From 9b65844a6ae25b1b6755dee6364707f8653f43d0 Mon Sep 17 00:00:00 2001
From: b3nw <admin@ben.io>
Date: Wed, 30 Oct 2024 23:36:50 -0500
Subject: [PATCH] adjust ovpn template, adjust skip criteria

---
 nord-checker.py  | 9 +++++----
 ovpn_template.py | 5 +++--
 2 files changed, 8 insertions(+), 6 deletions(-)

diff --git a/nord-checker.py b/nord-checker.py
index 43f0bf3..f3a4878 100644
--- a/nord-checker.py
+++ b/nord-checker.py
@@ -114,14 +114,15 @@ if not os.path.exists(TEMP_OVPN_DIR):
 # Process each server
 server_count = len(servers)
 for index, server in enumerate(servers):
-    # Check if the server uses OpenVPN TCP Dedicated technology
+    # Check if the server uses OpenVPN TCP technology
     technologies = server.get('technologies', [])
-    skip_server = any(tech.get('identifier') == 'openvpn_dedicated_tcp' for tech in technologies)
+    has_openvpn_tcp = any(tech.get('identifier') == 'openvpn_tcp' for tech in technologies)
+    has_openvpn_dedicated_tcp = any(tech.get('identifier') == 'openvpn_dedicated_tcp' for tech in technologies)
     technologies_str = ', '.join([t.get('identifier', 'N/A') for t in technologies])  # Get technologies as a string
 
-    if skip_server:
+    if not has_openvpn_tcp or has_openvpn_dedicated_tcp:
         server_name = server.get('hostname')
-        debug_print(f"{datetime.datetime.now()} [{index+1}/{server_count}] [{server_name}]: Skipping OpenVPN TCP Dedicated server. Technologies: {technologies_str}")
+        print(f"{datetime.datetime.now()} [{index+1}/{server_count}] [{server_name}]: Skipping server without OpenVPN TCP or with OpenVPN Dedicated TCP. Technologies: {technologies_str}")
         continue  # Skip to the next server
 
     server_name = server.get('hostname')
diff --git a/ovpn_template.py b/ovpn_template.py
index def5a19..98c164f 100644
--- a/ovpn_template.py
+++ b/ovpn_template.py
@@ -15,12 +15,13 @@ persist-tun
 connect-retry-max 1
 reneg-sec 0
 comp-lzo no
+data-ciphers AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305
 verify-x509-name CN={server_cn}
 remote-cert-tls server
-auth-user-pass
+auth-user-pass 
+auth-nocache  # Add auth-nocache here
 verb 3
 pull
-cipher AES-256-CBC
 auth SHA512
 <ca>
 -----BEGIN CERTIFICATE-----