Regression in v4.1.x: Setup works on v4.0.4 but fails after updating the binary (Linux CLI) #124
Description
Hello!
I am using Hiddify-core to create a WiFi VPN Router on Ubuntu Server. I have a step-by-step script (35 commands) that configures the hotspot, routing, and the Hiddify service.
The problem: When I use version 4.0.4 (Command 17 in my script), everything works as expected. But as soon as I change the download link to version 4.1.0, the VPN connection fails to establish, and I get a "bare" WiFi without a VPN, even though the binary is replaced correctly.
I suspect there might be changes in how the TUN interface or routing is handled in the new version.
Here is my full setup script for reference:
Click to expand my full 35-command script (v4.0.4 working version)
Step 1
WIFI_IF="wlp1s0"
Step 2
MY_USER="username"
Step 3
WIFI_SSID="MyVPNRouter"
Step 4
WIFI_PASS="Password123"
Step 5
TUN_NAME="tun0"
Step 6
sudo apt update && sudo apt install network-manager rfkill iw unattended-upgrades dnsmasq-base nftables -y
Step 7
sudo dpkg-reconfigure unattended-upgrades
Step 8
sudo iw reg set US
Step 9
sudo iw dev $WIFI_IF set power_save off
Step 10
sudo nmcli device wifi hotspot ifname $WIFI_IF ssid $WIFI_SSID password $WIFI_PASS
Step 11
sudo nmcli connection modify Hotspot connection.autoconnect yes
Step 12
sudo nmcli connection modify Hotspot 802-11-wireless.band bg 802-11-wireless.channel 1
Step 13
sudo nmcli connection modify Hotspot 802-11-wireless-security.wps-method 1
Step 14
sudo nmcli connection up Hotspot
Step 15
sudo tee /etc/NetworkManager/dnsmasq-shared.d/01-custom-dns.conf <<EOF
server=1.1.1.1
server=8.8.8.8
cache-size=2000
min-cache-ttl=60
dns-forward-max=15000
EOF
sudo systemctl restart NetworkManager
Step 16
echo "net.ipv4.ip_forward=1" | sudo tee -a /etc/sysctl.conf
echo "net.ipv6.conf.all.forwarding=1" | sudo tee -a /etc/sysctl.conf
echo "net.netfilter.nf_conntrack_max=262144" | sudo tee -a /etc/sysctl.conf
echo "net.ipv4.tcp_keepalive_time=600" | sudo tee -a /etc/sysctl.conf
sudo sysctl -p
Step 17
wget https://github.com/hiddify/hiddify-core/releases/download/v4.0.4/hiddify-core-linux-amd64-glibc.tar.gz -O hiddify.tar.gz
Step 18
mkdir -p temp_hid
Step 19
tar -xf hiddify.tar.gz -C temp_hid
Step 20
BIN=$(find temp_hid -type f -executable -printf "%s %p\n" | sort -nr | head -1 | cut -d' ' -f2-)
Step 21
cp "$BIN" ./hiddify-core
Step 22
rm -rf temp_hid
Step 23
mv hiddify-core HiddifyCli && chmod +x HiddifyCli
Step 24
sudo iptables -t nat -I POSTROUTING -o $TUN_NAME -j MASQUERADE
Step 25
sudo iptables -I FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
Step 26
sudo iptables -I FORWARD 1 -i "$WIFI_IF" ! -o "$TUN_NAME" -j DROP
Step 27
sudo iptables -A FORWARD -i $WIFI_IF -o $TUN_NAME -j ACCEPT && sudo iptables -A FORWARD -i $TUN_NAME -o $WIFI_IF -m state --state RELATED,ESTABLISHED -j ACCEPT
Step 28
sudo ip6tables -P FORWARD DROP
Step 29
sudo ip6tables -A FORWARD -i $WIFI_IF -o $TUN_NAME -j ACCEPT && sudo ip6tables -A FORWARD -i $TUN_NAME -o $WIFI_IF -m state --state RELATED,ESTABLISHED -j ACCEPT
Step 30
sudo apt install iptables-persistent -y
Step 31
sudo netfilter-persistent save
Step 32
sudo tee /etc/systemd/system/hiddify.service <<EOF
[Unit]
Description=Hiddify VPN Client
After=network-online.target
Wants=network-online.target
[Service]
Type=simple
User=root
WorkingDirectory=/home/$MY_USER
ExecStart=/home/$MY_USER/HiddifyCli run -c "YOUR_CONFIG_URL" --tun
Restart=always
RestartSec=5
TimeoutStopSec=5
LimitNOFILE=65535
[Install]
WantedBy=multi-user.target
EOF
Step 33
sudo systemctl daemon-reload
Step 34
sudo systemctl enable hiddify.service
Step 35
sudo reboot
Could you please help me understand what is causing this issue in the new version? What adjustments should I make to my setup script to ensure it works with version 4.1.0?
Thank you!