass (#1518 )	2025-04-09 10:47:33 +07:00
Mykola Baibuz	2ada18df2d	Merge branch 'dev' into feature/killswitch-strict-mode	2025-04-08 20:50:52 +03:00
Nethius	9d571a4c71	feature: new mirrors support (#1519 )	2025-04-08 12:07:31 +07:00
pokamest	f283858490	Merge pull request #1517 from amnezia-vpn/chore/update-go-version Update go version in actions to 1.24	2025-04-07 21:53:05 +01:00
pokamest	76fe203767	Update go version in actions to 1.24	2025-04-07 18:05:08 +01:00
pokamest	b9a47f2f50	Merge pull request #1516 from amnezia-vpn/feature/openvpn-warning feature: warning when importing openvpn configurations	2025-04-07 17:59:37 +01:00
vladimir.kuznetsov	27cb17c640	chore: clear warning text before extract	2025-04-07 23:35:24 +08:00
vladimir.kuznetsov	ef8fb89eb3	feature: warning when importing openvpn configurations	2025-04-07 23:30:11 +08:00
Mykola Baibuz	2a546ddc28	Add exclusion method for Windows firewall	2025-04-05 12:33:59 +03:00
Nethius	f1b045f8a8	fixed selecting the default button on PageSetupWizardEasy (#1502 )	2025-03-30 12:53:26 +07:00
Anton Sosnin	050066132b	Fix iOS initial translation loading (#1477 )	2025-03-24 14:35:22 +07:00
Nethius	2a6e6a1e24	chore: bump version (#1485 )	2025-03-21 14:12:56 +07:00
Nethius	92689d084c	feature/old api proxy (#1484 ) * feature: proxy old api requests through gateway * chore: bump version	2025-03-21 10:25:44 +07:00
lunardunno	00f314039d	Patch for user checking. (#1481 ) * Direct use of the $HOME variable. * Sudo check witch variable $HOME. Direct use of the $HOME variable. * Changing for Error 208 Changing description and title for error 208 * Revert "Changing for Error 208" This reverts commit `f45624c023`. * Changing for Error 207 Changing description and title for Error 207	2025-03-20 10:24:37 +07:00
lunardunno	fcb75e837d	chore: correcting version (#1480 ) * Сorrecting version Correction: return to the correct version * Correction for SH	2025-03-19 21:51:49 +07:00
aiamnezia	d1f5d8815b	Fix problem with definition sequence of PageSettingsKillSwitchExceptions.pml elements	2025-03-18 22:41:56 +04:00
Yaroslav	9fbea76b74	There's a common issue of building iOS apps on Qt 6.8 because of new introduced ffmpeg dependency in multimedia Qt package (#1414 ) ref: https://community.esri.com/t5/qt-maps-sdk-questions/build-failure-on-ios-with-qt-6-8/m-p/1548701#M5339	2025-03-14 20:40:27 +07:00
lunardunno	b3ff120bcf	Checking server user permissions to use sudo (#1442 ) * Username if whoami returns an error Сommand to use home directory name if whoami returns error or is missing for prepare_host.sh. * Update check_user_in_sudo.sh Сommand to use home directory name if whoami returns error or is missing for check_user_in_sudo.sh. Checking server user permissions to use sudo using a package manager or using uname. Сhecking and redefining the system language. Checking requirements for sudo users or root in script. * Cases have been changed and added. Changed description of the “Server User Not In Sudo” case. Corrected the name and description of the "ServerPacketManagerError" case. Packet to Package. Adding a "SudoPackageIsNotPreinstalled" case. Adding a "ServerUserNotAllowedInSudoers" case. Adding a "ServerUserPasswordRequired" case. * Serves errors have been changed and added. Corrected the name of the "ServerPacketManagerError" error to "ServerPackageManagerError". Adding a "SudoPackageIsNotPreinstalled" error. Adding a "ServerUserNotAllowedInSudoers" error. Adding a "ServerUserPasswordRequired" error. * Return ServerPacketManagerError Return to the name "ServerPacketManagerError". * Added errors handling Added new errors' handling to serverController.cpp. Permission checks are also performed for the root user. * Update translations Updating translations for two existing server errors. * Myanmar translation update * Update for my_MM.ts * checking for not allowed Checking for "not allowed" in stdOut * Removed "not allowed" Removed check for "not allowed" in stdOut * Removed nested launch Removed nested launch via sudo * Returned nested launch Returned nested launch via sudo * All checks with sudo Both checks with sudo always run. * Moved removing timestamp sudo Removing the sudo timestamp is done every time. * Checking the user directory Checking the accessibility of the user's home directory * Polishing Изменение порядка обработки ошибок. * changing detection order change the order of detection of inconsistencies: 1. sudo not preinstalled. (if user != root) 2. user not in sudo or wheel group. (if user != root) 3. user's directory is not accessible. (for all) 4. user not allowed in sudoers. (for all) 5. user password required. (for all) * Packet to Package * chore: bump version (#1463) * fix for sh (#1462) Fix for servers where sh is used as default shell. * Username if whoami returns an error Сommand to use home directory name if whoami returns error or is missing for prepare_host.sh. * Update check_user_in_sudo.sh Сommand to use home directory name if whoami returns error or is missing for check_user_in_sudo.sh. Checking server user permissions to use sudo using a package manager or using uname. Сhecking and redefining the system language. Checking requirements for sudo users or root in script. * Cases have been changed and added. Changed description of the “Server User Not In Sudo” case. Corrected the name and description of the "ServerPacketManagerError" case. Packet to Package. Adding a "SudoPackageIsNotPreinstalled" case. Adding a "ServerUserNotAllowedInSudoers" case. Adding a "ServerUserPasswordRequired" case. * Serves errors have been changed and added. Corrected the name of the "ServerPacketManagerError" error to "ServerPackageManagerError". Adding a "SudoPackageIsNotPreinstalled" error. Adding a "ServerUserNotAllowedInSudoers" error. Adding a "ServerUserPasswordRequired" error. * Return ServerPacketManagerError Return to the name "ServerPacketManagerError". * Update translations Updating translations for two existing server errors. * Added errors handling Added new errors' handling to serverController.cpp. Permission checks are also performed for the root user. * Myanmar translation update * Update for my_MM.ts * checking for not allowed Checking for "not allowed" in stdOut * Removed "not allowed" Removed check for "not allowed" in stdOut * Removed nested launch Removed nested launch via sudo * Returned nested launch Returned nested launch via sudo * All checks with sudo Both checks with sudo always run. * Moved removing timestamp sudo Removing the sudo timestamp is done every time. * Checking the user directory Checking the accessibility of the user's home directory * Polishing Изменение порядка обработки ошибок. * changing detection order change the order of detection of inconsistencies: 1. sudo not preinstalled. (if user != root) 2. user not in sudo or wheel group. (if user != root) 3. user's directory is not accessible. (for all) 4. user not allowed in sudoers. (for all) 5. user password required. (for all) * Undoing unintended changes Undoing unintended changes. * Undoing unintended change Undoing unintended change. * not allowed to use sudo The user is not allowed to use sudo on this server. * Capital letters in the error Capital letters in the error description. --------- Co-authored-by: albexk <albexk@proton.me>	2025-03-14 20:39:58 +07:00
Mykola Baibuz	a120f3d5bd	Some pretty fixes	2025-03-13 22:04:03 +02:00
Mykola Baibuz	2206b4a2dd	Merge pull request #1327 from amnezia-vpn/feature/allowed-dns-list Add allowed DNS list for killswitch	2025-03-13 11:19:27 -07:00
aiamnezia	a67e4ab8bb	Remove HeaderType from PageSettingsApiDevices	2025-03-12 17:13:16 +04:00
Mykola Baibuz	92b0ea6213	Change label text to DNS exceptions	2025-03-10 20:43:46 +02:00
Mykola Baibuz	cafac3aa61	Connect backend part and UI	2025-03-10 20:19:51 +02:00
paldeflex	9dea98f020	chore: README typo fixes (#1467 )	2025-03-10 23:22:09 +07:00
Mykola Baibuz	c4701d4e7a	Update XRay for Desktops (#1459 ) version 25.3.6	2025-03-10 15:11:26 +07:00
aiamnezia	0466e71d49	Implement model, controller and UI for killswitch dns exceptions	2025-03-10 01:41:14 +04:00
Nethius	48903ca3a1	chore: fixed proxyStorageUrl typo (#1466 )	2025-03-09 13:36:21 +07:00
Nethius	0c9fd4aef4	feature: added multiply proxy storage support (#1465 )	2025-03-09 13:07:08 +07:00
lunardunno	b2af2e46ac	fix for sh (#1462 ) Fix for servers where sh is used as default shell.	2025-03-09 12:34:00 +07:00
albexk	efc76a0683	chore: bump version (#1463 )	2025-03-09 10:30:43 +07:00
aiamnezia	bb883b4880	Merge branch 'feature/killswitch-strict-mode' into feature/allowed-dns-list	2025-03-08 17:58:29 +04:00
Nethius	c4a553c166	chore: error body processing (#1458 )	2025-03-07 10:39:12 +07:00
Cyril Anisimov	69a00b0252	feature: remove the limit of ip addresses = 254 (#1438 )	2025-03-06 21:43:47 +07:00
KsZnak	4257c08b43	Update amneziavpn_ru_RU.ts (#1457 )	2025-03-06 21:38:42 +07:00
Mykola Baibuz	8edc60e574	Merge branch 'dev' into feature/killswitch-strict-mode	2025-03-05 20:29:17 +02:00
aiamnezia	8e6de2dc34	Merge branch 'dev' into feature/allowed-dns-list	2025-03-05 15:18:50 +04:00
Mykola Baibuz	c9e5b92f79	Remove unneeded flushDns (#1443 )	2025-03-05 13:21:39 +07:00
Mykola Baibuz	99818c2ad8	Fixes for native OpenVPN config import (#1444 ) * Remote address in OpenVPN config can be host name * Protocol parameter in OpenVPN config is not mandatory	2025-03-05 13:20:46 +07:00
shiroow	99e3afabad	chore: update eng text (#1456 ) chore: update eng text	2025-03-05 10:11:31 +07:00
Mykola Baibuz	0cf9d3c9bd	Refresh strict mode killswitch after global toggle change	2025-03-01 20:54:57 +02:00
Mykola Baibuz	6ea21b852f	Merge branch 'dev' into feature/killswitch-strict-mode	2025-03-01 20:41:45 +02:00
aiamnezia	c36f14c55a	Remove deprecated HeaderType QML component	2025-02-24 19:50:27 +04:00
aiamnezia	1c2b1f1e0f	Refactor: Replace HeaderType with new Types for headers in QML pages	2025-02-24 19:45:50 +04:00
aiamnezia	13127cd64c	Fix strict kill switch mode handling	2025-02-24 17:52:40 +04:00
aiamnezia	f670050282	Merge branch 'dev' into feature/killswitch-strict-mode	2025-02-24 17:19:41 +04:00
aiamnezia	d0fe48b8c7	Change kill switch radio button styling	2025-02-24 16:16:56 +04:00
aiamnezia	ac281cee5b	refactor: Modularize header components	2025-02-20 16:36:28 +04:00
Mykola Baibuz	1f8a6114f8	Fix build	2025-02-19 16:04:29 +02:00
Mykola Baibuz	7a926f2eef	Refresh killSwitch state update	2025-02-19 15:54:21 +02:00
aiamnezia	d371d495a9	Merge branch 'dev' into feature/allowed-dns-list	2025-02-19 16:32:38 +04:00
aiamnezia	13fd957647	feat: Enhance VerticalRadioButton with improved styling and disabled states	2025-02-19 16:06:39 +04:00
Mykola Baibuz	8e2e3a916a	Some Linux updates	2025-02-19 00:02:16 +02:00
Mykola Baibuz	84d95477cb	Use HLM to store strictMode flag	2025-02-18 22:26:56 +02:00
Mykola Baibuz	7a3520cb20	Refresh killswitch mode when it toggled	2025-02-17 22:44:38 +02:00
Mykola Baibuz	1fa96a09a0	fix windows build after merge	2025-02-17 21:49:20 +02:00
Mykola Baibuz	c186be1788	Merge branch 'dev' into feature/killswitch-strict-mode	2025-02-17 21:26:20 +02:00
aiamnezia	4407e2801b	feature: Add Kill Switch settings page with strict mode option	2025-02-17 21:35:08 +04:00
Mykola Baibuz	5fc80121b4	Windows fixes	2025-01-01 07:43:53 +02:00
Mykola Baibuz	08e5ff2eef	Killswitch strict mode for Linux and MacOS	2025-01-01 07:07:42 +02:00
Mykola Baibuz	d65273e43e	Merge branch 'dev' into feature/killswitch-strict-mode	2024-12-31 14:15:51 +02:00
Mykola Baibuz	4d91245376	Windows killswitch strict mode backend part	2024-12-30 22:50:44 +02:00
Mykola Baibuz	f5272168bc	Add allowed DNS list for killswitch	2024-12-29 23:07:06 +02:00