From ffc2a0cbae78aa71e7ca5a64c76b75f1c5bba664 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Parm=C3=A9nides=20GV?= <parmegv@sdf.org>
Date: Wed, 24 Jun 2015 19:05:39 +0200
Subject: Tuned some times, refactoring tests

---
 .../leap/bitmaskclient/test/BaseTestDashboard.java | 61 ---------------------
 .../test/BaseTestDashboardFragment.java            | 63 ++++++++++++++++++++++
 .../se/leap/bitmaskclient/test/Screenshot.java     |  3 +-
 .../leap/bitmaskclient/test/VpnTestController.java |  2 +-
 .../test/testConfigurationWizard.java              |  5 ++
 .../test/testDashboardIntegration.java             | 12 +----
 .../bitmaskclient/test/testUserStatusFragment.java |  5 +-
 .../leap/bitmaskclient/test/testVpnFragment.java   | 11 +---
 app/src/main/AndroidManifest.xml                   |  3 +-
 ics-openvpn                                        |  2 +-
 10 files changed, 79 insertions(+), 88 deletions(-)
 delete mode 100644 app/src/androidTest/java/se/leap/bitmaskclient/test/BaseTestDashboard.java
 create mode 100644 app/src/androidTest/java/se/leap/bitmaskclient/test/BaseTestDashboardFragment.java

diff --git a/app/src/androidTest/java/se/leap/bitmaskclient/test/BaseTestDashboard.java b/app/src/androidTest/java/se/leap/bitmaskclient/test/BaseTestDashboard.java
deleted file mode 100644
index 9a9131fd..00000000
--- a/app/src/androidTest/java/se/leap/bitmaskclient/test/BaseTestDashboard.java
+++ /dev/null
@@ -1,61 +0,0 @@
-package se.leap.bitmaskclient.test;
-
-import android.content.*;
-import android.graphics.*;
-import android.test.*;
-import android.view.*;
-
-import com.robotium.solo.*;
-
-import se.leap.bitmaskclient.*;
-
-public abstract class BaseTestDashboard extends ActivityInstrumentationTestCase2<Dashboard> {
-
-    Solo solo;
-    Context context;
-    UserStatusTestController user_status_controller;
-    VpnTestController vpn_controller;
-
-    public BaseTestDashboard() { super(Dashboard.class); }
-
-    @Override
-    protected void setUp() throws Exception {
-        super.setUp();
-        context = getInstrumentation().getContext();
-        solo = new Solo(getInstrumentation(), getActivity());
-        user_status_controller = new UserStatusTestController(solo);
-        vpn_controller = new VpnTestController(solo);
-        ConnectionManager.setMobileDataEnabled(true, context);
-        solo.unlockScreen();
-        if (solo.searchText(solo.getString(R.string.configuration_wizard_title)))
-            new testConfigurationWizard(solo).toDashboardAnonymously("demo.bitmask.net");
-    }
-
-    void changeProviderAndLogIn(String provider) {
-        tapSwitchProvider();
-        solo.clickOnText(provider);
-        useRegistered();
-    }
-
-    void tapSwitchProvider() {
-        solo.clickOnMenuItem(solo.getString(R.string.switch_provider_menu_option));
-        solo.waitForActivity(ConfigurationWizard.class);
-    }
-
-    private void useRegistered() {
-        String text = solo.getString(R.string.signup_or_login_button);
-        clickAndWaitForDashboard(text);
-        user_status_controller.logIn("parmegvtest10", "holahola2");
-    }
-
-    private void clickAndWaitForDashboard(String click_text) {
-        solo.clickOnText(click_text);
-        assertTrue(solo.waitForActivity(Dashboard.class, 80 * 1000));
-    }
-
-    static boolean isShownWithinConfinesOfVisibleScreen(View view) {
-        Rect scrollBounds = new Rect();
-        view.getHitRect(scrollBounds);
-        return view.getLocalVisibleRect(scrollBounds);
-    }
-}
diff --git a/app/src/androidTest/java/se/leap/bitmaskclient/test/BaseTestDashboardFragment.java b/app/src/androidTest/java/se/leap/bitmaskclient/test/BaseTestDashboardFragment.java
new file mode 100644
index 00000000..aef968b8
--- /dev/null
+++ b/app/src/androidTest/java/se/leap/bitmaskclient/test/BaseTestDashboardFragment.java
@@ -0,0 +1,63 @@
+package se.leap.bitmaskclient.test;
+
+import android.content.*;
+import android.graphics.*;
+import android.test.*;
+import android.view.*;
+
+import com.robotium.solo.*;
+
+import se.leap.bitmaskclient.*;
+
+public abstract class BaseTestDashboardFragment extends ActivityInstrumentationTestCase2<Dashboard> {
+
+    Solo solo;
+    Context context;
+    UserStatusTestController user_status_controller;
+    VpnTestController vpn_controller;
+
+    public BaseTestDashboardFragment() { super(Dashboard.class); }
+
+    @Override
+    protected void setUp() throws Exception {
+        super.setUp();
+        context = getInstrumentation().getContext();
+        solo = new Solo(getInstrumentation(), getActivity());
+        Screenshot.initialize(solo);
+        user_status_controller = new UserStatusTestController(solo);
+        vpn_controller = new VpnTestController(solo);
+        ConnectionManager.setMobileDataEnabled(true, context);
+        solo.unlockScreen();
+        if (solo.searchText(solo.getString(R.string.configuration_wizard_title)))
+            new testConfigurationWizard(solo).toDashboardAnonymously("demo.bitmask.net");
+    }
+
+    void changeProviderAndLogIn(String provider) {
+        tapSwitchProvider();
+        solo.clickOnText(provider);
+        useRegistered();
+    }
+
+    void tapSwitchProvider() {
+        solo.clickOnMenuItem(solo.getString(R.string.switch_provider_menu_option));
+        solo.waitForActivity(ConfigurationWizard.class);
+    }
+
+    private void useRegistered() {
+        solo.waitForFragmentById(R.id.provider_detail_fragment);
+        String text = solo.getString(R.string.signup_or_login_button);
+        clickAndWaitForDashboard(text);
+        user_status_controller.logIn("parmegvtest10", "holahola2");
+    }
+
+    private void clickAndWaitForDashboard(String click_text) {
+        solo.clickOnText(click_text);
+        assertTrue(solo.waitForActivity(Dashboard.class, 80 * 1000));
+    }
+
+    static boolean isShownWithinConfinesOfVisibleScreen(View view) {
+        Rect scrollBounds = new Rect();
+        view.getHitRect(scrollBounds);
+        return view.getLocalVisibleRect(scrollBounds);
+    }
+}
diff --git a/app/src/androidTest/java/se/leap/bitmaskclient/test/Screenshot.java b/app/src/androidTest/java/se/leap/bitmaskclient/test/Screenshot.java
index 91d51402..ade28b73 100644
--- a/app/src/androidTest/java/se/leap/bitmaskclient/test/Screenshot.java
+++ b/app/src/androidTest/java/se/leap/bitmaskclient/test/Screenshot.java
@@ -26,8 +26,7 @@ public class Screenshot {
     }
 
     public static void take() {
-        sleepBefore();
-        solo.takeScreenshot(default_name + "_" + getTimeStamp());
+        take(default_name + "_" + getTimeStamp());
     }
 
     public static void takeWithSleep() {
diff --git a/app/src/androidTest/java/se/leap/bitmaskclient/test/VpnTestController.java b/app/src/androidTest/java/se/leap/bitmaskclient/test/VpnTestController.java
index 25d81da1..39ab37dd 100644
--- a/app/src/androidTest/java/se/leap/bitmaskclient/test/VpnTestController.java
+++ b/app/src/androidTest/java/se/leap/bitmaskclient/test/VpnTestController.java
@@ -79,7 +79,7 @@ public class VpnTestController {
         a = whole_icon != null ?
                 (ProgressRingView) getVpnWholeIcon().findViewById(R.id.fabbutton_ring) :
                 new ProgressRingView(solo.getCurrentActivity());
-        BaseTestDashboard.isShownWithinConfinesOfVisibleScreen(a);
+        BaseTestDashboardFragment.isShownWithinConfinesOfVisibleScreen(a);
     }
 
     private boolean iconShowsConnected() {
diff --git a/app/src/androidTest/java/se/leap/bitmaskclient/test/testConfigurationWizard.java b/app/src/androidTest/java/se/leap/bitmaskclient/test/testConfigurationWizard.java
index 931457ee..8b897b96 100644
--- a/app/src/androidTest/java/se/leap/bitmaskclient/test/testConfigurationWizard.java
+++ b/app/src/androidTest/java/se/leap/bitmaskclient/test/testConfigurationWizard.java
@@ -29,6 +29,7 @@ public class testConfigurationWizard extends ActivityInstrumentationTestCase2<Co
     protected void setUp() throws Exception {
         super.setUp();
         solo = new Solo(getInstrumentation(), getActivity());
+        Screenshot.initialize(solo);
         //ConnectionManager.setMobileDataEnabled(true, solo.getCurrentActivity().getApplicationContext());
     }
 
@@ -62,17 +63,21 @@ public class testConfigurationWizard extends ActivityInstrumentationTestCase2<Co
     }
 
     public void testSelectProvider() {
+        Screenshot.take("Initial CW");
         selectProvider("demo.bitmask.net");
     }
 
     private void selectProvider(String provider) {
         solo.clickOnText(provider);
+        Screenshot.setTimeToSleep(1);
+        Screenshot.take("Configuring provider");
         waitForProviderDetails();
     }
 
     private void waitForProviderDetails() {
         String text = solo.getString(R.string.provider_details_fragment_title);
         assertTrue("Provider details dialog did not appear", solo.waitForText(text, 1, 60*1000));
+        Screenshot.take("Provider details");
     }
 
     public void testAddNewProvider() {
diff --git a/app/src/androidTest/java/se/leap/bitmaskclient/test/testDashboardIntegration.java b/app/src/androidTest/java/se/leap/bitmaskclient/test/testDashboardIntegration.java
index fea6bf77..ece70c59 100644
--- a/app/src/androidTest/java/se/leap/bitmaskclient/test/testDashboardIntegration.java
+++ b/app/src/androidTest/java/se/leap/bitmaskclient/test/testDashboardIntegration.java
@@ -1,20 +1,10 @@
 package se.leap.bitmaskclient.test;
 
-import android.graphics.*;
-import android.graphics.drawable.Drawable;
-import android.widget.Button;
-
-import com.robotium.solo.*;
-
 import java.io.*;
 
-import de.blinkt.openvpn.activities.*;
-import mbanje.kurt.fabbutton.CircleImageView;
-import mbanje.kurt.fabbutton.FabButton;
-import mbanje.kurt.fabbutton.ProgressRingView;
 import se.leap.bitmaskclient.*;
 
-public class testDashboardIntegration extends BaseTestDashboard {
+public class testDashboardIntegration extends BaseTestDashboardFragment {
 
     @Override
     protected void tearDown() throws Exception {
diff --git a/app/src/androidTest/java/se/leap/bitmaskclient/test/testUserStatusFragment.java b/app/src/androidTest/java/se/leap/bitmaskclient/test/testUserStatusFragment.java
index 7e791d16..2031f365 100644
--- a/app/src/androidTest/java/se/leap/bitmaskclient/test/testUserStatusFragment.java
+++ b/app/src/androidTest/java/se/leap/bitmaskclient/test/testUserStatusFragment.java
@@ -1,6 +1,6 @@
 package se.leap.bitmaskclient.test;
 
-public class testUserStatusFragment extends BaseTestDashboard {
+public class testUserStatusFragment extends BaseTestDashboardFragment {
 
     public final String TAG = testUserStatusFragment.class.getName();
 
@@ -18,7 +18,10 @@ public class testUserStatusFragment extends BaseTestDashboard {
 
     public void testLogInAndOut() {
         user_status_controller.clickUserSessionButton();
+        Screenshot.take("Login dialog");
         user_status_controller.logIn(test_username, test_password);
+        Screenshot.setTimeToSleep(2);
+        Screenshot.takeWithSleep("Logging in");
         user_status_controller.logOut();
     }
 
diff --git a/app/src/androidTest/java/se/leap/bitmaskclient/test/testVpnFragment.java b/app/src/androidTest/java/se/leap/bitmaskclient/test/testVpnFragment.java
index d23be601..12cb8c14 100644
--- a/app/src/androidTest/java/se/leap/bitmaskclient/test/testVpnFragment.java
+++ b/app/src/androidTest/java/se/leap/bitmaskclient/test/testVpnFragment.java
@@ -1,21 +1,14 @@
 package se.leap.bitmaskclient.test;
 
-public class testVpnFragment extends BaseTestDashboard {
-
-    @Override
-    protected void setUp() throws Exception {
-        super.setUp();
-        Screenshot.initialize(solo);
-    }
+public class testVpnFragment extends BaseTestDashboardFragment {
 
     /**
      * This test will fail if Android does not trust VPN connection.
      * I cannot automate that dialog.
      */
     public void testOnOffOpenVpn() {
-        Screenshot.take("Initial UI");
         vpn_controller.clickVpnButton();
-        Screenshot.setTimeToSleep(5);
+        Screenshot.setTimeToSleep(8);
         Screenshot.takeWithSleep("Turning VPN on");
         vpn_controller.turningEipOn();
         Screenshot.setTimeToSleep(0.5);
diff --git a/app/src/main/AndroidManifest.xml b/app/src/main/AndroidManifest.xml
index ce89a317..ce6d5ddd 100644
--- a/app/src/main/AndroidManifest.xml
+++ b/app/src/main/AndroidManifest.xml
@@ -23,8 +23,7 @@
     <uses-permission android:name="android.permission.INTERNET" />
     <uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
     <uses-permission android:name="android.permission.RECEIVE_BOOT_COMPLETED" />
-    <uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE"
-                     android:maxSdkVersion="18"/>
+    <uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE"/>
 
     <uses-sdk
         android:minSdkVersion="14"
diff --git a/ics-openvpn b/ics-openvpn
index 23314f5e..0c5ab6b9 160000
--- a/ics-openvpn
+++ b/ics-openvpn
@@ -1 +1 @@
-Subproject commit 23314f5ec13d14c220096f6d7d44932b45e4fc3e
+Subproject commit 0c5ab6b91844319433932b67e97fbb23649ca006
-- 
cgit v1.2.3


From 37b635ef2436d3050d565f5d550c085e144ef139 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Parm=C3=A9nides=20GV?= <parmegv@sdf.org>
Date: Tue, 16 Jun 2015 11:59:56 +0200
Subject: Use https to fetch submodules

---
 .gitmodules | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.gitmodules b/.gitmodules
index 8bd0f9d5..7c73874b 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -1,4 +1,4 @@
 [submodule "ics-openvpn"]
 	path = ics-openvpn
 	branch = bitmask
-	url = git@github.com:parmegv/ics-openvpn.git
+	url = https://github.com/parmegv/ics-openvpn.git
-- 
cgit v1.2.3


From c55786ffd17842f638d84812be8d544f51c53ec6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Parm=C3=A9nides=20GV?= <parmegv@sdf.org>
Date: Wed, 17 Jun 2015 08:58:59 +0200
Subject: Remove mips architecture in ics-openvpn, and use fdroid's buildtools
 version

---
 app/build.gradle | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/build.gradle b/app/build.gradle
index 9acd5ab1..fbbc8eb8 100644
--- a/app/build.gradle
+++ b/app/build.gradle
@@ -2,7 +2,7 @@ apply plugin: 'com.android.application'
 
 android {
   compileSdkVersion 21
-  buildToolsVersion "22.0.1"
+  buildToolsVersion "22.0.0"
 
   signingConfigs {
     release {
-- 
cgit v1.2.3


From c8c12c38ca561ea5ccd8587f4136b2bf9713ffa4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Parm=C3=A9nides=20GV?= <parmegv@sdf.org>
Date: Wed, 24 Jun 2015 20:30:11 +0200
Subject: Write SD card permission needs to be turned on for tests only

---
 app/src/main/AndroidManifest.xml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/app/src/main/AndroidManifest.xml b/app/src/main/AndroidManifest.xml
index ce6d5ddd..b4ada5fc 100644
--- a/app/src/main/AndroidManifest.xml
+++ b/app/src/main/AndroidManifest.xml
@@ -23,7 +23,8 @@
     <uses-permission android:name="android.permission.INTERNET" />
     <uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
     <uses-permission android:name="android.permission.RECEIVE_BOOT_COMPLETED" />
-    <uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE"/>
+    <uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE"
+		     android:maxSdkVersion="18"/>
 
     <uses-sdk
         android:minSdkVersion="14"
-- 
cgit v1.2.3


From 684f5da5b9717549cff48ee310d2982b76634a2c Mon Sep 17 00:00:00 2001
From: KwadroNaut <KwadroNaut@users.noreply.github.com>
Date: Sat, 15 Aug 2015 17:14:04 +0200
Subject: A quote too much

This is also an open issue in Transifex: https://www.transifex.com/otf/bitmask-android/translate/#es/$/22692144?issue=yes You should double check if this is correct.
---
 app/src/main/res/values/strings.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/src/main/res/values/strings.xml b/app/src/main/res/values/strings.xml
index 7746795e..06c80f12 100644
--- a/app/src/main/res/values/strings.xml
+++ b/app/src/main/res/values/strings.xml
@@ -30,7 +30,7 @@
     <string name="username_ask">Please enter your username</string>
     <string name="password_hint">password</string>
     <string name="user_message">User message</string>
-    <string name="title_about_activity">About Bitmask"</string>
+    <string name="title_about_activity">About Bitmask</string>
     <string name="error_srp_math_error_user_message">Try again: server math error.</string>    
     <string name="error_bad_user_password_user_message">Incorrect username or password.</string>
     <string name="error_not_valid_password_user_message">It should have at least 8 characters.</string>
-- 
cgit v1.2.3


From 013cff913a7ba73cb5d338848ebdb639ddcabaed Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Parm=C3=A9nides=20GV?= <parmegv@sdf.org>
Date: Sat, 6 Feb 2016 11:50:21 +0100
Subject: Init ics-openvpn submodules

---
 README.md | 17 +++++++++++++----
 1 file changed, 13 insertions(+), 4 deletions(-)

diff --git a/README.md b/README.md
index f1921e10..07562089 100644
--- a/README.md
+++ b/README.md
@@ -28,14 +28,23 @@ Installable via `android` command (SDK Manager):
 * Android SDK Build-tools, 19.0.3
 * Android Support Repository, 4+
 
-We need Mercurial:
-* Mercurial: http://mercurial.selenic.com/downloads
-
 Finally, install a java compiler. For example:
 
    sudo apt-get install default-jdk
 
-### Build native sources
+## Update git submodules
+
+We build upon ics-openvpn, which meets a submodule in our project structure.
+
+For that reason, it is necessary to initialize and update them before being able to build Bitmask Android.
+
+    git submodule init
+    git submodule update
+    cd ics-openvpn
+    git submodule init
+    git submodule update
+
+## Build native sources
 
 To build NDK sources, you need to issue these commands:
 
-- 
cgit v1.2.3


From 096faf08f2d0cc4dc4a28677415391942410063d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Parm=C3=A9nides=20GV?= <parmegv@sdf.org>
Date: Sat, 6 Feb 2016 12:42:42 +0100
Subject: Update build tools and compile sdk version.

Warn about the needed libraries for 64 bit systems.
---
 README.md                                                      | 3 +++
 app/build.gradle                                               | 4 ++--
 app/src/insecure/java/se/leap/bitmaskclient/ProviderAPI.java   | 8 --------
 app/src/production/java/se/leap/bitmaskclient/ProviderAPI.java | 8 --------
 4 files changed, 5 insertions(+), 18 deletions(-)

diff --git a/README.md b/README.md
index 07562089..885c415b 100644
--- a/README.md
+++ b/README.md
@@ -32,6 +32,9 @@ Finally, install a java compiler. For example:
 
    sudo apt-get install default-jdk
 
+If you are using a 64-bit machine, you will need to install some libraries too:
+    sudo apt-get install lib32stdc++6 lib32z1
+
 ## Update git submodules
 
 We build upon ics-openvpn, which meets a submodule in our project structure.
diff --git a/app/build.gradle b/app/build.gradle
index fbbc8eb8..c6718303 100644
--- a/app/build.gradle
+++ b/app/build.gradle
@@ -1,8 +1,8 @@
 apply plugin: 'com.android.application'
 
 android {
-  compileSdkVersion 21
-  buildToolsVersion "22.0.0"
+  compileSdkVersion 23
+  buildToolsVersion "23.0.2"
 
   signingConfigs {
     release {
diff --git a/app/src/insecure/java/se/leap/bitmaskclient/ProviderAPI.java b/app/src/insecure/java/se/leap/bitmaskclient/ProviderAPI.java
index 2d7e13fe..df827242 100644
--- a/app/src/insecure/java/se/leap/bitmaskclient/ProviderAPI.java
+++ b/app/src/insecure/java/se/leap/bitmaskclient/ProviderAPI.java
@@ -22,7 +22,6 @@ import android.content.res.*;
 import android.os.*;
 import android.util.*;
 
-import org.apache.http.client.*;
 import org.json.*;
 import org.thoughtcrime.ssl.pinning.util.*;
 
@@ -440,9 +439,6 @@ public class ProviderAPI extends IntentService {
             is = urlConnection.getInputStream();
             String plain_response = new Scanner(is).useDelimiter("\\A").next();
             json_response = new JSONObject(plain_response);
-        } catch (ClientProtocolException e) {
-            json_response = getErrorMessage(urlConnection);
-            e.printStackTrace();
         } catch (IOException e) {
             json_response = getErrorMessage(urlConnection);
             e.printStackTrace();
@@ -908,10 +904,6 @@ public class ProviderAPI extends IntentService {
             responseCode = urlConnection.getResponseCode();
             broadcastProgress(progress++);
             LeapSRPSession.setToken("");
-        } catch (ClientProtocolException e) {
-            // TODO Auto-generated catch block
-            e.printStackTrace();
-            return false;
         } catch (IndexOutOfBoundsException e) {
             // TODO Auto-generated catch block
             e.printStackTrace();
diff --git a/app/src/production/java/se/leap/bitmaskclient/ProviderAPI.java b/app/src/production/java/se/leap/bitmaskclient/ProviderAPI.java
index a3f7db6a..b9b449f0 100644
--- a/app/src/production/java/se/leap/bitmaskclient/ProviderAPI.java
+++ b/app/src/production/java/se/leap/bitmaskclient/ProviderAPI.java
@@ -32,7 +32,6 @@ import java.util.*;
 
 import javax.net.ssl.*;
 
-import org.apache.http.client.*;
 import org.json.*;
 import org.thoughtcrime.ssl.pinning.util.*;
 
@@ -432,9 +431,6 @@ public class ProviderAPI extends IntentService {
             is = urlConnection.getInputStream();
             String plain_response = new Scanner(is).useDelimiter("\\A").next();
             json_response = new JSONObject(plain_response);
-        } catch (ClientProtocolException e) {
-            json_response = getErrorMessage(urlConnection);
-            e.printStackTrace();
         } catch (IOException e) {
             json_response = getErrorMessage(urlConnection);
             e.printStackTrace();
@@ -890,10 +886,6 @@ public class ProviderAPI extends IntentService {
             responseCode = urlConnection.getResponseCode();
             broadcastProgress(progress++);
             LeapSRPSession.setToken("");
-        } catch (ClientProtocolException e) {
-            // TODO Auto-generated catch block
-            e.printStackTrace();
-            return false;
         } catch (IndexOutOfBoundsException e) {
             // TODO Auto-generated catch block
             e.printStackTrace();
-- 
cgit v1.2.3


From 5b95785060adace6b48a69d560051261233d954d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Parm=C3=A9nides=20GV?= <parmegv@sdf.org>
Date: Sat, 6 Feb 2016 13:00:53 +0100
Subject: Update ics-openvpn

---
 README.md                                          |  12 +
 app/build.gradle                                   |   2 +
 app/snappy                                         |   1 -
 app/src/main/java/de/blinkt/openvpn/LaunchVPN.java |  11 +-
 .../main/java/de/blinkt/openvpn/VpnProfile.java    | 148 +++---
 .../blinkt/openvpn/activities/DisconnectVPN.java   |   2 +-
 .../de/blinkt/openvpn/activities/LogWindow.java    |   4 +-
 .../main/java/de/blinkt/openvpn/core/CIDRIP.java   |   2 +-
 .../java/de/blinkt/openvpn/core/ConfigParser.java  |  54 ++-
 .../java/de/blinkt/openvpn/core/Connection.java    |   7 +-
 .../blinkt/openvpn/core/DeviceStateReceiver.java   |  83 +++-
 .../blinkt/openvpn/core/ICSOpenVPNApplication.java |   4 +-
 .../openvpn/core/LollipopDeviceStateListener.java  |   2 +-
 .../java/de/blinkt/openvpn/core/NativeUtils.java   |  25 +-
 .../java/de/blinkt/openvpn/core/NetworkSpace.java  |  32 +-
 .../de/blinkt/openvpn/core/OpenVPNManagement.java  |  10 +-
 .../de/blinkt/openvpn/core/OpenVPNService.java     | 108 ++++-
 .../java/de/blinkt/openvpn/core/OpenVPNThread.java |   2 +-
 .../openvpn/core/OpenVpnManagementThread.java      | 251 +++++-----
 .../java/de/blinkt/openvpn/core/PRNGFixes.java     |   2 +-
 .../de/blinkt/openvpn/core/ProfileManager.java     |   7 +-
 .../de/blinkt/openvpn/core/ProxyDetection.java     |   2 +-
 .../de/blinkt/openvpn/core/VPNLaunchHelper.java    |  29 +-
 .../java/de/blinkt/openvpn/core/VpnStatus.java     | 161 +++++--
 .../java/de/blinkt/openvpn/core/X509Utils.java     |  71 ++-
 .../de/blinkt/openvpn/fragments/LogFragment.java   | 505 +++++++++++----------
 .../java/de/blinkt/openvpn/views/SeekBarTicks.java |   7 +-
 .../main/res/drawable-hdpi/ic_close_white_24dp.png | Bin 324 -> 221 bytes
 .../main/res/drawable-mdpi/ic_close_white_24dp.png | Bin 279 -> 175 bytes
 .../res/drawable-xhdpi/ic_close_white_24dp.png     | Bin 402 -> 257 bytes
 .../res/drawable-xxhdpi/ic_close_white_24dp.png    | Bin 492 -> 347 bytes
 .../res/drawable-xxxhdpi/ic_close_white_24dp.png   | Bin 662 -> 436 bytes
 app/src/main/res/drawable/white_rect.xml           |   2 +-
 .../main/res/layout-sw600dp-port/log_fragment.xml  |   2 +-
 app/src/main/res/layout-sw600dp/log_fragment.xml   |   2 +-
 app/src/main/res/layout/log_fragment.xml           |   2 +-
 app/src/main/res/layout/log_silders.xml            |   9 +-
 app/src/main/res/layout/log_window.xml             |   2 +-
 app/src/main/res/layout/vpnstatus.xml              |   2 +-
 app/src/main/res/menu/logmenu.xml                  |  13 +-
 app/src/main/res/values-cs/strings-icsopenvpn.xml  |   2 -
 app/src/main/res/values-de/strings-icsopenvpn.xml  |  30 +-
 app/src/main/res/values-es/strings-icsopenvpn.xml  |   4 +-
 app/src/main/res/values-et/strings-icsopenvpn.xml  |  25 +-
 app/src/main/res/values-fr/strings-icsopenvpn.xml  |   5 +-
 app/src/main/res/values-hu/strings-icsopenvpn.xml  |  28 +-
 app/src/main/res/values-in/strings-icsopenvpn.xml  | 135 +++++-
 app/src/main/res/values-it/strings-icsopenvpn.xml  |   3 +-
 app/src/main/res/values-ja/strings-icsopenvpn.xml  | 116 ++++-
 app/src/main/res/values-ko/strings-icsopenvpn.xml  |  17 +-
 app/src/main/res/values-nl/strings-icsopenvpn.xml  |  10 +-
 app/src/main/res/values-no/strings-icsopenvpn.xml  |   1 -
 app/src/main/res/values-pl/strings-icsopenvpn.xml  | 179 ++++++--
 app/src/main/res/values-ro/strings-icsopenvpn.xml  |   2 -
 app/src/main/res/values-ru/strings-icsopenvpn.xml  |  53 ++-
 app/src/main/res/values-sv/strings-icsopenvpn.xml  |   4 +-
 app/src/main/res/values-sw600dp/dimens.xml         |   2 +-
 app/src/main/res/values-sw600dp/styles.xml         |   2 +-
 app/src/main/res/values-tr/strings-icsopenvpn.xml  |  27 +-
 app/src/main/res/values-uk/strings-icsopenvpn.xml  |  13 +-
 app/src/main/res/values-v21/colours.xml            |   2 +-
 app/src/main/res/values-v21/refs.xml               |  15 +-
 app/src/main/res/values-v21/styles.xml             |  19 +-
 app/src/main/res/values-vi/strings-icsopenvpn.xml  |  25 +-
 .../main/res/values-zh-rCN/strings-icsopenvpn.xml  |  12 +-
 .../main/res/values-zh-rTW/strings-icsopenvpn.xml  | 239 +++++++---
 app/src/main/res/values/colours.xml                |   2 +-
 app/src/main/res/values/dimens.xml                 |   2 +-
 app/src/main/res/values/refs.xml                   |  14 +-
 app/src/main/res/values/strings-icsopenvpn.xml     |  35 +-
 app/src/main/res/values/styles.xml                 |  16 +-
 ics-openvpn                                        |   2 +-
 72 files changed, 1771 insertions(+), 848 deletions(-)
 delete mode 120000 app/snappy

diff --git a/README.md b/README.md
index 885c415b..913a70c7 100644
--- a/README.md
+++ b/README.md
@@ -89,6 +89,18 @@ Due to the nature of some tests, adb will lose its connectivity and you won't re
 
 We'll polish this process soon, but right now that's what we're doing (well, in fact, we run "adb logcat" in Emacs and then search "failed: test" in the corresponding buffer ;) ).
 
+## Updating ics-openvpn
+
+    cd ics-openvpn
+    git remote add upstream https://github.com/schwabe/ics-openvpn.git
+    git pull --rebase upstream master
+    
+A bunch of conflicts may arise. The guidelines are: 
+    1. Methods in HEAD (upstream) completely removed from Bitmask should be removed again (e.g. askPW)
+    2. Sometimes, Dashboard.class is in Bitmask while in ics-openvpn it is replaced by MainActivity.class and other classes. Keep removing them to keep Dashboard.class in there.
+    3. Some resources files are stripped from several entries. Remove them if possible (check the code we compile is not using anything else new).
+
+    ./gradlew updateIcsOpenVpn
 ## Acknowledgements
 
 This project bases its work in [ics-openvpn project](https://code.google.com/p/ics-openvpn/).
diff --git a/app/build.gradle b/app/build.gradle
index c6718303..f65f99fd 100644
--- a/app/build.gradle
+++ b/app/build.gradle
@@ -55,6 +55,7 @@ dependencies {
   compile 'com.google.code.gson:gson:2.3.1'
   compile 'org.thoughtcrime.ssl.pinning:AndroidPinning:1.0.0'
   compile 'mbanje.kurt:fabbutton:1.1.4'
+    compile 'com.android.support:support-annotations:23.1.1'
 }
 
 def processFileInplace(file, Closure processText) {
@@ -81,6 +82,7 @@ task copyIcsOpenVPNClasses( type: Copy ) {
     include '**/dimens.xml'
     include '**/logmenu.xml'
     include '**/core/**.java'
+      include '**/activities/BaseActivity.java'
 
     includeEmptyDirs = false
     
diff --git a/app/snappy b/app/snappy
deleted file mode 120000
index c44d7d0f..00000000
--- a/app/snappy
+++ /dev/null
@@ -1 +0,0 @@
-../ics-openvpn/main/snappy
\ No newline at end of file
diff --git a/app/src/main/java/de/blinkt/openvpn/LaunchVPN.java b/app/src/main/java/de/blinkt/openvpn/LaunchVPN.java
index 90216a70..721e8991 100644
--- a/app/src/main/java/de/blinkt/openvpn/LaunchVPN.java
+++ b/app/src/main/java/de/blinkt/openvpn/LaunchVPN.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012-2014 Arne Schwabe
+ * Copyright (c) 2012-2016 Arne Schwabe
  * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
  */
 
@@ -20,6 +20,7 @@ import android.preference.PreferenceManager;
 import android.text.InputType;
 import android.text.TextUtils;
 import android.text.method.PasswordTransformationMethod;
+import android.util.Log;
 import android.view.View;
 import android.widget.CheckBox;
 import android.widget.CompoundButton;
@@ -63,6 +64,8 @@ public class LaunchVPN extends Activity {
 	public static final String EXTRA_KEY = "de.blinkt.openvpn.shortcutProfileUUID";
 	public static final String EXTRA_NAME = "de.blinkt.openvpn.shortcutProfileName";
 	public static final String EXTRA_HIDELOG =  "de.blinkt.openvpn.showNoLogWindow";
+	public static final String CLEARLOG = "clearlogconnect";
+
 
 	private static final int START_VPN_PROFILE= 70;
 
@@ -93,6 +96,10 @@ public class LaunchVPN extends Activity {
 
 
 		if(Intent.ACTION_MAIN.equals(action)) {
+			// Check if we need to clear the log
+			if (PreferenceManager.getDefaultSharedPreferences(this).getBoolean(CLEARLOG, true))
+				VpnStatus.clearLog();
+
 			// we got called to be the starting point, most likely a shortcut
 			String shortcutUUID = intent.getStringExtra( EXTRA_KEY);
 			String shortcutName = intent.getStringExtra( EXTRA_NAME);
@@ -115,7 +122,7 @@ public class LaunchVPN extends Activity {
 
 		}
 	}
-    
+
 	@Override
 	protected void onActivityResult (int requestCode, int resultCode, Intent data) {
 		super.onActivityResult(requestCode, resultCode, data);
diff --git a/app/src/main/java/de/blinkt/openvpn/VpnProfile.java b/app/src/main/java/de/blinkt/openvpn/VpnProfile.java
index 43e1b57c..dbe4b440 100644
--- a/app/src/main/java/de/blinkt/openvpn/VpnProfile.java
+++ b/app/src/main/java/de/blinkt/openvpn/VpnProfile.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012-2014 Arne Schwabe
+ * Copyright (c) 2012-2016 Arne Schwabe
  * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
  */
 
@@ -18,6 +18,7 @@ import android.os.Build;
 import android.preference.PreferenceManager;
 import android.security.KeyChain;
 import android.security.KeyChainException;
+import android.support.annotation.NonNull;
 import android.text.TextUtils;
 import android.util.Base64;
 
@@ -71,7 +72,7 @@ public class VpnProfile implements Serializable, Cloneable {
 
     private static final long serialVersionUID = 7085688938959334563L;
     public static final int MAXLOGLEVEL = 4;
-    public static final int CURRENT_PROFILE_VERSION = 5;
+    public static final int CURRENT_PROFILE_VERSION = 6;
     public static final int DEFAULT_MSSFIX_SIZE = 1450;
     public static String DEFAULT_DNS1 = "8.8.8.8";
     public static String DEFAULT_DNS2 = "8.8.4.4";
@@ -152,7 +153,7 @@ public class VpnProfile implements Serializable, Cloneable {
     public int mMssFix =0; // -1 is default,
     public Connection[] mConnections = new Connection[0];
     public boolean mRemoteRandom=false;
-    public HashSet<String> mAllowedAppsVpn = new HashSet<String>();
+    public HashSet<String> mAllowedAppsVpn = new HashSet<>();
     public boolean mAllowedAppsVpnAreDisallowed = true;
     public String mProfileCreator;
 
@@ -160,8 +161,7 @@ public class VpnProfile implements Serializable, Cloneable {
     public String mServerName = "openvpn.blinkt.de";
     public String mServerPort = "1194";
     public boolean mUseUdp = true;
-
-
+    public boolean mPushPeerInfo=false;
 
     public VpnProfile(String name) {
         mUuid = UUID.randomUUID();
@@ -197,6 +197,7 @@ public class VpnProfile implements Serializable, Cloneable {
         mCheckRemoteCN = false;
         mPersistTun = false;
         mAllowLocalLAN = true;
+        mPushPeerInfo =false;
         mMssFix = 0;
     }
 
@@ -222,10 +223,16 @@ public class VpnProfile implements Serializable, Cloneable {
             mAllowedAppsVpnAreDisallowed=true;
         }
         if (mAllowedAppsVpn==null)
-            mAllowedAppsVpn = new HashSet<String>();
+            mAllowedAppsVpn = new HashSet<>();
         if (mConnections ==null)
             mConnections = new Connection[0];
 
+        if (mProfileVersion < 6) {
+            if (TextUtils.isEmpty(mProfileCreator))
+                mUserEditable=true;
+        }
+
+
         mProfileVersion= CURRENT_PROFILE_VERSION;
 
     }
@@ -260,8 +267,12 @@ public class VpnProfile implements Serializable, Cloneable {
         cfg += "management-query-passwords\n";
         cfg += "management-hold\n\n";
 
-        if (!configForOvpn3)
+        if (!configForOvpn3) {
             cfg += String.format("setenv IV_GUI_VER %s \n", openVpnEscape(getVersionEnvString(context)));
+            String versionString = String.format("%d %s %s %s %s %s", Build.VERSION.SDK_INT, Build.VERSION.RELEASE,
+                    NativeUtils.getNativeAPI(), Build.BRAND, Build.BOARD, Build.MODEL);
+            cfg += String.format("setenv IV_PLAT_VER %s\n", openVpnEscape(versionString)) ;
+        }
 
         cfg += "machine-readable-output\n";
 
@@ -432,9 +443,9 @@ public class VpnProfile implements Serializable, Cloneable {
         }
 
         if (mMssFix !=0){
-            if (mMssFix!=1450)
-                cfg+=String.format("mssfix %d\n", mMssFix, Locale.US);
-            else
+            if (mMssFix!=1450) {
+                cfg += String.format("mssfix %d\n", mMssFix, Locale.US);
+            } else
                 cfg+="mssfix\n";
         }
 
@@ -495,6 +506,9 @@ public class VpnProfile implements Serializable, Cloneable {
             cfg += "preresolve\n";
         }
 
+        if (mPushPeerInfo)
+            cfg+="push-peer-info\n";
+
         SharedPreferences prefs = PreferenceManager.getDefaultSharedPreferences(context);
         boolean usesystemproxy = prefs.getBoolean("usesystemproxy", true);
         if (usesystemproxy) {
@@ -541,7 +555,7 @@ public class VpnProfile implements Serializable, Cloneable {
     }
 
     //! Put inline data inline and other data as normal escaped filename
-    private String insertFileData(String cfgentry, String filedata) {
+    public static String insertFileData(String cfgentry, String filedata) {
         if (filedata == null) {
             // TODO: generate good error
             return String.format("%s %s\n", cfgentry, "missing");
@@ -553,8 +567,9 @@ public class VpnProfile implements Serializable, Cloneable {
         }
     }
 
+    @NonNull
     private Collection<String> getCustomRoutes(String routes) {
-        Vector<String> cidrRoutes = new Vector<String>();
+        Vector<String> cidrRoutes = new Vector<>();
         if (routes == null) {
             // No routes set, return empty vector
             return cidrRoutes;
@@ -563,7 +578,7 @@ public class VpnProfile implements Serializable, Cloneable {
             if (!route.equals("")) {
                 String cidrroute = cidrToIPAndNetmask(route);
                 if (cidrroute == null)
-                    return null;
+                    return cidrRoutes;
 
                 cidrRoutes.add(cidrroute);
             }
@@ -573,7 +588,7 @@ public class VpnProfile implements Serializable, Cloneable {
     }
 
     private Collection<String> getCustomRoutesv6(String routes) {
-        Vector<String> cidrRoutes = new Vector<String>();
+        Vector<String> cidrRoutes = new Vector<>();
         if (routes == null) {
             // No routes set, return empty vector
             return cidrRoutes;
@@ -606,8 +621,8 @@ public class VpnProfile implements Serializable, Cloneable {
             return null;
 
 
-        long nm = 0xffffffffl;
-        nm = (nm << (32 - len)) & 0xffffffffl;
+        long nm = 0xffffffffL;
+        nm = (nm << (32 - len)) & 0xffffffffL;
 
         String netmask = String.format(Locale.ENGLISH, "%d.%d.%d.%d", (nm & 0xff000000) >> 24, (nm & 0xff0000) >> 16, (nm & 0xff00) >> 8, nm & 0xff);
         return parts[0] + "  " + netmask;
@@ -708,7 +723,7 @@ public class VpnProfile implements Serializable, Cloneable {
 
     public VpnProfile copy(String name) {
         try {
-            VpnProfile copy = (VpnProfile) clone();
+            VpnProfile copy = clone();
             copy.mName = name;
             return copy;
 
@@ -726,17 +741,14 @@ public class VpnProfile implements Serializable, Cloneable {
     }
 
     synchronized String[] getKeyStoreCertificates(Context context,int tries) {
-        PrivateKey privateKey = null;
-        X509Certificate[] caChain;
-        Exception exp;
         try {
-            privateKey = KeyChain.getPrivateKey(context, mAlias);
+            PrivateKey privateKey = KeyChain.getPrivateKey(context, mAlias);
             mPrivateKey = privateKey;
 
             String keystoreChain = null;
 
 
-            caChain = KeyChain.getCertificateChain(context, mAlias);
+            X509Certificate[] caChain = KeyChain.getCertificateChain(context, mAlias);
             if(caChain == null)
                 throw new NoCertReturnedException("No certificate returned from Keystore");
 
@@ -758,11 +770,12 @@ public class VpnProfile implements Serializable, Cloneable {
             String caout = null;
             if (!TextUtils.isEmpty(mCaFilename)) {
                 try {
-                    Certificate cacert = X509Utils.getCertificateFromFile(mCaFilename);
+                    Certificate[] cacerts = X509Utils.getCertificatesFromFile(mCaFilename);
                     StringWriter caoutWriter = new StringWriter();
                     PemWriter pw = new PemWriter(caoutWriter);
 
-                    pw.writeObject(new PemObject("CERTIFICATE", cacert.getEncoded()));
+                    for (Certificate cert: cacerts)
+                        pw.writeObject(new PemObject("CERTIFICATE", cert.getEncoded()));
                     pw.close();
                     caout= caoutWriter.toString();
 
@@ -796,20 +809,19 @@ public class VpnProfile implements Serializable, Cloneable {
             }
 
             return new String[]{ca, extra, user};
-        } catch (InterruptedException e) {
-            exp=e;
-        } catch (FileNotFoundException e) {
-            exp=e;
-        } catch (CertificateException e) {
-            exp=e;
-        } catch (IOException e) {
-            exp=e;
-        } catch (KeyChainException e) {
-            exp=e;
-        } catch (NoCertReturnedException e) {
-            exp =e;
-        } catch (IllegalArgumentException e) {
-            exp =e;
+        } catch (InterruptedException | IOException | KeyChainException | NoCertReturnedException | IllegalArgumentException
+                | CertificateException e) {
+            e.printStackTrace();
+            VpnStatus.logError(R.string.keyChainAccessError, e.getLocalizedMessage());
+
+            VpnStatus.logError(R.string.keychain_access);
+            if (Build.VERSION.SDK_INT == Build.VERSION_CODES.JELLY_BEAN) {
+                if (!mAlias.matches("^[a-zA-Z0-9]$")) {
+                    VpnStatus.logError(R.string.jelly_keystore_alphanumeric_bug);
+                }
+            }
+            return null;
+
         } catch (AssertionError e) {
             if (tries ==0)
                 return null;
@@ -822,19 +834,9 @@ public class VpnProfile implements Serializable, Cloneable {
             return getKeyStoreCertificates(context, tries-1);
         }
 
-        exp.printStackTrace();
-        VpnStatus.logError(R.string.keyChainAccessError, exp.getLocalizedMessage());
-
-        VpnStatus.logError(R.string.keychain_access);
-        if (Build.VERSION.SDK_INT == Build.VERSION_CODES.JELLY_BEAN) {
-            if (!mAlias.matches("^[a-zA-Z0-9]$")) {
-                VpnStatus.logError(R.string.jelly_keystore_alphanumeric_bug);
-            }
-        }
-        return null;
     }
 
-    //! Return an error if somethign is wrong
+    //! Return an error if something is wrong
     public int checkProfile(Context context) {
         if (mAuthenticationType == TYPE_KEYSTORE || mAuthenticationType == TYPE_USERPASS_KEYSTORE) {
             if (mAlias == null)
@@ -845,8 +847,14 @@ public class VpnProfile implements Serializable, Cloneable {
             if (mIPv4Address == null || cidrToIPAndNetmask(mIPv4Address) == null)
                 return R.string.ipv4_format_error;
         }
-        if (!mUseDefaultRoute && (getCustomRoutes(mCustomRoutes) == null || getCustomRoutes(mExcludedRoutes) ==null))
-            return R.string.custom_route_format_error;
+        if (!mUseDefaultRoute) {
+            if (!TextUtils.isEmpty(mCustomRoutes) &&  getCustomRoutes(mCustomRoutes).size() == 0 )
+                return R.string.custom_route_format_error;
+
+            if (!TextUtils.isEmpty(mExcludedRoutes) &&  getCustomRoutes(mExcludedRoutes).size() == 0 )
+                return R.string.custom_route_format_error;
+
+        }
 
         boolean noRemoteEnabled = true;
         for (Connection c : mConnections)
@@ -980,7 +988,6 @@ public class VpnProfile implements Serializable, Cloneable {
 
     public String getSignedData(String b64data) {
         PrivateKey privkey = getKeystoreKey();
-        Exception err;
 
         byte[] data = Base64.decode(b64data, Base64.DEFAULT);
 
@@ -1004,26 +1011,14 @@ public class VpnProfile implements Serializable, Cloneable {
             byte[] signed_bytes = rsaSigner.doFinal(data);
             return Base64.encodeToString(signed_bytes, Base64.NO_WRAP);
 
-        } catch (NoSuchAlgorithmException e) {
-            err = e;
-        } catch (InvalidKeyException e) {
-            err = e;
-        } catch (NoSuchPaddingException e) {
-            err = e;
-        } catch (IllegalBlockSizeException e) {
-            err = e;
-        } catch (BadPaddingException e) {
-            err = e;
+        } catch (NoSuchAlgorithmException | InvalidKeyException | IllegalBlockSizeException
+                | BadPaddingException | NoSuchPaddingException e) {
+            VpnStatus.logError(R.string.error_rsa_sign, e.getClass().toString(), e.getLocalizedMessage());
+            return null;
         }
-
-        VpnStatus.logError(R.string.error_rsa_sign, err.getClass().toString(), err.getLocalizedMessage());
-
-        return null;
-
     }
 
     private String processSignJellyBeans(PrivateKey privkey, byte[] data) {
-        Exception err;
         try {
             Method getKey = privkey.getClass().getSuperclass().getDeclaredMethod("getOpenSSLKey");
             getKey.setAccessible(true);
@@ -1044,21 +1039,10 @@ public class VpnProfile implements Serializable, Cloneable {
             byte[] signed_bytes = NativeUtils.rsasign(data, pkey);
             return Base64.encodeToString(signed_bytes, Base64.NO_WRAP);
 
-        } catch (NoSuchMethodException e) {
-            err = e;
-        } catch (IllegalArgumentException e) {
-            err = e;
-        } catch (IllegalAccessException e) {
-            err = e;
-        } catch (InvocationTargetException e) {
-            err = e;
-        } catch (InvalidKeyException e) {
-            err = e;
+        } catch (NoSuchMethodException | InvalidKeyException | InvocationTargetException | IllegalAccessException | IllegalArgumentException e) {
+            VpnStatus.logError(R.string.error_rsa_sign, e.getClass().toString(), e.getLocalizedMessage());
+            return null;
         }
-        VpnStatus.logError(R.string.error_rsa_sign, err.getClass().toString(), err.getLocalizedMessage());
-
-        return null;
-
     }
 
 
diff --git a/app/src/main/java/de/blinkt/openvpn/activities/DisconnectVPN.java b/app/src/main/java/de/blinkt/openvpn/activities/DisconnectVPN.java
index dfd815e4..f55de486 100644
--- a/app/src/main/java/de/blinkt/openvpn/activities/DisconnectVPN.java
+++ b/app/src/main/java/de/blinkt/openvpn/activities/DisconnectVPN.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012-2014 Arne Schwabe
+ * Copyright (c) 2012-2016 Arne Schwabe
  * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
  */
 
diff --git a/app/src/main/java/de/blinkt/openvpn/activities/LogWindow.java b/app/src/main/java/de/blinkt/openvpn/activities/LogWindow.java
index 45f09c8e..130084f5 100644
--- a/app/src/main/java/de/blinkt/openvpn/activities/LogWindow.java
+++ b/app/src/main/java/de/blinkt/openvpn/activities/LogWindow.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012-2014 Arne Schwabe
+ * Copyright (c) 2012-2016 Arne Schwabe
  * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
  */
 
@@ -15,7 +15,7 @@ import de.blinkt.openvpn.fragments.LogFragment;
 /**
  * Created by arne on 13.10.13.
  */
-public class LogWindow extends Activity {
+public class LogWindow extends BaseActivity {
     @Override
     protected void onCreate(Bundle savedInstanceState) {
         super.onCreate(savedInstanceState);
diff --git a/app/src/main/java/de/blinkt/openvpn/core/CIDRIP.java b/app/src/main/java/de/blinkt/openvpn/core/CIDRIP.java
index 94ed8a0b..07f2152f 100644
--- a/app/src/main/java/de/blinkt/openvpn/core/CIDRIP.java
+++ b/app/src/main/java/de/blinkt/openvpn/core/CIDRIP.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012-2014 Arne Schwabe
+ * Copyright (c) 2012-2016 Arne Schwabe
  * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
  */
 
diff --git a/app/src/main/java/de/blinkt/openvpn/core/ConfigParser.java b/app/src/main/java/de/blinkt/openvpn/core/ConfigParser.java
index 232c454b..80a15c54 100644
--- a/app/src/main/java/de/blinkt/openvpn/core/ConfigParser.java
+++ b/app/src/main/java/de/blinkt/openvpn/core/ConfigParser.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012-2014 Arne Schwabe
+ * Copyright (c) 2012-2016 Arne Schwabe
  * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
  */
 
@@ -37,6 +37,8 @@ public class ConfigParser {
 
     public void parseConfig(Reader reader) throws IOException, ConfigParseError {
 
+        HashMap<String, String> optionAliases = new HashMap<>();
+        optionAliases.put("server-poll-timeout", "timeout-connect");
 
         BufferedReader br = new BufferedReader(reader);
 
@@ -48,9 +50,15 @@ public class ConfigParser {
                 if (line == null)
                     break;
 
-                if (lineno == 1 && (line.startsWith("PK\003\004")
-                        || (line.startsWith("PK\007\008"))))
-                    throw new ConfigParseError("Input looks like a ZIP Archive. Import is only possible for OpenVPN config files (.ovpn/.conf)");
+                if (lineno == 1) {
+                    if ((line.startsWith("PK\003\004")
+                            || (line.startsWith("PK\007\008")))) {
+                        throw new ConfigParseError("Input looks like a ZIP Archive. Import is only possible for OpenVPN config files (.ovpn/.conf)");
+                    }
+                    if (line.startsWith("\uFEFF")) {
+                        line = line.substring(1);
+                    }
+                }
 
                 // Check for OpenVPN Access Server Meta information
                 if (line.startsWith("# OVPN_ACCESS_SERVER_")) {
@@ -70,6 +78,9 @@ public class ConfigParser {
                 checkinlinefile(args, br);
 
                 String optionname = args.get(0);
+                if (optionAliases.get(optionname)!=null)
+                    optionname = optionAliases.get(optionname);
+
                 if (!options.containsKey(optionname)) {
                     options.put(optionname, new Vector<Vector<String>>());
                 }
@@ -137,7 +148,7 @@ public class ConfigParser {
 
     }
 
-    public class ConfigParseError extends Exception {
+    public static class ConfigParseError extends Exception {
         private static final long serialVersionUID = -60L;
 
         public ConfigParseError(String msg) {
@@ -388,6 +399,10 @@ public class ConfigParser {
             np.mCustomRoutesv6 = customIPv6Routes;
         }
 
+        Vector<String> routeNoPull = getOption("route-nopull", 1, 1);
+        if (routeNoPull!=null)
+            np.mRoutenopull=true;
+
         // Also recognize tls-auth [inline] direction ...
         Vector<Vector<String>> tlsauthoptions = getAllOption("tls-auth", 1, 2);
         if (tlsauthoptions != null) {
@@ -567,6 +582,9 @@ public class ConfigParser {
         if (getOption("persist-tun", 0, 0) != null)
             np.mPersistTun = true;
 
+        if (getOption("push-peer-info", 0, 0) != null)
+            np.mPushPeerInfo = true;
+
         Vector<String> connectretry = getOption("connect-retry", 1, 1);
         if (connectretry != null)
             np.mConnectRetry = connectretry.get(1);
@@ -709,8 +727,18 @@ public class ConfigParser {
             conn.mUseUdp = isUdpProto(proto.get(1));
         }
 
+        Vector<String> connectTimeout = getOption("connect-timeout", 1, 1);
+        if (connectTimeout != null) {
+            try {
+                conn.mConnectTimeout = Integer.parseInt(connectTimeout.get(1));
+            } catch (NumberFormatException nfe) {
+                throw new ConfigParseError(String.format("Argument to connect-timeout (%s) must to be an integer: %s",
+                        connectTimeout.get(1), nfe.getLocalizedMessage()));
+
+            }
+        }
 
-        // Parse remote config
+                    // Parse remote config
         Vector<Vector<String>> remotes = getAllOption("remote", 1, 3);
 
 
@@ -838,13 +866,21 @@ public class ConfigParser {
         return false;
     }
 
+    //! Generate options for custom options
     private String getOptionStrings(Vector<Vector<String>> option) {
         String custom = "";
         for (Vector<String> optionsline : option) {
             if (!ignoreThisOption(optionsline)) {
-                for (String arg : optionsline)
-                    custom += VpnProfile.openVpnEscape(arg) + " ";
-                custom += "\n";
+                // Check if option had been inlined and inline again
+                if (optionsline.size() == 2 && "extra-certs".equals(optionsline.get(0)) ) {
+                    custom += VpnProfile.insertFileData(optionsline.get(0), optionsline.get(1));
+
+
+                } else {
+                    for (String arg : optionsline)
+                        custom += VpnProfile.openVpnEscape(arg) + " ";
+                    custom += "\n";
+                }
             }
         }
         return custom;
diff --git a/app/src/main/java/de/blinkt/openvpn/core/Connection.java b/app/src/main/java/de/blinkt/openvpn/core/Connection.java
index b10664ce..3455450b 100644
--- a/app/src/main/java/de/blinkt/openvpn/core/Connection.java
+++ b/app/src/main/java/de/blinkt/openvpn/core/Connection.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012-2014 Arne Schwabe
+ * Copyright (c) 2012-2016 Arne Schwabe
  * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
  */
 
@@ -16,6 +16,7 @@ public class Connection implements Serializable, Cloneable {
     public String mCustomConfiguration="";
     public boolean mUseCustomConfig=false;
     public boolean mEnabled=true;
+    public int mConnectTimeout = 0;
 
     private static final long serialVersionUID = 92031902903829089L;
 
@@ -33,6 +34,10 @@ public class Connection implements Serializable, Cloneable {
         else
             cfg += " tcp-client\n";
 
+        if (mConnectTimeout!=0)
+            cfg += String.format(" connect-timeout  %d\n" , mConnectTimeout);
+
+
         if (!TextUtils.isEmpty(mCustomConfiguration) && mUseCustomConfig) {
             cfg += mCustomConfiguration;
             cfg += "\n";
diff --git a/app/src/main/java/de/blinkt/openvpn/core/DeviceStateReceiver.java b/app/src/main/java/de/blinkt/openvpn/core/DeviceStateReceiver.java
index 4ccf5472..40684af3 100644
--- a/app/src/main/java/de/blinkt/openvpn/core/DeviceStateReceiver.java
+++ b/app/src/main/java/de/blinkt/openvpn/core/DeviceStateReceiver.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012-2014 Arne Schwabe
+ * Copyright (c) 2012-2016 Arne Schwabe
  * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
  */
 
@@ -12,15 +12,19 @@ import android.content.SharedPreferences;
 import android.net.ConnectivityManager;
 import android.net.NetworkInfo;
 import android.net.NetworkInfo.State;
+import android.os.Handler;
 import android.preference.PreferenceManager;
+
 import se.leap.bitmaskclient.R;
 import de.blinkt.openvpn.core.VpnStatus.ByteCountListener;
 
 import java.util.LinkedList;
+import java.util.Objects;
 
 import static de.blinkt.openvpn.core.OpenVPNManagement.pauseReason;
 
-public class DeviceStateReceiver extends BroadcastReceiver implements ByteCountListener {
+public class DeviceStateReceiver extends BroadcastReceiver implements ByteCountListener, OpenVPNManagement.PausedStateCallback {
+    private final Handler mDisconnectHandler;
     private int lastNetwork = -1;
     private OpenVPNManagement mManagement;
 
@@ -29,12 +33,36 @@ public class DeviceStateReceiver extends BroadcastReceiver implements ByteCountL
     // Data traffic limit in bytes
     private final long TRAFFIC_LIMIT = 64 * 1024;
 
+    // Time to wait after network disconnect to pause the VPN
+    private final int DISCONNECT_WAIT = 20;
+
 
     connectState network = connectState.DISCONNECTED;
     connectState screen = connectState.SHOULDBECONNECTED;
     connectState userpause = connectState.SHOULDBECONNECTED;
 
     private String lastStateMsg = null;
+    private java.lang.Runnable mDelayDisconnectRunnable = new Runnable() {
+        @Override
+        public void run() {
+            if (!(network == connectState.PENDINGDISCONNECT))
+                return;
+
+            network = connectState.DISCONNECTED;
+
+            // Set screen state to be disconnected if disconnect pending
+            if (screen == connectState.PENDINGDISCONNECT)
+                screen = connectState.DISCONNECTED;
+
+            mManagement.pause(getPauseReason());
+        }
+    };
+    private NetworkInfo lastConnectedNetwork;
+
+    @Override
+    public boolean shouldBeRunning() {
+        return shouldBeConnected();
+    }
 
     enum connectState {
         SHOULDBECONNECTED,
@@ -54,6 +82,7 @@ public class DeviceStateReceiver extends BroadcastReceiver implements ByteCountL
 
     LinkedList<Datapoint> trafficdata = new LinkedList<DeviceStateReceiver.Datapoint>();
 
+
     @Override
     public void updateByteCount(long in, long out, long diffIn, long diffOut) {
         if (screen != connectState.PENDINGDISCONNECT)
@@ -99,6 +128,8 @@ public class DeviceStateReceiver extends BroadcastReceiver implements ByteCountL
     public DeviceStateReceiver(OpenVPNManagement magnagement) {
         super();
         mManagement = magnagement;
+        mManagement.setPauseCallback(this);
+        mDisconnectHandler = new Handler();
     }
 
 
@@ -113,7 +144,7 @@ public class DeviceStateReceiver extends BroadcastReceiver implements ByteCountL
             boolean screenOffPause = prefs.getBoolean("screenoff", false);
 
             if (screenOffPause) {
-                if (ProfileManager.getLastConnectedVpn()!=null &&  !ProfileManager.getLastConnectedVpn().mPersistTun)
+                if (ProfileManager.getLastConnectedVpn() != null && !ProfileManager.getLastConnectedVpn().mPersistTun)
                     VpnStatus.logError(R.string.screen_nopersistenttun);
 
                 screen = connectState.PENDINGDISCONNECT;
@@ -126,6 +157,8 @@ public class DeviceStateReceiver extends BroadcastReceiver implements ByteCountL
             boolean connected = shouldBeConnected();
             screen = connectState.SHOULDBECONNECTED;
 
+            /* We should connect now, cancel any outstanding disconnect timer */
+            mDisconnectHandler.removeCallbacks(mDelayDisconnectRunnable);
             /* should be connected has changed because the screen is on now, connect the VPN */
             if (shouldBeConnected() != connected)
                 mManagement.resume();
@@ -140,6 +173,10 @@ public class DeviceStateReceiver extends BroadcastReceiver implements ByteCountL
     private void fillTrafficData() {
         trafficdata.add(new Datapoint(System.currentTimeMillis(), TRAFFIC_LIMIT));
     }
+    public static boolean equalsObj(Object a, Object b) {
+        return (a == null) ? (b == null) : a.equals(b);
+    }
+
 
 
     public void networkStateChange(Context context) {
@@ -175,34 +212,49 @@ public class DeviceStateReceiver extends BroadcastReceiver implements ByteCountL
 
         if (networkInfo != null && networkInfo.getState() == State.CONNECTED) {
             int newnet = networkInfo.getType();
+
+            boolean pendingDisconnect = (network == connectState.PENDINGDISCONNECT);
             network = connectState.SHOULDBECONNECTED;
 
-            if (lastNetwork != newnet) {
+            boolean sameNetwork;
+            if (lastConnectedNetwork == null
+                    || lastConnectedNetwork.getType() != networkInfo.getType()
+                    || !equalsObj(lastConnectedNetwork.getExtraInfo(), networkInfo.getExtraInfo())
+                    )
+                sameNetwork = false;
+            else
+                sameNetwork = true;
+
+            /* Same network, connection still 'established' */
+            if (pendingDisconnect && sameNetwork) {
+                mDisconnectHandler.removeCallbacks(mDelayDisconnectRunnable);
+                // Reprotect the sockets just be sure
+                mManagement.networkChange(true);
+            } else {
+                /* Different network or connection not established anymore */
+
                 if (screen == connectState.PENDINGDISCONNECT)
                     screen = connectState.DISCONNECTED;
 
                 if (shouldBeConnected()) {
-                    if (lastNetwork == -1) {
-                        mManagement.resume();
-                    } else {
-                        mManagement.networkChange();
+                    mDisconnectHandler.removeCallbacks(mDelayDisconnectRunnable);
 
-                    }
+                    if (pendingDisconnect || !sameNetwork)
+                        mManagement.networkChange(sameNetwork);
+                    else
+                        mManagement.resume();
                 }
 
                 lastNetwork = newnet;
+                lastConnectedNetwork = networkInfo;
             }
         } else if (networkInfo == null) {
             // Not connected, stop openvpn, set last connected network to no network
             lastNetwork = -1;
             if (sendusr1) {
-                network = connectState.DISCONNECTED;
-
-                // Set screen state to be disconnected if disconnect pending
-                if (screen == connectState.PENDINGDISCONNECT)
-                    screen = connectState.DISCONNECTED;
+                network = connectState.PENDINGDISCONNECT;
+                mDisconnectHandler.postDelayed(mDelayDisconnectRunnable, DISCONNECT_WAIT * 1000);
 
-                mManagement.pause(getPauseReason());
             }
         }
 
@@ -213,6 +265,7 @@ public class DeviceStateReceiver extends BroadcastReceiver implements ByteCountL
 
     }
 
+
     public boolean isUserPaused() {
         return userpause == connectState.DISCONNECTED;
     }
diff --git a/app/src/main/java/de/blinkt/openvpn/core/ICSOpenVPNApplication.java b/app/src/main/java/de/blinkt/openvpn/core/ICSOpenVPNApplication.java
index 6e9e63c5..db3ae751 100644
--- a/app/src/main/java/de/blinkt/openvpn/core/ICSOpenVPNApplication.java
+++ b/app/src/main/java/de/blinkt/openvpn/core/ICSOpenVPNApplication.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012-2014 Arne Schwabe
+ * Copyright (c) 2012-2016 Arne Schwabe
  * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
  */
 
@@ -37,5 +37,7 @@ public class ICSOpenVPNApplication extends Application {
         if (BuildConfig.DEBUG) {
             //ACRA.init(this);
         }
+
+        VpnStatus.initLogCache(getApplicationContext().getCacheDir());
     }
 }
diff --git a/app/src/main/java/de/blinkt/openvpn/core/LollipopDeviceStateListener.java b/app/src/main/java/de/blinkt/openvpn/core/LollipopDeviceStateListener.java
index 440458e4..04e4e8b4 100644
--- a/app/src/main/java/de/blinkt/openvpn/core/LollipopDeviceStateListener.java
+++ b/app/src/main/java/de/blinkt/openvpn/core/LollipopDeviceStateListener.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012-2014 Arne Schwabe
+ * Copyright (c) 2012-2016 Arne Schwabe
  * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
  */
 
diff --git a/app/src/main/java/de/blinkt/openvpn/core/NativeUtils.java b/app/src/main/java/de/blinkt/openvpn/core/NativeUtils.java
index f67b7730..ea003d41 100644
--- a/app/src/main/java/de/blinkt/openvpn/core/NativeUtils.java
+++ b/app/src/main/java/de/blinkt/openvpn/core/NativeUtils.java
@@ -1,19 +1,26 @@
 /*
- * Copyright (c) 2012-2014 Arne Schwabe
+ * Copyright (c) 2012-2016 Arne Schwabe
  * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
  */
 
 package de.blinkt.openvpn.core;
 
+import android.os.Build;
+
 import java.security.InvalidKeyException;
 
 public class NativeUtils {
-	public static native byte[] rsasign(byte[] input,int pkey) throws InvalidKeyException;
-    public static native String[] getIfconfig() throws  IllegalArgumentException;
-	static native void jniclose(int fdint);
-
-	static {
-        System.loadLibrary("stlport_shared");
-		System.loadLibrary("opvpnutil");
-	}
+    public static native byte[] rsasign(byte[] input, int pkey) throws InvalidKeyException;
+
+    public static native String[] getIfconfig() throws IllegalArgumentException;
+
+    static native void jniclose(int fdint);
+
+    public static native String getNativeAPI();
+
+    static {
+        System.loadLibrary("opvpnutil");
+        if (Build.VERSION.SDK_INT == Build.VERSION_CODES.JELLY_BEAN)
+            System.loadLibrary("jbcrypto");
+    }
 }
diff --git a/app/src/main/java/de/blinkt/openvpn/core/NetworkSpace.java b/app/src/main/java/de/blinkt/openvpn/core/NetworkSpace.java
index c86f9e44..eb6d4d42 100644
--- a/app/src/main/java/de/blinkt/openvpn/core/NetworkSpace.java
+++ b/app/src/main/java/de/blinkt/openvpn/core/NetworkSpace.java
@@ -1,28 +1,28 @@
 /*
- * Copyright (c) 2012-2014 Arne Schwabe
+ * Copyright (c) 2012-2016 Arne Schwabe
  * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
  */
 
 package de.blinkt.openvpn.core;
 
 import android.os.Build;
+import android.support.annotation.NonNull;
 import android.text.TextUtils;
 
 import junit.framework.Assert;
 
-import org.jetbrains.annotations.NotNull;
-
 import java.math.BigInteger;
 import java.net.Inet6Address;
-import java.util.*;
+import java.util.Collection;
+import java.util.Locale;
+import java.util.PriorityQueue;
+import java.util.TreeSet;
+import java.util.Vector;
 
 import se.leap.bitmaskclient.BuildConfig;
 
 public class NetworkSpace {
 
-
-
-
     static class ipAddress implements Comparable<ipAddress> {
         private BigInteger netAddress;
         public int networkMask;
@@ -38,7 +38,7 @@ public class NetworkSpace {
          *    2. smaller networks are returned as smaller
          */
         @Override
-        public int compareTo(@NotNull ipAddress another) {
+        public int compareTo(@NonNull ipAddress another) {
             int comp = getFirstAddress().compareTo(another.getFirstAddress());
             if (comp != 0)
                 return comp;
@@ -159,16 +159,20 @@ public class NetworkSpace {
         String getIPv6Address() {
             if (BuildConfig.DEBUG) Assert.assertTrue (!isV4);
             BigInteger r = netAddress;
-            if (r.compareTo(BigInteger.ZERO)==0 && networkMask==0)
-                return "::";
 
             Vector<String> parts = new Vector<String>();
-            while (r.compareTo(BigInteger.ZERO) == 1) {
-                parts.add(0, String.format(Locale.US, "%x", r.mod(BigInteger.valueOf(0x10000)).longValue()));
+            while (r.compareTo(BigInteger.ZERO) == 1 || parts.size() <3) {
+                long part = r.mod(BigInteger.valueOf(0x10000)).longValue();
+                if (part!=0)
+                    parts.add(0, String.format(Locale.US, "%x", part));
+                else
+                    parts.add(0, "");
                 r = r.shiftRight(16);
             }
-
-            return TextUtils.join(":", parts);
+            String ipv6str = TextUtils.join(":", parts);
+            while (ipv6str.contains(":::"))
+                ipv6str = ipv6str.replace(":::", "::");
+            return ipv6str;
         }
 
         public boolean containsNet(ipAddress network) {
diff --git a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNManagement.java b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNManagement.java
index 1f28c77d..2771fa6a 100644
--- a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNManagement.java
+++ b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNManagement.java
@@ -1,11 +1,15 @@
 /*
- * Copyright (c) 2012-2014 Arne Schwabe
+ * Copyright (c) 2012-2016 Arne Schwabe
  * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
  */
 
 package de.blinkt.openvpn.core;
 
 public interface OpenVPNManagement {
+    interface PausedStateCallback {
+        boolean shouldBeRunning();
+    }
+
     enum pauseReason {
         noNetwork,
         userPause,
@@ -25,5 +29,7 @@ public interface OpenVPNManagement {
     /*
      * Rebind the interface
      */
-    void networkChange();
+    void networkChange(boolean sameNetwork);
+
+    void setPauseCallback(PausedStateCallback callback);
 }
diff --git a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java
index f9cb9a86..17be29b0 100644
--- a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java
+++ b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012-2014 Arne Schwabe
+ * Copyright (c) 2012-2016 Arne Schwabe
  * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
  */
 
@@ -10,15 +10,18 @@ import android.annotation.TargetApi;
 import android.app.Notification;
 import android.app.NotificationManager;
 import android.app.PendingIntent;
+import android.app.UiModeManager;
 import android.content.Context;
 import android.content.Intent;
 import android.content.IntentFilter;
 import android.content.SharedPreferences;
 import android.content.pm.PackageManager;
+import android.content.res.Configuration;
 import android.net.ConnectivityManager;
 import android.net.VpnService;
 import android.os.Binder;
 import android.os.Build;
+import android.os.Handler;
 import android.os.Handler.Callback;
 import android.os.IBinder;
 import android.os.Message;
@@ -27,6 +30,7 @@ import android.preference.PreferenceManager;
 import android.system.OsConstants;
 import android.text.TextUtils;
 import android.util.Log;
+import android.widget.Toast;
 
 import java.lang.reflect.InvocationTargetException;
 import java.lang.reflect.Method;
@@ -81,6 +85,8 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
     private String mLastTunCfg;
     private String mRemoteGW;
     private final Object mProcessLock = new Object();
+    private Handler guiHandler;
+    private Toast mlastToast;
 
     // From: http://stackoverflow.com/questions/3758606/how-to-convert-byte-size-into-human-readable-format-in-java
     public static String humanReadableByteCount(long bytes, boolean mbit) {
@@ -109,6 +115,7 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
 
     @Override
     public void onRevoke() {
+        VpnStatus.logInfo(R.string.permission_revoked);
         mManagement.stopVPN();
         endVpnService();
     }
@@ -135,7 +142,7 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
         }
     }
 
-    private void showNotification(String msg, String tickerText, boolean lowpriority, long when, ConnectionStatus status) {
+    private void showNotification(final String msg, String tickerText, boolean lowpriority, long when, ConnectionStatus status) {
         String ns = Context.NOTIFICATION_SERVICE;
         NotificationManager mNotificationManager = (NotificationManager) getSystemService(ns);
 
@@ -164,6 +171,9 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
         if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.JELLY_BEAN)
             jbNotificationExtras(lowpriority, nbuilder);
 
+        if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.LOLLIPOP)
+            lpNotificationExtras(nbuilder);
+
         if (tickerText != null && !tickerText.equals(""))
             nbuilder.setTicker(tickerText);
 
@@ -173,6 +183,33 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
 
         mNotificationManager.notify(OPENVPN_STATUS, notification);
         //startForeground(OPENVPN_STATUS, notification);
+
+        // Check if running on a TV
+        if(runningOnAndroidTV() && !lowpriority)
+            guiHandler.post(new Runnable() {
+
+                @Override
+                public void run() {
+
+                    if (mlastToast!=null)
+                        mlastToast.cancel();
+                    String toastText = String.format(Locale.getDefault(), "%s - %s", mProfile.mName, msg);
+                    mlastToast = Toast.makeText(getBaseContext(), toastText, Toast.LENGTH_SHORT);
+                    mlastToast.show();
+                }
+            });
+    }
+
+    @TargetApi(Build.VERSION_CODES.LOLLIPOP)
+    private void lpNotificationExtras(Notification.Builder nbuilder) {
+        nbuilder.setCategory(Notification.CATEGORY_SERVICE);
+        nbuilder.setLocalOnly(true);
+
+    }
+
+    private boolean runningOnAndroidTV() {
+        UiModeManager uiModeManager = (UiModeManager) getSystemService(UI_MODE_SERVICE);
+        return uiModeManager.getCurrentModeType() == Configuration.UI_MODE_TYPE_TELEVISION;
     }
 
     private int getIconByConnectionStatus(ConnectionStatus level) {
@@ -215,20 +252,20 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
             disconnectVPN.setAction(DISCONNECT_VPN);
             PendingIntent disconnectPendingIntent = PendingIntent.getActivity(this, 0, disconnectVPN, 0);
 
-            nbuilder.addAction(android.R.drawable.ic_menu_close_clear_cancel,
+            nbuilder.addAction(R.drawable.ic_menu_close_clear_cancel,
                     getString(R.string.cancel_connection), disconnectPendingIntent);
 
             Intent pauseVPN = new Intent(this, OpenVPNService.class);
             if (mDeviceStateReceiver == null || !mDeviceStateReceiver.isUserPaused()) {
                 pauseVPN.setAction(PAUSE_VPN);
                 PendingIntent pauseVPNPending = PendingIntent.getService(this, 0, pauseVPN, 0);
-                nbuilder.addAction(android.R.drawable.ic_media_pause,
+                nbuilder.addAction(R.drawable.ic_menu_pause,
                         getString(R.string.pauseVPN), pauseVPNPending);
 
             } else {
                 pauseVPN.setAction(RESUME_VPN);
                 PendingIntent resumeVPNPending = PendingIntent.getService(this, 0, pauseVPN, 0);
-                nbuilder.addAction(android.R.drawable.ic_media_play,
+                nbuilder.addAction(R.drawable.ic_menu_play,
                         getString(R.string.resumevpn), resumeVPNPending);
             }
 
@@ -297,6 +334,9 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
         VpnStatus.addStateListener(this);
         VpnStatus.addByteCountListener(this);
 
+        guiHandler = new Handler(getMainLooper());
+
+
         if (intent != null && PAUSE_VPN.equals(intent.getAction())) {
             if (mDeviceStateReceiver != null)
                 mDeviceStateReceiver.userPause(true);
@@ -454,6 +494,7 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
         }
         // Just in case unregister for state
         VpnStatus.removeStateListener(this);
+        VpnStatus.flushLog();
 
     }
 
@@ -536,6 +577,26 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
         Collection<ipAddress> positiveIPv4Routes = mRoutes.getPositiveIPList();
         Collection<ipAddress> positiveIPv6Routes = mRoutesv6.getPositiveIPList();
 
+        if ("samsung".equals(Build.BRAND) && Build.VERSION.SDK_INT >= Build.VERSION_CODES.LOLLIPOP && mDnslist.size() >= 1) {
+            // Check if the first DNS Server is in the VPN range
+            try {
+                ipAddress dnsServer = new ipAddress(new CIDRIP(mDnslist.get(0), 32), true);
+                boolean dnsIncluded=false;
+                for (ipAddress net : positiveIPv4Routes) {
+                    if (net.containsNet(dnsServer)) {
+                        dnsIncluded = true;
+                    }
+                }
+                if (!dnsIncluded) {
+                    String samsungwarning = String.format("Warning Samsung Android 5.0+ devices ignore DNS servers outside the VPN range. To enable DNS resolution a route to your DNS Server (%s) has been added.", mDnslist.get(0));
+                    VpnStatus.logWarning(samsungwarning);
+                    positiveIPv4Routes.add(dnsServer);
+                }
+            } catch (Exception e) {
+                VpnStatus.logError("Error parsing DNS Server IP: " + mDnslist.get(0));
+            }
+        }
+
         ipAddress multicastRange = new ipAddress(new CIDRIP("224.0.0.0", 3), true);
 
         for (NetworkSpace.ipAddress route : positiveIPv4Routes) {
@@ -558,24 +619,7 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
             }
         }
 
-        if ("samsung".equals(Build.BRAND) && Build.VERSION.SDK_INT >= Build.VERSION_CODES.LOLLIPOP && mDnslist.size() >= 1) {
-            // Check if the first DNS Server is in the VPN range
-            try {
-                ipAddress dnsServer = new ipAddress(new CIDRIP(mDnslist.get(0), 32), true);
-                boolean dnsIncluded=false;
-                for (ipAddress net : positiveIPv4Routes) {
-                    if (net.containsNet(dnsServer)) {
-                        dnsIncluded = true;
-                    }
-                }
-                if (!dnsIncluded) {
-                    String samsungwarning = String.format("Warning Samsung Android 5.0+ devices ignore DNS servers outside the VPN range. To enable DNS add a custom route to your DNS Server (%s) or change to a DNS inside your VPN range", mDnslist.get(0));
-                    VpnStatus.logWarning(samsungwarning);
-                }
-            } catch (Exception e) {
-                VpnStatus.logError("Error parsing DNS Server IP: " + mDnslist.get(0));
-            }
-        }
+
 
 
         if (mDomain != null)
@@ -672,12 +716,14 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
 
     @TargetApi(Build.VERSION_CODES.LOLLIPOP)
     private void setAllowedVpnPackages(Builder builder) {
+        boolean atLeastOneAllowedApp=false;
         for (String pkg : mProfile.mAllowedAppsVpn) {
             try {
                 if (mProfile.mAllowedAppsVpnAreDisallowed) {
                     builder.addDisallowedApplication(pkg);
                 } else {
                     builder.addAllowedApplication(pkg);
+                    atLeastOneAllowedApp = true;
                 }
             } catch (PackageManager.NameNotFoundException e) {
                 mProfile.mAllowedAppsVpn.remove(pkg);
@@ -685,6 +731,15 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
             }
         }
 
+        if (!mProfile.mAllowedAppsVpnAreDisallowed && !atLeastOneAllowedApp) {
+            VpnStatus.logDebug(R.string.no_allowed_app, getPackageName());
+            try {
+                builder.addAllowedApplication(getPackageName());
+            } catch (PackageManager.NameNotFoundException e) {
+                VpnStatus.logError("This should not happen: " + e.getLocalizedMessage());
+            }
+        }
+
         if (mProfile.mAllowedAppsVpnAreDisallowed) {
             VpnStatus.logDebug(R.string.disallowed_vpn_apps_info, TextUtils.join(", ", mProfile.mAllowedAppsVpn));
         } else {
@@ -839,7 +894,9 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
             } else if (level == LEVEL_CONNECTED) {
                 mDisplayBytecount = true;
                 mConnecttime = System.currentTimeMillis();
-                lowpriority = true;
+                if (!runningOnAndroidTV())
+                    lowpriority = true;
+
 		String ns = Context.NOTIFICATION_SERVICE;
 		NotificationManager mNotificationManager = (NotificationManager) getSystemService(ns);
 		mNotificationManager.cancel(OPENVPN_STATUS);
@@ -852,7 +909,8 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
             // CONNECTED
             // Does not work :(
             String msg = getString(resid);
-            // showNotification(msg + " " + logmessage, msg, lowpriority, 0, level);
+            // showNotification(VpnStatus.getLastCleanLogMessage(this),
+                    // msg, lowpriority, 0, level);
 
         }
     }
diff --git a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNThread.java b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNThread.java
index d856feb7..10bc9e87 100644
--- a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNThread.java
+++ b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNThread.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012-2014 Arne Schwabe
+ * Copyright (c) 2012-2016 Arne Schwabe
  * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
  */
 
diff --git a/app/src/main/java/de/blinkt/openvpn/core/OpenVpnManagementThread.java b/app/src/main/java/de/blinkt/openvpn/core/OpenVpnManagementThread.java
index 1c3b3362..4c550f47 100644
--- a/app/src/main/java/de/blinkt/openvpn/core/OpenVpnManagementThread.java
+++ b/app/src/main/java/de/blinkt/openvpn/core/OpenVpnManagementThread.java
@@ -1,23 +1,20 @@
 /*
- * Copyright (c) 2012-2014 Arne Schwabe
+ * Copyright (c) 2012-2016 Arne Schwabe
  * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
  */
 
 package de.blinkt.openvpn.core;
 
 import android.content.Context;
-import android.content.SharedPreferences;
 import android.net.LocalServerSocket;
 import android.net.LocalSocket;
 import android.net.LocalSocketAddress;
 import android.os.ParcelFileDescriptor;
-import android.preference.PreferenceManager;
+import android.support.annotation.NonNull;
 import android.util.Log;
 
 import junit.framework.Assert;
 
-import org.jetbrains.annotations.NotNull;
-
 import java.io.FileDescriptor;
 import java.io.IOException;
 import java.io.InputStream;
@@ -42,30 +39,23 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement {
     private LocalSocket mSocket;
     private VpnProfile mProfile;
     private OpenVPNService mOpenVPNService;
-    private LinkedList<FileDescriptor> mFDList = new LinkedList<FileDescriptor>();
+    private LinkedList<FileDescriptor> mFDList = new LinkedList<>();
     private LocalServerSocket mServerSocket;
-    private boolean mReleaseHold = true;
     private boolean mWaitingForRelease = false;
     private long mLastHoldRelease = 0;
 
-    private static final Vector<OpenVpnManagementThread> active = new Vector<OpenVpnManagementThread>();
+    private static final Vector<OpenVpnManagementThread> active = new Vector<>();
     private LocalSocket mServerSocketLocal;
 
     private pauseReason lastPauseReason = pauseReason.noNetwork;
+    private PausedStateCallback mPauseCallback;
 
     public OpenVpnManagementThread(VpnProfile profile, OpenVPNService openVpnService) {
         mProfile = profile;
         mOpenVPNService = openVpnService;
-
-
-        SharedPreferences prefs = PreferenceManager.getDefaultSharedPreferences(openVpnService);
-        boolean managemeNetworkState = prefs.getBoolean("netchangereconnect", true);
-        if (managemeNetworkState)
-            mReleaseHold = false;
-
     }
 
-    public boolean openManagementInterface(@NotNull Context c) {
+    public boolean openManagementInterface(@NonNull Context c) {
         // Could take a while to open connection
         int tries = 8;
 
@@ -74,7 +64,7 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement {
 
         mServerSocketLocal = new LocalSocket();
 
-        while (tries > 0 && !mServerSocketLocal.isConnected()) {
+        while (tries > 0 && !mServerSocketLocal.isBound()) {
             try {
                 mServerSocketLocal.bind(new LocalSocketAddress(socketName,
                         LocalSocketAddress.Namespace.FILESYSTEM));
@@ -82,7 +72,7 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement {
                 // wait 300 ms before retrying
                 try {
                     Thread.sleep(300);
-                } catch (InterruptedException e1) {
+                } catch (InterruptedException ignored) {
                 }
 
             }
@@ -167,7 +157,6 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement {
 
     //! Hack O Rama 2000!
     private void protectFileDescriptor(FileDescriptor fd) {
-        Exception exp;
         try {
             Method getInt = FileDescriptor.class.getDeclaredMethod("getInt$");
             int fdint = (Integer) getInt.invoke(fd);
@@ -183,20 +172,12 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement {
             //pfd.close();
             NativeUtils.jniclose(fdint);
             return;
-        } catch (NoSuchMethodException e) {
-            exp = e;
-        } catch (IllegalArgumentException e) {
-            exp = e;
-        } catch (IllegalAccessException e) {
-            exp = e;
-        } catch (InvocationTargetException e) {
-            exp = e;
-        } catch (NullPointerException e) {
-            exp = e;
+        } catch (NoSuchMethodException | IllegalArgumentException | InvocationTargetException | IllegalAccessException | NullPointerException e) {
+            VpnStatus.logException("Failed to retrieve fd from socket (" + fd + ")", e);
         }
 
         Log.d("Openvpn", "Failed to retrieve fd from socket: " + fd);
-        VpnStatus.logException("Failed to retrieve fd from socket (" + fd + ")", exp);
+
     }
 
     private String processInput(String pendingInput) {
@@ -225,31 +206,41 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement {
             String argument = parts[1];
 
 
-            if (cmd.equals("INFO")) {
+            switch (cmd) {
+                case "INFO":
                 /* Ignore greeting from management */
-                return;
-            } else if (cmd.equals("PASSWORD")) {
-                processPWCommand(argument);
-            } else if (cmd.equals("HOLD")) {
-                handleHold();
-            } else if (cmd.equals("NEED-OK")) {
-                processNeedCommand(argument);
-            } else if (cmd.equals("BYTECOUNT")) {
-                processByteCount(argument);
-            } else if (cmd.equals("STATE")) {
-                processState(argument);
-            } else if (cmd.equals("PROXY")) {
-                processProxyCMD(argument);
-            } else if (cmd.equals("LOG")) {
-                processLogMessage(argument);
-            } else if (cmd.equals("RSA_SIGN")) {
-                processSignCommand(argument);
-            } else {
-                VpnStatus.logWarning("MGMT: Got unrecognized command" + command);
-                Log.i(TAG, "Got unrecognized command" + command);
+                    return;
+                case "PASSWORD":
+                    processPWCommand(argument);
+                    break;
+                case "HOLD":
+                    handleHold();
+                    break;
+                case "NEED-OK":
+                    processNeedCommand(argument);
+                    break;
+                case "BYTECOUNT":
+                    processByteCount(argument);
+                    break;
+                case "STATE":
+                    processState(argument);
+                    break;
+                case "PROXY":
+                    processProxyCMD(argument);
+                    break;
+                case "LOG":
+                    processLogMessage(argument);
+                    break;
+                case "RSA_SIGN":
+                    processSignCommand(argument);
+                    break;
+                default:
+                    VpnStatus.logWarning("MGMT: Got unrecognized command" + command);
+                    Log.i(TAG, "Got unrecognized command" + command);
+                    break;
             }
         } else if (command.startsWith("SUCCESS:")) {
-			/* Ignore this kind of message too */
+            /* Ignore this kind of message too */
             return;
         } else if (command.startsWith("PROTECTFD: ")) {
             FileDescriptor fdtoprotect = mFDList.pollFirst();
@@ -278,16 +269,22 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement {
         Log.d("OpenVPN", argument);
 
         VpnStatus.LogLevel level;
-        if (args[1].equals("I")) {
-            level = VpnStatus.LogLevel.INFO;
-        } else if (args[1].equals("W")) {
-            level = VpnStatus.LogLevel.WARNING;
-        } else if (args[1].equals("D")) {
-            level = VpnStatus.LogLevel.VERBOSE;
-        } else if (args[1].equals("F")) {
-            level = VpnStatus.LogLevel.ERROR;
-        } else {
-            level = VpnStatus.LogLevel.INFO;
+        switch (args[1]) {
+            case "I":
+                level = VpnStatus.LogLevel.INFO;
+                break;
+            case "W":
+                level = VpnStatus.LogLevel.WARNING;
+                break;
+            case "D":
+                level = VpnStatus.LogLevel.VERBOSE;
+                break;
+            case "F":
+                level = VpnStatus.LogLevel.ERROR;
+                break;
+            default:
+                level = VpnStatus.LogLevel.INFO;
+                break;
         }
 
         int ovpnlevel = Integer.parseInt(args[2]) & 0x0F;
@@ -299,8 +296,15 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement {
         VpnStatus.logMessageOpenVPN(level, ovpnlevel, msg);
     }
 
+    boolean shouldBeRunning() {
+        if (mPauseCallback == null)
+            return false;
+        else
+            return mPauseCallback.shouldBeRunning();
+    }
+
     private void handleHold() {
-        if (mReleaseHold) {
+        if (shouldBeRunning()) {
             releaseHoldCmd();
         } else {
             mWaitingForRelease = true;
@@ -327,11 +331,10 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement {
         //managmentCommand("log on all\n");
     }
 
+
     public void releaseHold() {
-        mReleaseHold = true;
         if (mWaitingForRelease)
             releaseHoldCmd();
-
     }
 
     private void processProxyCMD(String argument) {
@@ -391,15 +394,19 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement {
         String status = "ok";
 
 
-        if (needed.equals("PROTECTFD")) {
-            FileDescriptor fdtoprotect = mFDList.pollFirst();
-            protectFileDescriptor(fdtoprotect);
-        } else if (needed.equals("DNSSERVER")) {
-            mOpenVPNService.addDNS(extra);
-        } else if (needed.equals("DNSDOMAIN")) {
-            mOpenVPNService.setDomain(extra);
-        } else if (needed.equals("ROUTE")) {
-            String[] routeparts = extra.split(" ");
+        switch (needed) {
+            case "PROTECTFD":
+                FileDescriptor fdtoprotect = mFDList.pollFirst();
+                protectFileDescriptor(fdtoprotect);
+                break;
+            case "DNSSERVER":
+                mOpenVPNService.addDNS(extra);
+                break;
+            case "DNSDOMAIN":
+                mOpenVPNService.setDomain(extra);
+                break;
+            case "ROUTE": {
+                String[] routeparts = extra.split(" ");
 
             /*
             buf_printf (&out, "%s %s %s dev %s", network, netmask, gateway, rgi->iface);
@@ -407,38 +414,46 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement {
             buf_printf (&out, "%s %s %s", network, netmask, gateway);
             */
 
-            if (routeparts.length == 5) {
-                if (BuildConfig.DEBUG) Assert.assertEquals("dev", routeparts[3]);
-                mOpenVPNService.addRoute(routeparts[0], routeparts[1], routeparts[2], routeparts[4]);
-            } else if (routeparts.length >= 3) {
-                mOpenVPNService.addRoute(routeparts[0], routeparts[1], routeparts[2], null);
-            } else {
-                VpnStatus.logError("Unrecognized ROUTE cmd:" + Arrays.toString(routeparts) + " | " + argument);
+                if (routeparts.length == 5) {
+                    if (BuildConfig.DEBUG) Assert.assertEquals("dev", routeparts[3]);
+                    mOpenVPNService.addRoute(routeparts[0], routeparts[1], routeparts[2], routeparts[4]);
+                } else if (routeparts.length >= 3) {
+                    mOpenVPNService.addRoute(routeparts[0], routeparts[1], routeparts[2], null);
+                } else {
+                    VpnStatus.logError("Unrecognized ROUTE cmd:" + Arrays.toString(routeparts) + " | " + argument);
+                }
+
+                break;
             }
+            case "ROUTE6": {
+                String[] routeparts = extra.split(" ");
+                mOpenVPNService.addRoutev6(routeparts[0], routeparts[1]);
+                break;
+            }
+            case "IFCONFIG":
+                String[] ifconfigparts = extra.split(" ");
+                int mtu = Integer.parseInt(ifconfigparts[2]);
+                mOpenVPNService.setLocalIP(ifconfigparts[0], ifconfigparts[1], mtu, ifconfigparts[3]);
+                break;
+            case "IFCONFIG6":
+                mOpenVPNService.setLocalIPv6(extra);
+
+                break;
+            case "PERSIST_TUN_ACTION":
+                // check if tun cfg stayed the same
+                status = mOpenVPNService.getTunReopenStatus();
+                break;
+            case "OPENTUN":
+                if (sendTunFD(needed, extra))
+                    return;
+                else
+                    status = "cancel";
+                // This not nice or anything but setFileDescriptors accepts only FilDescriptor class :(
 
-        } else if (needed.equals("ROUTE6")) {
-            String[] routeparts = extra.split(" ");
-            mOpenVPNService.addRoutev6(routeparts[0], routeparts[1]);
-        } else if (needed.equals("IFCONFIG")) {
-            String[] ifconfigparts = extra.split(" ");
-            int mtu = Integer.parseInt(ifconfigparts[2]);
-            mOpenVPNService.setLocalIP(ifconfigparts[0], ifconfigparts[1], mtu, ifconfigparts[3]);
-        } else if (needed.equals("IFCONFIG6")) {
-            mOpenVPNService.setLocalIPv6(extra);
-
-        } else if (needed.equals("PERSIST_TUN_ACTION")) {
-            // check if tun cfg stayed the same
-            status = mOpenVPNService.getTunReopenStatus();
-        } else if (needed.equals("OPENTUN")) {
-            if (sendTunFD(needed, extra))
+                break;
+            default:
+                Log.e(TAG, "Unkown needok command " + argument);
                 return;
-            else
-                status = "cancel";
-            // This not nice or anything but setFileDescriptors accepts only FilDescriptor class :(
-
-        } else {
-            Log.e(TAG, "Unkown needok command " + argument);
-            return;
         }
 
         String cmd = String.format("needok '%s' %s\n", needed, status);
@@ -446,7 +461,6 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement {
     }
 
     private boolean sendTunFD(String needed, String extra) {
-        Exception exp;
         if (!extra.equals("tun")) {
             // We only support tun
             VpnStatus.logError(String.format("Device type %s requested, but only tun is possible with the Android API, sorry!", extra));
@@ -480,18 +494,10 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement {
             pfd.close();
 
             return true;
-        } catch (NoSuchMethodException e) {
-            exp = e;
-        } catch (IllegalArgumentException e) {
-            exp = e;
-        } catch (IllegalAccessException e) {
-            exp = e;
-        } catch (InvocationTargetException e) {
-            exp = e;
-        } catch (IOException e) {
-            exp = e;
+        } catch (NoSuchMethodException | IllegalArgumentException | InvocationTargetException |
+                IOException | IllegalAccessException exp) {
+            VpnStatus.logException("Could not send fd over socket", exp);
         }
-        VpnStatus.logException("Could not send fd over socket", exp);
 
         return false;
     }
@@ -559,14 +565,21 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement {
     }
 
     @Override
-    public void networkChange() {
-        if (!mWaitingForRelease)
+    public void networkChange(boolean samenetwork) {
+        if (mWaitingForRelease)
+            releaseHold();
+        else if (samenetwork)
+            managmentCommand("network-change samenetwork\n");
+        else
             managmentCommand("network-change\n");
     }
 
-    public void signalusr1() {
-        mReleaseHold = false;
+    @Override
+    public void setPauseCallback(PausedStateCallback callback) {
+        mPauseCallback = callback;
+    }
 
+    public void signalusr1() {
         if (!mWaitingForRelease)
             managmentCommand("signal SIGUSR1\n");
         else
diff --git a/app/src/main/java/de/blinkt/openvpn/core/PRNGFixes.java b/app/src/main/java/de/blinkt/openvpn/core/PRNGFixes.java
index a788426a..49a7eaa9 100644
--- a/app/src/main/java/de/blinkt/openvpn/core/PRNGFixes.java
+++ b/app/src/main/java/de/blinkt/openvpn/core/PRNGFixes.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012-2014 Arne Schwabe
+ * Copyright (c) 2012-2016 Arne Schwabe
  * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
  */
 
diff --git a/app/src/main/java/de/blinkt/openvpn/core/ProfileManager.java b/app/src/main/java/de/blinkt/openvpn/core/ProfileManager.java
index 086cdb44..4f9c219b 100644
--- a/app/src/main/java/de/blinkt/openvpn/core/ProfileManager.java
+++ b/app/src/main/java/de/blinkt/openvpn/core/ProfileManager.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012-2014 Arne Schwabe
+ * Copyright (c) 2012-2016 Arne Schwabe
  * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
  */
 
@@ -128,6 +128,11 @@ public class ProfileManager {
         ProfileManager.tmpprofile = tmp;
     }
 
+    public static boolean isTempProfile()
+    {
+        return mLastConnectedVpn == tmpprofile;
+    }
+
 
     public void saveProfile(Context context, VpnProfile profile) {
         ObjectOutputStream vpnfile;
diff --git a/app/src/main/java/de/blinkt/openvpn/core/ProxyDetection.java b/app/src/main/java/de/blinkt/openvpn/core/ProxyDetection.java
index 6e2abb13..34fb69f8 100644
--- a/app/src/main/java/de/blinkt/openvpn/core/ProxyDetection.java
+++ b/app/src/main/java/de/blinkt/openvpn/core/ProxyDetection.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012-2014 Arne Schwabe
+ * Copyright (c) 2012-2016 Arne Schwabe
  * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
  */
 
diff --git a/app/src/main/java/de/blinkt/openvpn/core/VPNLaunchHelper.java b/app/src/main/java/de/blinkt/openvpn/core/VPNLaunchHelper.java
index 47cb633c..f2cf8cec 100644
--- a/app/src/main/java/de/blinkt/openvpn/core/VPNLaunchHelper.java
+++ b/app/src/main/java/de/blinkt/openvpn/core/VPNLaunchHelper.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012-2014 Arne Schwabe
+ * Copyright (c) 2012-2016 Arne Schwabe
  * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
  */
 
@@ -14,14 +14,15 @@ import java.io.File;
 import java.io.FileOutputStream;
 import java.io.IOException;
 import java.io.InputStream;
+import java.util.Arrays;
 import java.util.Vector;
 
 import se.leap.bitmaskclient.R;
 import de.blinkt.openvpn.VpnProfile;
 
 public class VPNLaunchHelper {
-    private static final String MININONPIEVPN = "nopievpn";
-    private static final String MINIPIEVPN = "pievpn";
+    private static final String MININONPIEVPN = "nopie_openvpn";
+    private static final String MINIPIEVPN = "pie_openvpn";
     private static final String OVPNCONFIGFILE = "android.conf";
 
 
@@ -29,15 +30,22 @@ public class VPNLaunchHelper {
     static private String writeMiniVPN(Context context) {
         String[] abis;
         if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.LOLLIPOP)
-            abis = getSupportedAbisLollipop();
+            abis = getSupportedABIsLollipop();
         else
+            //noinspection deprecation
             abis = new String[]{Build.CPU_ABI, Build.CPU_ABI2};
 
+        String nativeAPI = NativeUtils.getNativeAPI();
+        if (!nativeAPI.equals(abis[0])) {
+            VpnStatus.logWarning(R.string.abi_mismatch, Arrays.toString(abis), nativeAPI);
+            abis = new String[] {nativeAPI};
+        }
+
         for (String abi: abis) {
 
-            File mvpnout = new File(context.getCacheDir(), getMiniVPNExecutableName() + "." + abi);
-            if ((mvpnout.exists() && mvpnout.canExecute()) || writeMiniVPNBinary(context, abi, mvpnout)) {
-                return mvpnout.getPath();
+            File vpnExecutable = new File(context.getCacheDir(), getMiniVPNExecutableName() + "." + abi);
+            if ((vpnExecutable.exists() && vpnExecutable.canExecute()) || writeMiniVPNBinary(context, abi, vpnExecutable)) {
+                return vpnExecutable.getPath();
             }
         }
 
@@ -45,7 +53,7 @@ public class VPNLaunchHelper {
 	}
 
     @TargetApi(Build.VERSION_CODES.LOLLIPOP)
-    private static String[] getSupportedAbisLollipop() {
+    private static String[] getSupportedABIsLollipop() {
         return Build.SUPPORTED_ABIS;
     }
 
@@ -118,12 +126,13 @@ public class VPNLaunchHelper {
 	
 
 	public static void startOpenVpn(VpnProfile startprofile, Context context) {
-		if(writeMiniVPN(context)==null) {
+        VpnStatus.logInfo(R.string.building_configration);
+        VpnStatus.updateStateString("VPN_GENERATE_CONFIG", "", R.string.building_configration, VpnStatus.ConnectionStatus.LEVEL_START);
+        if(writeMiniVPN(context)==null) {
 			VpnStatus.logError("Error writing minivpn binary");
 			return;
 		}
 
-		VpnStatus.logInfo(R.string.building_configration);
 
 		Intent startVPN = startprofile.prepareStartService(context);
 		if(startVPN!=null)
diff --git a/app/src/main/java/de/blinkt/openvpn/core/VpnStatus.java b/app/src/main/java/de/blinkt/openvpn/core/VpnStatus.java
index 62a60643..3ac1595c 100644
--- a/app/src/main/java/de/blinkt/openvpn/core/VpnStatus.java
+++ b/app/src/main/java/de/blinkt/openvpn/core/VpnStatus.java
@@ -1,18 +1,19 @@
 /*
- * Copyright (c) 2012-2014 Arne Schwabe
+ * Copyright (c) 2012-2016 Arne Schwabe
  * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
  */
 
 package de.blinkt.openvpn.core;
 
 import android.annotation.SuppressLint;
-import android.app.Activity;
 import android.content.Context;
 import android.content.pm.PackageInfo;
 import android.content.pm.PackageManager;
 import android.content.pm.PackageManager.NameNotFoundException;
 import android.content.pm.Signature;
 import android.os.Build;
+import android.os.HandlerThread;
+import android.os.Message;
 import android.os.Parcel;
 import android.os.Parcelable;
 import android.text.TextUtils;
@@ -74,6 +75,58 @@ public class VpnStatus {
 
     private static final int MAXLOGENTRIES = 1000;
 
+
+    public static String getLastCleanLogMessage(Context c) {
+        String message = mLaststatemsg;
+        switch (mLastLevel) {
+            case LEVEL_CONNECTED:
+                String[] parts = mLaststatemsg.split(",");
+                /*
+                   (a) the integer unix date/time,
+                   (b) the state name,
+                   0 (c) optional descriptive string (used mostly on RECONNECTING
+                    and EXITING to show the reason for the disconnect),
+
+                    1 (d) optional TUN/TAP local IPv4 address
+                   2 (e) optional address of remote server,
+                   3 (f) optional port of remote server,
+                   4 (g) optional local address,
+                   5 (h) optional local port, and
+                   6 (i) optional TUN/TAP local IPv6 address.
+*/
+                // Return only the assigned IP addresses in the UI
+                if (parts.length >= 7)
+                    message = String.format(Locale.US, "%s %s", parts[1], parts[6]);
+                break;
+        }
+
+        while (message.endsWith(","))
+            message = message.substring(0, message.length() - 1);
+
+        String status = mLaststate;
+        if (status.equals("NOPROCESS"))
+            return message;
+
+        String prefix = c.getString(mLastStateresid);
+        if (mLastStateresid == R.string.unknown_state)
+            message = status + message;
+        if (message.length() > 0)
+            prefix += ": ";
+
+        return prefix + message;
+
+    }
+
+    public static void initLogCache(File cacheDir) {
+        Message m = mLogFileHandler.obtainMessage(LogFileHandler.LOG_INIT, cacheDir);
+        mLogFileHandler.sendMessage(m);
+
+    }
+
+    public static void flushLog() {
+        mLogFileHandler.sendEmptyMessage(LogFileHandler.FLUSH_TO_DISK);
+    }
+
     public enum ConnectionStatus {
         LEVEL_CONNECTED,
         LEVEL_VPNPAUSED,
@@ -81,6 +134,7 @@ public class VpnStatus {
         LEVEL_CONNECTING_NO_SERVER_REPLY_YET,
         LEVEL_NONETWORK,
         LEVEL_NOTCONNECTED,
+        LEVEL_START,
         LEVEL_AUTH_FAILED,
         LEVEL_WAITING_FOR_USER_INPUT,
         UNKNOWN_LEVEL
@@ -128,18 +182,24 @@ public class VpnStatus {
 
     private static ConnectionStatus mLastLevel = ConnectionStatus.LEVEL_NOTCONNECTED;
 
+    private static final LogFileHandler mLogFileHandler;
+
     static {
         logbuffer = new LinkedList<>();
         logListener = new Vector<>();
         stateListener = new Vector<>();
         byteCountListener = new Vector<>();
+
+        HandlerThread mHandlerThread = new HandlerThread("LogFileWriter", Thread.MIN_PRIORITY);
+        mHandlerThread.start();
+        mLogFileHandler = new LogFileHandler(mHandlerThread.getLooper());
+
         logInformation();
+
     }
 
 
     public static class LogItem implements Parcelable {
-
-
         private Object[] mArgs = null;
         private String mMessage = null;
         private int mRessourceId;
@@ -261,6 +321,7 @@ public class VpnStatus {
 
             String version = "error getting version";
             try {
+                @SuppressLint("PackageManagerGetSignatures")
                 Signature raw = c.getPackageManager().getPackageInfo(c.getPackageName(), PackageManager.GET_SIGNATURES).signatures[0];
                 CertificateFactory cf = CertificateFactory.getInstance("X.509");
                 X509Certificate cert = (X509Certificate) cf.generateCertificate(new ByteArrayInputStream(raw.toByteArray()));
@@ -287,11 +348,11 @@ public class VpnStatus {
                     NoSuchAlgorithmException ignored) {
             }
 
-            Object[] argsext = Arrays.copyOf(mArgs, mArgs.length + 2);
+            Object[] argsext = Arrays.copyOf(mArgs, mArgs.length);
             argsext[argsext.length - 1] = apksign;
             argsext[argsext.length - 2] = version;
 
-            return c.getString(R.string.mobile_info_extended, argsext);
+            return c.getString(R.string.mobile_info, argsext);
 
         }
 
@@ -310,12 +371,6 @@ public class VpnStatus {
         }
     }
 
-    public void saveLogToDisk(Context c) {
-
-        File logOut = new File(c.getCacheDir(), "log.xml");
-
-    }
-
     public interface LogListener {
         void newLog(LogItem logItem);
     }
@@ -336,10 +391,12 @@ public class VpnStatus {
     public synchronized static void clearLog() {
         logbuffer.clear();
         logInformation();
+        mLogFileHandler.sendEmptyMessage(LogFileHandler.TRIM_LOG_FILE);
     }
 
     private static void logInformation() {
-        logInfo(R.string.mobile_info, Build.MODEL, Build.BOARD, Build.BRAND, Build.VERSION.SDK_INT);
+        logInfo(R.string.mobile_info, Build.MODEL, Build.BOARD, Build.BRAND, Build.VERSION.SDK_INT,
+                NativeUtils.getNativeAPI(), Build.VERSION.RELEASE, Build.ID, Build.FINGERPRINT, "", "");
     }
 
     public synchronized static void addLogListener(LogListener ll) {
@@ -369,32 +426,34 @@ public class VpnStatus {
     }
 
     private static int getLocalizedState(String state) {
-        if (state.equals("CONNECTING"))
-            return R.string.state_connecting;
-        else if (state.equals("WAIT"))
-            return R.string.state_wait;
-        else if (state.equals("AUTH"))
-            return R.string.state_auth;
-        else if (state.equals("GET_CONFIG"))
-            return R.string.state_get_config;
-        else if (state.equals("ASSIGN_IP"))
-            return R.string.state_assign_ip;
-        else if (state.equals("ADD_ROUTES"))
-            return R.string.state_add_routes;
-        else if (state.equals("CONNECTED"))
-            return R.string.state_connected;
-        else if (state.equals("DISCONNECTED"))
-            return R.string.state_disconnected;
-        else if (state.equals("RECONNECTING"))
-            return R.string.state_reconnecting;
-        else if (state.equals("EXITING"))
-            return R.string.state_exiting;
-        else if (state.equals("RESOLVE"))
-            return R.string.state_resolve;
-        else if (state.equals("TCP_CONNECT"))
-            return R.string.state_tcp_connect;
-        else
-            return R.string.unknown_state;
+        switch (state) {
+            case "CONNECTING":
+                return R.string.state_connecting;
+            case "WAIT":
+                return R.string.state_wait;
+            case "AUTH":
+                return R.string.state_auth;
+            case "GET_CONFIG":
+                return R.string.state_get_config;
+            case "ASSIGN_IP":
+                return R.string.state_assign_ip;
+            case "ADD_ROUTES":
+                return R.string.state_add_routes;
+            case "CONNECTED":
+                return R.string.state_connected;
+            case "DISCONNECTED":
+                return R.string.state_disconnected;
+            case "RECONNECTING":
+                return R.string.state_reconnecting;
+            case "EXITING":
+                return R.string.state_exiting;
+            case "RESOLVE":
+                return R.string.state_resolve;
+            case "TCP_CONNECT":
+                return R.string.state_tcp_connect;
+            default:
+                return R.string.unknown_state;
+        }
 
     }
 
@@ -496,17 +555,33 @@ public class VpnStatus {
         newLogItem(new LogItem(LogLevel.DEBUG, resourceId, args));
     }
 
+    private static void newLogItem(LogItem logItem) {
+        newLogItem(logItem, false);
+    }
+
+
+    synchronized static void newLogItem(LogItem logItem, boolean cachedLine) {
+        if (cachedLine) {
+            logbuffer.addFirst(logItem);
+        } else {
+            logbuffer.addLast(logItem);
+            Message m = mLogFileHandler.obtainMessage(LogFileHandler.LOG_MESSAGE, logItem);
+            mLogFileHandler.sendMessage(m);
+        }
+
+        if (logbuffer.size() > MAXLOGENTRIES + MAXLOGENTRIES / 2) {
+            while (logbuffer.size() > MAXLOGENTRIES)
+                logbuffer.removeFirst();
+            mLogFileHandler.sendMessage(mLogFileHandler.obtainMessage(LogFileHandler.TRIM_LOG_FILE));
+        }
 
-    private synchronized static void newLogItem(LogItem logItem) {
-        logbuffer.addLast(logItem);
-        if (logbuffer.size() > MAXLOGENTRIES)
-            logbuffer.removeFirst();
 
         for (LogListener ll : logListener) {
             ll.newLog(logItem);
         }
     }
 
+
     public static void logError(String msg) {
         newLogItem(new LogItem(LogLevel.ERROR, msg));
 
diff --git a/app/src/main/java/de/blinkt/openvpn/core/X509Utils.java b/app/src/main/java/de/blinkt/openvpn/core/X509Utils.java
index 0786967b..4048f0e0 100644
--- a/app/src/main/java/de/blinkt/openvpn/core/X509Utils.java
+++ b/app/src/main/java/de/blinkt/openvpn/core/X509Utils.java
@@ -1,11 +1,12 @@
 /*
- * Copyright (c) 2012-2014 Arne Schwabe
+ * Copyright (c) 2012-2016 Arne Schwabe
  * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
  */
 
 package de.blinkt.openvpn.core;
 
 import android.content.Context;
+import android.content.res.Resources;
 import android.text.TextUtils;
 
 import se.leap.bitmaskclient.R;
@@ -20,30 +21,39 @@ import java.lang.reflect.InvocationTargetException;
 import java.lang.reflect.Method;
 import java.security.cert.Certificate;
 import java.security.cert.CertificateException;
+import java.security.cert.CertificateExpiredException;
 import java.security.cert.CertificateFactory;
+import java.security.cert.CertificateNotYetValidException;
 import java.security.cert.X509Certificate;
+import java.util.ArrayList;
+import java.util.Date;
 import java.util.Hashtable;
+import java.util.Vector;
 
 public class X509Utils {
-	public static Certificate getCertificateFromFile(String certfilename) throws FileNotFoundException, CertificateException {
+	public static Certificate[] getCertificatesFromFile(String certfilename) throws FileNotFoundException, CertificateException {
 		CertificateFactory certFact = CertificateFactory.getInstance("X.509");
 
-		InputStream inStream;
-
+        Vector<Certificate> certificates = new Vector<>();
 		if(VpnProfile.isEmbedded(certfilename)) {
-            // The java certifcate reader is ... kind of stupid
-            // It does NOT ignore chars before the --BEGIN ...
             int subIndex = certfilename.indexOf("-----BEGIN CERTIFICATE-----");
-            subIndex = Math.max(0,subIndex);
-			inStream = new ByteArrayInputStream(certfilename.substring(subIndex).getBytes());
+            do {
+                // The java certifcate reader is ... kind of stupid
+                // It does NOT ignore chars before the --BEGIN ...
 
+                subIndex = Math.max(0, subIndex);
+                InputStream inStream = new ByteArrayInputStream(certfilename.substring(subIndex).getBytes());
+                certificates.add(certFact.generateCertificate(inStream));
 
+                subIndex = certfilename.indexOf("-----BEGIN CERTIFICATE-----", subIndex+1);
+            } while (subIndex > 0);
+            return certificates.toArray(new Certificate[certificates.size()]);
         } else {
-			inStream = new FileInputStream(certfilename);
+			InputStream inStream = new FileInputStream(certfilename);
+            return new Certificate[] {certFact.generateCertificate(inStream)};
         }
 
 
-		return certFact.generateCertificate(inStream);
 	}
 
 	public static PemObject readPemObjectFromFile (String keyfilename) throws IOException {
@@ -67,9 +77,10 @@ public class X509Utils {
 	public static String getCertificateFriendlyName (Context c, String filename) {
 		if(!TextUtils.isEmpty(filename)) {
 			try {
-				X509Certificate cert = (X509Certificate) getCertificateFromFile(filename);
-
-                return getCertificateFriendlyName(cert);
+				X509Certificate cert = (X509Certificate) getCertificatesFromFile(filename)[0];
+                String friendlycn = getCertificateFriendlyName(cert);
+                friendlycn = getCertificateValidityString(cert, c.getResources()) + friendlycn;
+                return friendlycn;
 
 			} catch (Exception e) {
 				VpnStatus.logError("Could not read certificate" + e.getLocalizedMessage());
@@ -78,6 +89,40 @@ public class X509Utils {
 		return c.getString(R.string.cannotparsecert);
 	}
 
+    public static String getCertificateValidityString(X509Certificate cert, Resources res) {
+        try {
+            cert.checkValidity();
+        } catch (CertificateExpiredException ce) {
+            return "EXPIRED: ";
+        } catch (CertificateNotYetValidException cny) {
+            return "NOT YET VALID: ";
+        }
+
+        Date certNotAfter = cert.getNotAfter();
+        Date now = new Date();
+        long timeLeft = certNotAfter.getTime() - now.getTime(); // Time left in ms
+
+        // More than 72h left, display days
+        // More than 3 months display months
+        if (timeLeft > 90l* 24 * 3600 * 1000) {
+            long months = getMonthsDifference(now, certNotAfter);
+            return res.getString(R.string.months_left, months);
+        } else if (timeLeft > 72 * 3600 * 1000) {
+            long days = timeLeft / (24 * 3600 * 1000);
+            return res.getString(R.string.days_left, days);
+        } else {
+            long hours = timeLeft / (3600 * 1000);
+
+            return res.getString(R.string.hours_left, hours);
+        }
+    }
+
+    public static int getMonthsDifference(Date date1, Date date2) {
+        int m1 = date1.getYear() * 12 + date1.getMonth();
+        int m2 = date2.getYear() * 12 + date2.getMonth();
+        return m2 - m1 + 1;
+    }
+
     public static String getCertificateFriendlyName(X509Certificate cert) {
         X500Principal principal = cert.getSubjectX500Principal();
         byte[] encodedSubject = principal.getEncoded();
diff --git a/app/src/main/java/de/blinkt/openvpn/fragments/LogFragment.java b/app/src/main/java/de/blinkt/openvpn/fragments/LogFragment.java
index 2a75c15e..f75e459e 100644
--- a/app/src/main/java/de/blinkt/openvpn/fragments/LogFragment.java
+++ b/app/src/main/java/de/blinkt/openvpn/fragments/LogFragment.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012-2014 Arne Schwabe
+ * Copyright (c) 2012-2016 Arne Schwabe
  * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
  */
 
@@ -22,6 +22,9 @@ import android.os.Bundle;
 import android.os.Handler;
 import android.os.Handler.Callback;
 import android.os.Message;
+import android.preference.Preference;
+import android.preference.PreferenceManager;
+import android.support.annotation.Nullable;
 import android.text.SpannableString;
 import android.text.format.DateFormat;
 import android.text.style.ImageSpan;
@@ -33,6 +36,8 @@ import android.view.View;
 import android.view.ViewGroup;
 import android.widget.AdapterView;
 import android.widget.AdapterView.OnItemLongClickListener;
+import android.widget.CheckBox;
+import android.widget.CompoundButton;
 import android.widget.LinearLayout;
 import android.widget.ListAdapter;
 import android.widget.ListView;
@@ -41,8 +46,6 @@ import android.widget.SeekBar;
 import android.widget.TextView;
 import android.widget.Toast;
 
-import org.jetbrains.annotations.Nullable;
-
 import java.text.SimpleDateFormat;
 import java.util.Collections;
 import java.util.Date;
@@ -67,11 +70,12 @@ import static de.blinkt.openvpn.core.OpenVPNService.humanReadableByteCount;
 import se.leap.bitmaskclient.Dashboard;
 
 public class LogFragment extends ListFragment implements StateListener, SeekBar.OnSeekBarChangeListener, RadioGroup.OnCheckedChangeListener, VpnStatus.ByteCountListener {
-	private static final String LOGTIMEFORMAT = "logtimeformat";
-	private static final int START_VPN_CONFIG = 0;
+    private static final String LOGTIMEFORMAT = "logtimeformat";
+    private static final int START_VPN_CONFIG = 0;
     private static final String VERBOSITYLEVEL = "verbositylevel";
 
 
+
     private SeekBar mLogLevelSlider;
     private LinearLayout mOptionsLayout;
     private RadioGroup mTimeRadioGroup;
@@ -79,10 +83,11 @@ public class LogFragment extends ListFragment implements StateListener, SeekBar.
     private TextView mDownStatus;
     private TextView mConnectStatus;
     private boolean mShowOptionsLayout;
+    private CheckBox mClearLogCheckBox;
 
     @Override
     public void onProgressChanged(SeekBar seekBar, int progress, boolean fromUser) {
-        ladapter.setLogLevel(progress+1);
+        ladapter.setLogLevel(progress + 1);
     }
 
     @Override
@@ -134,7 +139,7 @@ public class LogFragment extends ListFragment implements StateListener, SeekBar.
 
         private static final int MESSAGE_NEWLOG = 0;
 
-		private static final int MESSAGE_CLEARLOG = 1;
+        private static final int MESSAGE_CLEARLOG = 1;
 
         private static final int MESSAGE_NEWTS = 2;
         private static final int MESSAGE_NEWLOGLEVEL = 3;
@@ -144,110 +149,109 @@ public class LogFragment extends ListFragment implements StateListener, SeekBar.
         public static final int TIME_FORMAT_ISO = 2;
         private static final int MAX_STORED_LOG_ENTRIES = 1000;
 
-        private Vector<LogItem> allEntries=new Vector<LogItem>();
+        private Vector<LogItem> allEntries = new Vector<>();
 
-        private Vector<LogItem> currentLevelEntries=new Vector<LogItem>();
+        private Vector<LogItem> currentLevelEntries = new Vector<LogItem>();
 
-		private Handler mHandler;
+        private Handler mHandler;
 
-		private Vector<DataSetObserver> observers=new Vector<DataSetObserver>();
+        private Vector<DataSetObserver> observers = new Vector<DataSetObserver>();
 
-		private int mTimeFormat=0;
-        private int mLogLevel=3;
+        private int mTimeFormat = 0;
+        private int mLogLevel = 3;
 
 
         public LogWindowListAdapter() {
-			initLogBuffer();
-			if (mHandler == null) {
-				mHandler = new Handler(this);
-			}
-
-			VpnStatus.addLogListener(this);
-		}
+            initLogBuffer();
+            if (mHandler == null) {
+                mHandler = new Handler(this);
+            }
 
+            VpnStatus.addLogListener(this);
+        }
 
 
-		private void initLogBuffer() {
-			allEntries.clear();
+        private void initLogBuffer() {
+            allEntries.clear();
             Collections.addAll(allEntries, VpnStatus.getlogbuffer());
             initCurrentMessages();
-		}
-
-		String getLogStr() {
-			String str = "";
-			for(LogItem entry:allEntries) {
-				str+=getTime(entry, TIME_FORMAT_ISO) + entry.getString(getActivity()) + '\n';
-			}
-			return str;
-		}
-
-
-		private void shareLog() {
-			Intent shareIntent = new Intent(Intent.ACTION_SEND);
-			shareIntent.putExtra(Intent.EXTRA_TEXT, getLogStr());
-			shareIntent.putExtra(Intent.EXTRA_SUBJECT, getString(R.string.ics_openvpn_log_file));
-			shareIntent.setType("text/plain");
-			startActivity(Intent.createChooser(shareIntent, "Send Logfile"));
-		}
-
-		@Override
-		public void registerDataSetObserver(DataSetObserver observer) {
-			observers.add(observer);
-
-		}
-
-		@Override
-		public void unregisterDataSetObserver(DataSetObserver observer) {
-			observers.remove(observer);
-		}
-
-		@Override
-		public int getCount() {
-			return currentLevelEntries.size();
-		}
-
-		@Override
-		public Object getItem(int position) {
-			return currentLevelEntries.get(position);
-		}
-
-		@Override
-		public long getItemId(int position) {
-			return ((Object)currentLevelEntries.get(position)).hashCode();
-		}
-
-		@Override
-		public boolean hasStableIds() {
-			return true;
-		}
-
-		@Override
-		public View getView(int position, View convertView, ViewGroup parent) {
-			TextView v;
-			if(convertView==null)
-				v = new TextView(getActivity());
-			else
-				v = (TextView) convertView;
-			
-			LogItem le = currentLevelEntries.get(position);
-			String msg = le.getString(getActivity());
+        }
+
+        String getLogStr() {
+            String str = "";
+            for (LogItem entry : allEntries) {
+                str += getTime(entry, TIME_FORMAT_ISO) + entry.getString(getActivity()) + '\n';
+            }
+            return str;
+        }
+
+
+        private void shareLog() {
+            Intent shareIntent = new Intent(Intent.ACTION_SEND);
+            shareIntent.putExtra(Intent.EXTRA_TEXT, getLogStr());
+            shareIntent.putExtra(Intent.EXTRA_SUBJECT, getString(R.string.ics_openvpn_log_file));
+            shareIntent.setType("text/plain");
+            startActivity(Intent.createChooser(shareIntent, "Send Logfile"));
+        }
+
+        @Override
+        public void registerDataSetObserver(DataSetObserver observer) {
+            observers.add(observer);
+
+        }
+
+        @Override
+        public void unregisterDataSetObserver(DataSetObserver observer) {
+            observers.remove(observer);
+        }
+
+        @Override
+        public int getCount() {
+            return currentLevelEntries.size();
+        }
+
+        @Override
+        public Object getItem(int position) {
+            return currentLevelEntries.get(position);
+        }
+
+        @Override
+        public long getItemId(int position) {
+            return ((Object) currentLevelEntries.get(position)).hashCode();
+        }
+
+        @Override
+        public boolean hasStableIds() {
+            return true;
+        }
+
+        @Override
+        public View getView(int position, View convertView, ViewGroup parent) {
+            TextView v;
+            if (convertView == null)
+                v = new TextView(getActivity());
+            else
+                v = (TextView) convertView;
+
+            LogItem le = currentLevelEntries.get(position);
+            String msg = le.getString(getActivity());
             String time = getTime(le, mTimeFormat);
-            msg =  time +  msg;
+            msg = time + msg;
 
             int spanStart = time.length();
 
             SpannableString t = new SpannableString(msg);
 
             //t.setSpan(getSpanImage(le,(int)v.getTextSize()),spanStart,spanStart+1, Spanned.SPAN_INCLUSIVE_INCLUSIVE);
-			v.setText(t);
-			return v;
-		}
+            v.setText(t);
+            return v;
+        }
 
         private String getTime(LogItem le, int time) {
             if (time != TIME_FORMAT_NONE) {
                 Date d = new Date(le.getLogtime());
                 java.text.DateFormat timeformat;
-                if (time== TIME_FORMAT_ISO)
+                if (time == TIME_FORMAT_ISO)
                     timeformat = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss", Locale.getDefault());
                 else
                     timeformat = DateFormat.getTimeFormat(getActivity());
@@ -289,49 +293,49 @@ public class LogFragment extends ListFragment implements StateListener, SeekBar.
         }
 
         @Override
-		public int getItemViewType(int position) {
-			return 0;
-		}
-
-		@Override
-		public int getViewTypeCount() {
-			return 1;
-		}
-
-		@Override
-		public boolean isEmpty() {
-			return currentLevelEntries.isEmpty();
-
-		}
-
-		@Override
-		public boolean areAllItemsEnabled() {
-			return true;
-		}
-
-		@Override
-		public boolean isEnabled(int position) {
-			return true;
-		}
-
-		@Override
-		public void newLog(LogItem logMessage) {
-			Message msg = Message.obtain();
-            assert (msg!=null);
-			msg.what=MESSAGE_NEWLOG;
-			Bundle bundle=new Bundle();
-			bundle.putParcelable("logmessage", logMessage);
-			msg.setData(bundle);
-			mHandler.sendMessage(msg);
-		}
-
-		@Override
-		public boolean handleMessage(Message msg) {
-			// We have been called
-			if(msg.what==MESSAGE_NEWLOG) {
-
-				LogItem logMessage = msg.getData().getParcelable("logmessage");
-                if(addLogMessage(logMessage))
+        public int getItemViewType(int position) {
+            return 0;
+        }
+
+        @Override
+        public int getViewTypeCount() {
+            return 1;
+        }
+
+        @Override
+        public boolean isEmpty() {
+            return currentLevelEntries.isEmpty();
+
+        }
+
+        @Override
+        public boolean areAllItemsEnabled() {
+            return true;
+        }
+
+        @Override
+        public boolean isEnabled(int position) {
+            return true;
+        }
+
+        @Override
+        public void newLog(LogItem logMessage) {
+            Message msg = Message.obtain();
+            assert (msg != null);
+            msg.what = MESSAGE_NEWLOG;
+            Bundle bundle = new Bundle();
+            bundle.putParcelable("logmessage", logMessage);
+            msg.setData(bundle);
+            mHandler.sendMessage(msg);
+        }
+
+        @Override
+        public boolean handleMessage(Message msg) {
+            // We have been called
+            if (msg.what == MESSAGE_NEWLOG) {
+
+                LogItem logMessage = msg.getData().getParcelable("logmessage");
+                if (addLogMessage(logMessage))
                     for (DataSetObserver observer : observers) {
                         observer.onChanged();
                     }
@@ -340,25 +344,25 @@ public class LogFragment extends ListFragment implements StateListener, SeekBar.
                     observer.onInvalidated();
                 }
                 initLogBuffer();
-			}  else if (msg.what == MESSAGE_NEWTS) {
-				for (DataSetObserver observer : observers) {
-					observer.onInvalidated();
-				}
-			} else if (msg.what == MESSAGE_NEWLOGLEVEL) {
+            } else if (msg.what == MESSAGE_NEWTS) {
+                for (DataSetObserver observer : observers) {
+                    observer.onInvalidated();
+                }
+            } else if (msg.what == MESSAGE_NEWLOGLEVEL) {
                 initCurrentMessages();
 
-                for (DataSetObserver observer: observers) {
+                for (DataSetObserver observer : observers) {
                     observer.onChanged();
                 }
 
             }
 
-			return true;
-		}
+            return true;
+        }
 
         private void initCurrentMessages() {
             currentLevelEntries.clear();
-            for(LogItem li: allEntries) {
+            for (LogItem li : allEntries) {
                 if (li.getVerbosityLevel() <= mLogLevel ||
                         mLogLevel == VpnProfile.MAXLOGLEVEL)
                     currentLevelEntries.add(li);
@@ -366,7 +370,6 @@ public class LogFragment extends ListFragment implements StateListener, SeekBar.
         }
 
         /**
-         *
          * @param logmessage
          * @return True if the current entries have changed
          */
@@ -376,7 +379,7 @@ public class LogFragment extends ListFragment implements StateListener, SeekBar.
             if (allEntries.size() > MAX_STORED_LOG_ENTRIES) {
                 Vector<LogItem> oldAllEntries = allEntries;
                 allEntries = new Vector<LogItem>(allEntries.size());
-                for (int i=50;i<oldAllEntries.size();i++) {
+                for (int i = 50; i < oldAllEntries.size(); i++) {
                     allEntries.add(oldAllEntries.elementAt(i));
                 }
                 initCurrentMessages();
@@ -392,85 +395,81 @@ public class LogFragment extends ListFragment implements StateListener, SeekBar.
         }
 
         void clearLog() {
-			// Actually is probably called from GUI Thread as result of the user 
-			// pressing a button. But better safe than sorry
-			VpnStatus.clearLog();
-			VpnStatus.logInfo(R.string.logCleared);
-			mHandler.sendEmptyMessage(MESSAGE_CLEARLOG);
-		}
-
+            // Actually is probably called from GUI Thread as result of the user
+            // pressing a button. But better safe than sorry
+            VpnStatus.clearLog();
+            VpnStatus.logInfo(R.string.logCleared);
+            mHandler.sendEmptyMessage(MESSAGE_CLEARLOG);
+        }
 
 
-		public void setTimeFormat(int newTimeFormat) {
-			mTimeFormat= newTimeFormat;
-			mHandler.sendEmptyMessage(MESSAGE_NEWTS);
-		}
+        public void setTimeFormat(int newTimeFormat) {
+            mTimeFormat = newTimeFormat;
+            mHandler.sendEmptyMessage(MESSAGE_NEWTS);
+        }
 
         public void setLogLevel(int logLevel) {
             mLogLevel = logLevel;
             mHandler.sendEmptyMessage(MESSAGE_NEWLOGLEVEL);
         }
-		
-	}
-
-
 
-	private LogWindowListAdapter ladapter;
-	private TextView mSpeedView;
+    }
 
 
+    private LogWindowListAdapter ladapter;
+    private TextView mSpeedView;
 
 
     @Override
-	public boolean onOptionsItemSelected(MenuItem item) {
-		if(item.getItemId()==R.id.clearlog) {
-			ladapter.clearLog();
-			return true;
-		} else if(item.getItemId()==R.id.cancel){
-            Intent intent = new Intent(getActivity(),DisconnectVPN.class);
+    public boolean onOptionsItemSelected(MenuItem item) {
+        if (item.getItemId() == R.id.clearlog) {
+            ladapter.clearLog();
+            return true;
+        } else if (item.getItemId() == R.id.cancel) {
+            Intent intent = new Intent(getActivity(), DisconnectVPN.class);
             startActivity(intent);
             return true;
-        } else if(item.getItemId()==R.id.send) {
-			ladapter.shareLog();
-		} else if(item.getItemId()==R.id.edit_vpn) {
-			VpnProfile lastConnectedprofile = ProfileManager.getLastConnectedVpn();
-
-			if(lastConnectedprofile!=null) {
-				Intent vprefintent = new Intent(getActivity(),Dashboard.class)
-				.putExtra(VpnProfile.EXTRA_PROFILEUUID,lastConnectedprofile.getUUIDString());
-				startActivityForResult(vprefintent,START_VPN_CONFIG);
-			} else {
-				Toast.makeText(getActivity(), R.string.log_no_last_vpn, Toast.LENGTH_LONG).show();
-			}
-		} else if(item.getItemId() == R.id.toggle_time) {
-			showHideOptionsPanel();
-		} else if(item.getItemId() == android.R.id.home) {
-			// This is called when the Home (Up) button is pressed
-			// in the Action Bar.
-			Intent parentActivityIntent = new Intent(getActivity(), Dashboard.class);
-			parentActivityIntent.addFlags(
-					Intent.FLAG_ACTIVITY_CLEAR_TOP |
-					Intent.FLAG_ACTIVITY_NEW_TASK);
-			startActivity(parentActivityIntent);
-			getActivity().finish();
-			return true;
-
-		}
-		return super.onOptionsItemSelected(item);
-
-	}
+        } else if (item.getItemId() == R.id.send) {
+            ladapter.shareLog();
+        } else if (item.getItemId() == R.id.edit_vpn) {
+            VpnProfile lastConnectedprofile = ProfileManager.getLastConnectedVpn();
+
+            if (lastConnectedprofile != null) {
+                Intent vprefintent = new Intent(getActivity(), Dashboard.class)
+                        .putExtra(VpnProfile.EXTRA_PROFILEUUID, lastConnectedprofile.getUUIDString());
+                startActivityForResult(vprefintent, START_VPN_CONFIG);
+            } else {
+                Toast.makeText(getActivity(), R.string.log_no_last_vpn, Toast.LENGTH_LONG).show();
+            }
+        } else if (item.getItemId() == R.id.toggle_time) {
+            showHideOptionsPanel();
+        } else if (item.getItemId() == android.R.id.home) {
+            // This is called when the Home (Up) button is pressed
+            // in the Action Bar.
+            Intent parentActivityIntent = new Intent(getActivity(), Dashboard.class);
+            parentActivityIntent.addFlags(
+                    Intent.FLAG_ACTIVITY_CLEAR_TOP |
+                            Intent.FLAG_ACTIVITY_NEW_TASK);
+            startActivity(parentActivityIntent);
+            getActivity().finish();
+            return true;
+
+        }
+        return super.onOptionsItemSelected(item);
+
+    }
 
     private void showHideOptionsPanel() {
         boolean optionsVisible = (mOptionsLayout.getVisibility() != View.GONE);
 
         ObjectAnimator anim;
         if (optionsVisible) {
-            anim = ObjectAnimator.ofFloat(mOptionsLayout,"alpha",1.0f, 0f);
+            anim = ObjectAnimator.ofFloat(mOptionsLayout, "alpha", 1.0f, 0f);
             anim.addListener(collapseListener);
 
         } else {
             mOptionsLayout.setVisibility(View.VISIBLE);
-            anim = ObjectAnimator.ofFloat(mOptionsLayout,"alpha", 0f, 1.0f);
+            anim = ObjectAnimator.ofFloat(mOptionsLayout, "alpha", 0f, 1.0f);
             //anim = new TranslateAnimation(0.0f, 0.0f, mOptionsLayout.getHeight(), 0.0f);
 
         }
@@ -493,16 +492,16 @@ public class LogFragment extends ListFragment implements StateListener, SeekBar.
 
     @Override
     public void onCreateOptionsMenu(Menu menu, MenuInflater inflater) {
-		inflater.inflate(R.menu.logmenu, menu);
+        inflater.inflate(R.menu.logmenu, menu);
         if (getResources().getBoolean(R.bool.logSildersAlwaysVisible))
             menu.removeItem(R.id.toggle_time);
-	}
+    }
 
 
-	@Override
+    @Override
     public void onResume() {
-		super.onResume();
-		VpnStatus.addStateListener(this);
+        super.onResume();
+        VpnStatus.addStateListener(this);
         VpnStatus.addByteCountListener(this);
         Intent intent = new Intent(getActivity(), OpenVPNService.class);
         intent.setAction(OpenVPNService.START_SERVICE);
@@ -512,45 +511,45 @@ public class LogFragment extends ListFragment implements StateListener, SeekBar.
 
     @Override
     public void onActivityResult(int requestCode, int resultCode, Intent data) {
-		if (requestCode == START_VPN_CONFIG && resultCode== Activity.RESULT_OK) {
-			String configuredVPN = data.getStringExtra(VpnProfile.EXTRA_PROFILEUUID);
+        if (requestCode == START_VPN_CONFIG && resultCode == Activity.RESULT_OK) {
+            String configuredVPN = data.getStringExtra(VpnProfile.EXTRA_PROFILEUUID);
 
-			final VpnProfile profile = ProfileManager.get(getActivity(),configuredVPN);
-			ProfileManager.getInstance(getActivity()).saveProfile(getActivity(), profile);
-			// Name could be modified, reset List adapter
+            final VpnProfile profile = ProfileManager.get(getActivity(), configuredVPN);
+            ProfileManager.getInstance(getActivity()).saveProfile(getActivity(), profile);
+            // Name could be modified, reset List adapter
 
-			AlertDialog.Builder dialog = new AlertDialog.Builder(getActivity());
-			dialog.setTitle(R.string.configuration_changed);
-			dialog.setMessage(R.string.restart_vpn_after_change);
+            AlertDialog.Builder dialog = new AlertDialog.Builder(getActivity());
+            dialog.setTitle(R.string.configuration_changed);
+            dialog.setMessage(R.string.restart_vpn_after_change);
 
 
-			dialog.setPositiveButton(R.string.restart,
-					new DialogInterface.OnClickListener() {
-				@Override
-				public void onClick(DialogInterface dialog, int which) {
-					Intent intent = new Intent(getActivity(), LaunchVPN.class);
-					intent.putExtra(LaunchVPN.EXTRA_KEY, profile.getUUIDString());
-					intent.setAction(Intent.ACTION_MAIN);
-					startActivity(intent);
-				}
+            dialog.setPositiveButton(R.string.restart,
+                    new DialogInterface.OnClickListener() {
+                        @Override
+                        public void onClick(DialogInterface dialog, int which) {
+                            Intent intent = new Intent(getActivity(), LaunchVPN.class);
+                            intent.putExtra(LaunchVPN.EXTRA_KEY, profile.getUUIDString());
+                            intent.setAction(Intent.ACTION_MAIN);
+                            startActivity(intent);
+                        }
 
 
-			});
-			dialog.setNegativeButton(R.string.ignore, null);
-			dialog.create().show();
-		}
-		super.onActivityResult(requestCode, resultCode, data);
-	}
+                    });
+            dialog.setNegativeButton(R.string.ignore, null);
+            dialog.create().show();
+        }
+        super.onActivityResult(requestCode, resultCode, data);
+    }
 
 
     @Override
     public void onStop() {
-		super.onStop();
-		VpnStatus.removeStateListener(this);
+        super.onStop();
+        VpnStatus.removeStateListener(this);
         VpnStatus.removeByteCountListener(this);
 
         getActivity().getPreferences(0).edit().putInt(LOGTIMEFORMAT, ladapter.mTimeFormat)
-                                .putInt(VERBOSITYLEVEL, ladapter.mLogLevel).apply();
+                .putInt(VERBOSITYLEVEL, ladapter.mLogLevel).apply();
 
     }
 
@@ -567,7 +566,7 @@ public class LogFragment extends ListFragment implements StateListener, SeekBar.
                                            int position, long id) {
                 ClipboardManager clipboard = (ClipboardManager)
                         getActivity().getSystemService(Context.CLIPBOARD_SERVICE);
-                ClipData clip = ClipData.newPlainText("Log Entry",((TextView) view).getText());
+                ClipData clip = ClipData.newPlainText("Log Entry", ((TextView) view).getText());
                 clipboard.setPrimaryClip(clip);
                 Toast.makeText(getActivity(), R.string.copied_entry, Toast.LENGTH_SHORT).show();
                 return true;
@@ -583,8 +582,8 @@ public class LogFragment extends ListFragment implements StateListener, SeekBar.
         setHasOptionsMenu(true);
 
         ladapter = new LogWindowListAdapter();
-        ladapter.mTimeFormat = getActivity().getPreferences(0).getInt(LOGTIMEFORMAT, 0);
-        int logLevel = getActivity().getPreferences(0).getInt(VERBOSITYLEVEL, 0);
+        ladapter.mTimeFormat = getActivity().getPreferences(0).getInt(LOGTIMEFORMAT, 1);
+        int logLevel = getActivity().getPreferences(0).getInt(VERBOSITYLEVEL, 1);
         ladapter.setLogLevel(logLevel);
 
         setListAdapter(ladapter);
@@ -592,7 +591,7 @@ public class LogFragment extends ListFragment implements StateListener, SeekBar.
         mTimeRadioGroup = (RadioGroup) v.findViewById(R.id.timeFormatRadioGroup);
         mTimeRadioGroup.setOnCheckedChangeListener(this);
 
-        if(ladapter.mTimeFormat== LogWindowListAdapter.TIME_FORMAT_ISO) {
+        if (ladapter.mTimeFormat == LogWindowListAdapter.TIME_FORMAT_ISO) {
             mTimeRadioGroup.check(R.id.radioISO);
         } else if (ladapter.mTimeFormat == LogWindowListAdapter.TIME_FORMAT_NONE) {
             mTimeRadioGroup.check(R.id.radioNone);
@@ -600,16 +599,25 @@ public class LogFragment extends ListFragment implements StateListener, SeekBar.
             mTimeRadioGroup.check(R.id.radioShort);
         }
 
+        mClearLogCheckBox = (CheckBox) v.findViewById(R.id.clearlogconnect);
+        mClearLogCheckBox.setChecked(PreferenceManager.getDefaultSharedPreferences(getActivity()).getBoolean(LaunchVPN.CLEARLOG, true));
+        mClearLogCheckBox.setOnCheckedChangeListener(new CompoundButton.OnCheckedChangeListener() {
+            @Override
+            public void onCheckedChanged(CompoundButton buttonView, boolean isChecked) {
+                PreferenceManager.getDefaultSharedPreferences(getActivity()).edit().putBoolean(LaunchVPN.CLEARLOG, isChecked).apply();
+            }
+        });
+
         mSpeedView = (TextView) v.findViewById(R.id.speed);
 
         mOptionsLayout = (LinearLayout) v.findViewById(R.id.logOptionsLayout);
         mLogLevelSlider = (SeekBar) v.findViewById(R.id.LogLevelSlider);
-        mLogLevelSlider.setMax(VpnProfile.MAXLOGLEVEL-1);
-        mLogLevelSlider.setProgress(logLevel-1);
+        mLogLevelSlider.setMax(VpnProfile.MAXLOGLEVEL - 1);
+        mLogLevelSlider.setProgress(logLevel - 1);
 
         mLogLevelSlider.setOnSeekBarChangeListener(this);
 
-        if(getResources().getBoolean(R.bool.logSildersAlwaysVisible))
+        if (getResources().getBoolean(R.bool.logSildersAlwaysVisible))
             mOptionsLayout.setVisibility(View.VISIBLE);
 
         mUpStatus = (TextView) v.findViewById(R.id.speedUp);
@@ -623,16 +631,16 @@ public class LogFragment extends ListFragment implements StateListener, SeekBar.
     @Override
     public void onAttach(Activity activity) {
         super.onAttach(activity);
-        if(getResources().getBoolean(R.bool.logSildersAlwaysVisible)) {
-            mShowOptionsLayout=true;
-            if (mOptionsLayout!= null)
+        if (getResources().getBoolean(R.bool.logSildersAlwaysVisible)) {
+            mShowOptionsLayout = true;
+            if (mOptionsLayout != null)
                 mOptionsLayout.setVisibility(View.VISIBLE);
         }
     }
 
     @Override
-	public void onCreate(Bundle savedInstanceState) {
-		super.onCreate(savedInstanceState);
+    public void onCreate(Bundle savedInstanceState) {
+        super.onCreate(savedInstanceState);
 
         //getActionBar().setDisplayHomeAsUpEnabled(true);
 
@@ -642,19 +650,16 @@ public class LogFragment extends ListFragment implements StateListener, SeekBar.
     @Override
     public void updateState(final String status, final String logMessage, final int resId, final ConnectionStatus level) {
         if (isAdded()) {
+            final String cleanLogMessage = VpnStatus.getLastCleanLogMessage(getActivity());
+
             getActivity().runOnUiThread(new Runnable() {
 
                 @Override
                 public void run() {
                     if (isAdded()) {
-                        String prefix = getString(resId) + ":";
-                        if (status.equals("BYTECOUNT") || status.equals("NOPROCESS"))
-                            prefix = "";
-                        if (resId == R.string.unknown_state)
-                            prefix += status;
-                        if (mSpeedView != null)
-                            mSpeedView.setText(prefix + logMessage);
-
+                        if (mSpeedView != null) {
+                            mSpeedView.setText(cleanLogMessage);
+                        }
                         if (mConnectStatus != null)
                             mConnectStatus.setText(getString(resId));
                     }
@@ -664,10 +669,10 @@ public class LogFragment extends ListFragment implements StateListener, SeekBar.
     }
 
 
-	@Override
+    @Override
     public void onDestroy() {
-		VpnStatus.removeLogListener(ladapter);
-		super.onDestroy();
-	}
+        VpnStatus.removeLogListener(ladapter);
+        super.onDestroy();
+    }
 
 }
diff --git a/app/src/main/java/de/blinkt/openvpn/views/SeekBarTicks.java b/app/src/main/java/de/blinkt/openvpn/views/SeekBarTicks.java
index 82378b00..347ce708 100644
--- a/app/src/main/java/de/blinkt/openvpn/views/SeekBarTicks.java
+++ b/app/src/main/java/de/blinkt/openvpn/views/SeekBarTicks.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012-2014 Arne Schwabe
+ * Copyright (c) 2012-2016 Arne Schwabe
  * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
  */
 
@@ -42,10 +42,9 @@ public class SeekBarTicks extends SeekBar {
         TypedArray a = context.obtainStyledAttributes(attrs,
                 new int[] { android.R.attr.secondaryProgress }, defStyle, 0);
 
-
-        int tickColor = a.getColor(0, android.R.color.black);
         mTickPaint = new Paint();
-        mTickPaint.setColor( context.getResources().getColor(tickColor));
+        //noinspection deprecation
+        mTickPaint.setColor( context.getResources().getColor(android.R.color.black));
         a.recycle();
     }
 
diff --git a/app/src/main/res/drawable-hdpi/ic_close_white_24dp.png b/app/src/main/res/drawable-hdpi/ic_close_white_24dp.png
index 0fd15563..ceb1a1ee 100644
Binary files a/app/src/main/res/drawable-hdpi/ic_close_white_24dp.png and b/app/src/main/res/drawable-hdpi/ic_close_white_24dp.png differ
diff --git a/app/src/main/res/drawable-mdpi/ic_close_white_24dp.png b/app/src/main/res/drawable-mdpi/ic_close_white_24dp.png
index e80681ae..af7f8288 100644
Binary files a/app/src/main/res/drawable-mdpi/ic_close_white_24dp.png and b/app/src/main/res/drawable-mdpi/ic_close_white_24dp.png differ
diff --git a/app/src/main/res/drawable-xhdpi/ic_close_white_24dp.png b/app/src/main/res/drawable-xhdpi/ic_close_white_24dp.png
index 76e07f09..b7c7ffd0 100644
Binary files a/app/src/main/res/drawable-xhdpi/ic_close_white_24dp.png and b/app/src/main/res/drawable-xhdpi/ic_close_white_24dp.png differ
diff --git a/app/src/main/res/drawable-xxhdpi/ic_close_white_24dp.png b/app/src/main/res/drawable-xxhdpi/ic_close_white_24dp.png
index 0eb9d8b0..6b717e0d 100644
Binary files a/app/src/main/res/drawable-xxhdpi/ic_close_white_24dp.png and b/app/src/main/res/drawable-xxhdpi/ic_close_white_24dp.png differ
diff --git a/app/src/main/res/drawable-xxxhdpi/ic_close_white_24dp.png b/app/src/main/res/drawable-xxxhdpi/ic_close_white_24dp.png
index 7b2a480a..39641921 100644
Binary files a/app/src/main/res/drawable-xxxhdpi/ic_close_white_24dp.png and b/app/src/main/res/drawable-xxxhdpi/ic_close_white_24dp.png differ
diff --git a/app/src/main/res/drawable/white_rect.xml b/app/src/main/res/drawable/white_rect.xml
index 5ead4b9b..36df6913 100644
--- a/app/src/main/res/drawable/white_rect.xml
+++ b/app/src/main/res/drawable/white_rect.xml
@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!--
-  ~ Copyright (c) 2012-2014 Arne Schwabe
+  ~ Copyright (c) 2012-2016 Arne Schwabe
   ~ Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
   -->
 
diff --git a/app/src/main/res/layout-sw600dp-port/log_fragment.xml b/app/src/main/res/layout-sw600dp-port/log_fragment.xml
index 1fb9fa54..7a4b60fe 100644
--- a/app/src/main/res/layout-sw600dp-port/log_fragment.xml
+++ b/app/src/main/res/layout-sw600dp-port/log_fragment.xml
@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!--
-  ~ Copyright (c) 2012-2014 Arne Schwabe
+  ~ Copyright (c) 2012-2016 Arne Schwabe
   ~ Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
   -->
 
diff --git a/app/src/main/res/layout-sw600dp/log_fragment.xml b/app/src/main/res/layout-sw600dp/log_fragment.xml
index 0bd3f991..26f63df4 100644
--- a/app/src/main/res/layout-sw600dp/log_fragment.xml
+++ b/app/src/main/res/layout-sw600dp/log_fragment.xml
@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!--
-  ~ Copyright (c) 2012-2014 Arne Schwabe
+  ~ Copyright (c) 2012-2016 Arne Schwabe
   ~ Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
   -->
 
diff --git a/app/src/main/res/layout/log_fragment.xml b/app/src/main/res/layout/log_fragment.xml
index 491882a9..ab070117 100644
--- a/app/src/main/res/layout/log_fragment.xml
+++ b/app/src/main/res/layout/log_fragment.xml
@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!--
-  ~ Copyright (c) 2012-2014 Arne Schwabe
+  ~ Copyright (c) 2012-2016 Arne Schwabe
   ~ Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
   -->
 
diff --git a/app/src/main/res/layout/log_silders.xml b/app/src/main/res/layout/log_silders.xml
index 152407f9..4196e243 100644
--- a/app/src/main/res/layout/log_silders.xml
+++ b/app/src/main/res/layout/log_silders.xml
@@ -2,7 +2,7 @@
 
 
 <!--
-  ~ Copyright (c) 2012-2014 Arne Schwabe
+  ~ Copyright (c) 2012-2016 Arne Schwabe
   ~ Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
   -->
 
@@ -63,4 +63,11 @@
 
 
     </RadioGroup>
+
+    <CheckBox
+        tools:checked="true"
+        android:id="@+id/clearlogconnect"
+        android:text="@string/clear_log_on_connect"
+        android:layout_width="wrap_content"
+        android:layout_height="wrap_content" />
 </LinearLayout>
\ No newline at end of file
diff --git a/app/src/main/res/layout/log_window.xml b/app/src/main/res/layout/log_window.xml
index fcc7aa7a..7c25dcfa 100644
--- a/app/src/main/res/layout/log_window.xml
+++ b/app/src/main/res/layout/log_window.xml
@@ -1,5 +1,5 @@
 <!--
-  ~ Copyright (c) 2012-2014 Arne Schwabe
+  ~ Copyright (c) 2012-2016 Arne Schwabe
   ~ Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
   -->
 
diff --git a/app/src/main/res/layout/vpnstatus.xml b/app/src/main/res/layout/vpnstatus.xml
index 2d77bbab..b304ad10 100644
--- a/app/src/main/res/layout/vpnstatus.xml
+++ b/app/src/main/res/layout/vpnstatus.xml
@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!--
-  ~ Copyright (c) 2012-2014 Arne Schwabe
+  ~ Copyright (c) 2012-2016 Arne Schwabe
   ~ Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
   -->
 
diff --git a/app/src/main/res/menu/logmenu.xml b/app/src/main/res/menu/logmenu.xml
index 2df53141..890d1c2e 100644
--- a/app/src/main/res/menu/logmenu.xml
+++ b/app/src/main/res/menu/logmenu.xml
@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!--
-  ~ Copyright (c) 2012-2014 Arne Schwabe
+  ~ Copyright (c) 2012-2016 Arne Schwabe
   ~ Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
   -->
 
@@ -11,34 +11,33 @@
             android:id="@+id/toggle_time"
             android:alphabeticShortcut="t"
             android:icon="@drawable/ic_menu_view"
-            android:showAsAction="withText|ifRoom"
+            android:showAsAction="ifRoom"
             android:title="@string/logview_options" />
 
     <item
             android:id="@+id/clearlog"
             android:icon="@drawable/ic_menu_delete"
-            android:showAsAction="ifRoom|withText"
+            android:showAsAction="ifRoom"
             android:title="@string/clear_log"
             android:titleCondensed="@string/clear"/>
     <item
             android:id="@+id/send"
             android:icon="@drawable/ic_menu_share"
-            android:showAsAction="ifRoom|withText"
+            android:showAsAction="ifRoom"
             android:title="@string/send_logfile"
             android:titleCondensed="@string/send"/>
 
     <item
             android:id="@+id/cancel"
             android:icon="@drawable/ic_menu_close_clear_cancel"
-            android:showAsAction="ifRoom|withText"
+            android:showAsAction="ifRoom"
             android:title="@string/cancel_connection_long"
             android:titleCondensed="@string/cancel_connection"/>
     <item
             android:id="@+id/edit_vpn"
             android:alphabeticShortcut="e"
             android:icon="@drawable/ic_menu_edit"
-            android:showAsAction="withText|ifRoom"
+            android:showAsAction="ifRoom"
             android:title="@string/edit_vpn"
 	    android:visible="false"/>
-
 </menu>
diff --git a/app/src/main/res/values-cs/strings-icsopenvpn.xml b/app/src/main/res/values-cs/strings-icsopenvpn.xml
index 12837f13..c2b47b77 100755
--- a/app/src/main/res/values-cs/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-cs/strings-icsopenvpn.xml
@@ -180,7 +180,6 @@
   <string name="keychain_nocacert">Žádný CA certifikát nebyl získán z úložiště, autentikace pravděpodobně selže.</string>
   <string name="show_log_summary">Zobrazit okno s logem při připojování. okno lze vždy otevřít z notifikace.</string>
   <string name="show_log_window">Zobrazit okno s logem</string>
-  <string name="mobile_info">Spuštěno na %1$s (%2$s) %3$s, Android API %4$d</string>
   <string name="error_rsa_sign">Chyba při podepisování klíčem %1$s: %2$s</string>
   <string name="faq_system_dialogs">VPN varování při připojování oznamující o možnosti přesměrování veškerého provozu je vynuceno systémem, aby se zabránilo zneužití VPNService API.\nNotifikace (symbol s klíčem) je také vynucena systémem, aby signalizovala odchozí VPN spojení. Na některých systémech přehrává notifikace i zvuk.\nAndroid zavedl tyto dialogy pro tvoji osobní bezpečnost a ujistil se, že nejdou obejít. (Někdu to bohužel zahrnuje i zvuk notifikace.)</string>
   <string name="faq_system_dialogs_title">Varování při připojení a zvuková notifikace</string>
@@ -260,7 +259,6 @@
   <string name="encryption_cipher">Šifrovací algoritmus</string>
   <string name="packet_auth">Ověřování paketů</string>
   <string name="auth_dialog_title">Zadej způsob ověřování paketů</string>
-  <string name="mobile_info_extended">Běží na %1$s (%2$s) %3$s, Android API %4$d, verze %5$s, %6$s</string>
   <string name="built_by">sestaveno od %s</string>
   <string name="debug_build">ladící verze</string>
   <string name="official_build">oficiální verze</string>
diff --git a/app/src/main/res/values-de/strings-icsopenvpn.xml b/app/src/main/res/values-de/strings-icsopenvpn.xml
index bb22c373..c1b3f10a 100755
--- a/app/src/main/res/values-de/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-de/strings-icsopenvpn.xml
@@ -149,7 +149,7 @@
   <string name="no_bind">Kein lokales Binden</string>
   <string name="import_configuration_file">Importiere Konfigurationsdatei</string>
   <string name="faq_security_title">Bemerkungen zur Sicherheit</string>
-  <string name="faq_security">Da OpenVPN sicherheitsrelevant ist, sind einige Worte zur Sicherheit der Anwendung angebracht. Alle Daten, die sich auf der SD Karte befinden sind als absolut unsicher anzusehen. Jede Anwendung kann diese lesen. (Diese Anwendung braucht zum Beispiel keine SD Karten Berechtigung). Die restlichen Konfiguration dieser Anwendung kann nur von der Anwendung selbst gelesen werden. Wenn die Option genutzt wird, dass die Zertifikate und Schlüssel eingebettet werden, werden diese im VPN Profil gespeichert. Die VPN Profile sind nur von der Anwendung selbst lesbar. (Vergessen Sie nicht die ursprünglichen Zertifikate/Schlüssel von der SD Karte zu löschen). Die Daten die Anwendung selbst speichert sind unverschlüsselt. Es besteht die Möglichkeit diese mittels \"rooten\" des Telefons/Tablets oder anderen Schwachstellend diese Daten auszulesen. Gespeicherte Passwörter werden auch im Klartext gespeichert. Es wird dringend empfohlen die Zertifikate in dem Android Keystore zu speichern.\"</string>
+  <string name="faq_security">Da OpenVPN sicherheitsrelevant ist, sind einige Worte zur Sicherheit der Anwendung angebracht. Alle Daten, die sich auf der SD Karte befinden sind als absolut unsicher anzusehen. Jede Anwendung kann diese lesen. (Diese Anwendung braucht zum Beispiel keine SD Karten Berechtigung). Die restlichen Konfiguration dieser Anwendung kann nur von der Anwendung selbst gelesen werden. Wenn die Option genutzt wird, dass die Zertifikate und Schlüssel eingebettet werden, werden diese im VPN Profil gespeichert. Die VPN Profile sind nur von der Anwendung selbst lesbar. (Vergessen Sie nicht die ursprünglichen Zertifikate/Schlüssel von der SD Karte zu löschen). Die Daten die Anwendung selbst speichert sind unverschlüsselt. Es besteht die Möglichkeit diese mittels \"rooten\" des Telefons/Tablets oder anderen Schwachstellen diese Daten auszulesen. Gespeicherte Passwörter werden auch im Klartext gespeichert. Es wird dringend empfohlen die Zertifikate in dem Android Keystore zu speichern.\"</string>
   <string name="import_vpn">Importieren</string>
   <string name="broken_image_cert_title">Fehler beim Anzeigen des Zertifikatsauswahlbildschirmes</string>
   <string name="broken_image_cert">Android hat einen Fehler beim  Anzeigen des Zertifikat Dialog gemeldet. Dies sollte nie passieren, da dies ein Standard Feature von Android 4.0+ ist. Eventuell ist Unterstützung von Zertifikaten in Ihrer Firmware fehlerhaft</string>
@@ -180,7 +180,7 @@
   <string name="keychain_nocacert">Beim Abfragen des Android KeyStore wurde kein CA Zertifikat zurückgegeben. Überprüfen des Serverzertifikat wird wahrscheinlich fehlschlagen. Geben Sie manuell ein CA Zertifikat an.</string>
   <string name="show_log_summary">Zeigt das Status Log, wenn ein VPN verbunden wird. Das Status log kann immer über die Benachrichtigung aufgerufen werden.</string>
   <string name="show_log_window">Zeige Log</string>
-  <string name="mobile_info">Modell %1$s (%2$s) %3$s, Android API %4$d</string>
+  <string name="mobile_info">%10$s %9$s läuft auf %3$s %1$s (%2$s), Android %6$s (%7$s) API %4$d, ABI %5$s, (%8$s)</string>
   <string name="error_rsa_sign">Fehler beim Zugriff auf den Android Keystore %1$s: %2$s</string>
   <string name="faq_system_dialogs">Die Meldung, dass OpenVPN versucht eine VPN-Verbindung aufzubauen und dabei den gesamten Netzwerkverkehr abhören kann, wird vom Android System selbst erzeugt. Diese wird vom System erzwungen, damit keine Anwendung vom Benutzer unbemerkt eine VPN Verbindung aufbauen kann\Die VPN Benachrichtigung (Das Schlüssel Symbol) wird genauso vom Android System angezeigt um eine bestehende VPN anzuzeigen.\nDiese beiden Features wurden in Android für die Sicherheit des Nutzers implementiert und können nicht umgangen werden. (Auf machen Telefon/Tablets wird die Benachrichtigung leider mit einem Ton signalisiert.)</string>
   <string name="faq_system_dialogs_title">Warnung beim Verbinden und Benachrichtigungston</string>
@@ -260,7 +260,6 @@
   <string name="encryption_cipher">Verschlüsselungsalgorithmus</string>
   <string name="packet_auth">Packetauthentifizierung</string>
   <string name="auth_dialog_title">Geben Sie den Authentifizierungsalgorithmus an</string>
-  <string name="mobile_info_extended">Modell %1$s (%2$s) %3$s, Android API %4$d, version %5$s, %6$s</string>
   <string name="built_by">compiliert von %s</string>
   <string name="debug_build">Testversion</string>
   <string name="official_build">offizielle Version</string>
@@ -350,7 +349,7 @@
   <string name="duplicate_vpn">VPN Profil duplizieren</string>
   <string name="duplicate_profile_title">VPN Profil duplizieren: %s</string>
   <string name="show_log">Log anzeigen</string>
-  <string name="faq_android_clients">Es gibt es mehrere OpenVPN-Clients für Android. Die am häufigsten genutzten sind OpenVPN für Android (dieser Client), OpenVPN Connect und OpenVPN Settings. &lt;p&gt; Die Clients in zwei Gruppen eingeteilt werden können: OpenVPN für Android und OpenVPN Connect verwenden die offizielle VPNService-API (Android 4.0+) und erfordern keine Rootrechte und OpenVPN-Settings, das Rootrechte benötigt. &lt; p &gt; OpenVPN für Android ist ein von Arne Schwabe entwickelter Open-Source-Client.  Es richtet sich an fortgeschrittene Benutzer und bietet viele erweiterete Einstellungen sowie die Möglichkeit, Profile aus Dateien zu importieren und das konfigurieren und ändern von Profilen innerhalb der App. Der Client basiert auf der Community-Version von  OpenVPN 2.x und kann als semioffizieller Client der community angesehen werden. &lt;p&gt; OpenVPN Connect ist ein Closed-Source-Client, der von OpenVPN Technologies, Inc. entwickelt wird. Der Client ist für die normale Verwendung und auf den durchschnittlichen Benutzer ausgerichtet werden und ermöglicht den Import von OpenVPN-Profilen ohne diese innerhalb der App ändern zu können. Dieser Client basiert auf der OpenVPN C++ Neuimplementierung des OpenVPN-Protokolls (Diese war erforderlich, damit OpenVPN Technologies, Inc, eine iOS-app von OpenVPN veröffentlichen onnte). Dieser Client ist auch der offizielle Client von OpenVPN Technologies, Inc. &lt; p&gt; OpenVPN Settings ist der älteste von den Clients und auch eine Benutzeroberfläche für das Open-Source OpenVPN. Im Gegensatz zu OpenVPN für Android es erfordert es Rootrechte und verwendet nicht die VPNService-API; benötigt aber auch nicht Android 4.0+</string>
+  <string name="faq_android_clients">Es gibt es mehrere OpenVPN-Clients für Android. Die am häufigsten genutzten sind OpenVPN für Android (dieser Client), OpenVPN Connect und OpenVPN Settings. &lt;p&gt; Die Clients in zwei Gruppen eingeteilt werden können: OpenVPN für Android und OpenVPN Connect verwenden die offizielle VPNService-API (Android 4.0+) und erfordern keine Rootrechte und OpenVPN-Settings, das Rootrechte benötigt. &lt; p &gt; OpenVPN für Android ist ein von Arne Schwabe entwickelter Open-Source-Client.  Es richtet sich an fortgeschrittene Benutzer und bietet viele erweiterete Einstellungen sowie die Möglichkeit, Profile aus Dateien zu importieren und das konfigurieren und ändern von Profilen innerhalb der App. Der Client basiert auf der Community-Version von  OpenVPN 2.x und kann als semioffizieller Client der community angesehen werden. &lt;p&gt; OpenVPN Connect ist ein Closed-Source-Client, der von OpenVPN Technologies, Inc. entwickelt wird. Der Client ist für die normale Verwendung und auf den durchschnittlichen Benutzer ausgerichtet werden und ermöglicht den Import von OpenVPN-Profilen ohne diese innerhalb der App ändern zu können. Dieser Client basiert auf der OpenVPN C++ Neuimplementierung des OpenVPN-Protokolls (Diese war erforderlich, damit OpenVPN Technologies, Inc, eine iOS-app von OpenVPN veröffentlichen onnte). Dieser Client ist auch der offizielle Client von OpenVPN Technologies, Inc. &lt; p&gt; OpenVPN Settings ist der älteste von den Clients und auch eine Benutzeroberfläche für das Open-Source OpenVPN. Im Gegensatz zu OpenVPN für Android es erfordert es Rootrechte und verwendet nicht die VPNService-API; benötigt aber auch nicht Android 4.0 +</string>
   <string name="faq_androids_clients_title">Unterschiede zwischen Android OpenVPN Apps</string>
   <string name="ignore_multicast_route">Ignoriere Multicastroute: %s</string>
   <string name="ab_only_cidr">Android unterstützt nur CIDR Routen. Da Routen, die nicht CIDR sind, fast nie verwendet werden, wird OpenVPN für Android eine /32 Route für nicht  konforme Routen verwenden und eine Warnung ausgegeben.</string>
@@ -359,6 +358,7 @@
   <string name="ab_proxy">Android wird ihre Proxy-Einstellungen für die WLan-Verbindung beibehalten wenn keine DNS-Servereinstellungen vorhanden sind. OpenVPN für Android gibt einen entsprechenden Warnhinweis in der Log-Datei aus.<p> Wenn eine VPN-Verbindung einen DNS-Server vorgibt kann kein Proxy genutzt werden. Es gibt keine API um einen Proxy-Server  für eine VPN-Verbindung zu nutzen.</p></string>
   <string name="ab_lollipop_reinstall">Ihre VPN-Anwendung funktioniert möglicherweise nicht mehr wenn diese erst de- und später neu installiert wird. Für Details siehe #80074</string>
   <string name="ab_not_route_to_vpn">Die konfigurierte Klient-IP-Adresse und die IP-Adressen in die Netzwerkmaske sind nicht in das VPN geroutet. OpenVPN umgeht diesen Fehler, indem eine Route hinzugefügt wird, die zu der Client-IP-Adresse und deren Netzmaske passt.</string>
+  <string name="ab_persist_tun">Beim Öffnen eines neuen VPN devices (tun) während eines bereits geöffnet ist (für persist-tun Unterstützung) führt zum Absturz des VPN Dienstes auf Android, der nur durch einen Neustart behoben werden kann. OpenVPN für Android versucht deshalb dieses erneute Öffnen zu vermeiden. Wenn ein erneutes Öffnen zwingend notwendig ist, wird erst das alte Device geschlossen before ein neues geöffnet wird. Dies kann dazu führen, dass teilweise Pakete unverschlüsselt über die normal Internetverbindung gesendet werden. Auch mit diesem Workaround stürzt teilweise der VPN Dienst ab und erfordert einen Neustart des Gerätes.</string>
   <string name="ab_secondary_users">VPN funktioniert überhaupt nicht für die Sekundärnutzer.</string>
   <string name="ab_kitkat_reconnect">Mehrere Benutzer berichten, dass die mobile Verbindung/Mobile Datenverbindung häufig getrennt wird, wenn ein VPN aktiv. Das Verhalten scheint nur einige Anbieter/Mobilgerät-Kombination beeinflussen und bisher konnte weder Ursache noch Lösung für den Bug identifiziert werden.</string>
   <string name="ab_vpn_reachability_44">Nur Ziele, die ohne VPN erreichbar sind, sind auch mit VPN erreichbar. IPv6 VPNs funktionieren überhaupt nicht.</string>
@@ -373,4 +373,26 @@
   <string name="custom_connection_options_warng">Definieren Sie benutzerdefinierte verbindungsspezifische Optionen. Seien Sie vorsichtig!</string>
   <string name="custom_connection_options">Benutzerdefinierte Optionen</string>
   <string name="remove_connection_entry">Verbindung entfernen</string>
+  <string name="ab_kitkat_reconnect_title">Sporadische Verlust der Verbindung mit dem Mobilfunknetz</string>
+  <string name="ab_vpn_reachability_44_title">Entfernte Netzwerkresourcen nicht erreichbar</string>
+  <string name="ab_persist_tun_title">Persistenter tun Modus</string>
+  <string name="version_and_later">%s und neuer</string>
+  <string name="tls_cipher_alert_title">Verbindung schlägt mit \"SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure\" fehl</string>
+  <string name="tls_cipher_alert">OpenVPN für die Android Versionen ab 0.6.29 (März 2015) verwenden einen sicheren Default für die zulässigen TLS Chiffren (\"DEFAULT:!EXP:!PSK:!SRP:!kRSA\"). Leider hat Weglassen der weniger sicheren Verschlüsselungschiffren und Exportchfriffen, vor allem aber der Wegfall der Cipher Suites, die keine Unterstützung für Perfect-Forward-Secrecy (Diffie-Hellman) einige Probleme verursacht. In der Regel sind dies gut gemeinte, aber schlecht ausgeführte Versuche, die TLS Sicherheit durch eine händische Wahl zu verbessern oder bei einigen eingebetteten Betriebssysteme mit abgespeckten OpenSSL (z.B. MikroTik).\n Um dieses Problem lösen das Problem, setzen Sie die TLS-Verschlüsselung Einstellungen auf dem Server auf einen sinnvollen Standardwert wie z.B. tls-cipher \"DEFAULT: EXP: PSK: SRP: KRSA\". Als Workaround für Problem auf dem Client, fügen Sie die benutzerdefinierte Option tls-cipher DEFAULT dem VPN Profil hinzu um die weniger sicheren Chiffren wieder zuzulassen.</string>
+  <string name="message_no_user_edit">Dieses Profil wurde von einer externen Anwendung (%s) hinzugefügt und als nicht vom Benutzer bearbeitbar markiert.</string>
+  <string name="crl_file">Zertifikatsperrliste</string>
+  <string name="service_restarted">Neustarten von OpenVPN Service (App vermutlich abgestürzt oder wegen Speicherdruck beendet)</string>
+  <string name="import_config_error">Importieren der Config ergab einen Fehler, kann diese nicht speichern</string>
+  <string name="Search">Suche</string>
+  <string name="lastdumpdate">(Letzten Dump ist %1$d:%2$dh alt (%3$s))</string>
+  <string name="clear_log_on_connect">Protokoll bei neuer Verbindung leeren</string>
+  <string name="connect_timeout">Verbindungstimeout</string>
+  <string name="no_allowed_app">Keine erlaubte App hinzgefügt. Füge die App selbst (%s) hinzu um wenigsten eine App in der Liste der nicht erlaubten Anwendungen zu haben</string>
+  <string name="query_permissions_sdcard">OpenVPN für Android kann versuchen, die fehlende(n) Datei(en) auf der SD-Karte automatisch zu finden. Tippen Sie auf diese Meldung um die Berechtigungsanfrage zu starten.</string>
+  <string name="protocol">Protokoll</string>
+  <string name="enabled_connection_entry">Aktiviert</string>
+  <string name="abi_mismatch">Bevorzugte native ABI Reihenfolge dieses Gerätes (%1$s) und die installierten nativen Bibliotheken (%2$s) unterscheiden sich</string>
+  <string name="months_left">Noch %d Monate gültig</string>
+  <string name="days_left">Noch %d Tage gültig</string>
+  <string name="hours_left">Noch %d Stunden gültig</string>
 </resources>
diff --git a/app/src/main/res/values-es/strings-icsopenvpn.xml b/app/src/main/res/values-es/strings-icsopenvpn.xml
index f7ce4bf0..203e51dc 100755
--- a/app/src/main/res/values-es/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-es/strings-icsopenvpn.xml
@@ -181,7 +181,6 @@ hacia/de Móvil)</string>
   <string name="keychain_nocacert">No se obtuvo ningún certificado de CA al leer el almacén de claves de Android. La autenticación probablemente fallará.</string>
   <string name="show_log_summary">Muestra la ventana de registro el conectarse. La ventana de registro siempre puede accederse desde el estado de la notificación.</string>
   <string name="show_log_window">Mostrar ventana de registro</string>
-  <string name="mobile_info">Ejecutándose en %1$s (%2$s) %3$s, API de Android %4$d</string>
   <string name="error_rsa_sign">Error al firmar con la llave del almacén de llaves de Android %1$s: %2$s</string>
   <string name="faq_system_dialogs">El aviso de conectividad VPN que esta aplicación puede interceptar todo el trafico esta impuesta por el sistema para evitar abusos de la API VPNService.\nLa notificación de conectividad (El símbolo de llave) también esta impuesta por el sistema Android para notificar una conexión VPN en curso. En algunas imágenes, esta notificación también emite un sonido.\nAndroid ha introducido estos diálogos de sistema para su seguridad e se ha asegurado que no pueden ser evitados. (En algunas imágenes, esto incluye la notificación sonora)</string>
   <string name="faq_system_dialogs_title">Advertencia de conexión y sonido de notificación</string>
@@ -261,7 +260,6 @@ hacia/de Móvil)</string>
   <string name="encryption_cipher">Algoritmo de encriptación</string>
   <string name="packet_auth">Autenticación de paquetes</string>
   <string name="auth_dialog_title">Introduzca método de autenticación de paquetes</string>
-  <string name="mobile_info_extended">Corriendo sobre %1$s (%2$s) %3$s, API Android %4$d, versión %5$s, %6$s</string>
   <string name="built_by">compilado por %s</string>
   <string name="debug_build">versión de depuración</string>
   <string name="official_build">versión oficial</string>
@@ -351,7 +349,7 @@ hacia/de Móvil)</string>
   <string name="duplicate_vpn">Duplicar perfil VPN</string>
   <string name="duplicate_profile_title">Duplicando Perfil: %s</string>
   <string name="show_log">Mostrar registro</string>
-  <string name="faq_android_clients">Existen múltiples clientes OpenVPN para Android. Los más comunes son OpenVPN para Android (este cliente), OpenVPN Connect y Configuración de OpenVPN&lt;p&gt;Los clientes se pueden agrupar en dos grupos:. OpenVPN para Android y OpenVPN Conectar utilizar la API VPNService oficial (Android 4.0+) y requieren ninguna raíz y Configuración de OpenVPN que utiliza la raíz.&lt;p&gt;OpenVPN para Android es un cliente de código abierto y desarrollado por Arne Schwabe. Está dirigido a los usuarios más avanzados y ofrece muchas opciones y la posibilidad de importar los perfiles de los archivos y configurar perfiles / cambio dentro de la aplicación. El cliente se basa en la versión de la comunidad de OpenVPN. Se basa en el código fuente 2.x OpenVPN. Este cliente puede ser visto como el semi oficialmente cliente de la comunidad.&lt;p&gt;OpenVPN Connect es cliente de código abierto no que es desarrollado por OpenVPN Technologies, Inc. El cliente tiene sangría para ser cliente de uso general y moree dirigido al usuario medio y permite la importación de perfiles de OpenVPN. Este cliente se basa en la reimplementación OpenVPN C ++ del protocolo OpenVPN (Esto fue necesario para permitir Tecnologías OpenVPN, Inc para publicar una aplicación para iOS OpenVPN). Este cliente es el cliente oficial de las tecnologías deO penVPN&lt;p&gt; OpenVPN Ajustes es el más antiguo de los clientes y también una interfaz de usuario para el software libre OpenVPN. En contraste con OpenVPN para Android requiere raíz y no utiliza el API VPNService. No depende de Android 4.0+</string>
+  <string name="faq_android_clients">Existen múltiples clientes OpenVPN para Android. Los más comunes son OpenVPN para Android (este cliente), OpenVPN Connect y Configuración de OpenVPN&lt;p&gt;Los clientes se pueden agrupar en dos grupos:. OpenVPN para Android y OpenVPN Conectar utilizar la API VPNService oficial (Android 4.0+) y requieren ninguna raíz y Configuración de OpenVPN que utiliza la raíz.&lt;p&gt;OpenVPN para Android es un cliente de código abierto y desarrollado por Arne Schwabe. Está dirigido a los usuarios más avanzados y ofrece muchas opciones y la posibilidad de importar los perfiles de los archivos y configurar perfiles / cambio dentro de la aplicación. El cliente se basa en la versión de la comunidad de OpenVPN. Se basa en el código fuente 2.x OpenVPN. Este cliente puede ser visto como el semi oficialmente cliente de la comunidad.&lt;p&gt;OpenVPN Connect es cliente de código abierto no que es desarrollado por OpenVPN Technologies, Inc. El cliente tiene sangría para ser cliente de uso general y moree dirigido al usuario medio y permite la importación de perfiles de OpenVPN. Este cliente se basa en la reimplementación OpenVPN C ++ del protocolo OpenVPN (Esto fue necesario para permitir Tecnologías OpenVPN, Inc para publicar una aplicación para iOS OpenVPN). Este cliente es el cliente oficial de las tecnologías de OpenVPN&lt;p&gt; OpenVPN Ajustes es el más antiguo de los clientes y también una interfaz de usuario para el software libre OpenVPN. En contraste con OpenVPN para Android requiere raíz y no utiliza el API VPNService. No depende de Android 4.0+</string>
   <string name="faq_androids_clients_title">Differences between the OpenVPN Android clients</string>
   <string name="ignore_multicast_route">Haciendo caso omiso de ruta multidifusión: %s</string>
   <string name="ab_only_cidr">Android sólo admite rutas CIDR a la VPN. Desde rutas no CIDR casi nunca se usan, OpenVPN para Android utilizará un / 32 para las rutas que no son CIDR y emitir una advertencia.</string>
diff --git a/app/src/main/res/values-et/strings-icsopenvpn.xml b/app/src/main/res/values-et/strings-icsopenvpn.xml
index a132ed7a..dcc134bf 100755
--- a/app/src/main/res/values-et/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-et/strings-icsopenvpn.xml
@@ -180,7 +180,7 @@
   <string name="keychain_nocacert">Androidi võtmehoidlast lugemine ei andnud ühtegi CA sertifikaati. Suure tõenäosusega autentimine ebaõnnestub.</string>
   <string name="show_log_summary">Näitab ühendumisel logiakent. Logiakna saab alati ette manada VPN teatisealast.</string>
   <string name="show_log_window">Näita logiakent</string>
-  <string name="mobile_info">Töötamas %1$s (%2$s) %3$s peal, Android API %4$d</string>
+  <string name="mobile_info">%10$s %9$s töötab seadmel %3$s %1$s (%2$s), Android %6$s (%7$s) API %4$d, ABI %5$s, (%8$s)</string>
   <string name="error_rsa_sign">Viga allkirjastamisel Androidi võtmehoidla võtmega %1$s: %2$s</string>
   <string name="faq_system_dialogs">VPN ühendumisel ilmub ekraanile hoiatus et see programm võib pealt kuulata kogu võrguliiklust. Tegemist on VPNService API süsteemse hoiatusega et hoida ära väärkasutust.\nVPN ühenduse teatis (Võtme sümbol) on samuti VPNService API poolt kuvatav aktiivse VPN ühenduse indikaator. Mõne süsteemitarkvara puhul võib see indikaator anda märku ka heliga.\nNeed teatised on Androidi süsteemile lisatud teie turvalisuse tagamiseks ja samuti on välistatud nende kasutamisest mööda minemine. (Kahjuks tähendab see seda et mõne süsteemitarkvara puhul kaasneb ühendusega alati ka heliteade)</string>
   <string name="faq_system_dialogs_title">Hoiatused ja helimärguanded ühenduse loomisel</string>
@@ -260,7 +260,6 @@
   <string name="encryption_cipher">Krüptošiffer</string>
   <string name="packet_auth">Pakettide autentimine</string>
   <string name="auth_dialog_title">Sisestage pakettide autentimismeetod</string>
-  <string name="mobile_info_extended">Töötab seadmel %1$s (%2$s) %3$s, Android API %4$d, versioon %5$s, %6$s</string>
   <string name="built_by">Kompileerija: %s</string>
   <string name="debug_build">Silumisversioon</string>
   <string name="official_build">Ametlik versioon</string>
@@ -374,4 +373,26 @@
   <string name="custom_connection_options_warng">Seadista kohandatavad ühendusespetsiifilised valikud. Kasuta ettevaatlikult</string>
   <string name="custom_connection_options">Kohandatavad valikud</string>
   <string name="remove_connection_entry">Eemalda ühenduse kirje</string>
+  <string name="ab_kitkat_reconnect_title">Pistelised mobiilivõrgu katkestused</string>
+  <string name="ab_vpn_reachability_44_title">Kaugvõrgud on väljaspool ulatust</string>
+  <string name="ab_persist_tun_title">Püsiv tun režiim</string>
+  <string name="version_and_later">%s ja hilisem</string>
+  <string name="tls_cipher_alert_title">Ühendused nurjuvad teatega SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure</string>
+  <string name="tls_cipher_alert">Uuemad OpenVPN for Android versioonid (0.6.29/Märts 2015) kasutavad turvalisemat vaikešifrikoplekti (tls-cipher \"DEFAULT:!EXP:!PSK:!SRP:!kRSA\"). Paraku tekitab nõrgemate šifri- ning eksportšifrikomplektide vältimine, eriti nende šifrikomplektide mis ei toeta Täiuslikku Edastussaladust (Diffie-Hellman), mõningaid probleeme. Probleemid esinevad tavaliselt heade kavatsustega, kuid viletsa teostusega TLS tugevdamise katsetel, valides serveris tls-šifri mõnede kärbitud SSL algoritmiga põim-operatsioonisüsteemidel (n.n. MkroTik).\nProbleemi lahendamiseks seadke serveri tls-šifri parameetrid mõistlikule vaikeväärtusele nagu \"DEFAULT:!EXP:!PSK:!SRP:!kRSA\". Kliendipoolseks lahenduseks lisage Androidi klientseadme tls-šifri kohandatud parameetriks DEFAULT.</string>
+  <string name="message_no_user_edit">Selle profiili lisas väline programm (%s) ning see on tähistatud kui kasutajale muudetamatu.</string>
+  <string name="crl_file">Sertifikaadi tühistusnimekiri</string>
+  <string name="service_restarted">OpenVPN teenuse taaskäivitamine (Programm jooksis tõenäoliselt kokku või suleti mälusurve tõttu)</string>
+  <string name="import_config_error">Seadistuse importimine lõppes veaga, salvestamine ebaõnnestus</string>
+  <string name="Search">Otsing</string>
+  <string name="lastdumpdate">(Viimne tõmmis on %1$d:%2$dh vana (%3$s))</string>
+  <string name="clear_log_on_connect">Järgmisel ühendumisel tühjenda logi</string>
+  <string name="connect_timeout">Ühenduse ajalõpp</string>
+  <string name="no_allowed_app">Lisati lubamatu programm. Lisame ennast (%s) et lubatud programmide seas oleks vähemalt üks ja ei lubataks kõiki programme</string>
+  <string name="query_permissions_sdcard">OpenVPN for Android võib üritada leida automaatselt sd-kaardi puuduvad failid. Koputa seda teadet et algatada õiguste tellimine.</string>
+  <string name="protocol">Protokoll</string>
+  <string name="enabled_connection_entry">Lubatud</string>
+  <string name="abi_mismatch">Selle seadme eelistatud ABI eelisjärjekord (%1$s) ja seadme kaasnevate teekide teatatud ABI (%2$s) ei ühildu</string>
+  <string name="months_left">Jäänud on %d kuud</string>
+  <string name="days_left">jäänud on %d päeva</string>
+  <string name="hours_left">Jäänud on %d tundi</string>
 </resources>
diff --git a/app/src/main/res/values-fr/strings-icsopenvpn.xml b/app/src/main/res/values-fr/strings-icsopenvpn.xml
index d5ab917c..3e9b416c 100755
--- a/app/src/main/res/values-fr/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-fr/strings-icsopenvpn.xml
@@ -180,7 +180,6 @@
   <string name="keychain_nocacert">"Aucun certificat CA renvoyée lors de la lecture depuis le gestionnaire de clés. L\'authentification échouera probablement."</string>
   <string name="show_log_summary">"Affiche la fenêtre de log à la connexion. Cette fenêtre peut toujours être consultée à partir de la notification d\'état."</string>
   <string name="show_log_window">"Afficher la fenêtre de log"</string>
-  <string name="mobile_info">"Fonctionnant sur %1$s (%2$s) %3$s , Android API %4$d"</string>
   <string name="error_rsa_sign">"Erreur de signature de la clé %1$s : %2$s par le gestionnaire d\'Android"</string>
   <string name="faq_system_dialogs">\"L\'avertissement de connexion au VPN qui vous informe que cette application peut intercepter tout le trafic est imposé par le système pour éviter les abus de l\'API du service VPN.\nLa notification de connexion au VPN (Le symbole qui ressemble à une clé) est aussi imposé par le système Android pour signaler une connexion VPN en cours de fonctionnement.
 Sur certaines images, cette notification joue un son.\nAndroid à introduit ces dialogues système pour votre propre sécurité et à fait en sorte d\'être impossible à contourner. (Cela peut inclure en plus une notification sonore pour certaines images)\"</string>
@@ -261,7 +260,6 @@ Sur certaines images, cette notification joue un son.\nAndroid à introduit ces
   <string name="encryption_cipher">Chiffrement de cryptage</string>
   <string name="packet_auth">Authentification des paquets</string>
   <string name="auth_dialog_title">Méthode d\'authentification des paquets</string>
-  <string name="mobile_info_extended">Environnement: %1$s (%2$s) %3$s, Android API %4$d, version %5$s, %6$s</string>
   <string name="built_by">compilé par %s</string>
   <string name="debug_build">version de debug</string>
   <string name="official_build">version officielle</string>
@@ -317,7 +315,7 @@ Sur certaines images, cette notification joue un son.\nAndroid à introduit ces
   <string name="faq_system_dialog_xposed">Si vous avez \"rooté\" votre Android vous pouvez installer &lt;a href=\"http://xposed.info/\"&gt;Xposed framework&lt;/a&gt; et &lt;a href=\"http://repo.xposed.info/module/de.blinkt.vpndialogxposed\"&gt;le module de confirmation VPN&lt;/a&gt; à vos risques et périls\"</string>
   <string name="full_licenses">Licences complètes</string>
   <string name="blocklocal_summary">Les réseaux directement connectés aux interfaces locales ne seront pas routés via le VPN. Décochez cette option pour rediriger tout le trafic local vers le VPN.</string>
-  <string name="blocklocal_title">Ne pas utiliser le VPN pour les réseaux locaux</string>
+  <string name="blocklocal_title">Bypass VPN pour les réseaux locaux</string>
   <string name="userpw_file">Fichier Nom d\'utilisateur/Mot de passe</string>
   <string name="imported_from_file">[Importé de : %s]</string>
   <string name="files_missing_hint">Certains fichiers sont introuvables. Sélectionner les fichiers pour importer le profil :</string>
@@ -350,4 +348,5 @@ Sur certaines images, cette notification joue un son.\nAndroid à introduit ces
   <string name="no_remote_defined">No remote defined</string>
   <string name="duplicate_vpn">Dupliquer le profil VPN</string>
   <string name="duplicate_profile_title">Duplicating profile: %s</string>
+  <string name="show_log">Afficher le journal</string>
 </resources>
diff --git a/app/src/main/res/values-hu/strings-icsopenvpn.xml b/app/src/main/res/values-hu/strings-icsopenvpn.xml
index 5be8bbc4..fcdf3f23 100755
--- a/app/src/main/res/values-hu/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-hu/strings-icsopenvpn.xml
@@ -60,7 +60,7 @@
   <string name="cancel_connection">Szétkapcsolás</string>
   <string name="cancel_connection_long">VPN kapcsolat szétkapcsolása</string>
   <string name="clear_log">napló törlése</string>
-  <string name="title_cancel">jóváhagyás törlése</string>
+  <string name="title_cancel">Megszakítás jóváhagyása</string>
   <string name="cancel_connection_query">VPN kapcsolat/kapcsolódás megszakítása?</string>
   <string name="remove_vpn">VPN kapcsolat eltávolítása</string>
   <string name="check_remote_tlscert">Ellenőrzi, hogy a kiszolgáló használ-e tanúsitványt TLS Server kiterjesztéssel (--remote-cert-tls server)</string>
@@ -111,7 +111,7 @@
   <string name="route_not_netip">Az %1$s/%2$s útvonal javítva: %3$s/%2$s</string>
   <string name="keychain_access">Nem sikerült hozzáférni az Android Keychain Tanúsivànyokhoz. Ezt egy firmware frissítés vagy az alkalmazás/beállításainak visszaállítása okozhatja. Kérem szerkessze meg a VPN-t, és újra válassza ki a tanúsítványokat az alapvető beállításoknál, hogy visszaálljanak a tanúsítványok hozzáférési jogai.</string>
   <string name="version_info">%1$s %2$s</string>
-  <string name="send_logfile">naplófájl küldése</string>
+  <string name="send_logfile">Naplófájl küldése</string>
   <string name="send">küld</string>
   <string name="ics_openvpn_log_file">ICS OpenVPN naplófájl</string>
   <string name="copied_entry">Naplóbejegyzés másolva a vágólapra</string>
@@ -178,7 +178,6 @@
   <string name="keychain_nocacert">Nem jött vissza CA tanúsítvány az Android keystore olvasása során. A hitelesítés valószínűleg sikertelen lesz.</string>
   <string name="show_log_summary">Napló ablak mutatása a csatlakozás alatt. A napló ablak mindig elérető a rolóról is.</string>
   <string name="show_log_window">Naplózási ablak mutatása</string>
-  <string name="mobile_info">%1$s (%2$s) %3$s, Android API %4$d</string>
   <string name="error_rsa_sign">Hiba az Android keystore %1$s: %2$s kulccsal való belépéskor</string>
   <string name="faq_system_dialogs_title">Kapcsolat figyelmeztetés és értesítés hang</string>
   <string name="translationby">A magyar fordítást készítette Juhász Sándor &lt;msc@digitaltrip.hu&gt;</string>
@@ -251,7 +250,6 @@
   <string name="encryption_cipher">Titkosítás</string>
   <string name="packet_auth">Csomag hitelesítés</string>
   <string name="auth_dialog_title">Adja meg a csomaghitelesítési metódust</string>
-  <string name="mobile_info_extended">%1$s (%2$s) %3$s, Android API %4$d, %5$s, %6$s verzió</string>
   <string name="built_by">%s fordítóval</string>
   <string name="debug_build">hibakeresési fordítás</string>
   <string name="official_build">hivatalos build</string>
@@ -274,6 +272,8 @@
   <string name="screenoff_pause">Kapcsolat szüneteltetése a képernyő kikapcsolt állapotában: kevesebb mint %1$s %2$ss alatt</string>
   <string name="screen_nopersistenttun">Figyelmeztetés: Megmaradó tun nem engedélyezett ehhez a VPN-hez. A forgalom a normál internetcsatlakozáson megy amikor a képernyő ki van kapcsolva.</string>
   <string name="save_password">Jelszó mentése</string>
+  <string name="logCleared">Napló törölve.</string>
+  <string name="show_password">Jelszó mutatása</string>
   <string name="timestamp_short">Rövid</string>
   <string name="timestamp_iso">ISO</string>
   <string name="timestamps">Időbélyegzők</string>
@@ -284,4 +284,24 @@
   <string name="logview_options">Nézet beállításai</string>
   <string name="unhandled_exception">Nem kezelt kivétel: %1$s\n\n%2$s</string>
   <string name="full_licenses">Teljes engedélyek</string>
+  <string name="userpw_file">Felhasználónév/Jelszó fájl</string>
+  <string name="imported_from_file">[Innen importálva: %s]</string>
+  <string name="files_missing_hint">Néhány fájl nem található. Kérlek válaszd ki a fájlokat a profil importálásához:</string>
+  <string name="import_log">Importálási napló:</string>
+  <string name="loading">Betöltés&#8230;</string>
+  <string name="allowed_vpn_apps_info">Engedélyezett VPN programok: %1$s</string>
+  <string name="disallowed_vpn_apps_info">Letiltott VPN programok: %1$s</string>
+  <string name="app_no_longer_exists">%s csomag már nincs telepítve, eltávolítás a program engedélyező/letiltó listáról</string>
+  <string name="keep">Megtartás</string>
+  <string name="delete">Törlés</string>
+  <string name="server_list">Szerver lista</string>
+  <string name="show_log">Napló mutatása</string>
+  <string name="custom_connection_options">Egyéni beállítások</string>
+  <string name="version_and_later">%s és később</string>
+  <string name="Search">Keresés</string>
+  <string name="protocol">Protokoll</string>
+  <string name="enabled_connection_entry">Engedélyezett</string>
+  <string name="months_left">%d hónap van hátra</string>
+  <string name="days_left">%d nap van hátra</string>
+  <string name="hours_left">%d óra van hátra</string>
 </resources>
diff --git a/app/src/main/res/values-in/strings-icsopenvpn.xml b/app/src/main/res/values-in/strings-icsopenvpn.xml
index 07331433..07415d29 100755
--- a/app/src/main/res/values-in/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-in/strings-icsopenvpn.xml
@@ -7,9 +7,9 @@
 <resources>
 
   <string name="address">Alamat Server:</string>
-  <string name="port">Port server:</string>
+  <string name="port">Server Port:</string>
   <string name="location">Lokasi</string>
-  <string name="cant_read_folder">Gagal membaca direktori</string>
+  <string name="cant_read_folder">Gagal membaca direktori:</string>
   <string name="select">Pilih</string>
   <string name="cancel">Batal</string>
   <string name="no_data">Tak ada data</string>
@@ -20,33 +20,33 @@
   <string name="client_pkcs12_title">Berkas PKCS12</string>
   <string name="ca_title">Sertifikat CA</string>
   <string name="no_certificate">Anda harus memilih sertifikat</string>
-  <string name="copyright_guicode">Kode program dan perekam masalah tersedia di</string>
-  <string name="copyright_others">Aplikasi memakai komponen berikut; lihat kode program untuk lebih jelas mengenai lisensi</string>
-  <string name="about">Tentang…</string>
+  <string name="copyright_guicode">Kode sumber dan pelacak masalah tersedia di http://code.google.com/p/ics-openvpn/</string>
+  <string name="copyright_others">Program ini menggunakan komponen-komponen berikut ini; lihat kode sumber penjelasan lengkap mengenai lisensi</string>
+  <string name="about">Tentang</string>
   <string name="vpn_list_title">Profil</string>
-  <string name="vpn_type">Tipe</string>
+  <string name="vpn_type">Jenis</string>
   <string name="pkcs12pwquery">Password PKCS12</string>
   <string name="file_select">Pilih&#8230;</string>
-  <string name="file_nothing_selected">Anda harus memilih berkas (file)</string>
-  <string name="useTLSAuth">Pakai otentikasi TLS</string>
+  <string name="file_nothing_selected">Anda harus memilih setidaknya satu berkas</string>
+  <string name="useTLSAuth">Gunakan Autentikasi TLS</string>
   <string name="tls_direction">Pengarah TLS</string>
-  <string name="ipv6_dialog_tile">Masukkan IPv6 Address/Netmask dalam format CIDR (contoh: 2000:dd::23/64)</string>
+  <string name="ipv6_dialog_tile">Masukkan Alamat IPv6/Netmask dalam Format CIDR (contoh: 2000:dd::23/64)</string>
   <string name="ipv4_dialog_title">Masukkan IPv4 Address/Netmask dalam format CIDR (contoh: 1.2.3.4/24)</string>
   <string name="ipv4_address">Alamat IPv4</string>
   <string name="ipv6_address">Alamat IPv6</string>
-  <string name="custom_option_warning">Masukan seting openvpn. Gunakan dengan hati-hati. Harap dicatat, TUN yanng terkait seting OpenVPN tidak didukung oleh VPNsettings. Jika anda berpikir ada hal penting belum tersedia, hubungi pembuatnya</string>
+  <string name="custom_option_warning">Masukan pengaturan kustom OpenVPN. Harap gunakan dengan hati-hati. Perlu dicatat bahwa pengaturan yang terkait dengan TUN OpenVPN tidak didukung oleh disain VPNSettings. Jika anda fikir ada hal penting yang belum tersedia segera hubungi pembuatnya</string>
   <string name="auth_username">Nama Penguna</string>
-  <string name="auth_pwquery">Password</string>
-  <string name="static_keys_info">Untuk konfigurasi statis, kunci otentifikasi TLS akan digunakan sebagai kunci konfigurasi statis</string>
+  <string name="auth_pwquery">Kata Sandi</string>
+  <string name="static_keys_info">Untuk pengaturan tetap, kunci otentifikasi TLS akan digunakan sebagai kunci statis</string>
   <string name="configure_the_vpn">Konfigurasi VPN</string>
   <string name="menu_add_profile">Tambah Profil</string>
   <string name="add_profile_name_prompt">Masukkan nama profil yang baru</string>
-  <string name="duplicate_profile_name">Silakan masukan UPN (Unique Profile Name)</string>
+  <string name="duplicate_profile_name">Silakan masukan nama profil yang berbeda</string>
   <string name="profilename">Nama profil</string>
   <string name="no_keystore_cert_selected">Anda harus memilih sertifikat pengguna</string>
   <string name="no_error_found">Tidak ada kesalahan</string>
   <string name="config_error_found">Konfigurasi Salah</string>
-  <string name="ipv4_format_error">Gagal menganalisa alamat IPV4</string>
+  <string name="ipv4_format_error">Kesalahan penulisan alamat IPV4</string>
   <string name="custom_route_format_error">Gagal menganalisa rute buatan</string>
   <string name="pw_query_hint">(biarkan kosong untuk antrian permintaan)</string>
   <string name="vpn_shortcut">Jalan Pintas OpenVPN</string>
@@ -55,7 +55,7 @@
   <string name="random_host_prefix">Acak awalan Host </string>
   <string name="random_host_summary">Tambah 6 karakter acak di depan nama host</string>
   <string name="custom_config_title">Aktifkan pilihan buatan</string>
-  <string name="custom_config_summary">Tentukan seting buatan. Gunakan hati-hati</string>
+  <string name="custom_config_summary">Tentukan seting buatan. Gunakan hati-hati!</string>
   <string name="route_rejected">Rute ditolak Android</string>
   <string name="cancel_connection">Putus</string>
   <string name="cancel_connection_long">Memutuskan sambungan VPN</string>
@@ -77,7 +77,7 @@
   <string name="dns">DNS</string>
   <string name="override_dns">Menimpa pengaturan DNS oleh Server</string>
   <string name="dns_override_summary">Gunakan server DNS pribadi</string>
-  <string name="searchdomain">Cari domain</string>
+  <string name="searchdomain">cari domain</string>
   <string name="dns1_summary">Server DNS yang akan digunakan</string>
   <string name="dns_server">Server DNS</string>
   <string name="secondary_dns_message">Server DNS sekunder digunakan jika Server DNS yang normal tidak dapat dicapai.</string>
@@ -100,22 +100,24 @@
   <string name="tun_open_error">Gagal membuka layanan antarmuka TUN</string>
   <string name="error">"Kesalahan: "</string>
   <string name="clear">Bersihkan</string>
-  <string name="last_openvpn_tun_config">Membuka interface tun :</string>
-  <string name="local_ip_info">IPv4 lokal : %1$s/%2$d IPv6: %3$s MTU: %4$d</string>
+  <string name="last_openvpn_tun_config">Membuka interface tun:</string>
+  <string name="local_ip_info">IPv4 lokal: %1$s/%2$d IPv6: %3$s MTU: %4$d</string>
   <string name="dns_server_info">DNS Server: %1$s, Domain: %2$s</string>
   <string name="routes_info_incl">Rute: %1$s %2$s</string>
+  <string name="routes_info_excl">Rute terkecualikan: %1$s %2$s</string>
+  <string name="routes_debug">Rute LayananVpn telah terpasang: %1$s %2$s</string>
   <string name="ip_not_cidr">Memilki informasi antarmuka %1$s dan %2$s, asumsi alamat kedua adalah alamat remote. Menggunakan netmask /32 untuk IP lokal. Mode yang diberikan oleh OpenVPN adalah \"%3$s\".</string>
   <string name="route_not_cidr">Tidak masuk akal membuat %1$s dan %2$s sebagai rute IP dengan netmask CIDR, Gunakan /32 sebagai netmask.</string>
-  <string name="route_not_netip">rute yang diperbaiki %1$s/%2$s hingga %3$s/%2$s</string>
+  <string name="route_not_netip">Rute yang diperbaiki %1$s/%2$s hingga %3$s/%2$s</string>
   <string name="keychain_access">Tidak dapat mengakses sertifikat Keychain Android. Dapat disebabkan karena upgrade firmware atau pengembalian backup pengaturan app. Mohon ubah VPN, dan pilih ulang sertifikat berbasis pengaturan dasar agar izin mengakses sertifikat dapat dibuat ulang.</string>
   <string name="version_info">%1$s %2$s</string>
   <string name="send_logfile">Kirim berkas catatan</string>
   <string name="send">Kirim</string>
   <string name="ics_openvpn_log_file">Berkas catatan ICS OpenVPN</string>
   <string name="copied_entry">Salin catatan masuk ke clipboard</string>
-  <string name="tap_mode">Mode TAP</string>
+  <string name="tap_mode">Mode Tap</string>
   <string name="faq_tap_mode">Mode TAP tidak diijinkan tanpa VPN API non admin/root. Karena itu aplikasi ini tidak dapat memberikan dukungan mode TAP</string>
-  <string name="tap_faq2">Lagi ? Becanda ? mode TAP benar-benar tidak didukung dan mengirim email menanyakan apakah akan ada dukungan TAP, tidak akan membantu</string>
+  <string name="tap_faq2">Lagi? Becanda? mode Tap benar-benar tidak didukung dan mengirim email menanyakan apakah akan ada dukungan Tap, tidak akan membantu.</string>
   <string name="tap_faq3">Untuk ketiga kalinya? Sebenarnya, seseorang bisa menulis emulator TAP berdasarkan tun yang akan menambahkan lapisan2 informasi pengiriman dan lapisan2 informasi penerimaan. Tapi emulator TAP ini juga harus menerapkan ARP dan mungkin klien DHCP. Saya tidak tau apakah ada yang bekerja ke arah ini. Hubungi saya jika Anda ingin memulai menulis kode2 emulator TAP ini.</string>
   <string name="faq">FAQ</string>
   <string name="copying_log_entries">Menyalin catatan</string>
@@ -138,11 +140,11 @@
   <string name="menu_import_short">Ambil</string>
   <string name="import_content_resolve_error">Tidak dapat membaca profil yang akan diambil</string>
   <string name="error_reading_config_file">Kesalahan membaca berkas konfigurasi</string>
-  <string name="add_profile">Tambah Profil</string>
+  <string name="add_profile">tambah Profil</string>
   <string name="import_could_not_open">Tidak dapat menemukan berkas %1$s yang disebut dalam berkas konfigurasi</string>
   <string name="importing_config">Mengambil berkas konfigurasi dari sumber %1$s</string>
   <string name="import_warning_custom_options">Konfigurasi Anda memiliki beberapa pilihan konfigurasi yang tidak dipetakan ke konfigurasi UI. Pilihan ini ditambahkan sebagai opsi konfigurasi kustom. Konfigurasi kustom ditampilkan di bawah ini:</string>
-  <string name="import_done">Berkas konfigurasi selesai dibaca</string>
+  <string name="import_done">Berkas konfigurasi selesai dibaca.</string>
   <string name="nobind_summary">Jangan kaitkan ke alamat dan port lokal</string>
   <string name="no_bind">Tidak ada ikatan lokal</string>
   <string name="import_configuration_file">Ambil berkas konfigurasi</string>
@@ -178,7 +180,7 @@
   <string name="keychain_nocacert">Tidak ada sertifikat CA yang didapat saat membaca dari Android Keystore. Otentifikasi mungkin gagal</string>
   <string name="show_log_summary">Tampilkan jendela catatan saat terkoneksi. Jendela catatan juga dapat diakses melalui status notifikasi</string>
   <string name="show_log_window">Tampilkan jendela catatan</string>
-  <string name="mobile_info">Berjalan di %1$s (%2$s) %3$s, Android API %4$d</string>
+  <string name="mobile_info">%10$s %9$s berjalan pada %3$s %1$s (%2$s), Android %6$s (%7$s) API %4$d, ABI %5$s, (%8$s)</string>
   <string name="error_rsa_sign">Kesalahan masuk dengan kunci Android keystore %1$s: %2$s</string>
   <string name="faq_system_dialogs">Peringatan sambungan VPN yang memberitahukan Anda bahwa aplikasi ini dapat mencegat semua lalu lintas dikeluarkan oleh sistem untuk mencegah penyalahgunaan dari sambungan VPNService API.\nPemberitahuan sambungan VPN (simbol kunci) juga dikeluarkan oleh sistem Android untuk memberitahu VPN yang sedang berlangsung. Pada beberapa gambar pemberitahuan ini memainkan suara. \nAndroid memperkenalkan sistem dialog ini untuk keselamatan Anda sendiri dan memastikan bahwa mereka tidak membuat masalah. (Pada beberapa gambar sayangnya ini termasuk peringatan suara)</string>
   <string name="faq_system_dialogs_title">Peringatan sambungan dan pemberitahuan melalui suara</string>
@@ -191,6 +193,7 @@
   <string name="export_config_title">Konfigurasi ICS Openvpn</string>
   <string name="warn_no_dns">Tidak DNS server yang digunakan. Name Resolution mungkin akan gagal bekerja. Pertimbangkan pengaturan server DNS. Harap dicatat Android akan terus memakai pengaturan proxy untuk koneksi mobile/wifi saat tidak ada server DNS diatur.</string>
   <string name="dns_add_error">Tak bisa menambahkan Server DNS \"%1$s\", ditolak oleh sistem: %2$s</string>
+  <string name="ip_add_error">Tidak bisa mengkonfigurasi IP Address \"%1$s\", ditolak oleh sistem: %2$s</string>
   <string name="faq_howto">&lt;p&gt; Ambil konfigurasi yang dapat berjalan (diuji pada komputer Anda atau download dari penyedia/organisasi) &lt;/p&gt; &lt;p&gt; Satu file(berkas) saja tanpa tambahan berkas pem/pks12. Anda dapat kirim imel berkas dan membuka lampirannya. Jika Anda memiliki beberapa berkas, salin ke sd-card &lt;/p&gt; &lt;p&gt; klik pada lampiran imel atau gunakan ikon folder dalam daftar vpn untuk mengimpor berkas konfigurasi &lt;/p&gt; &lt;p&gt; jika ada  berkas yang kurang, salin file hilang ke sd-card. &lt;/p&gt; &lt;p&gt; klik pada simbol Simpan untuk menambahkan VPN yang diimpor ke daftar VPN &lt;/p&gt; &lt;p &gt; Connect VPN dengan mengklik nama VPN &lt;/p&gt; &lt;p&gt; jika ada kesalahan atau peringatan di catatan, coba pahami peringatannya dan coba untuk memperbaikinya &lt;/p&gt; </string>
   <string name="faq_howto_title">Mulai Cepat</string>
   <string name="setting_loadtun_summary">Coba pakai tun.ko kernel sebelum mencoba koneksi. Membutuhkan perangkat yang sudah diroot. Google: android superuser</string>
@@ -215,6 +218,7 @@
   <string name="vpn_import_hint">Gunakan ikon &lt; img src = \"ic_menu_archive\" / &gt; untuk mengimpor profil (.ovpn atau .conf) yang ada dari sdcard Anda.</string>
   <string name="faq_hint">Pastikan untuk juga memeriksa FAQ. Ada petunjuk untuk memudahkan anda.</string>
   <string name="faq_routing_title">Konfigurasi rute\antarmuka</string>
+  <string name="faq_routing">Konfigurasi Routing dan antarmuka tidak dilakukan melalui perintah ifconfig/rute tradisional tetapi dengan menggunakan VPNService API. Ini hasil dalam konfigurasi perutean berbeda daripada pada OS lain. \nThe konfigurasi VPN terowongan terdiri dari alamat IP dan jaringan yang harus dialihkan melalui antarmuka ini. Terutama, tidak ada rekan mitra alamat atau alamat gateway adalah diperlukan atau diperlukan. Khusus rute untuk mencapai VPN Server (misalnya ditambahkan dengan menggunakan redirect-gateway) tidak diperlukan baik. Aplikasi akibatnya akan mengabaikan pengaturan ini ketika mengimpor konfigurasi. App menjamin dengan VPNService API bahwa koneksi ke server tidak diarahkan melalui VPN terowongan. \nThe VPNService API tidak memungkinkan menentukan jaringan yang tidak dapat diteruskan melalui VPN. Sebagai solusi app mencoba untuk mendeteksi jaringan yang tidak dapat diteruskan melalui terowongan (misalnya rute x.x.x.x y.y.y.y net_gateway) dan menghitung seperangkat rute yang mengecualikan ini rute untuk meniru perilaku platform lainnya. Jendela log menunjukkan konfigurasi VPNService berdasarkan membangun koneksi. \nBehind adegan: Android 4,4 + menggunakan kebijakan routing. Menggunakan rute ifconfig tidak akan menunjukkan rute yang diinstal. Alih-alih menggunakan aturan ip, iptables -t mangle -L</string>
   <string name="persisttun_summary">Jangan kembali ke status tidak ada koneksi VPN ketika OpenVPN mencoba terhubung kembali.</string>
   <string name="persistent_tun_title">Paksa mode TUN</string>
   <string name="openvpn_log">Catatan OpenVPN</string>
@@ -256,7 +260,6 @@
   <string name="encryption_cipher">Enkripsi sandi</string>
   <string name="packet_auth">Otentikasi paket</string>
   <string name="auth_dialog_title">Masukkan metode otentikasi paket</string>
-  <string name="mobile_info_extended">Berjalan pada Android API %4$d, versi %5$s %1$s (%2$s) %3$s, %6$s</string>
   <string name="built_by">dibangun oleh %s</string>
   <string name="debug_build">Pengembangan debug</string>
   <string name="official_build">Build Resmi</string>
@@ -271,6 +274,7 @@
   <string name="tls_remote_deprecated">TLS-remote (DEPRECATED)</string>
   <string name="help_translate">Anda dapat membantu menerjemahkan dengan mengunjungi http://crowdin.net/project/ics-openvpn/invite</string>
   <string name="prompt">%1$s berusaha mengendalikan %2$s</string>
+  <string name="remote_warning">Dengan melanjutkan, Anda memberi izin aplikasi untuk sepenuhnya mengontrol OpenVPN untuk Android dan untuk mencegat semua lalu lintas jaringan. <b>Jangan terima kecuali Anda mempercayai aplikasi.</b> Jika tidak, data Anda beresiko diambil oleh perangkat lunak jahat.\"</string>
   <string name="remote_trust">Saya percaya aplikasi ini.</string>
   <string name="no_external_app_allowed">App tidak diizinkan untuk menggunakan API eksternal</string>
   <string name="allowed_apps">apps yang diijinkan : %s</string>
@@ -288,4 +292,85 @@
   <string name="cannotparsecert">Tidak dapat menampilkan informasi sertifikat</string>
   <string name="appbehaviour">Prilaku Aplikasi</string>
   <string name="vpnbehaviour">Prilaku VPN</string>
+  <string name="allow_vpn_changes">Memungkinkan perubahan Profil VPN</string>
+  <string name="hwkeychain">Hardware Keystore:</string>
+  <string name="permission_icon_app">Ikon aplikasi mencoba menggunakan OpenVPN untuk Android</string>
+  <string name="faq_vpndialog43">"Dimulai dengan Android 4.3 konfirmasi VPN dijaga terhadap\" overlay apps \". Hal ini menyebabkan dialog tidak bereaksi menyentuh input. Jika Anda memiliki sebuah aplikasi yang menggunakan lapisan itu dapat menyebabkan perilaku ini. Jika Anda menemukan kontak aplikasi menyinggung penulis app. Masalah ini mempengaruhi semua aplikasi VPN di Android 4.3 dan kemudian. Lihat juga &lt;a href=\"https://github.com/schwabe/ics-openvpn/issues/185\"&gt; Issue 185 &lt;a&gt; untuk rincian tambahan "</string>
+  <string name="faq_vpndialog43_title">VPN Konfirmasi Dialog</string>
+  <string name="donatePlayStore">Atau Anda dapat mengirimkan saya donasi dengan Play Store:</string>
+  <string name="thanks_for_donation">Terima kasih untuk menyumbangkan %s!</string>
+  <string name="logCleared">Log dibersihkan.</string>
+  <string name="show_password">Tampilkan sandi</string>
+  <string name="keyChainAccessError">Keychain Akses error: %s</string>
+  <string name="timestamp_short">Pendek</string>
+  <string name="timestamp_iso">ISO</string>
+  <string name="timestamps">Cap waktu</string>
+  <string name="timestamps_none">Tak satupun</string>
+  <string name="uploaded_data">Upload</string>
+  <string name="downloaded_data">Unduh</string>
+  <string name="vpn_status">Vpn Status</string>
+  <string name="logview_options">Lihat pilihan</string>
+  <string name="unhandled_exception">Tertangani pengecualian: %1$s \ n \ n%2$s</string>
+  <string name="unhandled_exception_context">%3$s: %1$s \ n \ n%2$s</string>
+  <string name="faq_system_dialog_xposed">Jika Anda telah berakar perangkat Android Anda Anda dapat menginstal <a href="http://xposed.info/"> Xposed kerangka </a> dan <a href = "http://repo.xposed.info/ modul / de.blinkt.vpndialogxposed "> VPN Dialog mengkonfirmasi modul </a> risiko Anda sendiri\"</string>
+  <string name="full_licenses">Lisensi penuh</string>
+  <string name="blocklocal_summary">Jaringan langsung terhubung ke antarmuka lokal tidak akan diarahkan melalui VPN. Tidak memilih opsi ini akan mengarahkan semua lalu lintas menjorok untuk jaringan lokal ke VPN.</string>
+  <string name="blocklocal_title">Bypass VPN for local networks</string>
+  <string name="userpw_file">Username Password File /</string>
+  <string name="imported_from_file">[Impor dari: %s]</string>
+  <string name="files_missing_hint">Beberapa file tidak dapat ditemukan. Silakan pilih file untuk mengimpor profil:</string>
+  <string name="openvpn_is_no_free_vpn">Untuk menggunakan aplikasi ini Anda membutuhkan penyedia VPN / gateway VPN mendukung OpenVPN (sering disediakan oleh majikan Anda). Periksa http://community.openvpn.net/ untuk informasi lebih lanjut tentang OpenVPN dan cara men-setup OpenVPN server Anda sendiri.</string>
+  <string name="import_log">Log impor:</string>
+  <string name="ip_looks_like_subnet">Vpn topologi \"%3$s\" ditentukan tapi ifconfig %1$s %2$s terlihat lebih seperti alamat IP dengan mask jaringan. Dengan asumsi \"subnet\" topologi.</string>
+  <string name="mssfix_invalid_value">Nilai menimpa MSS telah menjadi bulat antara 0 dan 9000</string>
+  <string name="mssfix_value_dialog">Mengumumkan kepada sesi TCP berjalan di atas terowongan bahwa mereka harus membatasi kirim ukuran paket mereka seperti bahwa setelah OpenVPN telah dikemas mereka, sehingga UDP ukuran paket yang OpenVPN mengirim ke rekan-nya tidak akan melebihi jumlah ini byte. (default adalah 1450)</string>
+  <string name="mssfix_checkbox">Mengganti nilai MSS TCP muatan</string>
+  <string name="mssfix_dialogtitle">Mengatur muatan MSS TCP</string>
+  <string name="client_behaviour">Perilaku klien</string>
+  <string name="clear_external_apps">Menghapus aplikasi eksternal diizinkan</string>
+  <string name="loading">Memuat&#8230;</string>
+  <string name="allowed_vpn_apps_info">Yang diizinkan aplikasi VPN: %1$s</string>
+  <string name="disallowed_vpn_apps_info">Batasan VPN apps: %1$s</string>
+  <string name="app_no_longer_exists">Paket %s tidak lagi diinstall, menghapus itu dari app memungkinkan/melarang daftar</string>
+  <string name="vpn_disallow_radio">VPN digunakan untuk semua aplikasi tapi mengecualikan yang dipilih</string>
+  <string name="vpn_allow_radio">VPN digunakan untuk hanya untuk aplikasi yang dipilih</string>
+  <string name="query_delete_remote">Hapus entri server jauh?</string>
+  <string name="keep">Biarkan</string>
+  <string name="delete">Hapus</string>
+  <string name="add_remote">Menambahkan baru remote</string>
+  <string name="remote_random">Gunakan entri koneksi secara acak pada koneksi</string>
+  <string name="remote_no_server_selected">Anda harus menentukan dan memungkinkan setidaknya satu server jauh.</string>
+  <string name="server_list">Daftar Server</string>
+  <string name="vpn_allowed_apps">Diizinkan Apps</string>
+  <string name="advanced_settings">Pengaturan lanjutan</string>
+  <string name="payload_options">Muatan pilihan</string>
+  <string name="tls_settings">Pengaturan TLS</string>
+  <string name="no_remote_defined">Didefinisikan Tidak ada remote</string>
+  <string name="duplicate_vpn">Profil duplikat VPN</string>
+  <string name="duplicate_profile_title">Duplikasi profil: %s</string>
+  <string name="show_log">Tampilkan log</string>
+  <string name="faq_android_clients">Ada beberapa klien OpenVPN untuk Android. Yang paling umum adalah OpenVPN untuk Android (ini klien), OpenVPN Connect dan OpenVPN pengaturan. &lt; p &gt; klien dapat dikelompokkan menjadi dua kelompok: OpenVPN untuk Android dan OpenVPN Connect menggunakan API VPNService resmi (Android 4.0 +) dan memerlukan tanpa akar dan pengaturan OpenVPN yang menggunakan akar. &lt; p &gt; OpenVPN untuk Android adalah klien sumber terbuka dan dikembangkan oleh Arne Schwabe.  Ini ditargetkan untuk pengguna yang lebih maju dan menawarkan banyak pengaturan dan kemampuan untuk mengimpor profil dari file dan mengkonfigurasi/Ubah profil di dalam app. Klien didasarkan pada versi komunitas OpenVPN. Hal ini didasarkan pada kode sumber 2.x OpenVPN. Klien ini dapat dilihat sebagai semi resmi klien masyarakat. &lt; p &gt; OpenVPN Connect adalah klien sumber terbuka bebas yang dikembangkan oleh OpenVPN Technologies, Inc Klien indentasi untuk penggunaan umum klien dan moree ditargetkan untuk pengguna rata-rata dan memungkinkan impor OpenVPN profil. Klien ini didasarkan pada reimplementation OpenVPN C++ OpenVPN Protokol (ini diperlukan untuk memungkinkan OpenVPN Technologies, Inc untuk menerbitkan sebuah aplikasi OpenVPN iOS). Klien ini adalah resmi klien OpenVPN teknologi &lt; p &gt; OpenVPN pengaturan tertua klien dan juga UI untuk open source OpenVPN. Berbeda dengan OpenVPN untuk Android itu memerlukan akar dan tidak menggunakan VPNService API. Tidak tergantung pada Android 4.0 +</string>
+  <string name="faq_androids_clients_title">Perbedaan antara klien OpenVPN Android</string>
+  <string name="ignore_multicast_route">Mengabaikan rute multicast: %s</string>
+  <string name="ab_only_cidr">Android hanya mendukung rute CIDR ke VPN. Sejak non-CIDR rute yang hampir tidak pernah digunakan, OpenVPN untuk Android akan menggunakan / 32 untuk rute yang tidak CIDR dan mengeluarkan peringatan.</string>
+  <string name="ab_tethering_44">Penarikan bekerja sementara VPN aktif. Ditambatkan sambungan tidak akan menggunakan VPN.</string>
+  <string name="ab_kitkat_mss">Versi KitKat awal menetapkan nilai MSS salah pada TCP koneksi (# 61948). OpenVPN untuk secara otomatis mengaktifkan mssfix pilihan untuk solusi bug ini.</string>
+  <string name="ab_proxy">Android akan tetap menggunakan pengaturan proxy Anda ditentukan untuk mobile koneksi / Wi-Fi ketika tidak ada server DNS diatur. OpenVPN untuk Android akan memperingatkan Anda tentang hal ini dalam log. <p> Ketika VPN menetapkan server DNS Android tidak akan proxy. Tidak ada API untuk mengatur proxy untuk koneksi VPN. </p></string>
+  <string name="ab_lollipop_reinstall">Aplikasi VPN dapat berhenti bekerja ketika dihapus dan diinstal ulang lagi. Untuk jelasnya lihat # 80074</string>
+  <string name="ab_not_route_to_vpn">IP klien dikonfigurasi dan IP di topeng jaringan tidak diteruskan ke VPN. OpenVPN bekerja di sekitar bug ini dengan secara eksplisit menambahkan rute yang corrosponds ke IP klien dan netmask nya</string>
+  <string name="ab_persist_tun">Membuka perangkat tun saat perangkat tun lain sedang aktif, yang digunakan untuk dukungan bertahan-tun, crash VPNServices pada perangkat. A reboot diperlukan untuk membuat pekerjaan VPN lagi. OpenVPN untuk Android mencoba untuk menghindari membuka kembali perangkat tun dan jika benar-benar diperlukan pertama menutup TUN saat sebelum membuka perangkat TUN baru untuk menghindari crash. Hal ini dapat menyebabkan jendela pendek di mana paket dikirim melalui koneksi non-VPN. Bahkan dengan solusi ini VPNServices kadang-kadang crash dan memerlukan reboot perangkat.</string>
+  <string name="ab_secondary_users">VPN tidak bekerja sama sekali bagi pengguna sekunder.</string>
+  <string name="ab_kitkat_reconnect">"Beberapa pengguna melaporkan bahwa koneksi mobile / koneksi data mobile sering menjatuhkan saat menggunakan aplikasi VPN. Perilaku tampaknya hanya mempengaruhi beberapa kombinasi perangkat mobile provider / dan sejauh ini tidak ada penyebab / solusi untuk bug dapat diidentifikasi."</string>
+  <string name="ab_vpn_reachability_44">Hanya tujuan yang bisa dicapai melalui VPN yang bisa dijangkau tanpa VPN. VPN IPv6 tidak bekerja sama sekali.</string>
+  <string name="ab_only_cidr_title">Rute non CIDR</string>
+  <string name="ab_proxy_title">Tindakan Proxy untuk VPN</string>
+  <string name="ab_lollipop_reinstall_title">Menginstal ulang aplikasi VPN</string>
+  <string name="version_upto">%s dan sebelumnya</string>
+  <string name="copy_of_profile">Salinan dari %s</string>
+  <string name="ab_not_route_to_vpn_title">Alihkan ke alamat IP yang telah ditentukan</string>
+  <string name="ab_kitkat_mss_title">Nilai MSS yang salah untuk koneksi VPN</string>
+  <string name="ab_secondary_users_title">Pengguna tablet sekunder</string>
+  <string name="custom_connection_options_warng">Tentukan pengaturan untuk koneksi khusus . Gunakan dengan hati-hati</string>
+  <string name="custom_connection_options">Pilihan buatan</string>
+  <string name="remove_connection_entry">Hapus entri koneksi</string>
 </resources>
diff --git a/app/src/main/res/values-it/strings-icsopenvpn.xml b/app/src/main/res/values-it/strings-icsopenvpn.xml
index f35a4b66..a8cafa72 100755
--- a/app/src/main/res/values-it/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-it/strings-icsopenvpn.xml
@@ -182,7 +182,6 @@ Effettuata la lettura del file di configurazione</string>
   <string name="keychain_nocacert">Nessun certificato della CA è stato prelevato dal Keystore di Android. E\' probabile che l\'autenticazione fallisca.</string>
   <string name="show_log_summary">Mostra la finestra dei log della connessione. Si può sempre accedere alla finestra dei log tramite la barra delle notifiche.</string>
   <string name="show_log_window">Visualizza la finestra dei log</string>
-  <string name="mobile_info">In esecuzione su %1$s (%2$s) %3$s, Android API %4$d</string>
   <string name="error_rsa_sign">Errore di firma con la chiave %1$s: %2$s del Keystore di Android.</string>
   <string name="faq_system_dialogs">L\'avvertimento durante la connessione VPN, in cui si informa che questo programma può intercettare tutto il traffico del sistema, serve a prevenire un uso fraudolento delle API del servizio VPN.\nL\'icona di notifica a forma di chiave è altresì imposta dal sistema Android per avvertire che si è connessi ad una VPN. Su alcuni apparecchi questa notifica è accompagnata da un suono.\nAndroid utilizza questi sistemi per la tua sicurezza e per assicurarsi che questi non vengano aggirati (in alcuni firmware questo sfortunamente è accompagnato da un suono di avvertimento).</string>
   <string name="faq_system_dialogs_title">Avviso di connessione e notifica sonora</string>
@@ -262,7 +261,6 @@ Effettuata la lettura del file di configurazione</string>
   <string name="encryption_cipher">Algoritmo di crittografia</string>
   <string name="packet_auth">Autenticazione pacchetti</string>
   <string name="auth_dialog_title">Seleziona il metodo di autenticazione dei pacchetti</string>
-  <string name="mobile_info_extended">In esecuzione su %1$s (%2$s) %3$s, Android API %4$d, versione %5$s, %6$s</string>
   <string name="built_by">compilato da %s</string>
   <string name="debug_build">versione di debug</string>
   <string name="official_build">versione ufficiale</string>
@@ -346,6 +344,7 @@ Effettuata la lettura del file di configurazione</string>
   <string name="tls_settings">Impostazioni TLS</string>
   <string name="duplicate_vpn">Profilo VPN duplicato</string>
   <string name="duplicate_profile_title">Duplicazione del profilo: %s</string>
+  <string name="show_log">Mostra il log</string>
   <string name="version_upto">%s e precedenti</string>
   <string name="copy_of_profile">Copia di %s</string>
 </resources>
diff --git a/app/src/main/res/values-ja/strings-icsopenvpn.xml b/app/src/main/res/values-ja/strings-icsopenvpn.xml
index f12d149b..93e82f79 100755
--- a/app/src/main/res/values-ja/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-ja/strings-icsopenvpn.xml
@@ -6,8 +6,8 @@
   -->
 <resources>
 
-  <string name="address">サーバアドレス</string>
-  <string name="port">ポート番号</string>
+  <string name="address">サーバーアドレス：</string>
+  <string name="port">ポート番号：</string>
   <string name="location">場所</string>
   <string name="cant_read_folder">ディレクトリが読み取れません</string>
   <string name="select">選択</string>
@@ -20,7 +20,7 @@
   <string name="client_pkcs12_title">PKCS12ファイル</string>
   <string name="ca_title">CA 証明書</string>
   <string name="no_certificate">証明書を選択する必要があります。</string>
-  <string name="copyright_guicode">ソースコードと問題管理はここにあります： http://code.google.com/p/ics-openvpn/</string>
+  <string name="copyright_guicode">ソースコードと問題管理はこちら： https://github.com/schwabe/ics-openvpn/</string>
   <string name="copyright_others">プログラムは、次のコンポーネントを使用します。完全な詳細についてはソース上のライセンスを参照してください。</string>
   <string name="about">バージョン情報</string>
   <string name="vpn_list_title">プロファイル</string>
@@ -28,7 +28,7 @@
   <string name="pkcs12pwquery">PKCS12のパスワード</string>
   <string name="file_select">選択&#8230;</string>
   <string name="file_nothing_selected">ファイルを選択する必要があります。</string>
-  <string name="useTLSAuth">TLS認証を使用します。</string>
+  <string name="useTLSAuth">TLS認証を使用する</string>
   <string name="tls_direction">TLS Direction</string>
   <string name="ipv6_dialog_tile">IPv6アドレスをCIDR形式で入力(例:2000:dd::23/64)</string>
   <string name="ipv4_dialog_title">IPv4アドレスをCIDR形式で入力(例:1.2.3.4/24)</string>
@@ -55,7 +55,7 @@
   <string name="random_host_prefix">ランダムなホスト プレフィックス</string>
   <string name="random_host_summary">ランダムな6文字をホスト名の前に付加します。</string>
   <string name="custom_config_title">カスタム オプションを使用する</string>
-  <string name="custom_config_summary">カスタムオプションを指定します。注意を要します。</string>
+  <string name="custom_config_summary">カスタムオプションを指定します。注意して使用してください!</string>
   <string name="route_rejected">経路がAndroidにより拒否されました。</string>
   <string name="cancel_connection">切断</string>
   <string name="cancel_connection_long">VPNを切断します</string>
@@ -63,6 +63,8 @@
   <string name="title_cancel">キャンセルの確認</string>
   <string name="cancel_connection_query">接続中または試行中の接続をキャンセルしますか？</string>
   <string name="remove_vpn">VPN を削除</string>
+  <string name="check_remote_tlscert">サーバが証明書とともにTLS拡張(--remote-cert-tls server)を使用しているか確認する</string>
+  <string name="check_remote_tlscert_title">TLSサーバー証明書を要求する</string>
   <string name="remote_tlscn_check_summary">リモートサーバー証明書の所有者識別子(Subject DN)を確認します。</string>
   <string name="remote_tlscn_check_title">証明書のホスト名を確認する</string>
   <string name="enter_tlscn_dialog">リモート証明書の照合に使用する識別名(DN)を指定します。(例: C=DE, L=Paderborn, OU=Avian IP Carriers, CN=openvpn.blinkt.de)\n\n完全な識別名(DN)または相対識別名(RDN)、あるいは相対識別名のプリフィクスを指定します。\n\nたとえば相対識別名のプリフィクスとして\"Server\"を指定すると、\"Server-1\"と\"Server-2\"にマッチします。\n\n空欄にした場合は相対識別名とサーバのホスト名をチェックします。\n\n詳細についてはOpenVPN 2.3.1以降のマニュアルの「--verify-x509-name」の項を参照してください。</string>
@@ -73,7 +75,7 @@
   <string name="pull_off_summary">サーバからは何も情報が取得できません。指定が必要な設定は以下の通りです。</string>
   <string name="use_pull">情報取得の設定</string>
   <string name="dns">DNS</string>
-  <string name="override_dns">サーバ指定のDNSサーバ設定をオーバーライドします。</string>
+  <string name="override_dns">DNSを手動設定する</string>
   <string name="dns_override_summary">DNSをユーザ側で指定します。</string>
   <string name="searchdomain">検索ドメイン</string>
   <string name="dns1_summary">使用する DNS サーバー</string>
@@ -90,7 +92,7 @@
   <string name="log_verbosity_level">ログの詳細度</string>
   <string name="float_summary">認証済みパケットをどのIPからでも受け付けます。</string>
   <string name="float_title">フローティング サーバーを許可</string>
-  <string name="custom_options_title">カスタム オプション</string>
+  <string name="custom_options_title">カスタムオプション</string>
   <string name="edit_vpn">VPN 設定の編集</string>
   <string name="remove_vpn_query">VPN プロファイル %s を削除しますか？</string>
   <string name="tun_error_helpful">いくつかのカスタムICSイメージは、/dev/tunのパーミッションが異常か、TUNモジュールが含まれていません。CM9イメージの場合は全般設定で所有権設定を修正してください。</string>
@@ -102,12 +104,13 @@
   <string name="dns_server_info">DNSサーバ: %1$s, ドメイン: %2$s</string>
   <string name="routes_info_incl">経路: %1$s %2$s</string>
   <string name="routes_info_excl">除外された経路: %1$s %2$s</string>
+  <string name="routes_debug">VpnServiceの経路を設定しました: %1$s %2$s</string>
   <string name="ip_not_cidr">インターフェース情報として %1$s と %2$s を取得しました。2つ目のアドレスはリモート側のピアアドレスです。32ビットマスクをローカルIPに使用します。 OpenVPNのモードは \"%3$s\" です。</string>
   <string name="route_not_cidr">%1$sと%2$sではCIDR形式のIP経路情報として意味をなしません。32ビットマスクを使用します。</string>
   <string name="route_not_netip">経路情報%1$s/%2$sを%3$s/%2$sに修正しました。</string>
   <string name="keychain_access">Androidの証明書管理にアクセスできません。(ファームウェアの更新、アプリケーションまたはその設定のリストアによって発生する場合があります)。VPNの設定で証明書の選択を再度行ってください。</string>
   <string name="version_info">%1$s %2$s</string>
-  <string name="send_logfile">ログ ファイルを送信します。</string>
+  <string name="send_logfile">ログファイルを送信</string>
   <string name="send">送信</string>
   <string name="ics_openvpn_log_file">ICS OpenVPN ログ ファイル</string>
   <string name="copied_entry">ログ エントリをクリップボードにコピーしました</string>
@@ -159,7 +162,9 @@ SDカード上のデータは本質的に無防備です。すべてのアプリ
   <string name="speed_waiting">状態メッセージを待っています。</string>
   <string name="converted_profile">インポートされたプロファイル</string>
   <string name="converted_profile_i">インポートされたプロファイル %d</string>
-  <string name="broken_images">壊れたイメージ</string>
+  <string name="broken_images">壊れたファームウェア</string>
+  <string name="broken_images_faq">&lt;p&gt;HTCの公式ファームウェアにはトンネルにトラフィックを流すことができない奇妙なルーティングの問題を抱えています。 (バグトラッカーを参照 &lt;a href=\"https://github.com/schwabe/ics-openvpn/issues/18\"&gt;Issue 18&lt;/a&gt;)&lt;/p&gt;&lt;p&gt;古いSONY、Xperia Arc SとXperia RayのファームウェアはVPNServiceが完全に欠落していると報告されています。(バグトラッカーを参照 &lt;a href=\"https://github.com/schwabe/ics-openvpn/issues/29\"&gt;Issue 29&lt;/a&gt;)&lt;/p&gt;&lt;p&gt;カスタムビルドされたファームウェアにおいてtunモジュールがなかったり、あるいは権限が間違っている場合があります。いくつかのCM9では
+\"Device specific hacks(デバイス固有のhack)\"を有効にして\"Fix ownership(所有権を修正)\"オプションを使用する必要があります。&lt;/p&gt;&lt;p&gt;とても重要なこと: もしあなたがファームウェアの不完全なAndroidデバイスを所有していたら、メーカーに報告してください。より多くの人が問題を報告すれば、彼らが修正することでしょう。&lt;/p&gt;</string>
   <string name="pkcs12_file_encryption_key">PKCS12ファイルの暗号化キー</string>
   <string name="private_key_password">秘密鍵のパスワード</string>
   <string name="password">パスワード</string>
@@ -180,7 +185,7 @@ SDカード上のデータは本質的に無防備です。すべてのアプリ
   <string name="keychain_nocacert">認証局証明書（CA Cert）がAndroidのキーストアから取得できませんでした。認証はおそらく失敗します。</string>
   <string name="show_log_summary">接続時にログウィンドウを表示します。ログウィンドウは常に状態通知からアクセスできます。</string>
   <string name="show_log_window">ログウィンドウを表示</string>
-  <string name="mobile_info">実行中：%1$s (%2$s)%3$s Android API %4$d</string>
+  <string name="mobile_info">%10$s %9$s は次の環境で実行中です %3$s %1$s (%2$s), Android %6$s (%7$s) API %4$d, ABI %5$s, (%8$s)</string>
   <string name="error_rsa_sign">Androidキーストアに保存されたキー %1$s: %2$sの署名エラーです</string>
   <string name="faq_system_dialogs">VPN接続の警告は、このアプリケーションがVPNService APIを悪用してすべての通信を傍受できることを、システムがあなたに知らせるものです。\n
 VPN接続通知(鍵の形)は、VPN接続が稼働中であることをAndroidが知らせています。いくつかのシステムではこの通知で音を鳴らします。\n
@@ -236,6 +241,9 @@ OpenVPNの接続を保証するためには、アプリケーションを高い
   <string name="openvpn_log">OpenVPN のログ</string>
   <string name="import_config">OpenVPN の構成のインポート</string>
   <string name="battery_consumption_title">バッテリー消費量</string>
+  <string name="baterry_consumption">個人的な検証では、OpenVPNがバッテリを多く消費する主な原因はkeepaliveパケットです。 
+大部分のOpenVPNサーバは\'keepalive 10 60\'のような設定を持っており、これは10秒ごとにサーバとクライアントで相互にkeepaliveパケットを送信しあうことを意味します。 &lt;p&gt;これらのパケットは小さく多くの帯域は使用しませんが、モバイル回線機能を常に稼動させ続け電力消費を増大させます。 &lt;p&gt;
+(参考 &lt;a href=\"http://developer.android.com/training/efficient-downloads/efficient-network-access.html#RadioStateMachine\"&gt;The Radio State Machine | Android Developers&lt;/a&gt;)&lt;p&gt;このkeepalive設定はクライアント側からは変更できません。OpenVPNのシステム管理者のみが変更可能です。 &lt;p&gt; 残念なことに、60秒より大きな間隔のUDP keepaliveはいくつかのNATゲートウェイにおいては接続状態が維持できず、それより短い時間でタイムアウトします(検証では60秒)。 TCP keepaliveと長いタイムアウト時間の使用は、動作はしますがTCP over TCP問題を引き起こします。(詳細は&lt;a href=\"http://sites.inka.de/bigred/devel/tcp-tcp.html\"&gt;なぜTCP over TCPは悪いアイディアなのか&lt;/a&gt;を参照)</string>
   <string name="faq_tethering">Androidのテザリング機能(WiFi, USB, Bluetooth経由)とVPNService API(このプログラムから使用する機能)は同時に利用できません。詳細については&lt;a href=\"http://code.google.com/p/ics-openvpn/issues/detail?id=34\"&gt;issue #34&lt;/a&gt;を参照</string>
   <string name="vpn_tethering_title">VPN とテザリング</string>
   <string name="connection_retries">接続の再試行回数</string>
@@ -271,7 +279,6 @@ OpenVPNの接続を保証するためには、アプリケーションを高い
   <string name="encryption_cipher">暗号化方式</string>
   <string name="packet_auth">パケット認証</string>
   <string name="auth_dialog_title">パケット認証方式を入力してください。</string>
-  <string name="mobile_info_extended">%1$s (%2$s) %3$s、Android API %4$d、バージョン %5$s %6$s において実行中</string>
   <string name="built_by">%s によりビルド</string>
   <string name="debug_build">デバッグ ビルド</string>
   <string name="official_build">正式ビルド</string>
@@ -293,25 +300,28 @@ OpenVPNの接続を保証するためには、アプリケーションを高い
   <string name="clearappsdialog">許可アプリの一覧をクリアしますか?\n現在の許可アプリ一覧:\n\n%s</string>
   <string name="screenoff_summary">スクリーンがオフかつ60秒で64kB以下のデータ転送量の場合、VPN通信を中断します。「永続的なTUN」設定が有効な場合、VPN接続が中断されると通信ができなくなります。「永続的なTUN」を無効にすると、VPNによる接続保護は行われなくなります。</string>
   <string name="screenoff_title">画面オフ後にVPN接続を中断</string>
-  <string name="screen_nopersistenttun">警告: このVPN接続には永続的なTUNが設定されていません。スクリーンオフ後の通信は通常のインターネット接続を使用します。</string>
+  <string name="screenoff_pause">画面オフにより接続を中断しています: %2$s秒で%1$s 以下 </string>
+  <string name="screen_nopersistenttun">警告: このVPN接続には永続的なTUNデバイスが設定されていません。スクリーンオフ後の通信は通常のインターネット接続を使用します。</string>
   <string name="save_password">パスワードを保存</string>
-  <string name="pauseVPN">VPN一時停止</string>
+  <string name="pauseVPN">VPNを中断</string>
   <string name="resumevpn">VPN再開</string>
-  <string name="state_userpause">ユーザによってVPN一時停止が要求されました</string>
-  <string name="state_screenoff">VPN一時停止中 - screenオフ</string>
-  <string name="device_specific">デバイス固有のhacks</string>
+  <string name="state_userpause">ユーザによってVPNの中断が要求されました</string>
+  <string name="state_screenoff">VPN中断中 - 画面オフ</string>
+  <string name="device_specific">デバイス固有のハック</string>
   <string name="cannotparsecert">証明書の情報が表示できません。</string>
   <string name="appbehaviour">アプリケーションの挙動</string>
   <string name="vpnbehaviour">VPN の挙動</string>
   <string name="allow_vpn_changes">VPNプロファイルの変更を許可する</string>
   <string name="hwkeychain">ハードウェアのキーストア：</string>
   <string name="permission_icon_app">OpenVPN for Androidを使用しようと試みるアプリのアイコン</string>
-  <string name="faq_vpndialog43_title">Android 4.3以降用VPN確認ダイアログ</string>
+  <string name="faq_vpndialog43">Android 4.3で使用した場合、VPN確認画面はオーバーレイ(常に画面全体を覆う表示)を使用するアプリから保護されます。この結果、ダイアログはタッチ操作に反応しなくなります。もしあなたがオーバーレイを使用したアプリを使っていたらこの挙動に遭遇するでしょう。もしあなたがこういった無作法なアプリを見つけたら、そのアプリの作者に連絡しましょう。この問題はAndroid 4.3以降でVPNアプリケーションすべてに影響します。詳細は &lt;a href=\"https://github.com/schwabe/ics-openvpn/issues/185\"&gt;Issue 185&lt;a&gt; を参照してください。</string>
+  <string name="faq_vpndialog43_title">VPN確認ダイアログ</string>
   <string name="donatePlayStore">ほかの手段として、Play Storeで私に寄付できます。</string>
   <string name="thanks_for_donation">%s の寄付をお寄せいただきありがとうございます！</string>
   <string name="logCleared">ログがクリアされました。</string>
   <string name="show_password">パスワードを表示する</string>
   <string name="keyChainAccessError">キーチェーン アクセス エラー: %s</string>
+  <string name="timestamp_short">短め</string>
   <string name="timestamp_iso">ISO</string>
   <string name="timestamps">タイムスタンプ</string>
   <string name="timestamps_none">なし</string>
@@ -331,4 +341,76 @@ OpenVPNの接続を保証するためには、アプリケーションを高い
   <string name="files_missing_hint">いくつかのファイルが見つかりませんでした。プロファイルをインポートするファイルを選択してください：</string>
   <string name="openvpn_is_no_free_vpn">このアプリを使用するには、（多くの場合、あなたの雇用者によって提供される）OpenVPNをサポートするVPNプロバイダ/ VPNゲートウェイが必要です。あなた独自のOpenVPNサーバーをセットアップするためにはhttp://community.openvpn.net/ をチェックしてください。</string>
   <string name="import_log">インポートログ：</string>
+  <string name="ip_looks_like_subnet">VPNトポロジ \"%3$s\" が設定されていますが ifconfig %1$s %2$s はIPアドレスとネットマスクのように見えます。\"サブネット\"トポロジを仮定します。</string>
+  <string name="mssfix_invalid_value">MSSに指定できる値は0~9000の整数です</string>
+  <string name="mssfix_value_dialog">OpenVPNがカプセル化したあとのパケットサイズで制限するようトンネル越しのTCPセッションに通知します。結果、OpenVPNが相手に送信するUDPパケットサイズはこのバイト数を超えなくなります。(デフォルトは1450)</string>
+  <string name="mssfix_checkbox">TCPペイロードのMSSを指定する</string>
+  <string name="mssfix_dialogtitle">TCPペイロードのMSSを設定</string>
+  <string name="client_behaviour">クライアント動作</string>
+  <string name="clear_external_apps">許可された外部アプリをクリア</string>
+  <string name="loading">読み込み中...</string>
+  <string name="allowed_vpn_apps_info">許可されたVPNアプリケーション：%1$s</string>
+  <string name="disallowed_vpn_apps_info">許可されていないVPNアプリ：%1$s</string>
+  <string name="app_no_longer_exists">パッケージ %s はインストールされていないため、許可／不許可アプリリストから削除します</string>
+  <string name="vpn_disallow_radio">VPNは選択したアプリ以外のすべてのアプリから使用されます</string>
+  <string name="vpn_allow_radio">VPNは選択されたアプリのみで使用できます</string>
+  <string name="query_delete_remote">接続先設定を削除しますか？</string>
+  <string name="keep">保持</string>
+  <string name="delete">削除</string>
+  <string name="add_remote">新しい接続先を追加</string>
+  <string name="remote_random">接続時に接続先をランダムに使用する</string>
+  <string name="remote_no_server_selected">少なくとも一つ以上の接続先を設定し有効化する必要があります</string>
+  <string name="server_list">接続先リスト</string>
+  <string name="vpn_allowed_apps">許可されたアプリ</string>
+  <string name="advanced_settings">詳細設定</string>
+  <string name="payload_options">ペイロードオプション</string>
+  <string name="tls_settings">TLSの設定</string>
+  <string name="no_remote_defined">接続先が設定されていません</string>
+  <string name="duplicate_vpn">VPNプロファイルを複製</string>
+  <string name="duplicate_profile_title">プロファイルの複製：%s</string>
+  <string name="show_log">ログを表示</string>
+  <string name="faq_android_clients">Android用のOpenVPNクライアントは複数あります。主なものとしては「OpenVPN for Android」(このアプリ)「OpenVPN Connect」「OpenVPN Settings」があります。&lt;p&gt;クライアントは大きく2種類に分けられます。「OpenVPN for Android」「OpenVPN Connect」は公式なVPNService API (Android 4.0以降)を使用しroot権限は不要です。「OpenVPN Settings」はroot権限が必要です。&lt;p&gt;「OpenVPN for Android」はオープンソースのクライアントでArne Schwabeにより開発されています。詳しい人をターゲットとして、多くの設定とファイルからのプロファイルインポート、アプリ内でのプロファイル設定変更ができるようになっています。コミュニティ版のOpenVPN 2.xのソースコードをベースとしています。コミュニティの準公式クライアントとみなせます。&lt;p&gt;「OpenVPN Connect」はOpenVPN Technologies, Incにより開発されておりオープンソースではありません。より一般的な使い方と平均的なユーザをターゲットとしており、OpenVPNプロファイルのインポートができます。OpenVPNプロトコルのC++による再実装コードをベースとしています(これはOpenVPN Technologies, IncがiOS版を公開するために必要でした)。OpenVPN Technologies, Incの公式クライアントです。&lt;p&gt; 「OpenVPN Settings」は最も古いクライアントであり、オープンソースのOpenVPN用のUIです。「OpenVPN for Android」との大きな違いはroot権限を必要とし、かつVPNService APIを使用しないことです。Android 4.0以降に依存しません。</string>
+  <string name="faq_androids_clients_title">OpenVPN Androidクライアント間の違い</string>
+  <string name="ignore_multicast_route">マルチキャストされた経路を無視します: %s</string>
+  <string name="ab_only_cidr">AndroidはVPNへの経路としてCIDRのみサポートします。非CIDR経路はほとんど使用されないため、OpenVPN for Androidは非CIDR経路に/32を使用し、警告を発します。</string>
+  <string name="ab_tethering_44">テザリングはVPNが接続中でも有効です。ただしテザリングした通信はVPNを使用できません。</string>
+  <string name="ab_kitkat_mss">初期のKitKatはTCP接続において間違ったMSS値を使用します。(#61948). このバグを回避するにはmssfixオプションの有効化を試してください。</string>
+  <string name="ab_proxy">AndroidはDNSサーバの設定がされていない場合、モバイル/WiFiのプロキシ設定を使用し続けます。OpenVPN for Androidはこれについてログにて警告します。<p>VPNがDNSサーバを設定した場合、Androidはプロキシを使用しなくなります。VPNでプロキシを使用するよう設定するAPIは存在しません。</p></string>
+  <string name="ab_lollipop_reinstall">VPNアプリはアンインストール／再インストール時に正常に動作しなくなることがあります。詳細は#80074を参照してください。</string>
+  <string name="ab_not_route_to_vpn">設定されたクライアントIPとネットマスクに含まれるIPアドレスはVPNを経由しません。OpenVPNは明示的に経路を追加することでこのバグを回避します。</string>
+  <string name="ab_persist_tun">ほかのTUNデバイスが使用されている間に、永続的なTUNデバイス機能のためにTUNデバイスを開こうとするとデバイス上のVPNServiceがクラッシュします。VPNが再び動作するためにはデバイスの再起動が必要です。OpenVPN for Androidはクラッシュを避けるため、新しいTUNデバイスを開く前に現在のTUNデバイスを閉じます。これは短期間、パケットが非VPN接続に送信される原因になります。この回避策があっても、VPNServiceは時々クラッシュし、デバイスの再起動が必要になります。</string>
+  <string name="ab_secondary_users">VPNはほかのユーザーに対しては動作しません。</string>
+  <string name="ab_kitkat_reconnect">"複数のユーザが、VPNアプリ使用中にモバイル接続が頻繁に欠落すると報告しています。この挙動は特定のプロバイダ／デバイスの組み合わせでのみ発生すると思われ、これまでのところこのバグに対する原因や回避策は特定されていません。"</string>
+  <string name="ab_vpn_reachability_44">VPNなしでも到達可能なネットワークにのみVPN経由で到達できる場合。IPv6 VPN は動作しません。</string>
+  <string name="ab_only_cidr_title">非CIDRルート</string>
+  <string name="ab_proxy_title">VPNのプロキシ動作</string>
+  <string name="ab_lollipop_reinstall_title">VPNアプリを再インストールする場合</string>
+  <string name="version_upto">%sおよびそれ以前</string>
+  <string name="copy_of_profile">%sのコピー</string>
+  <string name="ab_not_route_to_vpn_title">設定されたIPアドレスへの経路</string>
+  <string name="ab_kitkat_mss_title">VPN接続に不正なMSS値</string>
+  <string name="ab_secondary_users_title">タブレットの複数ユーザー</string>
+  <string name="custom_connection_options_warng">カスタム指定の接続オプションを設定します。慎重に利用してください</string>
+  <string name="custom_connection_options">カスタムオプション</string>
+  <string name="remove_connection_entry">接続エントリを削除します</string>
+  <string name="ab_kitkat_reconnect_title">モバイルネットワークが突発的に切断される</string>
+  <string name="ab_vpn_reachability_44_title">リモートネットワークに到達できない</string>
+  <string name="ab_persist_tun_title">持続的なTUNモード</string>
+  <string name="version_and_later">%s以降</string>
+  <string name="tls_cipher_alert_title">SSL23_GET_SERVER_HELLO:sslv3 alert handshake failureで接続が失敗する</string>
+  <string name="tls_cipher_alert">OpenVPN for Androidの新しいバージョン(0.6.29/March 2015)は、暗号化スイートが許す限りよりセキュアなデフォルトを使用します(tls-cipher \"DEFAULT:!EXP:!PSK:!SRP:!kRSA\")。 残念なことに、欠陥のある暗号化スイートあるいは輸出用暗号化スイート、特にPerfect Forward Secrecy (Diffie-Hellman)に欠陥がある暗号化スイートでは問題を生じます。これらは通常、サーバのtls-cipherの設定や最小限のSSLを実装した組み込みOS(例えば MikroTik)で、よりTLSセキュリティを強化しようとした善意での、しかし不完全な試みにより生じます\nこの問題を解決するには、サーバ側で tls-cipher に \"DEFAULT:!EXP:!PSK:!SRP:!kRSA\" のような妥当なデフォルトを設定します。この問題のクライアント側の回避策としては、カスタムオプションに tls-cipher DEFAULT を追加します。</string>
+  <string name="message_no_user_edit">このプロファイルは外部のアプリ(%s)より追加され、ユーザによる編集が無効化されています</string>
+  <string name="crl_file">証明書失効リスト</string>
+  <string name="service_restarted">OpenVPNを再起動しています(クラッシュしたか、メモリ不足により停止させられたため)</string>
+  <string name="import_config_error">設定のインポートでエラーが発生したため、保存できません。</string>
+  <string name="Search">検索</string>
+  <string name="clear_log_on_connect">新規接続時にログをクリアする</string>
+  <string name="connect_timeout">接続タイムアウト</string>
+  <string name="query_permissions_sdcard">OpenVPN for Androidは見失ったファイルを自動でSDカードから再探索することができます。このメッセージをタップして権限のリクエストを行ってください。</string>
+  <string name="protocol">プロトコル</string>
+  <string name="enabled_connection_entry">有効</string>
+  <string name="abi_mismatch">Preferred native ABI precedence of this device (%1$s) and ABI reported by native libraries (%2$s) mismatch</string>
+  <string name="months_left">残り %dヵ月</string>
+  <string name="days_left">残り %d日</string>
+  <string name="hours_left">残り %d時間</string>
 </resources>
diff --git a/app/src/main/res/values-ko/strings-icsopenvpn.xml b/app/src/main/res/values-ko/strings-icsopenvpn.xml
index 4a4273d8..ce748cfa 100755
--- a/app/src/main/res/values-ko/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-ko/strings-icsopenvpn.xml
@@ -87,9 +87,9 @@
   <string name="default_route_summary">VPN을 통해 모든 트래픽을 보냅니다.</string>
   <string name="use_default_title">기본 라우트 사용하기</string>
   <string name="custom_route_message">사용자 지정 라우트를 입력하십시오. 목적지는 CIDR 형식으로만 입력하십시오. \"10.0.0.0/8 2002::/16\"은 10.0.0.0/8 과 2002::/16 네트워크를 VPN으로 보냅니다.</string>
-  <string name="custom_route_message_excluded">VPN을 통해 라우팅하지 말아 경로. 포함 경로와 동일한 구문을 사용합니다.</string>
+  <string name="custom_route_message_excluded">VPN을 통해 라우팅되면 안되는 경로(라우트). 포함된 경로와 동일한 구문을 사용합니다.</string>
   <string name="custom_routes_title">사용자 지정 라우트</string>
-  <string name="custom_routes_title_excluded">123456</string>
+  <string name="custom_routes_title_excluded">제외된 네트워크</string>
   <string name="log_verbosity_level">로그의 자세한 정도</string>
   <string name="float_summary">인증된 패킷은 IP와 상관없이 허용</string>
   <string name="float_title">플로팅 서버 허용</string>
@@ -103,6 +103,8 @@
   <string name="last_openvpn_tun_config">TUN 인터페이스 열기:</string>
   <string name="local_ip_info">로컬 IPv4: %1$s/%2$d IPv6: %3$s MTU: %4$d</string>
   <string name="dns_server_info">DNS 서버: %1$s, 도메인: %2$s</string>
+  <string name="routes_info_incl">경로: %1$s %2$s</string>
+  <string name="routes_info_excl">제외된 경로: %1$s %2$s</string>
   <string name="ip_not_cidr">인터페이스 정보 %1$s와 %2$s에 있어, 두 번째 주소를 원격 피어 주소로 가정 하겠습니다. 로컬 IP의 넷마스크로는 /32를 사용하겠습니다. OpenVPN에 의해 주어진 모드는 \"%3$s\" 입니다.</string>
   <string name="route_not_cidr">CIDR 넷마스크가 있는 IP 라우트 %1$s 와 %2$s 에 있어서 처리가 불가능합니다. /32를 넷마스크로 사용하겠습니다.</string>
   <string name="route_not_netip">%1$s/%2$s 에서 %3$s/%2$s로 라우트 수정</string>
@@ -177,7 +179,6 @@
   <string name="keychain_nocacert">안드로이드 keystore에서 CA 인증서를 찾지 못했습니다. Auhtentication은 실패할 것 입니다.</string>
   <string name="show_log_summary">연결시 로그 윈도우를 보여드립니다. 로그 윈도우는 항상 notification status에서 접근이 가능합니다.</string>
   <string name="show_log_window">로그 윈도우 보기</string>
-  <string name="mobile_info">%1$s (%2$s) %3$s, 안드로이드 API %4$d 에서 실행</string>
   <string name="error_rsa_sign">안드로이드 keystore 키 %1$s: %2$s과 싸이닝 오류</string>
   <string name="faq_system_dialogs">시스템에서는 VPN연결 경고를 통해 당신에게 본앱이 모든 트래픽을 가로챌수있다는 점을 알리게 되어 있는데 이는 VPNService API가 남용하는것을 막기 위함입니다.\nVPN 연결 알림 (키 아이콘) 또한 안드로이드 시스템에서 부과하는 부분이며 이는 VPN연결을 알리는 신호입니다. 어떤 버전에서는 소리를 알림으로 사용하는 경우도 있습니다.\n안드로이드는 이같은 방법을 당신의 안전을 위해 도입하였으며 사용은 필수적입니다. (어떤 버전에서는 유감스럽게도 소리 알림 또한 포함됩니다.)</string>
   <string name="faq_system_dialogs_title">연결 경고 및 알림 소리</string>
@@ -256,7 +257,6 @@
   <string name="encryption_cipher">암호화 암호</string>
   <string name="packet_auth">패킷 인증</string>
   <string name="auth_dialog_title">패킷 인증 방법을 입력한다</string>
-  <string name="mobile_info_extended">%1$s (%2$s) %3$s, 안드로이드 API %4$d, 버전 %5$s, %6$s에서 실행</string>
   <string name="built_by">개발자 %s</string>
   <string name="debug_build">디버그 빌드</string>
   <string name="official_build">공식 빌드</string>
@@ -282,6 +282,7 @@
   <string name="screen_nopersistenttun">경고: 이 VPN은 persistent tun이 비활성화 되어있습니다. 화면이 꺼졌을 때 트래픽은 터널을 사용하지 않고 인터넷을 바로 사용합니다.</string>
   <string name="save_password">암호 저장</string>
   <string name="pauseVPN">VPN 일시중지</string>
+  <string name="resumevpn">VPN 재개하기</string>
   <string name="state_userpause">VPN 일시 정지 사용자의 요청</string>
   <string name="state_screenoff">VPN 일시정지됨 - 화면 끄기</string>
   <string name="device_specific">장치 관련 Hacks</string>
@@ -309,4 +310,12 @@
   <string name="unhandled_exception">처리 되지 않은 예외: %1$s\n\n%2$s</string>
   <string name="unhandled_exception_context">%3$s: %1$s\n\n%2$s</string>
   <string name="full_licenses">전체 라이센스</string>
+  <string name="userpw_file">사용자 이름/암호 파일</string>
+  <string name="mssfix_invalid_value">MSS override의 값은 0과 9000 사이의 정수이어야합니다</string>
+  <string name="loading">로드 중...</string>
+  <string name="keep">유지</string>
+  <string name="delete">삭제</string>
+  <string name="payload_options">페이로드 옵션</string>
+  <string name="tls_settings">TLS 설정</string>
+  <string name="faq_androids_clients_title">안드로이드 OpenVPN 클라이언트 간의 차이</string>
 </resources>
diff --git a/app/src/main/res/values-nl/strings-icsopenvpn.xml b/app/src/main/res/values-nl/strings-icsopenvpn.xml
index 2b3468e3..e05b9105 100755
--- a/app/src/main/res/values-nl/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-nl/strings-icsopenvpn.xml
@@ -20,7 +20,7 @@
   <string name="client_pkcs12_title">PKCS12 Bestand</string>
   <string name="ca_title">CA Certificaat</string>
   <string name="no_certificate">Je moet een certificaat selecteren</string>
-  <string name="copyright_guicode">De broncode en bugs zijn te vinden op http://code.google.com/p/ics-openvpn/</string>
+  <string name="copyright_guicode">De broncode en bugs zijn te vinden op https://github.com/schwabe/ics-openvpn/</string>
   <string name="copyright_others">Het programma gebruikt de volgende componenten. Zie de broncode voor volledige details over de licenties.</string>
   <string name="about">Over</string>
   <string name="vpn_list_title">Profielen</string>
@@ -30,9 +30,9 @@
   <string name="file_nothing_selected">Je moet een bestand selecteren</string>
   <string name="useTLSAuth">Gebruik TLS autentificatie</string>
   <string name="tls_direction">TLS Richting</string>
-  <string name="ipv6_dialog_tile">Voer een IPv6 Adres/Netmask in met het CIDR Formaat (v.b. 2000:dd::23/64)</string>
-  <string name="ipv4_dialog_title">Voer een IPv4 Adres/Netmask in met het CIDR Formaat (v.b. 1.2.3.4/24)</string>
-  <string name="ipv4_address">IPv4 Adres</string>
+  <string name="ipv6_dialog_tile">Voer een IPv6 Adres/Netmask in met het CIDR Formaat (b.v. 2000:dd::23/64)</string>
+  <string name="ipv4_dialog_title">Voer een IPv4 Adres/Netmask in met het CIDR Formaat (b.v. 1.2.3.4/24)</string>
+  <string name="ipv4_address">IPv6 Adres</string>
   <string name="ipv6_address">IPv4 Adres</string>
   <string name="custom_option_warning">Geavanceerde OpenVPN opties. Veel van de tun gerelateerde OpenVPN instellingen worden niet ondersteund. Als u denkt dat een belangrijke optie ontbreekt, neem dan contact op met de auteur.</string>
   <string name="auth_username">Gebruikersnaam</string>
@@ -106,8 +106,10 @@
   <string name="version_info">%1$s %2$s</string>
   <string name="send_logfile">Logboek verzenden</string>
   <string name="send">Verzenden</string>
+  <string name="copied_entry">Kopiëer de log ingave naar het clip bord</string>
   <string name="tap_mode">Tap mode</string>
   <string name="faq_tap_mode">De VPN API van Android werkt zonder rooten van de telefoon en ondersteunt alleen de tun modus. Daarom is de tap modus niet mogelijk met deze app.</string>
+  <string name="tap_faq2">Alweer? Maak je een grapje? Nee, tap mode wordt echt niet ondersteund en meer mails sturen met het verzoek of het ondersteund kan worden zal echt niet helpen, dus Neen.</string>
   <string name="faq">Veelgestelde vragen </string>
   <string name="encryption">Codering</string>
   <string name="cipher_dialog_title">Codering methode</string>
diff --git a/app/src/main/res/values-no/strings-icsopenvpn.xml b/app/src/main/res/values-no/strings-icsopenvpn.xml
index bd71a77c..d4fa66a4 100755
--- a/app/src/main/res/values-no/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-no/strings-icsopenvpn.xml
@@ -125,7 +125,6 @@
   <string name="netstatus">Nettverksstatus: %s</string>
   <string name="select_file">Velg</string>
   <string name="show_log_window">Vis logg-vindu</string>
-  <string name="mobile_info">Kjører på %1$s (%2$s) %3$s, Android API %4$d</string>
   <string name="translationby">Norsk oversettelse av Jonny</string>
   <string name="ipdns">IP og DNS</string>
   <string name="basic">Grunnleggende</string>
diff --git a/app/src/main/res/values-pl/strings-icsopenvpn.xml b/app/src/main/res/values-pl/strings-icsopenvpn.xml
index dece207b..0e76b956 100755
--- a/app/src/main/res/values-pl/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-pl/strings-icsopenvpn.xml
@@ -8,8 +8,8 @@
 
   <string name="address">Adres serwera:</string>
   <string name="port">Port serwera:</string>
-  <string name="location">Lokalizacja</string>
-  <string name="cant_read_folder">Nie można odczytać katalogu</string>
+  <string name="location">Ścieżka</string>
+  <string name="cant_read_folder">Nie mogę odczytać katalogu</string>
   <string name="select">Wybierz</string>
   <string name="cancel">Anuluj</string>
   <string name="no_data">Brak danych</string>
@@ -18,11 +18,11 @@
   <string name="client_certificate_title">Certyfikat klienta</string>
   <string name="client_key_title">Klucz certyfikatu klienta</string>
   <string name="client_pkcs12_title">Plik PKCS12</string>
-  <string name="ca_title">Certyfikat urzędu certyfikacji</string>
+  <string name="ca_title">Certyfikat CA</string>
   <string name="no_certificate">Musisz wybrać certyfikat</string>
-  <string name="copyright_guicode">Kod źródłowy i formularz zgłoszeniowy błędów dostępny pod http://code.google.com/p/ics-openvpn/</string>
+  <string name="copyright_guicode">Kod źródłowy i formularz zgłoszeniowy błędów dostępny pod https://github.com/schwabe/ics-openvpn/</string>
   <string name="copyright_others">Program ten wykorzystuje następujące składniki; Szczegółowe informacje o licencjach w kodzie źródłowym</string>
-  <string name="about">O</string>
+  <string name="about">O programie</string>
   <string name="vpn_list_title">Profile</string>
   <string name="vpn_type">Typ</string>
   <string name="pkcs12pwquery">Hasło PKCS12</string>
@@ -46,8 +46,8 @@
   <string name="no_keystore_cert_selected">Musisz wybrać certyfikat użytkownika</string>
   <string name="no_error_found">Brak błędów</string>
   <string name="config_error_found">Błąd w konfiguracji</string>
-  <string name="ipv4_format_error">Błąd parsowania adresu IPv4</string>
-  <string name="custom_route_format_error">Błąd parsowania niestandardowych tras</string>
+  <string name="ipv4_format_error">Błąd analizowania adresu IPv4</string>
+  <string name="custom_route_format_error">Błąd analizowania niestandardowych tras</string>
   <string name="pw_query_hint">(Pozostaw puste, aby wywołać na żądanie)</string>
   <string name="vpn_shortcut">Skrót OpenVPN</string>
   <string name="vpn_launch_title">Połącz się z siecią VPN</string>
@@ -63,15 +63,21 @@
   <string name="title_cancel">Anuluj potwierdzenie</string>
   <string name="cancel_connection_query">Odłącz podłączone VPN / zrezygnować z próby połączenia?</string>
   <string name="remove_vpn">Usuń VPN</string>
+  <string name="check_remote_tlscert">Sprawdza, czy serwer używa certyfikatu z rozszerzeniami serwera TLS (--remote-cert-tls server)</string>
   <string name="check_remote_tlscert_title">Oczekiwanie na certyfikat TLS z serwera</string>
+  <string name="remote_tlscn_check_summary">Sprawdza podmiot DN certyfikatu zdalnego</string>
   <string name="remote_tlscn_check_title">Weryfikuj nazwę domenową zawartą w certyfikacie</string>
-  <string name="enter_tlscn_title">Temat zdalnego certyfikatu</string>
+  <string name="enter_tlscn_dialog">Określ czynność weryfikującą DN zdalnego certyfikatu (np. C=DE, L=Paderborn, OU=Avian IP Carriers, CN=openvpn.blinkt.de)\n\nUżyj pełnego DN lub RDN (przykładowo penvpn.blinkt.de), lub prefiks RDN w celu weryfikacji\n\nUżywając prefiksu \"Serwer\", RDN będzie prawidłowy dla \"Serwer-1\" lub \"Serwer-Agaty\"\n\nPozostawiając pole puste RDN będzie sprawdzany pod kątem nazwy serwera.\n\nAby uzyskać więcej informacji, spójrz do podręcznika OpenVPN 2.3.1 w dziale —verify-x509-name</string>
+  <string name="enter_tlscn_title">Podmiot zdalnego certyfikatu</string>
   <string name="tls_key_auth">Włącza uwierzytelnianie kluczem TLS</string>
   <string name="tls_auth_file">Plik TLS</string>
+  <string name="pull_on_summary">Pobierz z serwera adresy IP, trasy oraz inne opcje.</string>
+  <string name="pull_off_summary">Żadne opcje nie będą pobierane z serwera, należy je ustawić poniżej.</string>
   <string name="use_pull">Pobierz ustawienia</string>
   <string name="dns">DNS</string>
   <string name="override_dns">Nadpisz DNS z serwera</string>
   <string name="dns_override_summary">Użyj własnych serwerów DNS</string>
+  <string name="searchdomain">searchDomain</string>
   <string name="dns1_summary">Używany serwer DNS.</string>
   <string name="dns_server">Serwer DNS</string>
   <string name="secondary_dns_message">Pomocniczy serwer DNS używany, jeśli normalny serwer DNS jest nieosiągalny.</string>
@@ -80,9 +86,13 @@
   <string name="ignore_routes_summary">Ignoruj trasy serwera.</string>
   <string name="default_route_summary">Przekieruj cały ruch przez tunel VPN</string>
   <string name="use_default_title">Użyj domyślnej trasy</string>
+  <string name="custom_route_message">Wprowadź własne trasy. Muszą być wprwadzone w formacie CIDR. \"10.0.0.0/8 2002::/16\" przekieruje ruch z 10.0.0.0/8 i 2002::/16 przez VPN.</string>
+  <string name="custom_route_message_excluded">Trasy, które NIE powinny być kierowane przez VPN. Użyj tej samej składni, jak w trasach opcjonalnych.</string>
   <string name="custom_routes_title">Opcjonalne trasy</string>
+  <string name="custom_routes_title_excluded">Wykluczone Sieci</string>
   <string name="log_verbosity_level">Poziom logowania</string>
   <string name="float_summary">Zezwalaj uwierzytelnionym pakietom z każdego IP</string>
+  <string name="float_title">Zezwól na \"pływający\" serwer.</string>
   <string name="custom_options_title">Opcje użytkownika</string>
   <string name="edit_vpn">Edytuj ustawienia VPN</string>
   <string name="remove_vpn_query">Usunąć profil VPN \'%s\'?</string>
@@ -93,14 +103,22 @@
   <string name="last_openvpn_tun_config">Otwieram interfejs tun:</string>
   <string name="local_ip_info">Lokalne IPv4: %1$s/%2$d IPv6: %3$s MTU: %4$d</string>
   <string name="dns_server_info">Serwer DNS: %1$s, Domena: %2$s</string>
+  <string name="routes_info_incl">Trasy: %1$s %2$s</string>
+  <string name="routes_info_excl">Wykluczone trasy: %1$s %2$s</string>
+  <string name="routes_debug">VpnService dodano trasy: %1$s %2$s</string>
+  <string name="ip_not_cidr">Interfejs uzyskał %1$s oraz %2$s, zakładam, że drugi adres jest adresem zdalnym - peer. Użyto maski /32 dla lokalnego IP. Tryb OpenVPN to \"%3$s\".</string>
+  <string name="route_not_cidr">%1$s i %2$s, nie są trasami IP w formacie CIDR, używam /32 jako maski sieci.</string>
+  <string name="route_not_netip">Poprawiłem trasę %1$s/%2$s na %3$s/%2$s</string>
+  <string name="keychain_access">Nie mam dostępu do pęku kluczy Androida. Może być to spowodowane aktualizacją systemu lub przywróceniem kopii aplikacji lub jej opcji. Proszę, edytuj połączenie VPN i wybierz ponownie certyfikat w opcjach, w celu odtworzenia pozwoleń dostępu do certyfikatu.</string>
   <string name="version_info">%1$s %2$s</string>
   <string name="send_logfile">Wyślij loga</string>
   <string name="send">Wyślij</string>
   <string name="ics_openvpn_log_file">Plik logów ICS OpenVPN</string>
   <string name="copied_entry">Skopiowano log do schowka</string>
   <string name="tap_mode">Tryb TAP</string>
-  <string name="faq_tap_mode">Tryb TAP nie jest możliwy z nierootwanym API VPN. Dlatego ta aplikacja nie zapewnia wsparcia TAP</string>
-  <string name="tap_faq2">Znowu. Żartujesz sobie? Tryb tap jest naprawdę nie wspierany, a wysyłanie więcej maili o to czy będzie wsparcie wcale nie pomoże.</string>
+  <string name="faq_tap_mode">Tryb tap nie jest możliwy z API VPN bez użycia root-a. W związku z powyższym ta aplikacja nie wspiera tap</string>
+  <string name="tap_faq2">Jeszcze raz?! Raczysz sobie żartować... Tryb tap naprawdę nie jest wspierany, a zasypywanie mnie wiadomościami z tego typu pytaniami naprawdę, ale to naprawdę nie pomaga...</string>
+  <string name="tap_faq3">Trzeci raz?! Właściwie można by napisać emulator tap bazując na tun, który dodawałby informacje layer2 przy wysyłaniu oraz ucinał opcje L2 przy odbiorze. No, ale wymagałoby to zaimplementowania ARP - i pewnie klienta DHCP. Pierwsze słyszę, by ktoś w ogóle to robił - skontaktuj się ze mną, jeśli masz plan pomocy przy współtworzeniu wspomnianego emulatora.</string>
   <string name="faq">FAQ</string>
   <string name="copying_log_entries">Kopiowanie wpisów dziennika</string>
   <string name="faq_copying">Aby skopiować pojedynczy wpis dziennika, naciśnij i przytrzymaj interesującą Cię pozycję. Celem skopiowania całego dziennika, należy użyć opcji Wyślij Log - jeżeli nie jest widoczna, użyj klawisza menu na obudowie urządzenia.</string>
@@ -110,75 +128,104 @@
   <string name="encryption">Szyfrowanie</string>
   <string name="cipher_dialog_title">Wprowadź metodę szyfrowania</string>
   <string name="chipher_dialog_message">Wybierz algorytm szyfrowania wykorzystywany przez OpenVPN. Pozostaw puste, aby skorzystać z ustawień domyślnych.</string>
-  <string name="auth_dialog_message">Wprowadź dane logowania użyte do OpenVPN. Pozostaw puste, aby skorzystać z ustawień domyślnych.</string>
+  <string name="auth_dialog_message">Wprowadź tryb autoryzacji używany z OpenVPN. Pozostaw puste, aby skorzystać z ustawień domyślnych.</string>
   <string name="settings_auth">Uwierzytelnianie/Szyfrowanie</string>
-  <string name="file_explorer_tab">Manager plików</string>
+  <string name="file_explorer_tab">Przeglądanie plików</string>
+  <string name="inline_file_tab">Zawarte w pliku</string>
   <string name="error_importing_file">Błąd importu pliku</string>
   <string name="import_error_message">Nie można zaimportować pliku z systemu</string>
   <string name="inline_file_data">[[Inline file data]]</string>
+  <string name="opentun_no_ipaddr">Odmowa otwarcia urządzenia tun bez informacji o IP</string>
   <string name="menu_import">Wczytaj profil z pliku ovpn</string>
-  <string name="menu_import_short">Wczytaj</string>
+  <string name="menu_import_short">Importuj</string>
   <string name="import_content_resolve_error">Nie można odczytać Profilu do importu</string>
   <string name="error_reading_config_file">Błąd podczas czytania pliku konfiguracyjnego</string>
   <string name="add_profile">Dodaj profil</string>
   <string name="import_could_not_open">Nie można znaleźć pliku %1$s zawartego w zaimportowanym pliku</string>
   <string name="importing_config">Importowanie pliku konfiguracyjnego ze źródła %1$s</string>
-  <string name="import_done">Skończono czytać plik konfiguracyjny.</string>
+  <string name="import_warning_custom_options">Importowana konfiguracja zawierała kilka opcji, które nie są przypisane w interfejsie graficznym. Opcje te zostały dodane jako opcje dodatkowe. Opcje te wyświetlono poniżej:</string>
+  <string name="import_done">Pomyślnie przeczytano plik konfiguracyjny.</string>
   <string name="nobind_summary">Nie przypisuj do lokalnego adresu i portu</string>
+  <string name="no_bind">Nie wiąż lokalnie</string>
   <string name="import_configuration_file">Importuj plik konfiguracji</string>
+  <string name="faq_security_title">Zagadnienia dotyczące bezpieczeństwa</string>
+  <string name="faq_security">"Jako, że OpenVPN jest wrażliwe na bezpieczeństwo, kilka rozsądnych zdań na ten temat. Wszystke dane na karcie SD z zasady nie są bezpieczne. Każda aplikacja może je odczytać - dla przykładu, ten program nie wymaga żadnych specjalnych uprawnień do odczytu karty SD. Dane tej aplikacji mogą być odczytywane tylko przez nią samą. Używając opcji importu certyfikatów/CA lub kluczy, dane przechowywane są w profilu VPN. Profile VPN odczytywalne są tylko przez tę aplikację. (Nie zapomnij usunąc kopii z karty SD po imporcie). Rootując telefon, lub używając innych exploitów istnieje pradopodobieństwo odczytu tych danych. Zapisane hasła przechowywane są w postaci czystego tekstu. W przypadku plików PKCS12, jest wysoce zalecane, aby zaimportować je do magazynu kluczy Android."</string>
   <string name="import_vpn">Importuj</string>
+  <string name="broken_image_cert_title">Błąd przy wyświetlaniu wyboru certyfikatu</string>
+  <string name="broken_image_cert">Wystąpił wyjątek w trakcie próby wyświetlenia okna z wyborem certyfikatu. To w ogóle nie powinno się zdarzyć, gdyż jest to standardowa opcja Androida 4.0+. Być może wsparcie dla magazynu certyfikatów w Twoim ROMie jest źle zaimplementowane</string>
   <string name="ipv4">IPv4</string>
   <string name="ipv6">IPv6</string>
   <string name="speed_waiting">Oczekiwanie na wiadomość powitalną&#8230;</string>
+  <string name="converted_profile">profil zaimportowany</string>
+  <string name="converted_profile_i">zaimportowano profil %d</string>
   <string name="broken_images">Uszkodzone obrazy</string>
+  <string name="broken_images_faq">&lt;p&gt; Oficjalne obrazy HTC są znane z posiadania dziwnych problemów z routingiem powodując, że dane nie przepływają przez tunel (sprawdź także &lt;a href=\"https://github.com/schwabe/ics-openvpn/issues/18\"&gt;Issue 18&lt;/a&gt; w śledzeniu błędów). &lt;/p&gt;&lt;p&gt; Starsze oficjalne obrazy SONY dla Xperia Arc S oraz Xperia Ray są znane z całkowitego braku VPNService w obrazie. (Sprawdź także &lt;a href=\"https://github.com/schwabe/ics-openvpn/issues/29\"&gt;Issue 29&lt;/a&gt; w śledzeniu błędów). &lt;/p&gt;&lt;p&gt; We własnoręcznie kompilowanych obrazach może brakować modułu TUN, lub prawa dostępu do /dev/tun mogą być nieprawidłowe. Niektóre obrazy CM9 mogą wymagać opcji \"Popraw prawa dostępu\" w zakładce \"Dodatkowe opcje urządzenia\". &lt;/p&gt;&lt;p&gt;Co najważniejsze: jeśli Twoje urządzenie ma błędy w Android, zgłoś to producentowi. Im więcej osób zgłasza problemy, tym większe prawdopodobieństwo ich poprawy. &lt;/p&gt;</string>
   <string name="pkcs12_file_encryption_key">Klucz pliku PKCS12</string>
   <string name="private_key_password">Hasło klucza prywatnego</string>
   <string name="password">Hasło</string>
   <string name="file_icon">plik ikony</string>
   <string name="tls_authentication">Uwierzytelnianie TLS</string>
-  <string name="generated_config">Wygenerowana konfiguracja</string>
+  <string name="generated_config">Utworzona konfiguracja</string>
   <string name="generalsettings">Ustawienia</string>
+  <string name="owner_fix_summary">Stara się ustawić właściciela /dev/tun na system. Niektóre obrazy CM9 wymagają tego, aby API VPNService zaczęło działać. Wymaga root-a.</string>
   <string name="owner_fix">Popraw uprawnienia do /dev/tun</string>
   <string name="generated_config_summary">Pokazuje wygenerowany plik konfiguracji OpenVPN</string>
-  <string name="edit_profile_title">Edycja \"%s\"</string>
+  <string name="edit_profile_title">Edytujesz \"%s\"</string>
   <string name="building_configration">Tworzenie konfiguracji&#8230;</string>
   <string name="netchange_summary">Włączenie tej opcji spowoduje ponowne połączenie jeśli stan sieci się zmienił (np. z WiFi na GSM)</string>
   <string name="netchange">Połącz ponownie przy zmianie sieci</string>
-  <string name="netstatus">Status sieci: %s</string>
+  <string name="netstatus">Stan sieci: %s</string>
+  <string name="extracahint">Certyfikat CA z reguły zwracany jest z pęku kluczy Androida. Wybierz zewnętrzny certyfikat, jeśli występują błędy w weryfikacji.</string>
   <string name="select_file">Wybierz</string>
+  <string name="keychain_nocacert">Brak certyfikatu CA zwróconego z pęku kluczy Androida. Autoryzacja najprawdopodobniej nie powiedzie się.</string>
+  <string name="show_log_summary">Pokazuje okno dziennika przy łączeniu. Do okna dziennika można dostać się zawsze z paska powiadomień.</string>
   <string name="show_log_window">Pokaż okno loga</string>
+  <string name="mobile_info">%10$s %9$s na %3$s %1$s (%2$s), Android %6$s (%7$s) API %4$d, ABI %5$s, (%8$s)</string>
+  <string name="error_rsa_sign">Błąd podpisania kluczem z pęku kluczy Androida %1$s: %2$s</string>
+  <string name="faq_system_dialogs">Ostrzeżenie przy połączeniu VPN informuje Cię, że ta aplikacja przekierowuje cały ruch jest narzucona przez system w celu zapobieżenia nadużyciom API VPNService.\nPowiadomienie połączenia VPN (znak klucza) jest także narzucone przez Android, aby zasygnalizować połączenie z siecią VPN. Na niektórych obrazach Android to powiadomienie odtwarza dźwięk.\nAndroid wprowadził te dialogi systemowe dla Twojego bezpieczeństwa i aby upewnić się, że nie można ich obejść. (Niestety, na niektórych obrazach to także implikuje wydanie dźwięku)</string>
   <string name="faq_system_dialogs_title">Ostrzeżenie połączeń oraz dźwięki powiadomień</string>
   <string name="translationby">Angielskie tłumaczenie Arne Schwabe&lt;arne@rfc2549.org&gt;</string>
   <string name="ipdns">IP i DNS</string>
   <string name="basic">Podstawowe</string>
   <string name="routing">Routing</string>
+  <string name="obscure">Niejasne ustawienia OpenVPN. Zazwyczaj nie są potrzebne.</string>
   <string name="advanced">Zaawansowane</string>
-  <string name="export_config_title">Konfiguracja ICS Openvpn</string>
+  <string name="export_config_title">Konfiguracja Openvpn ICS</string>
+  <string name="warn_no_dns">Nie są używane żadne serwery DNS. Rozpoznawanie nazw może nie działać. Rozważ ustawienie własnych serwerów DNS. Miej również na uwadze, że Android nadal będzie korzystać z ustawień proxy Twojego połączenia mobilnego/Wi-Fi, nawet gdy opcje DNS nie są ustawione.</string>
   <string name="dns_add_error">Nie można dodać serwera DNS \"%1$s\", odrzucone przez system: %2$s</string>
+  <string name="ip_add_error">Nie można skonfigurować adresu IP \"%1$s\", odrzucone przez system: %2$s</string>
+  <string name="faq_howto">&lt;p&gt;Przygotuj działającą konfigurację (sprawdzoną na Twoim komputerze lub pobraną od Twojego dostawcy/pracodawcy)&lt;/p&gt;&lt;p&gt;Jeśli, jest to jeden plik - bez dodatkowych plików pem/pkcs12 - możesz taki plik wysłać do siebie e-mailem i otworzyć załącznik. Jeśli masz więcej, niż jeden plik - pobierz je na kartę SD.&lt;/p&gt;&lt;p&gt;Kliknij na załącznik w e-mailu/użyj ikony folderu na liście VPN, aby zaimportować plik konfiguracyjny.&lt;/p&gt;&lt;p&gt;Jeśli występują błędy brakującego pliku - umieść je na karcie SD.&lt;/p&gt;&lt;p&gt;Kliknij na ikonę zapisu, aby dodać zaimportowaną konfigurację do Twojej listy.&lt;/p&gt;&lt;p&gt;Połącz się z VPN klikając na nazwę połączenia VPN&lt;/p&gt;&lt;p&gt;Jeśli występują błędy/ostrzeżenia w logu, spróbuj je namierzyć i poprawić&lt;/p&gt; </string>
   <string name="faq_howto_title">Szybki start</string>
   <string name="setting_loadtun_summary">Próba załadowania modułu tun.ko kernel przez próbą połączenia. Potrzeba rootowanych urządzeń.</string>
   <string name="setting_loadtun">Załaduj moduł tun</string>
-  <string name="importpkcs12fromconfig">Importuj PKCS12 z konfiguracji do slepu kluczy Androida</string>
-  <string name="getproxy_error">Błąd ustawień proxy: %s</string>
-  <string name="using_proxy">Użycie proxy %1$s%2$d</string>
+  <string name="importpkcs12fromconfig">Importuj PKCS12 z konfiguracji do pęku kluczy Androida</string>
+  <string name="getproxy_error">Błąd pobierania ustawień proxy: %s</string>
+  <string name="using_proxy">Używam proxy %1$s%2$d</string>
   <string name="use_system_proxy">Użyj proxy systemowego</string>
-  <string name="use_system_proxy_summary">Użyj konfiguracji systemowej dla HTTP/HTTPS proxy w celu połączenia.</string>
+  <string name="use_system_proxy_summary">Połącz używając systemowej konfiguracji proxy HTTP/HTTPS.</string>
   <string name="donatewithpaypal">Możesz &lt;a href=\"https://www.paypal.com/cgi-bin/webscr?hosted_button_id=R2M6ZP9AF25LS&amp;amp;cmd=_s-xclick\"&gt;wspomóc przez PayPal&lt;/a&gt; </string>
-  <string name="onbootrestartsummary">OpenVPN połączy VPN jeśli był aktywny przy restarcie/zamknięciu systemu. Proszę przeczytać FAQ ostrzeżenia połączenia przez użyciem tej opcji.</string>
-  <string name="onbootrestart">Połącz przy reboocie</string>
+  <string name="onbootrestartsummary">OpenVPN połączy ponownie z VPN jeśli połączenie było aktywne przy restarcie/zamknięciu systemu. Przeczytaj proszę FAQ z ostrzeżeniami przed użyciem tej opcji.</string>
+  <string name="onbootrestart">Połącz po restarcie</string>
   <string name="ignore">Ignoruj</string>
-  <string name="restart">Restartuj</string>
+  <string name="restart">Uruchom ponownie</string>
   <string name="restart_vpn_after_change">Zmiany konfiguracji będą zatwierdzone po restarcie VPN. Uruchomić ponowie teraz?</string>
   <string name="configuration_changed">Zmieniono konfigurację</string>
   <string name="log_no_last_vpn">Nie można ustalić ostatnio połączonego profilu do edycji</string>
   <string name="faq_duplicate_notification_title">Podwójne powiadomienia</string>
-  <string name="no_vpn_profiles_defined">Nie zdefiniowano żadnego profilu.</string>
+  <string name="faq_duplicate_notification">Jeśli Android ma obciążoną pamięć (RAM), aplikacje i usługi, które nie są aktualnie potrzebne są usuwane z pamięci. To potrafi zakończyć aktualne połączenie VPN. Aby upewnić się, że połączenie/OpenVPN przetrwa usługa uruchomiona jest z wyższym priorytetem. Aby działać z wyższym priorytetem ta aplikacja musi wyświetlać powiadomienie. Ikona klucza jest narzucona przez system w sposób opisany w poprzednim wpisie FAQ. To nie liczy się jako powiadomienie w celu działania z wyższym priorytetem.</string>
+  <string name="no_vpn_profiles_defined">Brak połączeń VPN.</string>
+  <string name="add_new_vpn_hint">Użyj ikony &lt;img src=\"ic_menu_add\"/&gt; aby dodać nowe połączenie VPN</string>
+  <string name="vpn_import_hint">Użyj ikony &lt;img src=\"ic_menu_archive\"/&gt; aby zaimportować istniejący profil (.ovpn lub .conf) z karty SD.</string>
   <string name="faq_hint">Sprawdź także nasze FAQ. Znajdziesz tam krótki poradnik dla początkujących.</string>
   <string name="faq_routing_title">Konfiguracja trasy/interfejsu</string>
+  <string name="faq_routing">Konfiguracja routingu i interfejsów nie odbywa się za pomocą tradycyjnych komend ifconfig/route, lecz za pomocą API VPNService. Powoduje to inną konfigurację trasowania, niż ma to miejsce w innych systemach operacyjnych.\nKonfiguracja tunelu VPN składa się z listy adresów IP oraz sieci, które powinny być trasowane przez interfejs. Dzięki temu nie jest potrzebny ani wymagany adres peer\'a lub bramy. Trasy specjalne wymagane do połączenia z serwerem VPN także nie są wymagane (np. te dodawane w przypadku użycia redirect-gateway). Aplikacja podczas importu konsekwentnie ignoruje te ustawienia. Aplikacja poprzez API VPNService upewnia się, że połączenie do serwera nie jest realizowane przez tunel VPN.\nAPI VPNService nie zezwala na ustawianie sieci, które NIE powinny być trasowane przez VPN, jako obejście aplikacja stara się wykryć te sieci, które nie powinny być trasowane przez tunel (np. route x.x.x.x y.y.y.y net_gateway) i oblicza zestaw tras, które wyklucza emulując zachowanie na innych platformach. Okno dziennika pokazuje konfigurację VPNService podczas wykonywania połączenia.\nZa kulisami: Android 4.4+ używa polityki trasowania. Użycie route/ifconfig nie pokaże aktualnie zainstalowanych tras. Zamiast tego użyj ip rule, iptables -t -mangle -L</string>
+  <string name="persisttun_summary">Nie używaj sieci niezabezpieczonych VPN podczas ponownego łączenia przez OpenVPN.</string>
   <string name="persistent_tun_title">Persistent tun</string>
   <string name="openvpn_log">Log OpenVPN</string>
   <string name="import_config">Importuj konfigurację OpenVPN</string>
   <string name="battery_consumption_title">Zużycie baterii</string>
+  <string name="baterry_consumption">Podczas osobistych testów odkryłem, iż głównym powodem sporego zużycia baterii przez OpenVPN są pakiety keepalive. Większość serwerów OpenVPN ma ustawienie \'keepalive 10 60\', które narzuca klientowi oraz serwerowi wymianę pakietów keepalive co 10 sekund. &lt;p&gt; Podczas, gdy te pakiety są małe i nie zużywają wiele pasma, utrzymują one radio komórkowe w trybie pracy i zwiększają zużycie energii. (Sprawdź także &lt;a href=\"http://developer.android.com/training/efficient-downloads/efficient-network-access.html#RadioStateMachine\"&gt;The Radio State Machine | Android Developers&lt;/a&gt;) &lt;p&gt; Ustawienie keepalive nie może być zmienione po stronie klienta. Tylko administrator serwera OpenVPN jest w stanie zmienić to ustawienie. &lt;p&gt; Niestety, w przypadku UDP niektóre konfiguracje NAT źle tolerują ustawienie keepalive większe niż 60 sekund powodując odrzucanie pakietów z powodu nieaktywności połączenia.  Używanie protokółu TCP z większym timeout działa, jednak tunelowanie TCP-po-TCP bardzo źle się sprawuje przy połączeniach z dużą stratnością pakietów. (See &lt;a href=\"http://sites.inka.de/bigred/devel/tcp-tcp.html\"&gt;Why TCP Over TCP Is A Bad Idea&lt;/a&gt;)</string>
+  <string name="faq_tethering">Funkcja Android Tethering (przez WiFi, USB lub Bluetooth) i interfejs API VPNService (stosowany przez ten program) nie działają razem. Aby uzyskać więcej informacji zobacz &lt;href=\"https://github.com/schwabe/ics-openvpn/issues/34\"&gt; problem #34 &lt;/a&gt;</string>
   <string name="vpn_tethering_title">VPN i Tethering</string>
   <string name="connection_retries">Próby połączenia</string>
   <string name="reconnection_settings">Ustawienia ponownego połączenia</string>
@@ -210,9 +257,9 @@
   <string name="start_vpn_title">Łączę z VPN %s</string>
   <string name="start_vpn_ticker">Łączę z VPN %s</string>
   <string name="jelly_keystore_alphanumeric_bug">Niektóre wersje Androida 4.1 mają problemy, jeśli nazwa certyfikatu zawiera niealfanumeryczne znaki (spacje, podkreślenia, myślniki). Spróbuj zaimportować certyfikat bez znaków specjalnych</string>
+  <string name="encryption_cipher">Szyfr kodujący</string>
   <string name="packet_auth">Pakiety uwierzytelniania</string>
   <string name="auth_dialog_title">Wpisz metodę uwierzytelniania pakietów</string>
-  <string name="mobile_info_extended">Działa na %1$s (%2$s) %3$s, Android API %4$d, wersja %5$s, %6$s</string>
   <string name="built_by">zbudowany przez %s</string>
   <string name="debug_build">Kompilacja z debugiem</string>
   <string name="official_build">Oficjalna kompilacja</string>
@@ -227,6 +274,7 @@
   <string name="tls_remote_deprecated">tls-remote (PRZESTARZAŁE)</string>
   <string name="help_translate">Możesz pomóc w tłumaczeniu odwiedzająć http://crowdin.net/project/ics-openvpn/invite</string>
   <string name="prompt">%1$s próby kontroli %2$s</string>
+  <string name="remote_warning">Akceptując, dajesz aplikacji uprawnienia do pełnego kontrolowania przez OpenVPN całego ruchu sieciowego. <b>Nie akceptuj, jeżeli nie ufasz aplikacji w pełni. </b> W przeciwnym razie istnieje ryzyko przejęcia danych przez złośliwe oprogramowanie</string>
   <string name="remote_trust">Ufam tej aplikacji.</string>
   <string name="no_external_app_allowed">Żadna aplikacja nie ma pozwolenia do używania zewnętrznego API</string>
   <string name="allowed_apps">Dozwolone aplikacje: %s</string>
@@ -260,4 +308,81 @@
   <string name="uploaded_data">Wysyłanie</string>
   <string name="downloaded_data">Pobieranie</string>
   <string name="vpn_status">Status VPN</string>
+  <string name="logview_options">Opcje widoku</string>
+  <string name="unhandled_exception">Nieobsługiwany wyjątek: %1$s\n\n%2$s</string>
+  <string name="unhandled_exception_context">%3$s: %1$s\n\n%2$s</string>
+  <string name="full_licenses">Pełne licencje</string>
+  <string name="blocklocal_summary">Sieci połączone bezpośrednio do lokalnych interfejsów nie będą kierowane przez VPN. Odznaczając tę opcję przeniesiesz cały ruch przeznaczony dla sieci lokalnych przez VPN.</string>
+  <string name="blocklocal_title">Obejdź VPN dla sieci lokalnych</string>
+  <string name="userpw_file">Plik użytkowników/haseł</string>
+  <string name="imported_from_file">[Importowane z: %s]</string>
+  <string name="files_missing_hint">Nie mogę odnaleźć niektórych plików. Wybierz je, aby zaimportować profil:</string>
+  <string name="openvpn_is_no_free_vpn">Aby skorzystać z tej aplikacji potrzebujesz dostawcy lub bramy VPN obsługującej OpenVPN (często świadczonych przez pracodawcę). Aby uzyskać więcej informacji o OpenVPN i dowiedzieć się jak stworzyć własny serwer zajrzyj na http://community.openvpn.net/</string>
+  <string name="import_log">Dziennik importu:</string>
+  <string name="ip_looks_like_subnet">Określono topologię \"%3$s\", jednak ifconfig %1$s %2$s wygląda bardziej na adres IP z maską. Zakładam, że chodzi o topologię \"subnet\".</string>
+  <string name="mssfix_invalid_value">Wartość nadpisywania MSS musi być liczbą całkowitą pomiędzy 0 i 9000</string>
+  <string name="mssfix_value_dialog">Ogłasza sesjom TCP przekazywanym przez tunel, że powinny ograniczyć wielkość pakietu tak, aby po enkapsulacji przez OpenVPN wynikowy rozmiar pakietu UDP wysyłanego przez VPN do peer\'a nie przekraczał tej liczby bajtów (domyślnie 1450)</string>
+  <string name="mssfix_checkbox">Zastępuje wartość MSS pakietu TCP</string>
+  <string name="mssfix_dialogtitle">Ustaw wartość MSS pakietu TCP</string>
+  <string name="client_behaviour">Zachowanie klienta</string>
+  <string name="clear_external_apps">Wyczyść dozwolone aplikacje</string>
+  <string name="loading">Trwa ładowanie&#8230;</string>
+  <string name="allowed_vpn_apps_info">Dozwolone aplikacje VPN: %1$s</string>
+  <string name="disallowed_vpn_apps_info">Niedozwolone aplikacje VPN: %1$s</string>
+  <string name="app_no_longer_exists">Aplikacja %s nie jest już zainstalowana, usuwam ją z listy dozwolonych/zabronionych</string>
+  <string name="vpn_disallow_radio">VPN jest używany dla wszystkich aplikacji, ale wyklucza wybrane</string>
+  <string name="vpn_allow_radio">VPN jest używany tylko dla wybranych aplikacji</string>
+  <string name="query_delete_remote">Usunąć wpis serwera?</string>
+  <string name="keep">Zachowaj</string>
+  <string name="delete">Usuń</string>
+  <string name="add_remote">Dodaj nowy</string>
+  <string name="remote_random">Użyj wpisów w losowej kolejności przy próbie połączenia</string>
+  <string name="remote_no_server_selected">Musisz zdefiniować i włączyć co najmniej jeden serwer.</string>
+  <string name="server_list">Lista serwerów</string>
+  <string name="vpn_allowed_apps">Dozwolone aplikacje</string>
+  <string name="advanced_settings">Opcje zaawansowane</string>
+  <string name="payload_options">Opcje ładunku</string>
+  <string name="tls_settings">Ustawienia TLS</string>
+  <string name="no_remote_defined">Nie ustawiono zdalnego</string>
+  <string name="duplicate_vpn">Powiel profil VPN</string>
+  <string name="duplicate_profile_title">Powielam profil: %s</string>
+  <string name="show_log">Pokaż dziennik</string>
+  <string name="faq_androids_clients_title">Różnice pomiędzy klientami OpenVPN dla Androida</string>
+  <string name="ignore_multicast_route">Ignoruj trasę multicast: %s</string>
+  <string name="ab_only_cidr">Android wspiera tylko trasy CIDR w sieci VPN. Jako, że trasy nie-CIDR nie są powszechnie używane, OpenVPN dla Androida użyje /32 dla tras w formacie nie-CIDR i wyświetli błąd.</string>
+  <string name="ab_tethering_44">Tethering działa podczas połączenia z VPN. Udostępnione połączenie NIE będzie używało VPN.</string>
+  <string name="ab_kitkat_mss">Wczesne wersje KitKat ustawiają złą wartość MSS połączeń TCP (#61948). Spróbuj ustawić opcję mssfix w celu obejścia tego problemu.</string>
+  <string name="ab_lollipop_reinstall">Aplikacje VPN mogą przestać działać po odinstalowaniu i ponownej instalacji. W celu uzyskania szczegółów zobacz #80074</string>
+  <string name="ab_secondary_users">VPN absolutnie nie działa dla dodatkowych użytkowników.</string>
+  <string name="ab_kitkat_reconnect">"Jest grono użytkowników, którzy donoszą, iż podczas używania aplikacji VPN połączenie danych/komórkowe jest często zrywane. Zachowanie to wydaje się dotykać niewielkiej liczby urządzeń/dostawców danych komórkowych - na tę chwilę nieznana jest przyczyna, ani rozwiązanie problemu."</string>
+  <string name="ab_only_cidr_title">Trasy nie-CIDR</string>
+  <string name="ab_proxy_title">Zachowanie Proxy w sieci VPN</string>
+  <string name="ab_lollipop_reinstall_title">Ponowna instalacja aplikacji VPN</string>
+  <string name="version_upto">%s i wcześniejsze</string>
+  <string name="copy_of_profile">Kopia %s</string>
+  <string name="ab_not_route_to_vpn_title">Trasa do skonfigurowanego adresu IP</string>
+  <string name="ab_kitkat_mss_title">Błędna wartość MSS dla połączenia VPN</string>
+  <string name="ab_secondary_users_title">Dodatkowi użytkownicy tabletu</string>
+  <string name="custom_connection_options_warng">Określ własne opcje dla połączenia. Używaj z rozwagą</string>
+  <string name="custom_connection_options">Opcje niestandardowe</string>
+  <string name="remove_connection_entry">Usuń wpis połączenia</string>
+  <string name="ab_kitkat_reconnect_title">Losowe rozłączenia z sieci komórkowej</string>
+  <string name="ab_vpn_reachability_44_title">Zdalne sieci nie są osiągalne</string>
+  <string name="ab_persist_tun_title">Tryb persist tun</string>
+  <string name="version_and_later">%s i późniejsze</string>
+  <string name="message_no_user_edit">Ten profil został dodany przez zewnętrzną aplikację (%s) i został oznaczony jako nie edytowalny przez użytkownika.</string>
+  <string name="crl_file">Listy odwoławcze CRL</string>
+  <string name="service_restarted">Restartuję usługę OpenVPN (Aplikacja wywaliła się lub zabito ją z powodu braku pamięci)</string>
+  <string name="import_config_error">Importowanie konfiguracji wyrzuciło błąd, nie mogę tego zapisać</string>
+  <string name="Search">Szukaj</string>
+  <string name="lastdumpdate">(Ostatni zrzut sprzed %1$d:%2$dh, (%3$s))</string>
+  <string name="clear_log_on_connect">Wyczyść dziennik przy nowym połączeniu</string>
+  <string name="connect_timeout">Limit czasu połączenia</string>
+  <string name="no_allowed_app">Dodano niedozwoloną aplikację. Dodaję siebie (%s), żeby mieć przynajmniej jedną aplikację w liście dozwolonych aplikacji, aby nie pozwolić wszystkim aplikacjom</string>
+  <string name="query_permissions_sdcard">OpenVPN dla Android spróbuje automatycznie wykryć brakujące pliki na karcie SD. Dotknij tego komunikatu, aby żądać uprawnień.</string>
+  <string name="protocol">Protokół</string>
+  <string name="enabled_connection_entry">Włączony</string>
+  <string name="months_left">pozostało %d miesięcy</string>
+  <string name="days_left">pozostało %d dni</string>
+  <string name="hours_left">pozostało %d godzin</string>
 </resources>
diff --git a/app/src/main/res/values-ro/strings-icsopenvpn.xml b/app/src/main/res/values-ro/strings-icsopenvpn.xml
index b368995d..ded69fb7 100755
--- a/app/src/main/res/values-ro/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-ro/strings-icsopenvpn.xml
@@ -174,7 +174,6 @@
   <string name="keychain_nocacert">Nici un certificat CA nu a fost returnat la citirea din keystore-ul Android. Autentificarea probabil va eşua.</string>
   <string name="show_log_summary">Afişează fereastra jurnal la conectare. Fereastra jurnal poate fi accesată oricând din statusul notificare.</string>
   <string name="show_log_window">Arată fereastra Jurnal</string>
-  <string name="mobile_info">Rulează pe %1$s (%2$s) %3$s, Android API %4$d</string>
   <string name="error_rsa_sign">Eroare semnare cu Android keystore key %1$s: %2$s</string>
   <string name="faq_system_dialogs">Avertizarea la conexiunea VPN ce vă spune că această aplicaţie poate intercepta întreg traficul este impusă de sistem pentru a preveni abuzul funcţiei API VPNService.\nNotificarea de conexiune VPN(simbolul cheie)este de asemenea impusă de sistemul Android pentru a semnala o conexiune VPN în derulare. În cadrul unor imagini această notificare face şi un sunet.\nAndroid a introdus aceste notificări pentru siguranţa dvs. şi este asigurat că nu pot fi evitate. (Din păcate în anumite imagini acestea includ şi un sunet de notificare)</string>
   <string name="faq_system_dialogs_title">Alertă conexiune şi sunet notificare</string>
@@ -252,7 +251,6 @@
   <string name="encryption_cipher">Cifru criptare</string>
   <string name="packet_auth">Autentificare pachete</string>
   <string name="auth_dialog_title">Introduceţi metoda de autentificare de pachete</string>
-  <string name="mobile_info_extended">Rulează pe %1$s (%2$s) %3$s, Android API %4$d, versiunea %5$s, %6$s</string>
   <string name="built_by">compilat de %s</string>
   <string name="debug_build">versiune debug</string>
   <string name="official_build">versiune oficială</string>
diff --git a/app/src/main/res/values-ru/strings-icsopenvpn.xml b/app/src/main/res/values-ru/strings-icsopenvpn.xml
index 4af9e15c..921b5342 100755
--- a/app/src/main/res/values-ru/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-ru/strings-icsopenvpn.xml
@@ -180,7 +180,6 @@
   <string name="keychain_nocacert">Не удалось получить CA из хранилища ключей Android. Аутентификация не удалась.</string>
   <string name="show_log_summary">Показывает окно журнала при подключении. Окно журнала всегда может быть доступно из панели уведомлений.</string>
   <string name="show_log_window">Показать окно журнала</string>
-  <string name="mobile_info">Работает на %1$s (%2$s) %3$s, Android API %4$d</string>
   <string name="error_rsa_sign">Ошибка подписи с использованием ключа из хранилища Android %1$s: %2$s</string>
   <string name="faq_system_dialogs">Предупреждение VPN соединения сообщает вам, что это приложение может перехватывать весь сетевой трафик, и сообщается системой предупреждений VPNService API.\nИзвещение о VPN соединении (символ \"Ключа\") также формируется системой Android для сигнализации исходящего VPN соединения. В некоторых прошивках это оповещение сопровождается сигналом.\nAndroid использует эти оповещения для вашей собственной безопасности и из нельзя обойти. (К сожалению, на некоторых прошивках также издается оповещение звуком)</string>
   <string name="faq_system_dialogs_title">Сообщение о подключении и звук уведомления</string>
@@ -260,7 +259,6 @@
   <string name="encryption_cipher">Алгоритм шифрования</string>
   <string name="packet_auth">Проверка подлинности пакетов</string>
   <string name="auth_dialog_title">Укажите метод проверки подлинности пакетов</string>
-  <string name="mobile_info_extended">Запущен на %1$s (%2$s) %3$s, Android API %4$d, версии %5$s, %6$s</string>
   <string name="built_by">создан %s</string>
   <string name="debug_build">сборка для отладки</string>
   <string name="official_build">официальная сборка</string>
@@ -323,4 +321,55 @@
   <string name="openvpn_is_no_free_vpn">Для использования данного приложения Вам необходим VPN провайдер/шлюз поддерживающий OpenVPN. Для получения информации по настройке собственного OpenVPN сервера: http://community.openvpn.net/</string>
   <string name="import_log">Лог импорта:</string>
   <string name="ip_looks_like_subnet">VPN топологии «%3$s» указан но ifconfig %1$s %2$s выглядит больше как IP-адрес с маской сети. Если топология «подсеть».</string>
+  <string name="mssfix_invalid_value">Значение, перезаписывающее MSS, должно быть целым числом от 0 до 9000</string>
+  <string name="mssfix_value_dialog">Объявить TCP сессиям, работающим через туннель, что они должны ограниччить размер своих пакетов так, чтобы после их инкапсуляции OpenVPN, результирующий размер UDP пакета, который OpenVPN посылает своим пирам, не превышал это число байт. (1450 по умолчанию)</string>
+  <string name="mssfix_checkbox">Переписать значение MSS для TCP нагрузки</string>
+  <string name="mssfix_dialogtitle">Задать MSS для TCP нагрузки</string>
+  <string name="client_behaviour">Поведение клиента-программы</string>
+  <string name="clear_external_apps">Очистить разрешенные внешние приложения</string>
+  <string name="loading">Загружается&#8230;</string>
+  <string name="allowed_vpn_apps_info">Разрешенные VPN приложения: %1$s</string>
+  <string name="disallowed_vpn_apps_info">Запрещенные VPN приложения: %1$s</string>
+  <string name="app_no_longer_exists">Пакет %s больше не установлен, происходит его удаление из списка разрешенных/запрещенных приложений</string>
+  <string name="vpn_disallow_radio">Использовать VPN для всех приложений, кроме выбранных</string>
+  <string name="vpn_allow_radio">Использовать VPN только для выбранных приложений</string>
+  <string name="query_delete_remote">Убрать запись удаленного сервера?</string>
+  <string name="keep">Сохранить</string>
+  <string name="delete">Удалить</string>
+  <string name="add_remote">Добавить новую удаленку</string>
+  <string name="remote_random">Использовать список подключений в случайном порядке при соединении</string>
+  <string name="remote_no_server_selected">Вы должны определить и включить как минумум один удаленный сервер.</string>
+  <string name="server_list">Список серверов</string>
+  <string name="vpn_allowed_apps">Разрешенные Приложения</string>
+  <string name="advanced_settings">Расширенные настройки</string>
+  <string name="payload_options">Опции нагрузки</string>
+  <string name="tls_settings">Настройки TLS</string>
+  <string name="no_remote_defined">Нет заданной удаленки</string>
+  <string name="duplicate_vpn">Дублировать VPN профиль</string>
+  <string name="duplicate_profile_title">Дублирование профиля: %s</string>
+  <string name="show_log">Показать журнал</string>
+  <string name="faq_android_clients">Существуют различные OpenVPN клиенты для Android. Самые распространенные - OpenVPN for Android (этот клиент), OpenVPN Connect и OpenVPN Settings.&lt;p&gt;Клиенты можно разделить на две группы: OpenVPN for Android и OpenVPN Connect используют официальный VPNService API (Android 4.0+) и не трубуют root-доступ, и OpenVPN Settings, который требует root.&lt;p&gt;OpenVPN for Android - клиент с открытым исходным кодом, который разработал Arne Schwabe. Он предназначен для более опытных пользователей и предоставляет много настроек и возможность испорта профилей из файлов и настраивать/изменять профили внутри приложения. Этот клиент основан на общественной версии OpenVPN. На исходном коде OpenVPN 2.x. Этот клиент может быть представлен как полуофициальный клиент сообщества. &lt;p&gt;OpenVPN Connect - клиент с закрытым исходным кодом, который разработан OpenVPN Technologies, Inc. Он призван для обычного использования и предназначен для средних пользователей, и позволяет импортировать профили из OpenVPN. Этот клиент основан на OpenVPN C++ и написал с использванием протокола OpenVPN (Это требовалось для разрешения OpenVPN Technologies, Inc опубликовать приложение OpenVPN на iOS). Этот клиент - официальный клиент OpenVPN technologies &lt;p&gt; OpenVPN Settings - старейший из клиентов, а также UI для OpenVPN с открытым исходным кодом. В отличие от OpenVPN  for Android, он требует root-прав и не использует VPNService API. Он не зависит от Android 4.0+</string>
+  <string name="faq_androids_clients_title">Различия между OpenVPN Android клиентами</string>
+  <string name="ignore_multicast_route">Игнорируется мультиадресный маршрут: %s</string>
+  <string name="ab_only_cidr">Android поддерживет только CIDR маршруты к VPN. Поскольку не CIDR маршруты почти никогда не используются, OpenVPN for Android будет использовать /32 для не CIDR маршрутов и выдавать предупреждение.</string>
+  <string name="ab_tethering_44">Тетеринг/раздача интернета работает, когда активен VPN. Модемное соединение (тетеринг) НЕ БУДЕТ использовать VPN.</string>
+  <string name="ab_kitkat_mss">Ранние версии KitKat устанавливают неверное значение MSS для TCP соединений (#61948). OpenVPN for Android автоматически включает опцию mssfix, чтобы обойти этот баг.</string>
+  <string name="ab_proxy">Android будет продолжать использовать ваши настройки прокси, указанные для мобильного/Wi-Fi соединения, когда не установлен DNS сервер. OpenVPN for Android предупредит вас об этом в журнале.<p>Когда VPN устанавливает DNS сервер Android не использует прокси. Для установки прокси для VPN соединения нет API.</p></string>
+  <string name="ab_lollipop_reinstall">VPN приложения могут перестать работать после удаления и повторной установки. Подробности см. #80074</string>
+  <string name="ab_not_route_to_vpn">IP сконфигурированного клиента и IPs в его сетевой маске немаршрутизированны к VPN. OpenVPN обходит этот баг, явно добавляя маршрут, который соответствует клиентскому IP и его сетевой маске</string>
+  <string name="ab_persist_tun">Открытие туннеля, когда туннель уже активен, для его постоянного удержания, может привести к ошибке и VPNServices закроется на устройстве. Для возобновления работы VPN требуется перезагрузка. OpenVPN for Android пытается избежать установки второго туннеля, и если действительно нужно - сначала закрывает текущий туннель, перед открытием нового, чтобы избежать краха программы. Это может привести к маленькому интервалу, в котором передача пакетов происходит по обычному (не VPN) соединению. Даже с этими ухищрениями VPNServices иногда крашится и требует перезагрузки устройства.</string>
+  <string name="ab_secondary_users">VPN не работает совсем для вторичных пользователей.</string>
+  <string name="ab_kitkat_reconnect">"Различные пользователи сообщают, что мобильная связь/мобильная передача данных часто обрывается, когда используется VPN приложение. Такое поведение, кажется, затрагивает только некторые комбинации провайдеров/устройств, и пока что не выявлена причина/нет обхода этого бага."</string>
+  <string name="ab_vpn_reachability_44">Адреса могут работать через VPN только те, которые доступны без VPN. IPv6 VPN не работают вообще.</string>
+  <string name="ab_only_cidr_title">Не CIDR маршруты</string>
+  <string name="ab_proxy_title">Поведение прокси для VPN</string>
+  <string name="ab_lollipop_reinstall_title">Переустанавливаются приложения VPN</string>
+  <string name="version_upto">%s и ранее</string>
+  <string name="copy_of_profile">Копия %s</string>
+  <string name="ab_not_route_to_vpn_title">Маршрутизация к установленному IP адресу</string>
+  <string name="ab_kitkat_mss_title">Неверное значение MSS для VPN соединения</string>
+  <string name="ab_secondary_users_title">Дополнительные пользователи устройства</string>
+  <string name="custom_connection_options_warng">Укажите особые пользовательские параметры подключения. Используйте с осторожностью</string>
+  <string name="custom_connection_options">Пользовательские Параметры</string>
+  <string name="remove_connection_entry">Удалить запись подключения</string>
 </resources>
diff --git a/app/src/main/res/values-sv/strings-icsopenvpn.xml b/app/src/main/res/values-sv/strings-icsopenvpn.xml
index 6ef522c4..b7510ef1 100755
--- a/app/src/main/res/values-sv/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-sv/strings-icsopenvpn.xml
@@ -87,7 +87,9 @@
   <string name="default_route_summary">Omdirigerar all trafik över VPN-anslutningen</string>
   <string name="use_default_title">Använd standardrutt</string>
   <string name="custom_route_message">Ange anpassade rutter. Skriv destination i CIDR-format. \"10.0.0.0/8 2002:: / 16\" dirigerar nätverk 10.0.0.0/8 och 2002:: / 16 över VPN.</string>
+  <string name="custom_route_message_excluded">Rutter som INTE bör dirigeras över VPN. Använd samma syntax som för ingående rutter.</string>
   <string name="custom_routes_title">Anpassade rutter</string>
+  <string name="custom_routes_title_excluded">Exkluderade nätverk</string>
   <string name="log_verbosity_level">Utförlighetsnivå för log</string>
   <string name="float_summary">Tillåter autentiserade paket från alla IP-adresser</string>
   <string name="float_title">Tillåt flytande server</string>
@@ -174,7 +176,6 @@
   <string name="keychain_nocacert">Inget CA certifikat returnerades från Android Keystore. Autenticering kommer troligen att misslyckas.</string>
   <string name="show_log_summary">Visar loggfönstret vid anslutning. Loggfönstret kan alltid nås från statusgardinen.</string>
   <string name="show_log_window">Visa loggfönstret</string>
-  <string name="mobile_info">Kör på %1$s (%2$s) %3$s, Android API %4$d</string>
   <string name="error_rsa_sign">Fel vid signering med Android keystore nyckeln %1$s: %2$s</string>
   <string name="faq_system_dialogs">Varningen vid VPN-anslutning som berättar att denna app kan avlyssna all trafik utfärdas av systemet för att förhindra missbruk av VPNService API.\nNotifieringen om VPN-anslutning (nyckelsymbolen) tillhandahålles också av Android-systemet för att signalera en pågående VPN-anslutning. På vissa ROM spelar denna notifiering ett ljud.\nAndroid har infört dessa dialogrutor och notifieringar för din egen säkerhet och kan inte undvikas. (På vissa ROM innehåller dessa tyvärr ljud)</string>
   <string name="faq_system_dialogs_title">Anslutnings varning och ljud</string>
@@ -251,7 +252,6 @@
   <string name="encryption_cipher">Krypteringschiffer</string>
   <string name="packet_auth">Paketautentisering</string>
   <string name="auth_dialog_title">Ange autentiseringsmetod för paket</string>
-  <string name="mobile_info_extended">Kör på %1$s (%2$s) %3$s, Android API %4$d, version %5$s, %6$s</string>
   <string name="built_by">byggd av %s</string>
   <string name="debug_build">felsöknings bygge</string>
   <string name="official_build">officiellt bygge</string>
diff --git a/app/src/main/res/values-sw600dp/dimens.xml b/app/src/main/res/values-sw600dp/dimens.xml
index 94a120d1..100861fc 100644
--- a/app/src/main/res/values-sw600dp/dimens.xml
+++ b/app/src/main/res/values-sw600dp/dimens.xml
@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!--
-  ~ Copyright (c) 2012-2014 Arne Schwabe
+  ~ Copyright (c) 2012-2016 Arne Schwabe
   ~ Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
   -->
 
diff --git a/app/src/main/res/values-sw600dp/styles.xml b/app/src/main/res/values-sw600dp/styles.xml
index c320388d..387b2a81 100644
--- a/app/src/main/res/values-sw600dp/styles.xml
+++ b/app/src/main/res/values-sw600dp/styles.xml
@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!--
-  ~ Copyright (c) 2012-2014 Arne Schwabe
+  ~ Copyright (c) 2012-2016 Arne Schwabe
   ~ Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
   -->
 
diff --git a/app/src/main/res/values-tr/strings-icsopenvpn.xml b/app/src/main/res/values-tr/strings-icsopenvpn.xml
index 106f407f..a9622ff1 100755
--- a/app/src/main/res/values-tr/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-tr/strings-icsopenvpn.xml
@@ -181,7 +181,7 @@
   <string name="keychain_nocacert">Hayır CA sertifikasını okurken Android deposunu döndürdü. Kimlik doğrulama muhtemelen başarısız olur.</string>
   <string name="show_log_summary">Bağlama kütüğü penceresi üzerinde gösterir. Kütüğü penceresi her zaman bildirim durumu erişilebilir.</string>
   <string name="show_log_window">Günlüğü penceresini göster</string>
-  <string name="mobile_info">%1$s (%2$s) %3$s, Android API %4$d d\'çalışması</string>
+  <string name="mobile_info">%10$s %9$s %3$s %1$s (%2$s), Android %6$s (%7$s) API %4$d, ABI %5$s, (%8$s) üzerinde çalışıyor</string>
   <string name="error_rsa_sign">Android deposunun anahtarı %1$s %2$s ile imzalama hatası</string>
   <string name="faq_system_dialogs">Bu app tüm trafiği geçirebilir belirten VPN bağlantısı uyarı dayatılan VPNService API.\nThe VPN bağlantısının istismarını önlemek için sistem tarafından bildirim (anahtar simgesi) da devam eden bir VPN bağlantısı sinyal için Android sistem tarafından uygulanmaktadır. Bu bildirim çalış bazı görüntülerde ses. \nAndroid kendi güvenliğiniz için bu sistem diyaloglar tanıttı ve circumenvented olamaz emin oldum. (Bazı görüntülerde bu unfortunely notifciation ses içerir)</string>
   <string name="faq_system_dialogs_title">Bağlantı uyarı ve bildirim sesi</string>
@@ -219,6 +219,7 @@
   <string name="vpn_import_hint">Kullanım &lt; img src = \"ic_menu_archive\" / &gt; simgesi sdcard (.ovpn veya .conf) bir profili almak için.</string>
   <string name="faq_hint">Ayrıca SSS kontrol etmeyi unutmayın. Hızlı Başlangıç Kılavuzu vardır.</string>
   <string name="faq_routing_title">Yönlendirme/arabirimi yapılandırması</string>
+  <string name="faq_routing">Yönlendirme ve arayüz konfigürasyonu klasik ifconfig / rota komutlarıyla değil VPNService API kullanarak yapılmaktadır. Bu diğer işletim sistemlerindekinden farklı bir yönlendirme konfigürasyonu gerektirmektedir.\n VPN tünelinin konfigürasyonu IP adresleri ve bu adreslerin bu arayüz üstünden yönlendirileceği ağlardan oluşur. Özellikle hiçbir eş ortak adresi ya da ağ geçidi adresi gerekli degildir. VPN sunucusuna ulaşmak için özel yollar (redirect-gateway kullanıldığında eklenenler gibi) da gerekli değildir. Bu sebepten dolayı uygulama, bir konfigurasyon alırken bu ayarları yoksayar. App, VPN Servis API\'sı ile sunucuyla olan bağlantının VPN tüneline yönlendirilmesini engeller.\n VPN servisi APIsı VPN üstünden yönlendirilmemesi gereken ağların belirtilmesine izin vermemektedir. Çözüm olarak program tünel üstünden yönlendirilmemesi gereken ağları (örneğin x.x.x.x y.y.y.y net_gateway rotası) bulmaya çalışıp bu rotaları içermeyen bir rota grubu oluşturarak diğer işletim sistemlerindeki davranışı oluşturur. Kütük penceresi VPN servisinin bağlantı sonucu oluşan konfigürasyonunu gösterir.\n Arka planda Android 4.4+ kural tabanlı yönlendirme kullanır. route/ifconfig komutları kullanılan rotaları göstermeyecektir. Bu komutlar yerine ip rule, iptables -t mangle -L komutlarını kullanın</string>
   <string name="persisttun_summary">OpenVPN yeniden bağlamadan zaman VPN bağlantısı değil geri dönüş yap</string>
   <string name="persistent_tun_title">Kalıcı tun</string>
   <string name="openvpn_log">OpenVPN kayıtları</string>
@@ -260,7 +261,6 @@
   <string name="encryption_cipher">Şifre şifresi</string>
   <string name="packet_auth">Paket kimlik doğrulama</string>
   <string name="auth_dialog_title">Paket kimlik doğrulama yöntemini girin</string>
-  <string name="mobile_info_extended">Çalışan %1$s (%2$s) %3$s, Android API %4$d, sürüm %5$s, %6$s</string>
   <string name="built_by">%s tarafından inşa</string>
   <string name="debug_build">hata ayıklama yapı</string>
   <string name="official_build">resmi yapı</string>
@@ -314,12 +314,16 @@
   <string name="logview_options">Görünüm seçenekleri</string>
   <string name="unhandled_exception">Kural dışı durum: %1$s\n\n%2$s</string>
   <string name="unhandled_exception_context">%3$s: %1$s\n\n%2$s</string>
+  <string name="faq_system_dialog_xposed">Eğer android cihazınızı rootladıysanız &lt;a href=\"http://xposed.info/\"&gt;Xposed &lt;/a&gt; ve &lt;a href=\"http://repo.xposed.info/module/de.blinkt.vpndialogxposed\"&gt;VPN Dialog confirm modülünü&lt;/a&gt; sorumluluğunu kendiniz alarak yükleyebilirsiniz</string>
   <string name="full_licenses">Lisanslar</string>
   <string name="blocklocal_title">Yerel ağlar için Bypass VPN</string>
   <string name="userpw_file">Kullanıcı adı / Şifre dosyası</string>
   <string name="imported_from_file">[Buradan içeri aktar: %s]</string>
+  <string name="files_missing_hint">Bazı dosyalar bulunamadı. Lütfen profile aktarılacak dosyaları seçiniz:</string>
   <string name="import_log">Kaydı içe aktar:</string>
+  <string name="mssfix_invalid_value">MSS değeri 0 ile 9000 arasında bir tamsayı olmak zorundadır</string>
   <string name="client_behaviour">İstemci davranışı</string>
+  <string name="clear_external_apps">İzin verilmiş harici uygulamaları temizle</string>
   <string name="loading">Yükleniyor&#8230;</string>
   <string name="allowed_vpn_apps_info">Izin verilen VPN uygulamaları: %1$s</string>
   <string name="disallowed_vpn_apps_info">İzin verilmeyen VPN uygulamaları: %1$s</string>
@@ -330,19 +334,38 @@
   <string name="keep">Sakla</string>
   <string name="delete">Sil</string>
   <string name="add_remote">Yenı uzak sunucu ekle</string>
+  <string name="remote_random">Bağlanmak için bağlantı girişlerini rasgele bir sırada kullan</string>
   <string name="remote_no_server_selected">En az bir uzak sunucu tanımlamalı ve etkinleştirmelisiniz.</string>
   <string name="server_list">Sunucu Listesi</string>
   <string name="vpn_allowed_apps">İzin verilen uygulamalar</string>
   <string name="advanced_settings">Gelişmiş Ayarlar</string>
   <string name="payload_options">Yük seçenekleri</string>
   <string name="tls_settings">TLS Ayarları</string>
+  <string name="duplicate_vpn">VPN profilini kopyala</string>
+  <string name="duplicate_profile_title">Profil kopyalama: %s</string>
   <string name="show_log">Günlüğü göster</string>
+  <string name="faq_androids_clients_title">Android için OpenVPN uygulamaları aralarındaki farklar</string>
+  <string name="ignore_multicast_route">Multicast rotasını yoksayma:%s</string>
   <string name="ab_proxy_title">VPN\'ler için Proxy davranışı</string>
   <string name="ab_lollipop_reinstall_title">VPN uygulamaları yeniden yükleme</string>
   <string name="version_upto">%s ve önceki</string>
   <string name="copy_of_profile">%s kopyası</string>
+  <string name="ab_not_route_to_vpn_title">Yapılandırılmış IP adresine yönlendir</string>
   <string name="ab_kitkat_mss_title">VPN bağlantısı için yanlış MSS değeri</string>
   <string name="ab_secondary_users_title">İkincil tablet kullanıcıları</string>
   <string name="custom_connection_options_warng">Özel bağlantı seçenekleri belirtin. Dikkatli kullanın</string>
   <string name="custom_connection_options">Özel Seçenekler</string>
+  <string name="remove_connection_entry">Bağlantı girdisini kaldırın</string>
+  <string name="ab_vpn_reachability_44_title">Uzak ağlar ulaşılamıyor</string>
+  <string name="ab_persist_tun_title">Sürekli tun modu</string>
+  <string name="version_and_later">%s ve daha sonra</string>
+  <string name="crl_file">Sertifika iptal listesi</string>
+  <string name="Search">Arama</string>
+  <string name="clear_log_on_connect">Yeni bağlantıda günlüğü temizle</string>
+  <string name="connect_timeout">Bağlantı zaman aşımına uğradı</string>
+  <string name="protocol">Protokol</string>
+  <string name="enabled_connection_entry">Etkin</string>
+  <string name="months_left">%d ay kaldı</string>
+  <string name="days_left">%d gün kaldı</string>
+  <string name="hours_left">%d saat kaldı</string>
 </resources>
diff --git a/app/src/main/res/values-uk/strings-icsopenvpn.xml b/app/src/main/res/values-uk/strings-icsopenvpn.xml
index 35d20e8b..f715bf77 100755
--- a/app/src/main/res/values-uk/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-uk/strings-icsopenvpn.xml
@@ -180,7 +180,6 @@
   <string name="keychain_nocacert">Не вдалося отримати СА сертифікат при читанні із сховища ключів Андроїд. Автентифікація не вдалася.</string>
   <string name="show_log_summary">Показати вікно журналу при з\'єднанні. Вікно журналу може бути завжди дрступним у панелі сповіщень.</string>
   <string name="show_log_window">Показати вікно журналу</string>
-  <string name="mobile_info">Працює на %1$s (%2$s) %3$s, Android API %4$d</string>
   <string name="error_rsa_sign">Помилка підпису з використанням ключа із сховища Андроїд %1$s: %2$s</string>
   <string name="faq_system_dialogs">Попередження VPN з\'єднання повідомляє вам, що цей додаток може перехоплювати весь мережевий трафік, і повідомляється системою попереджень VPNService API. \nСповіщення про VPN з\'єднання (символ \"Ключа\") також формується системою Android для сигналізації про вихідне VPN з\'єднання. У деяких прошивках це сповіщення супроводжується сигналом. \nAndroid використовує ці cповіщення для вашої власної безпеки і їх не можна обійти. (На жаль, на деяких прошивках також  сповіщення супроводжується звуком)</string>
   <string name="faq_system_dialogs_title">Повідомлення про підключення та звук сповіщеня</string>
@@ -260,7 +259,6 @@
   <string name="encryption_cipher">Алгоритм шифрування</string>
   <string name="packet_auth">Пакети автентифікації</string>
   <string name="auth_dialog_title">Введіть метод автентифікації пакетів</string>
-  <string name="mobile_info_extended">Запущено на %1$s (%2$s) %3$s, Android API %4$d, версії %5$s, %6$s</string>
   <string name="built_by">побудована по %s</string>
   <string name="debug_build">відлагоджувальна збірка</string>
   <string name="official_build">Офіційна збірка</string>
@@ -374,4 +372,15 @@
   <string name="custom_connection_options_warng">Визначені параметри користувача при з\'єднанні. Будьте обережні!</string>
   <string name="custom_connection_options">Власні налаштовування</string>
   <string name="remove_connection_entry">Видалити запис підключення</string>
+  <string name="ab_kitkat_reconnect_title">Випадкове відключення від мережі мобільного зв\'язку</string>
+  <string name="ab_vpn_reachability_44_title">Віддалені мережі недоступні</string>
+  <string name="ab_persist_tun_title">Зберігати tun режим</string>
+  <string name="version_and_later">%s і подальше</string>
+  <string name="tls_cipher_alert_title">Підключення не вдається з \"SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure\"</string>
+  <string name="Search">Пошук</string>
+  <string name="lastdumpdate">(Останній Dump %1$d:%2$dh старий (%3$s))</string>
+  <string name="clear_log_on_connect">Очистити журнал при новому підключенні</string>
+  <string name="connect_timeout">Час очікування з\'єднання</string>
+  <string name="protocol">Протокол</string>
+  <string name="enabled_connection_entry">Ввімкнено</string>
 </resources>
diff --git a/app/src/main/res/values-v21/colours.xml b/app/src/main/res/values-v21/colours.xml
index 1fedf7b9..024e47eb 100644
--- a/app/src/main/res/values-v21/colours.xml
+++ b/app/src/main/res/values-v21/colours.xml
@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!--
-  ~ Copyright (c) 2012-2014 Arne Schwabe
+  ~ Copyright (c) 2012-2016 Arne Schwabe
   ~ Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
   -->
 
diff --git a/app/src/main/res/values-v21/refs.xml b/app/src/main/res/values-v21/refs.xml
index 2a09271d..eb9c587c 100644
--- a/app/src/main/res/values-v21/refs.xml
+++ b/app/src/main/res/values-v21/refs.xml
@@ -1,14 +1,15 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!--
-  ~ Copyright (c) 2012-2014 Arne Schwabe
+  ~ Copyright (c) 2012-2016 Arne Schwabe
   ~ Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
   -->
 
 <resources>
-  <drawable name="ic_menu_close_clear_cancel">@drawable/ic_close_white_24dp</drawable>
-  <drawable name="ic_menu_share">@drawable/ic_share_white_24dp </drawable>
-  <drawable name="ic_menu_save">@drawable/ic_check_white_24dp</drawable>
-  <drawable name="ic_menu_view">@drawable/ic_filter_list_white_24dp</drawable>
-  <drawable name="ic_menu_delete">@drawable/ic_delete_white_24dp</drawable>
-  <drawable name="ic_menu_delete_grey">@drawable/ic_delete_grey600_24dp</drawable>
+    <drawable name="ic_menu_close_clear_cancel">@drawable/ic_close_white_24dp</drawable>
+    <drawable name="ic_menu_share">@drawable/ic_share_white_24dp </drawable>
+    <drawable name="ic_menu_save">@drawable/ic_check_white_24dp</drawable>
+    <drawable name="ic_menu_view">@drawable/ic_filter_list_white_24dp</drawable>
+    <drawable name="ic_menu_delete">@drawable/ic_delete_white_24dp</drawable>
+    <drawable name="ic_menu_delete_grey">@drawable/ic_delete_grey600_24dp</drawable>
+
 </resources>
diff --git a/app/src/main/res/values-v21/styles.xml b/app/src/main/res/values-v21/styles.xml
index 4379dd6d..83a693f1 100644
--- a/app/src/main/res/values-v21/styles.xml
+++ b/app/src/main/res/values-v21/styles.xml
@@ -1,15 +1,26 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!--
-  ~ Copyright (c) 2012-2014 Arne Schwabe
+  ~ Copyright (c) 2012-2016 Arne Schwabe
   ~ Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
   -->
 
 <resources>
-    <style name="blinkt.baseTheme" parent="android:Theme.Material.Light.DarkActionBar" />
+    <!-- http://www.google.de/design/spec/style/color.html#color-color-palette -->
+    <style name="blinkt.baseTheme" parent="android:Theme.Material.Light.DarkActionBar">
+        <item name="android:colorPrimary">@color/primary</item>
+        <item name="android:colorPrimaryDark">@color/primary_dark</item>
+        <item name="android:colorAccent">@color/accent</item>
+        <item name="android:alertDialogTheme">@style/blinkt.alertDialog</item>
+    </style>
 
+    <style name="blinkt.dialog" parent="android:Theme.Material.Light.Dialog">
+        <item name="android:colorPrimary">@color/primary</item>
+        <item name="android:colorPrimaryDark">@color/primary_dark</item>
+        <item name="android:colorAccent">@color/accent</item>
+        <item name="android:alertDialogTheme">@style/blinkt.alertDialog</item>
+    </style>
 
-    <!-- http://www.google.de/design/spec/style/color.html#color-color-palette -->
-    <style name="blinkt" parent="blinkt.common">
+    <style name="blinkt.alertDialog" parent="android:Theme.Material.Light.Dialog.Alert">
         <item name="android:colorPrimary">@color/primary</item>
         <item name="android:colorPrimaryDark">@color/primary_dark</item>
         <item name="android:colorAccent">@color/accent</item>
diff --git a/app/src/main/res/values-vi/strings-icsopenvpn.xml b/app/src/main/res/values-vi/strings-icsopenvpn.xml
index 42f07ee8..87d040ab 100755
--- a/app/src/main/res/values-vi/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-vi/strings-icsopenvpn.xml
@@ -180,7 +180,7 @@
   <string name="keychain_nocacert">Không có chứng chỉ CA phản hồi khi đọc khóa lưu trữ Android. Chứng thực có thể sẽ thất bại.</string>
   <string name="show_log_summary">Hiển thị cửa sổ đăng nhập khi kết nối. Cửa sổ đăng nhập có thể luôn truy cập từ thanh thông báo trạng thái.</string>
   <string name="show_log_window">Hiển thị cửa sổ đăng nhập</string>
-  <string name="mobile_info">Đang chạy trên %1$s (%2$s) %3$s, Android API %4$d</string>
+  <string name="mobile_info">%10$s%9$s đang chạy trên %3$s%1$s(%2$s), Android %6$s (%7$s) API %4$d, ABI %5$s, (%8$s)</string>
   <string name="error_rsa_sign">Lỗi đăng ký với khóa lưu trữ Android %1$s: %2$s</string>
   <string name="faq_system_dialogs">Các kết nối VPN đang cảnh báo bạn rằng ứng dụng này có thể chặn tất cả lưu lượng được đặt bởi hệ thống để chặn tình trạng lạm dụng VPN API. \nThông báo kết nối VPN (Biểu tượng chìa khóa) cũng được đặt bởi hệ thống Android để báo hiệu một kết nối VPN đang hoạt động. Với một số trường hợp thông báo này sẽ phát một âm thanh. \nAndroid giới thiệu những đoạn hội thoại này vì sự an toàn của bạn và chắn chắn rằng chúng không thể bị xâm nhập phá hoại. (Trên một số trường hợp thật không may không bao gồm âm thanh thông báo)</string>
   <string name="faq_system_dialogs_title">Cảnh báo kết nối và thông báo âm thanh</string>
@@ -260,7 +260,6 @@
   <string name="encryption_cipher">Mã hóa mật mã</string>
   <string name="packet_auth">Gói xác thực</string>
   <string name="auth_dialog_title">Nhập phương thức xác thực gói</string>
-  <string name="mobile_info_extended">Đang chạy trên %1$s (%2$s) %3$s, Android API %4$d, phiên bản %5$s, %6$s</string>
   <string name="built_by">được xây dựng bởi %s</string>
   <string name="debug_build">bản dựng gỡ lỗi</string>
   <string name="official_build">bản dựng chính thức</string>
@@ -374,4 +373,26 @@
   <string name="custom_connection_options_warng">Xác định kết nối tùy chỉnh cụ thể. Dùng cẩn thận</string>
   <string name="custom_connection_options">Cấu hình tùy chỉnh</string>
   <string name="remove_connection_entry">Gỡ bỏ mục kết nối</string>
+  <string name="ab_kitkat_reconnect_title">Ngẫu nhiên ngắt kết nối từ mạng di động</string>
+  <string name="ab_vpn_reachability_44_title">Mạng từ xa không khả dụng</string>
+  <string name="ab_persist_tun_title">Chế độ tun cố định</string>
+  <string name="version_and_later">%s và sau</string>
+  <string name="tls_cipher_alert_title">Kết nối thất bại với lỗi cảnh báo SSL23_GET_SERVER_HELLO:sslv3</string>
+  <string name="tls_cipher_alert">Phiên bản OpenVPN cho Android mới hơn (0.6.29/tháng 3 năm 2015) sử dụng nhiều bảo mật mặc định trên những bộ mã hóa được cho phép (tls-cipher \"DEFAULT:!EXP:!PSK:!SRP:!kRSA\"). Thật không may, việc bỏ qua những mã hóa kém an toàn và xuất các mã hóa, đặc biệt là các thiếu sót của bộ mã hóa không hỗ trợ Perfect Forward Secrecy (Diffie-Hellman) nên gây ra một vài vấn đề. Điều này là ý định tốt nhưng nó thực hiện tăng cường bảo mật TLS kém hơn bằng cách thiết lập mật mã-tls trên máy chủ hoặc một số hệ điều hành với SSL hạ thấp (ví dụ MikroTik).\n Để khắc phục lỗi này, đặt cài đặt mật mã-tls mặc định trên máy chủ một cách hợp lý như mật mã-tls \"DEFAULT:!EXP:!PSK:!SRP:!kRSA\". Để làm việc xung quanh vấn đề trên máy trạm, hãy thêm tùy chọn tùy chỉnh mật mã-tls MẶC ĐỊNH trên máy trạm Android.</string>
+  <string name="message_no_user_edit">Hồ sơ này đã được thêm từ ứng dụng bên ngoài %s và đã được đánh dấu là người dùng không thể chỉnh sửa.</string>
+  <string name="crl_file">Danh sách thu hồi chứng nhận</string>
+  <string name="service_restarted">Đang khởi động lại dịch vụ OpenVPN (Ứng dụng gặp lỗi hoặc bị dừng do tràn bộ nhớ)</string>
+  <string name="import_config_error">Nhập cấu hình mạng bị lỗi, không thể lưu lại</string>
+  <string name="Search">Tìm kiếm</string>
+  <string name="lastdumpdate">(Kết xuất cuối là %1$d:%2$d cũ (%3$s))</string>
+  <string name="clear_log_on_connect">Xóa nhật ký trên kết nối mới</string>
+  <string name="connect_timeout">Thời gian tạm ngưng kết nối</string>
+  <string name="no_allowed_app">Không có ứng dụng nào được phép thêm. Đang thêm (%s) có tối thiểu một ứng dụng trong danh sách những ứng dụng đã cho phép chứ không cho phép tất cả ứng dụng</string>
+  <string name="query_permissions_sdcard">OpenVPN cho Android có thể tìm những tập tin bị mất trên thẻ nhớ một cách tự động. Nhấn vào tin nhắn này để bắt đầu yêu cầu quyền.</string>
+  <string name="protocol">Giao thức</string>
+  <string name="enabled_connection_entry">Bật</string>
+  <string name="abi_mismatch">Ưu tiên ABI gốc của thiết bị này (%1$s) và ABI được báo cáo bởi thư viện gốc (%2$s) bất đối xứng</string>
+  <string name="months_left">%d tháng còn lại</string>
+  <string name="days_left">%d ngày còn lại</string>
+  <string name="hours_left">%d giờ còn lại</string>
 </resources>
diff --git a/app/src/main/res/values-zh-rCN/strings-icsopenvpn.xml b/app/src/main/res/values-zh-rCN/strings-icsopenvpn.xml
index 01fa64a2..efd8a669 100755
--- a/app/src/main/res/values-zh-rCN/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-zh-rCN/strings-icsopenvpn.xml
@@ -181,7 +181,6 @@
   <string name="keychain_nocacert">在 Android 密钥库中未找到任何 CA 证书。可能验证失败。</string>
   <string name="show_log_summary">连接时显示日志窗口。日志窗口可始终从通知栏访问。</string>
   <string name="show_log_window">显示日志窗口</string>
-  <string name="mobile_info">运行 %1$s （ %2$s ） %3$s ，Android API %4$d</string>
   <string name="error_rsa_sign">与 Android 密钥库 %1$s 签名时出错： %2$s</string>
   <string name="faq_system_dialogs">VPN 连接警告会告诉你有程序正要拦截所有的网络流量，这是为了确保 VPN 服务的 API 不被恶意应用滥用。\nVPN 连接通知（通知栏上的钥匙图标）是 Android 系统内建的，如果当前有 VPN 连接，Android 系统就会自动显示这个通知图标。一些系统上还会在 VPN 连接建立的时候发出提示音。Android 这么做的原因是为了保护你不受恶意应用的欺骗。</string>
   <string name="faq_system_dialogs_title">连接警告和通知声音</string>
@@ -262,7 +261,6 @@
   <string name="encryption_cipher">加密算法(cipher)</string>
   <string name="packet_auth">数据包验证</string>
   <string name="auth_dialog_title">数据包验证方式</string>
-  <string name="mobile_info_extended">当前运行环境 %1$s (%2$s) %3$s，Android API %4$d，版本 %5$s，%6$s</string>
   <string name="built_by">由 %s 构建</string>
   <string name="debug_build">调试版本</string>
   <string name="official_build">正式版本</string>
@@ -359,8 +357,18 @@
   <string name="ab_only_cidr">安卓只支持CIDR路由。由于非CIDR路由几乎不用，OpenVPN for Android将使用/32路由并对非CIDR路由发出警告。</string>
   <string name="ab_tethering_44">在连接VPN时手机热点依然工作，但连接不会通过VPN。</string>
   <string name="ab_kitkat_mss">早期的KitKat版本在TCP连接上设置了错误的MSS值 (#61948)。OpenVPN将自动启动mssfix选项来解决这个Bug。</string>
+  <string name="ab_proxy">在DNS服务没有设置的情况下，安卓会继续使用手机wifi的代理设置。 安卓OpenVPN会在日志文件中留下警告信息。在VPN设置DNS服务时，安卓不是代理；安卓系统里没有为vpn连接设置代理的程序接口。</string>
+  <string name="ab_lollipop_reinstall">在被卸载或重新安装时，VPN程序会停止工作；详细信息请参看 #80074</string>
   <string name="ab_only_cidr_title">非CIDR路由</string>
   <string name="ab_lollipop_reinstall_title">正在重新安装VPN应用</string>
   <string name="custom_connection_options">自定义选项</string>
   <string name="remove_connection_entry">删除连接条目</string>
+  <string name="ab_persist_tun_title">保持 tun 通道模式</string>
+  <string name="crl_file">证书吊销列表</string>
+  <string name="Search">搜索</string>
+  <string name="clear_log_on_connect">建立新连接时清空日志</string>
+  <string name="connect_timeout">连接超时</string>
+  <string name="query_permissions_sdcard">OpenVPN for Android 可以尝试自动在 SD 卡上寻找缺失的文件。点击此消息开始请求权限许可。</string>
+  <string name="protocol">协议</string>
+  <string name="enabled_connection_entry">启用</string>
 </resources>
diff --git a/app/src/main/res/values-zh-rTW/strings-icsopenvpn.xml b/app/src/main/res/values-zh-rTW/strings-icsopenvpn.xml
index b0056965..179396b8 100755
--- a/app/src/main/res/values-zh-rTW/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-zh-rTW/strings-icsopenvpn.xml
@@ -16,37 +16,39 @@
   <string name="useLZO">LZO壓縮</string>
   <string name="client_no_certificate">沒有證書</string>
   <string name="client_certificate_title">客戶端證書</string>
-  <string name="client_key_title">客戶端證書密碼</string>
+  <string name="client_key_title">客戶端證書密鑰</string>
   <string name="client_pkcs12_title">PKCS12 檔案</string>
   <string name="ca_title">CA證書</string>
-  <string name="no_certificate">您必須選擇一個憑證</string>
-  <string name="copyright_guicode">取得原始碼與個案追蹤，可上 http://code.google.com/p/ics-openvpn/</string>
-  <string name="copyright_others">本程序使用了以下元件，其作者和授權資訊如下</string>
-  <string name="about">關於</string>
-  <string name="vpn_list_title">設定檔</string>
+  <string name="no_certificate">您必須選擇一個證書</string>
+  <string name="copyright_guicode">源代碼和問題跟踪器可在https://github.com/schwabe/ics-openvpn/</string>
+  <string name="copyright_others">該方案採用了以下組件; 看到源代碼的許可證的全部細節</string>
+  <string name="about">左右</string>
+  <string name="vpn_list_title">簡介</string>
   <string name="vpn_type">類型</string>
-  <string name="pkcs12pwquery">PKCS12 密碼</string>
-  <string name="file_select">選擇&#8230;</string>
-  <string name="file_nothing_selected">你必須選擇一個檔案</string>
-  <string name="useTLSAuth">使用傳輸層防火牆(TLS-Auth)</string>
+  <string name="pkcs12pwquery">PKCS12密碼</string>
+  <string name="file_select">選擇...</string>
+  <string name="file_nothing_selected">你必須選擇一個文件</string>
+  <string name="useTLSAuth">使用TLS認證</string>
   <string name="tls_direction">TLS方向</string>
-  <string name="ipv6_dialog_tile">以CIDR格式輸入IPv6地址/遮罩(例如 2000:dd::23/64)</string>
-  <string name="ipv4_dialog_title">以CIDR格式輸入IPv4地址/遮罩(例如 1.2.3.4/24)</string>
+  <string name="ipv6_dialog_tile">進入IPv6地址/子網掩碼CIDR格式（例如2000：DD ::六十四分之二十三）</string>
+  <string name="ipv4_dialog_title">輸入IPv4地址/子網掩碼CIDR格式（例如：1.2.3.4/24）</string>
   <string name="ipv4_address">IPv4地址</string>
-  <string name="ipv6_address">IPv6地址</string>
-  <string name="custom_option_warning">使用自訂的OpenVPN選項，請加倍緊慎。請注意因Android API限制，很多與Tun相關的OpenVPN設定皆無法正常使用。如果你認為我們遺忘了重要的OpenVPN選項，請向作者反映。</string>
-  <string name="auth_username">用戶名稱</string>
+  <string name="ipv6_address">IPv6的地址</string>
+  <string name="custom_option_warning">輸入自定義的OpenVPN選項。請謹慎使用。另外請注意，許多囤地的相關OpenVPN的設置不能被VPNSettings的設計支持。如果您認為一個重要的選擇缺少聯繫作者</string>
+  <string name="auth_username">用戶名</string>
   <string name="auth_pwquery">密碼</string>
-  <string name="configure_the_vpn">設定VPN</string>
-  <string name="menu_add_profile">新增設定檔</string>
-  <string name="add_profile_name_prompt">輸入新的設定檔名稱</string>
-  <string name="duplicate_profile_name">重複的設定檔名稱</string>
-  <string name="profilename">設定檔名稱</string>
-  <string name="no_keystore_cert_selected">你必須選取一個使用者證書</string>
+  <string name="static_keys_info">為靜態配置所述TLS驗證密鑰將被用來作為靜態密鑰</string>
+  <string name="configure_the_vpn">配置VPN</string>
+  <string name="menu_add_profile">添加簡介</string>
+  <string name="add_profile_name_prompt">輸入一個名稱標識新的配置文件</string>
+  <string name="duplicate_profile_name">請輸入一個唯一的配置文件名稱</string>
+  <string name="profilename">配置文件名稱</string>
+  <string name="no_keystore_cert_selected">您必須選擇一個用戶證書</string>
   <string name="no_error_found">未有找到錯誤</string>
-  <string name="config_error_found">設定中含有錯誤</string>
-  <string name="ipv4_format_error">解析IPv4地址時發生錯誤</string>
-  <string name="custom_route_format_error">解析自訂路由時發生錯誤</string>
+  <string name="config_error_found">在配置錯誤</string>
+  <string name="ipv4_format_error">錯誤解析IPv4地址</string>
+  <string name="custom_route_format_error">錯誤解析自定義路線</string>
+  <string name="pw_query_hint">（留空按需查詢）</string>
   <string name="vpn_shortcut">OpenVPN捷徑</string>
   <string name="vpn_launch_title">連線到VPN</string>
   <string name="shortcut_profile_notfound">在快捷方式找不到指定的設定檔</string>
@@ -54,86 +56,116 @@
   <string name="random_host_summary">在主機名稱前加入6個隨機字符</string>
   <string name="custom_config_title">啟用自訂選項</string>
   <string name="custom_config_summary">自訂選項，使用時請小心！</string>
-  <string name="route_rejected">路由被Android拒絕</string>
-  <string name="cancel_connection">中斷連線</string>
-  <string name="cancel_connection_long">中斷VPN連線</string>
-  <string name="clear_log">清除記錄檔</string>
-  <string name="title_cancel">確認取消</string>
-  <string name="cancel_connection_query">中斷已連接的VPN/取消正在嘗試的連線？</string>
-  <string name="remove_vpn">移除VPN</string>
+  <string name="route_rejected">路由拒絕的Andr​​oid</string>
+  <string name="cancel_connection">斷開連接</string>
+  <string name="cancel_connection_long">斷開VPN</string>
+  <string name="clear_log">清除日誌</string>
+  <string name="title_cancel">取消確認</string>
+  <string name="cancel_connection_query">斷開連接的VPN /取消連接嘗試？</string>
+  <string name="remove_vpn">刪除VPN</string>
+  <string name="check_remote_tlscert">檢查服務器是否使用TLS的服務器擴展（--remote-CERT-TLS服務器）的證書</string>
   <string name="check_remote_tlscert_title">預計TLS服務器證書</string>
-  <string name="remote_tlscn_check_summary">檢查遠程服務器證書的主題DN</string>
-  <string name="remote_tlscn_check_title">證書的主機名檢查</string>
-  <string name="tls_key_auth">啟用傳輸層防火牆(TLS-Auth)</string>
-  <string name="tls_auth_file">TLS驗證檔</string>
-  <string name="pull_on_summary">向伺服器請求IP地址, 路由和時間資訊</string>
-  <string name="use_pull">接受設定推送(Pull)</string>
+  <string name="remote_tlscn_check_summary">檢查遠程服務器證書主題DN</string>
+  <string name="remote_tlscn_check_title">證書主機名檢查</string>
+  <string name="enter_tlscn_dialog">指定用於驗證遠程證書的DN（例如C = DE，L =帕德博恩，OU =禽流IP運營商，CN = openvpn.blinkt.de）\ñ\ n指定完整的DN或RDN檢查（openvpn.blinkt.de在這個例子中）或RDN前綴進行驗證。\ N使用RDN前綴“服務器”\ n當匹配“服務器1”和“服務器2”\ñ\ nLeaving文本字段為空將檢查RDN對服務器的主機名。 \ñ\ n有關詳細信息請參見下-verify-X509-名的OpenVPN 2.3.1+手冊頁</string>
+  <string name="enter_tlscn_title">遠程證書主題</string>
+  <string name="tls_key_auth">啟用TLS密鑰認證</string>
+  <string name="tls_auth_file">TLS驗證文件</string>
+  <string name="pull_on_summary">請求，則來自服務器的地址，路線和時機選擇。</string>
+  <string name="pull_off_summary">沒有信息從服務器請求。設置需要規定如下。</string>
+  <string name="use_pull">拉設置</string>
   <string name="dns">DNS</string>
-  <string name="override_dns">忽略伺服器提供的DNS設定</string>
-  <string name="dns_override_summary">使用自訂的DNS伺服器</string>
-  <string name="searchdomain">搜索網域</string>
-  <string name="dns1_summary">要使用的DNS伺服器。</string>
-  <string name="dns_server">DNS伺服器</string>
-  <string name="secondary_dns_message">當主要DNS伺服器無法使用，就會嘗試備用DNS伺服器</string>
-  <string name="backup_dns">後備VPN伺服器</string>
-  <string name="ignored_pushed_routes">忽略伺服器推送的路由</string>
-  <string name="ignore_routes_summary">忽略從伺服器推送的路由。</string>
-  <string name="default_route_summary">重定向所有流量到VPN</string>
-  <string name="use_default_title">使用VPN作為預設閘道</string>
-  <string name="custom_route_message">以CIDR格式輸入目的地路由，例如\"10.0.0.0/8 2002::/16\"，以上兩個路由將導向到VPN。</string>
-  <string name="custom_routes_title">自訂路由</string>
-  <string name="log_verbosity_level">記錄的詳細級別</string>
-  <string name="float_summary">只要能夠經過驗證，接受從任何IP地址而來的伺服器訊息</string>
-  <string name="float_title">容許浮動的伺服器</string>
-  <string name="custom_options_title">自訂選項</string>
-  <string name="edit_vpn">編輯VPN設定</string>
-  <string name="remove_vpn_query">要移除VPN設定檔 %s 嗎?</string>
-  <string name="tun_error_helpful">一些自訂的Android4.0 ROM存在/dev/tun的擁有者權限問題，甚至完全沒有Tun模組。CM9用家請嘗試於\"全域設置\"下修正Tun擁有者。</string>
-  <string name="tun_open_error">無法開啟Tun網絡介面</string>
-  <string name="error">"錯誤: "</string>
+  <string name="override_dns">覆蓋的DNS設置服務器</string>
+  <string name="dns_override_summary">使用您自己的DNS服務器</string>
+  <string name="searchdomain">sea​​rchDomain</string>
+  <string name="dns1_summary">要使用的DNS服務器。</string>
+  <string name="dns_server">DNS服務器</string>
+  <string name="secondary_dns_message">備用DNS服務器使用，如果正常的DNS服務器無法到達。</string>
+  <string name="backup_dns">備份DNS服務器</string>
+  <string name="ignored_pushed_routes">忽略推路線</string>
+  <string name="ignore_routes_summary">忽略路由推服務器。</string>
+  <string name="default_route_summary">重定向所有通過VPN</string>
+  <string name="use_default_title">使用默認路由</string>
+  <string name="custom_route_message">輸入自定義的路線。只有在CIDR格式輸入目的地。 “10.0.0.0/8 2002:: / 16”就直接網絡10.0.0.0/8和2002:: / 16通過VPN。</string>
+  <string name="custom_route_message_excluded">路線不應該被路由通過VPN。使用相同的語法包括路線。</string>
+  <string name="custom_routes_title">自定義路線</string>
+  <string name="custom_routes_title_excluded">排除網絡</string>
+  <string name="log_verbosity_level">日誌級別</string>
+  <string name="float_summary">允許來自任何IP驗證的數據包</string>
+  <string name="float_title">允許浮動服務器</string>
+  <string name="custom_options_title">自定義選項</string>
+  <string name="edit_vpn">編輯VPN設置</string>
+  <string name="remove_vpn_query">刪除VPN配置文件“%s”？</string>
+  <string name="tun_error_helpful">在一些定制IC圖片在/ dev / TUN的權限可能是錯誤的，或者囤模塊可能會完全丟失。對於CM9圖像嘗試在常規設置的固定所有權選項</string>
+  <string name="tun_open_error">無法打開囤接口</string>
+  <string name="error">“錯誤：”</string>
   <string name="clear">清除</string>
-  <string name="local_ip_info">本地IPv4: %1$s/%2$d IPv6: %3$s MTU: %4$d</string>
+  <string name="last_openvpn_tun_config">打開TUN接口：</string>
+  <string name="local_ip_info">本地IPv4：%1$s / %2$d的IPv6：%3$s MTU：%4$d</string>
+  <string name="dns_server_info">DNS服務器：%1$s，域名：%2$s</string>
+  <string name="routes_info_incl">路線：%1$s %2$s</string>
+  <string name="routes_info_excl">路線排除：%1$s %2$s</string>
+  <string name="routes_debug">安裝VpnService路線：%1$s %2$s</string>
+  <string name="ip_not_cidr">GOT的接口信息%1$s和%2$s，假設第二個地址是遠程的對等地址。使用/ 32掩碼本地IP。通過OpenVPN的給定方式是“%3$s”。</string>
+  <string name="route_not_cidr">不能使%1$s和%2$s如IP路由CIDR子網掩碼感，使用/ 32子網掩碼。</string>
+  <string name="route_not_netip">修正路線%1$s / %2$s到%3$s / %2$s</string>
+  <string name="keychain_access">無法訪問Android鑰匙扣證書。這可以通過固件升級或通過恢復的應用程序/應用程序設置的備份引起。請編輯VPN和重新選擇下基本設置證書重新訪問證書的權限。</string>
   <string name="version_info">%1$s %2$s</string>
-  <string name="send_logfile">分享記錄檔</string>
-  <string name="send">分享</string>
-  <string name="ics_openvpn_log_file">ICS OpenVPN 記錄檔</string>
-  <string name="copied_entry">已將記錄複製到剪貼簿</string>
-  <string name="tap_mode">Tap模式</string>
-  <string name="faq_tap_mode">Android內置的VPN API並不支援Tap介面，故此本程序並不支援Tap模式。</string>
+  <string name="send_logfile">發送日誌文件</string>
+  <string name="send">派</string>
+  <string name="ics_openvpn_log_file">ICS OpenVPN的日誌文件</string>
+  <string name="copied_entry">複製日誌條目夾板</string>
+  <string name="tap_mode">點擊模式</string>
+  <string name="faq_tap_mode">點擊模式是不可能的非根VPN API。因此，該應用程序不能提供自來水的支持</string>
+  <string name="tap_faq2">了嗎？你在開玩笑吧？不，攻牙模式真的不支持和發送更多的郵件，詢問是否將支持也無濟於事。</string>
   <string name="faq">FAQ</string>
   <string name="copying_log_entries">複製記錄檔條目</string>
+  <string name="faq_copying">要複製單個日誌條目按住上的日誌條目。若要複製/發送全部日誌請使用發送日誌選項。使用硬件菜單按鈕時，如果按鈕沒有在GUI可見。</string>
   <string name="faq_shortcut">以快捷方式啟動</string>
+  <string name="faq_howto_shortcut">您可以將快捷方式啟動 OpenVPN 在您的桌面上。根據您的主畫面程式必須添加一個快捷方式或小部件。</string>
   <string name="no_vpn_support_image">你的Android ROM不支援VPN服務API，抱歉了。 :(</string>
   <string name="encryption">加密</string>
   <string name="cipher_dialog_title">輸入加密方法</string>
+  <string name="chipher_dialog_message">輸入由OpenVPN的加密密碼算法。留空使用默認密碼。</string>
+  <string name="auth_dialog_message">輸入驗證摘要多用於OpenVPN的。留空使用默認的摘要。</string>
   <string name="settings_auth">驗證/加密</string>
   <string name="file_explorer_tab">檔案瀏覽器</string>
   <string name="inline_file_tab">內嵌檔案</string>
   <string name="error_importing_file">匯入過程中發生錯誤</string>
   <string name="import_error_message">無法從檔案系統中匯入檔案</string>
   <string name="inline_file_data">&lt;內嵌於設定檔&gt;</string>
+  <string name="opentun_no_ipaddr">拒絕沒有IP信息打開tun設備</string>
   <string name="menu_import">匯入.ovpn檔案</string>
   <string name="menu_import_short">匯入</string>
   <string name="import_content_resolve_error">匯入過程中無法讀取設定檔</string>
   <string name="error_reading_config_file">讀取設定檔時發生錯誤</string>
   <string name="add_profile">新增設定檔</string>
+  <string name="import_could_not_open">找不到在導入配置文件中提到的文件%1$s</string>
+  <string name="importing_config">從源頭%1$s導入配置文件</string>
+  <string name="import_warning_custom_options">你的配置有沒有被映射到用戶界面配置一些配置選項。這些選項被添加為自定義配置選項。將顯示自定義配置如下：</string>
   <string name="import_done">成功讀取設定檔</string>
   <string name="nobind_summary">不要綁定本地地址和端口</string>
   <string name="no_bind">沒有本地綁定</string>
   <string name="import_configuration_file">匯入設定檔</string>
   <string name="faq_security_title">保安上的考慮</string>
+  <string name="faq_security">“由於OpenVPN是安全敏感的有關安全性的幾個音符都是明智的。在​​SD卡的所有數據本質上是不安全的。每一個應用程序可以讀取它（比如這個方案並不需要特別的SD卡的權限）。此應用程序的數據只能讀由應用程序本身。通過使用CACERT /證書/密鑰的文件對話框中的數據導入選項存儲在VPN配置文件的VPN配置文件只能由該應用程序進行訪問。（不要忘了刪除在SD副本卡後）。即使只能由該應用程序中的數據仍然是未加密的，通過生根電話或其他攻擊有可能檢索數據。保存的密碼是明文存儲以及對於PKCS12文件，強烈建議你將它們導入到android的密鑰庫。“</string>
   <string name="import_vpn">匯入</string>
+  <string name="broken_image_cert_title">錯誤顯示證書選擇</string>
+  <string name="broken_image_cert">有一個例外，試圖展示了Android 4.0+證書選擇對話框。這不應該發生，因為這款Android 4.0+的標準功能。也許對於證書存儲你的Andr​​oid ROM支持被打破</string>
   <string name="ipv4">IPv4</string>
   <string name="ipv6">IPv6</string>
   <string name="speed_waiting">等待狀態訊息&#8230;</string>
   <string name="converted_profile">匯入設定檔</string>
   <string name="converted_profile_i">匯入設定檔%d</string>
+  <string name="broken_images">破碎的形象</string>
+  <string name="broken_images_faq">&lt;p&gt;Official HTC圖像，已知有一種奇怪的路由問題造成交通不流過隧道（也&lt;a href=\"https://github.com/schwabe/ics-openvpn/issues/18\"&gt;Issue 18&lt;/a&gt;看到bug跟踪系統。）的的Xperia弧S和的Xperia雷&lt;/p&gt;&lt;p&gt;Older官方SONY圖像已被報導完全缺少VPNService從圖像。 （也&lt;a href=\"https://github.com/schwabe/ics-openvpn/issues/29\"&gt;Issue 29&lt;/a&gt;看到bug跟踪系統。）&lt;/p&gt;&lt;p&gt;On自定義生成的TUN模塊可能會丟失照片或為/ dev / TUN的權利可能是錯誤的。一些CM9圖像需要在“設備特定的黑客”enabled.&lt;/p&gt;&lt;p&gt;Most重要的是“修復所有權”選項：如果您的設備有一個破碎的機器人形象，報告給你的供應商。越多的人誰給供應商報告問題時，他們越有可能解決it.&lt;/p&gt;</string>
   <string name="pkcs12_file_encryption_key">PKCS12檔加密金鑰</string>
   <string name="private_key_password">私密金鑰密碼</string>
   <string name="password">密碼</string>
   <string name="file_icon">檔案圖標</string>
   <string name="tls_authentication">傳輸層防火牆(TLS Firewall)</string>
   <string name="generated_config">生成的設定檔</string>
+  <string name="generalsettings">設置</string>
   <string name="owner_fix_summary">嘗試修正/dev/tun擁有者權限。已知有些CM9 ROM需要透過這個來才能使得VPN服務API得以運作。本功能需要Root。</string>
   <string name="owner_fix">修正 /dev/tun 的擁有者</string>
   <string name="generated_config_summary">顯示本程序生成的設定檔</string>
@@ -142,10 +174,14 @@
   <string name="netchange_summary">若切換此選項當網絡狀況變更時將強制重新連線(例如從WiFi變成手機網絡，反之亦然)</string>
   <string name="netchange">網絡異動時重新連線</string>
   <string name="netstatus">網絡狀態: %s</string>
+  <string name="extracahint">該CA證書通常是從Android密鑰庫返回。指定一個單獨的證書，如果你拿到證書驗證錯誤。</string>
   <string name="select_file">選擇</string>
+  <string name="keychain_nocacert">沒有CA證書返回，而從Android的密鑰庫讀取。身份驗證可能會失敗。</string>
   <string name="show_log_summary">連接時顯示記錄檔視窗。記錄檔視窗可以隨時從通知欄中進入。</string>
   <string name="show_log_window">顯示記錄視窗</string>
-  <string name="mobile_info">於 %1$s (%2$s) %3$s 上運行, Android API 版本: %4$d</string>
+  <string name="mobile_info">%10$s %9$s上%3$s %1$s（%2$s），運行Android %6$s（%7$s）API %4$d，ABI %5$s，（%8$s）</string>
+  <string name="error_rsa_sign">錯誤簽名與Android密鑰庫密鑰%1$s：%2$s</string>
+  <string name="faq_system_dialogs">VPN連接警告信息，告訴你，這個程序可以攔截所有流量是由系統施加的防止濫用VPNService的API。\ n此VPN連接的通知（關鍵標誌）也徵收Android系統的信號持續VPN連接。在某些圖像此通知播放聲音。\ nAndroid介紹這些系統對話框為自己的安全，並確保他們無法規避。 （在某些圖片這個不幸的是包括通知聲音）</string>
   <string name="faq_system_dialogs_title">連線警告和通知時發出音效</string>
   <string name="translationby">繁體中文</string>
   <string name="ipdns">IP和DNS</string>
@@ -154,9 +190,14 @@
   <string name="obscure">鮮為人知的OpenVPN設定，一般情況下不需要派上用場。</string>
   <string name="advanced">進階</string>
   <string name="export_config_title">ICS Openvpn 設定</string>
+  <string name="warn_no_dns">不使用任何DNS服務器。名稱解析可能無法正常工作。考慮設置自定義DNS服務器。另請注意，Android將繼續使用您的手機/ Wi-Fi連接指定的代理服務器設置時沒有DNS服務器設置。</string>
+  <string name="dns_add_error">無法添加DNS服務器“%1$s”，系統拒絕：%2$s</string>
+  <string name="ip_add_error">無法配置IP地址“%1$s”，系統拒絕：%2$s</string>
+  <string name="faq_howto">&lt;p&gt;Get工作的配置（從供應商/機構檢測您的電腦或下載）&lt;/p&gt;&lt;p&gt;If它沒有多餘的PEM / pks12文件，你可以自己通過電子郵件發送文件和打開附件的單個文件。如果您有多個文件，把它們放在你的SD card.&lt;/p&gt;&lt;p&gt;Click上的電子郵件附件/使用的文件夾圖標，在VPN列表導入配置file&lt;/p&gt;&lt;p&gt;If大約有丟失的文件將丟失的文件在你的SD card.&lt;/p&gt;&lt;p&gt;Click上保存錯誤標誌將導入的VPN添加到您的VPN list&lt;/p&gt;&lt;p&gt;Connect的VPN通過點擊VPN&lt;/p&gt;&lt;p&gt;If的名字有錯誤或警告日誌試著去了解警告/錯誤，並嘗試修復them&lt;/p&gt; </string>
   <string name="faq_howto_title">快速入門</string>
   <string name="setting_loadtun_summary">在連線前嘗試載入Tun模組，需要Root。</string>
   <string name="setting_loadtun">載入Tun模組</string>
+  <string name="importpkcs12fromconfig">導入PKCS12從配置到Android的密鑰庫</string>
   <string name="getproxy_error">取得代理伺服器資訊時發生錯誤: %s</string>
   <string name="using_proxy">使用代理伺服器 %1$s %2$d</string>
   <string name="use_system_proxy">使用系統代理</string>
@@ -170,7 +211,14 @@
   <string name="configuration_changed">設定已變更</string>
   <string name="log_no_last_vpn">無法判斷最後一次連線使用的設定檔，因此無法編輯設定檔。</string>
   <string name="faq_duplicate_notification_title">重複的通知</string>
+  <string name="faq_duplicate_notification">如果Android是在系統內存中的一些並不需要的時刻（RAM）的壓力，應用程序和服務，從積極的內存中刪除。這將終止正在進行的VPN連接。為了確保連接/ OpenVPN的生存服務的運行具有更高的優先級。於具有較高優先級運行的應用程序必須顯示通知。關鍵的通知圖標是由系統中的前一個FAQ條目中描述的罰款。它並不能算作應用程序通知具有較高優先級運行的目的。</string>
+  <string name="no_vpn_profiles_defined">沒有VPN配置文件定義。</string>
+  <string name="add_new_vpn_hint">使用&lt;img src=\"ic_menu_add\"/&gt;圖標添加新的VPN</string>
+  <string name="vpn_import_hint">使用&lt;img src=\"ic_menu_archive\"/&gt;圖標，導入從您的SD卡現有的（.ovpn或.conf文件）配置文件。</string>
+  <string name="faq_hint">此外，請務必檢查出的常見問​​題解答。有一個快速入門指南。</string>
   <string name="faq_routing_title">路由/網絡介面 設定</string>
+  <string name="faq_routing">路由和接口配置不經由傳統的ifconfig /路由命令，但通過使用VPNService API來完成。這將導致比其他操作系統不同的路由配置。 \ n此VPN隧道的配置包括IP地址和應該被路由通過該接口的網絡。特別是，沒有同行夥伴地址或網關地址是必要的或需要。特殊的路由到達VPN服務器不需要任一（例如，當使用重定向網關加）。導入配置時，應用程序將因此而忽略這些設置。該應用程序可確保與連接到服務器沒有通過VPN隧道路由到的VPNService API。\ n此VPNService API不允許指定網絡不應該通過VPN路由。作為一種變通方法的應用程序會自動檢測網絡，不應該被路由到隧道（如航線XXXX YYYY net_gateway），並計算一組路由排除此路線效仿其他平台的行為。日誌窗口顯示VPNService的在建立一個連接的配置\ nBehind場景：安卓4.4+確實使用策略路由。利用路由/ ifconfig命令將不顯示已安裝的路線。相反，使用IP規則，iptables的-t軋-L</string>
+  <string name="persisttun_summary">不要退回到沒有VPN連接時，OpenVPN是重新連接。</string>
   <string name="openvpn_log">OpenVPN 運作記錄</string>
   <string name="import_config">匯入 OpenVPN 配置</string>
   <string name="battery_consumption_title">電池消耗</string>
@@ -189,4 +237,61 @@
   <string name="notifcation_title_notconnect">未連線</string>
   <string name="start_vpn_title">正在連接至 VPN %s</string>
   <string name="start_vpn_ticker">正在連接至 VPN %s</string>
+  <string name="device_specific">設備的特性黑客</string>
+  <string name="cannotparsecert">無法顯示證書信息</string>
+  <string name="appbehaviour">應用行為</string>
+  <string name="vpnbehaviour">VPN行為</string>
+  <string name="allow_vpn_changes">允許更改VPN配置文件</string>
+  <string name="hwkeychain">硬件密鑰庫：</string>
+  <string name="permission_icon_app">應用程序嘗試使用OpenVPN的為Android的圖標</string>
+  <string name="faq_vpndialog43">“與Android 4.3啟動VPN確認是防範”覆蓋應用程序“，這將導致該對話框沒有反應，觸摸輸入。如果你有一個使用覆蓋一個應用程序可能會導致此行為。如果發現違規應用程序聯繫作者該應用程序的。這個問題影響到在Android 4.3及更高版本的所有VPN應用。另見&lt;a href=\"https://github.com/schwabe/ics-openvpn/issues/185\"&gt;Issue 185&lt;a&gt;了解更多詳細信息“</string>
+  <string name="faq_vpndialog43_title">Vpn確認對話框</string>
+  <string name="donatePlayStore">或者你可以給我的Play商店捐贈：</string>
+  <string name="thanks_for_donation">感謝捐贈%s！</string>
+  <string name="logCleared">日誌清除。</string>
+  <string name="show_password">顯示密碼</string>
+  <string name="keyChainAccessError">鑰匙串訪問錯誤：%s</string>
+  <string name="timestamp_short">短</string>
+  <string name="timestamp_iso">ISO</string>
+  <string name="timestamps">時間戳</string>
+  <string name="timestamps_none">無</string>
+  <string name="uploaded_data">上傳</string>
+  <string name="downloaded_data">下載</string>
+  <string name="vpn_status">Vpn狀態</string>
+  <string name="logview_options">查看選項</string>
+  <string name="unhandled_exception">未處理的異常：%1$s \ñ\ n%2$s</string>
+  <string name="unhandled_exception_context">%3$s：%1$s \ñ\ n%2$s</string>
+  <string name="faq_system_dialog_xposed">如果你已經植根Android設備可以安裝&lt;a href=\"http://xposed.info/\"&gt;Xposed framework&lt;/a&gt;和的&lt;a href=\"http://repo.xposed.info/module/de.blinkt.vpndialogxposed\"&gt;VPN對話框確認module&lt;/a&gt;需要您自擔風險“</string>
+  <string name="full_licenses">證照齊全</string>
+  <string name="blocklocal_summary">直接連接到本地接口的網絡將不被路由通過VPN。取消選擇此選項將縮進重定向本地網絡的VPN的所有流量。</string>
+  <string name="blocklocal_title">旁路VPN本地網絡</string>
+  <string name="userpw_file">用戶名/密碼文件</string>
+  <string name="imported_from_file">[進口：%s]</string>
+  <string name="files_missing_hint">一些文件無法找到。請選擇要導入的文件的配置文件：</string>
+  <string name="openvpn_is_no_free_vpn">要使用這個程序，你需要一個VPN供應商/ VPN支持OpenVPN的網關（通常由雇主提供）。查看http://community.openvpn.net/關於OpenVPN的更多信息，以及如何設置自己的OpenVPN服務器。</string>
+  <string name="import_log">導入日誌：</string>
+  <string name="ip_looks_like_subnet">VPN拓撲“%3$s”規定，但使用ifconfig %1$s %2$s看起來更像是一個網絡掩碼的IP地址。假設“子網”的拓撲結構。</string>
+  <string name="mssfix_invalid_value">MSS的覆蓋值必須在0到9000的整數</string>
+  <string name="mssfix_value_dialog">宣布運行在他們應當限制其發送的包大小，使得後的OpenVPN已包封它們，將所得的UDP包大小的OpenVPN給對端發送將不超過此字節數的隧道的TCP會話。 （默認為1450）</string>
+  <string name="mssfix_checkbox">重寫 TCP 負載的 MSS 的值</string>
+  <string name="mssfix_dialogtitle">設置的 TCP MSS 負載</string>
+  <string name="client_behaviour">客戶端行為</string>
+  <string name="clear_external_apps">清除允許外部應用程序</string>
+  <string name="loading">載入中...</string>
+  <string name="allowed_vpn_apps_info">允許上傳的VPN應用程序：%1$s</string>
+  <string name="disallowed_vpn_apps_info">不允許VPN應用程序：%1$s</string>
+  <string name="app_no_longer_exists">包%s不再安裝，從應用程序刪除它允許/禁止列表</string>
+  <string name="vpn_disallow_radio">VPN適用於所有的應用程序，但不包括所選</string>
+  <string name="vpn_allow_radio">的VPN僅用於對選定的應用程序</string>
+  <string name="query_delete_remote">刪除遠程服務器條目？</string>
+  <string name="keep">養</string>
+  <string name="delete">刪</string>
+  <string name="add_remote">添加新的遠程</string>
+  <string name="query_permissions_sdcard">添加新的遠程</string>
+  <string name="protocol">協定</string>
+  <string name="enabled_connection_entry">啟用</string>
+  <string name="abi_mismatch">該設備的優先考慮的母語ABI優先級（%1$s）和ABI報告本地庫（%2$s）不匹配</string>
+  <string name="months_left">離開%d個月</string>
+  <string name="days_left">離開%d天</string>
+  <string name="hours_left">%d小時離開</string>
 </resources>
diff --git a/app/src/main/res/values/colours.xml b/app/src/main/res/values/colours.xml
index f27167f3..d06bc233 100644
--- a/app/src/main/res/values/colours.xml
+++ b/app/src/main/res/values/colours.xml
@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!--
-  ~ Copyright (c) 2012-2014 Arne Schwabe
+  ~ Copyright (c) 2012-2016 Arne Schwabe
   ~ Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
   -->
 
diff --git a/app/src/main/res/values/dimens.xml b/app/src/main/res/values/dimens.xml
index 727f5a78..f8fafecd 100644
--- a/app/src/main/res/values/dimens.xml
+++ b/app/src/main/res/values/dimens.xml
@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!--
-  ~ Copyright (c) 2012-2014 Arne Schwabe
+  ~ Copyright (c) 2012-2016 Arne Schwabe
   ~ Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
   -->
 
diff --git a/app/src/main/res/values/refs.xml b/app/src/main/res/values/refs.xml
index 6abfb609..dce39385 100644
--- a/app/src/main/res/values/refs.xml
+++ b/app/src/main/res/values/refs.xml
@@ -1,14 +1,14 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!--
-  ~ Copyright (c) 2012-2014 Arne Schwabe
+  ~ Copyright (c) 2012-2016 Arne Schwabe
   ~ Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
   -->
 
 <resources>
-  <drawable name="ic_menu_close_clear_cancel">@android:drawable/ic_menu_close_clear_cancel</drawable>
-  <drawable name="ic_menu_share">@android:drawable/ic_menu_share </drawable>
-  <drawable name="ic_menu_save">@android:drawable/ic_menu_save</drawable>
-  <drawable name="ic_menu_view">@android:drawable/ic_menu_view</drawable>
-  <drawable name="ic_menu_delete">@android:drawable/ic_menu_delete</drawable>
-  <drawable name="ic_menu_edit">@android:drawable/ic_menu_edit</drawable>
+    <drawable name="ic_menu_close_clear_cancel">@android:drawable/ic_menu_close_clear_cancel</drawable>
+    <drawable name="ic_menu_share">@android:drawable/ic_menu_share </drawable>
+    <drawable name="ic_menu_save">@android:drawable/ic_menu_save</drawable>
+    <drawable name="ic_menu_view">@android:drawable/ic_menu_view</drawable>
+    <drawable name="ic_menu_delete">@android:drawable/ic_menu_delete</drawable>
+    <drawable name="ic_menu_edit">@android:drawable/ic_menu_edit</drawable>
 </resources>
diff --git a/app/src/main/res/values/strings-icsopenvpn.xml b/app/src/main/res/values/strings-icsopenvpn.xml
index dec656fc..aa65a14d 100755
--- a/app/src/main/res/values/strings-icsopenvpn.xml
+++ b/app/src/main/res/values/strings-icsopenvpn.xml
@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="utf-8"?> <!--
-  ~ Copyright (c) 2012-2014 Arne Schwabe
+  ~ Copyright (c) 2012-2016 Arne Schwabe
   ~ Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
   -->
 <resources>
@@ -18,7 +18,7 @@
     <string name="client_pkcs12_title">PKCS12 File</string>
     <string name="ca_title">CA Certificate</string>
     <string name="no_certificate">You must select a certificate</string>
-    <string name="copyright_guicode">Source code and issue tracker available at https://github.com/schwabe/ics-openvpn</string>
+    <string name="copyright_guicode">Source code and issue tracker available at https://github.com/schwabe/ics-openvpn/</string>
     <string name="copyright_others">This program uses the following components; see the source code for full details on the licenses</string>
     <string name="about">About</string>
     <string name="vpn_list_title">Profiles</string>
@@ -157,7 +157,7 @@
     <string name="converted_profile">imported profile</string>
     <string name="converted_profile_i">imported profile %d</string>
     <string name="broken_images">Broken Images</string>
-    <string name="broken_images_faq">&lt;p&gt;Official HTC images are known to have a strange routing problem causing traffic not to flow through the tunnel (See also &lt;a href="http://code.google.com/p/ics-openvpn/issues/detail?id=18"&gt;Issue 18&lt;/a&gt; in the bug tracker.)&lt;/p&gt;&lt;p&gt;Older official SONY images from Xperia Arc S and Xperia Ray have been reported to be missing the VPNService completely from the image. (See also &lt;a href="http://code.google.com/p/ics-openvpn/issues/detail?id=29"&gt;Issue 29&lt;/a&gt; in the bug tracker.)&lt;/p&gt;&lt;p&gt;On custom build images the tun module might be missing or the rights of /dev/tun might be wrong. Some CM9 images need the "Fix ownership" option under "Device specific hacks" enabled.&lt;/p&gt;&lt;p&gt;Most importantly: If your device has a broken Android image, report it to your vendor. The more people who report an issue to the vendor, the more likely they are to fix it.&lt;/p&gt;</string>
+    <string name="broken_images_faq">&lt;p&gt;Official HTC images are known to have a strange routing problem causing traffic not to flow through the tunnel (See also &lt;a href="https://github.com/schwabe/ics-openvpn/issues/18"&gt;Issue 18&lt;/a&gt; in the bug tracker.)&lt;/p&gt;&lt;p&gt;Older official SONY images from Xperia Arc S and Xperia Ray have been reported to be missing the VPNService completely from the image. (See also &lt;a href="https://github.com/schwabe/ics-openvpn/issues/29"&gt;Issue 29&lt;/a&gt; in the bug tracker.)&lt;/p&gt;&lt;p&gt;On custom build images the tun module might be missing or the rights of /dev/tun might be wrong. Some CM9 images need the "Fix ownership" option under "Device specific hacks" enabled.&lt;/p&gt;&lt;p&gt;Most importantly: If your device has a broken Android image, report it to your vendor. The more people who report an issue to the vendor, the more likely they are to fix it.&lt;/p&gt;</string>
     <string name="pkcs12_file_encryption_key">PKCS12 File Encryption Key</string>
     <string name="private_key_password">Private Key Password</string>
     <string name="password">Password</string>
@@ -178,7 +178,7 @@
     <string name="keychain_nocacert">No CA Certificate returned while reading from Android keystore. Authentication will probably fail.</string>
     <string name="show_log_summary">Shows the log window on connect. The log window can always be accessed from the notification status.</string>
     <string name="show_log_window">Show log window</string>
-    <string name="mobile_info">Running on %1$s (%2$s) %3$s, Android API %4$d</string>
+    <string name="mobile_info">%10$s %9$s running on %3$s %1$s (%2$s), Android %6$s (%7$s) API %4$d, ABI %5$s, (%8$s)</string>
     <string name="error_rsa_sign">Error signing with Android keystore key %1$s: %2$s</string>
     <string name="faq_system_dialogs">The VPN connection warning telling you that this app can intercept all traffic is imposed by the system to prevent abuse of the VPNService API.\nThe VPN connection notification (The key symbol) is also imposed by the Android system to signal an ongoing VPN connection. On some images this notification plays a sound.\nAndroid introduced these system dialogs for your own safety and made sure that they cannot be circumvented. (On some images this unfortunately includes a notification sound)</string>
     <string name="faq_system_dialogs_title">Connection warning and notification sound</string>
@@ -192,7 +192,7 @@
     <string name="warn_no_dns">No DNS servers being used. Name resolution may not work. Consider setting custom DNS Servers. Please also note that Android will keep using your proxy settings specified for your mobile/Wi-Fi connection when no DNS servers are set.</string>
     <string name="dns_add_error">Could not add DNS Server \"%1$s\", rejected by the system: %2$s</string>
     <string name="ip_add_error">Could not configure IP Address \"%1$s\", rejected by the system: %2$s</string>
-    <string name="faq_howto">&lt;p&gt;Get a working config (tested on your computer or download from your provider/organisation)&lt;/p&gt;&lt;p&gt;If it is a single file with no extra pem/pks12 files you can email the file yourself and open the attachment. If you have multiple files put them on your sd card.&lt;/p&gt;&lt;p&gt;Click on the email attachment/Use the folder icon in the vpn list to import the config file&lt;/p&gt;&lt;p&gt;If there are errors about missing files put the missing files on your sd card.&lt;/p&gt;&lt;p&gt;Click on the save symbol to add the imported VPN to your VPN list&lt;/p&gt;&lt;p&gt;Connect the VPN by clicking on the name of the VPN&lt;/p&gt;&lt;p&gt;If there are error or warnings in the log try to understand the warnings/error and try to fix them&lt;/p&gt; </string>
+    <string name="faq_howto">&lt;p&gt;Get a working config (tested on your computer or download from your provider/organisation)&lt;/p&gt;&lt;p&gt;If it is a single file with no extra pem/pkcs12 files you can email the file yourself and open the attachment. If you have multiple files put them on your sd card.&lt;/p&gt;&lt;p&gt;Click on the email attachment/Use the folder icon in the vpn list to import the config file&lt;/p&gt;&lt;p&gt;If there are errors about missing files put the missing files on your sd card.&lt;/p&gt;&lt;p&gt;Click on the save symbol to add the imported VPN to your VPN list&lt;/p&gt;&lt;p&gt;Connect the VPN by clicking on the name of the VPN&lt;/p&gt;&lt;p&gt;If there are error or warnings in the log try to understand the warnings/error and try to fix them&lt;/p&gt; </string>
     <string name="faq_howto_title">Quick Start</string>
     <string name="setting_loadtun_summary">Try to load the tun.ko kernel module before trying to connect. Needs rooted devices.</string>
     <string name="setting_loadtun">Load tun module</string>
@@ -223,7 +223,7 @@
     <string name="import_config">Import OpenVPN configuration</string>
     <string name="battery_consumption_title">Battery consumption</string>
     <string name="baterry_consumption">In my personal tests the main reason for high battery consumption of OpenVPN are the keepalive packets. Most OpenVPN servers have a configuration directive like \'keepalive 10 60\' which causes the client and server to exchange keepalive packets every ten seconds. &lt;p&gt; While these packets are small and do not use much traffic, they keep the mobile radio network busy and increase the energy consumption. (See also &lt;a href="http://developer.android.com/training/efficient-downloads/efficient-network-access.html#RadioStateMachine"&gt;The Radio State Machine | Android Developers&lt;/a&gt;) &lt;p&gt; This keepalive setting cannot be changed on the client. Only the system administrator of the OpenVPN can change the setting. &lt;p&gt; Unfortunately using a keepalive larger than 60 seconds with UDP can cause some NAT gateways to drop the connection due to an inactivity timeout. Using TCP with a long keep alive timeout works, but tunneling TCP over TCP performs extremely poorly on connections with high packet loss. (See &lt;a href="http://sites.inka.de/bigred/devel/tcp-tcp.html"&gt;Why TCP Over TCP Is A Bad Idea&lt;/a&gt;)</string>
-    <string name="faq_tethering">The Android Tethering feature (over WiFi, USB or Bluetooth) and the VPNService API (used by this program) do not work together. For more details see the &lt;a href=\"http://code.google.com/p/ics-openvpn/issues/detail?id=34\">issue #34&lt;/a></string>
+    <string name="faq_tethering">The Android Tethering feature (over WiFi, USB or Bluetooth) and the VPNService API (used by this program) do not work together. For more details see the &lt;a href=\"https://github.com/schwabe/ics-openvpn/issues/34\">issue #34&lt;/a></string>
     <string name="vpn_tethering_title">VPN and Tethering</string>
     <string name="connection_retries">Connection retries</string>
     <string name="reconnection_settings">Reconnection settings</string>
@@ -258,7 +258,6 @@
     <string name="encryption_cipher">Encryption cipher</string>
     <string name="packet_auth">Packet authentication</string>
     <string name="auth_dialog_title">Enter packet authentication method</string>
-    <string name="mobile_info_extended">Running on %1$s (%2$s) %3$s, Android API %4$d, version %5$s, %6$s</string>
     <string name="built_by">built by %s</string>
     <string name="debug_build">debug build</string>
     <string name="official_build">official build</string>
@@ -377,10 +376,28 @@
     <string name="ab_persist_tun_title">Persist tun mode</string>
     <string name="version_and_later">%s and later</string>
     <string name="tls_cipher_alert_title">Connections fails with SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure</string>
-    <string name="tls_cipher_alert">Newer OpenVPN for Android versions (0.6.29/March 2015) use a more secure default for the allowed cipher suites (tls-cipher \"DEFAULT:!EXP:!PSK:!SRP:!kRSA\"). Unfortunately, omitting the less secure cipher suites and export cipher suites, especially the omission of cipher suites that do not support Perfect Forward Secrecy (Diffie-Hellman) causes some problems. This usually caused by an well-intentioned but poorly executed attempts to strengthen TLS security by setting tls-cipher on the server or some embedded OSes with stripped down SSL (e.g. MikroTik).\nTo solve this problem the problem, set the tls-cipher settings on the server to reasonable default like tls-cipher \"DEFAULT:!EXP:!PSK:!SRP:!kRSA\". To work around the problem on the client add the custom option tls-cipher DEFAULT on the Android client.</string>
+    <string name="tls_cipher_alert">Newer OpenVPN for Android versions (0.6.29/March 2015) use a more secure default for the allowed cipher suites (tls-cipher \"DEFAULT:!EXP:!PSK:!SRP:!kRSA\"). Unfortunately, omitting the less secure cipher suites and export cipher suites, especially the omission of cipher suites that do not support Perfect Forward Secrecy (Diffie-Hellman) causes some problems. This usually caused by an well-intentioned but poorly executed attempt to strengthen TLS security by setting tls-cipher on the server or some embedded OSes with stripped down SSL (e.g. MikroTik).\nTo solve this problem the problem, set the tls-cipher settings on the server to reasonable default like tls-cipher \"DEFAULT:!EXP:!PSK:!SRP:!kRSA\". To work around the problem on the client add the custom option tls-cipher DEFAULT on the Android client.</string>
     <string name="message_no_user_edit">This profile has been added from an external app (%s) and has been marked as not user editable.</string>
     <string name="crl_file">Certificate Revocation List</string>
     <string name="service_restarted">Restarting OpenVPN Service (App crashed probably crashed or killed for memory pressure)</string>
     <string name="import_config_error">Importing the config yielded an error, cannot save it</string>
-
+    <string name="Search">Search</string>
+    <string name="lastdumpdate">(Last dump is %1$d:%2$dh old (%3$s))</string>
+    <string name="clear_log_on_connect">Clear log on new connection</string>
+    <string name="connect_timeout">Connect Timeout</string>
+    <string name="no_allowed_app">No allowed app added. Adding ourselves (%s) to have at least one app in the allowed app list to not allow all apps</string>
+    <string name="query_permissions_sdcard">OpenVPN for Android can try to discover the missing file(s) on the sdcard automatically. Tap this message start the permission request.</string>
+    <string name="protocol">Protocol</string>
+    <string name="enabled_connection_entry">Enabled</string>
+    <string name="abi_mismatch">Preferred native ABI precedence of this device (%1$s) and ABI reported by native libraries (%2$s) mismatch</string>
+    <string name="months_left">%d months left</string>
+    <string name="days_left">%d days left</string>
+    <string name="hours_left">%d hours left</string>
+    <string name="permission_revoked">VPN permission revoked by OS (e.g. other VPN program started), stopping VPN</string>
+    <string name="pushpeerinfo">Push Peer info</string>
+    <string name="pushpeerinfosummary">Send extra information to the server, e.g. SSL version and Android version</string>
+    <string name="pw_request_dialog_title">Need %1$s</string>
+    <string name="pw_request_dialog_prompt">Please enter the password for profile %1$s</string>
+    <string name="menu_use_inline_data">Use inline data</string>
+    <string name="export_config_chooser_title">Export configuration file</string>
 </resources>
diff --git a/app/src/main/res/values/styles.xml b/app/src/main/res/values/styles.xml
index 94970c88..13d5e0b1 100644
--- a/app/src/main/res/values/styles.xml
+++ b/app/src/main/res/values/styles.xml
@@ -1,24 +1,14 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!--
-  ~ Copyright (c) 2012-2014 Arne Schwabe
+  ~ Copyright (c) 2012-2016 Arne Schwabe
   ~ Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
   -->
 
 <resources>
     <style name="blinkt.baseTheme" parent="android:Theme.DeviceDefault.Light" />
-    <style name="blinkt.common" parent="blinkt.baseTheme" >
-        <!-- Shared between Holo and Material -->
-        <item name="android:preferenceStyle">@style/BlinktPreferencePanel</item>
+    <style name="blinkt" parent="blinkt.baseTheme" />
 
-    </style>
-
-    <style name="blinkt" parent="blinkt.common">
-    </style>
-
-    <!-- No margins or background by default. Not different for x-large screens -->
-    <style name="BlinktPreferencePanel">
-        <item name="android:background">@color/gelb</item>
-    </style>
+    <style name="blinkt.dialog" parent="android:Theme.DeviceDefault.Light.Dialog" />
 
     <style name="item">
         <item name="android:layout_width">match_parent</item>
diff --git a/ics-openvpn b/ics-openvpn
index 0c5ab6b9..d0884e10 160000
--- a/ics-openvpn
+++ b/ics-openvpn
@@ -1 +1 @@
-Subproject commit 0c5ab6b91844319433932b67e97fbb23649ca006
+Subproject commit d0884e1053fcf0c062b1df7738166abd7f90d3c2
-- 
cgit v1.2.3


From 8e67e4d2167f2508d7f069af4d69f0f2931844a7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Parm=C3=A9nides=20GV?= <parmegv@sdf.org>
Date: Sat, 6 Feb 2016 13:57:50 +0100
Subject: Pause icon, init log file in Dashboard

---
 app/build.gradle                                   |   3 +-
 .../de/blinkt/openvpn/activities/BaseActivity.java |  27 ++
 .../de/blinkt/openvpn/core/LogFileHandler.java     | 140 ++++++++
 .../main/java/se/leap/bitmaskclient/Dashboard.java |  18 +
 .../main/res/drawable-hdpi/ic_pause_white_24dp.png | Bin 0 -> 105 bytes
 .../res/drawable-hdpi/ic_play_arrow_white_24dp.png | Bin 0 -> 195 bytes
 .../main/res/drawable-mdpi/ic_pause_white_24dp.png | Bin 0 -> 83 bytes
 .../res/drawable-mdpi/ic_play_arrow_white_24dp.png | Bin 0 -> 157 bytes
 .../res/drawable-xhdpi/ic_pause_white_24dp.png     | Bin 0 -> 90 bytes
 .../drawable-xhdpi/ic_play_arrow_white_24dp.png    | Bin 0 -> 220 bytes
 .../res/drawable-xxhdpi/ic_pause_white_24dp.png    | Bin 0 -> 92 bytes
 .../drawable-xxhdpi/ic_play_arrow_white_24dp.png   | Bin 0 -> 283 bytes
 .../res/drawable-xxxhdpi/ic_pause_white_24dp.png   | Bin 0 -> 94 bytes
 .../drawable-xxxhdpi/ic_play_arrow_white_24dp.png  | Bin 0 -> 343 bytes
 app/src/main/res/values-sl/strings-icsopenvpn.xml  | 398 +++++++++++++++++++++
 app/src/main/res/values-v21/refs.xml               |   2 +
 ics-openvpn                                        |   2 +-
 17 files changed, 588 insertions(+), 2 deletions(-)
 create mode 100644 app/src/main/java/de/blinkt/openvpn/activities/BaseActivity.java
 create mode 100644 app/src/main/java/de/blinkt/openvpn/core/LogFileHandler.java
 create mode 100644 app/src/main/res/drawable-hdpi/ic_pause_white_24dp.png
 create mode 100644 app/src/main/res/drawable-hdpi/ic_play_arrow_white_24dp.png
 create mode 100644 app/src/main/res/drawable-mdpi/ic_pause_white_24dp.png
 create mode 100644 app/src/main/res/drawable-mdpi/ic_play_arrow_white_24dp.png
 create mode 100644 app/src/main/res/drawable-xhdpi/ic_pause_white_24dp.png
 create mode 100644 app/src/main/res/drawable-xhdpi/ic_play_arrow_white_24dp.png
 create mode 100644 app/src/main/res/drawable-xxhdpi/ic_pause_white_24dp.png
 create mode 100644 app/src/main/res/drawable-xxhdpi/ic_play_arrow_white_24dp.png
 create mode 100644 app/src/main/res/drawable-xxxhdpi/ic_pause_white_24dp.png
 create mode 100644 app/src/main/res/drawable-xxxhdpi/ic_play_arrow_white_24dp.png
 create mode 100755 app/src/main/res/values-sl/strings-icsopenvpn.xml

diff --git a/app/build.gradle b/app/build.gradle
index f65f99fd..8c8b6d38 100644
--- a/app/build.gradle
+++ b/app/build.gradle
@@ -128,7 +128,8 @@ task copyIcsOpenVPNImages( type: Copy ) {
     include '**/ic_close*.png'
     include '**/ic_edit*.png'
     include '**/ic_check*.png'
-
+      include '**/ic_pause*.png'
+      include '**/ic_play*.png'
     includeEmptyDirs = false
   } into '.'
 }
diff --git a/app/src/main/java/de/blinkt/openvpn/activities/BaseActivity.java b/app/src/main/java/de/blinkt/openvpn/activities/BaseActivity.java
new file mode 100644
index 00000000..8cdc1e90
--- /dev/null
+++ b/app/src/main/java/de/blinkt/openvpn/activities/BaseActivity.java
@@ -0,0 +1,27 @@
+/*
+ * Copyright (c) 2012-2015 Arne Schwabe
+ * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
+ */
+
+package de.blinkt.openvpn.activities;
+
+import android.app.Activity;
+import android.app.UiModeManager;
+import android.content.res.Configuration;
+import android.os.Bundle;
+import android.view.Window;
+
+public class BaseActivity extends Activity {
+    private boolean isAndroidTV() {
+        final UiModeManager uiModeManager = (UiModeManager) getSystemService(Activity.UI_MODE_SERVICE);
+        return uiModeManager.getCurrentModeType() == Configuration.UI_MODE_TYPE_TELEVISION;
+    }
+
+    @Override
+    protected void onCreate(Bundle savedInstanceState) {
+        if (isAndroidTV()) {
+            requestWindowFeature(Window.FEATURE_OPTIONS_PANEL);
+        }
+        super.onCreate(savedInstanceState);
+    }
+}
diff --git a/app/src/main/java/de/blinkt/openvpn/core/LogFileHandler.java b/app/src/main/java/de/blinkt/openvpn/core/LogFileHandler.java
new file mode 100644
index 00000000..5c1741d9
--- /dev/null
+++ b/app/src/main/java/de/blinkt/openvpn/core/LogFileHandler.java
@@ -0,0 +1,140 @@
+/*
+ * Copyright (c) 2012-2015 Arne Schwabe
+ * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
+ */
+
+package de.blinkt.openvpn.core;
+
+import android.os.Handler;
+import android.os.Looper;
+import android.os.Message;
+import android.os.Parcel;
+
+import java.io.BufferedInputStream;
+import java.io.BufferedOutputStream;
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.FileNotFoundException;
+import java.io.FileOutputStream;
+import java.io.IOException;
+
+/**
+ * Created by arne on 23.01.16.
+ */
+class LogFileHandler extends Handler {
+    static final int TRIM_LOG_FILE = 100;
+    static final int FLUSH_TO_DISK = 101;
+    static final int LOG_INIT = 102;
+    public static final int LOG_MESSAGE = 103;
+    private static FileOutputStream mLogFile;
+    private static BufferedOutputStream mBufLogfile;
+
+    public static final String LOGFILE_NAME = "logcache.dat";
+
+
+    public LogFileHandler(Looper looper) {
+        super(looper);
+    }
+
+
+    @Override
+    public void handleMessage(Message msg) {
+        try {
+            if (msg.what == LOG_INIT) {
+                readLogCache((File) msg.obj);
+                openLogFile((File) msg.obj);
+            } else if (msg.what == LOG_MESSAGE && msg.obj instanceof VpnStatus.LogItem) {
+                // Ignore log messages if not yet initialized
+                if (mLogFile == null)
+                    return;
+                writeLogItemToDisk((VpnStatus.LogItem) msg.obj);
+            } else if (msg.what == TRIM_LOG_FILE) {
+                trimLogFile();
+                for (VpnStatus.LogItem li : VpnStatus.getlogbuffer())
+                    writeLogItemToDisk(li);
+            } else if (msg.what == FLUSH_TO_DISK) {
+                flushToDisk();
+            }
+
+        } catch (IOException e) {
+            e.printStackTrace();
+            VpnStatus.logError("Error during log cache: " + msg.what);
+            VpnStatus.logException(e);
+        }
+
+    }
+
+    private void flushToDisk() throws IOException {
+        mLogFile.flush();
+    }
+
+    private static void trimLogFile() {
+        try {
+            mBufLogfile.flush();
+            mLogFile.getChannel().truncate(0);
+
+        } catch (IOException e) {
+            e.printStackTrace();
+        }
+    }
+
+
+    private void writeLogItemToDisk(VpnStatus.LogItem li) throws IOException {
+        Parcel p = Parcel.obtain();
+        li.writeToParcel(p, 0);
+        // We do not really care if the log cache breaks between Android upgrades,
+        // write binary format to disc
+        byte[] liBytes = p.marshall();
+
+        mLogFile.write(liBytes.length & 0xff);
+        mLogFile.write(liBytes.length >> 8);
+        mLogFile.write(liBytes);
+        p.recycle();
+    }
+
+    private void openLogFile (File cacheDir) throws FileNotFoundException {
+        File logfile = new File(cacheDir, LOGFILE_NAME);
+        mLogFile = new FileOutputStream(logfile);
+        mBufLogfile = new BufferedOutputStream(mLogFile);
+    }
+
+    private void readLogCache(File cacheDir) {
+        File logfile = new File(cacheDir, LOGFILE_NAME);
+
+        if (!logfile.exists() || !logfile.canRead())
+            return;
+
+        VpnStatus.logDebug("Reread log items from cache file");
+
+        try {
+            BufferedInputStream logFile = new BufferedInputStream(new FileInputStream(logfile));
+
+            byte[] buf = new byte[8192];
+            int read = logFile.read(buf, 0, 2);
+
+            while (read > 0) {
+                // Marshalled LogItem
+                int len = (0xff & buf[0]) | buf[1] << 8;
+
+                read = logFile.read(buf, 0, len);
+
+                Parcel p = Parcel.obtain();
+                p.unmarshall(buf, 0, read);
+                p.setDataPosition(0);
+                VpnStatus.LogItem li = VpnStatus.LogItem.CREATOR.createFromParcel(p);
+                VpnStatus.newLogItem(li, true);
+                p.recycle();
+
+                //Next item
+                read = logFile.read(buf, 0, 2);
+            }
+
+        } catch (java.io.IOException | java.lang.RuntimeException e) {
+            VpnStatus.logError("Reading cached logfile failed");
+            VpnStatus.logException(e);
+            e.printStackTrace();
+            // ignore reading file error
+        }
+    }
+
+}
diff --git a/app/src/main/java/se/leap/bitmaskclient/Dashboard.java b/app/src/main/java/se/leap/bitmaskclient/Dashboard.java
index bdc36e89..218b22a7 100644
--- a/app/src/main/java/se/leap/bitmaskclient/Dashboard.java
+++ b/app/src/main/java/se/leap/bitmaskclient/Dashboard.java
@@ -1,3 +1,19 @@
+/**
+ * Copyright (c) 2013 LEAP Encryption Access Project and contributers
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
 /**
  * Copyright (c) 2013 LEAP Encryption Access Project and contributers
  *
@@ -31,6 +47,7 @@ import org.json.*;
 import java.net.*;
 
 import butterknife.*;
+import de.blinkt.openvpn.core.VpnStatus;
 import se.leap.bitmaskclient.eip.*;
 import se.leap.bitmaskclient.userstatus.*;
 
@@ -75,6 +92,7 @@ public class Dashboard extends Activity implements ProviderAPIResultReceiver.Rec
         app = this;
 
         PRNGFixes.apply();
+        VpnStatus.initLogCache(getApplicationContext().getCacheDir());
 
         preferences = getSharedPreferences(SHARED_PREFERENCES, MODE_PRIVATE);
         fragment_manager = new FragmentManagerEnhanced(getFragmentManager());
diff --git a/app/src/main/res/drawable-hdpi/ic_pause_white_24dp.png b/app/src/main/res/drawable-hdpi/ic_pause_white_24dp.png
new file mode 100644
index 00000000..4d2ea05c
Binary files /dev/null and b/app/src/main/res/drawable-hdpi/ic_pause_white_24dp.png differ
diff --git a/app/src/main/res/drawable-hdpi/ic_play_arrow_white_24dp.png b/app/src/main/res/drawable-hdpi/ic_play_arrow_white_24dp.png
new file mode 100644
index 00000000..57c9fa54
Binary files /dev/null and b/app/src/main/res/drawable-hdpi/ic_play_arrow_white_24dp.png differ
diff --git a/app/src/main/res/drawable-mdpi/ic_pause_white_24dp.png b/app/src/main/res/drawable-mdpi/ic_pause_white_24dp.png
new file mode 100644
index 00000000..2272d478
Binary files /dev/null and b/app/src/main/res/drawable-mdpi/ic_pause_white_24dp.png differ
diff --git a/app/src/main/res/drawable-mdpi/ic_play_arrow_white_24dp.png b/app/src/main/res/drawable-mdpi/ic_play_arrow_white_24dp.png
new file mode 100644
index 00000000..c61e948b
Binary files /dev/null and b/app/src/main/res/drawable-mdpi/ic_play_arrow_white_24dp.png differ
diff --git a/app/src/main/res/drawable-xhdpi/ic_pause_white_24dp.png b/app/src/main/res/drawable-xhdpi/ic_pause_white_24dp.png
new file mode 100644
index 00000000..f49aed75
Binary files /dev/null and b/app/src/main/res/drawable-xhdpi/ic_pause_white_24dp.png differ
diff --git a/app/src/main/res/drawable-xhdpi/ic_play_arrow_white_24dp.png b/app/src/main/res/drawable-xhdpi/ic_play_arrow_white_24dp.png
new file mode 100644
index 00000000..a3c80e73
Binary files /dev/null and b/app/src/main/res/drawable-xhdpi/ic_play_arrow_white_24dp.png differ
diff --git a/app/src/main/res/drawable-xxhdpi/ic_pause_white_24dp.png b/app/src/main/res/drawable-xxhdpi/ic_pause_white_24dp.png
new file mode 100644
index 00000000..7192ad48
Binary files /dev/null and b/app/src/main/res/drawable-xxhdpi/ic_pause_white_24dp.png differ
diff --git a/app/src/main/res/drawable-xxhdpi/ic_play_arrow_white_24dp.png b/app/src/main/res/drawable-xxhdpi/ic_play_arrow_white_24dp.png
new file mode 100644
index 00000000..547ef30a
Binary files /dev/null and b/app/src/main/res/drawable-xxhdpi/ic_play_arrow_white_24dp.png differ
diff --git a/app/src/main/res/drawable-xxxhdpi/ic_pause_white_24dp.png b/app/src/main/res/drawable-xxxhdpi/ic_pause_white_24dp.png
new file mode 100644
index 00000000..660ac658
Binary files /dev/null and b/app/src/main/res/drawable-xxxhdpi/ic_pause_white_24dp.png differ
diff --git a/app/src/main/res/drawable-xxxhdpi/ic_play_arrow_white_24dp.png b/app/src/main/res/drawable-xxxhdpi/ic_play_arrow_white_24dp.png
new file mode 100644
index 00000000..be5c062b
Binary files /dev/null and b/app/src/main/res/drawable-xxxhdpi/ic_play_arrow_white_24dp.png differ
diff --git a/app/src/main/res/values-sl/strings-icsopenvpn.xml b/app/src/main/res/values-sl/strings-icsopenvpn.xml
new file mode 100755
index 00000000..fb14e67e
--- /dev/null
+++ b/app/src/main/res/values-sl/strings-icsopenvpn.xml
@@ -0,0 +1,398 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!--Generated by crowdin.com-->
+<!--
+  ~ Copyright (c) 2012-2014 Arne Schwabe
+  ~ Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
+  -->
+<resources>
+
+  <string name="address">Naslov strežnika:</string>
+  <string name="port">Vrata strežnika:</string>
+  <string name="location">Mesto</string>
+  <string name="cant_read_folder">Branje mape ni mogoče</string>
+  <string name="select">Izberi</string>
+  <string name="cancel">Prekliči</string>
+  <string name="no_data">Ni podatkov</string>
+  <string name="useLZO">Stiskanje LZO</string>
+  <string name="client_no_certificate">Ni potrdil</string>
+  <string name="client_certificate_title">Potrdilo odjemalca</string>
+  <string name="client_key_title">Ključ potrdila odjemalca</string>
+  <string name="client_pkcs12_title">Datoteka PKCS12</string>
+  <string name="ca_title">Potrdilo CA</string>
+  <string name="no_certificate">Izbrati morate potrdilo</string>
+  <string name="copyright_guicode">Izvorna koda in sledilnik težav sta na voljo na http://code.google.com/p/ics-openvpn/</string>
+  <string name="copyright_others">Ta program uporablja naslednje sestavne dele; za vse podrobnosti o dovoljenjih glejte izvorno kodo</string>
+  <string name="about">O programu</string>
+  <string name="vpn_list_title">Profili</string>
+  <string name="vpn_type">Vrsta</string>
+  <string name="pkcs12pwquery">Geslo PKCS12</string>
+  <string name="file_select">Izberi &#8230;</string>
+  <string name="file_nothing_selected">Izbrati morate datoteko</string>
+  <string name="useTLSAuth">Uporabi overitev TLS</string>
+  <string name="tls_direction">Smer TLS</string>
+  <string name="ipv6_dialog_tile">Vnesite naslov IPv6/masko omrežja v obliki CIDR (npr. 2000:dd::23/64)</string>
+  <string name="ipv4_dialog_title">Vnesite naslov IPv4/masko omrežja v obliki CIDR (npr. 1.2.3.4/24)</string>
+  <string name="ipv4_address">Naslov IPv4</string>
+  <string name="ipv6_address">Naslov IPv6</string>
+  <string name="custom_option_warning">Vnesite možnosti OpenVPN po meri. Uporabljajte previdno. Upoštevajte tudi, da veliko nastavitev OpenVPN povezanih z napravami TUN ni mogoče podpreti z zasnovo nastavitev VPN. Če mislite, da manjka pomembna možnost, navežite stik z avtorjem.</string>
+  <string name="auth_username">Uporabniško ime</string>
+  <string name="auth_pwquery">Geslo</string>
+  <string name="static_keys_info">Za statično nastavitev bodo ključi overitve TLS uporabljeni kot statični ključi</string>
+  <string name="configure_the_vpn">Nastavi VPN</string>
+  <string name="menu_add_profile">Dodaj profil</string>
+  <string name="add_profile_name_prompt">Vnesite ime, ki bo označevalo nov profil</string>
+  <string name="duplicate_profile_name">Vnesite edinstveno ime profila</string>
+  <string name="profilename">Ime profila</string>
+  <string name="no_keystore_cert_selected">Izbrati morate uporabniško potrdilo</string>
+  <string name="no_error_found">Nobene napake ni bilo najdene</string>
+  <string name="config_error_found">Napaka v nastavitvah</string>
+  <string name="ipv4_format_error">Napaka pri razčlenjevanju naslova IPv4</string>
+  <string name="custom_route_format_error">Napaka pri razčlenjevanju poti po meri</string>
+  <string name="pw_query_hint">(pustite prazno za poizvedbo na zahtevo)</string>
+  <string name="vpn_shortcut">Bližnjica OpenVPN</string>
+  <string name="vpn_launch_title">Poveži se v VPN</string>
+  <string name="shortcut_profile_notfound">Profila, določenega v bližnjici, ni bilo mogoče najti</string>
+  <string name="random_host_prefix">Predpona naklj. gostitelja</string>
+  <string name="random_host_summary">Doda 6 naključnih znakov pred ime gostitelja</string>
+  <string name="custom_config_title">Omogoči možnosti po meri</string>
+  <string name="custom_config_summary">Določite možnosti po meri. Uporabljajte previdno!</string>
+  <string name="route_rejected">Android je pot zavrnil</string>
+  <string name="cancel_connection">Prekini</string>
+  <string name="cancel_connection_long">Prekini VPN</string>
+  <string name="clear_log">Počisti dnevnik</string>
+  <string name="title_cancel">Prekliči potrditev</string>
+  <string name="cancel_connection_query">Prekini povezan VPN/Prekliči poizkus povezave?</string>
+  <string name="remove_vpn">Odstrani VPN</string>
+  <string name="check_remote_tlscert">Preveri, ali strežnik uporablja potrdilo s strežniškimi končnicami (--remote-cert-tls strežnik)</string>
+  <string name="check_remote_tlscert_title">Pričakuj potrdilo str. TLS</string>
+  <string name="remote_tlscn_check_summary">Preveri DN zadeve potrdila oddaljenega strežnika</string>
+  <string name="remote_tlscn_check_title">Preveri ime gost. potrdila</string>
+  <string name="enter_tlscn_dialog">Določite preverjanje, ki naj se uporabi za preverjanje DN-a oddaljenega potrdila (npr. C=DE, L=Paderborn, OU=Avian IP Carriers, CN=openvpn.blinkt.de).\n\nDoločite celoten DN ali RDN (npr. openvpn.blinkt.de) ali predpono RDN-a za preverjanje.\n\nKadar uporabljate predpono RDN, se \"Strežnik\" primerja s \"Strežnik-1\" in \"Strežnik-2\".\n\nČe pustite besedilno polje prazno, bo RDN preverjen z imenom gostitelja.\n\nZa več podatkov glejte OpenVPN 2.3.1 + stran man v —verify-x509-name.</string>
+  <string name="enter_tlscn_title">Zadeva oddaljenega potrdila</string>
+  <string name="tls_key_auth">Omogoči overitev ključa TLS</string>
+  <string name="tls_auth_file">Datoteka overitve TLS</string>
+  <string name="pull_on_summary">Zahteva naslove IP, poti in časovne možnosti od strežnika.</string>
+  <string name="pull_off_summary">Nobeni podatki niso zahtevani od strežnika. Nastavitve morate določiti spodaj.</string>
+  <string name="use_pull">Dobi nast.</string>
+  <string name="dns">DNS</string>
+  <string name="override_dns">Preglasi nast. DNS str.</string>
+  <string name="dns_override_summary">Uporabi moje strežnike DNS</string>
+  <string name="searchdomain">Išči po domeni</string>
+  <string name="dns1_summary">Strežnik DNS, ki naj se uporabi.</string>
+  <string name="dns_server">Strežnik DNS</string>
+  <string name="secondary_dns_message">Dodatni strežnik DNS, ki naj se uporabi, če običajni strežnik DNS ni dosegljiv.</string>
+  <string name="backup_dns">Pomožni strežnik DNS</string>
+  <string name="ignored_pushed_routes">Prezri potisnjene poti</string>
+  <string name="ignore_routes_summary">Prezri poti, ki jih je potisnil strežnik.</string>
+  <string name="default_route_summary">Preusmeri ves promet preko VPN-a</string>
+  <string name="use_default_title">Uporabi privzeto pot</string>
+  <string name="custom_route_message">Vnesite poti po meri. Cilje vnesite v obliki CIDR. \"10.0.0.0/8 2002::/16\" bo usmeril omrežja 10.0.0.0/8 in 2002::/16 preko VPN-a.</string>
+  <string name="custom_route_message_excluded">Poti, ki ne smejo biti usmerjene preko VPN-a. Uporabite isto skladnost, kot za vključene poti.</string>
+  <string name="custom_routes_title">Poti po meri</string>
+  <string name="custom_routes_title_excluded">Izključena omrežja</string>
+  <string name="log_verbosity_level">Raven podrobnosti dnevnika</string>
+  <string name="float_summary">Omogoča overjene pakete iz vseh IP-jev</string>
+  <string name="float_title">Omogoči lebdeči strežnik</string>
+  <string name="custom_options_title">Možnosti po meri</string>
+  <string name="edit_vpn">Uredi nastavitve VPN</string>
+  <string name="remove_vpn_query">Odstrani profil VPN \'%s\'?</string>
+  <string name="tun_error_helpful">Na nekaterih odtisih ICS je lahko dovoljenje za /dev/tun napačno ali modul TUN v celoti manjka. Za odtise CM9 poizkusite popraviti možnost lastništva v splošnih možnostih.</string>
+  <string name="tun_open_error">Odpiranje vmesnika TUN je spodletelo</string>
+  <string name="error">"Napaka: "</string>
+  <string name="clear">Počisti</string>
+  <string name="last_openvpn_tun_config">Odpiranje vmesnika TUN:</string>
+  <string name="local_ip_info">Krajevni IPv4: %1$s/%2$d IPv6: %3$s MTU: %4$d</string>
+  <string name="dns_server_info">Strežnik DNS: %1$s, domena: %2$s</string>
+  <string name="routes_info_incl">Poti: %1$s %2$s</string>
+  <string name="routes_info_excl">Izključene poti: %1$s %2$s</string>
+  <string name="routes_debug">Nameščene poti storitve VPN: %1$s %2$s</string>
+  <string name="ip_not_cidr">Dobljeni podatki vmesnika %1$s in %2$s, predpostavlja se, da je drugi naslov naslov oddaljenega soležnika. Za krajevni IP bo uporabljena maska omrežja /32. Način, ki ga dobavi OpenVPN, je \"%3$s\".</string>
+  <string name="route_not_cidr">%1$s in %2$s kot poti IP z masko omrežja CIDR ni mogoče razumeti, kot masko omrežja se bo uporabil /32.</string>
+  <string name="route_not_netip">Popravljena pot %1$s/%2$s v %3$s/%2$s</string>
+  <string name="keychain_access">Dostop do potrdil verige ključev Android ni mogoč. To lahko povzroči nadgradnja strojne programske opreme ali obnovitev var. kopije programov/nastavitev programov. Uredite VPN in ponovno izberite potrdilo v osnovnih nastavitvah, da poustvarite dovoljenje za dostop do potrdila.</string>
+  <string name="version_info">%1$s %2$s</string>
+  <string name="send_logfile">Pošlji dnevniško datoteko</string>
+  <string name="send">Pošlji</string>
+  <string name="ics_openvpn_log_file">Dnevniška datoteka OpenVPN ICS</string>
+  <string name="copied_entry">Vnos dnevnika kopiran na odložišče</string>
+  <string name="tap_mode">Način tapanja</string>
+  <string name="faq_tap_mode">Način tapanja ni mogoč z API-jem VPN brez skrbniškega dostopa. Zato ta program ne more omogočiti podpore za tapanje.</string>
+  <string name="tap_faq2">Spet? Ali se hecate? Ne, način tapanja resnično ni podprt in pošiljanje še več pošte z vprašanji, ali bo podprt, ne bo pomagalo.</string>
+  <string name="tap_faq3">Tretjič? V bistvu bi nekdo lahko napisal posnemovalnik tapanja temelječ na TUN-u, ki bi dodal podatke 2. plasti ob pošiljanju in odstranil podatke 2. plasti ob prejemanju. Vendar bi ta posnemovalnik moral imeti izveden ARP in morda odjemalca DHCP. Nisem še slišal, da bi kdo delal na tem. Navežite stik z mano, če bi radi začeli pisati program o tem.</string>
+  <string name="faq">Pogosta vprašanja</string>
+  <string name="copying_log_entries">Kopiranje dnevniških vnosov</string>
+  <string name="faq_copying">Za kopiranje posameznega dnevniškega vnosa pritisnite in pridržite dnevniški vnos. Za kopiranje/pošiljanje celega dnevnika uporabite možnost Pošlji dnevnik. Če v vmesniku gumb ni viden, uporabite menijski gumb naprave.</string>
+  <string name="faq_shortcut">Bližnjica za zagon</string>
+  <string name="faq_howto_shortcut">Za zagon OpenVPN-a lahko na namizje vstavite bližnjico. Odvisno od vašega programa za domači zaslon boste morali dodati ali bližnjico ali pripomoček.</string>
+  <string name="no_vpn_support_image">Vaš odtis žal ne podpira API-ja storitve VPN :(</string>
+  <string name="encryption">Šifriranje</string>
+  <string name="cipher_dialog_title">Vnesite način šifriranja</string>
+  <string name="chipher_dialog_message">Vnesite šifrirni algoritem, ki naj ga uporabi OpenVPN. Za uporabo privzete šifre pustite prazno.</string>
+  <string name="auth_dialog_message">Vnesite izvleček overitve, ki naj se uporabi za OpenVPN. Za privzetega pustite prazno.</string>
+  <string name="settings_auth">Overitev/Šifriranje</string>
+  <string name="file_explorer_tab">Raziskovalec datotek</string>
+  <string name="inline_file_tab">Datoteka v besedilu</string>
+  <string name="error_importing_file">Napaka pri uvažanju datoteke</string>
+  <string name="import_error_message">Datoteke iz datotečnega sistema ni bilo mogoče uvoziti</string>
+  <string name="inline_file_data">[[podatki datoteke v besedilu]]</string>
+  <string name="opentun_no_ipaddr">Zavračanje odpiranja naprave TUN brez podatkov IP</string>
+  <string name="menu_import">Uvozi profil iz datoteke ovpn</string>
+  <string name="menu_import_short">Uvozi</string>
+  <string name="import_content_resolve_error">Profila za uvoz ni bilo mogoče brati</string>
+  <string name="error_reading_config_file">Napaka pri branju nastavitvene datoteke</string>
+  <string name="add_profile">dodaj profil</string>
+  <string name="import_could_not_open">Datoteke %1$s, omenjene v uvoženi nastavitveni datoteki, ni bilo mogoče najti</string>
+  <string name="importing_config">Uvažanje nastavitvene datoteke iz vira %1$s</string>
+  <string name="import_warning_custom_options">Vaše nastavitve so imele nekaj možnosti, ki niso bile preslikane v nastavitve uporabniškega vmesnika. Te možnosti so bile dodane kot nastavitvene možnosti po meri. Nastavitve po meri so prikazane spodaj:</string>
+  <string name="import_done">Branje nastavitvene datoteke je končano.</string>
+  <string name="nobind_summary">Ne veži na krajevni naslov in vrata</string>
+  <string name="no_bind">Brez krajevne vezave</string>
+  <string name="import_configuration_file">Uvozi nastavitveno datoteko</string>
+  <string name="faq_security_title">Varnostne zahteve</string>
+  <string name="faq_security">"Ker je OpenVPN občutljiv na varnost, je smiselno povedati nekaj opomb o varnosti. Vsi podatki na kartici SD po svoji naravi niso varni. Vsak program jih lahko bere (npr. ta program ne zahteva posebnih dovoljenj za kartico SD). Podatke tega programa lahko bere samo program sam. Z uporabo možnosti uvoza za potrdila CA/potrdila/ključe v pogovornem oknu datoteke se podatki shranijo v profilu VPN. Do profilov VPN ima dostop samo ta program (ne pozabite potem izbrisati kopij na kartici SD). Čeprav ima do podatkov dostop samo ta program, so ti še vedno nešifrirani. Z omogočanjem skrbniškega dostopa do telefona ali izkoriščanjem drugih varnostnih ranljivosti je možno pridobiti te podatke. Poleg tega so gesla shranjena v golem besedilu. Za datoteke pkcs12 je zelo priporočljivo, da jih uvozite v Androidovo shrambo ključev."</string>
+  <string name="import_vpn">Uvozi</string>
+  <string name="broken_image_cert_title">Napaka pri prikazu izbire potrdila</string>
+  <string name="broken_image_cert">Pri poizkusu prikaza pogovornega okna izbire potrdila Android 4.0+ je prišlo do izjeme. To se ne bi smelo zgoditi, ker je to standardna značilnost Androida 4.0+. Morda je podpora Android ROM za shranjevanje potrdil pokvarjena.</string>
+  <string name="ipv4">IPv4</string>
+  <string name="ipv6">IPv6</string>
+  <string name="speed_waiting">Čakanje na sporočilo stanja &#8230;</string>
+  <string name="converted_profile">uvoženi profil</string>
+  <string name="converted_profile_i">uvoženi profil %d</string>
+  <string name="broken_images">Pokvarjeni odtisi</string>
+  <string name="broken_images_faq">&lt;p&gt;Uradni HTC-jevi odtisi imajo znano čudno težavo pri usmerjanju, ki povzroča, da promet ne teče skozi tunel (glejte &lt;a href=\"http://code.google.com/p/ics-openvpn/issues/detail?id=18\"&gt;Težavo 18&lt;/a&gt; v sledilniku hroščev.)&lt;/p&gt;&lt;p&gt;Za starejše uradne Sonyjeve odtise iz Xperie Arc S in Xperie Ray je bilo sporočeno, da jim v celoti manjka storitev VPN (glejte &lt;a href=\"http://code.google.com/p/ics-openvpn/issues/detail?id=18\"&gt;Težavo 18&lt;/a&gt; v sledilniku hroščev.)&lt;/p&gt;&lt;p&gt;V odtisih izgrajenih po meri lahko manjka modul TUN ali so dovoljenja za /dev/tun napačna. Nekateri odtisi CM9 potrebujejo omogočeno možnost \"Popravi lastništvo\" v \"Prilagoditvah za naprave\".&lt;/p&gt;&lt;p&gt;Najbolj pomembno: če ima vaša naprava pokvarjen odtis Android, ga prijavite svojemu proizvajalcu. Več ljudi kot prijavi težavo proizvajalcu, bolj verjetno je, da jo bodo popravili.&lt;/p&gt;</string>
+  <string name="pkcs12_file_encryption_key">Ključ za šifriranje datoteke PKCS12</string>
+  <string name="private_key_password">Geslo zasebnega ključa</string>
+  <string name="password">Geslo</string>
+  <string name="file_icon">ikona datoteke</string>
+  <string name="tls_authentication">Overitev TLS</string>
+  <string name="generated_config">Ustvarjene nastavitve</string>
+  <string name="generalsettings">Nastavitve</string>
+  <string name="owner_fix_summary">Poizkusi nastaviti lastnika mape /dev/tun na sistem. Nekateri odtisi CM9 to potrebujejo za delovanje API-ja storitve VPN. Zahteva skrbniški dostop.</string>
+  <string name="owner_fix">Popravi lastništvo mape /dev/tun</string>
+  <string name="generated_config_summary">Prikaže ustvarjeno nastavitveno datoteko OpenVPN</string>
+  <string name="edit_profile_title">Urejanje \"%s\"</string>
+  <string name="building_configration">Izgrajevanje nastavitev &#8230;</string>
+  <string name="netchange_summary">Vklop te storitve bo vsilil ponovno povezavo, če se stanje omrežja spremeni (npr. Wi-Fi v/iz mobilnega omrežja)</string>
+  <string name="netchange">Pon. povez. ob spr. omr.</string>
+  <string name="netstatus">Stanje omrežja: %s</string>
+  <string name="extracahint">Potrdilo CA običajno vrne Androidova shramba ključev. Določite ločeno potrdilo, če dobite napake pri preverjanju potrdil.</string>
+  <string name="select_file">Izberi</string>
+  <string name="keychain_nocacert">Nobeno potrdilo ni bilo vrnjeno med branjem Androidove shrambe ključev. Overitev bo verjetno spodletela.</string>
+  <string name="show_log_summary">Prikaže okno dnevnika ob povezavi. Dostop do okna dnevnika je vedno možen iz stanja obvestila.</string>
+  <string name="show_log_window">Prikaži okno dnevnika</string>
+  <string name="mobile_info">%10$s %9$s se izvaja na %3$s %1$s (%2$s), Android %6$s (%7$s) API %4$d, ABI %5$s, (%8$s)</string>
+  <string name="error_rsa_sign">Napaka pri podpisu s ključem Androidove shrambe ključev %1$s: %2$s</string>
+  <string name="faq_system_dialogs">Opozorilo o povezavi VPN, ki vam sporoča, da lahko ta naprava prestreže ves promet, vsili sistem, da prepreči zlorabo API-ja storitve VPN.\nObvestilo o povezavi VPN (simbol ključa) tudi vsili sistem Android, da nakaže tekočo povezavo VPN. V nekaterih odtisih to obvestilo predvaja zvok.\nAndroid je vpeljal ta sistemska pogovorna okna zaradi vaše varnosti in je poskrbel, da se jih ne da zaobiti (v nekaterih odtisih to na žalost vključuje zvok obvestila).</string>
+  <string name="faq_system_dialogs_title">Opozorilo o povezavi in zvok obvestila</string>
+  <string name="translationby">Angleški prevod: Arne Schwabe&lt;arne@rfc2549.org&gt;</string>
+  <string name="ipdns">IP in DNS</string>
+  <string name="basic">Osnovno</string>
+  <string name="routing">Usmerjanje</string>
+  <string name="obscure">Zamegli OpenVPN Settings. Običajno ni potrebno.</string>
+  <string name="advanced">Napredno</string>
+  <string name="export_config_title">Nastavitve OpenVPN ICS</string>
+  <string name="warn_no_dns">Noben strežnik DNS se ne uporablja. Razrešitev imen morda ne bo delovala. Razmislite o nastavitvi strežnikov DNS po meri. Upoštevajte tudi, da bo Android še naprej uporabljal vaše nastavitve posredniškega strežnika določene za vašo mobilno povezavo/Wi-Fi, ko ni nastavljen noben strežnik DNS.</string>
+  <string name="dns_add_error">Strežnika DNS \"%1$s\" ni bilo mogoče dodati, zavrnil ga je sistem: %2$s</string>
+  <string name="ip_add_error">Naslova IP \"%1$s\" ni bilo mogoče nastaviti, zavrnil ga je sistem: %2$s</string>
+  <string name="faq_howto">&lt;p&gt;Dobite delujoče nastavitve (preizkušene na vašem računalniku ali jih prejmite od vašega ponudnika/organizacije)&lt;/p&gt;&lt;p&gt;Če je to ena sama datoteka brez dodatnih datotek pem/pks12, jo lahko sami pošljete in odprete prilogo. Če imate več datotek, jih prestavite na svojo kartico SD.&lt;/p&gt;&lt;p&gt;Kliknite na e-poštno prilogo/uporabite ikono mape na seznamu VPN-ov, da uvozite nastavitveno datoteko.&lt;/p&gt;&lt;p&gt;Če se pojavijo napake o manjkajočih datotekah, jih vstavite na kartico SD.&lt;/p&gt;&lt;p&gt;Kliknite na simbol za shranjevanje, da dodate uvoženi VPN na svoj seznam VPN-ov.&lt;/p&gt;&lt;p&gt;Povežite VPN s klikom na ime VPN-a.&lt;/p&gt;&lt;p&gt;Če so v dnevniku napake ali opozorila, jih poizkusite razumeti in popraviti.&lt;/p&gt; </string>
+  <string name="faq_howto_title">Hitri zagon</string>
+  <string name="setting_loadtun_summary">Poizkusite naložiti jedro tun.ko pred poizkusom povezave. Zahteva skrbniški dostop.</string>
+  <string name="setting_loadtun">Naloži modul TUN</string>
+  <string name="importpkcs12fromconfig">Uvozi PKCS12 iz nastavitev v Androidovo shrambo ključev</string>
+  <string name="getproxy_error">Napaka pri dobivanju nastavitev posredniškega strežnika: %s</string>
+  <string name="using_proxy">Uporaba posredniškega strežnika %1$s %2$d</string>
+  <string name="use_system_proxy">Uporabi sis. pos. str.</string>
+  <string name="use_system_proxy_summary">Za povezavo uporabi nastavitve celega sistema za posredniške strežnike HTTP/HTTPS.</string>
+  <string name="donatewithpaypal">Darujete lahko s &lt;a href=\"https://www.paypal.com/cgi-bin/webscr?hosted_button_id=R2M6ZP9AF25LS&amp;amp;cmd=_s-xclick\"&gt;PayPalom&lt;/a&gt; </string>
+  <string name="onbootrestartsummary">OpenVPN bo ponovno povezal VPN, če je bil dejaven ob zaustavitvi/ponovnem zagonu sistema. Preberite pogosta vprašanja opozoril o povezavi pred uporabo te možnosti.</string>
+  <string name="onbootrestart">Pon. povez. ob pon. zag.</string>
+  <string name="ignore">Prezri</string>
+  <string name="restart">Ponovno zaženi</string>
+  <string name="restart_vpn_after_change">Spremembe nastavitev se bodo uporabile po ponovnem zagonu VPN-a. (Ponovno) zaženi VPN zdaj?</string>
+  <string name="configuration_changed">Nastavitve so bile spremenjene</string>
+  <string name="log_no_last_vpn">Nazadnje povezanega profila ni bilo mogoče določiti za urejanje</string>
+  <string name="faq_duplicate_notification_title">Podvojena obvestila</string>
+  <string name="faq_duplicate_notification">Če Androidu primanjkuje sistemskega pomnilnika (RAM-a), se programi in storitve, ki trenutno niso potrebne, odstranijo iz dejavnega pomnilnika. To uniči delujočo povezavo VPN. Zaradi zagotovitve, da povezava/OpenVPN preživi, se storitev izvaja z višjo prednostjo. Za izvajanje z višjo prednostjo mora program prikazati obvestilo. Ikono obvestila ključa vsili sistem, kot je to opisano v prejšnjem vnosu pogostih vprašanj. Ne šteje kot obvestilo programa za namen izvajanja z višjo prednostjo.</string>
+  <string name="no_vpn_profiles_defined">Noben profil VPN ni določen.</string>
+  <string name="add_new_vpn_hint">Uporabite ikono &lt;img src=\"ic_menu_add\"/&gt;, da dodate nov VPN.</string>
+  <string name="vpn_import_hint">Uporabite ikono &lt;img src=\"ic_menu_archive\"/&gt;, da uvozite obstoječi profil (.ovpn ali .conf) iz svoje kartice SD.</string>
+  <string name="faq_hint">Prepričajte se, da preverite pogosta vprašanja. Tam je vodnik za hitri začetek.</string>
+  <string name="faq_routing_title">Nastavitve usmerjanja/vmesnika</string>
+  <string name="faq_routing">Nastavitve usmerjanja in vmesnika se ne opravijo preko tradicionalnih ukazov ifconfig/route, toda z uporabo API-ja storitve VPN. To se pokaže v drugačnih nastavitvah usmerjanja, kot v drugih OS-ih.\nNastavitve tunela IP so sestavljene iz naslova IP in omrežij, ki jih je treba usmeriti preko tega vmesnika. Pri tem ni potreben ali zahtevan noben družabniški naslov soležnika ali naslov vrat. Posebne poti za doseganje strežnika VPN (npr. dodane med uporabo ukaza redirect-gateway) tudi niso potrebne. Program po zaradi tega ob uvozu nastavitev prezrl te nastavitve. Program z API-jem storitve VPN zagotovi, da povezava s strežnikom ni usmerjena preko tunela VPN.\nAPI storitve VPN ne dovoli določanje omrežij, ki se ne smejo usmeriti preko tunela (npr. pot x.x.x.x y.y.y.y net_gateway) in izračuna nabor poti, ki izključijo te poti, da posnema vedenje drugih okolij. Okno dnevnika prikazuje nastavitve API-ja storitve VPN, ko se povezava vzpostavi.\nNeuradno: Android 4.4+ uporablja pravilnik usmerjanja. Uporaba ukazov route/ifconfig ne bo prikazala nameščene poti. Namesto tega uporabite pravilo IP iptables -t mangle -L.</string>
+  <string name="persisttun_summary">Ne preidi v stanje brez povezave VPN, ko se OpenVPN povezuje.</string>
+  <string name="persistent_tun_title">Vztrajni TUN</string>
+  <string name="openvpn_log">Dnevnik OpenVPN</string>
+  <string name="import_config">Uvozi nastavitve OpenVPN</string>
+  <string name="battery_consumption_title">Poraba baterije</string>
+  <string name="baterry_consumption">V mojih osebnih preizkusih so bili glaven vzrok za visoko porabo baterije OpenVPN-a dejavni paketi. Večina strežnikov OpenVPN ima smernico nastavitev, kot je \'ohrani dejavnost 10 60\', ki povzroči, da si odjemalec in strežnik izmenjata dejavne pakete vsakih 10 sekund. &lt;p&gt;Medtem, ko so ti paketi majhni in ne uporabijo veliko prometa, ohranijo mobilno radijsko omrežje dejavno in povečajo porabo energije (glejte tudi &lt;a href=\"http://developer.android.com/training/efficient-downloads/efficient-network-access.html#RadioStateMachine\"&gt;The Radio State Machine | Razvijalci Androida&lt;/a&gt;).&lt;p&gt; Te nastavitve ohranjanja dejavnosti odjemalec ne more spremeniti. Spremeni jo lahko samo sistemski skrbnik OpenVPN-a.&lt;p&gt; Na žalost uporaba ohranjanja dejavnosti večje od 60-ih sekund z UDP-jem lahko povzroči, da nekatera vrata NAT prekinejo povezavo zaradi časovne omejitve nedejavnosti. Uporaba TCP-ja z dolgo časovno omejitvijo ohranjanja dejavnosti deluje, vendar se tuneliranje TCP-ja preko TCP-ja izkaže za zelo neučinkovito ob povezavah z visoko izgubo paketov (glejte &lt;a href=\"http://sites.inka.de/bigred/devel/tcp-tcp.html\"&gt;Why TCP Over TCP Is A Bad Idea&lt;/a&gt;).</string>
+  <string name="faq_tethering">Androidova značilnost deljenja mobilnega interneta (preko omrežja Wi-Fi, USB-ja ali Bluetootha) in API storitve VPN (ki ga uporablja ta program) skupaj ne delujeta. Za več podrobnosti glejte &lt;a href=\"http://code.google.com/p/ics-openvpn/issues/detail?id=34\"&gt;Težavo 34&lt;/a&gt;.</string>
+  <string name="vpn_tethering_title">VPN in deljenje mobilnega interneta</string>
+  <string name="connection_retries">Ponovni poizkusi povezave</string>
+  <string name="reconnection_settings">Nastavitve ponovne povezave</string>
+  <string name="connectretrymessage">Št. sekund čakanja med poizkusi povezave.</string>
+  <string name="connectretrywait">Sekunde med povezavami</string>
+  <string name="minidump_generated">OpenVPN se je nepričakovano sesul. Razmislite o uporabi možnosti pošiljanja mini izpisa v glavnem meniju.</string>
+  <string name="send_minidump">Pošlji mini izpis razvijalcu</string>
+  <string name="send_minidump_summary">Pošlje podatke razhroščevanja o zadnjem sesutju razvijalcu</string>
+  <string name="notifcation_title">OpenVPN - %s</string>
+  <string name="session_ipv4string">%1$s - %2$s</string>
+  <string name="session_ipv6string">%1$s - %3$s, %2$s</string>
+  <string name="state_connecting">Povezovanje</string>
+  <string name="state_wait">Čakanje na odgovor strežnika</string>
+  <string name="state_auth">Overjanje</string>
+  <string name="state_get_config">Dobivanje nastavitev odjemalca</string>
+  <string name="state_assign_ip">Dodeljevanje naslovov IP</string>
+  <string name="state_add_routes">Dodajanje poti</string>
+  <string name="state_connected">Povezan</string>
+  <string name="state_disconnected">Prekini</string>
+  <string name="state_reconnecting">Ponovno povezovanje</string>
+  <string name="state_exiting">Izhod</string>
+  <string name="state_noprocess">Se ne izvaja</string>
+  <string name="state_resolve">Razreševanje imen gostiteljev</string>
+  <string name="state_tcp_connect">Povezovanje (TCP)</string>
+  <string name="state_auth_failed">Overitev je spodletela</string>
+  <string name="state_nonetwork">Čakanje na uporabno omrežje</string>
+  <string name="statusline_bytecount">↓%2$s/s %1$s - ↑%4$s/s %3$s</string>
+  <string name="notifcation_title_notconnect">Ni povezan</string>
+  <string name="start_vpn_title">Povezovanje v VPN %s</string>
+  <string name="start_vpn_ticker">Povezovanje v VPN %s</string>
+  <string name="jelly_keystore_alphanumeric_bug">Nekatere različice Androida 4.1 imajo težave, če ime potrdila shrambe ključev vsebuje posebne znake (presledke, podčrtaje ali pomišljaje). Poizkusite ponovno uvoziti potrdilo brez posebnih znakov.</string>
+  <string name="encryption_cipher">Šifra</string>
+  <string name="packet_auth">Overitev paketov</string>
+  <string name="auth_dialog_title">Vnesite način overitve paketov</string>
+  <string name="built_by">izgradil %s</string>
+  <string name="debug_build">razhroščevalna izgradnja</string>
+  <string name="official_build">uradna izgradnja</string>
+  <string name="make_selection_inline">Kopiraj v profil</string>
+  <string name="crashdump">Izpis sesutja</string>
+  <string name="add">Dodaj</string>
+  <string name="send_config">Pošlji nastavitveno datoteko</string>
+  <string name="complete_dn">Celoten DN</string>
+  <string name="remotetlsnote">Vaše uvožene nastavitve uporabljajo staro OPUŠČENO možnost tls-remote, ki uporablja drugo obliko DN.</string>
+  <string name="rdn">RDN (splošno ime)</string>
+  <string name="rdn_prefix">Predpona RDN</string>
+  <string name="tls_remote_deprecated">tls-remote (OPUŠČENO)</string>
+  <string name="help_translate">Prevajati lahko pomagate z obiskom http://crowdin.net/project/ics-openvpn/invite</string>
+  <string name="prompt">%1$s poizkuša nadzirati %2$s</string>
+  <string name="remote_warning">Z nadaljevanjem dajete programu dovoljenje za popoln nadzor OpenVPN-a za Android in prestrezanje vsega omrežnega prometa. <b>NE sprejmite, razen če zaupate programu.</b> V nasprotnem primeru lahko vaši podatki postanejo tarča zlonamerne programske opreme.</string>
+  <string name="remote_trust">Zaupam temu programu.</string>
+  <string name="no_external_app_allowed">Noben program ne sme uporabiti zunanjega API-ja</string>
+  <string name="allowed_apps">Programi z dovoljenjem: %s</string>
+  <string name="clearappsdialog">Počisti seznam zunanjih programov z dovoljenjem?\nTrenutni seznam:\n\n%s</string>
+  <string name="screenoff_summary">\"Premor VPN-a, ko je zaslon izklopljen in je v 60 s preneseno manj kot 64 kB. Ko je omogočena možnost \"Vztrajni TUN\", bo premor VPN-a odstranil VSO povezljivost naprave. Brez te možnosti naprava ne bo imela povezave VPN/zaščite.</string>
+  <string name="screenoff_title">Premor VPN-a po izk. zas.</string>
+  <string name="screenoff_pause">Premor povezave v stanju izklopljenega zaslona: manj kot %1$s v %2$s s</string>
+  <string name="screen_nopersistenttun">Opozorilo: Vztrajni TUN za ta VPN ni mogočen. Promet bo uporabil običajno internetno povezavo, ko je zaslon izklopljen.</string>
+  <string name="save_password">Shrani geslo</string>
+  <string name="pauseVPN">Premor VPN-a</string>
+  <string name="resumevpn">Obnovi VPN</string>
+  <string name="state_userpause">Premor VPN-a je zahteval uporabnik</string>
+  <string name="state_screenoff">Premor VPN-a - zaslon izklopljen</string>
+  <string name="device_specific">Prilagoditve za naprave</string>
+  <string name="cannotparsecert">Podatkov potrdila ni mogoče prikazati</string>
+  <string name="appbehaviour">Vedenje programa</string>
+  <string name="vpnbehaviour">Vedenje VPN-a</string>
+  <string name="allow_vpn_changes">Dovoli spremembe profilov VPN</string>
+  <string name="hwkeychain">Strojna shramba ključev:</string>
+  <string name="permission_icon_app">Ikona programa poizkuša uporabiti OpenVPN za Android</string>
+  <string name="faq_vpndialog43">\"Z začetkom v Androidu 4.3 je potrditev VPN zaščitena proti \"prekrivajočimi programi\". To povzroči, da se pogovorna okna ne odzovejo na vnos z dotikom. Če imate program, ki uporablja prekrivanja, lahko povzroči to vedenje. Če najdete tak program, navežite stik z avtorjem programa. Ta težava vpliva na vse programe VPN na Androidu 4.3 ali kasnejših. Za dodatne podrobnosti glejte tudi &lt;a href=\"http://code.google.com/p/ics-openvpn/issues/detail?id=185\"&gt;Težavo 185&lt;a&gt;\".</string>
+  <string name="faq_vpndialog43_title">Potrditev pogovornega okna VPN</string>
+  <string name="donatePlayStore">Lahko pa mi darujete s trgovino Play:</string>
+  <string name="thanks_for_donation">Hvala, da ste darovali %s!</string>
+  <string name="logCleared">Dnevnik počiščen.</string>
+  <string name="show_password">Prikaži geslo</string>
+  <string name="keyChainAccessError">Napaka dostopa do verige ključev: %s</string>
+  <string name="timestamp_short">Kratko</string>
+  <string name="timestamp_iso">ISO</string>
+  <string name="timestamps">Časovni žigi</string>
+  <string name="timestamps_none">Brez</string>
+  <string name="uploaded_data">Pošlji</string>
+  <string name="downloaded_data">Prejmi</string>
+  <string name="vpn_status">Stanje VPN-a</string>
+  <string name="logview_options">Možnosti pogleda</string>
+  <string name="unhandled_exception">Neobravnavana izjema: %1$s\n\n%2$s</string>
+  <string name="unhandled_exception_context">%3$s: %1$s\n\n%2$s</string>
+  <string name="faq_system_dialog_xposed">Če imate na svoji napravi skrbniški dostop, lahko na svojo odgovornost namestite &lt;a href=\"http://xposed.info/\"&gt;ogrodje Xposed&lt;/a&gt; in &lt;a href=\"http://repo.xposed.info/module/de.blinkt.vpndialogxposed\"&gt;Modul za potrditev pog. okna VPN&lt;/a&gt;.</string>
+  <string name="full_licenses">Polna dovoljenja</string>
+  <string name="blocklocal_summary">Omrežja, ki so neposredno povezana s krajevnimi vmesniki, ne bodo usmerjena preko VPN-a. Odstranitev izbire te možnosti bo preusmerila ves promet namenjen krajevnim omrežjem v VPN.</string>
+  <string name="blocklocal_title">Zaobidi VPN za kraj. omr.</string>
+  <string name="userpw_file">Datoteka uporabniškega imena/gesla</string>
+  <string name="imported_from_file">[Uvoženo iz: %s]</string>
+  <string name="files_missing_hint">Nekaterih datotek ni bilo mogoče najti. Izberite datoteke za uvoz profila:</string>
+  <string name="openvpn_is_no_free_vpn">Za uporabo tega programa potrebujete ponudnika VPN/vrata VPN, ki podpira OpenVPN (pogosto jih dobavi vaš delodajalec). Za več podatkov o OpenVPN-u in kako nastaviti svoj lasten strežnik OpenVPN preverite http://community.openvpn.net/.</string>
+  <string name="import_log">Dnevnik uvoza:</string>
+  <string name="ip_looks_like_subnet">Topologija VPN-a \"%3$s\" je določena, vendar je ifconfig %1$s %2$s videti bolj kot naslov IP z masko omrežja. Uporaba topologije \"podomrežja\".</string>
+  <string name="mssfix_invalid_value">Vrednost preglasitve MSS mora biti celo število med 0 in 9000.</string>
+  <string name="mssfix_value_dialog">Najavi sejam TCP, ki se izvajajo preko tunela, da morajo omejiti velikosti svojih paketov, tako da ko jih je OpenVPN zaobjel, nastala velikost paketov UDP, ki jo OpenVPN pošlje svojemu soležniku, ne bo presegla tega števila bajtov (privzeto je 1450).</string>
+  <string name="mssfix_checkbox">Preglasi vrednost MSS vsebine TCP</string>
+  <string name="mssfix_dialogtitle">Nastavi MSS vsebine TCP</string>
+  <string name="client_behaviour">Vedenje odjemalca</string>
+  <string name="clear_external_apps">Počisti zun. prog. z dov.</string>
+  <string name="loading">Nalaganje &#8230;</string>
+  <string name="allowed_vpn_apps_info">Programi VPN z dovoljenjem: %1$s</string>
+  <string name="disallowed_vpn_apps_info">Programi VPN brez dovoljenja: %1$s</string>
+  <string name="app_no_longer_exists">Paket %s ni več nameščen, odstranjevanje paketa s seznama programov z/brez dovoljenja.</string>
+  <string name="vpn_disallow_radio">VPN se uporablja za vse programe, vendar izključi izbrane</string>
+  <string name="vpn_allow_radio">VPN se uporablja samo za izbrane programe</string>
+  <string name="query_delete_remote">Odstrani vnos oddaljenega strežnika?</string>
+  <string name="keep">Ohrani</string>
+  <string name="delete">Izbriši</string>
+  <string name="add_remote">Dodaj nov oddaljeni strežnik</string>
+  <string name="remote_random">Uporabi vnose povezave v naključnem vrstnem redu ob povezavi</string>
+  <string name="remote_no_server_selected">Določiti in omogočiti morate vsaj en oddaljeni strežnik.</string>
+  <string name="server_list">Seznam strežnikov</string>
+  <string name="vpn_allowed_apps">Programi z dovoljenjem</string>
+  <string name="advanced_settings">Napredne nastavitve</string>
+  <string name="payload_options">Možnosti vsebine</string>
+  <string name="tls_settings">Nastavitve TLS</string>
+  <string name="no_remote_defined">Noben oddaljeni strežnik ni določen</string>
+  <string name="duplicate_vpn">Podvojeni profil VPN</string>
+  <string name="duplicate_profile_title">Podvajanje profila: %s</string>
+  <string name="show_log">Prikaži dnevnik</string>
+  <string name="faq_android_clients">Obstaja več odjemalcev OpenVPN za Android. Najbolj pogosti so OpenVPN za Andorid (ta odjemalec), OpenVPN Connect in OpenVPN Settings.&lt;p&gt;Odjemalce lahko združite v dve skupini: OpenVPN za Android in OpenVPN Connect uporabljata uraden API storitve VPN (Android 4.0+) in ne zahtevata skrbniškega dostopa, in OpenVPN Settings, ki ga zahteva.&lt;p&gt; OpenVPN za Android je odprtokodni odjemalec, ki ga razvija Arne Schwabe. Cilja na bolj napredene uporabnike, in ponuja veliko nastavitev, zmožnost uvoza profilov iz datotek in nastavitev/spreminjanje profilov v programu. Odjemalec temelji na skupnostni različici OpenVPN-a in na izvorni kodi OpenVPN 2.x. Tega odjemalca je mogoče razumeti kot poluradnega odjemalca skupnosti. &lt;p&gt;OpenVPN Connect ni odprtokodni odjemalec in ga razvija OpenVPN Technologies, Inc. Namenjen je za splošno uporabo, cilja na povprečnega uporabnika in omogoča uvoz profilov OpenVPN. Temelji na ponovni izvedbi C++ OpenVPN protokola OpenVPN (to je bilo zahtevano, da je OpenVPN Technologies, Inc lahko izdal program OpenVPN za iOS). Je uradni odjemalec podjetja OpenVPN Technologies. &lt;p&gt; OpenVPN Settings je najstarejši od teh in tudi uporabniški vmesnik za odprtokodni OpenVPN. V nasprotju z OpenVPN-om za Android zahteva skrbniški dostop in ne uporablja API-ja storitve VPN. Ni odvisen od Androida 4.0+.</string>
+  <string name="faq_androids_clients_title">Razlike med Androidovimi odjemalci OpenVPN</string>
+  <string name="ignore_multicast_route">Preziranje poti večsmernega oddajanja: %s</string>
+  <string name="ab_only_cidr">Android podpira samo poti CIDR v VPN. Ker se druge poti skoraj nikoli ne uporabljajo, bo OpenVPN za Android za te poti uporabil /32 in izdal opozorilo.</string>
+  <string name="ab_tethering_44">Deljenje mobilnega interneta deluje, ko je VPN dejaven. Deljena povezava NE bo uporabila VPN-a.</string>
+  <string name="ab_kitkat_mss">Zgodnja različica KitKata je nastavila napačno vrednost MSS ob povezavah TCP (#61948). OpenVPN bo samodejno omogočil možnost mssfix, da zaobide ta hrošč.</string>
+  <string name="ab_proxy">Android bo še naprej uporabljal nastavitve posredniškega strežnika, ki so določene za mobilno povezavo/Wi-Fi, ko ni nastavljenih strežnikov DNS. OpenVPN za Android vas bo o tem opozoril v dnevniku.<p>Ko VPN nastavi strežnik DNS, Android ne bo uporabil posredniškega strežnika. API, ki nastavi posredniški strežnik za povezavo VPN, ne obstaja.</p></string>
+  <string name="ab_lollipop_reinstall">Programi VPN lahko prenehajo delovati, ko se jih odstrani in ponovno namesti. Za podrobnosti glejte #80074.</string>
+  <string name="ab_not_route_to_vpn">IP nastavljenega odjemalca in IP-ji v njegovi maski omrežja se ne usmerijo v VPN. OpenVPN zaobide tega hrošča z izrecnim dodajanjem poti, ki ustreza IP-ju odjemalca in njegovi maski omrežja.</string>
+  <string name="ab_persist_tun">Odpiranje naprave TUN, ko je dejavna druga naprava, kar se uporablja za podporo vztrajnega TUN-a, sesuje storitve VPN na napravi. Za ponovno delovanje VPN-a je zahtevan ponovni zagon. OpenVPN za Android bo poizkusil ponovno odpreti napravo TUN in če je zelo potrebno, pred tem zaprl trenutni TUN, da se izogne sesutju. To lahko privede do kratkega postanka, kjer se paketi pošljejo preko običajne povezave. Tudi pri tem zaobidenju se storitve VPN včasih sesujejo in je zahtevan ponovni zagon naprave.</string>
+  <string name="ab_secondary_users">VPN sploh ne deluje za sekundarne uporabnike.</string>
+  <string name="ab_kitkat_reconnect">"Več uporabnikov poroča, da se ob uporabi programa VPN mobilna povezava/podatki pogosto prekinejo. Videti je, da se to nanaša samo na nekatere kombinacije mobilnih ponudnikov/naprav in do sedaj za ta hrošč še ni bilo odkritega vzroka/zaobidenja."</string>
+  <string name="ab_vpn_reachability_44">Preko VPN-a so dosegljivi samo cilji, ki so dosegljivi tudi brez njega. VPN-i IPv6 sploh ne delujejo.</string>
+  <string name="ab_only_cidr_title">Poti brez načina CIDR</string>
+  <string name="ab_proxy_title">Vedenje posredniškega strežnika za VPN-e</string>
+  <string name="ab_lollipop_reinstall_title">Ponovno nameščenje programov VPN</string>
+  <string name="version_upto">%s in prejšnji</string>
+  <string name="copy_of_profile">Kopija %s</string>
+  <string name="ab_not_route_to_vpn_title">Pot do nastavljenega naslova IP</string>
+  <string name="ab_kitkat_mss_title">Napačna vrednost MSS za povezavo VPN</string>
+  <string name="ab_secondary_users_title">Sekundarni uporabniki tabilc</string>
+  <string name="custom_connection_options_warng">Določite možnosti za povezave po meri. Uporabljajte previdno.</string>
+  <string name="custom_connection_options">Možnosti po meri</string>
+  <string name="remove_connection_entry">Odstrani vnos povezave</string>
+  <string name="ab_kitkat_reconnect_title">Naključne prekinitve mobilnega omrežja</string>
+  <string name="ab_vpn_reachability_44_title">Oddaljena omrežja niso dosegljiva</string>
+  <string name="ab_persist_tun_title">Vztrajaj v načinu TUN</string>
+  <string name="version_and_later">%s in kasnejši</string>
+  <string name="tls_cipher_alert_title">Povezava je spodletela z opozorilom izmenjave signalov SSL23_GET_SERVER_HELLO:sslv3</string>
+  <string name="tls_cipher_alert">Novejše različice OpenVPN-a za Android (0.6.29/marec 2015) uporabljajo bolj varne privzete vrednosti za dovoljene šifrirne pakete (tls-cipher \"DEFAULT:!EXP:!PSK:!SRP:!kRSA\"). Na žalost izpuščanje manj varnih šifrirnih paketov in šifrirnih paketov za izvoz, posebno izpuščanje šifrirnih paketov, ki ne podpirajo vnaprejšnje varnosti (Diffie-Hellman), povzroča težave. To običajno povzroči dobronamerni vendar slabo izvedeni poizkus ojačanja varnosti TLS-a z nastavljanjem možnosti tls-cipher na strežniku ali vstavljenih OS-ih z okrnjenim SSL-om (npr. MikroTik).\nZa razrešitev te težave na strežniku nastavite možnosti tls-cipher na razumljive privzete vrednosti, kot je tls-cipher \"DEFAULT:!EXP:!PSK:!SRP:!kRSA\". Za zaobidenje te težave na odjemalcu dodajte možnost po meri tls-cipher DEFAULT na odjemalcu Android.</string>
+  <string name="message_no_user_edit">Ta profil je bil dodan iz zunanjega programa (%s) in je bil označen kot uporabniško neuredljiv.</string>
+  <string name="crl_file">Seznam preklicanih potrdil</string>
+  <string name="service_restarted">Ponovno zaganjanje storitve OpenVPN (program se je verjetno sesul ali je bil uničen zaradi pomanjkanja pomnilnika)</string>
+  <string name="import_config_error">Pri uvozu nastavitev je prišlo do napake, nastavitev ni mogoče shraniti</string>
+  <string name="Search">Išči</string>
+  <string name="lastdumpdate">(zadnji izpis je star %1$d:%2$d ur (%3$s))</string>
+  <string name="clear_log_on_connect">Počisti dnevnik ob novi povezavi</string>
+  <string name="connect_timeout">Časovna omejitev povezave</string>
+  <string name="no_allowed_app">Noben program z dovoljenjem ni bil dodan. Samodejno dodajanje (%s), da se na seznamu programov z dovoljenjem nahaja vsaj en program, da ostali ne dobijo dovoljenja.</string>
+  <string name="query_permissions_sdcard">OpenVPN za Android lahko samodejno poizkusi odkriti manjkajoče datoteke na kartici SD. Tapnite na to sporočilo, da zahtevate dovoljenje.</string>
+  <string name="protocol">Protokol</string>
+  <string name="enabled_connection_entry">Omogočeno</string>
+  <string name="abi_mismatch">Prednostna izvirna predhodnost ABI (%1$s) in ABI, ki ga sporočajo izvirne knjižnice (%2$s), se ne ujemata.</string>
+  <string name="months_left">Preostalih še %d mesecev</string>
+  <string name="days_left">Preostalih še %d dni</string>
+  <string name="hours_left">Preostalih še %d ur</string>
+</resources>
diff --git a/app/src/main/res/values-v21/refs.xml b/app/src/main/res/values-v21/refs.xml
index eb9c587c..510f128b 100644
--- a/app/src/main/res/values-v21/refs.xml
+++ b/app/src/main/res/values-v21/refs.xml
@@ -6,6 +6,8 @@
 
 <resources>
     <drawable name="ic_menu_close_clear_cancel">@drawable/ic_close_white_24dp</drawable>
+    <drawable name="ic_menu_play">@drawable/ic_play_arrow_white_24dp</drawable>
+    <drawable name="ic_menu_pause">@drawable/ic_pause_white_24dp</drawable>
     <drawable name="ic_menu_share">@drawable/ic_share_white_24dp </drawable>
     <drawable name="ic_menu_save">@drawable/ic_check_white_24dp</drawable>
     <drawable name="ic_menu_view">@drawable/ic_filter_list_white_24dp</drawable>
diff --git a/ics-openvpn b/ics-openvpn
index d0884e10..ad414d7a 160000
--- a/ics-openvpn
+++ b/ics-openvpn
@@ -1 +1 @@
-Subproject commit d0884e1053fcf0c062b1df7738166abd7f90d3c2
+Subproject commit ad414d7aacadb9db2453c30eeaba13b894708b73
-- 
cgit v1.2.3


From 7b03a7275e37c0153852d60247dd1b045f0a3acf Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Parm=C3=A9nides=20GV?= <parmegv@sdf.org>
Date: Sun, 7 Feb 2016 10:59:43 +0100
Subject: Update README to reflect last versions of Android tools

---
 README.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index 913a70c7..d7b4e4ea 100644
--- a/README.md
+++ b/README.md
@@ -13,8 +13,8 @@ report any bugs or feature requests and to see the list of known issues.
 
 Install from developer.android.com:
 
-* Android SDK, API 17: http://developer.android.com/sdk/index.html
-* Android NDK, r9d: http://developer.android.com/tools/sdk/ndk/index.html
+* Android SDK, API 23: http://developer.android.com/sdk/index.html
+* Android NDK, r10e: http://developer.android.com/tools/sdk/ndk/index.html
 
 Make sure add the necessary android tools to your bin path. For example, assuming you installed
 the SDK and NDK to `~/dev` on a linux machine, you would add this to your path:
@@ -25,7 +25,7 @@ the SDK and NDK to `~/dev` on a linux machine, you would add this to your path:
 
 Installable via `android` command (SDK Manager):
 
-* Android SDK Build-tools, 19.0.3
+* Android SDK Build-tools, 23.0.2
 * Android Support Repository, 4+
 
 Finally, install a java compiler. For example:
-- 
cgit v1.2.3


From 93aca53eae03b4b31877e97991d61bdc11a2db44 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Parm=C3=A9nides=20GV?= <parmegv@sdf.org>
Date: Sun, 7 Feb 2016 11:04:21 +0100
Subject: Typo in README, ndk version in PATH addition

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index d7b4e4ea..7fe5d630 100644
--- a/README.md
+++ b/README.md
@@ -21,7 +21,7 @@ the SDK and NDK to `~/dev` on a linux machine, you would add this to your path:
 
     ~/dev/android-sdk-linux/tools
     ~/dev/android-sdk-linux/platform-tools
-    ~/dev/android-ndk-r9d
+    ~/dev/android-ndk-r10e/
 
 Installable via `android` command (SDK Manager):
 
-- 
cgit v1.2.3


From 3a409ed35f0f26644d99b8704801103de8783864 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Parm=C3=A9nides=20GV?= <parmegv@sdf.org>
Date: Sat, 2 Apr 2016 12:40:10 +0200
Subject: Update ics-openvpn

---
 app/src/main/java/de/blinkt/openvpn/LaunchVPN.java | 280 ++++++------
 .../main/java/de/blinkt/openvpn/VpnProfile.java    | 159 +++----
 .../blinkt/openvpn/activities/DisconnectVPN.java   |   2 +-
 .../java/de/blinkt/openvpn/core/ConfigParser.java  |  28 +-
 .../de/blinkt/openvpn/core/LogFileHandler.java     |  62 ++-
 .../de/blinkt/openvpn/core/OpenVPNManagement.java  |  14 +-
 .../de/blinkt/openvpn/core/OpenVPNService.java     | 139 +++---
 .../java/de/blinkt/openvpn/core/OpenVPNThread.java | 255 +++++------
 .../openvpn/core/OpenVpnManagementThread.java      |  10 +-
 .../de/blinkt/openvpn/core/VPNLaunchHelper.java    |  20 +-
 .../java/de/blinkt/openvpn/core/VpnStatus.java     |  24 +-
 .../de/blinkt/openvpn/fragments/LogFragment.java   |  55 ++-
 app/src/main/res/menu/logmenu.xml                  |   3 +-
 app/src/main/res/values-ca/strings-icsopenvpn.xml  |   2 +-
 app/src/main/res/values-cs/strings-icsopenvpn.xml  |   2 +-
 app/src/main/res/values-de/strings-icsopenvpn.xml  | 436 +++++++++----------
 app/src/main/res/values-es/strings-icsopenvpn.xml  |   2 +-
 app/src/main/res/values-et/strings-icsopenvpn.xml  |   2 +-
 app/src/main/res/values-fr/strings-icsopenvpn.xml  |   4 +-
 app/src/main/res/values-hu/strings-icsopenvpn.xml  |   2 +-
 app/src/main/res/values-in/strings-icsopenvpn.xml  |   7 +-
 app/src/main/res/values-it/strings-icsopenvpn.xml  |   2 +-
 app/src/main/res/values-ja/strings-icsopenvpn.xml  |  33 +-
 app/src/main/res/values-ko/strings-icsopenvpn.xml  |  33 +-
 app/src/main/res/values-nl/strings-icsopenvpn.xml  |   2 +-
 app/src/main/res/values-no/strings-icsopenvpn.xml  |   2 +-
 app/src/main/res/values-pl/strings-icsopenvpn.xml  |   2 +-
 app/src/main/res/values-pt/strings-icsopenvpn.xml  |   2 +-
 app/src/main/res/values-ro/strings-icsopenvpn.xml  |   2 +-
 app/src/main/res/values-ru/strings-icsopenvpn.xml  |  18 +-
 app/src/main/res/values-sl/strings-icsopenvpn.xml  |   8 +-
 app/src/main/res/values-sv/strings-icsopenvpn.xml  |  56 ++-
 app/src/main/res/values-tr/strings-icsopenvpn.xml  | 471 +++++++++++----------
 app/src/main/res/values-uk/strings-icsopenvpn.xml  |   2 +-
 app/src/main/res/values-v21/refs.xml               |  18 +-
 app/src/main/res/values-v21/styles.xml             |   1 +
 app/src/main/res/values-vi/strings-icsopenvpn.xml  |   2 +-
 .../main/res/values-zh-rCN/strings-icsopenvpn.xml  |   2 +-
 .../main/res/values-zh-rTW/strings-icsopenvpn.xml  |   2 +-
 app/src/main/res/values/refs.xml                   |  14 +-
 app/src/main/res/values/strings-icsopenvpn.xml     |  13 +-
 app/src/main/res/values/styles.xml                 |   6 +
 ics-openvpn                                        |   2 +-
 43 files changed, 1219 insertions(+), 982 deletions(-)

diff --git a/app/src/main/java/de/blinkt/openvpn/LaunchVPN.java b/app/src/main/java/de/blinkt/openvpn/LaunchVPN.java
index 721e8991..16f986ae 100644
--- a/app/src/main/java/de/blinkt/openvpn/LaunchVPN.java
+++ b/app/src/main/java/de/blinkt/openvpn/LaunchVPN.java
@@ -20,7 +20,6 @@ import android.preference.PreferenceManager;
 import android.text.InputType;
 import android.text.TextUtils;
 import android.text.method.PasswordTransformationMethod;
-import android.util.Log;
 import android.view.View;
 import android.widget.CheckBox;
 import android.widget.CompoundButton;
@@ -36,202 +35,179 @@ import de.blinkt.openvpn.core.VpnStatus.ConnectionStatus;
 
 /**
  * This Activity actually handles two stages of a launcher shortcut's life cycle.
- * 
+ * <p/>
  * 1. Your application offers to provide shortcuts to the launcher.  When
- *    the user installs a shortcut, an activity within your application
- *    generates the actual shortcut and returns it to the launcher, where it
- *    is shown to the user as an icon.
- *
+ * the user installs a shortcut, an activity within your application
+ * generates the actual shortcut and returns it to the launcher, where it
+ * is shown to the user as an icon.
+ * <p/>
  * 2. Any time the user clicks on an installed shortcut, an intent is sent.
- *    Typically this would then be handled as necessary by an activity within
- *    your application.
- *    
+ * Typically this would then be handled as necessary by an activity within
+ * your application.
+ * <p/>
  * We handle stage 1 (creating a shortcut) by simply sending back the information (in the form
  * of an {@link android.content.Intent} that the launcher will use to create the shortcut.
- * 
+ * <p/>
  * You can also implement this in an interactive way, by having your activity actually present
  * UI for the user to select the specific nature of the shortcut, such as a contact, picture, URL,
  * media item, or action.
- * 
+ * <p/>
  * We handle stage 2 (responding to a shortcut) in this sample by simply displaying the contents
  * of the incoming {@link android.content.Intent}.
- * 
+ * <p/>
  * In a real application, you would probably use the shortcut intent to display specific content
  * or start a particular operation.
  */
 public class LaunchVPN extends Activity {
 
-	public static final String EXTRA_KEY = "de.blinkt.openvpn.shortcutProfileUUID";
-	public static final String EXTRA_NAME = "de.blinkt.openvpn.shortcutProfileName";
-	public static final String EXTRA_HIDELOG =  "de.blinkt.openvpn.showNoLogWindow";
-	public static final String CLEARLOG = "clearlogconnect";
+    public static final String EXTRA_KEY = "de.blinkt.openvpn.shortcutProfileUUID";
+    public static final String EXTRA_NAME = "de.blinkt.openvpn.shortcutProfileName";
+    public static final String EXTRA_HIDELOG = "de.blinkt.openvpn.showNoLogWindow";
+    public static final String CLEARLOG = "clearlogconnect";
 
 
-	private static final int START_VPN_PROFILE= 70;
+    private static final int START_VPN_PROFILE = 70;
 
 
-	private ProfileManager mPM;
-	private VpnProfile mSelectedProfile;
-	private boolean mhideLog=false;
+    private VpnProfile mSelectedProfile;
+    private boolean mhideLog = false;
 
-	private boolean mCmfixed=false;
+    private boolean mCmfixed = false;
 
-	@Override
-	public void onCreate(Bundle icicle) {
-		super.onCreate(icicle);
+    @Override
+    public void onCreate(Bundle icicle) {
+        super.onCreate(icicle);
 
-		mPM =ProfileManager.getInstance(this);
+        startVpnFromIntent();
+    }
 
-	}	
+    protected void startVpnFromIntent() {
+        // Resolve the intent
 
-	@Override
-	protected void onStart() {
-		super.onStart();
-		// Resolve the intent
+        final Intent intent = getIntent();
+        final String action = intent.getAction();
 
-		final Intent intent = getIntent();
-		final String action = intent.getAction();
+        // If the intent is a request to create a shortcut, we'll do that and exit
 
-		// If the intent is a request to create a shortcut, we'll do that and exit
 
+        if (Intent.ACTION_MAIN.equals(action)) {
+            // Check if we need to clear the log
+            if (PreferenceManager.getDefaultSharedPreferences(this).getBoolean(CLEARLOG, true))
+                VpnStatus.clearLog();
 
-		if(Intent.ACTION_MAIN.equals(action)) {
-			// Check if we need to clear the log
-			if (PreferenceManager.getDefaultSharedPreferences(this).getBoolean(CLEARLOG, true))
-				VpnStatus.clearLog();
+            // we got called to be the starting point, most likely a shortcut
+            String shortcutUUID = intent.getStringExtra(EXTRA_KEY);
+            String shortcutName = intent.getStringExtra(EXTRA_NAME);
+            mhideLog = intent.getBooleanExtra(EXTRA_HIDELOG, false);
 
-			// we got called to be the starting point, most likely a shortcut
-			String shortcutUUID = intent.getStringExtra( EXTRA_KEY);
-			String shortcutName = intent.getStringExtra( EXTRA_NAME);
-			mhideLog = intent.getBooleanExtra(EXTRA_HIDELOG, false);
+            VpnProfile profileToConnect = ProfileManager.get(this, shortcutUUID);
+            if (shortcutName != null && profileToConnect == null)
+                profileToConnect = ProfileManager.getInstance(this).getProfileByName(shortcutName);
 
-			VpnProfile profileToConnect = ProfileManager.get(this,shortcutUUID);
-			if(shortcutName != null && profileToConnect ==null)
-				profileToConnect = ProfileManager.getInstance(this).getProfileByName(shortcutName);
+            if (profileToConnect == null) {
+                VpnStatus.logError(R.string.shortcut_profile_notfound);
+                // show Log window to display error
+                showLogWindow();
+                finish();
+            } else {
+                mSelectedProfile = profileToConnect;
+                launchVPN();
+            }
+        }
+    }
 
-			if(profileToConnect ==null) {
-				VpnStatus.logError(R.string.shortcut_profile_notfound);
-				// show Log window to display error
-				showLogWindow();
-				finish();
-				return;
-			}
+    @Override
+    protected void onActivityResult (int requestCode, int resultCode, Intent data) {
+	super.onActivityResult(requestCode, resultCode, data);
 
-			mSelectedProfile = profileToConnect;
-			launchVPN();
+	if(requestCode==START_VPN_PROFILE) {
+	    SharedPreferences prefs = PreferenceManager.getDefaultSharedPreferences(this);
+	    boolean showLogWindow = prefs.getBoolean("showlogwindow", true);
 
-		}
-	}
-
-	@Override
-	protected void onActivityResult (int requestCode, int resultCode, Intent data) {
-		super.onActivityResult(requestCode, resultCode, data);
-
-		if(requestCode==START_VPN_PROFILE) {
-		    if(resultCode == Activity.RESULT_OK) {
-			SharedPreferences prefs = PreferenceManager.getDefaultSharedPreferences(this);        
-			boolean showLogWindow = prefs.getBoolean("showlogwindow", true);
-
-			if(!mhideLog && showLogWindow)
-			    showLogWindow();
-			new startOpenVpnThread().start();
-		    } else if (resultCode == Activity.RESULT_CANCELED) {
-			// User does not want us to start, so we just vanish
-			VpnStatus.updateStateString("USER_VPN_PERMISSION_CANCELLED", "", R.string.state_user_vpn_permission_cancelled,
-						    ConnectionStatus.LEVEL_NOTCONNECTED);
-
-			finish();
-		    }
-		}
-	}
+	    if(!mhideLog && showLogWindow)
+		showLogWindow();
 
-	void showLogWindow() {
-
-		Intent startLW = new Intent(getBaseContext(),LogWindow.class);
-		startLW.addFlags(Intent.FLAG_ACTIVITY_REORDER_TO_FRONT);
-		startActivity(startLW);
+	    VPNLaunchHelper.startOpenVpn(mSelectedProfile, getBaseContext());
+	    finish();
+	} else if (resultCode == Activity.RESULT_CANCELED) {
+	    // User does not want us to start, so we just vanish
+	    VpnStatus.updateStateString("USER_VPN_PERMISSION_CANCELLED", "", R.string.state_user_vpn_permission_cancelled,
+					ConnectionStatus.LEVEL_NOTCONNECTED);
 
+	    finish();
 	}
+    }
 
-	void showConfigErrorDialog(int vpnok) {
-		AlertDialog.Builder d = new AlertDialog.Builder(this);
-		d.setTitle(R.string.config_error_found);
-		d.setMessage(vpnok);
-		d.setPositiveButton(android.R.string.ok, new OnClickListener() {
+    void showLogWindow() {
 
-			@Override
-			public void onClick(DialogInterface dialog, int which) {
-				finish();
+        Intent startLW = new Intent(getBaseContext(), LogWindow.class);
+        startLW.addFlags(Intent.FLAG_ACTIVITY_REORDER_TO_FRONT);
+        startActivity(startLW);
 
-			}
-		});
-		d.show();
-	}
+    }
 
-	void launchVPN () {
-		int vpnok = mSelectedProfile.checkProfile(this);
-		if(vpnok!= R.string.no_error_found) {
-			showConfigErrorDialog(vpnok);
-			return;
-		}
+    void showConfigErrorDialog(int vpnok) {
+        AlertDialog.Builder d = new AlertDialog.Builder(this);
+        d.setTitle(R.string.config_error_found);
+        d.setMessage(vpnok);
+        d.setPositiveButton(android.R.string.ok, new OnClickListener() {
 
-		Intent intent = VpnService.prepare(this);
-		// Check if we want to fix /dev/tun
-		SharedPreferences prefs = PreferenceManager.getDefaultSharedPreferences(this);        
-		boolean usecm9fix = prefs.getBoolean("useCM9Fix", false);
-		boolean loadTunModule = prefs.getBoolean("loadTunModule", false);
+            @Override
+            public void onClick(DialogInterface dialog, int which) {
+                finish();
 
-		if(loadTunModule)
-			execeuteSUcmd("insmod /system/lib/modules/tun.ko");
+            }
+        });
+        d.show();
+    }
 
-		if(usecm9fix && !mCmfixed ) {
-			execeuteSUcmd("chown system /dev/tun");
-		}
+    void launchVPN() {
+        int vpnok = mSelectedProfile.checkProfile(this);
+        if (vpnok != R.string.no_error_found) {
+            showConfigErrorDialog(vpnok);
+            return;
+        }
 
+        Intent intent = VpnService.prepare(this);
+        // Check if we want to fix /dev/tun
+        SharedPreferences prefs = PreferenceManager.getDefaultSharedPreferences(this);
+        boolean usecm9fix = prefs.getBoolean("useCM9Fix", false);
+        boolean loadTunModule = prefs.getBoolean("loadTunModule", false);
 
-		if (intent != null) {
-			VpnStatus.updateStateString("USER_VPN_PERMISSION", "", R.string.state_user_vpn_permission,
-                    ConnectionStatus.LEVEL_WAITING_FOR_USER_INPUT);
-			// Start the query
-			try {
-				startActivityForResult(intent, START_VPN_PROFILE);
-			} catch (ActivityNotFoundException ane) {
-				// Shame on you Sony! At least one user reported that 
-				// an official Sony Xperia Arc S image triggers this exception
-				VpnStatus.logError(R.string.no_vpn_support_image);
-				showLogWindow();
-			}
-		} else {
-			onActivityResult(START_VPN_PROFILE, Activity.RESULT_OK, null);
-		}
-
-	}
+        if (loadTunModule)
+            execeuteSUcmd("insmod /system/lib/modules/tun.ko");
 
-	private void execeuteSUcmd(String command) {
-		ProcessBuilder pb = new ProcessBuilder("su","-c",command);
-		try {
-			Process p = pb.start();
-			int ret = p.waitFor();
-			if(ret ==0)
-				mCmfixed=true;
-		} catch (InterruptedException e) {
-            VpnStatus.logException("SU command", e);
+        if (usecm9fix && !mCmfixed) {
+            execeuteSUcmd("chown system /dev/tun");
+        }
 
-		} catch (IOException e) {
+        if (intent != null) {
+            VpnStatus.updateStateString("USER_VPN_PERMISSION", "", R.string.state_user_vpn_permission,
+                    ConnectionStatus.LEVEL_WAITING_FOR_USER_INPUT);
+            // Start the query
+            try {
+                startActivityForResult(intent, START_VPN_PROFILE);
+            } catch (ActivityNotFoundException ane) {
+                // Shame on you Sony! At least one user reported that
+                // an official Sony Xperia Arc S image triggers this exception
+                VpnStatus.logError(R.string.no_vpn_support_image);
+                showLogWindow();
+            }
+        } else {
+            onActivityResult(START_VPN_PROFILE, Activity.RESULT_OK, null);
+        }
+
+    }
+
+    private void execeuteSUcmd(String command) {
+        try {
+            ProcessBuilder pb = new ProcessBuilder("su", "-c", command);
+            Process p = pb.start();
+            int ret = p.waitFor();
+            if (ret == 0)
+                mCmfixed = true;
+        } catch (InterruptedException | IOException e) {
             VpnStatus.logException("SU command", e);
-		}
-	}
-
-	private class startOpenVpnThread extends Thread {
-
-		@Override
-		public void run() {
-			VPNLaunchHelper.startOpenVpn(mSelectedProfile, getBaseContext());
-			finish();
-
-		}
-
-	}
-
-
+        }
+    }
 }
diff --git a/app/src/main/java/de/blinkt/openvpn/VpnProfile.java b/app/src/main/java/de/blinkt/openvpn/VpnProfile.java
index dbe4b440..38d76f68 100644
--- a/app/src/main/java/de/blinkt/openvpn/VpnProfile.java
+++ b/app/src/main/java/de/blinkt/openvpn/VpnProfile.java
@@ -64,7 +64,7 @@ public class VpnProfile implements Serializable, Cloneable {
     // The Serializable documentation mentions that class name change are possible
     // but the how is unclear
     //
-    transient public static final long MAX_EMBED_FILE_SIZE = 2048*1024; // 2048kB
+    transient public static final long MAX_EMBED_FILE_SIZE = 2048 * 1024; // 2048kB
     // Don't change this, not all parts of the program use this constant
     public static final String EXTRA_PROFILEUUID = "de.blinkt.openvpn.profileUUID";
     public static final String INLINE_TAG = "[[INLINE]]";
@@ -150,18 +150,23 @@ public class VpnProfile implements Serializable, Cloneable {
     private int mProfileVersion;
     public String mExcludedRoutes;
     public String mExcludedRoutesv6;
-    public int mMssFix =0; // -1 is default,
+    public int mMssFix = 0; // -1 is default,
     public Connection[] mConnections = new Connection[0];
-    public boolean mRemoteRandom=false;
+    public boolean mRemoteRandom = false;
     public HashSet<String> mAllowedAppsVpn = new HashSet<>();
     public boolean mAllowedAppsVpnAreDisallowed = true;
+
+    public String mCrlFilename;
     public String mProfileCreator;
 
-    /* Options no long used in new profiles */
+
+    public boolean mPushPeerInfo = false;
+    public static final boolean mIsOpenVPN22 = false;
+
+    /* Options no longer used in new profiles */
     public String mServerName = "openvpn.blinkt.de";
     public String mServerPort = "1194";
     public boolean mUseUdp = true;
-    public boolean mPushPeerInfo=false;
 
     public VpnProfile(String name) {
         mUuid = UUID.randomUUID();
@@ -169,7 +174,7 @@ public class VpnProfile implements Serializable, Cloneable {
         mProfileVersion = CURRENT_PROFILE_VERSION;
 
         mConnections = new Connection[1];
-        mConnections[0]  = new Connection();
+        mConnections[0] = new Connection();
     }
 
     public static String openVpnEscape(String unescaped) {
@@ -197,7 +202,7 @@ public class VpnProfile implements Serializable, Cloneable {
         mCheckRemoteCN = false;
         mPersistTun = false;
         mAllowLocalLAN = true;
-        mPushPeerInfo =false;
+        mPushPeerInfo = false;
         mMssFix = 0;
     }
 
@@ -207,33 +212,33 @@ public class VpnProfile implements Serializable, Cloneable {
     }
 
     public String getName() {
-        if (mName==null)
+        if (mName == null)
             return "No profile name";
         return mName;
     }
 
-    public void upgradeProfile(){
-        if(mProfileVersion< 2) {
+    public void upgradeProfile() {
+        if (mProfileVersion < 2) {
             /* default to the behaviour the OS used */
             mAllowLocalLAN = Build.VERSION.SDK_INT < Build.VERSION_CODES.KITKAT;
         }
 
         if (mProfileVersion < 4) {
             moveOptionsToConnection();
-            mAllowedAppsVpnAreDisallowed=true;
+            mAllowedAppsVpnAreDisallowed = true;
         }
-        if (mAllowedAppsVpn==null)
+        if (mAllowedAppsVpn == null)
             mAllowedAppsVpn = new HashSet<>();
-        if (mConnections ==null)
+        if (mConnections == null)
             mConnections = new Connection[0];
 
         if (mProfileVersion < 6) {
             if (TextUtils.isEmpty(mProfileCreator))
-                mUserEditable=true;
+                mUserEditable = true;
         }
 
 
-        mProfileVersion= CURRENT_PROFILE_VERSION;
+        mProfileVersion = CURRENT_PROFILE_VERSION;
 
     }
 
@@ -271,7 +276,7 @@ public class VpnProfile implements Serializable, Cloneable {
             cfg += String.format("setenv IV_GUI_VER %s \n", openVpnEscape(getVersionEnvString(context)));
             String versionString = String.format("%d %s %s %s %s %s", Build.VERSION.SDK_INT, Build.VERSION.RELEASE,
                     NativeUtils.getNativeAPI(), Build.BRAND, Build.BOARD, Build.MODEL);
-            cfg += String.format("setenv IV_PLAT_VER %s\n", openVpnEscape(versionString)) ;
+            cfg += String.format("setenv IV_PLAT_VER %s\n", openVpnEscape(versionString));
         }
 
         cfg += "machine-readable-output\n";
@@ -304,7 +309,8 @@ public class VpnProfile implements Serializable, Cloneable {
             mConnectRetry = "5";
 
 
-        cfg += "connect-retry " + mConnectRetry + "\n";
+        if (!mIsOpenVPN22 || !mUseUdp)
+            cfg += "connect-retry " + mConnectRetry + "\n";
 
         cfg += "resolv-retry 60\n";
 
@@ -315,7 +321,7 @@ public class VpnProfile implements Serializable, Cloneable {
 
         boolean canUsePlainRemotes = true;
 
-        if (mConnections.length==1) {
+        if (mConnections.length == 1) {
             cfg += mConnections[0].getConnectionBlock();
         } else {
             for (Connection conn : mConnections) {
@@ -323,7 +329,7 @@ public class VpnProfile implements Serializable, Cloneable {
             }
 
             if (mRemoteRandom)
-                cfg+="remote-random\n";
+                cfg += "remote-random\n";
 
             if (canUsePlainRemotes) {
                 for (Connection conn : mConnections) {
@@ -378,6 +384,9 @@ public class VpnProfile implements Serializable, Cloneable {
                 cfg += insertFileData("ca", mCaFilename);
         }
 
+        if (!TextUtils.isEmpty(mCrlFilename))
+            cfg += insertFileData("crl-verify", mCrlFilename);
+
         if (mUseLzo) {
             cfg += "comp-lzo\n";
         }
@@ -411,13 +420,12 @@ public class VpnProfile implements Serializable, Cloneable {
 
         if (mUseDefaultRoute)
             routes += "route 0.0.0.0 0.0.0.0 vpn_gateway\n";
-        else
-        {
+        else {
             for (String route : getCustomRoutes(mCustomRoutes)) {
                 routes += "route " + route + " vpn_gateway\n";
             }
 
-            for (String route: getCustomRoutes(mExcludedRoutes)) {
+            for (String route : getCustomRoutes(mExcludedRoutes)) {
                 routes += "route " + route + " net_gateway\n";
             }
         }
@@ -442,11 +450,11 @@ public class VpnProfile implements Serializable, Cloneable {
 
         }
 
-        if (mMssFix !=0){
-            if (mMssFix!=1450) {
+        if (mMssFix != 0) {
+            if (mMssFix != 1450) {
                 cfg += String.format("mssfix %d\n", mMssFix, Locale.US);
             } else
-                cfg+="mssfix\n";
+                cfg += "mssfix\n";
         }
 
         if (mNobind)
@@ -507,11 +515,11 @@ public class VpnProfile implements Serializable, Cloneable {
         }
 
         if (mPushPeerInfo)
-            cfg+="push-peer-info\n";
+            cfg += "push-peer-info\n";
 
         SharedPreferences prefs = PreferenceManager.getDefaultSharedPreferences(context);
         boolean usesystemproxy = prefs.getBoolean("usesystemproxy", true);
-        if (usesystemproxy) {
+        if (usesystemproxy && !mIsOpenVPN22) {
             cfg += "# Use system proxy setting\n";
             cfg += "management-query-proxy\n";
         }
@@ -537,8 +545,6 @@ public class VpnProfile implements Serializable, Cloneable {
         }
 
 
-
-
         return cfg;
     }
 
@@ -557,8 +563,7 @@ public class VpnProfile implements Serializable, Cloneable {
     //! Put inline data inline and other data as normal escaped filename
     public static String insertFileData(String cfgentry, String filedata) {
         if (filedata == null) {
-            // TODO: generate good error
-            return String.format("%s %s\n", cfgentry, "missing");
+            return String.format("%s %s\n", cfgentry, "file missing in config profile");
         } else if (isEmbedded(filedata)) {
             String dataWithOutHeader = getEmbeddedContent(filedata);
             return String.format(Locale.ENGLISH, "<%s>\n%s\n</%s>\n", cfgentry, dataWithOutHeader, cfgentry);
@@ -629,39 +634,32 @@ public class VpnProfile implements Serializable, Cloneable {
     }
 
 
-
-
     public Intent prepareStartService(Context context) {
         Intent intent = getStartServiceIntent(context);
 
+        // TODO: Handle this?!
+//        if (mAuthenticationType == VpnProfile.TYPE_KEYSTORE || mAuthenticationType == VpnProfile.TYPE_USERPASS_KEYSTORE) {
+//            if (getKeyStoreCertificates(context) == null)
+//                return null;
+//        }
 
-        if (mAuthenticationType == VpnProfile.TYPE_KEYSTORE || mAuthenticationType == VpnProfile.TYPE_USERPASS_KEYSTORE) {
-            if (getKeyStoreCertificates(context) == null)
-                return null;
-        }
-
+        return intent;
+    }
 
-        try {
-            FileWriter cfg = new FileWriter(VPNLaunchHelper.getConfigFilePath(context));
-            cfg.write(getConfigFile(context, false));
-            cfg.flush();
-            cfg.close();
-        } catch (IOException e) {
-            VpnStatus.logException(e);
-        }
+    public void writeConfigFile(Context context) throws IOException {
+        FileWriter cfg = new FileWriter(VPNLaunchHelper.getConfigFilePath(context));
+        cfg.write(getConfigFile(context, false));
+        cfg.flush();
+        cfg.close();
 
-        return intent;
     }
 
     public Intent getStartServiceIntent(Context context) {
         String prefix = context.getPackageName();
 
         Intent intent = new Intent(context, OpenVPNService.class);
-        intent.putExtra(prefix + ".ARGV", VPNLaunchHelper.buildOpenvpnArgv(context));
         intent.putExtra(prefix + ".profileUUID", mUuid.toString());
 
-        ApplicationInfo info = context.getApplicationInfo();
-        intent.putExtra(prefix + ".nativelib", info.nativeLibraryDir);
         return intent;
     }
 
@@ -672,11 +670,10 @@ public class VpnProfile implements Serializable, Cloneable {
     public static String getDisplayName(String embeddedFile) {
         int start = DISPLAYNAME_TAG.length();
         int end = embeddedFile.indexOf(INLINE_TAG);
-        return embeddedFile.substring(start,end);
+        return embeddedFile.substring(start, end);
     }
 
-    public static String getEmbeddedContent(String data)
-    {
+    public static String getEmbeddedContent(String data) {
         if (!data.contains(INLINE_TAG))
             return data;
 
@@ -685,7 +682,7 @@ public class VpnProfile implements Serializable, Cloneable {
     }
 
     public static boolean isEmbedded(String data) {
-        if (data==null)
+        if (data == null)
             return false;
         if (data.startsWith(INLINE_TAG) || data.startsWith(DISPLAYNAME_TAG))
             return true;
@@ -697,8 +694,8 @@ public class VpnProfile implements Serializable, Cloneable {
         /* This method is called when OpenVPNService is restarted */
 
         if ((mAuthenticationType == VpnProfile.TYPE_KEYSTORE || mAuthenticationType == VpnProfile.TYPE_USERPASS_KEYSTORE)
-                && mPrivateKey==null) {
-            new Thread( new Runnable() {
+                && mPrivateKey == null) {
+            new Thread(new Runnable() {
                 @Override
                 public void run() {
                     getKeyStoreCertificates(context);
@@ -713,9 +710,9 @@ public class VpnProfile implements Serializable, Cloneable {
         VpnProfile copy = (VpnProfile) super.clone();
         copy.mUuid = UUID.randomUUID();
         copy.mConnections = new Connection[mConnections.length];
-        int i=0;
-        for (Connection conn: mConnections) {
-            copy.mConnections[i++]=conn.clone();
+        int i = 0;
+        for (Connection conn : mConnections) {
+            copy.mConnections[i++] = conn.clone();
         }
         copy.mAllowedAppsVpn = (HashSet<String>) mAllowedAppsVpn.clone();
         return copy;
@@ -735,12 +732,12 @@ public class VpnProfile implements Serializable, Cloneable {
 
 
     class NoCertReturnedException extends Exception {
-        public NoCertReturnedException (String msg) {
+        public NoCertReturnedException(String msg) {
             super(msg);
         }
     }
 
-    synchronized String[] getKeyStoreCertificates(Context context,int tries) {
+    synchronized String[] getKeyStoreCertificates(Context context, int tries) {
         try {
             PrivateKey privateKey = KeyChain.getPrivateKey(context, mAlias);
             mPrivateKey = privateKey;
@@ -749,7 +746,7 @@ public class VpnProfile implements Serializable, Cloneable {
 
 
             X509Certificate[] caChain = KeyChain.getCertificateChain(context, mAlias);
-            if(caChain == null)
+            if (caChain == null)
                 throw new NoCertReturnedException("No certificate returned from Keystore");
 
             if (caChain.length <= 1 && TextUtils.isEmpty(mCaFilename)) {
@@ -774,10 +771,10 @@ public class VpnProfile implements Serializable, Cloneable {
                     StringWriter caoutWriter = new StringWriter();
                     PemWriter pw = new PemWriter(caoutWriter);
 
-                    for (Certificate cert: cacerts)
+                    for (Certificate cert : cacerts)
                         pw.writeObject(new PemObject("CERTIFICATE", cert.getEncoded()));
                     pw.close();
-                    caout= caoutWriter.toString();
+                    caout = caoutWriter.toString();
 
                 } catch (Exception e) {
                     VpnStatus.logError("Could not read CA certificate" + e.getLocalizedMessage());
@@ -800,12 +797,12 @@ public class VpnProfile implements Serializable, Cloneable {
 
 
             String ca, extra;
-            if(caout==null) {
-                ca =keystoreChain;
-                extra=null;
+            if (caout == null) {
+                ca = keystoreChain;
+                extra = null;
             } else {
                 ca = caout;
-                extra=keystoreChain;
+                extra = keystoreChain;
             }
 
             return new String[]{ca, extra, user};
@@ -823,15 +820,15 @@ public class VpnProfile implements Serializable, Cloneable {
             return null;
 
         } catch (AssertionError e) {
-            if (tries ==0)
+            if (tries == 0)
                 return null;
-            VpnStatus.logError(String.format("Failure getting Keystore Keys (%s), retrying",e.getLocalizedMessage()));
+            VpnStatus.logError(String.format("Failure getting Keystore Keys (%s), retrying", e.getLocalizedMessage()));
             try {
                 Thread.sleep(3000);
             } catch (InterruptedException e1) {
                 VpnStatus.logException(e1);
             }
-            return getKeyStoreCertificates(context, tries-1);
+            return getKeyStoreCertificates(context, tries - 1);
         }
 
     }
@@ -848,20 +845,32 @@ public class VpnProfile implements Serializable, Cloneable {
                 return R.string.ipv4_format_error;
         }
         if (!mUseDefaultRoute) {
-            if (!TextUtils.isEmpty(mCustomRoutes) &&  getCustomRoutes(mCustomRoutes).size() == 0 )
+            if (!TextUtils.isEmpty(mCustomRoutes) && getCustomRoutes(mCustomRoutes).size() == 0)
                 return R.string.custom_route_format_error;
 
-            if (!TextUtils.isEmpty(mExcludedRoutes) &&  getCustomRoutes(mExcludedRoutes).size() == 0 )
+            if (!TextUtils.isEmpty(mExcludedRoutes) && getCustomRoutes(mExcludedRoutes).size() == 0)
                 return R.string.custom_route_format_error;
 
         }
 
+        if (mUseTLSAuth && TextUtils.isEmpty(mTLSAuthFilename))
+            return R.string.missing_tlsauth;
+
+        if ((mAuthenticationType == TYPE_USERPASS_CERTIFICATES || mAuthenticationType == TYPE_CERTIFICATES)
+                && (TextUtils.isEmpty(mClientCertFilename) || TextUtils.isEmpty(mClientKeyFilename)))
+            return R.string.missing_certificates;
+
+        if ((mAuthenticationType == TYPE_CERTIFICATES || mAuthenticationType == TYPE_USERPASS_CERTIFICATES)
+                && TextUtils.isEmpty(mCaFilename))
+            return R.string.missing_ca_certificate;
+
+
         boolean noRemoteEnabled = true;
         for (Connection c : mConnections)
             if (c.mEnabled)
                 noRemoteEnabled = false;
 
-        if(noRemoteEnabled)
+        if (noRemoteEnabled)
             return R.string.remote_no_server_selected;
 
         // Everything okay
@@ -956,7 +965,7 @@ public class VpnProfile implements Serializable, Cloneable {
 
         if (isUserPWAuth() &&
                 (TextUtils.isEmpty(mUsername) ||
-                (TextUtils.isEmpty(mPassword) && (mTransientPW == null  || ignoreTransient)))) {
+                        (TextUtils.isEmpty(mPassword) && (mTransientPW == null || ignoreTransient)))) {
             return R.string.password;
         }
         return 0;
diff --git a/app/src/main/java/de/blinkt/openvpn/activities/DisconnectVPN.java b/app/src/main/java/de/blinkt/openvpn/activities/DisconnectVPN.java
index f55de486..d25bccad 100644
--- a/app/src/main/java/de/blinkt/openvpn/activities/DisconnectVPN.java
+++ b/app/src/main/java/de/blinkt/openvpn/activities/DisconnectVPN.java
@@ -81,7 +81,7 @@ public class DisconnectVPN extends Activity implements DialogInterface.OnClickLi
         if (which == DialogInterface.BUTTON_POSITIVE) {
             ProfileManager.setConntectedVpnProfileDisconnected(this);
             if (mService != null && mService.getManagement() != null)
-                mService.getManagement().stopVPN();
+                mService.getManagement().stopVPN(false);
         }
         finish();
     }
diff --git a/app/src/main/java/de/blinkt/openvpn/core/ConfigParser.java b/app/src/main/java/de/blinkt/openvpn/core/ConfigParser.java
index 80a15c54..d14e643e 100644
--- a/app/src/main/java/de/blinkt/openvpn/core/ConfigParser.java
+++ b/app/src/main/java/de/blinkt/openvpn/core/ConfigParser.java
@@ -32,8 +32,6 @@ public class ConfigParser {
     private HashMap<String, Vector<Vector<String>>> options = new HashMap<String, Vector<Vector<String>>>();
     private HashMap<String, Vector<String>> meta = new HashMap<String, Vector<String>>();
     private String auth_user_pass_file;
-    private String crl_verify_file;
-
 
     public void parseConfig(Reader reader) throws IOException, ConfigParseError {
 
@@ -132,10 +130,6 @@ public class ConfigParser {
         return auth_user_pass_file;
     }
 
-    public String getCrlVerifyFile() {
-        return crl_verify_file;
-    }
-
     enum linestate {
         initial,
         readin_single_quote, reading_quoted, reading_unquoted, done
@@ -299,7 +293,8 @@ public class ConfigParser {
             {
                     {"setenv", "IV_GUI_VER"},
                     {"setenv", "IV_OPENVPN_GUI_VERSION"},
-                    {"engine", "dynamic"}
+                    {"engine", "dynamic"},
+                    {"setenv", "CLIENT_CERT"}
             };
 
     final String[] connectionOptions = {
@@ -621,11 +616,12 @@ public class ConfigParser {
         Vector<String> crlfile = getOption("crl-verify", 1, 2);
         if (crlfile != null) {
             // If the 'dir' parameter is present just add it as custom option ..
-            np.mCustomConfigOptions += TextUtils.join(" ", crlfile) + "\n";
-            if (crlfile.size() == 2) {
+            if (crlfile.size() == 3 && crlfile.get(2).equals("dir"))
+                np.mCustomConfigOptions += TextUtils.join(" ", crlfile) + "\n";
+            else
                 // Save the filename for the config converter to add later
-                crl_verify_file = crlfile.get(1);
-            }
+                np.mCrlFilename = crlfile.get(1);
+
         }
 
 
@@ -813,16 +809,6 @@ public class ConfigParser {
         }
     }
 
-    public static void removeCRLCustomOption(VpnProfile np) {
-        String lines[] = np.mCustomConfigOptions.split("\\r?\\n");
-        Vector<String> keeplines = new Vector<>();
-        for (String l : lines) {
-            if (!l.startsWith("crl-verify "))
-                keeplines.add(l);
-        }
-        np.mCustomConfigOptions = TextUtils.join("\n", keeplines);
-    }
-
     private void checkIgnoreAndInvalidOptions(VpnProfile np) throws ConfigParseError {
         for (String option : unsupportedOptions)
             if (options.containsKey(option))
diff --git a/app/src/main/java/de/blinkt/openvpn/core/LogFileHandler.java b/app/src/main/java/de/blinkt/openvpn/core/LogFileHandler.java
index 5c1741d9..288c7934 100644
--- a/app/src/main/java/de/blinkt/openvpn/core/LogFileHandler.java
+++ b/app/src/main/java/de/blinkt/openvpn/core/LogFileHandler.java
@@ -11,12 +11,15 @@ import android.os.Message;
 import android.os.Parcel;
 
 import java.io.BufferedInputStream;
-import java.io.BufferedOutputStream;
 import java.io.File;
 import java.io.FileInputStream;
 import java.io.FileNotFoundException;
 import java.io.FileOutputStream;
 import java.io.IOException;
+import java.nio.ByteBuffer;
+import java.util.Locale;
+
+import se.leap.bitmaskclient.R;
 
 /**
  * Created by arne on 23.01.16.
@@ -27,7 +30,6 @@ class LogFileHandler extends Handler {
     static final int LOG_INIT = 102;
     public static final int LOG_MESSAGE = 103;
     private static FileOutputStream mLogFile;
-    private static BufferedOutputStream mBufLogfile;
 
     public static final String LOGFILE_NAME = "logcache.dat";
 
@@ -41,6 +43,8 @@ class LogFileHandler extends Handler {
     public void handleMessage(Message msg) {
         try {
             if (msg.what == LOG_INIT) {
+                if (mLogFile != null)
+                    throw new RuntimeException("mLogFile not null");
                 readLogCache((File) msg.obj);
                 openLogFile((File) msg.obj);
             } else if (msg.what == LOG_MESSAGE && msg.obj instanceof VpnStatus.LogItem) {
@@ -70,15 +74,13 @@ class LogFileHandler extends Handler {
 
     private static void trimLogFile() {
         try {
-            mBufLogfile.flush();
+            mLogFile.flush();
             mLogFile.getChannel().truncate(0);
-
         } catch (IOException e) {
             e.printStackTrace();
         }
     }
 
-
     private void writeLogItemToDisk(VpnStatus.LogItem li) throws IOException {
         Parcel p = Parcel.obtain();
         li.writeToParcel(p, 0);
@@ -86,8 +88,8 @@ class LogFileHandler extends Handler {
         // write binary format to disc
         byte[] liBytes = p.marshall();
 
-        mLogFile.write(liBytes.length & 0xff);
-        mLogFile.write(liBytes.length >> 8);
+        byte[] lenBytes = ByteBuffer.allocate(4).putInt(liBytes.length).array();
+        mLogFile.write(lenBytes);
         mLogFile.write(liBytes);
         p.recycle();
     }
@@ -95,39 +97,56 @@ class LogFileHandler extends Handler {
     private void openLogFile (File cacheDir) throws FileNotFoundException {
         File logfile = new File(cacheDir, LOGFILE_NAME);
         mLogFile = new FileOutputStream(logfile);
-        mBufLogfile = new BufferedOutputStream(mLogFile);
     }
 
     private void readLogCache(File cacheDir) {
         File logfile = new File(cacheDir, LOGFILE_NAME);
 
+
         if (!logfile.exists() || !logfile.canRead())
             return;
 
-        VpnStatus.logDebug("Reread log items from cache file");
+
 
         try {
+
             BufferedInputStream logFile = new BufferedInputStream(new FileInputStream(logfile));
 
             byte[] buf = new byte[8192];
-            int read = logFile.read(buf, 0, 2);
+            int read = logFile.read(buf, 0, 4);
+            int itemsRead=0;
 
-            while (read > 0) {
-                // Marshalled LogItem
-                int len = (0xff & buf[0]) | buf[1] << 8;
+            while (read >= 4) {
+                int len = ByteBuffer.wrap(buf, 0, 4).asIntBuffer().get();
 
+                // Marshalled LogItem
                 read = logFile.read(buf, 0, len);
 
                 Parcel p = Parcel.obtain();
                 p.unmarshall(buf, 0, read);
                 p.setDataPosition(0);
                 VpnStatus.LogItem li = VpnStatus.LogItem.CREATOR.createFromParcel(p);
-                VpnStatus.newLogItem(li, true);
+                if (li.verify()) {
+                    VpnStatus.newLogItem(li, true);
+                } else {
+                    VpnStatus.logError(String.format(Locale.getDefault(),
+                            "Could not read log item from file: %d/%d: %s",
+                            read, len, bytesToHex(buf, Math.max(read,80))));
+                }
                 p.recycle();
 
                 //Next item
-                read = logFile.read(buf, 0, 2);
+                read = logFile.read(buf, 0, 4);
+                itemsRead++;
+                if (itemsRead > 2*VpnStatus.MAXLOGENTRIES) {
+                    VpnStatus.logError("Too many logentries read from cache, aborting.");
+                    read = 0;
+                }
+
             }
+            VpnStatus.logDebug(R.string.reread_log, itemsRead);
+
+
 
         } catch (java.io.IOException | java.lang.RuntimeException e) {
             VpnStatus.logError("Reading cached logfile failed");
@@ -137,4 +156,17 @@ class LogFileHandler extends Handler {
         }
     }
 
+    final protected static char[] hexArray = "0123456789ABCDEF".toCharArray();
+    public static String bytesToHex(byte[] bytes, int len) {
+        len = Math.min(bytes.length, len);
+        char[] hexChars = new char[len * 2];
+        for ( int j = 0; j < len; j++ ) {
+            int v = bytes[j] & 0xFF;
+            hexChars[j * 2] = hexArray[v >>> 4];
+            hexChars[j * 2 + 1] = hexArray[v & 0x0F];
+        }
+        return new String(hexChars);
+    }
+
+
 }
diff --git a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNManagement.java b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNManagement.java
index 2771fa6a..2911fb1e 100644
--- a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNManagement.java
+++ b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNManagement.java
@@ -16,15 +16,19 @@ public interface OpenVPNManagement {
         screenOff
     }
 
-	int mBytecountInterval =2;
+    int mBytecountInterval = 2;
 
-	void reconnect();
+    void reconnect();
 
-	void pause(pauseReason reason);
+    void pause(pauseReason reason);
 
-	void resume();
+    void resume();
 
-	boolean stopVPN();
+    /**
+     * @param replaceConnection True if the VPN is connected by a new connection.
+     * @return true if there was a process that has been send a stop signal
+     */
+    boolean stopVPN(boolean replaceConnection);
 
     /*
      * Rebind the interface
diff --git a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java
index 17be29b0..2917bce1 100644
--- a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java
+++ b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java
@@ -32,6 +32,7 @@ import android.text.TextUtils;
 import android.util.Log;
 import android.widget.Toast;
 
+import java.io.IOException;
 import java.lang.reflect.InvocationTargetException;
 import java.lang.reflect.Method;
 import java.net.Inet6Address;
@@ -87,6 +88,7 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
     private final Object mProcessLock = new Object();
     private Handler guiHandler;
     private Toast mlastToast;
+    private Runnable mOpenVPNThread;
 
     // From: http://stackoverflow.com/questions/3758606/how-to-convert-byte-size-into-human-readable-format-in-java
     public static String humanReadableByteCount(long bytes, boolean mbit) {
@@ -116,7 +118,7 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
     @Override
     public void onRevoke() {
         VpnStatus.logInfo(R.string.permission_revoked);
-        mManagement.stopVPN();
+        mManagement.stopVPN(false);
         endVpnService();
     }
 
@@ -132,6 +134,7 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
         VpnStatus.removeByteCountListener(this);
         unregisterDeviceStateReceiver();
         ProfileManager.setConntectedVpnProfileDisconnected(this);
+        mOpenVPNThread = null;
         if (!mStarting) {
             stopForeground(!mNotificationAlwaysVisible);
 
@@ -182,16 +185,16 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
 
 
         mNotificationManager.notify(OPENVPN_STATUS, notification);
-        //startForeground(OPENVPN_STATUS, notification);
+        // startForeground(OPENVPN_STATUS, notification);
 
         // Check if running on a TV
-        if(runningOnAndroidTV() && !lowpriority)
+        if (runningOnAndroidTV() && !lowpriority)
             guiHandler.post(new Runnable() {
 
                 @Override
                 public void run() {
 
-                    if (mlastToast!=null)
+                    if (mlastToast != null)
                         mlastToast.cancel();
                     String toastText = String.format(Locale.getDefault(), "%s - %s", mProfile.mName, msg);
                     mlastToast = Toast.makeText(getBaseContext(), toastText, Toast.LENGTH_SHORT);
@@ -378,38 +381,50 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
             mProfile = ProfileManager.get(this, profileUUID);
         }
 
+        /* start the OpenVPN process itself in a background thread */
+        new Thread(new Runnable() {
+            @Override
+            public void run() {
+                startOpenVPN();
+            }
+        }).start();
+
+
+        ProfileManager.setConnectedVpnProfile(this, mProfile);
+        /* TODO: At the moment we have no way to handle asynchronous PW input
+         * Fixing will also allow to handle challenge/response authentication */
+        if (mProfile.needUserPWInput(true) != 0)
+            return START_NOT_STICKY;
+
+        return START_STICKY;
+    }
+
+    private void startOpenVPN() {
+        VpnStatus.logInfo(R.string.building_configration);
+        VpnStatus.updateStateString("VPN_GENERATE_CONFIG", "", R.string.building_configration, VpnStatus.ConnectionStatus.LEVEL_START);
+
+
+        try {
+            mProfile.writeConfigFile(this);
+        } catch (IOException e) {
+            VpnStatus.logException("Error writing config file", e);
+            endVpnService();
+            return;
+        }
 
         // Extract information from the intent.
         String prefix = getPackageName();
-        String[] argv = intent.getStringArrayExtra(prefix + ".ARGV");
-        String nativeLibraryDirectory = intent.getStringExtra(prefix + ".nativelib");
+        String nativeLibraryDirectory = getApplicationInfo().nativeLibraryDir;
+
+        // Also writes OpenVPN binary
+        String[] argv = VPNLaunchHelper.buildOpenvpnArgv(this);
 
-        String startTitle = getString(R.string.start_vpn_title, mProfile.mName);
-        String startTicker = getString(R.string.start_vpn_ticker, mProfile.mName);
-        showNotification(startTitle, startTicker,
-                false, 0, LEVEL_CONNECTING_NO_SERVER_REPLY_YET);
 
         // Set a flag that we are starting a new VPN
         mStarting = true;
         // Stop the previous session by interrupting the thread.
-        if (mManagement != null && mManagement.stopVPN())
-            // an old was asked to exit, wait 1s
-            try {
-                Thread.sleep(1000);
-            } catch (InterruptedException e) {
-                //ignore
-            }
 
-        synchronized (mProcessLock) {
-            if (mProcessThread != null) {
-                mProcessThread.interrupt();
-                try {
-                    Thread.sleep(1000);
-                } catch (InterruptedException e) {
-                    //ignore
-                }
-            }
-        }
+        stopOldOpenVPNProcess();
         // An old running VPN should now be exited
         mStarting = false;
 
@@ -420,10 +435,8 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
         if (!"ovpn3".equals(BuildConfig.FLAVOR))
             mOvpn3 = false;
 
-
         // Open the Management Interface
         if (!mOvpn3) {
-
             // start a Thread that handles incoming messages of the managment socket
             OpenVpnManagementThread ovpnManagementThread = new OpenVpnManagementThread(mProfile, this);
             if (ovpnManagementThread.openManagementInterface(this)) {
@@ -433,13 +446,15 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
                 mManagement = ovpnManagementThread;
                 VpnStatus.logInfo("started Socket Thread");
             } else {
-                return START_NOT_STICKY;
+                endVpnService();
+                return;
             }
         }
 
-
         Runnable processThread;
-        if (mOvpn3) {
+        if (mOvpn3)
+
+        {
 
             OpenVPNManagement mOpenVPN3 = instantiateOpenVPN3Core();
             processThread = (Runnable) mOpenVPN3;
@@ -449,25 +464,53 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
         } else {
             HashMap<String, String> env = new HashMap<>();
             processThread = new OpenVPNThread(this, argv, env, nativeLibraryDirectory);
+            mOpenVPNThread = processThread;
         }
 
-        synchronized (mProcessLock) {
+        synchronized (mProcessLock)
+
+        {
             mProcessThread = new Thread(processThread, "OpenVPNProcessThread");
             mProcessThread.start();
         }
-        if (mDeviceStateReceiver != null)
-            unregisterDeviceStateReceiver();
 
-        registerDeviceStateReceiver(mManagement);
+        new Handler(getMainLooper()).post(new Runnable() {
+                         @Override
+                         public void run() {
+                             if (mDeviceStateReceiver != null)
+                                 unregisterDeviceStateReceiver();
 
+                             registerDeviceStateReceiver(mManagement);
+                         }
+                     }
 
-        ProfileManager.setConnectedVpnProfile(this, mProfile);
-        /* TODO: At the moment we have no way to handle asynchronous PW input
-         * Fixing will also allow to handle challenge/response authentication */
-        if (mProfile.needUserPWInput(true) != 0)
-            return START_NOT_STICKY;
+                );
+    }
 
-        return START_STICKY;
+    private void stopOldOpenVPNProcess() {
+        if (mManagement != null) {
+            if (mOpenVPNThread!=null)
+                ((OpenVPNThread) mOpenVPNThread).setReplaceConnection();
+            if (mManagement.stopVPN(true)) {
+                // an old was asked to exit, wait 1s
+                try {
+                    Thread.sleep(1000);
+                } catch (InterruptedException e) {
+                    //ignore
+                }
+            }
+        }
+
+        synchronized (mProcessLock) {
+            if (mProcessThread != null) {
+                mProcessThread.interrupt();
+                try {
+                    Thread.sleep(1000);
+                } catch (InterruptedException e) {
+                    //ignore
+                }
+            }
+        }
     }
 
     private OpenVPNManagement instantiateOpenVPN3Core() {
@@ -475,7 +518,7 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
             Class cl = Class.forName("de.blinkt.openvpn.core.OpenVPNThreadv3");
             return (OpenVPNManagement) cl.getConstructor(OpenVPNService.class, VpnProfile.class).newInstance(this, mProfile);
         } catch (IllegalArgumentException | InstantiationException | InvocationTargetException |
-                NoSuchMethodException | ClassNotFoundException | IllegalAccessException e ) {
+                NoSuchMethodException | ClassNotFoundException | IllegalAccessException e) {
             e.printStackTrace();
         }
         return null;
@@ -485,7 +528,7 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
     public void onDestroy() {
         synchronized (mProcessLock) {
             if (mProcessThread != null) {
-                mManagement.stopVPN();
+                mManagement.stopVPN(true);
             }
         }
 
@@ -581,7 +624,7 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
             // Check if the first DNS Server is in the VPN range
             try {
                 ipAddress dnsServer = new ipAddress(new CIDRIP(mDnslist.get(0), 32), true);
-                boolean dnsIncluded=false;
+                boolean dnsIncluded = false;
                 for (ipAddress net : positiveIPv4Routes) {
                     if (net.containsNet(dnsServer)) {
                         dnsIncluded = true;
@@ -620,8 +663,6 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
         }
 
 
-
-
         if (mDomain != null)
             builder.addSearchDomain(mDomain);
 
@@ -716,7 +757,7 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
 
     @TargetApi(Build.VERSION_CODES.LOLLIPOP)
     private void setAllowedVpnPackages(Builder builder) {
-        boolean atLeastOneAllowedApp=false;
+        boolean atLeastOneAllowedApp = false;
         for (String pkg : mProfile.mAllowedAppsVpn) {
             try {
                 if (mProfile.mAllowedAppsVpnAreDisallowed) {
@@ -910,7 +951,7 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
             // Does not work :(
             String msg = getString(resid);
             // showNotification(VpnStatus.getLastCleanLogMessage(this),
-                    // msg, lowpriority, 0, level);
+            //      msg, lowpriority, 0, level);
 
         }
     }
diff --git a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNThread.java b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNThread.java
index 10bc9e87..e0c39546 100644
--- a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNThread.java
+++ b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNThread.java
@@ -34,51 +34,56 @@ public class OpenVPNThread implements Runnable {
     @SuppressLint("SdCardPath")
     private static final String BROKEN_PIE_SUPPORT = "/data/data/de.blinkt.openvpn/cache/pievpn";
     private final static String BROKEN_PIE_SUPPORT2 = "syntax error";
-	private static final String TAG = "OpenVPN";
+    private static final String TAG = "OpenVPN";
     public static final int M_FATAL = (1 << 4);
     public static final int M_NONFATAL = (1 << 5);
     public static final int M_WARN = (1 << 6);
     public static final int M_DEBUG = (1 << 7);
     private String[] mArgv;
-	private Process mProcess;
-	private String mNativeDir;
-	private OpenVPNService mService;
-	private String mDumpPath;
-	private Map<String, String> mProcessEnv;
-    private boolean mBrokenPie=false;
-
-    public OpenVPNThread(OpenVPNService service,String[] argv, Map<String,String> processEnv, String nativelibdir)
-	{
-		mArgv = argv;
-		mNativeDir = nativelibdir;
-		mService = service;
-		mProcessEnv = processEnv;
-	}
-	
-	public void stopProcess() {
-		mProcess.destroy();
-	}
-	
-	@Override
-	public void run() {
-		try {
-			Log.i(TAG, "Starting openvpn");			
-			startOpenVPNThreadArgs(mArgv, mProcessEnv);
-			Log.i(TAG, "Giving up");
-		} catch (Exception e) {
-            VpnStatus.logException("Starting OpenVPN Thread" ,e);
-			Log.e(TAG, "OpenVPNThread Got " + e.toString());
-		} finally {
-			int exitvalue = 0;
-			try {
-				if (mProcess!=null)
-					exitvalue = mProcess.waitFor();
-			} catch ( IllegalThreadStateException ite) {
-				VpnStatus.logError("Illegal Thread state: " + ite.getLocalizedMessage());
-			} catch (InterruptedException ie) {
-				VpnStatus.logError("InterruptedException: " + ie.getLocalizedMessage());
-			}
-			if( exitvalue != 0) {
+    private Process mProcess;
+    private String mNativeDir;
+    private OpenVPNService mService;
+    private String mDumpPath;
+    private Map<String, String> mProcessEnv;
+    private boolean mBrokenPie = false;
+    private boolean mNoProcessExitStatus = false;
+
+    public OpenVPNThread(OpenVPNService service, String[] argv, Map<String, String> processEnv, String nativelibdir) {
+        mArgv = argv;
+        mNativeDir = nativelibdir;
+        mService = service;
+        mProcessEnv = processEnv;
+    }
+
+    public void stopProcess() {
+        mProcess.destroy();
+    }
+
+    void setReplaceConnection()
+    {
+        mNoProcessExitStatus=true;
+    }
+
+    @Override
+    public void run() {
+        try {
+            Log.i(TAG, "Starting openvpn");
+            startOpenVPNThreadArgs(mArgv, mProcessEnv);
+            Log.i(TAG, "OpenVPN process exited");
+        } catch (Exception e) {
+            VpnStatus.logException("Starting OpenVPN Thread", e);
+            Log.e(TAG, "OpenVPNThread Got " + e.toString());
+        } finally {
+            int exitvalue = 0;
+            try {
+                if (mProcess != null)
+                    exitvalue = mProcess.waitFor();
+            } catch (IllegalThreadStateException ite) {
+                VpnStatus.logError("Illegal Thread state: " + ite.getLocalizedMessage());
+            } catch (InterruptedException ie) {
+                VpnStatus.logError("InterruptedException: " + ie.getLocalizedMessage());
+            }
+            if (exitvalue != 0) {
                 VpnStatus.logError("Process exited with exit value " + exitvalue);
                 if (mBrokenPie) {
                     /* This will probably fail since the NoPIE binary is probably not written */
@@ -95,70 +100,72 @@ public class OpenVPNThread implements Runnable {
                 }
 
             }
-			
-			VpnStatus.updateStateString("NOPROCESS", "No process running.", R.string.state_noprocess, ConnectionStatus.LEVEL_NOTCONNECTED);
-			if(mDumpPath!=null) {
-				try {
-					BufferedWriter logout = new BufferedWriter(new FileWriter(mDumpPath + ".log"));
-					SimpleDateFormat timeformat = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss",Locale.GERMAN);
-					for(LogItem li : VpnStatus.getlogbuffer()){
-						String time = timeformat.format(new Date(li.getLogtime()));
-						logout.write(time +" " + li.getString(mService) + "\n");
-					}
-					logout.close();
-					VpnStatus.logError(R.string.minidump_generated);
-				} catch (IOException e) {
-					VpnStatus.logError("Writing minidump log: " + e.getLocalizedMessage());
-				}
-			}
-
-			mService.processDied();
-			Log.i(TAG, "Exiting");
-		}
-	}
-	
-	private void startOpenVPNThreadArgs(String[] argv, Map<String, String> env) {
-		LinkedList<String> argvlist = new LinkedList<String>();
+
+            if (!mNoProcessExitStatus)
+                VpnStatus.updateStateString("NOPROCESS", "No process running.", R.string.state_noprocess, ConnectionStatus.LEVEL_NOTCONNECTED);
+
+            if (mDumpPath != null) {
+                try {
+                    BufferedWriter logout = new BufferedWriter(new FileWriter(mDumpPath + ".log"));
+                    SimpleDateFormat timeformat = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss", Locale.GERMAN);
+                    for (LogItem li : VpnStatus.getlogbuffer()) {
+                        String time = timeformat.format(new Date(li.getLogtime()));
+                        logout.write(time + " " + li.getString(mService) + "\n");
+                    }
+                    logout.close();
+                    VpnStatus.logError(R.string.minidump_generated);
+                } catch (IOException e) {
+                    VpnStatus.logError("Writing minidump log: " + e.getLocalizedMessage());
+                }
+            }
+
+            mService.processDied();
+            Log.i(TAG, "Exiting");
+        }
+    }
+
+    private void startOpenVPNThreadArgs(String[] argv, Map<String, String> env) {
+        LinkedList<String> argvlist = new LinkedList<String>();
 
         Collections.addAll(argvlist, argv);
-	
-		ProcessBuilder pb = new ProcessBuilder(argvlist);
-		// Hack O rama
-		
-		String lbpath = genLibraryPath(argv, pb);
-		
-		pb.environment().put("LD_LIBRARY_PATH", lbpath);
-
-		// Add extra variables
-		for(Entry<String,String> e:env.entrySet()){
-			pb.environment().put(e.getKey(), e.getValue());
-		}
-		pb.redirectErrorStream(true);
-		try {
-			mProcess = pb.start();
-			// Close the output, since we don't need it
-			mProcess.getOutputStream().close();
-			InputStream in = mProcess.getInputStream();
-			BufferedReader br = new BufferedReader(new InputStreamReader(in));
-				
-			while(true) {
-				String logline = br.readLine();
-				if(logline==null) 
-					return;
-
-				if (logline.startsWith(DUMP_PATH_STRING))
-					mDumpPath = logline.substring(DUMP_PATH_STRING.length());
+
+        ProcessBuilder pb = new ProcessBuilder(argvlist);
+        // Hack O rama
+
+        String lbpath = genLibraryPath(argv, pb);
+
+        pb.environment().put("LD_LIBRARY_PATH", lbpath);
+
+        // Add extra variables
+        for (Entry<String, String> e : env.entrySet()) {
+            pb.environment().put(e.getKey(), e.getValue());
+        }
+        pb.redirectErrorStream(true);
+        try {
+            mProcess = pb.start();
+            // Close the output, since we don't need it
+            mProcess.getOutputStream().close();
+            InputStream in = mProcess.getInputStream();
+            BufferedReader br = new BufferedReader(new InputStreamReader(in));
+
+            while (true) {
+                String logline = br.readLine();
+                if (logline == null)
+                    return;
+
+                if (logline.startsWith(DUMP_PATH_STRING))
+                    mDumpPath = logline.substring(DUMP_PATH_STRING.length());
 
                 if (logline.startsWith(BROKEN_PIE_SUPPORT) || logline.contains(BROKEN_PIE_SUPPORT2))
                     mBrokenPie = true;
-					
+
 
                 // 1380308330.240114 18000002 Send to HTTP proxy: 'X-Online-Host: bla.blabla.com'
 
                 Pattern p = Pattern.compile("(\\d+).(\\d+) ([0-9a-f])+ (.*)");
                 Matcher m = p.matcher(logline);
-                if(m.matches()) {
-                    int flags = Integer.parseInt(m.group(3),16);
+                if (m.matches()) {
+                    int flags = Integer.parseInt(m.group(3), 16);
                     String msg = m.group(4);
                     int logLevel = flags & 0x0F;
 
@@ -166,45 +173,45 @@ public class OpenVPNThread implements Runnable {
 
                     if ((flags & M_FATAL) != 0)
                         logStatus = VpnStatus.LogLevel.ERROR;
-                    else if ((flags & M_NONFATAL)!=0)
+                    else if ((flags & M_NONFATAL) != 0)
                         logStatus = VpnStatus.LogLevel.WARNING;
-                    else if ((flags & M_WARN)!=0)
+                    else if ((flags & M_WARN) != 0)
                         logStatus = VpnStatus.LogLevel.WARNING;
-                    else if ((flags & M_DEBUG)!=0)
+                    else if ((flags & M_DEBUG) != 0)
                         logStatus = VpnStatus.LogLevel.VERBOSE;
 
                     if (msg.startsWith("MANAGEMENT: CMD"))
                         logLevel = Math.max(4, logLevel);
 
 
-                    VpnStatus.logMessageOpenVPN(logStatus,logLevel,msg);
+                    VpnStatus.logMessageOpenVPN(logStatus, logLevel, msg);
                 } else {
                     VpnStatus.logInfo("P:" + logline);
                 }
-			}
-			
-		
-		} catch (IOException e) {
-			VpnStatus.logException("Error reading from output of OpenVPN process" , e);
-			stopProcess();
-		}
-		
-		
-	}
-
-	private String genLibraryPath(String[] argv, ProcessBuilder pb) {
-		// Hack until I find a good way to get the real library path
-		String applibpath = argv[0].replaceFirst("/cache/.*$"  , "/lib");
-		
-		String lbpath = pb.environment().get("LD_LIBRARY_PATH");
-		if(lbpath==null) 
-			lbpath = applibpath;
-		else
-			lbpath = applibpath + ":" + lbpath;
-		
-		if (!applibpath.equals(mNativeDir)) {
-			lbpath =  mNativeDir + ":" + lbpath;
-		}
-		return lbpath;
-	}
+            }
+
+
+        } catch (IOException e) {
+            VpnStatus.logException("Error reading from output of OpenVPN process", e);
+            stopProcess();
+        }
+
+
+    }
+
+    private String genLibraryPath(String[] argv, ProcessBuilder pb) {
+        // Hack until I find a good way to get the real library path
+        String applibpath = argv[0].replaceFirst("/cache/.*$", "/lib");
+
+        String lbpath = pb.environment().get("LD_LIBRARY_PATH");
+        if (lbpath == null)
+            lbpath = applibpath;
+        else
+            lbpath = applibpath + ":" + lbpath;
+
+        if (!applibpath.equals(mNativeDir)) {
+            lbpath = mNativeDir + ":" + lbpath;
+        }
+        return lbpath;
+    }
 }
diff --git a/app/src/main/java/de/blinkt/openvpn/core/OpenVpnManagementThread.java b/app/src/main/java/de/blinkt/openvpn/core/OpenVpnManagementThread.java
index 4c550f47..569a3846 100644
--- a/app/src/main/java/de/blinkt/openvpn/core/OpenVpnManagementThread.java
+++ b/app/src/main/java/de/blinkt/openvpn/core/OpenVpnManagementThread.java
@@ -49,6 +49,7 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement {
 
     private pauseReason lastPauseReason = pauseReason.noNetwork;
     private PausedStateCallback mPauseCallback;
+    private boolean mShuttingDown;
 
     public OpenVpnManagementThread(VpnProfile profile, OpenVPNService openVpnService) {
         mProfile = profile;
@@ -223,7 +224,8 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement {
                     processByteCount(argument);
                     break;
                 case "STATE":
-                    processState(argument);
+                    if (!mShuttingDown)
+                        processState(argument);
                     break;
                 case "PROXY":
                     processProxyCMD(argument);
@@ -452,7 +454,7 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement {
 
                 break;
             default:
-                Log.e(TAG, "Unkown needok command " + argument);
+                Log.e(TAG, "Unknown needok command " + argument);
                 return;
         }
 
@@ -621,7 +623,9 @@ public class OpenVpnManagementThread implements Runnable, OpenVPNManagement {
     }
 
     @Override
-    public boolean stopVPN() {
+    public boolean stopVPN(boolean replaceConnection) {
+        mShuttingDown = true;
         return stopOpenVPN();
     }
+
 }
diff --git a/app/src/main/java/de/blinkt/openvpn/core/VPNLaunchHelper.java b/app/src/main/java/de/blinkt/openvpn/core/VPNLaunchHelper.java
index f2cf8cec..78f462e7 100644
--- a/app/src/main/java/de/blinkt/openvpn/core/VPNLaunchHelper.java
+++ b/app/src/main/java/de/blinkt/openvpn/core/VPNLaunchHelper.java
@@ -27,7 +27,7 @@ public class VPNLaunchHelper {
 
 
 
-    static private String writeMiniVPN(Context context) {
+    private static String writeMiniVPN(Context context) {
         String[] abis;
         if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.LOLLIPOP)
             abis = getSupportedABIsLollipop();
@@ -73,12 +73,18 @@ public class VPNLaunchHelper {
     }
 
 
-    public static String[] buildOpenvpnArgv(Context c) {
+    static String[] buildOpenvpnArgv(Context c) {
         Vector<String> args = new Vector<>();
 
+        String binaryName = writeMiniVPN(c);
         // Add fixed paramenters
         //args.add("/data/data/de.blinkt.openvpn/lib/openvpn");
-        args.add(writeMiniVPN(c));
+        if(binaryName==null) {
+            VpnStatus.logError("Error writing minivpn binary");
+            return null;
+        }
+
+        args.add(binaryName);
 
         args.add("--config");
         args.add(getConfigFilePath(c));
@@ -126,14 +132,6 @@ public class VPNLaunchHelper {
 	
 
 	public static void startOpenVpn(VpnProfile startprofile, Context context) {
-        VpnStatus.logInfo(R.string.building_configration);
-        VpnStatus.updateStateString("VPN_GENERATE_CONFIG", "", R.string.building_configration, VpnStatus.ConnectionStatus.LEVEL_START);
-        if(writeMiniVPN(context)==null) {
-			VpnStatus.logError("Error writing minivpn binary");
-			return;
-		}
-
-
 		Intent startVPN = startprofile.prepareStartService(context);
 		if(startVPN!=null)
 			context.startService(startVPN);
diff --git a/app/src/main/java/de/blinkt/openvpn/core/VpnStatus.java b/app/src/main/java/de/blinkt/openvpn/core/VpnStatus.java
index 3ac1595c..1e2ccba3 100644
--- a/app/src/main/java/de/blinkt/openvpn/core/VpnStatus.java
+++ b/app/src/main/java/de/blinkt/openvpn/core/VpnStatus.java
@@ -17,9 +17,12 @@ import android.os.Message;
 import android.os.Parcel;
 import android.os.Parcelable;
 import android.text.TextUtils;
+import android.util.Log;
 
 import java.io.ByteArrayInputStream;
+import java.io.DataOutputStream;
 import java.io.File;
+import java.io.OutputStream;
 import java.io.PrintWriter;
 import java.io.StringWriter;
 import java.security.MessageDigest;
@@ -34,6 +37,7 @@ import java.util.Locale;
 import java.util.UnknownFormatConversionException;
 import java.util.Vector;
 
+import se.leap.bitmaskclient.BuildConfig;
 import se.leap.bitmaskclient.R;
 
 public class VpnStatus {
@@ -73,7 +77,7 @@ public class VpnStatus {
         logException(LogLevel.ERROR, context, e);
     }
 
-    private static final int MAXLOGENTRIES = 1000;
+    static final int MAXLOGENTRIES = 1000;
 
 
     public static String getLastCleanLogMessage(Context c) {
@@ -291,7 +295,6 @@ public class VpnStatus {
                         if (mArgs != null)
                             str += TextUtils.join("|", mArgs);
 
-
                         return str;
                     }
                 }
@@ -369,6 +372,16 @@ public class VpnStatus {
             }
             return mVerbosityLevel;
         }
+
+        public boolean verify() {
+            if (mLevel == null)
+                return false;
+
+            if (mMessage == null && mRessourceId == 0)
+                return false;
+
+            return true;
+        }
     }
 
     public interface LogListener {
@@ -575,6 +588,9 @@ public class VpnStatus {
             mLogFileHandler.sendMessage(mLogFileHandler.obtainMessage(LogFileHandler.TRIM_LOG_FILE));
         }
 
+        if (BuildConfig.DEBUG && !cachedLine)
+            Log.d("OpenVPN", logItem.getString(null));
+
 
         for (LogListener ll : logListener) {
             ll.newLog(logItem);
@@ -613,8 +629,8 @@ public class VpnStatus {
     public static synchronized void updateByteCount(long in, long out) {
         long lastIn = mlastByteCount[0];
         long lastOut = mlastByteCount[1];
-        long diffIn = mlastByteCount[2] = in - lastIn;
-        long diffOut = mlastByteCount[3] = out - lastOut;
+        long diffIn = mlastByteCount[2] = Math.max(0, in - lastIn);
+        long diffOut = mlastByteCount[3] = Math.max(0, out - lastOut);
 
 
         mlastByteCount = new long[]{in, out, diffIn, diffOut};
diff --git a/app/src/main/java/de/blinkt/openvpn/fragments/LogFragment.java b/app/src/main/java/de/blinkt/openvpn/fragments/LogFragment.java
index f75e459e..bbd52a34 100644
--- a/app/src/main/java/de/blinkt/openvpn/fragments/LogFragment.java
+++ b/app/src/main/java/de/blinkt/openvpn/fragments/LogFragment.java
@@ -429,34 +429,33 @@ public class LogFragment extends ListFragment implements StateListener, SeekBar.
             Intent intent = new Intent(getActivity(), DisconnectVPN.class);
             startActivity(intent);
             return true;
-        } else if (item.getItemId() == R.id.send) {
-            ladapter.shareLog();
-        } else if (item.getItemId() == R.id.edit_vpn) {
-            VpnProfile lastConnectedprofile = ProfileManager.getLastConnectedVpn();
-
-            if (lastConnectedprofile != null) {
-                Intent vprefintent = new Intent(getActivity(), Dashboard.class)
-                        .putExtra(VpnProfile.EXTRA_PROFILEUUID, lastConnectedprofile.getUUIDString());
-                startActivityForResult(vprefintent, START_VPN_CONFIG);
-            } else {
-                Toast.makeText(getActivity(), R.string.log_no_last_vpn, Toast.LENGTH_LONG).show();
-            }
-        } else if (item.getItemId() == R.id.toggle_time) {
-            showHideOptionsPanel();
-        } else if (item.getItemId() == android.R.id.home) {
-            // This is called when the Home (Up) button is pressed
-            // in the Action Bar.
-            Intent parentActivityIntent = new Intent(getActivity(), Dashboard.class);
-            parentActivityIntent.addFlags(
-                    Intent.FLAG_ACTIVITY_CLEAR_TOP |
-                            Intent.FLAG_ACTIVITY_NEW_TASK);
-            startActivity(parentActivityIntent);
-            getActivity().finish();
-            return true;
-
-        }
-        return super.onOptionsItemSelected(item);
-
+        } else if(item.getItemId()==R.id.send) {
+			ladapter.shareLog();
+	} else if(item.getItemId()==R.id.edit_vpn) {
+	    VpnProfile lastConnectedprofile = ProfileManager.getLastConnectedVpn();
+
+	    if(lastConnectedprofile!=null) {
+		Intent vprefintent = new Intent(getActivity(),Dashboard.class)
+		    .putExtra(VpnProfile.EXTRA_PROFILEUUID,lastConnectedprofile.getUUIDString());
+		startActivityForResult(vprefintent,START_VPN_CONFIG);
+	    } else {
+		Toast.makeText(getActivity(), R.string.log_no_last_vpn, Toast.LENGTH_LONG).show();
+	    }
+	} else if(item.getItemId() == R.id.toggle_time) {
+	    showHideOptionsPanel();
+	} else if(item.getItemId() == android.R.id.home) {
+	    // This is called when the Home (Up) button is pressed
+	    // in the Action Bar.
+	    Intent parentActivityIntent = new Intent(getActivity(), Dashboard.class);
+	    parentActivityIntent.addFlags(
+					  Intent.FLAG_ACTIVITY_CLEAR_TOP |
+					  Intent.FLAG_ACTIVITY_NEW_TASK);
+	    startActivity(parentActivityIntent);
+	    getActivity().finish();
+	    return true;
+
+	}
+	return super.onOptionsItemSelected(item);
     }
 
     private void showHideOptionsPanel() {
diff --git a/app/src/main/res/menu/logmenu.xml b/app/src/main/res/menu/logmenu.xml
index 890d1c2e..4c8daf35 100644
--- a/app/src/main/res/menu/logmenu.xml
+++ b/app/src/main/res/menu/logmenu.xml
@@ -37,7 +37,8 @@
             android:id="@+id/edit_vpn"
             android:alphabeticShortcut="e"
             android:icon="@drawable/ic_menu_edit"
-            android:showAsAction="ifRoom"
+            android:showAsAction="withText|ifRoom"
             android:title="@string/edit_vpn"
 	    android:visible="false"/>
+
 </menu>
diff --git a/app/src/main/res/values-ca/strings-icsopenvpn.xml b/app/src/main/res/values-ca/strings-icsopenvpn.xml
index 16147643..2233e71e 100755
--- a/app/src/main/res/values-ca/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-ca/strings-icsopenvpn.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!--Generated by crowdin.com-->
 <!--
-  ~ Copyright (c) 2012-2014 Arne Schwabe
+  ~ Copyright (c) 2012-2016 Arne Schwabe
   ~ Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
   -->
 <resources>
diff --git a/app/src/main/res/values-cs/strings-icsopenvpn.xml b/app/src/main/res/values-cs/strings-icsopenvpn.xml
index c2b47b77..f5e4db60 100755
--- a/app/src/main/res/values-cs/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-cs/strings-icsopenvpn.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!--Generated by crowdin.com-->
 <!--
-  ~ Copyright (c) 2012-2014 Arne Schwabe
+  ~ Copyright (c) 2012-2016 Arne Schwabe
   ~ Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
   -->
 <resources>
diff --git a/app/src/main/res/values-de/strings-icsopenvpn.xml b/app/src/main/res/values-de/strings-icsopenvpn.xml
index c1b3f10a..c78c0039 100755
--- a/app/src/main/res/values-de/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-de/strings-icsopenvpn.xml
@@ -1,43 +1,43 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!--Generated by crowdin.com-->
 <!--
-  ~ Copyright (c) 2012-2014 Arne Schwabe
+  ~ Copyright (c) 2012-2016 Arne Schwabe
   ~ Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
   -->
 <resources>
 
   <string name="address">Server:</string>
-  <string name="port">Server Port:</string>
+  <string name="port">Port:</string>
   <string name="location">Ort</string>
   <string name="cant_read_folder">Verzeichnis kann nicht gelesen werden</string>
   <string name="select">Auswählen</string>
   <string name="cancel">Abbrechen</string>
   <string name="no_data">Keine Daten</string>
-  <string name="useLZO">LZO Komprimierung</string>
+  <string name="useLZO">LZO-Komprimierung</string>
   <string name="client_no_certificate">Kein Zertifikat</string>
   <string name="client_certificate_title">Clientzertifikat</string>
   <string name="client_key_title">Clientzertifikatsschlüssel</string>
-  <string name="client_pkcs12_title">PKCS12 Datei</string>
-  <string name="ca_title">CA Zertifikat</string>
+  <string name="client_pkcs12_title">PKCS12-Datei</string>
+  <string name="ca_title">CA-Zertifikat</string>
   <string name="no_certificate">Kein Zertifikat ausgewählt</string>
-  <string name="copyright_guicode">Quellcode und Issue Tracker sind verfügbar unter http://code.google.com/p/ics-openvpn/</string>
+  <string name="copyright_guicode">Quellcode und Issue-Tracker sind verfügbar unter https://github.com/schwabe/ics-openvpn</string>
   <string name="copyright_others">Dieses Programm nutzt die folgenden Komponenten. Die kompletten Lizenzdetails sind im Quelltext verfügbar.</string>
   <string name="about">Über</string>
   <string name="vpn_list_title">Profile</string>
   <string name="vpn_type">Typ</string>
-  <string name="pkcs12pwquery">PKCS12 Passwort</string>
+  <string name="pkcs12pwquery">PKCS12-Passwort</string>
   <string name="file_select">Auswählen&#8230;</string>
   <string name="file_nothing_selected">Nichts ausgewählt</string>
-  <string name="useTLSAuth">Benutze TLS Authentifizierung</string>
-  <string name="tls_direction">TLS Richtung</string>
-  <string name="ipv6_dialog_tile">Tragen Sie die IPv6 Adresse und Netzmaske im CIDR Format ein (z.B. 2000:dd::23/64)</string>
-  <string name="ipv4_dialog_title">Tragen Sie die IPv4 Adresse und Netzmaske im CIDR Format ein (z.B. 1.2.3.4/24)</string>
-  <string name="ipv4_address">IPv4 Adresse</string>
-  <string name="ipv6_address">IPv6 Adresse</string>
-  <string name="custom_option_warning">Tragen Sie eigene OpenVPN Optionen ein. Beachten Sie, dass einige (vor allem tun spezifische) Optionen von der Android Version nicht unterstützt werden können. Wenn Sie denken, dass eine wichtige Option fehlt, kontaktieren Sie den Autor</string>
+  <string name="useTLSAuth">TLS-Authentifizierung verwenden</string>
+  <string name="tls_direction">TLS-Richtung</string>
+  <string name="ipv6_dialog_tile">Tragen Sie die IPv6-Adresse und Netzmaske im CIDR-Format ein (z.B. 2000:dd::23/64)</string>
+  <string name="ipv4_dialog_title">Tragen Sie die IPv4-Adresse und Netzmaske im CIDR-Format ein (z.B. 1.2.3.4/24)</string>
+  <string name="ipv4_address">IPv4-Adresse</string>
+  <string name="ipv6_address">IPv6-Adresse</string>
+  <string name="custom_option_warning">Tragen Sie eigene OpenVPN-Optionen ein. Beachten Sie, dass einige (vor allem tun-spezifische) Optionen von der Android-API nicht unterstützt werden. Wenn Sie denken, dass eine wichtige Option fehlt, kontaktieren Sie den Autor</string>
   <string name="auth_username">Benutzername</string>
   <string name="auth_pwquery">Passwort</string>
-  <string name="static_keys_info">Für die statische Konfiguration werden die TLS Auth Schlüssel als statische Schlüssel benutzt</string>
+  <string name="static_keys_info">Für die statische Konfiguration werden die TLS-Authentifizierungsschlüssel als statische Schlüssel benutzt</string>
   <string name="configure_the_vpn">VPN konfigurieren</string>
   <string name="menu_add_profile">Profil hinzufügen</string>
   <string name="add_profile_name_prompt">Geben Sie einen Namen für das neue Profil an</string>
@@ -47,193 +47,193 @@
   <string name="no_error_found">Kein Fehler.</string>
   <string name="config_error_found">Fehler in der Konfiguration</string>
   <string name="ipv4_format_error">Fehler beim Auflösen der IPv4-Adresse</string>
-  <string name="custom_route_format_error">Kann die manuell angegeben Routen nicht parsen</string>
-  <string name="pw_query_hint">(Leer lassen um nicht zu speichern)</string>
-  <string name="vpn_shortcut">OpenVPN Verknüpfung</string>
+  <string name="custom_route_format_error">Kann die manuell angegeben Routen nicht verarbeiten</string>
+  <string name="pw_query_hint">(Leer lassen, um nicht zu speichern)</string>
+  <string name="vpn_shortcut">OpenVPN-Verknüpfung</string>
   <string name="vpn_launch_title">VPN verbinden</string>
   <string name="shortcut_profile_notfound">Von der Verknüpfung referenziertes Profil konnte nicht gefunden werden</string>
-  <string name="random_host_prefix">Random Host Präfix</string>
-  <string name="random_host_summary">Verwürfelt den Hostnamen mit zufälligen Präfix</string>
+  <string name="random_host_prefix">Zufälliger Host-Präfix</string>
+  <string name="random_host_summary">Fügt 6 zufällige Zeichen am Anfang des Hostnamens hinzu</string>
   <string name="custom_config_title">Eigene Konfigurationsoptionen</string>
-  <string name="custom_config_summary">Geben Sie eigene Konfigurationsoptionen an. Seien Sie vorsichtig!</string>
-  <string name="route_rejected">Route von Android zurückgewiesen.</string>
+  <string name="custom_config_summary">Hier können Sie eigene Konfigurationsoptionen angeben. Seien Sie vorsichtig!</string>
+  <string name="route_rejected">Route von Android zurückgewiesen</string>
   <string name="cancel_connection">Trennen</string>
-  <string name="cancel_connection_long">VPN Verbindung trennen</string>
-  <string name="clear_log">Log löschen.</string>
-  <string name="title_cancel">Trennungsbestätigung</string>
+  <string name="cancel_connection_long">VPN-Verbindung trennen</string>
+  <string name="clear_log">Protokoll löschen</string>
+  <string name="title_cancel">Trennen bestätigen</string>
   <string name="cancel_connection_query">Möchten Sie das VPN trennen bzw. den Verbindungsversuch abbrechen?</string>
   <string name="remove_vpn">VPN löschen</string>
-  <string name="check_remote_tlscert">Überprüfe, ob der Server ein Zertifikat mit TLS-Servererweiterungen verwendet (--remote-cert-tls server)</string>
+  <string name="check_remote_tlscert">Überprüfen, ob der Server ein Zertifikat mit TLS-Servererweiterungen verwendet (--remote-cert-tls server)</string>
   <string name="check_remote_tlscert_title">TLS-Serverzertifikat erwarten</string>
-  <string name="remote_tlscn_check_summary">Server Zertifikatssubjekt DN überprüfen</string>
-  <string name="remote_tlscn_check_title">Zertifikat Namen überprüfen</string>
-  <string name="enter_tlscn_dialog">Spezifizieren Sie die Methode mit welcher der DN des Serverzertifikates (z. B. C=DE, L=Paderborn, OU=Avian IP-Carrier, CN=openvpn.blinkt.de) überprüft wird.\n\nSie können den vollständigen DN oder den RDN (openvpn.blinkt.de im Beispiel) oder ein RDN-Präfix angeben.\n\nDer RDN Präfix \"Server\" erlaubt z.B. \"Server-1\" und \"Server-2\" \n\nWenn Sie das Eingabefeld leer lassen, wird der RDN gegen den Servernamen geprüft.\n\n Für weitere Details sehen Sie die Manpage von OpenVPN 2.3.1+  unter  —verify-x509-name</string>
-  <string name="enter_tlscn_title">Serverzertifikat Subject</string>
-  <string name="tls_key_auth">Benutzte TLS Schlüssel Authentifizierung</string>
-  <string name="tls_auth_file">TLS Auth Datei</string>
-  <string name="pull_on_summary">Fordert IP Adressen, Routen und andere Optionen vom Server an.</string>
-  <string name="pull_off_summary">Keine Informationen werden vom Server bezogen. Geben Sie manuell die Optionen an.</string>
-  <string name="use_pull">Pull Settings</string>
+  <string name="remote_tlscn_check_summary">Subjekt-DN des Serverzertifikats überprüfen</string>
+  <string name="remote_tlscn_check_title">Hostnamen überprüfen</string>
+  <string name="enter_tlscn_dialog">Geben Sie hier die Methode an, mit welcher der DN des Serverzertifikates (z. B. C=DE, L=Paderborn, OU=Avian IP-Carrier, CN=openvpn.blinkt.de) überprüft wird.\n\nSie können den vollständigen DN, den RDN (openvpn.blinkt.de im Beispiel) oder ein RDN-Präfix angeben.\n\nDer RDN-Präfix \"Server\" erlaubt z.B. \"Server-1\" und \"Server-2\".\n\nWenn Sie das Eingabefeld leer lassen, wird der RDN gegen den Servernamen geprüft.\n\n Weitere Details finden Sie in der Manpage von OpenVPN 2.3.1+ unter —verify-x509-name</string>
+  <string name="enter_tlscn_title">Subject des Serverzertifikats</string>
+  <string name="tls_key_auth">TLS-Schlüssel-Authentifizierung verwenden</string>
+  <string name="tls_auth_file">Schlüssel-Datei</string>
+  <string name="pull_on_summary">IP-Adressen, Routen und andere Optionen vom Server anfordern.</string>
+  <string name="pull_off_summary">Keine Informationen werden vom Server bezogen. Alle Einstellungen müssen unten manuell getätigt werden.</string>
+  <string name="use_pull">Informationen abrufen</string>
   <string name="dns">DNS</string>
-  <string name="override_dns">Eigene DNS Server.</string>
-  <string name="dns_override_summary">Eigene DNS Server benutzen.</string>
-  <string name="searchdomain">DNS Such Domäne</string>
-  <string name="dns1_summary">Primärer DNS Server</string>
-  <string name="dns_server">DNS Server</string>
-  <string name="secondary_dns_message">Sekundärer DNS Server. Wird genutzt falls der normale DNS Server nicht erreicht werden kann</string>
-  <string name="backup_dns">Backup DNS Server</string>
-  <string name="ignored_pushed_routes">Ignoriere gepushte Routen</string>
-  <string name="ignore_routes_summary">Ignoriere die Routen, die der Server dem Client sendet.</string>
-  <string name="default_route_summary">Leitet allen Internet Verkehr über das VPN</string>
-  <string name="use_default_title">Benutze Default Route</string>
-  <string name="custom_route_message">Benutze eigene Routen. Geben Sie Zielnetzwerk im CIDR Format an. Z.b. \"10.0.0.0/8 2002::/16\" würde die Netzwerke 10.0.0.0/8 und 2002::/16 über das VPN routen.</string>
+  <string name="override_dns">Eigene DNS-Server</string>
+  <string name="dns_override_summary">Eigene DNS-Server an Stelle der vom Server gesendeten verwenden</string>
+  <string name="searchdomain">Such-Domäne</string>
+  <string name="dns1_summary">Primärer DNS-Server</string>
+  <string name="dns_server">DNS-Server</string>
+  <string name="secondary_dns_message">Sekundärer DNS-Server, der genutzt wird, falls der normale DNS Server nicht erreicht werden kann.</string>
+  <string name="backup_dns">Backup-DNS-Server</string>
+  <string name="ignored_pushed_routes">Gepushte Routen ignorieren</string>
+  <string name="ignore_routes_summary">Vom Server gesendete Routen ignorieren</string>
+  <string name="default_route_summary">Sämtlichen Internetverkehr über das VPN leiten</string>
+  <string name="use_default_title">Default-Route verwenden</string>
+  <string name="custom_route_message">Geben Sie hier eigene Routen an. Geben Sie dabei nur das Zielnetz im CIDR-Format an; zum Beispiel würde \"10.0.0.0/8 2002::/16\" die Netze 10.0.0.0/8 und 2002::/16 über das VPN routen.</string>
   <string name="custom_route_message_excluded">Routen, die NICHT über das VPN geleitet werden sollen. Verwendet die gleiche Syntax wie bei den eigenen Routen.</string>
   <string name="custom_routes_title">Eigene Routen</string>
   <string name="custom_routes_title_excluded">Ausgeschlossene Netze</string>
-  <string name="log_verbosity_level">Log Detail Level</string>
-  <string name="float_summary">Erlaube authentifizierte Pakete von jeder IP</string>
-  <string name="float_title">Erlaube floating Server</string>
+  <string name="log_verbosity_level">Protokollumfang</string>
+  <string name="float_summary">Authentifizierte Pakete von jeder IP zulassen</string>
+  <string name="float_title">Floating Server zulassen</string>
   <string name="custom_options_title">Eigene Optionen</string>
-  <string name="edit_vpn">Ändere VPN Einstellungen</string>
-  <string name="remove_vpn_query">VPN Profile \'%s\' löschen?</string>
-  <string name="tun_error_helpful">Auf manchen ROM Version sind eventuell die Zugriffsrechte von /dev/tun falsch oder das tun Kernel Modul fehlt. Für Cyanogenmod 9 ROMs mit root gibt einen provisorischen Fix in den generellen Einstellungen.</string>
-  <string name="tun_open_error">Das Öffnen des tun Interfaces ist katastrophal gescheitert</string>
+  <string name="edit_vpn">VPN-Einstellungen ändern</string>
+  <string name="remove_vpn_query">VPN-Profil \'%s\' löschen?</string>
+  <string name="tun_error_helpful">Auf manchen Custom-ROM-Version sind eventuell die Zugriffsrechte von /dev/tun falsch oder das tun-Kernelmodul fehlt. Für Cyanogenmod 9-ROMs mit Root finden Sie einen provisorischen Fix in den allgemeinen Einstellungen.</string>
+  <string name="tun_open_error">Die tun-Schnittstelle konnte nicht geöffnet werden</string>
   <string name="error">"Fehler: "</string>
-  <string name="clear">Clear</string>
-  <string name="last_openvpn_tun_config">Öffne tun Netzwerkinterface:</string>
+  <string name="clear">Entfernen</string>
+  <string name="last_openvpn_tun_config">Tun-Netzwerkinterface wird geöffnet:</string>
   <string name="local_ip_info">Lokale IPv4: %1$s/%2$d IPv6: %3$s MTU: %4$d</string>
   <string name="dns_server_info">DNS-Server: %1$s, Domäne: %2$s</string>
   <string name="routes_info_incl">Routen: %1$s %2$s</string>
-  <string name="routes_info_excl">ausgeschlossene Routen: %1$s %2$s</string>
-  <string name="routes_debug">Installierte Routen (VpnService): %1$s %2$s</string>
-  <string name="ip_not_cidr">Interface Information %1$s und %2$s, nehme an, die zweite Adresse ist die Peer Adresse. Benutze /32 Netzmaske für die lokale IP Adresse. Interface Modus spezifiziert von OpenVPN ist \"%3$s\".</string>
-  <string name="route_not_cidr">Die Route %1$s mit der Netzmaske %2$s ist keine Route mit einer CIDR Netzmaske, benutze /32 als Netzmaske.</string>
+  <string name="routes_info_excl">Ausgeschlossene Routen: %1$s %2$s</string>
+  <string name="routes_debug">Installierte VpnService-Routen: %1$s %2$s</string>
+  <string name="ip_not_cidr">Interface Information %1$s und %2$s: verwende die zweite Adresse als Peer-Adresse. Benutze /32-Netzmaske für die lokale IP-Adresse. Von OpenVPN gesetzter Interface-Modus ist \"%3$s\".</string>
+  <string name="route_not_cidr">Die Route %1$s mit der Netzmaske %2$s ist keine Route mit einer CIDR-Netzmaske; verwende /32 als Netzmaske.</string>
   <string name="route_not_netip">Route %1$s/%2$s korrigiert zu %3$s/%2$s</string>
-  <string name="keychain_access">Kann nicht auf die Android Keychain Zertifikate zugreifen (dies kann durch ein System Update oder durch Zurücksichern der Anwendung aus einem Backup hervorgerufen werden). Bitte editieren Sie das VPN und wählen Sie erneut das Zertifikat in dem  Grundeinstellungen aus, um die Zugriffsberechtigung für das Zertifikat wieder herzustellen.</string>
+  <string name="keychain_access">Kann nicht auf die Zertifikate im Android-Zertifikatsspeicher zugreifen. Dies kann durch ein Systemupdate oder durch Zurückspielen der App oder ihrer Einstellungen aus einem Backup hervorgerufen werden. Bitte bearbeiten Sie das VPN und wählen Sie das Zertifikat erneut in den Grundeinstellungen aus, um die Zugriffsberechtigung für das Zertifikat wieder herzustellen.</string>
   <string name="version_info">%1$s %2$s</string>
-  <string name="send_logfile">Sende Logdatei</string>
-  <string name="send">Sende</string>
-  <string name="ics_openvpn_log_file">ICS OpenVPN log Datei</string>
-  <string name="copied_entry">Log Eintrag in die Zwischenablage kopiert</string>
-  <string name="tap_mode">Tap Mode</string>
-  <string name="faq_tap_mode">Die VPN API von Android, die ohne rooten des Telefons funktioniert, unterstützt nur den tun Modus. Das Unterstützen des Tap Modus ist daher nicht möglich.</string>
-  <string name="tap_faq2">Die gleiche Frage nochmal? Meinen Sie das ernst? Ohne root kann tap wirklich nicht unterstützt werden. Emails an mich, mit der Frage, wann tap unterstützt wird, helfen hier kein Stück.</string>
-  <string name="tap_faq3">Ein drittes Mal? Nun gut, theoretisch kann tap mit einem tun Gerät emuliert werden. Dieser tap Emulator müsste die Layer 2 Informationen beim Senden hinzufügen und beim Empfangen wieder entfernen. Zusätzlich muss noch ARP und sinnvollerweise auch ein DHCP Client implementiert werden. Mir ist niemand bekannt, der etwas in dieser Richtung unternimmt. Kontaktieren Sie mich, falls Sie so etwas implementieren möchten.</string>
+  <string name="send_logfile">Protokoll senden</string>
+  <string name="send">Senden</string>
+  <string name="ics_openvpn_log_file">ICS-OpenVPN-Protokolldatei</string>
+  <string name="copied_entry">Protokolleintrag in die Zwischenablage kopiert</string>
+  <string name="tap_mode">Tap-Modus</string>
+  <string name="faq_tap_mode">Da der Tap-Modus von der Android-VPN-API nicht unterstützt wird, kann in dieser App nur der Tun-Modus verwendet werden.</string>
+  <string name="tap_faq2">Die gleiche Frage nochmal? Meinen Sie das ernst? Ohne Root kann tap wirklich nicht unterstützt werden. Es hilft dabei auch nicht, mir Emails mit der Frage, wann tap unterstützt wird, zu senden.</string>
+  <string name="tap_faq3">Ein drittes Mal? Nun gut, theoretisch kann tap mit einem tun-Gerät emuliert werden. Dieser tap-Emulator müsste die Layer 2-Informationen beim Senden hinzufügen und beim Empfangen wieder entfernen. Zusätzlich muss noch ARP und sinnvollerweise auch ein DHCP-Client implementiert werden. Mir ist niemand bekannt, der etwas in dieser Richtung unternimmt. Kontaktieren Sie mich, falls Sie so etwas implementieren möchten.</string>
   <string name="faq">FAQ</string>
-  <string name="copying_log_entries">Kopieren von Log Einträgen</string>
-  <string name="faq_copying">Um einen einzelnen Log Eintrag zu kopieren berühren Sie den Log Eintrag und halten Sie gedrückt. Um das ganze Log zu Kopieren/Versenden benutzen Sie die \"Sende Log\" Option. Falls Sie Option nicht im in der GUI sehen, drücken Sie die Menü Taste am Gerät.</string>
+  <string name="copying_log_entries">Kopieren von Protokolleinträgen</string>
+  <string name="faq_copying">Um einen einzelnen Protokolleintrag zu kopieren, berühren Sie den Eintrag und halten Sie ihn gedrückt. Verwenden Sie die Option \"Protokoll versenden\", um das ganze Protokoll zu kopieren oder versenden. Falls Sie Option nicht in der Titelzeile sehen, drücken Sie die Menütaste des Gerätes.</string>
   <string name="faq_shortcut">Verknüpfung zu einem VPN</string>
-  <string name="faq_howto_shortcut">Sie können ein Shortcut zum Starten des VPN auf Ihren Startbildschirm ablegen. Abhängig von der verwendeten Benutzeroberfläche müssen Sie ein Widget, einen Shortcut oder eine Verknüpfung hinzufügen.</string>
-  <string name="no_vpn_support_image">Dieses Android ROM enthält keine VPNService API. Sorry :(</string>
+  <string name="faq_howto_shortcut">Sie können eine Verknüpfung zum Starten des VPN auf Ihren Startbildschirm ablegen. Abhängig von der verwendeten Benutzeroberfläche müssen Sie entweder ein Widget oder eine Verknüpfung hinzufügen.</string>
+  <string name="no_vpn_support_image">Ihre Gerätefirmwäre unterstützt die VPNService-API nicht. Tut uns leid :(</string>
   <string name="encryption">Verschlüsselung</string>
-  <string name="cipher_dialog_title">Geben Sie die Verschlüsslungsmethode an</string>
+  <string name="cipher_dialog_title">Geben Sie die Verschlüsselungsmethode an</string>
   <string name="chipher_dialog_message">Geben sie den Verschlüsslungsalgorithmus an, der von OpenVPN genutzt werden soll. Lassen sie das Feld frei, um den Standardalgorithmus zu verwenden.</string>
-  <string name="auth_dialog_message">Geben Sie den Hashalgorithmus der zur Nachrichtenauthentifizierung benutzt wird an. Leer lassen um den Standard Algorithmus zu nutzen.</string>
+  <string name="auth_dialog_message">Geben Sie den Hashalgorithmus, der zur Nachrichtenauthentifizierung benutzt wird, an. Lassen Sie das Feld frei, um den Standard-Algorithmus zu nutzen.</string>
   <string name="settings_auth">Authentifizierung/Verschlüsselung</string>
   <string name="file_explorer_tab">Datei auswählen…</string>
   <string name="inline_file_tab">Eingebettete Datei</string>
-  <string name="error_importing_file">Fehler beim importieren der Datei</string>
+  <string name="error_importing_file">Fehler beim Import der Datei</string>
   <string name="import_error_message">Konnte Datei nicht vom Dateisystem importieren</string>
   <string name="inline_file_data">[[Eingebettete Datei]]</string>
-  <string name="opentun_no_ipaddr">Verweigere tun Gerät zu öffnen ohne IP Information</string>
-  <string name="menu_import">Importiere Profil von .ovpn Datei</string>
+  <string name="opentun_no_ipaddr">Verweigere, das tun-Gerät ohne IP-Informationen zu öffnen</string>
+  <string name="menu_import">Profil aus .ovpn-Datei importieren</string>
   <string name="menu_import_short">Import</string>
   <string name="import_content_resolve_error">Konnte zu importierendes Profil nicht lesen</string>
   <string name="error_reading_config_file">Fehler beim Lesen der Konfigurationsdatei</string>
   <string name="add_profile">Profil hinzufügen</string>
-  <string name="import_could_not_open">Konnte die Datei %1$s, die in  der importierten Konfiguration angeben war, nicht finden</string>
+  <string name="import_could_not_open">Konnte die Datei %1$s, die in der importierten Konfiguration angegeben war, nicht finden</string>
   <string name="importing_config">Importiere Konfigurationsdatei aus %1$s</string>
-  <string name="import_warning_custom_options">Ihre Konfiguration hatte ein paar Konfigurationsoptionen, die nicht direkt mit der GUI konfigurierbar sind. Diese Optionen wurden als benutzerdefinierte Konfigurationsoptionen hinzugefügt. Dies sind:</string>
-  <string name="import_done">Konfigurationsdatei lesen abgeschlossen.</string>
-  <string name="nobind_summary">Binde nicht an lokalen Port und IP Adresse</string>
+  <string name="import_warning_custom_options">In Ihren Konfiguration waren Konfigurationsoptionen enthalten, die nicht direkt mit der GUI konfigurierbar sind. Diese Optionen wurden als benutzerdefinierte Konfigurationsoptionen hinzugefügt. Dies sind:</string>
+  <string name="import_done">Lesen der Konfigurationsdatei abgeschlossen.</string>
+  <string name="nobind_summary">Nicht an lokalen Port und IP-Adresse binden</string>
   <string name="no_bind">Kein lokales Binden</string>
-  <string name="import_configuration_file">Importiere Konfigurationsdatei</string>
+  <string name="import_configuration_file">Zu importierende Konfigurationsdatei</string>
   <string name="faq_security_title">Bemerkungen zur Sicherheit</string>
-  <string name="faq_security">Da OpenVPN sicherheitsrelevant ist, sind einige Worte zur Sicherheit der Anwendung angebracht. Alle Daten, die sich auf der SD Karte befinden sind als absolut unsicher anzusehen. Jede Anwendung kann diese lesen. (Diese Anwendung braucht zum Beispiel keine SD Karten Berechtigung). Die restlichen Konfiguration dieser Anwendung kann nur von der Anwendung selbst gelesen werden. Wenn die Option genutzt wird, dass die Zertifikate und Schlüssel eingebettet werden, werden diese im VPN Profil gespeichert. Die VPN Profile sind nur von der Anwendung selbst lesbar. (Vergessen Sie nicht die ursprünglichen Zertifikate/Schlüssel von der SD Karte zu löschen). Die Daten die Anwendung selbst speichert sind unverschlüsselt. Es besteht die Möglichkeit diese mittels \"rooten\" des Telefons/Tablets oder anderen Schwachstellen diese Daten auszulesen. Gespeicherte Passwörter werden auch im Klartext gespeichert. Es wird dringend empfohlen die Zertifikate in dem Android Keystore zu speichern.\"</string>
+  <string name="faq_security">Da OpenVPN sicherheitsrelevant ist, sind einige Worte zur Sicherheit der Anwendung angebracht. Alle Daten, die sich auf der SD-Karte befinden, sind als absolut unsicher anzusehen. Jede Anwendung kann diese lesen. (Auch diese Anwendung braucht zum Beispiel keine Berechtigung für SD-Karten-Zugriff). Die restliche Konfiguration dieser Anwendung kann nur von der Anwendung selbst gelesen werden. Wenn die Option genutzt wird, dass die Zertifikate und Schlüssel eingebettet werden, werden diese im VPN-Profil gespeichert. Die VPN-Profile sind nur von der Anwendung selbst lesbar. (Vergessen Sie nicht die ursprünglichen Zertifikate/Schlüssel von der SD-Karte zu löschen). Die Daten, die die Anwendung selbst speichert sind unverschlüsselt. Es besteht die Möglichkeit, diese Daten mittels \"rooten\" des Telefons/Tablets oder anderen Schwachstellen auszulesen. Auch gespeicherte Passwörter werden im Klartext gespeichert. Es wird daher dringend empfohlen, die Zertifikate im Android-Zertifikatsspeicher zu speichern.</string>
   <string name="import_vpn">Importieren</string>
   <string name="broken_image_cert_title">Fehler beim Anzeigen des Zertifikatsauswahlbildschirmes</string>
-  <string name="broken_image_cert">Android hat einen Fehler beim  Anzeigen des Zertifikat Dialog gemeldet. Dies sollte nie passieren, da dies ein Standard Feature von Android 4.0+ ist. Eventuell ist Unterstützung von Zertifikaten in Ihrer Firmware fehlerhaft</string>
+  <string name="broken_image_cert">Konnte den Zertifikatsdialog nicht öffnen. Dies sollte nie passieren, da dies eine Standardfunktion von Android 4.0+ ist. Eventuell ist die Unterstützung von Zertifikaten in der Firmware Ihres Gerätes fehlerhaft</string>
   <string name="ipv4">IPv4</string>
   <string name="ipv6">IPv6</string>
-  <string name="speed_waiting">Warte auf OpenVPN Status Nachricht&#8230;</string>
+  <string name="speed_waiting">Warte auf OpenVPN-Status-Nachricht&#8230;</string>
   <string name="converted_profile">Importiertes Profil</string>
   <string name="converted_profile_i">Importiertes Profil %d</string>
-  <string name="broken_images">Fehlerhafte Images</string>
-  <string name="broken_images_faq">&lt;p&gt;Von offiziellen HTC Firmwares ist bekannt, dass diese teilweise merkwürdige Routing Probleme haben, die dafür sorgen, dass der Verkehr nicht durch den Tunnel fließt. (Siehe auch &lt;a href=\"http://code.google.com/p/ics-openvpn/issues/detail?id=18\"&gt;Issue 18&lt;/a&gt; im Bug Tracker.)&lt;/p&gt;&lt;p&gt;Bei älteren Version der offiziellen SONY Firmwares für das Xperia arc S and Xperia Ray scheint der VPNService Support  komplett zu fehlen. (Siehe auch &lt;a href=\"http://code.google.com/p/ics-openvpn/issues/detail?id=29\"&gt;Issue 29&lt;/a&gt; im Bug Tracker.)&lt;/p&gt;&lt;p&gt;Auf anderen (insbesondere Custom ROMS) fehlt teilweise das tun Kernel Modul oder die Rechte von /dev/tun sind falsch gesetzt. Auf einigen CM9 Firmware wird die \"/dev/tun Eigentümer setzen\" Option in den Allgemeinen Einstellungen benötigt.&lt;/p&gt;&lt;p&gt;Am wichtigsten ist aber, falls Sie eine fehlerhafte Firmware haben, melden Sie dies Ihrem Hersteller. Je mehr Leute den Fehler dem Hersteller melden, desto wahrscheinlicher werden Sie eine Fehlerkorrektur bekommen.&lt;/p&gt;</string>
-  <string name="pkcs12_file_encryption_key">PKCS12 Veschlüsslungspassword</string>
-  <string name="private_key_password">Passphrase privater Schlüssel</string>
+  <string name="broken_images">Fehlerhafte Firmwares</string>
+  <string name="broken_images_faq">&lt;p&gt;Von offiziellen HTC-Firmwares ist bekannt, dass diese teilweise merkwürdige Routingprobleme haben, die dafür sorgen, dass der Verkehr nicht durch den Tunnel fließt. (Siehe auch &lt;a href=\"http://code.google.com/p/ics-openvpn/issues/detail?id=18\"&gt;Issue 18&lt;/a&gt; im Bugtracker.)&lt;/p&gt;&lt;p&gt;Bei älteren Version der offiziellen Sony-Firmwares für das Xperia arc S and Xperia Ray scheint der VPNService-Support komplett zu fehlen. (Siehe auch &lt;a href=\"http://code.google.com/p/ics-openvpn/issues/detail?id=29\"&gt;Issue 29&lt;/a&gt; im Bugtracker.)&lt;/p&gt;&lt;p&gt;Auf anderen (insbesondere Custom ROMs) fehlt teilweise das tun-Kernelmodul oder die Rechte von /dev/tun sind falsch gesetzt. Auf einigen CM9-Firmwares wird die Option \"Eigentümer von /dev/tun setzen\" in den Allgemeinen Einstellungen benötigt.&lt;/p&gt;&lt;p&gt;Am wichtigsten ist aber: falls Sie eine fehlerhafte Firmware haben, melden Sie dies Ihrem Hersteller. Je mehr Nutzer dem Hersteller den Fehler melden, desto wahrscheinlicher werden Sie eine Fehlerkorrektur bekommen.&lt;/p&gt;</string>
+  <string name="pkcs12_file_encryption_key">PKCS12-Verschlüsselungs-Passwort</string>
+  <string name="private_key_password">Passphrase des privaten Schlüssels</string>
   <string name="password">Passwort</string>
-  <string name="file_icon">Datei Symbol</string>
-  <string name="tls_authentication">TLS Authentifizierung</string>
+  <string name="file_icon">Dateisymbol</string>
+  <string name="tls_authentication">TLS-Authentifizierung</string>
   <string name="generated_config">Generierte Konfiguration</string>
   <string name="generalsettings">Einstellungen</string>
-  <string name="owner_fix_summary">Versucht den Eigentümer von /dev/tun auf system zu ändern. Einige Cyanogenmod 9 ROM Versionen benötigen diese Option, damit die VPN API funktioniert. Benötigt root.</string>
-  <string name="owner_fix">/dev/tun Eigentümer setzen.</string>
-  <string name="generated_config_summary">Zeigt die generierte Konfigurationsdatei</string>
-  <string name="edit_profile_title">Editiere \"%s\"</string>
-  <string name="building_configration">Generiere OpenVPN Konfiguration&#8230;</string>
-  <string name="netchange_summary">Aktivieren dieser Option zwingt OpenVPN dazu, beim Wechsel des Netzwerkes (WLAN zu Mobilfunk und umgekehrt), neu zu verbinden</string>
+  <string name="owner_fix_summary">Versucht, den Eigentümer von /dev/tun auf system zu ändern. Einige Cyanogenmod 9-ROM-Versionen benötigen diese Option, damit die VPN-API funktioniert. Benötigt root.</string>
+  <string name="owner_fix">Eigentümer von /dev/tun setzen</string>
+  <string name="generated_config_summary">Generierte Konfigurationsdatei anzeigen</string>
+  <string name="edit_profile_title">Bearbeiten von \"%s\"</string>
+  <string name="building_configration">Generiere OpenVPN-Konfiguration&#8230;</string>
+  <string name="netchange_summary">VPN bei jedem Wechsel des verwendeten Netzwerktyps (WLAN zu Mobilfunk und umgekehrt) neu verbinden</string>
   <string name="netchange">Netzwerkänderungen beachten</string>
   <string name="netstatus">Netzwerkstatus: %s</string>
-  <string name="extracahint">Das CA Zertifikat wird meist aus dem Zertifikatsspeicher automatisch ausgewählt. Sollte dies nicht funktionieren und Sie Verifizierungsprobleme erhalten(self signed certificate), wählen Sie manuell ein Zertifikat aus.</string>
+  <string name="extracahint">Das CA-Zertifikat wird meist automatisch aus dem Zertifikatsspeicher ausgewählt. Sollte dies nicht funktionieren und Sie Verifizierungsprobleme haben (self signed certificate), wählen Sie manuell ein Zertifikat aus.</string>
   <string name="select_file">Auswählen</string>
-  <string name="keychain_nocacert">Beim Abfragen des Android KeyStore wurde kein CA Zertifikat zurückgegeben. Überprüfen des Serverzertifikat wird wahrscheinlich fehlschlagen. Geben Sie manuell ein CA Zertifikat an.</string>
-  <string name="show_log_summary">Zeigt das Status Log, wenn ein VPN verbunden wird. Das Status log kann immer über die Benachrichtigung aufgerufen werden.</string>
-  <string name="show_log_window">Zeige Log</string>
+  <string name="keychain_nocacert">Beim Abfragen des Android-Zertifikatsspeichers wurde kein CA-Zertifikat zurückgegeben. Die Überprüfung des Serverzertifikats wird wahrscheinlich fehlschlagen. Geben Sie manuell ein CA-Zertifikat an.</string>
+  <string name="show_log_summary">Verbindungsprotokoll beim Start einer VPN-Verbindung anzeigen. Das Protokoll kann unabhängig von dieser Einstellung immer über die Benachrichtigung aufgerufen werden.</string>
+  <string name="show_log_window">Protokoll anzeigen</string>
   <string name="mobile_info">%10$s %9$s läuft auf %3$s %1$s (%2$s), Android %6$s (%7$s) API %4$d, ABI %5$s, (%8$s)</string>
-  <string name="error_rsa_sign">Fehler beim Zugriff auf den Android Keystore %1$s: %2$s</string>
-  <string name="faq_system_dialogs">Die Meldung, dass OpenVPN versucht eine VPN-Verbindung aufzubauen und dabei den gesamten Netzwerkverkehr abhören kann, wird vom Android System selbst erzeugt. Diese wird vom System erzwungen, damit keine Anwendung vom Benutzer unbemerkt eine VPN Verbindung aufbauen kann\Die VPN Benachrichtigung (Das Schlüssel Symbol) wird genauso vom Android System angezeigt um eine bestehende VPN anzuzeigen.\nDiese beiden Features wurden in Android für die Sicherheit des Nutzers implementiert und können nicht umgangen werden. (Auf machen Telefon/Tablets wird die Benachrichtigung leider mit einem Ton signalisiert.)</string>
+  <string name="error_rsa_sign">Fehler beim Zugriff auf den Schlüssel %1$s im Android-Zertifikatsspeicher: %2$s</string>
+  <string name="faq_system_dialogs">Die Meldung, dass OpenVPN versucht, eine VPN-Verbindung aufzubauen und dabei den gesamten Netzwerkverkehr abhören kann, wird vom Android-System erzwungen, damit keine Anwendung vom Benutzer unbemerkt eine VPN-Verbindung aufbauen kann.\Die VPN-Benachrichtigung (das Schlüsselsymbol) wird ebenso vom Android-System angezeigt, um eine bestehende VPN-Verbindung zu signalisieren.\nDiese beiden Features wurden in Android für die Sicherheit des Nutzers implementiert und können nicht umgangen werden. (Auf machen Telefon/Tablets wird die Benachrichtigung leider mit einem Ton signalisiert.)</string>
   <string name="faq_system_dialogs_title">Warnung beim Verbinden und Benachrichtigungston</string>
-  <string name="translationby">Deutsche Übersetzung von Arne Schwabe &lt;arne@rfc2549.org&gt;</string>
+  <string name="translationby">Deutsche Übersetzung von Arne Schwabe &lt;arne@rfc2549.org&gt; und Danny Baumann &lt;dannybaumann@web.de&gt;</string>
   <string name="ipdns">IP und DNS</string>
   <string name="basic">Grundeinstellungen</string>
   <string name="routing">Routing</string>
   <string name="obscure">Obskure OpenVPN Einstellungen, die normalerweise nicht benötigt werden.</string>
   <string name="advanced">Erweitert</string>
-  <string name="export_config_title">ICS OpenVPN Konfiguration</string>
-  <string name="warn_no_dns">Es werden keine DNS Server für die VPN Verbindung genutzt. Die Namensauflösung wird möglicherweise nicht funktionieren. Ziehen Sie in Erwähung selbst DNS Server in den Optionen zu setzen. Beachten Sie weiterhin, dass Android die Proxyeinstellungen für Handy/WLAN weiterhin benutzt, falls keine DNS Server für das VPN festgelegt sind.</string>
-  <string name="dns_add_error">Konnte den DNS Server \"%1$s\" nicht hinzufügen, da das System ihn zurückweist mit %2$s</string>
-  <string name="ip_add_error">Konnte die IP Adresse \"%1$s\" nicht setzen, abgelehnt vom System: %2$s</string>
-  <string name="faq_howto">&lt;p&gt;Benutzen Sie eine funktionierende Konfiguration (getestet auf einem Computer, oder von Ihrer Organisation/Ihrem Provider bereitgestellt)&lt;/p&gt;&lt;p&gt;Falls Sie nur eine einzelne Datei benötigen, können Sie sich diese als Email-Anhang zuschicken. Falls Ihre OpenVPN Konfiguration aus mehreren Dateien besteht, müssen Sie alle Dateien auf die SD Karte kopieren.&lt;/p&gt;&lt;p&gt;Klicken Sie auf den Email Anhang im Android Mail Programm bzw. benutzen Sie das Ordner Symbol in der VPN Liste und wählen Sie die .ovpn bzw. .conf Konfigurationsdatei aus.&lt;/p&gt;&lt;p&gt;Falls der Import fehlende Dateien anmerkt, kopieren Sie diese auf die SD Karte und starten den Import erneut.&lt;/p&gt;&lt;p&gt;Benutzen Sie anschließend das Speichern Symbol um das VPN zur VPN Liste hinzuzufügen&lt;/p&gt;&lt;p&gt;Tippen Sie den Namen des VPNs an, um das VPN zu starten&lt;/p&gt;&lt;p&gt;Achten Sie auf Fehler und Warnungen im Verbindungslog.&lt;/p&gt; </string>
+  <string name="export_config_title">ICS-OpenVPN-Konfiguration</string>
+  <string name="warn_no_dns">Es werden keine DNS-Server für die VPN-Verbindung genutzt. Die Namensauflösung wird möglicherweise nicht funktionieren. Ziehen Sie in Erwägung, selbst DNS-Server in den Einstellungen zu setzen. Beachten Sie weiterhin, dass Android die Proxyeinstellungen für Handy/WLAN weiterhin benutzt, falls keine DNS-Server für das VPN festgelegt sind.</string>
+  <string name="dns_add_error">Konnte den DNS-Server \"%1$s\" nicht hinzufügen, da das System ihn zurückweist: %2$s</string>
+  <string name="ip_add_error">Das Setzen der IP-Adresse \"%1$s\" wurde vom System abgewiesen %2$s</string>
+  <string name="faq_howto">&lt;p&gt;Verwenden Sie eine funktionierende Konfiguration (auf einem Computer getestet, oder von Ihrer Organisation/Ihrem Provider bereitgestellt).&lt;/p&gt;&lt;p&gt;Falls Sie nur eine einzelne Datei benötigen, können Sie sich diese als Email-Anhang zuschicken. Falls Ihre OpenVPN-Konfiguration aus mehreren Dateien besteht, müssen Sie alle Dateien auf die SD-Karte kopieren.&lt;/p&gt;&lt;p&gt;Klicken Sie auf den Email-Anhang im Android-Mail-Programm bzw. verwenden Sie das Ordnersymbol in der VPN-Liste und wählen Sie die .ovpn- bzw. .conf-Konfigurationsdatei aus.&lt;/p&gt;&lt;p&gt;Falls der Import fehlende Dateien anmerkt, kopieren Sie diese auf die SD-Karte und starten den Import erneut.&lt;/p&gt;&lt;p&gt;Verwenden Sie anschließend das \"Speichern\"-Symbol, um das VPN zur VPN-Liste hinzuzufügen.&lt;/p&gt;&lt;p&gt;Tippen Sie den Namen des VPNs an, um das VPN zu starten&lt;/p&gt;&lt;p&gt;Achten Sie auf Fehler und Warnungen im Verbindungsprotokoll.&lt;/p&gt; </string>
   <string name="faq_howto_title">Schnellstart</string>
-  <string name="setting_loadtun_summary">Versuche das tun.ko Kernel Modul zu laden. Benötigt root.</string>
-  <string name="setting_loadtun">Lade tun Modul</string>
-  <string name="importpkcs12fromconfig">Importiere die PKCS12 Datei, die in der Konfiguration angegeben ist, in den Android Keystore</string>
-  <string name="getproxy_error">Fehler beim Ermitteln der Proxy Einstellungen: %s</string>
-  <string name="using_proxy">Benutzt Proxy %1$s %2$d</string>
-  <string name="use_system_proxy">Benutze System Proxys</string>
-  <string name="use_system_proxy_summary">Benutze die System weiten Einstellungen für HTTP/HTTPS Proxys beim Verbinden.</string>
+  <string name="setting_loadtun_summary">Versuchen das Kernelmodul tun.ko zu laden. Benötigt Root.</string>
+  <string name="setting_loadtun">Tun-Modul laden</string>
+  <string name="importpkcs12fromconfig">In der Konfiguration angegebene PKCS12-Datei in den Android-Zertifikatsspeicher importieren</string>
+  <string name="getproxy_error">Fehler beim Ermitteln der Proxy-Einstellungen: %s</string>
+  <string name="using_proxy">Verwende Proxy %1$s %2$d</string>
+  <string name="use_system_proxy">System-Proxys verwenden</string>
+  <string name="use_system_proxy_summary">Systemweite Einstellungen für HTTP- und HTTPS-Proxys beim Verbinden verwenden.</string>
   <string name="donatewithpaypal">&lt;a href=\"https://www.paypal.com/cgi-bin/webscr?hosted_button_id=R2M6ZP9AF25LS&amp;amp;cmd=_s-xclick\"&gt;Spenden mit PayPal&lt;/a&gt; </string>
-  <string name="onbootrestartsummary">OpenVPN wird bei einem Neustart des Telefon das beim herunterfahren/neu starten aktive VPN wieder verbinden. Bitte lesen Sie die FAQ \"Warnung beim Verbinden\" FAQ bevor Sie diese Option verwenden.</string>
+  <string name="onbootrestartsummary">OpenVPN wird bei einem Neustart des Telefons das beim Herunterfahren aktive VPN wieder verbinden. Bitte lesen Sie die FAQ \"Warnung beim Verbinden\", bevor Sie diese Option verwenden.</string>
   <string name="onbootrestart">Nach Neustart verbinden</string>
   <string name="ignore">Ignorieren</string>
   <string name="restart">Neu verbinden</string>
-  <string name="restart_vpn_after_change">Konfigurationsänderungen werden erst nach einem VPN Neustart aktiv. Jetzt neu verbinden?</string>
+  <string name="restart_vpn_after_change">Konfigurationsänderungen werden erst nach einem Neustart des VPNs aktiv. Jetzt neu verbinden?</string>
   <string name="configuration_changed">Konfiguration geändert</string>
-  <string name="log_no_last_vpn">Konnte das zuletzt verbundene Profile beim Versuch des Editieren nicht ermitteln.</string>
+  <string name="log_no_last_vpn">Konnte das zuletzt verbundene Profil beim Versuch des Editierens nicht ermitteln</string>
   <string name="faq_duplicate_notification_title">Doppelte Benachrichtigungen</string>
-  <string name="faq_duplicate_notification">Android beendet automatisch Anwendungen und Dienste, die im Hintergrund laufen, wenn der Arbeitsspeicher knapp wird. Wird dabei OpenVPN beendet, bricht die VPN Verbindung ab. Um dies zu vermeiden, läuft der VPN Prozess mit einer höheren Priorität. Um eine höhere Priorität nutzen zu können, muss die Anwesenheit des Prozesses dem Benutzer im Form einer Benachrichtigung mitgeteilt werden. Daher zeigt OpenVPN für Android immer seine eigene Benachrichtigung an. Die Schlüssel Benachrichtigung, die auch im letzten Eintrag erklärt wird, zählt leider nicht als Benachrichtigung, die der Anwendung erlaubt mit höherer Priorität zu arbeiten.</string>
-  <string name="no_vpn_profiles_defined">Keine VPN Profile definiert.</string>
-  <string name="add_new_vpn_hint">Benutzen Sie &lt;img src=\"ic_menu_add\"/&gt; um ein neues VPN anzulegen</string>
-  <string name="vpn_import_hint">Benutzen Sie &lt;img src=\"ic_menu_archive\"/&gt; um ein vorhandenes (.ovpn oder .conf) Profil von Ihrer SD Karte zu importieren</string>
-  <string name="faq_hint">Lesen Sie auch die FAQ. Dort befindet sich eine Schnellstart Anleitung</string>
-  <string name="faq_routing_title">Routing/Netzwerk Konfiguration</string>
-  <string name="faq_routing">In dieser Anwendung wird die Routing und Netzwerkkonfiguration nicht mit den traditionellen ifconfig/route Kommandos konfiguriert sondern mittels der VPNService API. Diese erwartet eine Tunnel IP Adresse und die Netzwerke, die über den Tunnel geroutet werden sollen. Insbesondere wird keine Gateway oder Peer IP Adresse benötigt. Die Anwendung ignoriert diese daher auch beim Import. Dass die Verbindung zum VPN Server nicht über den Tunnel geroutet wird, wird auch über die VPNService API sichergestellt ohne dass hierfür spezielle Routen nötig sind. Da nur Netzwerke, die über den Tunnel geroutet werden sollen, angeben werden können, ist es nicht möglich andere Routen zu unterstützen. Die Anwendung versucht daher andere Routen (wie z.B. route x.x.x.x y.y.y.y net_gateway)\" die nicht über den Tunnel geroutet werden sollen zu erkken und eine Menge von Routen zu berechnen die das Verhalten auf anderen Plattformen emulieren. Das Verbindungslog zeigt die genaue Konfiguration und die errechneten Routen beim Verbinden an.</string>
+  <string name="faq_duplicate_notification">Android beendet automatisch Anwendungen und Dienste, die im Hintergrund laufen, wenn der Arbeitsspeicher knapp wird. Wird dabei OpenVPN beendet, bricht die VPN-Verbindung ab. Um dies zu vermeiden, läuft der VPN-Prozess mit einer höheren Priorität. Um eine höhere Priorität nutzen zu können, muss dem Benutzer die Anwesenheit des Prozesses in Form einer Benachrichtigung mitgeteilt werden. Daher zeigt OpenVPN für Android immer seine eigene Benachrichtigung an. Die Schlüssel-Benachrichtigung, die auch im letzten Eintrag erklärt wird, zählt leider nicht als Benachrichtigung, die der Anwendung erlaubt, mit höherer Priorität zu arbeiten.</string>
+  <string name="no_vpn_profiles_defined">Keine VPN-Profile definiert.</string>
+  <string name="add_new_vpn_hint">Durch Berühren von &lt;img src=\"ic_menu_add\"/&gt; können Sie ein neues VPN anlegen</string>
+  <string name="vpn_import_hint">Berühren Sie &lt;img src=\"ic_menu_archive\"/&gt;, um ein vorhandenes Profil von Ihrer SD-Karte zu importieren</string>
+  <string name="faq_hint">Werfen Sie auch einen Blick in die FAQ. Dort befindet sich eine Schnellstart-Anleitung.</string>
+  <string name="faq_routing_title">Routing-/Netzwerk-Konfiguration</string>
+  <string name="faq_routing">In dieser App wird die Routing- und Netzwerkkonfiguration nicht mit den traditionellen ifconfig-/route-Kommandos konfiguriert, sondern mittels der VPNService-API. Diese erwartet eine Tunnel-IP-Adresse und die Netze, die über den Tunnel geroutet werden sollen. Insbesondere wird keine Gateway- oder Peer-IP-Adresse benötigt. Die Anwendung ignoriert diese daher auch beim Import. Die VPNService-API stellt weiterhin sicher, dass die Verbindung zum VPN-Server nicht über den Tunnel geroutet wird, ohne dass hierfür spezielle Routen nötig sind. Da nur Netze, die über den Tunnel geroutet werden sollen, angeben werden können, ist es nicht möglich andere Routen zu unterstützen. Die Anwendung versucht daher andere Routen (wie z.B. route x.x.x.x y.y.y.y net_gateway), die nicht über den Tunnel geroutet werden sollen, zu erkennen, und eine Menge von Routen zu berechnen, die das Verhalten auf anderen Plattformen emulieren. Das Verbindungsprotokoll zeigt die genaue Konfiguration und die errechneten Routen beim Verbinden an.</string>
   <string name="persisttun_summary">Verhindere Zurückfallen auf nicht VPN Verbindungen während OpenVPN neu verbindet.</string>
-  <string name="persistent_tun_title">Persistentes tun Device</string>
-  <string name="openvpn_log">OpenVPN-Log</string>
-  <string name="import_config">OpenVPN Konfiguration importieren</string>
+  <string name="persistent_tun_title">Persistentes tun-Device</string>
+  <string name="openvpn_log">OpenVPN-Protokoll</string>
+  <string name="import_config">OpenVPN-Konfiguration importieren</string>
   <string name="battery_consumption_title">Energieverbrauch</string>
-  <string name="baterry_consumption">In meinen eigenen Tests ist der Hauptgrund für den hohen Stromverbrauch von OpenVPN das Senden und Empfangen der Keepalive-Pakete. Die meisten OpenVPN-Server haben eine Konfigurationsoption wie \'keepalive 10 60\', was bedeutet, dass vom Client an den Server und vom Server an den Client alle zehn Sekunden ein Paket geschickt wird. &lt;p&gt; Diese Pakete sind klein und erzeugen keine große Datenmenge. Sie sorgen allerdings dafür, dass permanent Daten übertragen werden und somit auch die Mobilfunk- bzw. WLAN Einheit aktiv ist und steigern damit den Energieverbrauch. (Siehe auch &lt;a href=\"http://developer.android.com/training/efficient-downloads/efficient-network-access.html#RadioStateMachine\"&gt;The Radio State Machine | Android Developers&lt;/a&gt;)&lt;p&gt; Diese keepalive Einstellung kann nicht auf dem Client geändert werden. Nur der Systemadministrator des VPN Servers kann die Einstellung ändern. lt;pgt; Leider hat eine keepalive Einstellung von mehr als 60 Sekunden unter udp Probleme mit einigen NAT-Gateways, die für inaktive Verbindungen nur eine sehr kurze Haltzeit haben und danach verwerfen (60s in meinen Tests).  Benutzen von TCP mit langen Keep-Alive-Timeouts funktioniert, hat aber das TCP über TCP Problem. (Siehe &lt;a href=\"http://sites.inka.de/bigred/devel/tcp-tcp.html\" &gt; Why TCP Over TCP Is A Bad Idea &lt;/a&gt;)</string>
-  <string name="faq_tethering">Die Funktion \"Anbindung &amp; mobiler WLAN-Hotspot\" und die VPNService-API, die von diesem Programm verwendet wird, funktionieren nicht zusammen. Für weitere Details siehe &lt;a href=\"http://code.google.com/p/ics-openvpn/issues/detail?id=34\"&gt; Issue #34 &lt;/a&gt;</string>
+  <string name="baterry_consumption">Nach meinen eigenen Tests ist der Hauptgrund für den hohen Stromverbrauch von OpenVPN das Senden und Empfangen der Keep-Alive-Pakete. Die meisten OpenVPN-Server haben eine Konfigurationsoption wie \'keepalive 10 60\', was bedeutet, dass vom Client an den Server und vom Server an den Client alle zehn Sekunden ein Paket geschickt wird. &lt;p&gt; Diese Pakete sind klein und erzeugen keine große Datenmenge. Sie sorgen allerdings dafür, dass permanent Daten übertragen werden und somit auch die Mobilfunk- bzw. WLAN-Einheit aktiv ist und steigern damit den Energieverbrauch. (Siehe auch &lt;a href=\"http://developer.android.com/training/efficient-downloads/efficient-network-access.html#RadioStateMachine\"&gt;The Radio State Machine | Android Developers&lt;/a&gt;)&lt;p&gt; Diese Keep-Alive-Einstellung kann nicht auf dem Client geändert werden. Nur der Systemadministrator des VPN-Servers kann die Einstellung ändern. &lt;p&gt; Leider hat eine Keep-Alive-Einstellung von mehr als 60 Sekunden unter UDP Probleme mit einigen NAT-Gateways, die für inaktive Verbindungen nur eine sehr kurze Haltezeit haben und danach verwerfen (60s in meinen Tests). Benutzen von TCP mit langen Keep-Alive-Timeouts funktioniert, hat aber das TCP-über-TCP-Problem. (Siehe &lt;a href=\"http://sites.inka.de/bigred/devel/tcp-tcp.html\" &gt; Why TCP Over TCP Is A Bad Idea &lt;/a&gt;)</string>
+  <string name="faq_tethering">Die Funktion \"Anbindung &amp; mobiler WLAN-Hotspot\" und die VPNService-API, die von dieser App verwendet wird, funktionieren nicht zusammen. Für weitere Details siehe &lt;a href=\"http://code.google.com/p/ics-openvpn/issues/detail?id=34\"&gt; Issue #34 &lt;/a&gt;</string>
   <string name="vpn_tethering_title">VPN und \"Anbindung &amp; mobiler WLAN-Hotspot\"</string>
-  <string name="connection_retries">Anzahl Verbindungsversuche</string>
-  <string name="reconnection_settings">Einstellungen für das Neuverbinden</string>
-  <string name="connectretrymessage">Anzahl von Sekunden zwischen Verbindungsversuchen.</string>
-  <string name="connectretrywait">Sekunden zwischen Verbindungsversuchen</string>
-  <string name="minidump_generated">Der OpenVPN Prozess ist unerwartet abgestürzt. Bitte erwägen Sie die Option \"Minidump senden\" im Hauptmenü</string>
+  <string name="connection_retries">Verbindungsversuche</string>
+  <string name="reconnection_settings">Verbindungseinstellungen</string>
+  <string name="connectretrymessage">Zeit, die zwischen zwei Verbindungsversuchen gewartet wird.</string>
+  <string name="connectretrywait">Zeit zwischen Verbindungsversuchen</string>
+  <string name="minidump_generated">Der OpenVPN-Prozess ist unerwartet abgestürzt. Bitte erwägen Sie die Option \"Minidump an Entwickler senden\" im Hauptmenü</string>
   <string name="send_minidump">Minidump an Entwickler senden</string>
-  <string name="send_minidump_summary">Sendet Debugging Informationen des letzten Absturzes an den Entwickler</string>
+  <string name="send_minidump_summary">Informationen über den letzten Absturz zur Fehlersuche an den Entwickler senden</string>
   <string name="notifcation_title">OpenVPN - %s</string>
   <string name="session_ipv4string">%1$s - %2$s</string>
   <string name="session_ipv6string">%1$s - %3$s, %2$s</string>
@@ -241,13 +241,13 @@
   <string name="state_wait">Warte auf Serverantwort</string>
   <string name="state_auth">Authentifiziere</string>
   <string name="state_get_config">Warte auf Clientkonfiguration</string>
-  <string name="state_assign_ip">Weise IP Adressen zu</string>
-  <string name="state_add_routes">Hinzufügen von Routen</string>
+  <string name="state_assign_ip">Weise IP-Adressen zu</string>
+  <string name="state_add_routes">Lege Routen an</string>
   <string name="state_connected">Verbunden</string>
   <string name="state_disconnected">Trennen</string>
   <string name="state_reconnecting">Wiederverbinden</string>
   <string name="state_exiting">Beende</string>
-  <string name="state_noprocess">Kein OpenVPN Prozess</string>
+  <string name="state_noprocess">OpenVPN läuft nicht</string>
   <string name="state_resolve">Löse Hostnamen auf</string>
   <string name="state_tcp_connect">Verbinde (TCP)</string>
   <string name="state_auth_failed">Authentifizierung fehlgeschlagen</string>
@@ -256,53 +256,53 @@
   <string name="notifcation_title_notconnect">Nicht verbunden</string>
   <string name="start_vpn_title">Verbinde mit VPN %s</string>
   <string name="start_vpn_ticker">Verbinde mit VPN %s</string>
-  <string name="jelly_keystore_alphanumeric_bug">Einige Versionen von Android 4.1 haben Probleme, wenn der Name des im Zertifikat Keystore gespeicherten Zertifikates nicht alphanumerische Zeichen (wie Leerzeichen, Unterstriche oder Bindestriche) enthält. Probieren Sie das Sie das Zertifikat mit einem Namen ohne Sonderzeichen zu importieren.</string>
+  <string name="jelly_keystore_alphanumeric_bug">Einige Versionen von Android 4.1 haben Probleme, wenn der Name des im Zertifikatsspeicher gespeicherten Zertifikates nicht alphanumerische Zeichen (wie Leerzeichen, Unterstriche oder Bindestriche) enthält. Probieren Sie, das Zertifikat mit einem Namen ohne Sonderzeichen zu importieren</string>
   <string name="encryption_cipher">Verschlüsselungsalgorithmus</string>
-  <string name="packet_auth">Packetauthentifizierung</string>
+  <string name="packet_auth">Paket-Authentifizierung</string>
   <string name="auth_dialog_title">Geben Sie den Authentifizierungsalgorithmus an</string>
   <string name="built_by">compiliert von %s</string>
   <string name="debug_build">Testversion</string>
   <string name="official_build">offizielle Version</string>
-  <string name="make_selection_inline">Ins Profil einbetten</string>
-  <string name="crashdump">Crashlog</string>
+  <string name="make_selection_inline">In das Profil einbetten</string>
+  <string name="crashdump">Absturzinformationen</string>
   <string name="add">Hinzufügen</string>
   <string name="send_config">Konfigurationsdatei senden</string>
   <string name="complete_dn">Völlständiger DN</string>
   <string name="remotetlsnote">Ihre importierte Konfiguration verwendete die alte VERALTETE tls-remote-Option, die ein anderes DN-Format verwendet.</string>
-  <string name="rdn">RDN (common name)</string>
-  <string name="rdn_prefix">RDN Präfix</string>
+  <string name="rdn">RDN (Common Name)</string>
+  <string name="rdn_prefix">RDN-Präfix</string>
   <string name="tls_remote_deprecated">tls-remote (VERALTET)</string>
-  <string name="help_translate">Sie können helfen die Übersetzung zu verbessern auf der Website http://crowdin.net/project/ics-openvpn/invite</string>
-  <string name="prompt">%1$s versucht %2$s zu steuern</string>
-  <string name="remote_warning">Wenn Sie fortfahren, gestatten Sie der App OpenVPN für Android komplett zu kontrollieren und den gesamten Netzwerkverkehr abzufangen. <b> Akzeptieren Sie nur, wenn Sie der App vertrauen. </b> Anderenfalls riskieren Sie, dass Ihre Daten von schädlicher Software manipuliert werden</string>
+  <string name="help_translate">Sie können helfen, die Übersetzung zu verbessern: Besuchen Sie http://crowdin.net/project/ics-openvpn/invite</string>
+  <string name="prompt">%1$s versucht, %2$s zu steuern</string>
+  <string name="remote_warning">Wenn Sie fortfahren, gestatten Sie der App, OpenVPN für Android komplett zu kontrollieren und den gesamten Netzwerkverkehr abzufangen.<b>Akzeptieren Sie nur, wenn Sie der App vertrauen.</b>Anderenfalls riskieren Sie, dass Ihre Daten von schädlicher Software manipuliert werden.</string>
   <string name="remote_trust">Ich vertraue dieser App.</string>
   <string name="no_external_app_allowed">Keine App für die Verwendung der API freigegeben</string>
-  <string name="allowed_apps">Freigegebene Apps: %s</string>
+  <string name="allowed_apps">Zugelassene Apps: %s</string>
   <string name="clearappsdialog">Liste der freigegeben externen Apps löschen? \nAktuelle Liste der freigegebenen Apps:\n\n%s</string>
-  <string name="screenoff_summary">Pausiert das VPN, wenn der Bildschirm aus ist und weniger als 64 kB in 60 Sekunden übertragen wurden. Falls die Option \"Persistentes tun Device\" ausgewählt ist, wird durch das Pausieren des VPNs das Gerät KEINE Netzwerkverbindung haben. Ohne die \"Persistentes tun Device\" Option, benutzt das Gerät die normal (ungesicherte) Internetverbindung, wenn das VPN pausiert wird.</string>
-  <string name="screenoff_title">Bei ausgeschalteten Bildschirm VPN Verbindung pausieren</string>
-  <string name="screenoff_pause">Pausiere VPN Verbindung da weniger als %1$s in %2$ss.</string>
-  <string name="screen_nopersistenttun">Warnung: Persistentes tun Device für dieses VPN nicht aktiviert. Der Netzwerkverkehr nutzt die normale Internet Verbindung, wenn der Bildschirm aus ist.</string>
-  <string name="save_password">Passwort merken</string>
-  <string name="pauseVPN">VPN pausieren</string>
+  <string name="screenoff_summary">VPN anhalten, wenn der Bildschirm ausgeschaltet ist und weniger als 64 kB in 60 Sekunden übertragen wurden. Falls die Option \"Persistentes tun-Device\" ausgewählt ist, wird durch das Gerät nach dem Anhalten des VPNs KEINE Netzwerkverbindung haben. Ohne die Option \"Persistentes tun-Device\" benutzt das Gerät die normale (ungesicherte) Internetverbindung, wenn das VPN angehalten wird.</string>
+  <string name="screenoff_title">Anhalten bei Inaktivität</string>
+  <string name="screenoff_pause">VPN-Verbindung wird angehalten, da weniger als %1$s in %2$ss</string>
+  <string name="screen_nopersistenttun">Warnung: Persistentes tun-Device für dieses VPN nicht aktiviert. Der Netzwerkverkehr nutzt die normale Internetverbindung, wenn der Bildschirm ausgeschaltet ist.</string>
+  <string name="save_password">Passwort speichern</string>
+  <string name="pauseVPN">VPN anhalten</string>
   <string name="resumevpn">VPN fortsetzen</string>
-  <string name="state_userpause">VPN Verbindung durch Benutzer pausiert</string>
-  <string name="state_screenoff">VPN pausiert wegen Inaktitvität pausiert (Bildschirm aus)</string>
-  <string name="device_specific">Geräte spezifische Hacks</string>
-  <string name="cannotparsecert">Kann Zertifikatsinformationen nicht anzeigen.</string>
+  <string name="state_userpause">VPN-Verbindung durch Benutzer angehalten</string>
+  <string name="state_screenoff">VPN auf Grund von Inaktitvität angehalten (Bildschirm ausgeschaltet)</string>
+  <string name="device_specific">Gerätespezifische Hacks</string>
+  <string name="cannotparsecert">Zertifikatsinformationen können nicht angezeigt werden</string>
   <string name="appbehaviour">Anwendung</string>
   <string name="vpnbehaviour">VPN</string>
-  <string name="allow_vpn_changes">Änderungen an VPN-profilen zulassen</string>
-  <string name="hwkeychain">Im Hardware Keystore gespeichert:</string>
-  <string name="permission_icon_app">Symbol der Anwendung, die versucht OpenVPN für Android zu kontrollieren</string>
-  <string name="faq_vpndialog43">Beginnend mit Android 4.3 wird der VPN-Bestätigungsdialog vor \"überlappenden Anwendungen\" geschützt. Dadurch kann es vorkommen, dass der Dialog nicht auf Eingaben reagiert. Eine Anwendung benutzen, die Overlays verwendet, kann dieses Verhalten verursachen. Sollten Sie solch eine verursachende Anwendung finden, kontaktieren Sie dessen Entwickler. Dieses Problem betrifft alle VPN-Anwendungen ab Android 4.3. Siehe auch &lt;a href=\"http://code.google.com/p/ics-openvpn/issues/detail?id=185\" &gt; Issue 185 &lt;a&gt; für zusätzliche Details \"</string>
+  <string name="allow_vpn_changes">Änderungen an VPN-Profilen zulassen</string>
+  <string name="hwkeychain">Im Hardware-Zertifikatsspeicher gespeichert:</string>
+  <string name="permission_icon_app">Symbol der App, die versucht, OpenVPN für Android zu steuern</string>
+  <string name="faq_vpndialog43">Beginnend mit Android 4.3 wird der VPN-Bestätigungsdialog vor \"überlappenden Anwendungen\" geschützt. Dadurch kann es vorkommen, dass der Dialog nicht auf Eingaben reagiert. Die Verwendung von Apps, die Overlays verwenden, kann dieses Verhalten verursachen. Sollten Sie solch eine verursachende App finden, kontaktieren Sie dessen Entwickler. Dieses Problem betrifft alle VPN-Anwendungen ab Android 4.3. Siehe auch &lt;a href=\"http://code.google.com/p/ics-openvpn/issues/detail?id=185\" &gt; Issue 185 &lt;a&gt; für zusätzliche Details</string>
   <string name="faq_vpndialog43_title">VPN-Bestätigungsdialog ab Android 4.3</string>
   <string name="donatePlayStore">Alternativ können Sie mir per Play Store Geld zukommen lassen:</string>
   <string name="thanks_for_donation">Vielen Dank für die %s Spende!</string>
   <string name="logCleared">Protokoll gelöscht.</string>
   <string name="show_password">Passwort anzeigen</string>
-  <string name="keyChainAccessError">KeyChain Zugriffsfehler: %s</string>
-  <string name="timestamp_short">Kurze</string>
+  <string name="keyChainAccessError">Fehler beim Zugriff auf den Zertifikatsspeicher: %s</string>
+  <string name="timestamp_short">Kurz</string>
   <string name="timestamp_iso">ISO</string>
   <string name="timestamps">Zeitstempel</string>
   <string name="timestamps_none">Keine</string>
@@ -312,28 +312,28 @@
   <string name="logview_options">Ansichtsoptionen</string>
   <string name="unhandled_exception">Unbehandelte Ausnahme: %1$s\n\n%2$s</string>
   <string name="unhandled_exception_context">%3$s: %1$s\n\n%2$s</string>
-  <string name="faq_system_dialog_xposed">Wenn Sie ihr Gerät gerootet haben können Sie das &lt;a href=\"http://xposed.info/\"&gt;Xposed Framework&lt;/a&gt; und das &lt;a href=\"http://repo.xposed.info/module/de.blinkt.vpndialogxposed\"&gt;VPN Dialog confirm Modul&lt;/a&gt; auf eigene Gefahr installieren.</string>
-  <string name="full_licenses">Komplette Lizenzen</string>
-  <string name="blocklocal_summary">Netze, die direkt über ein lokales Interfaces erreicht werden können werden nicht über das VPN geroutet. Deaktivieren dieser Option leitet allen Verkehr, der für lokale Netzwerke bestimmt ist, über das VPN.</string>
-  <string name="blocklocal_title">VPN für lokale Netzwerke umgehen</string>
+  <string name="faq_system_dialog_xposed">Wenn Sie ihr Gerät gerootet haben, können Sie das &lt;a href=\"http://xposed.info/\"&gt;Xposed Framework&lt;/a&gt; und das &lt;a href=\"http://repo.xposed.info/module/de.blinkt.vpndialogxposed\"&gt;VPN Dialog confirm-Modul&lt;/a&gt; auf eigene Gefahr installieren</string>
+  <string name="full_licenses">Vollständige Lizenzen</string>
+  <string name="blocklocal_summary">Netze, die direkt über ein lokales Interface erreicht werden können, werden nicht über das VPN geroutet. Deaktivieren dieser Option leitet allen Verkehr, der für lokale Netze bestimmt ist, über das VPN.</string>
+  <string name="blocklocal_title">VPN für lokale Netze umgehen</string>
   <string name="userpw_file">Datei mit Benutzername und Passwort</string>
   <string name="imported_from_file">[Importiert aus %s]</string>
   <string name="files_missing_hint">Einige Dateien konnten nicht gefunden werden. Bitte wählen Sie diese manuell aus:</string>
-  <string name="openvpn_is_no_free_vpn">Um diese Anwendung nutzen zu können brauchen Sie einen OpenVPN fähigen Server. Diese werden häufig von Ihrer Firma oder Universität bereitgestellt. Besuchen Sie http://community.openvpn.net/  um mehr über OpenVPN zu erfahren und wie Sie Ihren eigenen Server aufsetzen können.</string>
+  <string name="openvpn_is_no_free_vpn">Um diese Anwendung nutzen zu können, benötigen Sie einen OpenVPN-fähigen Server. Diese werden häufig von Firmen oder Universitäten bereitgestellt. Besuchen Sie http://community.openvpn.net/ für weitere Informationen über OpenVPN und das Einrichten eines eigenen Servers.</string>
   <string name="import_log">Import-Protokoll:</string>
-  <string name="ip_looks_like_subnet">VPN-Topologie \"%3$s\" wurde angegeben, die Interface Konfiguration \'ifconfig %1$s %2$s sieht wie eine IP-Adresse mit einer Netzwerkmaske.  Topologie \"subnet\" wird angenommen.</string>
-  <string name="mssfix_invalid_value">mssfix Wert muss eine Zahl zwischen 0 und 9000 sein</string>
-  <string name="mssfix_value_dialog">Ändere TCP-Verbindungen, die über den Tunnel laufen, so dass die resultierende UDP-Paketgröße nach der Enkapsulierung durch OpenVPN auf diesen Wert beschränkt bleibt. (Standardwert ist 1450)</string>
-  <string name="mssfix_checkbox">Überschreiben des MSS-Wert von TCP-Nutzlast</string>
-  <string name="mssfix_dialogtitle">Setze MSS von TCP-Nutzlast</string>
+  <string name="ip_looks_like_subnet">VPN-Topologie \"%3$s\" wurde angegeben, die Interface-Konfiguration \'ifconfig %1$s %2$s sieht allerdings wie eine IP-Adresse mit einer Netzwerkmaske aus. Topologie \"subnet\" wird angenommen.</string>
+  <string name="mssfix_invalid_value">Wert muss eine Zahl zwischen 0 und 9000 sein</string>
+  <string name="mssfix_value_dialog">TCP-Verbindungen, die über den Tunnel laufen, anweisen, ihre maximale Paketgröße so einzustellen, dass die resultierende UDP-Paketgröße nach der Enkapsulierung durch OpenVPN auf den hier eingestellten Wert beschränkt bleibt. (Standardwert ist 1450)</string>
+  <string name="mssfix_checkbox">MSS-Wert der TCP-Nutzlast überschreiben</string>
+  <string name="mssfix_dialogtitle">MSS der TCP-Nutzlast</string>
   <string name="client_behaviour">Client-Verhalten</string>
-  <string name="clear_external_apps">Widerrufe Berechtigungen OpenVPN zu steuern</string>
+  <string name="clear_external_apps">Berechtigungen für die Steuerung von OpenVPN widerrufen</string>
   <string name="loading">Wird geladen&#8230;</string>
-  <string name="allowed_vpn_apps_info">Erlaubte Apps für das VPN: %1$s</string>
-  <string name="disallowed_vpn_apps_info">Verbotene Apps für das VPN: %1$s</string>
-  <string name="app_no_longer_exists">Anwendung mit Paketnamen \'%s\' ist nicht mehr installiert, wird von der Liste der erlaubten/nicht erlaubten VPN Anwendungen gelöscht.</string>
-  <string name="vpn_disallow_radio">VPN für alle Anwendung ausgenommen den ausgewählten</string>
-  <string name="vpn_allow_radio">VPN nur für die ausgewählten Anwendungen</string>
+  <string name="allowed_vpn_apps_info">Zugelassene Apps für das VPN: %1$s</string>
+  <string name="disallowed_vpn_apps_info">Nicht zugelassene Apps für das VPN: %1$s</string>
+  <string name="app_no_longer_exists">Die App \'%s\' ist nicht mehr installiert und wird daher von der Liste der erlaubten/nicht erlaubten VPN-Anwendungen entfernt</string>
+  <string name="vpn_disallow_radio">VPN wird für alle Apps mit Ausnahme der ausgewählten verwendet</string>
+  <string name="vpn_allow_radio">VPN wird nur für die ausgewählten Apps verwendet</string>
   <string name="query_delete_remote">Servereintrag entfernen?</string>
   <string name="keep">Behalten</string>
   <string name="delete">Entfernen</string>
@@ -341,58 +341,64 @@
   <string name="remote_random">Beim Verbinden Servereinträge in zufälliger Reihenfolge verwenden</string>
   <string name="remote_no_server_selected">Sie müssen mindestens einen Server definieren und aktivieren.</string>
   <string name="server_list">Serverliste</string>
-  <string name="vpn_allowed_apps">Erlaubte Anwendungen</string>
+  <string name="vpn_allowed_apps">Zugelassene Apps</string>
   <string name="advanced_settings">Erweiterte Einstellungen</string>
   <string name="payload_options">Nutzlast-Optionen</string>
   <string name="tls_settings">TLS-Einstellungen</string>
   <string name="no_remote_defined">Keine Server definiert</string>
-  <string name="duplicate_vpn">VPN Profil duplizieren</string>
-  <string name="duplicate_profile_title">VPN Profil duplizieren: %s</string>
-  <string name="show_log">Log anzeigen</string>
-  <string name="faq_android_clients">Es gibt es mehrere OpenVPN-Clients für Android. Die am häufigsten genutzten sind OpenVPN für Android (dieser Client), OpenVPN Connect und OpenVPN Settings. &lt;p&gt; Die Clients in zwei Gruppen eingeteilt werden können: OpenVPN für Android und OpenVPN Connect verwenden die offizielle VPNService-API (Android 4.0+) und erfordern keine Rootrechte und OpenVPN-Settings, das Rootrechte benötigt. &lt; p &gt; OpenVPN für Android ist ein von Arne Schwabe entwickelter Open-Source-Client.  Es richtet sich an fortgeschrittene Benutzer und bietet viele erweiterete Einstellungen sowie die Möglichkeit, Profile aus Dateien zu importieren und das konfigurieren und ändern von Profilen innerhalb der App. Der Client basiert auf der Community-Version von  OpenVPN 2.x und kann als semioffizieller Client der community angesehen werden. &lt;p&gt; OpenVPN Connect ist ein Closed-Source-Client, der von OpenVPN Technologies, Inc. entwickelt wird. Der Client ist für die normale Verwendung und auf den durchschnittlichen Benutzer ausgerichtet werden und ermöglicht den Import von OpenVPN-Profilen ohne diese innerhalb der App ändern zu können. Dieser Client basiert auf der OpenVPN C++ Neuimplementierung des OpenVPN-Protokolls (Diese war erforderlich, damit OpenVPN Technologies, Inc, eine iOS-app von OpenVPN veröffentlichen onnte). Dieser Client ist auch der offizielle Client von OpenVPN Technologies, Inc. &lt; p&gt; OpenVPN Settings ist der älteste von den Clients und auch eine Benutzeroberfläche für das Open-Source OpenVPN. Im Gegensatz zu OpenVPN für Android es erfordert es Rootrechte und verwendet nicht die VPNService-API; benötigt aber auch nicht Android 4.0 +</string>
-  <string name="faq_androids_clients_title">Unterschiede zwischen Android OpenVPN Apps</string>
-  <string name="ignore_multicast_route">Ignoriere Multicastroute: %s</string>
-  <string name="ab_only_cidr">Android unterstützt nur CIDR Routen. Da Routen, die nicht CIDR sind, fast nie verwendet werden, wird OpenVPN für Android eine /32 Route für nicht  konforme Routen verwenden und eine Warnung ausgegeben.</string>
-  <string name="ab_tethering_44">Verbindungsfreigabe (WiFi-Hotspot/Tethering) funktioniert, während ein VPN aktiv ist, nutzt aber NICHT die VPN Verbindung.</string>
-  <string name="ab_kitkat_mss">Frühe KitKat-Version setzen einen falschen MSS-Wert für TCP-Verbindungen (#61948). Versuchen Sie  die mssfix-Option zu aktivieren, um dieses Problem zu umgehen.</string>
-  <string name="ab_proxy">Android wird ihre Proxy-Einstellungen für die WLan-Verbindung beibehalten wenn keine DNS-Servereinstellungen vorhanden sind. OpenVPN für Android gibt einen entsprechenden Warnhinweis in der Log-Datei aus.<p> Wenn eine VPN-Verbindung einen DNS-Server vorgibt kann kein Proxy genutzt werden. Es gibt keine API um einen Proxy-Server  für eine VPN-Verbindung zu nutzen.</p></string>
-  <string name="ab_lollipop_reinstall">Ihre VPN-Anwendung funktioniert möglicherweise nicht mehr wenn diese erst de- und später neu installiert wird. Für Details siehe #80074</string>
-  <string name="ab_not_route_to_vpn">Die konfigurierte Klient-IP-Adresse und die IP-Adressen in die Netzwerkmaske sind nicht in das VPN geroutet. OpenVPN umgeht diesen Fehler, indem eine Route hinzugefügt wird, die zu der Client-IP-Adresse und deren Netzmaske passt.</string>
-  <string name="ab_persist_tun">Beim Öffnen eines neuen VPN devices (tun) während eines bereits geöffnet ist (für persist-tun Unterstützung) führt zum Absturz des VPN Dienstes auf Android, der nur durch einen Neustart behoben werden kann. OpenVPN für Android versucht deshalb dieses erneute Öffnen zu vermeiden. Wenn ein erneutes Öffnen zwingend notwendig ist, wird erst das alte Device geschlossen before ein neues geöffnet wird. Dies kann dazu führen, dass teilweise Pakete unverschlüsselt über die normal Internetverbindung gesendet werden. Auch mit diesem Workaround stürzt teilweise der VPN Dienst ab und erfordert einen Neustart des Gerätes.</string>
+  <string name="duplicate_vpn">VPN Profil kopieren</string>
+  <string name="duplicate_profile_title">VPN Profil kopieren: %s</string>
+  <string name="show_log">Protokoll anzeigen</string>
+  <string name="faq_android_clients">Es gibt mehrere OpenVPN-Clients für Android. Die am häufigsten genutzten sind OpenVPN für Android (dieser Client), OpenVPN Connect und OpenVPN Settings. &lt;p&gt; Die Clients können in zwei Gruppen eingeteilt werden: einerseits OpenVPN für Android und OpenVPN Connect, die die offizielle VPNService-API (Android 4.0+) verwenden und daher keine Root-Rechte erfordern, und andererseits OpenVPN Settings, das Root-Rechte benötigt. &lt;p&gt; OpenVPN für Android ist ein von Arne Schwabe entwickelter Open-Source-Client.  Es richtet sich an fortgeschrittene Benutzer und bietet viele erweiterte Einstellungen: zum Beispiel die Möglichkeit, Profile aus Dateien zu importieren, oder das Konfigurieren und Ändern von Profilen innerhalb der App. Der Client basiert auf der Community-Version von OpenVPN 2.x und kann als \"semioffizieller\" Client der Community angesehen werden. &lt;p&gt; OpenVPN Connect ist ein Closed-Source-Client, der von OpenVPN Technologies, Inc. entwickelt wird. Der Client ist für die normale Verwendung und auf den durchschnittlichen Benutzer ausgerichtet und ermöglicht den Import von OpenVPN-Profilen, ohne diese innerhalb der App ändern zu können. Dieser Client basiert auf der OpenVPN-C++-Neuimplementierung des OpenVPN-Protokolls (welche hauptsächlich dafür entwickelt wurde, dass OpenVPN Technologies, Inc. eine OpenVPN-App für iOS veröffentlichen konnte). Dieser Client ist auch der offizielle Client von OpenVPN Technologies, Inc. &lt;p&gt; OpenVPN Settings ist der älteste der Clients und auch eine Benutzeroberfläche für das Open-Source-OpenVPN. Im Gegensatz zu OpenVPN für Android erfordert es Root-Rechte und verwendet nicht die VPNService-API; benötigt aber auch nicht Android 4.0+.</string>
+  <string name="faq_androids_clients_title">Unterschiede zwischen den Android-OpenVPN-Apps</string>
+  <string name="ignore_multicast_route">Ignoriere Multicast-Route: %s</string>
+  <string name="ab_only_cidr">Android unterstützt nur CIDR-Routen. Da Routen, die nicht CIDR sind, fast nie verwendet werden, wird OpenVPN für Android eine /32 Route für nicht konforme Routen verwenden und eine Warnung ausgegeben.</string>
+  <string name="ab_tethering_44">Verbindungsfreigabe (WiFi-Hotspot/Tethering) funktioniert, während ein VPN aktiv ist, nutzt aber NICHT die VPN-Verbindung.</string>
+  <string name="ab_kitkat_mss">Frühe KitKat-Version setzen einen falschen MSS-Wert für TCP-Verbindungen (#61948). Versuchen Sie, die mssfix-Option zu aktivieren, um dieses Problem zu umgehen.</string>
+  <string name="ab_proxy">Android wird ihre Proxy-Einstellungen für die WLAN-Verbindung beibehalten, wenn keine DNS-Servereinstellungen vorhanden sind. OpenVPN für Android gibt einen entsprechenden Warnhinweis in der Protokolldatei aus.<p>Wenn eine VPN-Verbindung einen DNS-Server vorgibt, kann kein Proxy genutzt werden. Es gibt keine API für die Nutzungs eines Proxy-Servers für eine VPN-Verbindung.</p></string>
+  <string name="ab_lollipop_reinstall">Ihre VPN-App funktioniert möglicherweise nicht mehr, wenn diese erst de- und später neu installiert wird. Für Details siehe #80074</string>
+  <string name="ab_not_route_to_vpn">Die konfigurierte Client-IP-Adresse und die IP-Adressen in deren Netzwerkmaske sind nicht in das VPN geroutet. OpenVPN umgeht diesen Fehler, indem eine Route hinzugefügt wird, die zu der Client-IP-Adresse und deren Netzmaske passt.</string>
+  <string name="ab_persist_tun">Das Öffnen eines neuen tun-Devices, während ein weiteres bereits für persist-tun-Unterstützung geöffnet ist, führt zum Absturz des VPN-Dienstes, der nur durch einen Neustart behoben werden kann. OpenVPN für Android versucht daher, dieses erneute Öffnen zu vermeiden. Wenn ein erneutes Öffnen zwingend notwendig ist, wird zunächst das alte Device geschlossen, bevor ein neues geöffnet wird. Dies kann dazu führen, dass teilweise Pakete unverschlüsselt über die normal Internetverbindung gesendet werden. Auch mit diesem Workaround stürzt der VPN-Dienst möglicherweise ab, was einen Neustart des Gerätes erfordert.</string>
   <string name="ab_secondary_users">VPN funktioniert überhaupt nicht für die Sekundärnutzer.</string>
-  <string name="ab_kitkat_reconnect">Mehrere Benutzer berichten, dass die mobile Verbindung/Mobile Datenverbindung häufig getrennt wird, wenn ein VPN aktiv. Das Verhalten scheint nur einige Anbieter/Mobilgerät-Kombination beeinflussen und bisher konnte weder Ursache noch Lösung für den Bug identifiziert werden.</string>
-  <string name="ab_vpn_reachability_44">Nur Ziele, die ohne VPN erreichbar sind, sind auch mit VPN erreichbar. IPv6 VPNs funktionieren überhaupt nicht.</string>
-  <string name="ab_only_cidr_title">Nicht CIDR konforme Routen</string>
+  <string name="ab_kitkat_reconnect">Mehrere Benutzer berichten, dass die mobile Datenverbindung bei Verwendund eines VPNs häufig getrennt wird. Das Verhalten scheint nur einige Anbieter/Mobilgerät-Kombination zu beeinflussen und bisher konnte weder eine Ursache noch eine Lösung für dieses Problem identifiziert werden.</string>
+  <string name="ab_vpn_reachability_44">Nur Ziele, die ohne VPN erreichbar sind, sind auch mit VPN erreichbar. IPv6-VPNs funktionieren überhaupt nicht.</string>
+  <string name="ab_only_cidr_title">Nicht CIDR-konforme Routen</string>
   <string name="ab_proxy_title">Proxy-Verhalten für VPNs</string>
-  <string name="ab_lollipop_reinstall_title">Neuinstallation von VPN-apps</string>
+  <string name="ab_lollipop_reinstall_title">Neuinstallation von VPN-Apps</string>
   <string name="version_upto">%s und früher</string>
   <string name="copy_of_profile">Kopie von %s</string>
-  <string name="ab_not_route_to_vpn_title">Route zur der konfigurierten VPN IP Adresse</string>
+  <string name="ab_not_route_to_vpn_title">Route zur konfigurierten VPN-IP-Adresse</string>
   <string name="ab_kitkat_mss_title">Falscher MSS-Wert für VPN-Verbindung</string>
   <string name="ab_secondary_users_title">Sekundäre Tablet-Nutzer</string>
-  <string name="custom_connection_options_warng">Definieren Sie benutzerdefinierte verbindungsspezifische Optionen. Seien Sie vorsichtig!</string>
-  <string name="custom_connection_options">Benutzerdefinierte Optionen</string>
+  <string name="custom_connection_options_warng">Hier können Sie eigene verbindungsspezifische Optionen festlegen. Seien Sie vorsichtig!</string>
+  <string name="custom_connection_options">Eigene Optionen</string>
   <string name="remove_connection_entry">Verbindung entfernen</string>
-  <string name="ab_kitkat_reconnect_title">Sporadische Verlust der Verbindung mit dem Mobilfunknetz</string>
-  <string name="ab_vpn_reachability_44_title">Entfernte Netzwerkresourcen nicht erreichbar</string>
-  <string name="ab_persist_tun_title">Persistenter tun Modus</string>
+  <string name="ab_kitkat_reconnect_title">Sporadischer Verlust der Verbindung mit dem Mobilfunknetz</string>
+  <string name="ab_vpn_reachability_44_title">Entfernte Netzwerkressourcen nicht erreichbar</string>
+  <string name="ab_persist_tun_title">Persistenter tun-Modus</string>
   <string name="version_and_later">%s und neuer</string>
   <string name="tls_cipher_alert_title">Verbindung schlägt mit \"SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure\" fehl</string>
-  <string name="tls_cipher_alert">OpenVPN für die Android Versionen ab 0.6.29 (März 2015) verwenden einen sicheren Default für die zulässigen TLS Chiffren (\"DEFAULT:!EXP:!PSK:!SRP:!kRSA\"). Leider hat Weglassen der weniger sicheren Verschlüsselungschiffren und Exportchfriffen, vor allem aber der Wegfall der Cipher Suites, die keine Unterstützung für Perfect-Forward-Secrecy (Diffie-Hellman) einige Probleme verursacht. In der Regel sind dies gut gemeinte, aber schlecht ausgeführte Versuche, die TLS Sicherheit durch eine händische Wahl zu verbessern oder bei einigen eingebetteten Betriebssysteme mit abgespeckten OpenSSL (z.B. MikroTik).\n Um dieses Problem lösen das Problem, setzen Sie die TLS-Verschlüsselung Einstellungen auf dem Server auf einen sinnvollen Standardwert wie z.B. tls-cipher \"DEFAULT: EXP: PSK: SRP: KRSA\". Als Workaround für Problem auf dem Client, fügen Sie die benutzerdefinierte Option tls-cipher DEFAULT dem VPN Profil hinzu um die weniger sicheren Chiffren wieder zuzulassen.</string>
+  <string name="tls_cipher_alert">OpenVPN für Android verwendet seit Version 0.6.29 (März 2015) einen sicheren Standardwert für die zulässigen TLS-Chiffren (\"DEFAULT:!EXP:!PSK:!SRP:!kRSA\"). Leider hat das Weglassen der weniger sicheren Verschlüsselungschiffren und Exportchiffren, vor allem aber der Wegfall der Cipher Suites ohne Unterstützung für Perfect-Forward-Secrecy (Diffie-Hellman), einige Probleme verursacht. Diese Probleme werden in der Regel durch gut gemeinte, aber schlecht ausgeführte Versuche, die TLS-Sicherheit durch eine händische Wahl zu verbessern oder durch einige eingebettete Betriebssysteme mit abgespecktem OpenSSL (z.B. MikroTik) verursacht.\n Um dieses Problem zu lösen, setzen Sie die TLS-Verschlüsselungs-Einstellungen auf dem Server auf einen sinnvollen Standardwert wie z.B. tls-cipher \"DEFAULT: EXP: PSK: SRP: KRSA\". Falls diese nicht möglich ist, können Sie als clientseitigen Workaround dem VPN-Profil die benutzerdefinierte Option tls-cipher DEFAULT hinzufügen, um die weniger sicheren Chiffren wieder zuzulassen.</string>
   <string name="message_no_user_edit">Dieses Profil wurde von einer externen Anwendung (%s) hinzugefügt und als nicht vom Benutzer bearbeitbar markiert.</string>
-  <string name="crl_file">Zertifikatsperrliste</string>
-  <string name="service_restarted">Neustarten von OpenVPN Service (App vermutlich abgestürzt oder wegen Speicherdruck beendet)</string>
-  <string name="import_config_error">Importieren der Config ergab einen Fehler, kann diese nicht speichern</string>
+  <string name="crl_file">Zertifikats-Sperrliste</string>
+  <string name="service_restarted">OpenVPN-Dienst wird neu gestartet (App vermutlich abgestürzt oder wegen Speichermangels beendet)</string>
+  <string name="import_config_error">Importieren der Konfiguration ergab einen Fehler, kann diese nicht speichern</string>
   <string name="Search">Suche</string>
-  <string name="lastdumpdate">(Letzten Dump ist %1$d:%2$dh alt (%3$s))</string>
+  <string name="lastdumpdate">(Letzter Absturz war vor %1$d:%2$dh (%3$s))</string>
   <string name="clear_log_on_connect">Protokoll bei neuer Verbindung leeren</string>
   <string name="connect_timeout">Verbindungstimeout</string>
-  <string name="no_allowed_app">Keine erlaubte App hinzgefügt. Füge die App selbst (%s) hinzu um wenigsten eine App in der Liste der nicht erlaubten Anwendungen zu haben</string>
-  <string name="query_permissions_sdcard">OpenVPN für Android kann versuchen, die fehlende(n) Datei(en) auf der SD-Karte automatisch zu finden. Tippen Sie auf diese Meldung um die Berechtigungsanfrage zu starten.</string>
+  <string name="no_allowed_app">Keine erlaubte App hinzugefügt. Füge unsere eigene App (%s) hinzu, um zumindest eine App in der Liste der nicht erlaubten Anwendungen zu haben</string>
+  <string name="query_permissions_sdcard">OpenVPN für Android kann versuchen, die fehlende(n) Datei(en) auf der SD-Karte automatisch zu finden. Tippen Sie auf diese Meldung, um die Berechtigungsanfrage zu starten.</string>
   <string name="protocol">Protokoll</string>
   <string name="enabled_connection_entry">Aktiviert</string>
-  <string name="abi_mismatch">Bevorzugte native ABI Reihenfolge dieses Gerätes (%1$s) und die installierten nativen Bibliotheken (%2$s) unterscheiden sich</string>
+  <string name="abi_mismatch">Bevorzugte native ABI-Reihenfolge dieses Gerätes (%1$s) und die installierten nativen Bibliotheken (%2$s) unterscheiden sich</string>
   <string name="months_left">Noch %d Monate gültig</string>
   <string name="days_left">Noch %d Tage gültig</string>
   <string name="hours_left">Noch %d Stunden gültig</string>
+  <string name="permission_revoked">VPN-Berechtigung wurde vom Betriebssytem widerrufen (z.B. weil ein anderes VPN gestartet wurde); VPN wird gestoppt</string>
+  <string name="pushpeerinfo">Peer-Informationen senden</string>
+  <string name="pushpeerinfosummary">Weitere Informationen, wie z.B. SSL- und Android-Version, an den Server senden</string>
+  <string name="pw_request_dialog_title">%1$s benötigt</string>
+  <string name="pw_request_dialog_prompt">Geben Sie bitte das Passwort für das Profil %1$s ein</string>
+  <string name="menu_use_inline_data">Inline-Daten verwenden</string>
 </resources>
diff --git a/app/src/main/res/values-es/strings-icsopenvpn.xml b/app/src/main/res/values-es/strings-icsopenvpn.xml
index 203e51dc..324742de 100755
--- a/app/src/main/res/values-es/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-es/strings-icsopenvpn.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!--Generated by crowdin.com-->
 <!--
-  ~ Copyright (c) 2012-2014 Arne Schwabe
+  ~ Copyright (c) 2012-2016 Arne Schwabe
   ~ Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
   -->
 <resources>
diff --git a/app/src/main/res/values-et/strings-icsopenvpn.xml b/app/src/main/res/values-et/strings-icsopenvpn.xml
index dcc134bf..0a28199f 100755
--- a/app/src/main/res/values-et/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-et/strings-icsopenvpn.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!--Generated by crowdin.com-->
 <!--
-  ~ Copyright (c) 2012-2014 Arne Schwabe
+  ~ Copyright (c) 2012-2016 Arne Schwabe
   ~ Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
   -->
 <resources>
diff --git a/app/src/main/res/values-fr/strings-icsopenvpn.xml b/app/src/main/res/values-fr/strings-icsopenvpn.xml
index 3e9b416c..43737f3d 100755
--- a/app/src/main/res/values-fr/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-fr/strings-icsopenvpn.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!--Generated by crowdin.com-->
 <!--
-  ~ Copyright (c) 2012-2014 Arne Schwabe
+  ~ Copyright (c) 2012-2016 Arne Schwabe
   ~ Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
   -->
 <resources>
@@ -180,6 +180,7 @@
   <string name="keychain_nocacert">"Aucun certificat CA renvoyée lors de la lecture depuis le gestionnaire de clés. L\'authentification échouera probablement."</string>
   <string name="show_log_summary">"Affiche la fenêtre de log à la connexion. Cette fenêtre peut toujours être consultée à partir de la notification d\'état."</string>
   <string name="show_log_window">"Afficher la fenêtre de log"</string>
+  <string name="mobile_info">%10$s %9$s courir sur %3$s %1$s (%2$s), Android %6$s (%7$s) API %4$d, ABI %5$s, (%8$s)</string>
   <string name="error_rsa_sign">"Erreur de signature de la clé %1$s : %2$s par le gestionnaire d\'Android"</string>
   <string name="faq_system_dialogs">\"L\'avertissement de connexion au VPN qui vous informe que cette application peut intercepter tout le trafic est imposé par le système pour éviter les abus de l\'API du service VPN.\nLa notification de connexion au VPN (Le symbole qui ressemble à une clé) est aussi imposé par le système Android pour signaler une connexion VPN en cours de fonctionnement.
 Sur certaines images, cette notification joue un son.\nAndroid à introduit ces dialogues système pour votre propre sécurité et à fait en sorte d\'être impossible à contourner. (Cela peut inclure en plus une notification sonore pour certaines images)\"</string>
@@ -349,4 +350,5 @@ Sur certaines images, cette notification joue un son.\nAndroid à introduit ces
   <string name="duplicate_vpn">Dupliquer le profil VPN</string>
   <string name="duplicate_profile_title">Duplicating profile: %s</string>
   <string name="show_log">Afficher le journal</string>
+  <string name="faq_android_clients">Il existe plusieurs clients OpenVPN pour Android. Les plus communs sont OpenVPN for Android (ce client), OpenVPN Connect, et OpenVPN Settings..&lt;p&gt;Les clients peuvent êtres regroupés en 2 groupes : OpenVPN for Android et OpenVPN Connect utilisent le service API officiel de VPNService (Android 4.0+) et ne nécessitent pas une élévation des privilèges (rootage), puis OpenVPN Settings qui nécessite le rootage.&lt;p&gt;OpenVPN for Android et un client « open source » développé par Arne Schwabe. Il est destiné aux utilisateurs avancés et comprend plusieurs paramètres, ainsi que la possibilité d\'importer les profils depuis des fichiers et de les configurer/changer à partir de l\'application. Le client est basé sur la version communautaire d\'OpenVPN. Il est basé sur le code source d\'OpenVPN 2.x. Ce client peut-être considérer en étant la version semi-officielle de la communauté.&lt;p&gt;OpenVPN Connect est un logiciel propriétaire développé par OpenVPN Technologies, Inc. Le client est destiné aux utilisateurs avec une connaissance moyenne et offre la possibilité d\'importer les profils OpenVPN. Ce client est basé sur une nouvelle réalisation du protocole OpenVPN C++ (ceci était nécessaire afin de permettre à OpenVPN Technologies, Inc. de publier une version iOS de l\'application OpenVPN). Ce client est le client officiel des technologies OpenVPN&lt;p&gt;OpenVPN Settings est le client le plus ancien et agit comme l\'interface utilisateur de la version « open source » d\'OpenVPN. Contrairement à OpenVPN for Android il ne nécessite pas le rootage et ne se sert pas du service API de VPNService. Il ne dépend pas sur Android 4.0+</string>
 </resources>
diff --git a/app/src/main/res/values-hu/strings-icsopenvpn.xml b/app/src/main/res/values-hu/strings-icsopenvpn.xml
index fcdf3f23..dd07abdb 100755
--- a/app/src/main/res/values-hu/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-hu/strings-icsopenvpn.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!--Generated by crowdin.com-->
 <!--
-  ~ Copyright (c) 2012-2014 Arne Schwabe
+  ~ Copyright (c) 2012-2016 Arne Schwabe
   ~ Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
   -->
 <resources>
diff --git a/app/src/main/res/values-in/strings-icsopenvpn.xml b/app/src/main/res/values-in/strings-icsopenvpn.xml
index 07415d29..132f25a1 100755
--- a/app/src/main/res/values-in/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-in/strings-icsopenvpn.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!--Generated by crowdin.com-->
 <!--
-  ~ Copyright (c) 2012-2014 Arne Schwabe
+  ~ Copyright (c) 2012-2016 Arne Schwabe
   ~ Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
   -->
 <resources>
@@ -373,4 +373,9 @@
   <string name="custom_connection_options_warng">Tentukan pengaturan untuk koneksi khusus . Gunakan dengan hati-hati</string>
   <string name="custom_connection_options">Pilihan buatan</string>
   <string name="remove_connection_entry">Hapus entri koneksi</string>
+  <string name="ab_kitkat_reconnect_title">Terputus acak dari jaringan selular</string>
+  <string name="ab_vpn_reachability_44_title">Rangkaian remote tak terjangkau</string>
+  <string name="ab_persist_tun_title">Modus terowongan bertahan</string>
+  <string name="version_and_later">%s dan yang lebih baru</string>
+  <string name="tls_cipher_alert_title">Sambungan gagal dengan peringatan kegagalan jabat tangan SSL23_GET_SERVER_HELLO:sslv3</string>
 </resources>
diff --git a/app/src/main/res/values-it/strings-icsopenvpn.xml b/app/src/main/res/values-it/strings-icsopenvpn.xml
index a8cafa72..feb61f0d 100755
--- a/app/src/main/res/values-it/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-it/strings-icsopenvpn.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!--Generated by crowdin.com-->
 <!--
-  ~ Copyright (c) 2012-2014 Arne Schwabe
+  ~ Copyright (c) 2012-2016 Arne Schwabe
   ~ Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
   -->
 <resources>
diff --git a/app/src/main/res/values-ja/strings-icsopenvpn.xml b/app/src/main/res/values-ja/strings-icsopenvpn.xml
index 93e82f79..7e8be056 100755
--- a/app/src/main/res/values-ja/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-ja/strings-icsopenvpn.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!--Generated by crowdin.com-->
 <!--
-  ~ Copyright (c) 2012-2014 Arne Schwabe
+  ~ Copyright (c) 2012-2016 Arne Schwabe
   ~ Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
   -->
 <resources>
@@ -13,7 +13,7 @@
   <string name="select">選択</string>
   <string name="cancel">キャンセル</string>
   <string name="no_data">データなし</string>
-  <string name="useLZO">LZO 圧縮</string>
+  <string name="useLZO">LZO圧縮</string>
   <string name="client_no_certificate">証明書がありません。</string>
   <string name="client_certificate_title">クライアント証明書</string>
   <string name="client_key_title">クライアント証明書のキー</string>
@@ -87,6 +87,7 @@
   <string name="default_route_summary">すべての通信をVPN経由にします</string>
   <string name="use_default_title">既定の経路に使用</string>
   <string name="custom_route_message">カスタム経路を入力します。宛先のみをCIDR形式で指定します。例えば \"10.0.0.0/8 2002::/16\"と指定すれば10.0.0.0/8と2002::/16への通信はVPNに向けられます。</string>
+  <string name="custom_route_message_excluded">VPNを経由しないネットワークを指定します。カスタム経路と同じ書式を使用します。</string>
   <string name="custom_routes_title">カスタム経路情報</string>
   <string name="custom_routes_title_excluded">除外されたネットワーク</string>
   <string name="log_verbosity_level">ログの詳細度</string>
@@ -236,6 +237,22 @@ OpenVPNの接続を保証するためには、アプリケーションを高い
   <string name="vpn_import_hint">SDカードからプロファイル(.ovpnや.conf)をインポートするには &lt;img src=\"ic_menu_archive\"/&gt; のアイコンを使用します。</string>
   <string name="faq_hint">FAQを確認してください。クイックスタートガイドがあります。</string>
   <string name="faq_routing_title">経路情報／インターフェース設定</string>
+  <string name="faq_routing">経路とインターフェースの設定は従来のifconfig/routeコマンドではなくVPNService APIを使用して行われます。
+その結果、経路の設定はほかのOSとは異なります。\n
+
+VPNトンネルの設定は、IPアドレスとこのインターフェースを経由すべきネットワークで構成されます。
+特に、対向側のアドレスやゲートウェイアドレスは必要とされません。
+VPNサーバに到達するための特別な経路(たとえばredirect-gatewayディレクティブを使用したとき)も必要ありません。
+従ってこのアプリが設定をインポートした際は、これらの設定を無視します。
+アプリは、VPNトンネルを経由しないサーバへの接続をVPNService APIによって保証されます。\n
+
+VPNService APIはVPNを経由すべきでないネットワークの指定を許可しません。
+回避策として、アプリはトンネルを経由すべきでないネットワーク(例 route x.x.x.x y.y.y.y net_gateway)を検知を試み、ほかのプラットフォームの挙動を再現するために除外すべき経路を計算します。ログウィンドウは成立した接続のVPNServiceの設定を表示します。\n
+
+
+
+こっそり:
+Android 4.4以上はポリシールーティングを使用します。route/ifconfigコマンドは設定された経路を表示しません。代わりにip ruleまたはiptables -t mangle -Lを使用します。</string>
   <string name="persisttun_summary">OpenVPNが再接続試行中は、VPNなし状態を報告しません。</string>
   <string name="persistent_tun_title">永続的なTUNデバイス</string>
   <string name="openvpn_log">OpenVPN のログ</string>
@@ -370,7 +387,7 @@ OpenVPNの接続を保証するためには、アプリケーションを高い
   <string name="duplicate_profile_title">プロファイルの複製：%s</string>
   <string name="show_log">ログを表示</string>
   <string name="faq_android_clients">Android用のOpenVPNクライアントは複数あります。主なものとしては「OpenVPN for Android」(このアプリ)「OpenVPN Connect」「OpenVPN Settings」があります。&lt;p&gt;クライアントは大きく2種類に分けられます。「OpenVPN for Android」「OpenVPN Connect」は公式なVPNService API (Android 4.0以降)を使用しroot権限は不要です。「OpenVPN Settings」はroot権限が必要です。&lt;p&gt;「OpenVPN for Android」はオープンソースのクライアントでArne Schwabeにより開発されています。詳しい人をターゲットとして、多くの設定とファイルからのプロファイルインポート、アプリ内でのプロファイル設定変更ができるようになっています。コミュニティ版のOpenVPN 2.xのソースコードをベースとしています。コミュニティの準公式クライアントとみなせます。&lt;p&gt;「OpenVPN Connect」はOpenVPN Technologies, Incにより開発されておりオープンソースではありません。より一般的な使い方と平均的なユーザをターゲットとしており、OpenVPNプロファイルのインポートができます。OpenVPNプロトコルのC++による再実装コードをベースとしています(これはOpenVPN Technologies, IncがiOS版を公開するために必要でした)。OpenVPN Technologies, Incの公式クライアントです。&lt;p&gt; 「OpenVPN Settings」は最も古いクライアントであり、オープンソースのOpenVPN用のUIです。「OpenVPN for Android」との大きな違いはroot権限を必要とし、かつVPNService APIを使用しないことです。Android 4.0以降に依存しません。</string>
-  <string name="faq_androids_clients_title">OpenVPN Androidクライアント間の違い</string>
+  <string name="faq_androids_clients_title">Android用OpenVPNクライアント間の違い</string>
   <string name="ignore_multicast_route">マルチキャストされた経路を無視します: %s</string>
   <string name="ab_only_cidr">AndroidはVPNへの経路としてCIDRのみサポートします。非CIDR経路はほとんど使用されないため、OpenVPN for Androidは非CIDR経路に/32を使用し、警告を発します。</string>
   <string name="ab_tethering_44">テザリングはVPNが接続中でも有効です。ただしテザリングした通信はVPNを使用できません。</string>
@@ -394,7 +411,7 @@ OpenVPNの接続を保証するためには、アプリケーションを高い
   <string name="custom_connection_options">カスタムオプション</string>
   <string name="remove_connection_entry">接続エントリを削除します</string>
   <string name="ab_kitkat_reconnect_title">モバイルネットワークが突発的に切断される</string>
-  <string name="ab_vpn_reachability_44_title">リモートネットワークに到達できない</string>
+  <string name="ab_vpn_reachability_44_title">リモートネットワークに到達できません</string>
   <string name="ab_persist_tun_title">持続的なTUNモード</string>
   <string name="version_and_later">%s以降</string>
   <string name="tls_cipher_alert_title">SSL23_GET_SERVER_HELLO:sslv3 alert handshake failureで接続が失敗する</string>
@@ -404,8 +421,10 @@ OpenVPNの接続を保証するためには、アプリケーションを高い
   <string name="service_restarted">OpenVPNを再起動しています(クラッシュしたか、メモリ不足により停止させられたため)</string>
   <string name="import_config_error">設定のインポートでエラーが発生したため、保存できません。</string>
   <string name="Search">検索</string>
+  <string name="lastdumpdate">(最後のダンプ %1$d:%2$d 経過 (%3$s))</string>
   <string name="clear_log_on_connect">新規接続時にログをクリアする</string>
   <string name="connect_timeout">接続タイムアウト</string>
+  <string name="no_allowed_app">許可されたアプリがありません。すべてのアプリを不許可にする場合は最低でも１つのアプリを許可する必要があるため、このアプリ (%s) を追加します。</string>
   <string name="query_permissions_sdcard">OpenVPN for Androidは見失ったファイルを自動でSDカードから再探索することができます。このメッセージをタップして権限のリクエストを行ってください。</string>
   <string name="protocol">プロトコル</string>
   <string name="enabled_connection_entry">有効</string>
@@ -413,4 +432,10 @@ OpenVPNの接続を保証するためには、アプリケーションを高い
   <string name="months_left">残り %dヵ月</string>
   <string name="days_left">残り %d日</string>
   <string name="hours_left">残り %d時間</string>
+  <string name="permission_revoked">OSによりVPNの権限が取り消されました (ほかのVPNプログラムが動作した場合など)。VPNを停止します</string>
+  <string name="pushpeerinfo">ピア情報を送信する</string>
+  <string name="pushpeerinfosummary">追加の情報をサーバに送信する (SSLやAndroidのバージョン等)</string>
+  <string name="pw_request_dialog_title">%1$s </string>
+  <string name="pw_request_dialog_prompt">プロファイル %1$s のパスワードを入力してください</string>
+  <string name="menu_use_inline_data">インラインデータを使用する</string>
 </resources>
diff --git a/app/src/main/res/values-ko/strings-icsopenvpn.xml b/app/src/main/res/values-ko/strings-icsopenvpn.xml
index ce748cfa..640ee0f1 100755
--- a/app/src/main/res/values-ko/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-ko/strings-icsopenvpn.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!--Generated by crowdin.com-->
 <!--
-  ~ Copyright (c) 2012-2014 Arne Schwabe
+  ~ Copyright (c) 2012-2016 Arne Schwabe
   ~ Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
   -->
 <resources>
@@ -34,15 +34,15 @@
   <string name="ipv4_dialog_title">CIDR 형식의 IPv4 주소/넷마스크를 입력 (예: 1.2.3.4/24)</string>
   <string name="ipv4_address">IPv4 주소</string>
   <string name="ipv6_address">IPv6 주소</string>
-  <string name="custom_option_warning">사용자 정의 OpenVPN 옵션을 입력하세요. 매우 조심하세요. 또한 많은 tun과 연관된 OpenVPN 설정은 VPN 설정의 설계로 인하여 지원 되지 않습니다. 중요한 옵션이 누락됐다고 생각되면 저자에게 연락하십시오</string>
+  <string name="custom_option_warning">사용자 정의 OpenVPN 옵션을 입력하십시오. 사용 시 유의하십시오. 또한 TUN과 연관된 많은 OpenVPN 설정은 안드로이드에서 지원하는 VPN 설정의 한계로 지원되지 않습니다. 중요한 옵션이 누락됐다고 생각되면 개발자에게 연락주십시오.</string>
   <string name="auth_username">계정</string>
   <string name="auth_pwquery">암호</string>
   <string name="static_keys_info">고정설정에는 TLS인증 키가 고정키로 사용됩니다</string>
   <string name="configure_the_vpn">VPN 설정</string>
   <string name="menu_add_profile">프로파일 추가</string>
-  <string name="add_profile_name_prompt">새 프로 파일을 식별 하는 이름을 입력 하십시오</string>
+  <string name="add_profile_name_prompt">새 프로파일에 사용할 이름을 입력하세요.</string>
   <string name="duplicate_profile_name">고유 프로필 이름을 입력 하십시오</string>
-  <string name="profilename">프로 파일 이름</string>
+  <string name="profilename">프로파일 이름</string>
   <string name="no_keystore_cert_selected">사용자 인증서를 선택 해야 합니다</string>
   <string name="no_error_found">오류 없음</string>
   <string name="config_error_found">설정 오류</string>
@@ -51,7 +51,7 @@
   <string name="pw_query_hint">(비워두면 요청시 쿼리됨)</string>
   <string name="vpn_shortcut">OpenVPN 바로 가기</string>
   <string name="vpn_launch_title">VPN에 연결 하기</string>
-  <string name="shortcut_profile_notfound">바로 가기에 지정 된 프로파일을 찾을 수 없습니다.</string>
+  <string name="shortcut_profile_notfound">바로가기에 지정 된 프로파일을 찾을 수 없습니다.</string>
   <string name="random_host_prefix">임의의 호스트 접두사</string>
   <string name="random_host_summary">6개 임의의 문자를 호스트 이름 앞에 추가</string>
   <string name="custom_config_title">사용자 지정 옵션을 사용 하도록 설정</string>
@@ -72,7 +72,7 @@
   <string name="tls_key_auth">TLS Key 인증 활성화</string>
   <string name="tls_auth_file">TLS 인증 파일</string>
   <string name="pull_on_summary">서버로부터 IP 주소, 라우트와 타이밍 옵션을 요구합니다.</string>
-  <string name="pull_off_summary">서버로부터 정보를 요구하지 않습니다. 설정은 아래에 지정되야 합니다.</string>
+  <string name="pull_off_summary">서버는 어떤 정보도 요구하지 않습니다. 아래에 세부 설정을 지정하십시오.</string>
   <string name="use_pull">설정 받기</string>
   <string name="dns">DNS</string>
   <string name="override_dns">서버에서 DNS 설정을 재정의합니다</string>
@@ -95,7 +95,7 @@
   <string name="float_title">플로팅 서버 허용</string>
   <string name="custom_options_title">사용자 지정 옵션</string>
   <string name="edit_vpn">VPN 설정 편집</string>
-  <string name="remove_vpn_query">VPN 프로 파일 \'%s\' 제거?</string>
+  <string name="remove_vpn_query">VPN 프로파일 \'%s\'을 삭제할까요?</string>
   <string name="tun_error_helpful">일부 사용자 지정 ICS 이미지에서는 /dev/tun에 대한 권한이 잘못 되어 있거나 tun 모듈 자체가 누락 될 수 있습니다. CM9 이미지는 일반 설정에 있는 소유권 고치기 옵션을 사용해 보십시오.</string>
   <string name="tun_open_error">Tun 인터페이스를 열지 못했습니다</string>
   <string name="error">"오류:"</string>
@@ -135,9 +135,9 @@
   <string name="import_error_message">파일 시스템에서 파일을 가져올 수 없습니다.</string>
   <string name="inline_file_data">[[인라인 파일 데이터]]</string>
   <string name="opentun_no_ipaddr">IP 정보가 없는 tun 장치 열기를 거부합니다</string>
-  <string name="menu_import">Ovpn 파일에서 프로파일 가져오기</string>
+  <string name="menu_import">ovpn 파일에서 프로파일 가져오기</string>
   <string name="menu_import_short">가져오기</string>
-  <string name="import_content_resolve_error">가져올 프로 파일을 읽을 수 없습니다.</string>
+  <string name="import_content_resolve_error">가져올 프로파일을 읽을 수 없습니다.</string>
   <string name="error_reading_config_file">설정 파일 읽기 오류</string>
   <string name="add_profile">프로파일 추가</string>
   <string name="import_could_not_open">가져온된 설정 파일에 언급 된 파일 %1$s를 찾을 수 없습니다.</string>
@@ -148,7 +148,7 @@
   <string name="no_bind">로컬 바인딩 안함</string>
   <string name="import_configuration_file">구성 파일 가져오기</string>
   <string name="faq_security_title">보안 고려 사항</string>
-  <string name="faq_security">"OpenVPN은 보안에 민감하기 때문에 보안에 관련된 부분을 알고가는것이 현명합니다. SD카드의 있는 데이터는 기본적으로 보안이 취약합니다. 모든 앱이 읽을 수 있기 때문입니다 (예로 이 프로그램 또한 SD카드의 읽기 권한이 필요없습니다). 본앱의 데이터는 본앱만이 읽을 수 있습니다. cacert/cert/key를 파일 탐색기의 가져오기 옵션을 사용하면 데이터는 VPN 프로파일 내에 저장됩니다. VPN 프로파일은 본앱만이 접근할 수 있습니다. (잊지말고 SD카드에 있는 것을 삭제하세요). 접근은 본앱만이 가능하더라도 데이터는 암호화가 되어있지 않습니다. 루팅을 비롯한 다른 방법을 악용하여 데이터를 빼낼 수 있습니다. 암호 또한 일반 텍스트로 저장되어 있습니다. pkcs12 파일은 안드로이드 keystore에 보관할것을 강력하게 추천합니다."</string>
+  <string name="faq_security">"OpenVPN은 보안에 민감하기 때문에 보안에 관련된 부분을 알고가는것이 현명합니다. SD 카드에 있는 데이터는 모든 앱이 읽을 수 있기 때문에 보안이 취약합니다. (이 OpenVPN 앱은 SD 카드 읽기 권한이 필요없습니다) 이 OpenVPN 앱의 데이터는 이 OpenVPN 앱만이 읽을 수 있습니다. cacert/cert/key를 파일 탐색기의 가져오기 옵션을 사용하면 데이터는 VPN 프로파일 내에 저장됩니다. 이 VPN 프로파일은 이 OpenVPN 앱만이 접근할 수 있습니다. (잊지 말고 SD 카드에 남아있는 파일들을 삭제하세요.) 접근은 이 OpenVPN 앱만 가능하더라도 데이터는 암호화가 되어 있지 않습니다. 루팅을 비롯한 다른 악의적인 방법으로 데이터를 빼낼 수 있습니다. 암호 또한 일반 텍스트로 저장되어 있습니다. pkcs12 파일은 안드로이드 keystore에 보관할 것을 강력하게 추천합니다."</string>
   <string name="import_vpn">가져오기</string>
   <string name="broken_image_cert_title">인증서 선택 표시 오류</string>
   <string name="broken_image_cert">안드로이드 4.0+의 인증서 선택창을 보여주려는 과정에서 예외가 발생됐습니다. 안드로이드 4.0+의 표준 기능임으로 이 같은 일은 일어나면 안됩니다. 어쩌면 인증서 저장소에 대한 귀하의 안드로이드 ROM 지원이 깨졌습니다.</string>
@@ -182,7 +182,7 @@
   <string name="error_rsa_sign">안드로이드 keystore 키 %1$s: %2$s과 싸이닝 오류</string>
   <string name="faq_system_dialogs">시스템에서는 VPN연결 경고를 통해 당신에게 본앱이 모든 트래픽을 가로챌수있다는 점을 알리게 되어 있는데 이는 VPNService API가 남용하는것을 막기 위함입니다.\nVPN 연결 알림 (키 아이콘) 또한 안드로이드 시스템에서 부과하는 부분이며 이는 VPN연결을 알리는 신호입니다. 어떤 버전에서는 소리를 알림으로 사용하는 경우도 있습니다.\n안드로이드는 이같은 방법을 당신의 안전을 위해 도입하였으며 사용은 필수적입니다. (어떤 버전에서는 유감스럽게도 소리 알림 또한 포함됩니다.)</string>
   <string name="faq_system_dialogs_title">연결 경고 및 알림 소리</string>
-  <string name="translationby">한국어 번역 (주)기가드 안규태&lt;ktdann@gmail.com></string>
+  <string name="translationby">우리말 번역에 참여해주세요.</string>
   <string name="ipdns">IP 와 DNS</string>
   <string name="basic">기본</string>
   <string name="routing">라우팅</string>
@@ -201,9 +201,9 @@
   <string name="using_proxy">프록시 %1$s %2$d 을 사용</string>
   <string name="use_system_proxy">시스템 프록시를 사용</string>
   <string name="use_system_proxy_summary">연결시 전 시스템 설정에 있는 HTTP/HTTPS 프록시를 사용합니다.</string>
-  <string name="donatewithpaypal">당신은 &lt;a href=\"https://www.paypal.com/cgi-bin/webscr?hosted_button_id=R2M6ZP9AF25LS&amp;amp;cmd=_s-xclick\"&gt;PayPal을 사용하여 기부할 수 있습니다.&lt;/a&gt; </string>
+  <string name="donatewithpaypal">당신은 &lt;a href=\"https://www.paypal.com/cgi-bin/webscr?hosted_button_id=R2M6ZP9AF25LS&amp;amp;cmd=_s-xclick\"&gt;PayPal을 통해 기부할 수 있습니다.&lt;/a&gt; </string>
   <string name="onbootrestartsummary">OpenVPN은 시스템 재부팅/종료에 활성화 되었으면 VPN을 다시 연결합니다. 이 옵션을 사용 하기 전에 연결 경고 FAQ를 읽어 보시기 바랍니다.</string>
-  <string name="onbootrestart">재부팅시 다시 연결</string>
+  <string name="onbootrestart">재시작 후 다시 연결</string>
   <string name="ignore">무시</string>
   <string name="restart">다시 시작</string>
   <string name="restart_vpn_after_change">VPN을 다시 시작한 후 설정 변경 내용이 적용 됩니다. VPN을 지금 (재)시작?</string>
@@ -211,13 +211,13 @@
   <string name="log_no_last_vpn">편집을 위해 마지막으로 연결 된 프로파일을 확인할 수 없습니다.</string>
   <string name="faq_duplicate_notification_title">중복 알림</string>
   <string name="faq_duplicate_notification">안드로이드는 시스템의 메모리 (RAM) 가 부족한 경우, 현재 필요하지 않는 앱들과 서비스들을 활성화 메모리에서 삭제합니다. 이 과정에서 진행중인 VPN 연결이 끊어 집니다. 이렇게 되지 않기 위해서 OpenVPN 서비스는 우선순위가 높게 되어 실행됩니다. 높은 우선 순위로 실행되기 위해서는 응용프로그램에서 이를 알림으로 표시해야 합니다. 키 알림 아이콘은 이전 FAQ에서 설명된 대로 시스템에서 강요하기 때문입니다. 이것은 우선 순위가 높이 실행된다는 알림에 대한 알림이 아닙니다.</string>
-  <string name="no_vpn_profiles_defined">VPN 프로파일이 정의 않됐습니다.</string>
+  <string name="no_vpn_profiles_defined">VPN 프로파일이 없습니다.</string>
   <string name="add_new_vpn_hint">이 &lt;img src=\"ic_menu_add\"/&gt; 아이콘을 사용하여 VPN을 추가 하세요</string>
   <string name="vpn_import_hint">이 &lt;img src=\"ic_menu_archive\"/&gt; 아이콘을 사용하여 귀하의 sdcard에서 기존 (.ovpn 또는 .conf) 프로파일을 가져오세요.</string>
   <string name="faq_hint">꼭 FAQ를 확인 하세요. 빠른 시작 가이드가 있습니다.</string>
   <string name="faq_routing_title">라우팅/인터페이스 설정</string>
   <string name="persisttun_summary">OpenVPN을 다시 연결 하는 경우 VPN 연결 없음으로 표기하지 마십시오.</string>
-  <string name="persistent_tun_title">tun 유지</string>
+  <string name="persistent_tun_title">지속적인 TUN</string>
   <string name="openvpn_log">OpenVPN 로그</string>
   <string name="import_config">OpenVPN 설정 가져오기</string>
   <string name="battery_consumption_title">배터리 소모</string>
@@ -311,8 +311,11 @@
   <string name="unhandled_exception_context">%3$s: %1$s\n\n%2$s</string>
   <string name="full_licenses">전체 라이센스</string>
   <string name="userpw_file">사용자 이름/암호 파일</string>
+  <string name="imported_from_file">%s 에서 가져옴</string>
   <string name="mssfix_invalid_value">MSS override의 값은 0과 9000 사이의 정수이어야합니다</string>
   <string name="loading">로드 중...</string>
+  <string name="allowed_vpn_apps_info">VPN을 사용할 앱들: %1$s</string>
+  <string name="disallowed_vpn_apps_info">VPN을 사용하지 않을 앱들: %1$s</string>
   <string name="keep">유지</string>
   <string name="delete">삭제</string>
   <string name="payload_options">페이로드 옵션</string>
diff --git a/app/src/main/res/values-nl/strings-icsopenvpn.xml b/app/src/main/res/values-nl/strings-icsopenvpn.xml
index e05b9105..da57e5e0 100755
--- a/app/src/main/res/values-nl/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-nl/strings-icsopenvpn.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!--Generated by crowdin.com-->
 <!--
-  ~ Copyright (c) 2012-2014 Arne Schwabe
+  ~ Copyright (c) 2012-2016 Arne Schwabe
   ~ Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
   -->
 <resources>
diff --git a/app/src/main/res/values-no/strings-icsopenvpn.xml b/app/src/main/res/values-no/strings-icsopenvpn.xml
index d4fa66a4..b227c4b6 100755
--- a/app/src/main/res/values-no/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-no/strings-icsopenvpn.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!--Generated by crowdin.com-->
 <!--
-  ~ Copyright (c) 2012-2014 Arne Schwabe
+  ~ Copyright (c) 2012-2016 Arne Schwabe
   ~ Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
   -->
 <resources>
diff --git a/app/src/main/res/values-pl/strings-icsopenvpn.xml b/app/src/main/res/values-pl/strings-icsopenvpn.xml
index 0e76b956..04b8f56c 100755
--- a/app/src/main/res/values-pl/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-pl/strings-icsopenvpn.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!--Generated by crowdin.com-->
 <!--
-  ~ Copyright (c) 2012-2014 Arne Schwabe
+  ~ Copyright (c) 2012-2016 Arne Schwabe
   ~ Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
   -->
 <resources>
diff --git a/app/src/main/res/values-pt/strings-icsopenvpn.xml b/app/src/main/res/values-pt/strings-icsopenvpn.xml
index 155f9c8a..994c8cc2 100755
--- a/app/src/main/res/values-pt/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-pt/strings-icsopenvpn.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!--Generated by crowdin.com-->
 <!--
-  ~ Copyright (c) 2012-2014 Arne Schwabe
+  ~ Copyright (c) 2012-2016 Arne Schwabe
   ~ Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
   -->
 <resources>
diff --git a/app/src/main/res/values-ro/strings-icsopenvpn.xml b/app/src/main/res/values-ro/strings-icsopenvpn.xml
index ded69fb7..856ffb06 100755
--- a/app/src/main/res/values-ro/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-ro/strings-icsopenvpn.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!--Generated by crowdin.com-->
 <!--
-  ~ Copyright (c) 2012-2014 Arne Schwabe
+  ~ Copyright (c) 2012-2016 Arne Schwabe
   ~ Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
   -->
 <resources>
diff --git a/app/src/main/res/values-ru/strings-icsopenvpn.xml b/app/src/main/res/values-ru/strings-icsopenvpn.xml
index 921b5342..f7419e2c 100755
--- a/app/src/main/res/values-ru/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-ru/strings-icsopenvpn.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!--Generated by crowdin.com-->
 <!--
-  ~ Copyright (c) 2012-2014 Arne Schwabe
+  ~ Copyright (c) 2012-2016 Arne Schwabe
   ~ Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
   -->
 <resources>
@@ -180,6 +180,7 @@
   <string name="keychain_nocacert">Не удалось получить CA из хранилища ключей Android. Аутентификация не удалась.</string>
   <string name="show_log_summary">Показывает окно журнала при подключении. Окно журнала всегда может быть доступно из панели уведомлений.</string>
   <string name="show_log_window">Показать окно журнала</string>
+  <string name="mobile_info">%10$s %9$s работает на %3$s %1$s (%2$s), Android %6$s (%7$s) API %4$d, ABI %5$s, (%8$s)</string>
   <string name="error_rsa_sign">Ошибка подписи с использованием ключа из хранилища Android %1$s: %2$s</string>
   <string name="faq_system_dialogs">Предупреждение VPN соединения сообщает вам, что это приложение может перехватывать весь сетевой трафик, и сообщается системой предупреждений VPNService API.\nИзвещение о VPN соединении (символ \"Ключа\") также формируется системой Android для сигнализации исходящего VPN соединения. В некоторых прошивках это оповещение сопровождается сигналом.\nAndroid использует эти оповещения для вашей собственной безопасности и из нельзя обойти. (К сожалению, на некоторых прошивках также издается оповещение звуком)</string>
   <string name="faq_system_dialogs_title">Сообщение о подключении и звук уведомления</string>
@@ -372,4 +373,19 @@
   <string name="custom_connection_options_warng">Укажите особые пользовательские параметры подключения. Используйте с осторожностью</string>
   <string name="custom_connection_options">Пользовательские Параметры</string>
   <string name="remove_connection_entry">Удалить запись подключения</string>
+  <string name="ab_kitkat_reconnect_title">Случайные разъединения от мобильной сети</string>
+  <string name="ab_vpn_reachability_44_title">Удаленные сети недоступны</string>
+  <string name="ab_persist_tun_title">Принудительный режим tun</string>
+  <string name="version_and_later">%s и выше</string>
+  <string name="tls_cipher_alert_title">Неудачное соединение с SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure</string>
+  <string name="tls_cipher_alert">Новые версии OpenVPN для Android (0.6.29/Март 2015) используют более безопасные настройки по умолчанию для разрешенных наборов шифров (tls-шифрование \"DEFAULT:!EXP:!PSK:!SRP:!kRSA\"). К сожалению, прекращение использования менее безопасных наборов шифров и экспортирование наборов шифров, а особенно прекращение использования наборов шифров, которые не поддерживают Perfect Forward Secrecy (Diffie-Hellman), приводит к возникновению некоторых проблем. Обычно это происходит из-за изначально полезной, но плохо реализованной попытки усиления безопасности TLS путем установки tls-шифрования на сервере или некоторых встроенных ОС с урезанным SSL (например, MikroTik).\nЧтобы решить эту проблему, установите настройки tls-шифрования на сервере на разумные по умолчанию, такие как tls-шифрование \"DEFAULT:!EXP:!PSK:!SRP:!kRSA\". Чтобы обойти проблему на клиенте, добавьте отдельную настройку tls-шифрования tls-cipher DEFAULT в Android-клиент.</string>
+  <string name="Search">Поиск</string>
+  <string name="lastdumpdate">(Последний дамп создан %1$d ч. и %2$d м. назад (%3$s))</string>
+  <string name="clear_log_on_connect">Очищать журнал при новом соединении</string>
+  <string name="connect_timeout">Время ожидания соединения</string>
+  <string name="protocol">Протокол</string>
+  <string name="enabled_connection_entry">Включено</string>
+  <string name="months_left">%d мес. осталось</string>
+  <string name="days_left">%d д. осталось</string>
+  <string name="hours_left">%d ч. осталось</string>
 </resources>
diff --git a/app/src/main/res/values-sl/strings-icsopenvpn.xml b/app/src/main/res/values-sl/strings-icsopenvpn.xml
index fb14e67e..28634668 100755
--- a/app/src/main/res/values-sl/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-sl/strings-icsopenvpn.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!--Generated by crowdin.com-->
 <!--
-  ~ Copyright (c) 2012-2014 Arne Schwabe
+  ~ Copyright (c) 2012-2016 Arne Schwabe
   ~ Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
   -->
 <resources>
@@ -395,4 +395,10 @@
   <string name="months_left">Preostalih še %d mesecev</string>
   <string name="days_left">Preostalih še %d dni</string>
   <string name="hours_left">Preostalih še %d ur</string>
+  <string name="permission_revoked">OS je preklical dovoljenje VPN (npr. zagnan je bil drug program VPN), ustavljanje VPN-a</string>
+  <string name="pushpeerinfo">Potisni podatke o soležniku</string>
+  <string name="pushpeerinfosummary">Pošlji dodatne podatke na strežnik, npr. različico SSL in Android</string>
+  <string name="pw_request_dialog_title">Zahtevano %1$s</string>
+  <string name="pw_request_dialog_prompt">Vnesite geslo za profil %1$s</string>
+  <string name="menu_use_inline_data">Uporabi podatke v besedilu</string>
 </resources>
diff --git a/app/src/main/res/values-sv/strings-icsopenvpn.xml b/app/src/main/res/values-sv/strings-icsopenvpn.xml
index b7510ef1..075de908 100755
--- a/app/src/main/res/values-sv/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-sv/strings-icsopenvpn.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!--Generated by crowdin.com-->
 <!--
-  ~ Copyright (c) 2012-2014 Arne Schwabe
+  ~ Copyright (c) 2012-2016 Arne Schwabe
   ~ Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
   -->
 <resources>
@@ -103,6 +103,9 @@
   <string name="last_openvpn_tun_config">Öppnar tun gränssnittet:</string>
   <string name="local_ip_info">Lokal IPv4: %1$s/%2$d IPv6: %3$s MTU: %4$d</string>
   <string name="dns_server_info">DNS-Server: %1$s, Domän: %2$s</string>
+  <string name="routes_info_incl">Rutter: %1$s %2$s</string>
+  <string name="routes_info_excl">Rutter uteslutna: %1$s %2$s</string>
+  <string name="routes_debug">VpnService rutter installerade: %1$s %2$s</string>
   <string name="ip_not_cidr">Fick gränssnitts informationen %1$s och %2$s, förutsätter att andra adressen är peer adressen på fjärrservern. Använder nätmask /32 för lokal IP. Satus på OpenVPN är \"%3$s\".</string>
   <string name="route_not_cidr">Förstår inte %1$s och %2$s som IP rutt med CIDR netmask, där /32 används som nätmask.</string>
   <string name="route_not_netip">Korrigerad rutt %1$s/%2$s till %3$s/%2$s</string>
@@ -124,6 +127,7 @@
   <string name="no_vpn_support_image">Din ROM stöder inte VPNService API, ledsen :(</string>
   <string name="encryption">Kryptering</string>
   <string name="cipher_dialog_title">Ange krypteringsmetod</string>
+  <string name="chipher_dialog_message">Ange den krypteringsalogritm som skall användas av OpenVPN. Lämna tomt för att använda standardalgoritm.</string>
   <string name="auth_dialog_message">Ange den autentiserings digest som används för OpenVPN. Lämna tom för att använda standard digest.</string>
   <string name="settings_auth">Autentisering/kryptering</string>
   <string name="file_explorer_tab">Filutforskare</string>
@@ -176,6 +180,7 @@
   <string name="keychain_nocacert">Inget CA certifikat returnerades från Android Keystore. Autenticering kommer troligen att misslyckas.</string>
   <string name="show_log_summary">Visar loggfönstret vid anslutning. Loggfönstret kan alltid nås från statusgardinen.</string>
   <string name="show_log_window">Visa loggfönstret</string>
+  <string name="mobile_info">%10$s %9$s körs på %3$s %1$s (%2$s), Android %6$s (%7$s) API %4$d, ABI %5$s, (%8$s)</string>
   <string name="error_rsa_sign">Fel vid signering med Android keystore nyckeln %1$s: %2$s</string>
   <string name="faq_system_dialogs">Varningen vid VPN-anslutning som berättar att denna app kan avlyssna all trafik utfärdas av systemet för att förhindra missbruk av VPNService API.\nNotifieringen om VPN-anslutning (nyckelsymbolen) tillhandahålles också av Android-systemet för att signalera en pågående VPN-anslutning. På vissa ROM spelar denna notifiering ett ljud.\nAndroid har infört dessa dialogrutor och notifieringar för din egen säkerhet och kan inte undvikas. (På vissa ROM innehåller dessa tyvärr ljud)</string>
   <string name="faq_system_dialogs_title">Anslutnings varning och ljud</string>
@@ -188,6 +193,7 @@
   <string name="export_config_title">ICS OpenVPN konfiguration</string>
   <string name="warn_no_dns">Inga DNS-servrar används. Namnuppslag kommer kanske inte fungera. Överväg att namnge egna DNS-servrar. Observera även att Android kommer att fortsätta att använda dina proxyinställningar som anges för din mobildata/Wi-Fi-anslutning när inga DNS-servrar är konfigurerade.</string>
   <string name="dns_add_error">Kunde inte lägga till DNS-servern \"%1$s\", förkastades av systemet: %2$s</string>
+  <string name="ip_add_error">Det gick inte att konfigurera IP-adress \"%1$s\", avvisades av systemet: %2$s</string>
   <string name="faq_howto">&lt;p&gt;Hämta en fungerande konfiguration (testad på din dator eller nerladdad från din leverantör/organisation)&lt;/p&gt;&lt;p&gt;Om det är en enda fil utan extra pem/pks12 filer kan du maila den till dig själv och öppna den bifogade filen. Om du har flera filer lägg dem på ditt sd-kort.&lt;/p&gt;&lt;p&gt;Klicka på den i mailet bifogade filen/Användning mappikonen i VPN-listan för att importera konfigurationsfilen&lt;/p&gt;&lt;p&gt;Om det ger fel ang. saknade filer lägg dessa på ditt sd-kort.&lt;/p&gt;&lt;p&gt;Klicka på spara symbolen för att lägga till den importerade konfigurationen i VPN-listan&lt;/p&gt;&lt;p&gt;Anslut din VPN genom att klicka på konfigurationsnamnet&lt;/p&gt;&lt;p&gt;Om det finns fel eller varningar i loggen försöka förstå dessa varningar/fel och försök att åtgärda dem&lt;/p&gt; </string>
   <string name="faq_howto_title">Snabbstart</string>
   <string name="setting_loadtun_summary">Prova att ladda kärnmodulen tun.ko innan du försöker ansluta. Kräver root.</string>
@@ -266,12 +272,60 @@
   <string name="tls_remote_deprecated">TLS-remote (ej längre i bruk)</string>
   <string name="help_translate">Du kan hjälpa till med översättningen genom att besöka http://crowdin.net/project/ics-openvpn/invite</string>
   <string name="prompt">%1$s försöker styra %2$s</string>
+  <string name="remote_warning">Genom att fortsätta ger du applikationen tilstånd att fullständigt styra OpenVPM för Android och att avlyssna all nätverkstrafik. <b>Acceptera INTE om du inte litar på applikationen.</b> Annars riskerar du att din data äventyras av skadlig programvara.\"</string>
   <string name="remote_trust">Jag litar på denna applikation.</string>
   <string name="no_external_app_allowed">Ingen app får använda externa API</string>
   <string name="allowed_apps">Tillåtna apps: %s</string>
   <string name="clearappsdialog">Rensa lista över tillåtna externa apps? \nNuvarande lista över tillåtna apps:\n\n%s</string>
+  <string name="screenoff_summary">\"Pause VPN när skärmen är avstängd och mindre än 64 kB överförda data i 60s. När \"Ihållande Tun\" är aktiverat kommer pausning av VPN att lämna enheten UTAN nätverksanslutning. Utan \"Ihållande Tun\" alternativet kommer enheten inte att ha någon VPN-anslutning / skydd.</string>
   <string name="screenoff_title">Pausa VPN-anslutningen efter att skärmen stängts av</string>
   <string name="screenoff_pause">Pausa anslutning när skärmen är avstängd: mindre än %1$s i %2$ss</string>
   <string name="screen_nopersistenttun">Varning: Permanent tun är inte aktiverat för denna VPN. Trafiken kommer att använda den normala Internet-anslutning när skärmen är avstängd.</string>
   <string name="save_password">Spara lösenord</string>
+  <string name="pauseVPN">Pausa VPN</string>
+  <string name="resumevpn">Återuppta VPN</string>
+  <string name="state_userpause">VPN paus begärs av användaren</string>
+  <string name="state_screenoff">VPN paus - skärmen av</string>
+  <string name="cannotparsecert">Kan inte visa certifikatinformation</string>
+  <string name="appbehaviour">Ansökan beteende</string>
+  <string name="vpnbehaviour">VPN beteende</string>
+  <string name="allow_vpn_changes">Tillåta ändringar av VPN profiler</string>
+  <string name="hwkeychain">Hårdvara Keystore:</string>
+  <string name="permission_icon_app">Ikonen för appen försöker använda OpenVPN för Android</string>
+  <string name="faq_vpndialog43_title">Vpn Bekräftelse Dialog</string>
+  <string name="donatePlayStore">Alternativt kan du skicka mig en donation med Play Store:</string>
+  <string name="logCleared">Log rensas.</string>
+  <string name="show_password">Visa lösenord</string>
+  <string name="timestamp_short">Kort</string>
+  <string name="timestamp_iso">ISO</string>
+  <string name="timestamps">Tidsstämplar</string>
+  <string name="timestamps_none">Ingen</string>
+  <string name="uploaded_data">Ladda upp</string>
+  <string name="downloaded_data">Hämta</string>
+  <string name="logview_options">Visa alternativ</string>
+  <string name="unhandled_exception_context">%3$s: %1$s\n\n%2$s</string>
+  <string name="blocklocal_title">Kringgå VPN för lokala nätverk</string>
+  <string name="userpw_file">Användarnamn / lösenord fil</string>
+  <string name="imported_from_file">[Importerad från: %s]</string>
+  <string name="import_log">Importloggen:</string>
+  <string name="client_behaviour">Klientens beteende</string>
+  <string name="loading">Laddar...</string>
+  <string name="keep">Ha kvar</string>
+  <string name="delete">Radera</string>
+  <string name="server_list">Serverlista</string>
+  <string name="vpn_allowed_apps">Tillåtna appar</string>
+  <string name="show_log">Visa logg</string>
+  <string name="faq_androids_clients_title">Skillnader mellan OpenVPN Android klienterna</string>
+  <string name="ignore_multicast_route">Ignorera multicast rutt: %s</string>
+  <string name="ab_kitkat_mss">Tidigt KitKat version anger fel MSS värdet på TCP-anslutningar (# 61.948). Försök att göra det möjligt för mssfix möjlighet att kringgå denna bugg.</string>
+  <string name="ab_lollipop_reinstall">VPN appar kan sluta fungera när avinstalleras och installeras igen. För mer information se # 80074</string>
+  <string name="ab_only_cidr_title">Icke CIDR rutter</string>
+  <string name="ab_lollipop_reinstall_title">Installera om VPN appar</string>
+  <string name="version_upto">%s och tidigare</string>
+  <string name="copy_of_profile">Kopia av %s</string>
+  <string name="Search">Sök</string>
+  <string name="protocol">Protokoll</string>
+  <string name="enabled_connection_entry">Aktiverad</string>
+  <string name="days_left">%d dagar kvar</string>
+  <string name="hours_left">%d timmar kvar</string>
 </resources>
diff --git a/app/src/main/res/values-tr/strings-icsopenvpn.xml b/app/src/main/res/values-tr/strings-icsopenvpn.xml
index a9622ff1..9c88acf0 100755
--- a/app/src/main/res/values-tr/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-tr/strings-icsopenvpn.xml
@@ -1,312 +1,310 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!--Generated by crowdin.com-->
 <!--
-  ~ Copyright (c) 2012-2014 Arne Schwabe
+  ~ Copyright (c) 2012-2016 Arne Schwabe
   ~ Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
   -->
 <resources>
 
-  <string name="address">Sunucu adresi:</string>
-  <string name="port">Sunucu Portu:</string>
+  <string name="address">Sunucu Adresi:</string>
+  <string name="port">Sunucu Bağlantı Noktası:</string>
   <string name="location">Konum</string>
-  <string name="cant_read_folder">Dizin Okunamıyor</string>
+  <string name="cant_read_folder">Dizin okunamıyor</string>
   <string name="select">Seç</string>
   <string name="cancel">İptal</string>
   <string name="no_data">Veri Yok</string>
-  <string name="useLZO">LZO sıkıştırma</string>
-  <string name="client_no_certificate">Sertifika yok</string>
-  <string name="client_certificate_title">İstemci sertifikası</string>
+  <string name="useLZO">LZO Sıkıştırma</string>
+  <string name="client_no_certificate">Sertifika Yok</string>
+  <string name="client_certificate_title">İstemci Sertifikası</string>
   <string name="client_key_title">İstemci Sertifika Anahtarı</string>
   <string name="client_pkcs12_title">PCKCS12 Dosyası</string>
   <string name="ca_title">CA Sertifikası</string>
   <string name="no_certificate">Bir sertifika seçmelisiniz</string>
-  <string name="copyright_guicode">Kaynak kodu ve sorun izcisine http://code.google.com/p/ics-openvpn/ buradan ulaşablirsiniz</string>
-  <string name="copyright_others">Bu program, aşağıdaki bileşenleri kullanır; tam bilgi için lisanslardaki kaynak koduna bakınız</string>
-  <string name="about">Hakkında 
-</string>
+  <string name="copyright_guicode">Kaynak kodu ve sorun takipçisine http://code.google.com/p/ics-openvpn/ adresinden ulaşabilirsiniz</string>
+  <string name="copyright_others">Bu program, aşağıdaki bileşenleri kullanır; tam bilgi için lisanslardaki kaynak koduna bakın</string>
+  <string name="about">Hakkında</string>
   <string name="vpn_list_title">Profiller</string>
   <string name="vpn_type">Tür</string>
-  <string name="pkcs12pwquery">PKCS12 Şifresi</string>
-  <string name="file_select">Seçiniz&#8230;</string>
+  <string name="pkcs12pwquery">PKCS12 Parolası</string>
+  <string name="file_select">Seç&#8230;</string>
   <string name="file_nothing_selected">Bir dosya seçmelisiniz</string>
   <string name="useTLSAuth">TLS Kimlik Doğrulamasını Kullan</string>
-  <string name="tls_direction">TLS yönü</string>
-  <string name="ipv6_dialog_tile">CIDR formatında IPv6 Adresi/Ağ maskesi girin (örneğin 2000:dd::23/64)</string>
-  <string name="ipv4_dialog_title">IPv4 adresi/ağ maskesi CIDR biçimi (örneğin 1.2.3.4/24) girin</string>
+  <string name="tls_direction">TLS Yönü</string>
+  <string name="ipv6_dialog_tile">CIDR biçiminde IPv6 adresi/ağ maskesi girin (örneğin 2000:dd::23 / 64)</string>
+  <string name="ipv4_dialog_title">CIDR biçiminde IPv4 Adresi/Ağ Maskesi girin (örneğin 1.2.3.4/24)</string>
   <string name="ipv4_address">IPv4 Adresi</string>
-  <string name="ipv6_address">IPv6 adresi</string>
-  <string name="custom_option_warning">Özel OpenVPN seçenekleri girin.Dikkatli kullanın.Ayrıca tun kullanan VPN ler tasarlanan bu program tarafından desteklenmiyor.Eğer özel bir seçenek eksikliği olduğunu düşünüyorsanız geliştirici ile iletişime geçin</string>
+  <string name="ipv6_address">IPv6 Adresi</string>
+  <string name="custom_option_warning">Özel OpenVPN seçeneklerini girin. Dikkatli kullanın. Ayrıca tun ile ilgili OpenVPN ayarları VPNSettings tasarımı nedeniyle program tarafından desteklenmiyor. Önemli bir seçeneğin eksik olduğunu düşünüyorsanız geliştirici ile iletişime geçin</string>
   <string name="auth_username">Kullanıcı Adı</string>
-  <string name="auth_pwquery">Şifre</string>
-  <string name="static_keys_info">Statik yapılandırma için TLS Auth Keys statik anahtar olarak kullanılacak</string>
-  <string name="configure_the_vpn">VPN\'i Yapılandırın</string>
+  <string name="auth_pwquery">Parola</string>
+  <string name="static_keys_info">Statik yapılandırma için TLS Kimlik Doğrulama Anahtarları statik anahtar olarak kullanılacak</string>
+  <string name="configure_the_vpn">VPN\'i Yapılandır</string>
   <string name="menu_add_profile">Profil Ekle</string>
   <string name="add_profile_name_prompt">Yeni profili tanımlayan bir isim girin</string>
   <string name="duplicate_profile_name">Benzersiz bir profil adı girin</string>
   <string name="profilename">Profil Adı</string>
-  <string name="no_keystore_cert_selected">Kullanıcı sertifikası seçmelisiniz</string>
+  <string name="no_keystore_cert_selected">Bir kullanıcı sertifikası seçmelisiniz</string>
   <string name="no_error_found">Hiçbir hata bulunamadı</string>
-  <string name="config_error_found">Yapılandırma hatası</string>
+  <string name="config_error_found">Yapılandırmada Hata</string>
   <string name="ipv4_format_error">IPv4 adresi ayrıştırma hatası</string>
   <string name="custom_route_format_error">Özel yolları ayrıştırma hatası</string>
-  <string name="pw_query_hint">(Talep üzerine sorgulamak için boş bırakın)</string>
+  <string name="pw_query_hint">(talep üzerine sorgulamak için boş bırakın)</string>
   <string name="vpn_shortcut">OpenVPN Kısayolu</string>
   <string name="vpn_launch_title">VPN\'e Bağlan</string>
   <string name="shortcut_profile_notfound">Kısayolu belirtilen profil bulunamadı</string>
-  <string name="random_host_prefix">Rastgele host ön eki</string>
-  <string name="random_host_summary">Host ismine 6 rasgele karakter ekler</string>
-  <string name="custom_config_title">Özel seçenekleri etkinleştir</string>
-  <string name="custom_config_summary">Özel seçenekleri belirleyin.Dikkatli kullanın!</string>
+  <string name="random_host_prefix">Rastgele Ana Makine Ön Eki</string>
+  <string name="random_host_summary">Makine ismine 6 rastgele karakter ekler</string>
+  <string name="custom_config_title">Özel Seçenekleri Etkinleştir</string>
+  <string name="custom_config_summary">Özel seçenekleri belirleyin. Dikkatli kullanın!</string>
   <string name="route_rejected">Yol Android tarafından reddedildi</string>
-  <string name="cancel_connection">Bağlantıyı kes</string>
-  <string name="cancel_connection_long">VPN bağlantısını kes</string>
-  <string name="clear_log">Kayıtları temizle</string>
-  <string name="title_cancel">Onayı İptal et</string>
-  <string name="cancel_connection_query">Bağlı VPN bağlantısını keseyim / bağlantı girişimini iptal edeyim mi?</string>
-  <string name="remove_vpn">VPN kaldırın</string>
-  <string name="check_remote_tlscert">(- Uzak-CERT-tls sunucu) sunucu TLS Sunucu uzantıları ile bir sertifika kullanır olmadığını kontrol eder</string>
-  <string name="check_remote_tlscert_title">TLS sunucu sertifikasını bekleyin</string>
-  <string name="remote_tlscn_check_summary">Uzak sunucu sertifika konusunu DN kontrol eder</string>
-  <string name="remote_tlscn_check_title">Sertifika sunucu adı kontrol</string>
-  <string name="enter_tlscn_dialog">Uzaktan sertifika DN doğrulamak için kullanılan onay belirtin (örneğin C = DE, L = Paderborn, OU = Kuş IP Taşıyıcılar, CN = openvpn.blinkt.de) \ n \ tam DN veya RDN (openvpn.blinkt.de nBuörnek) ya da doğrulama için bir RDN önek. \ n \ nWhen RDN önek \"Sunucu\" ile \"Sunucu-1\" ve \"Sunucu-2\" ile eşleşir \ n \ boş metin alanına ana bilgisayar adı, sunucu karşı RDN kontrol edecektir nLeaving. \ n \ nBu daha fazla bilgi OpenVPN 2.3.1 + man sayfasına altında-kontrol-x509-adını görmek</string>
+  <string name="cancel_connection">Bağlantıyı Kes</string>
+  <string name="cancel_connection_long">VPN Bağlantısını Kes</string>
+  <string name="clear_log">kayıtları temizle</string>
+  <string name="title_cancel">İptal Onayı</string>
+  <string name="cancel_connection_query">Bağlı VPN bağlantısını kesilsin veya bağlantı girişimini iptal edilsin mi?</string>
+  <string name="remove_vpn">VPN\'i Kaldır</string>
+  <string name="check_remote_tlscert">Sunucunun TLS Sunucu uzantıları ile bir sertifika kullanıp kullanmadığını denetler (--remote-cert-tls server)</string>
+  <string name="check_remote_tlscert_title">TLS sunucu sertifikası bekle</string>
+  <string name="remote_tlscn_check_summary">Uzak Sunucu Sertifika Konu DN\'sini denetler</string>
+  <string name="remote_tlscn_check_title">Sertifika Makine Adı Denetimi</string>
+  <string name="enter_tlscn_dialog">Uzak sertifika DN\'sini doğrulamak için kullanılan denetimi belirtin (örn. C=TR, L=Ankara, OU=IP Sağlayıcı, CN=openvpn.blinkt.de)\n\nTam DN veya RDN\'yi belirtin (örnekte openvpn.blinkt.de) veya doğrulama için bir RDP ön eki.\n\nRDN ön eki kullanıldığında \"Sunucu\" \"Sunucu-1\" ve \"Sunucu-2\" ile eşleşir\n\nMetin alanını boş bırakmak, RDN\'i sunucu makine adına karşı denetleyecektir.\n\nDaha fazla bilgi için bkz. OpenVPN 2.3.1+ man sayfası konusu —verify-x509-name</string>
   <string name="enter_tlscn_title">Uzak sertifika konusu</string>
-  <string name="tls_key_auth">TLS Anahtar Kimlik Doğrulaması sağlar</string>
+  <string name="tls_key_auth">TLS Anahtar Kimlik Doğrulamasını etkinleştirir</string>
   <string name="tls_auth_file">TLS Kimlik Doğrulama Dosyası</string>
-  <string name="pull_on_summary">İstekler IP adresleri, sunucudan yolları ve zamanlama seçenekleri.</string>
-  <string name="pull_off_summary">Herhangi bir bilgi sunucudan istenir. Ayarlar aşağıda belirtildiği gibidir.</string>
-  <string name="use_pull">Ayarlarını çekin</string>
+  <string name="pull_on_summary">Sunucudan IP adresleri, rotalar ve zamanlama seçeneklerini talep eder.</string>
+  <string name="pull_off_summary">Sunucudan hiçbir bilgi talep edilmez. Ayarlar aşağıda belirtilmelidir.</string>
+  <string name="use_pull">Ayarları Çek</string>
   <string name="dns">DNS</string>
-  <string name="override_dns">Sunucusu tarafından DNS ayarları geçersiz</string>
-  <string name="dns_override_summary">Kendi DNS Sunucularını kullanın</string>
-  <string name="searchdomain">Arama Etki Alanı</string>
-  <string name="dns1_summary">DNS Sunucusu kullanılacak.</string>
-  <string name="dns_server">DNS Serveri</string>
-  <string name="secondary_dns_message">Ikinci DNS Serveri Kullan Normal DNS Serveri Erişilmezse.</string>
-  <string name="backup_dns">DNS Sunucusunu Yedekle</string>
-  <string name="ignored_pushed_routes">Itilmiş rotalar göz ardı</string>
-  <string name="ignore_routes_summary">Yoksay sunucu tarafından itti yönlendirilir.</string>
-  <string name="default_route_summary">Tüm trafiği VPN üzerinden kullan</string>
+  <string name="override_dns">Sunucusu DNS ayarlarını geçersiz kıl</string>
+  <string name="dns_override_summary">Kendi DNS Sunucularınızı kullanın</string>
+  <string name="searchdomain">aramaEtkiAlanı</string>
+  <string name="dns1_summary">Kullanılacak DNS Sunucusu.</string>
+  <string name="dns_server">DNS Sunucusu</string>
+  <string name="secondary_dns_message">Normal DNS Sunucusu erişimi yapılamazsa ikincil DNS Sunucusunu kullan.</string>
+  <string name="backup_dns">Yedek DNS sunucusu</string>
+  <string name="ignored_pushed_routes">İtilmiş rotaları göz ardı et</string>
+  <string name="ignore_routes_summary">Sunucu tarafından itilmiş yolları yoksay.</string>
+  <string name="default_route_summary">Tüm trafiği VPN üzerinden yönlendirir</string>
   <string name="use_default_title">Varsayılan Yolu kullan</string>
-  <string name="custom_route_message">Özel yolları girin. CIDR biçimde tek hedef girin. \"10.0.0.0 / 8 2002 :: / 16\" ağlar VPN üzerinden 10.0.0.0 / 8 ve 2002 :: / 16 doğrudan.</string>
-  <string name="custom_route_message_excluded">VPN üzerinden yönlendirilir olmaMAlıdır Yolları. Dahil rotalar için aynı sözdizimini kullanın.</string>
+  <string name="custom_route_message">Özel yolları girin. Sadece CIDR biçimde hedef girin. \"10.0.0.0/8 2002::/16\", 10.0.0.0/8 ve 2002::/16 ağlarını VPN üzerinden yönlendirecek.</string>
+  <string name="custom_route_message_excluded">Rotalar VPN üzerinden YÖNLENDİRİLMEMELİDİR. Dahil edilen rotalarda olduğu gibi sözdizimi kullanın.</string>
   <string name="custom_routes_title">Özel Yollar</string>
   <string name="custom_routes_title_excluded">Dışlanan Ağlar</string>
-  <string name="log_verbosity_level">Ayrıntı düzeyi Log</string>
-  <string name="float_summary">Herhangi bir IP kimlik doğrulaması paketlerini sağlar</string>
-  <string name="float_title">Herhangi bir IP kimlik doğrulaması paketlerini sağlar</string>
+  <string name="log_verbosity_level">Günlük ayrıntı düzeyi</string>
+  <string name="float_summary">Herhangi bir IP\'den doğrulanmış paketlere izin verir</string>
+  <string name="float_title">Yüzen sunucuya izin ver</string>
   <string name="custom_options_title">Özel Seçenekler</string>
-  <string name="edit_vpn">VPN Ayarlarını düzenle</string>
-  <string name="remove_vpn_query">VPN profilleri kaldırılsın mı \'%s\'?</string>
-  <string name="tun_error_helpful">Bazı özel ICS görüntülerde / dev / tun üzerinde izni yanlış olabilir, ya da tun modülünü tamamen eksik olabilir. CM9 görüntüleri genel ayarlar altında düzeltme mülkiyet seçeneğini deneyin</string>
+  <string name="edit_vpn">VPN Ayarlarını Düzenle</string>
+  <string name="remove_vpn_query">VPN profili \'%s\' kaldırılsın mı?</string>
+  <string name="tun_error_helpful">Bazı özel ICS kalıplarında /dev/tun izni yanlış ya da tun modülü tamamen eksik olabilir. CM9 görüntüleri için genel ayarlar altında sahipliği düzeltme seçeneğini deneyin</string>
   <string name="tun_open_error">Tun arayüzü açılamadı</string>
-  <string name="error">"Hata:"</string>
+  <string name="error">"Hata: "</string>
   <string name="clear">Temizle</string>
-  <string name="last_openvpn_tun_config">Açılış tun arabirimi:</string>
+  <string name="last_openvpn_tun_config">Açılan tun arayüzü:</string>
   <string name="local_ip_info">Yerel IPv4: %1$s/%2$d IPv6: %3$s MTU: %4$d</string>
-  <string name="dns_server_info">DNS sunucusu: %1$s, etki alanı: %2$s</string>
-  <string name="routes_info_incl">Routes: %1$s %2$s</string>
-  <string name="routes_info_excl">Routes excluded: %1$s %2$s</string>
-  <string name="routes_debug">VPN Servis Yolları Yüklendi: %1$s %2$s</string>
-  <string name="ip_not_cidr">Arabirim bilgileri %1$s ve %2$s var, tabii ikinci eş adresi uzaktan adresidir. /32 Kullanarak için yerel IP ağ maskesi. OpenVPN tarafından verilen \"%3$s\" modudur.</string>
-  <string name="route_not_cidr">%1$s ve %2$s olarak IP yolu ile CIDR ağ maskesi, ağ maskesi /32 kullanarak yapamazsınız.</string>
-  <string name="route_not_netip">Rota %1$s/%2$s %3$s/%2$s için düzeltilmiş</string>
-  <string name="keychain_access">Android Anahtarlık sertifika erişemiyor. Bu bir yazılım yükseltmesi veya app/app ayarları bir yedeğini geri yükleme tarafından kaynaklanabilir. Lütfen VPN düzenlemek ve sertifikanın sertifika erişim izni yeniden oluşturmak için temel ayarları altında yeniden seçin.</string>
+  <string name="dns_server_info">DNS sunucusu: %1$s, Etki alanı: %2$s</string>
+  <string name="routes_info_incl">Yollar: %1$s %2$s</string>
+  <string name="routes_info_excl">Dışlanan yollar: %1$s %2$s</string>
+  <string name="routes_debug">Yüklenen Vpn Hizmet yolları: %1$s %2$s</string>
+  <string name="ip_not_cidr">Arayüz bilgisi %1$s ve %2$s alındı. İkinci adresin uzak adres eşi olduğu varsayılıyor. Yerel IP için /32 ağ maskesi kullanılıyor. OpenVPN tarafından belirtilmiş kip \"%3$s\".</string>
+  <string name="route_not_cidr">CIDR ağ maskesi ile %1$s ve %2$s IP rotası olarak anlam ifade etmiyor, ağ maskesi olarak /32 kullanılıyor.</string>
+  <string name="route_not_netip">Rota %1$s/%2$s, %3$s/%2$s olarak düzeltildi</string>
+  <string name="keychain_access">Android Anahtarlık Sertifikalarına erişemiyor. Bu bir donanım yazılım yükseltmesi veya bir uygulama/uygulama ayarlarının yedeğinin geri yüklenmesinden dolayı kaynaklanabilir. Lütfen VPN\'i düzenleyin ve sertifikanın sertifika erişim iznini yeniden oluşturmak üzere temel ayarları altında yeniden seçin.</string>
   <string name="version_info">%1$s %2$s</string>
   <string name="send_logfile">Günlük dosyasını gönder</string>
   <string name="send">Gönder</string>
   <string name="ics_openvpn_log_file">ICS OpenVPN günlük dosyası</string>
-  <string name="copied_entry">Panoya kopyalanan günlük girdisi</string>
-  <string name="tap_mode">Moda dokunun</string>
-  <string name="faq_tap_mode">Dokunun modu olmayan kök VPN API ile mümkün değildir. Bu nedenle bu uygulama dokunun destek sağlayamaz</string>
-  <string name="tap_faq2">Yine? Dalga mı geçiyorsun? Hayır, dokunun modu gerçekten desteklenmez ve bu desteklenecektir soran daha fazla posta gönderme değil yardımcı olacaktır.</string>
-  <string name="tap_faq3">Üçüncü kez? Aslında, bir yazabilirsiniz bir Katman2 bilgi göndermek eklemek ve şerit Katman2 bilgi tun dayalı bir dokunun emülatör alırsınız. Ama bu dokunun emülatör da ARP ve muhtemelen bir DHCP istemci uygulamak gerekir. Herkes bu yönde herhangi bir işi farkında değilim. Bu konuda kodlama başlatmak istiyorsanız bana ulaşın.</string>
-  <string name="faq">Sık Sorulan Sorular</string>
-  <string name="copying_log_entries">Günlük girdisi kopyalama</string>
-  <string name="faq_copying">Bir tek günlük girişi basın kopyalamak ve günlük girdisi üzerinde tutun. Tüm günlük kopyala ve gönderme göndermek günlük seçeneğini kullanın. Görünür değil Eğer GUI donanım menü düğmesini kullanın.</string>
-  <string name="faq_shortcut">Kısayolları başlatmak için</string>
-  <string name="faq_howto_shortcut">Masaüstünüzde OpenVPN başlatmak için bir kısayol yerleştirebilirsiniz. Homescreen programınıza bağlı olarak bir kısayol ya da bir widget eklemeniz gerekecek.</string>
-  <string name="no_vpn_support_image">Görüntü VPNService API desteklemiyor, özür :(</string>
+  <string name="copied_entry">Günlük girdisi panoya kopyalandı</string>
+  <string name="tap_mode">Tap Kipi</string>
+  <string name="faq_tap_mode">Tap Kipi kök olmayan VPN API\'si ile mümkün değil. Bu nedenle bu uygulama tap desteği sağlayamaz</string>
+  <string name="tap_faq2">Yine mi? Dalga mı geçiyorsun? Hayır, tap kipi gerçekten desteklenmiyor ve fazla posta göndererek desteklenip desteklenmeyeceğini sormak bir şeyi değiştirmeyecek.</string>
+  <string name="tap_faq3">Üçüncü kez? Aslında, biri tun tabanlı bir tap öykünücüsü yazabilir. Bu gönderirken layer2 bilgisi ekleyip, alırken layer2 bilgisini ayıklayabilir. Ancak bu tap öykünücüsü ARP\'yi ve muhtemelen DHCP istemcisini de sağlamalı. Bu yönde bir çalışma yapan birini tanımıyorum. Bu konuda kodlamaya başlamak istiyorsanız bana ulaşın.</string>
+  <string name="faq">SSS</string>
+  <string name="copying_log_entries">Günlük girdilerini kopyalama</string>
+  <string name="faq_copying">Bir tek günlük girişi kopyalamak için günlük girdisine basın ve tutun. Tüm günlüğü kopyalamak ve göndermek için Günlük Gönder seçeneğini kullanın. Bu menü arayüzde görünmüyorsa donanım menü tuşunu kullanın.</string>
+  <string name="faq_shortcut">Başlatma kısayolu</string>
+  <string name="faq_howto_shortcut">Masaüstünüzde OpenVPN başlatmak için bir kısayol yerleştirebilirsiniz. Ana sayfa programınıza bağlı olarak bir kısayol ya da bir widget eklemeniz gerekecek.</string>
+  <string name="no_vpn_support_image">Kalıbınız VPNService API\'sini desteklemiyor, üzgünüm :(</string>
   <string name="encryption">Şifreleme</string>
-  <string name="cipher_dialog_title">Şifreleme yöntemi girin</string>
+  <string name="cipher_dialog_title">Şifreleme yöntemini gir</string>
   <string name="chipher_dialog_message">OpenVPN tarafından kullanılan şifreleme algoritmasını girin. Varsayılan şifrelemeyi kullanmak için boş bırakın.</string>
-  <string name="auth_dialog_message">OpenVPN için kullanılan kimlik doğrulamasını özet girin. Varsayılan özeti kullanmak için boş bırakın.</string>
-  <string name="settings_auth">Kimlik doğrulama/şifreleme</string>
+  <string name="auth_dialog_message">OpenVPN için kullanılan kimlik doğrulama özetini girin. Varsayılan özeti kullanmak için boş bırakın.</string>
+  <string name="settings_auth">Kimlik Doğrulama/Şifreleme</string>
   <string name="file_explorer_tab">Dosya Gezgini</string>
-  <string name="inline_file_tab">Satır içi dosya</string>
+  <string name="inline_file_tab">Satır İçi Dosya</string>
   <string name="error_importing_file">Dosya alınırken hata oluştu</string>
   <string name="import_error_message">Dosya sistemindeki dosya içe aktarılamadı</string>
-  <string name="inline_file_data">[[Satır içi dosya veri]]</string>
+  <string name="inline_file_data">[[Satır içi dosya verisi]]</string>
   <string name="opentun_no_ipaddr">IP bilgisi olmadan tun cihazı açmayı reddediyor</string>
-  <string name="menu_import">Ovpn dosyası alma profili</string>
-  <string name="menu_import_short">Alma</string>
-  <string name="import_content_resolve_error">Profil alma için okunamadı</string>
+  <string name="menu_import">Profili ovpn dosyasından içe aktar</string>
+  <string name="menu_import_short">İçe Aktar</string>
+  <string name="import_content_resolve_error">Profil içe aktarmak için okunamadı</string>
   <string name="error_reading_config_file">Yapılandırma dosyası okuma hatası</string>
   <string name="add_profile">Profil ekle</string>
-  <string name="import_could_not_open">Alınan yapılandırma dosyasında belirtilen dosya %1$s bulunamadı</string>
-  <string name="importing_config">Kaynak %1$s yapılandırma dosyası alma</string>
-  <string name="import_warning_custom_options">Senin yapılandırma kullanıcı arabirimi yapılandırmaları için eşleştirilmemiş birkaç yapılandırma seçenekleri vardı. Bu seçenekler özel yapılandırma seçenekleri eklenmiştir. Özel yapılandırma aşağıda görüntülenir:</string>
-  <string name="import_done">Yapılandırma dosyası okuması bitmiş.</string>
-  <string name="nobind_summary">Yerel adresi ve bağlantı noktası için bağlama yapmak</string>
-  <string name="no_bind">Hiçbir yerel bağlama</string>
+  <string name="import_could_not_open">Alınan yapılandırma dosyasında belirtilen %1$s dosyası bulunamadı</string>
+  <string name="importing_config">%1$s kaynağından yapılandırma dosyası alınıyor</string>
+  <string name="import_warning_custom_options">Yapılandırmanızın arayüz yapılandırmalarına eşlenmemiş birkaç ayarı bulunuyordu. Bu seçenekler özel yapılandırma seçenekleri olarak eklendi. Özel yapılandırma aşağıda görüntüleniyor:</string>
+  <string name="import_done">Yapılandırma dosyası okuması bitti.</string>
+  <string name="nobind_summary">Yerel adrese ve bağlantı noktasına bağlama</string>
+  <string name="no_bind">Hiçbir yerel bağlama yok</string>
   <string name="import_configuration_file">Yapılandırma dosyası al</string>
   <string name="faq_security_title">Güvenlik konuları</string>
-  <string name="faq_security">OpenVPN güvenlik duyarlı olduğu gibi güvenlik hakkında birkaç not mantıklı bulunmaktadır. Sdcard üzerindeki tüm verileri doğal olarak güvensiz. Her app (örneğin bu program herhangi özel bir sd kartı hak gerektirir) okuyabilirsiniz. Bu uygulama verileri yalnızca uygulama tarafından okunabilir. Cacert/cert/anahtarında dosya iletişim kutusu için içe aktarma seçeneğini kullanarak verileri VPN profilinizde saklanır. VPN profilleri yalnızca bu uygulama tarafından erişilebilir. (Daha sonra sd kartta kopyaları sil unutmayın). Bile erişilebilir rağmen bu uygulama tarafından yalnızca verileri hala şifreli değildir. Telefon veya diğer olağanüstü köklenme tarafından veri almak mümkün olabilir. Kurtarmak parola düz metin olarak depolanır. Pkcs12 dosyaları için onları android deposunun almak önerilir.</string>
-  <string name="import_vpn">Alma</string>
+  <string name="faq_security">"OpenVPN\'de güvenlik hassas bir konu olduğundan, güvenlikle ilgili birkaç not yerinde olacak. SD kart üzerindeki tüm veriler başlangıcından beri güvensizdir. Her uygulama okuyabilir (örneğin bu uygulama özel SD kart hakları gerektirmiyor). Bu uygulamanın verisi sadece uygulama tarafından okunabilir. cacert/cert/key için içe aktarma seçeneğini kullanmak, veriyi VPN profilinde saklar. VPN profilleri sadece bu uygulama tarafından okunabilir (ardından SD karttaki kopyalarını silmeyi unutmayın). Sadece bu uygulama tarafından erişilebilir olmasına rağmen, veri hala şifrelenmeden saklanır. Telefonu root\'lamak veya diğer açıklar verinin ele geçirilmesine yol açabilir. Kaydedilen parolalar da düz metin olarak saklanır. PKCS12 dosyalarını Android anahtar deposuna içe aktarmanız şiddetle önerilir."</string>
+  <string name="import_vpn">İçe Aktar</string>
   <string name="broken_image_cert_title">Hata gösteren sertifika seçimi</string>
-  <string name="broken_image_cert">Android 4.0 + göstermeye çalışıyor bir istisna var sertifika seçimi iletişim. Bu hiç bu kadar standart bir özellik olarak Android 4.0 + gerçekleşmesi gerekir. Belki sertifika depolama ortamı için Android ROM destek bozuldu</string>
+  <string name="broken_image_cert">Android 4.0+ sertifika seçim penceresi göstermeye çalışılırken bir istisna durum oluştu. Bu durum, Android 4.0+ sürümlerinde standart bir özellik olduğundan asla olmamalı. Sertifika depolamasını destekleyen Android ROM\'unuz bozuk olabilir</string>
   <string name="ipv4">IPv4</string>
   <string name="ipv6">IPv6</string>
   <string name="speed_waiting">Durum iletisi bekleniyor&#8230;</string>
   <string name="converted_profile">içe aktarılan profil</string>
-  <string name="converted_profile_i">İçe aktarılan profil %d</string>
-  <string name="broken_images">Kırık görüntüleri</string>
-  <string name="broken_images_faq">&lt;p&gt; Resmi HTC görüntüleri tünelden değil trafiğe neden garip bir yönlendirme sorunu var için bilinen (Ayrıca bkz: &lt; bir href=\"http://code.google.com/p/ics-openvpn/issues/detail?id=18\" &gt; sorunu 18 &lt;/a&gt; hata izci içinde.)&lt;/p&gt; &lt;p&gt; büyük resmi SONY Xperia Arc S ve görüntüleri Xperia Ray VPNService tamamen görüntüden eksik bildirilmiştir. (Ayrıca bkz: &lt; bir href=\"http://code.google.com/p/ics-openvpn/issues/detail?id=29\" &gt; sayı 29 &lt;/a&gt; hata izci içinde.)&lt;/p&gt; &lt;p&gt; ya da eksik/dev haklarını tun modülü olabilir görüntüleri üzerinde özel yapı/tun-ebilmek var olmak yanlış. Bazı CM9 görüntü \"etkin aygıt belirli kesmek\" altında \"mülkiyet saptamak\" seçeneği gerek. &lt;/p&gt; &lt;p&gt; en önemlisi: cihazınızda kopuk Android resmi varsa, senin satıcısına bildirin. Daha fazla kişi kim daha onlar bunu &lt;/p&gt; düzeltmek için olabilir satıcıya, sorun bildir</string>
-  <string name="pkcs12_file_encryption_key">PKCS12 Dosya şifreleme anahtarı</string>
-  <string name="private_key_password">Özel Anahtar Şifresi</string>
-  <string name="password">Şifre</string>
-  <string name="file_icon">Dosya simgesi</string>
-  <string name="tls_authentication">TLS kimlik doğrulama</string>
-  <string name="generated_config">Oluşturulan yapılandırma</string>
+  <string name="converted_profile_i">%d profili içe aktarıldı</string>
+  <string name="broken_images">Bozuk Kalıplar</string>
+  <string name="broken_images_faq">&lt;p&gt;Resmi HTC kalıpları, trafiğin tünelden geçmesini engelleyen garip yönlendirme sorunlarına sahip (Ayrıca hata izleyicisinde bkz. &lt;a href=\"https://github.com/schwabe/ics-openvpn/issues/18\"&gt;Issue 18&lt;/a&gt;.)&lt;/p&gt;&lt;p&gt;Daha eski resmi Xperia Arc S ve Xperia Ray SONY kalıpları, VPNService\'in kalıplardan tamamen kaldırdığı bildirildi (Ayrıca hata izleyicisinde bkz. &lt;a href=\"https://github.com/schwabe/ics-openvpn/issues/29\"&gt;Issue 29&lt;/a&gt;.)&lt;/p&gt;&lt;p&gt;Özel derleme kalıplarında, tun modülü eksik veya /dev/tun yetkileri hatalı olabilir. Bazı CM9 kalıplarının \"Aygıta bağlı ayarlar (Device specific hacks)\" altında \"İzinleri düzelt (Fix ownership)\" seçeneğini kullanmaları gereklidir.&lt;/p&gt;&lt;p&gt;En önemlisi: Cihazınızda bozuk bir Android kalıbı varsa, üreticinize bildirin. Ne kadar çok kişi bu sorunu üreticiye bildirirse, o kadar düzeltilme şansı olur.&lt;/p&gt;</string>
+  <string name="pkcs12_file_encryption_key">PKCS12 Dosya Şifreleme Anahtarı</string>
+  <string name="private_key_password">Özel Anahtar Parolası</string>
+  <string name="password">Parola</string>
+  <string name="file_icon">dosya simgesi</string>
+  <string name="tls_authentication">TLS Kimlik Doğrulama</string>
+  <string name="generated_config">Oluşturulan Yapılandırma</string>
   <string name="generalsettings">Ayarlar</string>
-  <string name="owner_fix_summary">Sisteme /dev/tun sahibi çalışır. Bazı CM9 görüntüleri bu işe VPNService API yapmak gerekir. Kök gerektirir.</string>
-  <string name="owner_fix">/ Dev / tun sahipliğini düzeltmek</string>
-  <string name="generated_config_summary">Oluşturulan OpenVPN yapılandırma dosyası göster</string>
+  <string name="owner_fix_summary">/dev/tun sahipliğini sisteme vermeye çalışır. Bazı CM9 kalıpları VPNService API\'sinin çalışabilmesi için buna ihtiyaç duyar. Root gerektirir.</string>
+  <string name="owner_fix">/dev/tun sahipliğini düzeltmek</string>
+  <string name="generated_config_summary">Oluşturulan OpenVPN Yapılandırma Dosyasını gösterir</string>
   <string name="edit_profile_title">\"%s\" düzenleme</string>
-  <string name="building_configration">Yapılandırma binası&#8230;</string>
-  <string name="netchange_summary">Ağ durumu (örneğin WiFi üzerinden cep telefonlarına/cep) değiştirdiyseniz bu seçeneği açmak yeniden bağlantı zorlar</string>
-  <string name="netchange">Ağ değişikliği üzerinde yeniden bağlan</string>
+  <string name="building_configration">Yapılandırma derleniyor&#8230;</string>
+  <string name="netchange_summary">Bu seçeneği açmak, bir ağ durumu değiştiğinde yeniden bağlanmaya zorlayacaktır (örn. Kablosuz / Mobil ağ geçişi)</string>
+  <string name="netchange">Ağ değişikliği durumunda yeniden bağlan</string>
   <string name="netstatus">Ağ Durumu: %s</string>
-  <string name="extracahint">Sertifika yetkilisi sertifikası genellikle Android deposunun döndürülür. Sertifika doğrulama hataları alırsanız ayrı bir sertifika belirtin.</string>
-  <string name="select_file">Seçin</string>
-  <string name="keychain_nocacert">Hayır CA sertifikasını okurken Android deposunu döndürdü. Kimlik doğrulama muhtemelen başarısız olur.</string>
-  <string name="show_log_summary">Bağlama kütüğü penceresi üzerinde gösterir. Kütüğü penceresi her zaman bildirim durumu erişilebilir.</string>
-  <string name="show_log_window">Günlüğü penceresini göster</string>
+  <string name="extracahint">Sertifika yetkilisi sertifikası genellikle Android anahtar deposundan döndürülür. Sertifika doğrulama hataları alırsanız ayrı bir sertifika belirtin.</string>
+  <string name="select_file">Seç</string>
+  <string name="keychain_nocacert">Android anahtar deposundan okunurken hiçbir CA Sertifikası döndürülmedi. Kimlik doğrulama muhtemelen başarısız olacak.</string>
+  <string name="show_log_summary">Bağlantıda günlük penceresini gösterir. Günlük, her zaman bildirim durumundan erişilebilir.</string>
+  <string name="show_log_window">Günlük penceresini göster</string>
   <string name="mobile_info">%10$s %9$s %3$s %1$s (%2$s), Android %6$s (%7$s) API %4$d, ABI %5$s, (%8$s) üzerinde çalışıyor</string>
-  <string name="error_rsa_sign">Android deposunun anahtarı %1$s %2$s ile imzalama hatası</string>
-  <string name="faq_system_dialogs">Bu app tüm trafiği geçirebilir belirten VPN bağlantısı uyarı dayatılan VPNService API.\nThe VPN bağlantısının istismarını önlemek için sistem tarafından bildirim (anahtar simgesi) da devam eden bir VPN bağlantısı sinyal için Android sistem tarafından uygulanmaktadır. Bu bildirim çalış bazı görüntülerde ses. \nAndroid kendi güvenliğiniz için bu sistem diyaloglar tanıttı ve circumenvented olamaz emin oldum. (Bazı görüntülerde bu unfortunely notifciation ses içerir)</string>
-  <string name="faq_system_dialogs_title">Bağlantı uyarı ve bildirim sesi</string>
-  <string name="translationby">İngilizce Çeviri: Arne</string>
+  <string name="error_rsa_sign">Android deposu anahtarını %1$s %2$s ile imzalama hatası</string>
+  <string name="faq_system_dialogs">VPN bağlantı uyarısı, VPNService API\'sinin kötüye kullanımını önlemek için bu uygulamanın sistem tarafından oluşturulan tüm trafiği izleyebileceğini söylüyor.\nVPN bağlantı bildirimi (anahtar simgesi) ayrıca giden bir VPN bağlantısı olduğunu belirtmek için Android sistemi tarafından gösteriliyor. Bazı kalıplarda bu bildirim bir ses çalar.\nAndroid bu sistem pencerelerini kendi güvenliğiniz için koydu ve aşılmasını engelledi.</string>
+  <string name="faq_system_dialogs_title">Bağlantı uyarısı ve bildirim sesi</string>
+  <string name="translationby">Türkçe Çeviri: Volkan Gezer &lt;volkangezer@gmail.com&gt;</string>
   <string name="ipdns">IP ve DNS</string>
   <string name="basic">Temel</string>
-  <string name="routing">Yönlendiriliyor</string>
-  <string name="obscure">OpenVPN ayarları belirsiz. Normalde gerekmez.</string>
+  <string name="routing">Yönlendirme</string>
+  <string name="obscure">Belirsiz OpenVPN ayarları. Normalde gerekmez.</string>
   <string name="advanced">Gelişmiş</string>
-  <string name="export_config_title">ICS Opnvpn Yapılandırma</string>
-  <string name="warn_no_dns">Kullanılan DNS sunucusu yok. Ad çözümlemesi çalışmıyor olabilir. Özel DNS sunucularını ayarlamayı düşünün. Ayrıca Android cep/Wi-Fi bağlantınız için DNS sunucusu ayarlandığında belirtilen proxy ayarlarını kullanmaya devam unutmayın.</string>
-  <string name="dns_add_error">DNS sunucusu sistem tarafından reddedilen %1$s, eklenemedi: %2$s</string>
-  <string name="ip_add_error">IP adresi \"%1$s\"yapılandırılamadı ,sistem tarafından reddedildi: %2$s</string>
-  <string name="faq_howto">(bilgisayarınızdaki veya sağlayıcı/organizasyon yüklenebilir test) bir çalışma config &lt;p&gt; olsun &lt;/p&gt; &lt;p&gt; Hayır hiçbir ilave pem/pks12 ile tek bir dosya dosyaları ise dosyayı kendiniz e-posta ve eki açın. Birden çok dosya varsa koymak onları üstünde senin sd kartı &lt;/p&gt; &lt;p&gt; e-posta eki/kullanım üzerinde klasör simgesini tıklatın, sd eksik dosyaları koyun dosyaları eksik hakkında hatalar varsa config dosyasının &lt;/p&gt; &lt;p&gt; almak için vpn listedeki kayıt tıklayın kartı &lt;/p&gt; &lt;p&gt; sembol alınan VPN &lt;/p&gt; VPN listenize eklemek için &lt;p &gt; VPN varsa hata veya uyarılar günlüğüne uyarı/hata anlamak ve onları &lt;/p&gt; gidermek çalışın VPN &lt;/p&gt; &lt;p&gt; adını tıklatarak bağlanmak </string>
+  <string name="export_config_title">ICS Opnvpn Yapılandırması</string>
+  <string name="warn_no_dns">Kullanılan DNS sunucusu yok. Ad çözümlemesi çalışmıyor olabilir. Özel DNS sunucularını ayarlamayı düşünün. Ayrıca Android mobil/kablosuz bağlantınız için DNS sunucusu ayarlanmadığında belirtilen vekil sunucu ayarlarını kullanmaya devam ettiğini unutmayın.</string>
+  <string name="dns_add_error">DNS sunucusu \"%1$s\" sistem tarafından reddedildi, eklenemedi: %2$s</string>
+  <string name="ip_add_error">IP adresi \"%1$s\" sistem tarafından reddedildi, yapılandırılamadı: %2$s</string>
+  <string name="faq_howto">&lt;p&gt;Çalışan bir yapılandırma edinin (bilgisayarınızda test edilmiş veya kurumunuzdan alınmış)&lt;/p&gt;&lt;p&gt;Ek pem/pkcs12 dosyaları bulunmayan tek bir dosya ise, dosyayı kendinize e-posta olarak gönderebilir ve eki açabilirsiniz. Birden fazla dosya varsa, SD kartınıza koyun.&lt;/p&gt;&lt;p&gt;Yapılandırma dosyasını içe aktarmak için e-posta ekine tıklayın/VPN listesindeki klasör simgesini kullanın&lt;/p&gt;&lt;p&gt;Eksik dosyalar ile ilgili hata mesajı varsa, eksik dosyaları SD kartınıza koyun.&lt;/p&gt;&lt;p&gt;İçe aktarılan VPN\'yi VPN listenize eklemek için kaydet simgesine tıklayın.&lt;/p&gt;&lt;p&gt;VPN\'ye, adına tıklayarak bağlanın&lt;/p&gt;&lt;p&gt;Günlükte hata veya uyarı varsa, uyarı/hataları anlamaya ve düzeltmeye çalışın&lt;/p&gt; </string>
   <string name="faq_howto_title">Hızlı Başlangıç</string>
-  <string name="setting_loadtun_summary">Bağlanmadan önce tun.ko yüklemeyi deneyin.Root edilmiş cihazlar gerekli.</string>
+  <string name="setting_loadtun_summary">Bağlanmadan önce tun.ko çekirek modülünü yüklemeyi deneyin. Root edilmiş cihazlar gerekli.</string>
   <string name="setting_loadtun">Tun modülünü yükle</string>
-  <string name="importpkcs12fromconfig">PKCS12 yapılandırma Android deposunun içine alma</string>
-  <string name="getproxy_error">Proxy ayarları alınırken hata oluştu: %s</string>
-  <string name="using_proxy">Proxy %1$s %2$d kullanarak</string>
-  <string name="use_system_proxy">Sistem proxy kullan</string>
-  <string name="use_system_proxy_summary">Sistem geniş yapılandırma HTTP/HTTPS proxy için bağlanmak için kullanın.</string>
-  <string name="donatewithpaypal">Şunları yapabilirsiniz &lt;a href=\"https://www.paypal.com/cgi-bin/webscr?hosted_button_id=R2M6ZP9AF25LS&amp;amp;cmd=_s-xclick\"&gt;PayPal ile bağış &lt;/a&gt; </string>
-  <string name="onbootrestartsummary">Sistem yeniden başlatma/kapatma üzerinde etkin OpenVPN bir VPN yeniden bağlanır. Bu seçeneği kullanmadan önce bağlantı uyarı SSS okuyun.</string>
+  <string name="importpkcs12fromconfig">PKCS12 yapılandırmasını Android anahtar deposuna alma</string>
+  <string name="getproxy_error">Vekil sunucu ayarları alınırken hata oluştu: %s</string>
+  <string name="using_proxy">%1$s %2$d vekil sunucusu kullanarak</string>
+  <string name="use_system_proxy">Sistem vekil sunucusunu kullan</string>
+  <string name="use_system_proxy_summary">Bağlanmak için sistem çapındaki HTTP/HTTPS vekil sunucularını kullan.</string>
+  <string name="donatewithpaypal">&lt;a href=\"https://www.paypal.com/cgi-bin/webscr?hosted_button_id=R2M6ZP9AF25LS&amp;amp;cmd=_s-xclick\"&gt;PayPal ile bağış&lt;/a&gt; yapabilirsiniz; </string>
+  <string name="onbootrestartsummary">OpenVPN, sistem yeniden başlatma/kapatma sırasında etkinse, tekrar bir VPN\'ye bağlanacak. Lütfen bu seçeneği kullanmadan önce Bağlantı uyarı SSS\'sini okuyun.</string>
   <string name="onbootrestart">Yeniden başlatmada tekrar bağlan</string>
   <string name="ignore">Yoksay</string>
   <string name="restart">Yeniden Başlat</string>
-  <string name="restart_vpn_after_change">Yapılandırma değişiklikleri, VPN yeniden başlattıktan sonra geçerli olur. (Yeniden) VPN şimdi başlıyorsun?</string>
+  <string name="restart_vpn_after_change">Yapılandırma değişiklikleri, VPN yeniden başlattıktan sonra geçerli olur. VPN (yeniden) başlatılsın mı?</string>
   <string name="configuration_changed">Yapılandırma değişti</string>
   <string name="log_no_last_vpn">Düzenleme için son bağlı profil belirlenemedi</string>
   <string name="faq_duplicate_notification_title">Yinelenen bildirimler</string>
-  <string name="faq_duplicate_notification">Android sistem belleği (RAM) basınç altında ise, apps ve hizmet hangi anda gerekli değildir aktif bellekten kaldırılır. Bu devam eden bir VPN bağlantısını sonlandırır. Bağlantı/OpenVPN ile daha yüksek öncelikli hizmet çalışır hayatta emin olmak için. Daha yüksek öncelik ile çalıştırmak için uygulama bir bildirim görüntülemeniz gerekir. Anahtar bildirim simgesini, önceki SSS girdisi içinde açıklandığı gibi sistem tarafından uygulanmaktadır. Daha yüksek öncelik ile çalışan amaç için app bildirim olarak sayılmaz.</string>
+  <string name="faq_duplicate_notification">Android sistem belleği (RAM) altında ise, o anda gerekli olmayan uygulama ve hizmetler etkin bellekten kaldırılır. Bu, süregelen bir VPN bağlantısını durdurur. Bağlantının/OpenVPN\'nin hayatta kalabilmesi için daha yüksek öncelik gerekir. Daha yüksek öncelikte çalışabilmesi için, uygulama bir bildirim görüntülemelidir. Bir önceki SSS girdisinde belirtilen anahtar bildirim simgesi, sistem tarafından gösterilmektedir. Bu, uygulamanın daha yüksek öncelikte çalışmasını sağlayan bildirim niteliği taşımaz.</string>
   <string name="no_vpn_profiles_defined">Tanımlanan VPN profili yok.</string>
-  <string name="add_new_vpn_hint">Kullanım &lt; img src = \"ic_menu_add\" / &gt; yeni bir VPN eklemek için simge</string>
-  <string name="vpn_import_hint">Kullanım &lt; img src = \"ic_menu_archive\" / &gt; simgesi sdcard (.ovpn veya .conf) bir profili almak için.</string>
-  <string name="faq_hint">Ayrıca SSS kontrol etmeyi unutmayın. Hızlı Başlangıç Kılavuzu vardır.</string>
-  <string name="faq_routing_title">Yönlendirme/arabirimi yapılandırması</string>
-  <string name="faq_routing">Yönlendirme ve arayüz konfigürasyonu klasik ifconfig / rota komutlarıyla değil VPNService API kullanarak yapılmaktadır. Bu diğer işletim sistemlerindekinden farklı bir yönlendirme konfigürasyonu gerektirmektedir.\n VPN tünelinin konfigürasyonu IP adresleri ve bu adreslerin bu arayüz üstünden yönlendirileceği ağlardan oluşur. Özellikle hiçbir eş ortak adresi ya da ağ geçidi adresi gerekli degildir. VPN sunucusuna ulaşmak için özel yollar (redirect-gateway kullanıldığında eklenenler gibi) da gerekli değildir. Bu sebepten dolayı uygulama, bir konfigurasyon alırken bu ayarları yoksayar. App, VPN Servis API\'sı ile sunucuyla olan bağlantının VPN tüneline yönlendirilmesini engeller.\n VPN servisi APIsı VPN üstünden yönlendirilmemesi gereken ağların belirtilmesine izin vermemektedir. Çözüm olarak program tünel üstünden yönlendirilmemesi gereken ağları (örneğin x.x.x.x y.y.y.y net_gateway rotası) bulmaya çalışıp bu rotaları içermeyen bir rota grubu oluşturarak diğer işletim sistemlerindeki davranışı oluşturur. Kütük penceresi VPN servisinin bağlantı sonucu oluşan konfigürasyonunu gösterir.\n Arka planda Android 4.4+ kural tabanlı yönlendirme kullanır. route/ifconfig komutları kullanılan rotaları göstermeyecektir. Bu komutlar yerine ip rule, iptables -t mangle -L komutlarını kullanın</string>
-  <string name="persisttun_summary">OpenVPN yeniden bağlamadan zaman VPN bağlantısı değil geri dönüş yap</string>
+  <string name="add_new_vpn_hint">Yeni VPN eklemek için &lt;img src=\"ic_menu_add\"/&gt; simgesini kullanın</string>
+  <string name="vpn_import_hint">SD kartınızdan mevcut bir (.ovpn veya .conf) profili almak için &lt;img src=\"ic_menu_archive\"/&gt; simgesini kullanın.</string>
+  <string name="faq_hint">Ayrıca SSS\'yi kontrol etmeyi unutmayın. Hızlı Başlangıç Kılavuzu içerir.</string>
+  <string name="faq_routing_title">Yönlendirme/Arayüz Yapılandırması</string>
+  <string name="faq_routing">Yönlendirme ve arayüz yapılandırması klasik ifconfig/rota komutlarıyla değil VPNService API kullanarak yapılmaktadır. Bu, diğer işletim sistemlerindekinden farklı bir yönlendirme yapılandırması gerektirmektedir.\nVPN tünelinin yapılandırması, IP adresleri ve bu adreslerin bu arayüz üstünden yönlendirileceği ağlardan oluşur. Özellikle hiçbir eş ortak adresi ya da ağ geçidi adresi gerekli degildir. VPN sunucusuna ulaşmak için özel yollar (redirect-gateway kullanıldığında eklenenler gibi) da gerekli değildir. Bu sebepten dolayı uygulama, bir yapılandırma alırken bu ayarları yoksayar. Uygulama, VPN Servis API\'si ile sunucuyla olan bağlantının VPN tüneline yönlendirilmesini engeller.\nVPNService API\'si VPN üstünden yönlendirilmemesi gereken ağların belirtilmesine izin vermemektedir. Geçici çözüm olarak program, tünel üstünden yönlendirilmemesi gereken ağları (örneğin x.x.x.x y.y.y.y net_gateway rotası) bulmaya çalışıp bu rotaları içermeyen bir rota grubu oluşturarak diğer işletim sistemlerindeki davranışı oluşturur. Günlük penceresi VPNService\'in bağlantı sonucu oluşan yapılandırmasını gösterir.\nKamera Arkası: Android 4.4+ kural tabanlı yönlendirme kullanır. route/ifconfig komutları kullanılan rotaları göstermeyecektir. Bu komutlar yerine ip rule, iptables -t mangle -L komutlarını kullanın</string>
+  <string name="persisttun_summary">OpenVPN yeniden bağlanırken \"VPN bağlantısı yok\" durumuna dönme.</string>
   <string name="persistent_tun_title">Kalıcı tun</string>
-  <string name="openvpn_log">OpenVPN kayıtları</string>
-  <string name="import_config">OpenVPN yapılandırması aktar</string>
+  <string name="openvpn_log">OpenVPN Günlüğü</string>
+  <string name="import_config">OpenVPN yapılandırmasını içe aktar</string>
   <string name="battery_consumption_title">Pil tüketimi</string>
-  <string name="baterry_consumption">Benim kişisel testlerinde yüksek pil tüketimi OpenVPN ana sebebi canlı tutma paketleri var. Bir yapılandırma yönergesi gibi çoğu OpenVPN sunucusu var \' keepalive 10 60 istemci ve sunucu 10 saniyede canlı tutma paketleri alışverişi neden \'. &lt;p&gt; Bunlar süre paketleri küçük ve çok trafik kullanmayın, mobil radyo ağ meşgul ve enerji tüketimini artırır. (Ayrıca bkz: &lt; bir href=\"http://developer.android.com/training/efficient-downloads/efficient-network-access.html#RadioStateMachine\" &gt; Radyo durum makinesi | Android geliştiriciler &lt;/a&gt;) &lt;p&gt; Bu canlı tutma ayarı istemcide değiştirilemez. Yalnızca sistem yöneticisinin OpenVPN in ayarı değiştirebilirsiniz. &lt;p&gt; Ne yazık ki 60 saniyeden daha büyük bir canlı tutma ile UDP kullanarak bazı NAT ağ geçitleri işlem zaman aşımı nedeniyle bağlantıyı kesmek neden olabilir. TCP kullanarak uzun canlı tutma zaman aşımı ile çalışır, ancak TCP TCP üzerinden tünel son derece kötü bağlantılarında yüksek paket kaybı ile gerçekleştirir. (Bkz: &lt; bir href=\"http://sites.inka.de/bigred/devel/tcp-tcp.html\" &gt; neden TCP üzerinden TCP A kötü düşünce &lt;/a&gt;)</string>
-  <string name="faq_tethering">Android hayvan zinciri özelliğin (üzerindeki, WiFi, USB veya Bluetooth) ve VPNService (Bu program tarafından kullanılan) API birlikte çalışmayabilir. Daha fazla ayrıntı için bkz: &lt; bir href=\"http://code.google.com/p/ics-openvpn/issues/detail?id=34\" &gt; #34 &lt;/a&gt; yayın</string>
+  <string name="baterry_consumption">Şahsi testlerimde, OpenVPN\'in yüksek pil tüketiminin sebebi canlı tutma (keepalive) paketleri. Çoğu OpenVPN sunucuları, istemci ve sunucu arasında canlı tutma paketlerini her on saniyede değiştiren \'keepalive 10 60\' benzeri yönergeler bulundurur.&lt;p&gt; Bu paketler çok küçük olduğundan ve çok trafik kullanmadıklarından mobil anten ağını meşgul tutar ve enerji tüketimini arttırırlar. (ayrıca bkz. &lt;a href=\"http://developer.android.com/training/efficient-downloads/efficient-network-access.html#RadioStateMachine\"&gt;The Radio State Machine | Android Developers&lt;/a&gt;) &lt;p&gt; Bu canlı tutma ayarı istemci tarafından değiştirilemez. Ayarı sadece OpenVPN sistem yöneticisi değiştirebilir. &lt;p&gt; Ne yazık ki, canlı tutma ayarını 60 saniyeden daha fazla tutmak UDP\'nin durağan durum zaman aşımına takıldığından bazı NAT ağ geçitlerinde bağlantıyı bırakmalarına sebep olmaktadır. Uzun canlı tutma zaman aşımları TCP kullanarak mümkün, ancak TCP üzerinden TCP tünelleme, yüksek paket kaybı ile bağlantılarda düşük kalitededir (Bkz. &lt;a href=\"http://sites.inka.de/bigred/devel/tcp-tcp.html\"&gt;Why TCP Over TCP Is A Bad Idea&lt;/a&gt;)</string>
+  <string name="faq_tethering">Android Bağlantı Paylaşma özelliği (WiFi, USB veya Bluetooth üzerinden) ve VPNService API\'si (bu program tarafından kullanılan) birlikte çalışamaz. Daha fazla bilgi için bkz. &lt;a href=\"https://github.com/schwabe/ics-openvpn/issues/34\"&gt;issue #34&lt;/a&gt;</string>
   <string name="vpn_tethering_title">VPN ve Paylaşım</string>
   <string name="connection_retries">Yeniden bağlantı denemesi</string>
-  <string name="reconnection_settings">Yeniden Bağlanma ayarları</string>
+  <string name="reconnection_settings">Yeniden bağlanma ayarları</string>
   <string name="connectretrymessage">Bağlantı girişimleri arasında beklenecek saniye sayısı.</string>
-  <string name="connectretrywait">Bağlantılar arasındaki Saniye</string>
-  <string name="minidump_generated">OpenVPN beklenmedik biçimde düştü. Lütfen ana menüde gönder mini döküm seçeneği kullanmayı düşünün</string>
+  <string name="connectretrywait">Bağlantılar arasındaki saniye</string>
+  <string name="minidump_generated">OpenVPN beklenmedik biçimde çöktü. Lütfen ana menüdedeki mini döküm gönder seçeneğini kullanmayı düşünün</string>
   <string name="send_minidump">Geliştiriciye mini döküm gönder</string>
-  <string name="send_minidump_summary">Hata ayıklama bilgisini son hatayı geliştiriciye gönder</string>
+  <string name="send_minidump_summary">Son çökme hakkındaki hata ayıklama bilgisini geliştiriciye gönder</string>
   <string name="notifcation_title">OpenVPN - %s</string>
   <string name="session_ipv4string">%1$s - %2$s</string>
   <string name="session_ipv6string">%1$s - %3$s, %2$s</string>
   <string name="state_connecting">Bağlanıyor</string>
   <string name="state_wait">Sunucudan yanıt bekleniyor</string>
   <string name="state_auth">Kimlik Doğrulanıyor</string>
-  <string name="state_get_config">İstemci yapılandırma alınıyor</string>
-  <string name="state_assign_ip">IP Adresleri Atanıyor</string>
+  <string name="state_get_config">İstemci yapılandırması alınıyor</string>
+  <string name="state_assign_ip">IP adresleri atanıyor</string>
   <string name="state_add_routes">Yollar ekleniyor</string>
   <string name="state_connected">Bağlanıldı</string>
-  <string name="state_disconnected">Bağlantıyı kes</string>
+  <string name="state_disconnected">Bağlantıyı Kes</string>
   <string name="state_reconnecting">Yeniden bağlanıyor</string>
   <string name="state_exiting">Çıkılıyor</string>
   <string name="state_noprocess">Çalışmıyor</string>
   <string name="state_resolve">Ana bilgisayar adları çözümleniyor</string>
-  <string name="state_tcp_connect">(TCP) Bağlanıyor</string>
+  <string name="state_tcp_connect">Bağlanıyor (TCP)</string>
   <string name="state_auth_failed">Kimlik doğrulaması başarısız</string>
   <string name="state_nonetwork">Kullanılabilir ağ için bekleniyor</string>
   <string name="statusline_bytecount">↓%2$s/s %1$s - ↑%4$s/s %3$s</string>
   <string name="notifcation_title_notconnect">Bağlı değil</string>
-  <string name="start_vpn_title">%s VPN bağlanıyor</string>
-  <string name="start_vpn_ticker">%s VPN bağlanıyor</string>
-  <string name="jelly_keystore_alphanumeric_bug">Sertifika deposunun adını (gibi alanlarda, alt çizgi veya tire) sigara alfasayısal karakterler içeriyorsa, bazı yorum-in Android 4.1 sorunları var. Özel karakter içermeyen sertifika yeniden ithalat çalışın</string>
+  <string name="start_vpn_title">VPN %s bağlanıyor</string>
+  <string name="start_vpn_ticker">VPN %s bağlanıyor</string>
+  <string name="jelly_keystore_alphanumeric_bug">Android 4.1\'in bazı sürümleri anahtar deposu alfanümerik olmayan karakterler içeriyorsa (boşluk, alt çizgi veya eksi işareti) sorunlar yaşamaktadır. Sertifikayı özel karakterler olmadan yeniden içe aktarmayı deneyin</string>
   <string name="encryption_cipher">Şifre şifresi</string>
-  <string name="packet_auth">Paket kimlik doğrulama</string>
+  <string name="packet_auth">Paket kimlik doğrulaması</string>
   <string name="auth_dialog_title">Paket kimlik doğrulama yöntemini girin</string>
-  <string name="built_by">%s tarafından inşa</string>
-  <string name="debug_build">hata ayıklama yapı</string>
+  <string name="built_by">%s tarafından derlendi</string>
+  <string name="debug_build">hata ayıklama yapısı</string>
   <string name="official_build">resmi yapı</string>
-  <string name="make_selection_inline">Profili kopyalayın</string>
-  <string name="crashdump">Crashdump</string>
+  <string name="make_selection_inline">Profile kopyala</string>
+  <string name="crashdump">Çökme dökümü</string>
   <string name="add">Ekle</string>
-  <string name="send_config">Yapılandırma dosyasını gönderin</string>
+  <string name="send_config">Yapılandırma dosyasını gönder</string>
   <string name="complete_dn">Tam DN</string>
-  <string name="remotetlsnote">Alınan yapılandırmanızı farklı bir DN biçimini kullanan eski kullanım dışı tls-uzaktan seçeneği kullanılır.</string>
+  <string name="remotetlsnote">İçe aktardığınız yapılandırma, farklı bir DN biçimi kullanan KULLANIM DIŞI bir tls-remote seçeneği kullanıyor.</string>
   <string name="rdn">RDN (ortak ad)</string>
   <string name="rdn_prefix">RDN öneki</string>
-  <string name="tls_remote_deprecated">TLS-uzaktan (kullanım dışı)</string>
-  <string name="help_translate">Http://crowdin.net/project/ics-openvpn/invite ziyaret ederek çeviri yardımcı olabilir</string>
-  <string name="prompt">%2$s denetlemek %1$s çalışır</string>
-  <string name="remote_warning">Devam, tamamen OpenVPN Android için kontrol etmek ve tüm ağ trafiğini kesişmek üzere uygulama izin veriyorsunuz. <b>Yapmak değil uygulama güvenmediğiniz sürece kabul.</b> Aksi takdirde, verilerinizi kötü amaçlı yazılım tarafından tehlikeye sahip riski çalıştırılır.\"</string>
+  <string name="tls_remote_deprecated">tls-remote (KULLANIM DIŞI)</string>
+  <string name="help_translate">http://crowdin.net/project/ics-openvpn/invite ziyaret ederek çevirilere yardımcı olabilirsiniz</string>
+  <string name="prompt">%1$s, %2$s kontrolünü almaya çalışıyor</string>
+  <string name="remote_warning">Devam ederek, uygulamaya tamamen Android için OpenVPN üzerinde denetleme ve tüm ağ trafiğini izleme yetkisini veriyorsunuz. <b>Uygulamaya güvenmiyorsanız kabul ETMEYİN.</b> Aksi takdirde, verilerinizin zararlı bir yazılım tarafından ele geçirilme riskini taşıyorsunuz.\"</string>
   <string name="remote_trust">Bu uygulamaya güveniyorum.</string>
-  <string name="no_external_app_allowed">Harici API\'yi kullanma izniniz yok</string>
-  <string name="allowed_apps">Uygulamalar izni: %s</string>
-  <string name="clearappsdialog">Açıkça izin verilen dış uygulamalar listesini? \nCurrent listesi izin verilen apps:\n\n%s</string>
-  <string name="screenoff_summary">\"Ekran kapalı iken VPN ve 60\'lar daha az 64 kB transfer verilerde duraklatın. VPN duraklatma \"Kalıcı Tun\" seçeneği etkinleştirildiğinde aygıtınız ağ bağlantısı sayesinde bırakacaktır. \"Kalıcı Tun\" seçeneği olmadan aygıt yok VPN bağlantısı/koruma olacak.</string>
+  <string name="no_external_app_allowed">Hiçbir uygulamanın harici API\'yi kullanma izni yok</string>
+  <string name="allowed_apps">İzin verilen uygulamalar: %s</string>
+  <string name="clearappsdialog">İzin verilen harici uygulama listesi temizlensin mi?\nİzin verilen uygulamaların geçerli listesi:\n\n%s</string>
+  <string name="screenoff_summary">Ekran kapalıyken ve 60 sn.\'de 64 kB\'dan daha az veri aktarılmışsa VPN\'i duraklat. \"Kalıcı Tun\" seçeneği etkin iken, VPN\'i duraklatmak cihazınızı SIFIR ağ bağlanabilirliğiyle bırakacak. \"Kalıcı Tun\" seçeneği olmadığında, cihaz VPN bağlantısı/koruması almayacak.</string>
   <string name="screenoff_title">Ekran kapandıktan sonra VPN bağlantısını duraklat</string>
-  <string name="screenoff_pause">Duraklatma bağlantı durumu devre dışı ekran: %1$s %2$ss içinde daha az</string>
-  <string name="screen_nopersistenttun">Uyarı: kalıcı tun bu VPN için etkin değil. Ekran kapalı iken trafik normal Internet bağlantınızı kullanacak.</string>
+  <string name="screenoff_pause">Ekran kapalı durumunda bağlantıyı duraklatıyor: %2$s sn. içinde %1$s\'den daha az veri</string>
+  <string name="screen_nopersistenttun">Uyarı: Kalıcı tun bu VPN için etkin değil. Ekran kapalı iken trafik normal İnternet bağlantınızı kullanacak.</string>
   <string name="save_password">Parolayı Kaydet</string>
-  <string name="pauseVPN">VPN duraklatın</string>
-  <string name="resumevpn">VPN yi çalıştırmaya devam edin</string>
+  <string name="pauseVPN">VPN\'i Duraklat</string>
+  <string name="resumevpn">VPN\'i Devam Ettir</string>
   <string name="state_userpause">Kullanıcı isteğiyle VPN duraklatıldı</string>
-  <string name="state_screenoff">Ekran kapalıyken VPN duraklat</string>
-  <string name="device_specific">Aygıt özellikleri kesmek</string>
-  <string name="cannotparsecert">Sertifika bilgilerini görüntüleyemiyor</string>
-  <string name="appbehaviour">Uygulama davranış</string>
-  <string name="vpnbehaviour">VPN davranış</string>
-  <string name="allow_vpn_changes">VPN Profillerinin değiştirilmesine izin ver
-</string>
-  <string name="hwkeychain">Donanım deposu:</string>
+  <string name="state_screenoff">VPN duraklatıldı - ekran kapalı</string>
+  <string name="device_specific">Aygıta özel Ayarlar</string>
+  <string name="cannotparsecert">Sertifika bilgileri görüntülenemiyor</string>
+  <string name="appbehaviour">Uygulama davranışı</string>
+  <string name="vpnbehaviour">VPN davranışı</string>
+  <string name="allow_vpn_changes">VPN Profillerinin değiştirilmesine izin ver</string>
+  <string name="hwkeychain">Donanım Anahtar Deposu:</string>
   <string name="permission_icon_app">Uygulama simgesi Android için OpenVPN kullanmaya çalışıyor</string>
-  <string name="faq_vpndialog43">"Android 4.3 ile VPN onay başlayan\"overlaying apps\"karşı korunuyor. Bu giriş dokunmaya tepki değil iletişim kutusunda olur. Bindirmeleri kullanan bir uygulama varsa, bu davranışa neden olabilir. Kusurlu bir app temas yazar app bulursanız. Bu sorun tüm VPN uygulamaları Android 4.3 ve daha sonra etkiler. Ayrıca bkz: &lt; bir href=\"http://code.google.com/p/ics-openvpn/issues/detail?id=185\" &gt; sayı 185 &lt;a&gt; ek ayrıntılar için "</string>
-  <string name="faq_vpndialog43_title">VPN Onayla iletişim Android 4.3 ve üstü</string>
-  <string name="donatePlayStore">Alternatif olarak Play Store den bağış yapabilirsiniz.</string>
-  <string name="thanks_for_donation">Bağış için teşekkürler%s!</string>
-  <string name="logCleared">Kayıtlar temizlendi.</string>
-  <string name="show_password">Şifreyi göster</string>
+  <string name="faq_vpndialog43">"Android 4.3\'ten itibaren, VPN onayları \"kaplayan uygulamalara\" karşı güven altına alındı. Bu da pencerenin dokunma girdisine yanıt vermemesiyle sonuçlanır. Kaplamaları kullanan bir uygulamanız varsa, bu davranışa bu uygulama sebep olmuş olabilir. Saldırgan bir uygulama bulursanız, uygulamanın geliştiricisine ulaşın. Bu sorun Android 4.3 ve sonrasındaki tüm VPN uygulamalarını etkilemektedir. Ayrıca ayrıntılar için bkz. &lt;a href=\"https://github.com/schwabe/ics-openvpn/issues/185\"&gt;Issue 185&lt;a&gt;"</string>
+  <string name="faq_vpndialog43_title">VPN Onay Penceresi</string>
+  <string name="donatePlayStore">Alternatif olarak Play Store\'dan bağış yapabilirsiniz:</string>
+  <string name="thanks_for_donation">%s bağış için teşekkürler!</string>
+  <string name="logCleared">Günlük temizlendi.</string>
+  <string name="show_password">Parolayı göster</string>
   <string name="keyChainAccessError">Anahtarlık erişim hatası: %s</string>
   <string name="timestamp_short">Kısa</string>
   <string name="timestamp_iso">ISO</string>
-  <string name="timestamps">Zaman damgaları</string>
+  <string name="timestamps">Zaman Damgaları</string>
   <string name="timestamps_none">Hiçbiri</string>
   <string name="uploaded_data">Yükleme</string>
   <string name="downloaded_data">İndirme</string>
@@ -314,14 +312,20 @@
   <string name="logview_options">Görünüm seçenekleri</string>
   <string name="unhandled_exception">Kural dışı durum: %1$s\n\n%2$s</string>
   <string name="unhandled_exception_context">%3$s: %1$s\n\n%2$s</string>
-  <string name="faq_system_dialog_xposed">Eğer android cihazınızı rootladıysanız &lt;a href=\"http://xposed.info/\"&gt;Xposed &lt;/a&gt; ve &lt;a href=\"http://repo.xposed.info/module/de.blinkt.vpndialogxposed\"&gt;VPN Dialog confirm modülünü&lt;/a&gt; sorumluluğunu kendiniz alarak yükleyebilirsiniz</string>
-  <string name="full_licenses">Lisanslar</string>
-  <string name="blocklocal_title">Yerel ağlar için Bypass VPN</string>
-  <string name="userpw_file">Kullanıcı adı / Şifre dosyası</string>
-  <string name="imported_from_file">[Buradan içeri aktar: %s]</string>
-  <string name="files_missing_hint">Bazı dosyalar bulunamadı. Lütfen profile aktarılacak dosyaları seçiniz:</string>
-  <string name="import_log">Kaydı içe aktar:</string>
-  <string name="mssfix_invalid_value">MSS değeri 0 ile 9000 arasında bir tamsayı olmak zorundadır</string>
+  <string name="faq_system_dialog_xposed"> Android cihazınız root\'lu ise &lt;a href=\"http://xposed.info/\"&gt;Xposed çalışma çerçevesini&lt;/a&gt; ve &lt;a href=\"http://repo.xposed.info/module/de.blinkt.vpndialogxposed\"&gt;VPN Pencere onay modülünü&lt;/a&gt; kendi sorumluluğunuzda yükleyebilirsiniz\"</string>
+  <string name="full_licenses">Tam lisanslar</string>
+  <string name="blocklocal_summary">Doğrudan yerel arabirimlere bağlı ağlar VPN üzerinden yönlendirilmez. Bu seçenekteki işaretin kaldırılması, yerel ağlar için amaçlanmış tüm trafiği VPN\'e yönlendirir.</string>
+  <string name="blocklocal_title">Yerel ağlar için VPN\'i yoksay</string>
+  <string name="userpw_file">Kullanıcı adı/Parola dosyası</string>
+  <string name="imported_from_file">[Buradan içeri aktarıldı: %s]</string>
+  <string name="files_missing_hint">Bazı dosyalar bulunamadı. Lütfen profile aktarılacak dosyaları seçin:</string>
+  <string name="openvpn_is_no_free_vpn">Bu uygulamayı kullanabilmeniz için OpenVPN destekleyen bir VPN sağlayıcısı/VPN ağ geçidine (genellikle işvereniniz tarafından sağlanır) ihtiyacınız var. OpenVPN hakkında daha fazla bilgi ve kendi OpenVPN sunucunuzu nasıl yapılandıracağınızı öğrenmek için http://community.openvpn.net/ adresine bakın.</string>
+  <string name="import_log">Alma günlüğü:</string>
+  <string name="ip_looks_like_subnet">Vpn topolojisi \"%3$s\" belirtildi ancak ifconfig %1$s %2$s daha çok bir ağ maskesi içeren bir IP adresi gibi görünüyor. \"subnet\" topolojisi olarak varsayılacak.</string>
+  <string name="mssfix_invalid_value">MSS geçersiz kılma değeri 0 ile 9000 arasında bir tamsayı olmak zorundadır</string>
+  <string name="mssfix_value_dialog">Tünel üzerinden çalışan TCP oturumlarına, gönderi paket boyutlarını OpenVPN kapladıktan sonra sınırlamalarını, OpenVPN\'nin eşine gönderdiği dönen UDP paket boyutunun bu bayt sayısını aşmayacağını bildir (öntanımlı 1450).</string>
+  <string name="mssfix_checkbox">TCP yükünün MSS değerini geçersiz kıl</string>
+  <string name="mssfix_dialogtitle">TCP yükünün MSS değerini ayarla</string>
   <string name="client_behaviour">İstemci davranışı</string>
   <string name="clear_external_apps">İzin verilmiş harici uygulamaları temizle</string>
   <string name="loading">Yükleniyor&#8230;</string>
@@ -329,43 +333,72 @@
   <string name="disallowed_vpn_apps_info">İzin verilmeyen VPN uygulamaları: %1$s</string>
   <string name="app_no_longer_exists">%s adlı paket artık yüklü değil, izin listesinden çıkarılıyor</string>
   <string name="vpn_disallow_radio">Seçilen uygulamar dışındaki tüm uygulamalar için VPN kullanılır</string>
-  <string name="vpn_allow_radio">Sadece seçilen uygulamar için VPN kullanılır</string>
+  <string name="vpn_allow_radio">Sadece seçilen uygulamalar için VPN kullanılır</string>
   <string name="query_delete_remote">Uzak sunucu girişi kaldırılsın mı?</string>
   <string name="keep">Sakla</string>
   <string name="delete">Sil</string>
-  <string name="add_remote">Yenı uzak sunucu ekle</string>
-  <string name="remote_random">Bağlanmak için bağlantı girişlerini rasgele bir sırada kullan</string>
+  <string name="add_remote">Yeni uzak sunucu ekle</string>
+  <string name="remote_random">Bağlanmak için bağlantı girişlerini rastgele bir sırada kullan</string>
   <string name="remote_no_server_selected">En az bir uzak sunucu tanımlamalı ve etkinleştirmelisiniz.</string>
   <string name="server_list">Sunucu Listesi</string>
-  <string name="vpn_allowed_apps">İzin verilen uygulamalar</string>
+  <string name="vpn_allowed_apps">İzin Verilen Uygulamalar</string>
   <string name="advanced_settings">Gelişmiş Ayarlar</string>
   <string name="payload_options">Yük seçenekleri</string>
   <string name="tls_settings">TLS Ayarları</string>
-  <string name="duplicate_vpn">VPN profilini kopyala</string>
-  <string name="duplicate_profile_title">Profil kopyalama: %s</string>
+  <string name="no_remote_defined">Tanımlanmış uzak makine yok</string>
+  <string name="duplicate_vpn">VPN profilini çoğalt</string>
+  <string name="duplicate_profile_title">Çoğaltılan profil: %s</string>
   <string name="show_log">Günlüğü göster</string>
+  <string name="faq_android_clients">Android için birçok OpenVPN istemcisi mevcut. En çok kullanılanlar Android için OpenVPN (bu istemci), OpenVPN Connect ve OpenVPN Settings\'tir.&lt;p&gt;Bu istemciler iki gruba ayrılabilir. Android için OpenVPN ve OpenVPN Connect, resmi VPNService API (Android 4.0+) kullanır ve root erişimi gerektirmez. Ancak OpenVPN Settings, root gerektirir.&lt;p&gt;Android için OpenVPN açık kaynaklı bir yazılımdır ve  Arne Schwabe tarafından geliştirilmiştir. Daha çok gelişmiş kullanıcılar hedef alınmıştır ve birçok seçenek sunar. Ayrıca uygulama içerisinde profilleri içeri aktarma ve profilleri yapılandırma/değiştirme imkanı sunar. İstemci OpenVPN\'in topluluk sürümü baz alınarak geliştirilmiştir ve OpenVPN 2.x kaynak kodu tabanlıdır. Bu istemci topluluğun yarı resmi istemcisi olarak görülebilir. &lt;p&gt;OpenVPN Connect, OpenVPN Technologies, Inc. tarafından geliştirilmiş kapalı kaynak istemcidir. İstemci genel kullanım istemcisi olup, daha genel kullanıcılara hitap ederek OpenVPN profillerini içe aktarmayı sağlar. Bu istemci OpenVPN protokolünün OpenVPN C++ tekrar geliştirilmiş sürümü tabanlıdır (Bu OpenVPN Technologies, Inc.\'in iOS OpenVPN uygulaması sunabilmesi için gerekliydi). Bu istemci OpenVPN teknolojilerinin resmi istemcisidir &lt;p&gt; OpenVPN Settings ise istemcilerin en eskisi olup, açık kaynak OpenVPN için bir arayüzüdür. Android için OpenVPN\'nin aksine root erişimi gerektirir ve VPNService API\'i kullanmaz. Android 4.0+ gereksinimi yoktur</string>
   <string name="faq_androids_clients_title">Android için OpenVPN uygulamaları aralarındaki farklar</string>
-  <string name="ignore_multicast_route">Multicast rotasını yoksayma:%s</string>
-  <string name="ab_proxy_title">VPN\'ler için Proxy davranışı</string>
-  <string name="ab_lollipop_reinstall_title">VPN uygulamaları yeniden yükleme</string>
+  <string name="ignore_multicast_route">Multicast yolu yoksayılıyor: %s</string>
+  <string name="ab_only_cidr">Android, VPN\'e sadece CIDR rotalarını destekler. CIDR olmayan rotalar neredeyse hiç kullanılmadığından, Android için OpenVPN, rotalar için CIDR olmayan bir /32 kullanacak ve bir uyarı gösterecektir.</string>
+  <string name="ab_tethering_44">Paylaşım sadece VPN etkinken çalışır. Paylaşılan bağlantı VPN\'i KULLANMAYACAKTIR.</string>
+  <string name="ab_kitkat_mss">Önceki KitKat sürümü TCP bağlantılarında MSS değerini yanlış ayarladı (#61948). Bu sorunu geçici olarak çözebilmek için mssfix seçeneğini etkinleştirmeyi deneyin.</string>
+  <string name="ab_proxy">Hiçbir DNS sunucusu ayarlanmadığında Android mobil/kablosuz bağlantı için belirtilmiş vekil sunucu ayarlarını kullanmaya devam edecek. Android için OpenVPN, günlüğünde bunu size gösterecek.<p>VPN bir DNS sunucusu ayarladığında, Android vekil sunucuyu kullanmayacak. Bir VPN bağlantısı için vekil sunucu ayarlamak üzere bir API bulunmamaktadır.</p></string>
+  <string name="ab_lollipop_reinstall">VPN uygulamaları kaldırılıp tekrar yüklendiklerinde çalışmayabilirler. Ayrıntılar için bkz. #80074</string>
+  <string name="ab_not_route_to_vpn">Yapılandırılan istemci IP ve ağ maskesindeki IP adresleri VPN\'e yönlendirilmemektedir. OpenVPN bu sorunu istemci IP ve ağ maskesine çözümlenen bir rote ekleyerek çözmektedir</string>
+  <string name="ab_persist_tun">Persist-tun desteği için kullanılmak üzere bir tun aygıtı etkin iken başka bir tun aygını açmak cihazdaki VPN hizmetlerinin çökmesine neden olur. VPN\'in tekrar çalışması için yeniden başlatma gereklidir. Android için OpenVPN, tun aygıtını yeniden açmayı önlemeye çalışır, ancak gerçekten gerekli olduğunda çökmeyi önlemek için yeni TUN aygıtı açmadan önce geçerli TUN aygıtını kapatır. Bu VPN olmayan bağlantılar üzerinde paketlerin gönderildiği kısa bir aralığa sebep olabilir. Bu çözüme rağmen VPN hizmetleri hala çökmekte ve aygıtınızın yeniden başlatılmasını gerektirir.</string>
+  <string name="ab_secondary_users">VPN ikincil kullanıcılar için hiç çalışmamaktadır.</string>
+  <string name="ab_kitkat_reconnect">"Birçok kullanıcı mobil bağlantı/mobil veri bağlantısının VPN uygulaması kullanırken koptuğunu bildiriyor. Bu davranış bazı mobil operatörü/cihaz kombinasyonunu etkiliyor gibi görünüyor ve şimdiye kadar bu soruna bir çözüm bulunamadı."</string>
+  <string name="ab_vpn_reachability_44">VPN\'siz ulaşılabilen hedefe sadece VPN üzerinde ulaşılabilir. IPv6 VPN\'leri hiç çalışmıyor.</string>
+  <string name="ab_only_cidr_title">CIDR Olmayan Rotalar</string>
+  <string name="ab_proxy_title">VPN\'ler için Vekil Sunucu davranışı</string>
+  <string name="ab_lollipop_reinstall_title">VPN uygulamalarını yeniden yükleme</string>
   <string name="version_upto">%s ve önceki</string>
   <string name="copy_of_profile">%s kopyası</string>
   <string name="ab_not_route_to_vpn_title">Yapılandırılmış IP adresine yönlendir</string>
   <string name="ab_kitkat_mss_title">VPN bağlantısı için yanlış MSS değeri</string>
   <string name="ab_secondary_users_title">İkincil tablet kullanıcıları</string>
-  <string name="custom_connection_options_warng">Özel bağlantı seçenekleri belirtin. Dikkatli kullanın</string>
+  <string name="custom_connection_options_warng">Özel bağlantı seçeneklerini belirtin. Dikkatli kullanın</string>
   <string name="custom_connection_options">Özel Seçenekler</string>
-  <string name="remove_connection_entry">Bağlantı girdisini kaldırın</string>
-  <string name="ab_vpn_reachability_44_title">Uzak ağlar ulaşılamıyor</string>
-  <string name="ab_persist_tun_title">Sürekli tun modu</string>
-  <string name="version_and_later">%s ve daha sonra</string>
-  <string name="crl_file">Sertifika iptal listesi</string>
+  <string name="remove_connection_entry">Bağlantı girdisini kaldır</string>
+  <string name="ab_kitkat_reconnect_title">Mobil ağda rastgele bağlantı kesilmeleri</string>
+  <string name="ab_vpn_reachability_44_title">Uzak ağlara ulaşılamıyor</string>
+  <string name="ab_persist_tun_title">Kalıcı tun kipi</string>
+  <string name="version_and_later">%s ve daha sonrası</string>
+  <string name="tls_cipher_alert_title">Bağlantı SSL23_GET_SERVER_HELLO:sslv3 uyarı el sıkışma hatası ile başarısız oluyor</string>
+  <string name="tls_cipher_alert">Daha yeni Android için OpenVPN sürümleri (0.6.29/Mart 2015) izin verilen şifreleyici takımları için (tls-cipher \"DEFAULT:!EXP:!PSK:!SRP:!kRSA\") daha güvenli varsayılanı kullanıyor. Ancak, Perfect Forward Secrecy (Diffie-Hellman) desteklemeyen daha az güvenli şifreleyici ve dışa aktarıcı şifreleyici takımlarını yoksaymak bazı sorunlara yol açmaktadır. Bu, genellikle TSL güvenliğini sunucuda veya bazı gömülü işletim sistemlerinde arttırmak için tls-cipher ayarlayarak düşürülen SSL (örn. MikroTik) girişiminin iyi amaçlanması ancak zayıf uygulanmasından dolayı meydana gelir. \nBu sorunu çözmek için sunucuda, kullanışlı bir varsayılan değer yapın. Örneğin: tls-cipher \"DEFAULT:!EXP:!PSK:!SRP:!kRSA\". İstemcide bu sorunun geçici çözümü için, Android istemcide tls-cipher DEFAULT özel seçeneğini ekleyin.</string>
+  <string name="message_no_user_edit">Bu profil harici bir uygulama tarafından eklenmiş (%s) ve kullanıcı tarafından düzenlenemez işaretlenmiş.</string>
+  <string name="crl_file">Sertifika İptal Listesi</string>
+  <string name="service_restarted">OpenVPN Hizmeti yeniden başlatılıyor (Uygulama, çöktü veya bellek altında sonlandırıldı)</string>
+  <string name="import_config_error">İçe aktarılan yapılandırma hata bildirdi, kaydedilemez</string>
   <string name="Search">Arama</string>
+  <string name="lastdumpdate">(Son döküm %1$d:%2$dh eski (%3$s))</string>
   <string name="clear_log_on_connect">Yeni bağlantıda günlüğü temizle</string>
-  <string name="connect_timeout">Bağlantı zaman aşımına uğradı</string>
+  <string name="connect_timeout">Bağlantı Zaman Aşımı</string>
+  <string name="no_allowed_app">İzin verilmeyen uygulama eklendi. Tüm uygulamalara izin vermemek için izin verilen uygulama listesine en az bir uygulama eklemek üzere kendimizi (%s) ekliyoruz</string>
+  <string name="query_permissions_sdcard">Android için OpenVPN SD kart üzerinde eksik dosyaları bulmayı deneyebilir. İzin talebini başlatmak için bu iletiye dokunun.</string>
   <string name="protocol">Protokol</string>
   <string name="enabled_connection_entry">Etkin</string>
+  <string name="abi_mismatch">Tercih edilen bu cihazın yerli ABI önceliği (%1$s) ile yerli kütüphanelerden bildirilen ABI (%2$s) uyuşmuyor</string>
   <string name="months_left">%d ay kaldı</string>
   <string name="days_left">%d gün kaldı</string>
   <string name="hours_left">%d saat kaldı</string>
+  <string name="permission_revoked">VPN izni işletim sistemi tarafından (örn. başlatılan diğer VPN programı) reddedildi, VPN durduruluyor</string>
+  <string name="pushpeerinfo">Eş bilgisini it</string>
+  <string name="pushpeerinfosummary">Sunucuya ek bilgi gönder, örn. SSL sürümü ve Android sürümü</string>
+  <string name="pw_request_dialog_title">%1$s gerekli</string>
+  <string name="pw_request_dialog_prompt">Lütfen %1$s profili için parola girin</string>
+  <string name="menu_use_inline_data">Satır içi veri kullan</string>
 </resources>
diff --git a/app/src/main/res/values-uk/strings-icsopenvpn.xml b/app/src/main/res/values-uk/strings-icsopenvpn.xml
index f715bf77..d97ced06 100755
--- a/app/src/main/res/values-uk/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-uk/strings-icsopenvpn.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!--Generated by crowdin.com-->
 <!--
-  ~ Copyright (c) 2012-2014 Arne Schwabe
+  ~ Copyright (c) 2012-2016 Arne Schwabe
   ~ Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
   -->
 <resources>
diff --git a/app/src/main/res/values-v21/refs.xml b/app/src/main/res/values-v21/refs.xml
index 510f128b..f3f43692 100644
--- a/app/src/main/res/values-v21/refs.xml
+++ b/app/src/main/res/values-v21/refs.xml
@@ -5,13 +5,13 @@
   -->
 
 <resources>
-    <drawable name="ic_menu_close_clear_cancel">@drawable/ic_close_white_24dp</drawable>
-    <drawable name="ic_menu_play">@drawable/ic_play_arrow_white_24dp</drawable>
-    <drawable name="ic_menu_pause">@drawable/ic_pause_white_24dp</drawable>
-    <drawable name="ic_menu_share">@drawable/ic_share_white_24dp </drawable>
-    <drawable name="ic_menu_save">@drawable/ic_check_white_24dp</drawable>
-    <drawable name="ic_menu_view">@drawable/ic_filter_list_white_24dp</drawable>
-    <drawable name="ic_menu_delete">@drawable/ic_delete_white_24dp</drawable>
-    <drawable name="ic_menu_delete_grey">@drawable/ic_delete_grey600_24dp</drawable>
-
+  <drawable name="ic_menu_close_clear_cancel">@drawable/ic_close_white_24dp</drawable>
+  <drawable name="ic_menu_play">@drawable/ic_play_arrow_white_24dp</drawable>
+  <drawable name="ic_menu_pause">@drawable/ic_pause_white_24dp</drawable>
+  <drawable name="ic_menu_share">@drawable/ic_share_white_24dp </drawable>
+  <drawable name="ic_menu_save">@drawable/ic_check_white_24dp</drawable>
+  <drawable name="ic_menu_view">@drawable/ic_filter_list_white_24dp</drawable>
+  <drawable name="ic_menu_delete">@drawable/ic_delete_white_24dp</drawable>
+  <drawable name="ic_menu_delete_grey">@drawable/ic_delete_grey600_24dp</drawable>
 </resources>
+
diff --git a/app/src/main/res/values-v21/styles.xml b/app/src/main/res/values-v21/styles.xml
index 83a693f1..fa27ebe8 100644
--- a/app/src/main/res/values-v21/styles.xml
+++ b/app/src/main/res/values-v21/styles.xml
@@ -25,4 +25,5 @@
         <item name="android:colorPrimaryDark">@color/primary_dark</item>
         <item name="android:colorAccent">@color/accent</item>
     </style>
+
 </resources>
diff --git a/app/src/main/res/values-vi/strings-icsopenvpn.xml b/app/src/main/res/values-vi/strings-icsopenvpn.xml
index 87d040ab..625ab34f 100755
--- a/app/src/main/res/values-vi/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-vi/strings-icsopenvpn.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!--Generated by crowdin.com-->
 <!--
-  ~ Copyright (c) 2012-2014 Arne Schwabe
+  ~ Copyright (c) 2012-2016 Arne Schwabe
   ~ Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
   -->
 <resources>
diff --git a/app/src/main/res/values-zh-rCN/strings-icsopenvpn.xml b/app/src/main/res/values-zh-rCN/strings-icsopenvpn.xml
index efd8a669..2a3aac46 100755
--- a/app/src/main/res/values-zh-rCN/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-zh-rCN/strings-icsopenvpn.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!--Generated by crowdin.com-->
 <!--
-  ~ Copyright (c) 2012-2014 Arne Schwabe
+  ~ Copyright (c) 2012-2016 Arne Schwabe
   ~ Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
   -->
 <resources>
diff --git a/app/src/main/res/values-zh-rTW/strings-icsopenvpn.xml b/app/src/main/res/values-zh-rTW/strings-icsopenvpn.xml
index 179396b8..c9dfeee5 100755
--- a/app/src/main/res/values-zh-rTW/strings-icsopenvpn.xml
+++ b/app/src/main/res/values-zh-rTW/strings-icsopenvpn.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!--Generated by crowdin.com-->
 <!--
-  ~ Copyright (c) 2012-2014 Arne Schwabe
+  ~ Copyright (c) 2012-2016 Arne Schwabe
   ~ Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
   -->
 <resources>
diff --git a/app/src/main/res/values/refs.xml b/app/src/main/res/values/refs.xml
index dce39385..4d3c257a 100644
--- a/app/src/main/res/values/refs.xml
+++ b/app/src/main/res/values/refs.xml
@@ -5,10 +5,12 @@
   -->
 
 <resources>
-    <drawable name="ic_menu_close_clear_cancel">@android:drawable/ic_menu_close_clear_cancel</drawable>
-    <drawable name="ic_menu_share">@android:drawable/ic_menu_share </drawable>
-    <drawable name="ic_menu_save">@android:drawable/ic_menu_save</drawable>
-    <drawable name="ic_menu_view">@android:drawable/ic_menu_view</drawable>
-    <drawable name="ic_menu_delete">@android:drawable/ic_menu_delete</drawable>
-    <drawable name="ic_menu_edit">@android:drawable/ic_menu_edit</drawable>
+  <drawable name="ic_menu_close_clear_cancel">@android:drawable/ic_menu_close_clear_cancel</drawable>
+  <drawable name="ic_menu_play">@android:drawable/ic_media_play</drawable>
+  <drawable name="ic_menu_pause">@android:drawable/ic_media_pause</drawable>
+  <drawable name="ic_menu_share">@android:drawable/ic_menu_share </drawable>
+  <drawable name="ic_menu_save">@android:drawable/ic_menu_save</drawable>
+  <drawable name="ic_menu_view">@android:drawable/ic_menu_view</drawable>
+  <drawable name="ic_menu_delete">@android:drawable/ic_menu_delete</drawable>
+  <drawable name="ic_menu_edit">@android:drawable/ic_menu_edit</drawable>
 </resources>
diff --git a/app/src/main/res/values/strings-icsopenvpn.xml b/app/src/main/res/values/strings-icsopenvpn.xml
index aa65a14d..3956604e 100755
--- a/app/src/main/res/values/strings-icsopenvpn.xml
+++ b/app/src/main/res/values/strings-icsopenvpn.xml
@@ -136,7 +136,7 @@
     <string name="opentun_no_ipaddr">Refusing to open tun device without IP information</string>
     <string name="menu_import">Import Profile from ovpn file</string>
     <string name="menu_import_short">Import</string>
-    <string name="import_content_resolve_error">Could not read Profile to import</string>
+    <string name="import_content_resolve_error">Could not read profile to import</string>
     <string name="error_reading_config_file">Error reading config file</string>
     <string name="add_profile">add Profile</string>
     <string name="import_could_not_open">Could not find file %1$s mentioned in the imported config file</string>
@@ -312,7 +312,7 @@
     <string name="unhandled_exception_context">%3$s: %1$s\n\n%2$s</string>
     <string name="faq_system_dialog_xposed">If you have rooted your Android device you can install the &lt;a href=\"http://xposed.info/\"&gt;Xposed framework&lt;/a&gt; and a the &lt;a href=\"http://repo.xposed.info/module/de.blinkt.vpndialogxposed\"&gt;VPN Dialog confirm module&lt;/a&gt; at your own risk"</string>
     <string name="full_licenses">Full licenses</string>
-    <string name="blocklocal_summary">Networks directly connected to the local interfaces will not be routed over the VPN. Deselecting this option will redirect all traffic indented for local networks to the VPN.</string>
+    <string name="blocklocal_summary">Networks directly connected to the local interfaces will not be routed over the VPN. Deselecting this option will redirect all traffic intented for local networks to the VPN.</string>
     <string name="blocklocal_title">Bypass VPN for local networks</string>
     <string name="userpw_file">Username/Password file</string>
     <string name="imported_from_file">[Imported from: %s]</string>
@@ -347,13 +347,13 @@
     <string name="duplicate_vpn">Duplicate VPN profile</string>
     <string name="duplicate_profile_title">Duplicating profile: %s</string>
     <string name="show_log">Show log</string>
-    <string name="faq_android_clients">Multiple OpenVPN clients for Android exist. The most common ones are OpenVPN for Android (this client), OpenVPN Connect and OpenVPN Settings.&lt;p&gt;The clients can be grouped into two groups: OpenVPN for Android and OpenVPN Connect use the official VPNService API (Android 4.0+) and require no root and OpenVPN Settings which uses root.&lt;p&gt;OpenVPN for Android is an open source client and developed by Arne Schwabe.  It is targeted at more advanced users and offers many settings and the ability to import profiles from files and to configure/change profiles inside the app. The client is based on the community version of OpenVPN. It is based on the OpenVPN 2.x source code. This client can be seen as the semi officially client of the community. &lt;p&gt;OpenVPN Connect is non open source client that is developed by OpenVPN Technologies, Inc. The client is indented to be general use client and moree targeted at the average user and allows the import of OpenVPN profiles. This client is based on the OpenVPN C++ reimplementation of the OpenVPN protocol (This was required to allow OpenVPN Technologies, Inc to publish an iOS OpenVPN app). This client is the official client of the OpenVPN technologies &lt;p&gt; OpenVPN Settings is the oldest of the clients and also a UI for the open source OpenVPN. In contrast to OpenVPN  for Android it requires root and does not use the VPNService API. It does not depend on Android 4.0+</string>
+    <string name="faq_android_clients">Multiple OpenVPN clients for Android exist. The most common ones are OpenVPN for Android (this client), OpenVPN Connect and OpenVPN Settings.&lt;p&gt;The clients can be grouped into two groups: OpenVPN for Android and OpenVPN Connect use the official VPNService API (Android 4.0+) and require no root and OpenVPN Settings which uses root.&lt;p&gt;OpenVPN for Android is an open source client and developed by Arne Schwabe.  It is targeted at more advanced users and offers many settings and the ability to import profiles from files and to configure/change profiles inside the app. The client is based on the community version of OpenVPN. It is based on the OpenVPN 2.x source code. This client can be seen as the semi officially client of the community. &lt;p&gt;OpenVPN Connect is non open source client that is developed by OpenVPN Technologies, Inc. The client is indented to be general use client and more targeted at the average user and allows the import of OpenVPN profiles. This client is based on the OpenVPN C++ reimplementation of the OpenVPN protocol (This was required to allow OpenVPN Technologies, Inc to publish an iOS OpenVPN app). This client is the official client of the OpenVPN technologies &lt;p&gt; OpenVPN Settings is the oldest of the clients and also a UI for the open source OpenVPN. In contrast to OpenVPN  for Android it requires root and does not use the VPNService API. It does not depend on Android 4.0+</string>
     <string name="faq_androids_clients_title">Differences between the OpenVPN Android clients</string>
     <string name="ignore_multicast_route">Ignoring multicast route: %s</string>
     <string name="ab_only_cidr">Android supports only CIDR routes to the VPN. Since non-CIDR routes are almost never used, OpenVPN for Android will use a /32 for routes that are not CIDR and issue a warning.</string>
     <string name="ab_tethering_44">Tethering works while the VPN is active. The tethered connection will NOT use the VPN.</string>
     <string name="ab_kitkat_mss">Early KitKat version set the wrong MSS value on TCP connections (#61948). Try to enable the mssfix option to workaround this bug.</string>
-    <string name="ab_proxy">Android will keep using your proxy settings specified for the mobile/Wi-Fi connection when no DNS servers are set. OpenVPN for Android will warn you about this in the log.<p>When a VPN sets a DNS server Android will not a proxy. There is no API to set a proxy for a VPN connection.</p></string>
+    <string name="ab_proxy">Android will keep using your proxy settings specified for the mobile/Wi-Fi connection when no DNS servers are set. OpenVPN for Android will warn you about this in the log.<p>When a VPN sets a DNS server Android will not use a proxy. There is no API to set a proxy for a VPN connection.</p></string>
     <string name="ab_lollipop_reinstall">VPN apps may stop working when uninstalled and reinstalled again. For details see #80074</string>
     <string name="ab_not_route_to_vpn">The configured client IP and the IPs in its network mask are not routed to the VPN. OpenVPN works around this bug by explicitly adding a route that corrosponds to the client IP and its netmask</string>
     <string name="ab_persist_tun">Opening a tun device while another tun device is active, which is used for persist-tun support, crashes the VPNServices on the device. A reboot is required to make VPN work again. OpenVPN for Android tries to avoid reopening the tun device and if really needed first closes the current TUN before opening the new TUN device to avoid to crash. This may lead to a short window where packets are sent over the non-VPN connection. Even with this workaround the VPNServices sometimes crashes and requires a reboot of the device.</string>
@@ -400,4 +400,9 @@
     <string name="pw_request_dialog_prompt">Please enter the password for profile %1$s</string>
     <string name="menu_use_inline_data">Use inline data</string>
     <string name="export_config_chooser_title">Export configuration file</string>
+    <string name="missing_tlsauth">tls-auth file is missing</string>
+    <string name="missing_certificates">Missing user certificate or user certifcate key file</string>
+    <string name="missing_ca_certificate">Missing CA certificate</string>
+    <string name="crl_title">Certifcate Revoke List (optional)</string>
+    <string name="reread_log">Reread (%d) log items from log cache file</string>
 </resources>
diff --git a/app/src/main/res/values/styles.xml b/app/src/main/res/values/styles.xml
index 13d5e0b1..4cdf2c00 100644
--- a/app/src/main/res/values/styles.xml
+++ b/app/src/main/res/values/styles.xml
@@ -53,4 +53,10 @@
     </style>
 
 
+    <style name="blinkt.translucent" parent="blinkt.dialog">
+        <item name="android:windowNoTitle">true</item>
+        <item name="android:windowActionBar">false</item>
+        <item name="android:windowFullscreen">true</item>
+        <item name="android:windowContentOverlay">@null</item>
+    </style>
 </resources>
\ No newline at end of file
diff --git a/ics-openvpn b/ics-openvpn
index ad414d7a..7dbaa266 160000
--- a/ics-openvpn
+++ b/ics-openvpn
@@ -1 +1 @@
-Subproject commit ad414d7aacadb9db2453c30eeaba13b894708b73
+Subproject commit 7dbaa266ed2aac4ab82672955282a6bfb43008b4
-- 
cgit v1.2.3


From 48948e1231a91c86e5a3e7b535a44eff62bacb6d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Parm=C3=A9nides=20GV?= <parmegv@sdf.org>
Date: Sat, 2 Apr 2016 15:04:35 +0200
Subject: VpnStatus.initLogCache must be called only once.

onCreate gets called when the activity is back on the screen. If the app
was already launched, we should not set everything up again.
---
 .../main/java/se/leap/bitmaskclient/Dashboard.java | 57 ++++++++++++++--------
 1 file changed, 38 insertions(+), 19 deletions(-)

diff --git a/app/src/main/java/se/leap/bitmaskclient/Dashboard.java b/app/src/main/java/se/leap/bitmaskclient/Dashboard.java
index 218b22a7..dbdf0a51 100644
--- a/app/src/main/java/se/leap/bitmaskclient/Dashboard.java
+++ b/app/src/main/java/se/leap/bitmaskclient/Dashboard.java
@@ -88,36 +88,55 @@ public class Dashboard extends Activity implements ProviderAPIResultReceiver.Rec
     @Override
     protected void onCreate(Bundle savedInstanceState) {
         super.onCreate(savedInstanceState);
-
-        app = this;
-
-        PRNGFixes.apply();
-        VpnStatus.initLogCache(getApplicationContext().getCacheDir());
-
         preferences = getSharedPreferences(SHARED_PREFERENCES, MODE_PRIVATE);
         fragment_manager = new FragmentManagerEnhanced(getFragmentManager());
-        handleVersion();
-        User.init(getString(R.string.default_username));
 
         ProviderAPICommand.initialize(this);
         providerAPI_result_receiver = new ProviderAPIResultReceiver(new Handler(), this);
 
-        restoreProvider(savedInstanceState);
-        if (!provider.isConfigured())
+        if (app == null) {
+            app = this;
+
+            PRNGFixes.apply();
+            VpnStatus.initLogCache(getApplicationContext().getCacheDir());
+            handleVersion();
+            User.init(getString(R.string.default_username));
+        }
+        boolean provider_exists = previousProviderExists(savedInstanceState);
+        if (provider_exists) {
+            provider = getProvider(savedInstanceState);
+            if(!provider.isConfigured())
+                startActivityForResult(new Intent(this, ConfigurationWizard.class), CONFIGURE_LEAP);
+            else {
+                buildDashboard(getIntent().getBooleanExtra(ON_BOOT, false));
+                user_status_fragment.restoreSessionStatus(savedInstanceState);
+            }
+        } else {
             startActivityForResult(new Intent(this, ConfigurationWizard.class), CONFIGURE_LEAP);
-        else {
-            buildDashboard(getIntent().getBooleanExtra(ON_BOOT, false));
-            user_status_fragment.restoreSessionStatus(savedInstanceState);
         }
     }
 
-    private void restoreProvider(Bundle savedInstanceState) {
-        if (savedInstanceState != null) {
-            if (savedInstanceState.containsKey(Provider.KEY))
-                provider = savedInstanceState.getParcelable(Provider.KEY);
-        }
-        if (!provider.isConfigured() && preferences.getBoolean(Constants.PROVIDER_CONFIGURED, false))
+    private boolean previousProviderExists(Bundle savedInstanceState) {
+        return providerInSavedInstance(savedInstanceState) || providerInSharedPreferences();
+    }
+
+    private Provider getProvider(Bundle savedInstanceState) {
+        if(providerInSavedInstance(savedInstanceState))
+            provider = savedInstanceState.getParcelable(Provider.KEY);
+        else if (providerInSharedPreferences())
             provider = getSavedProviderFromSharedPreferences();
+        return provider;
+    }
+
+    private boolean providerInSavedInstance(Bundle savedInstanceState) {
+        return savedInstanceState != null &&
+                savedInstanceState.containsKey(Provider.KEY);
+    }
+
+    private boolean providerInSharedPreferences() {
+        return preferences != null &&
+                preferences.getBoolean(Constants.PROVIDER_CONFIGURED, false);
+
     }
 
     @Override
-- 
cgit v1.2.3


From 574960d09f5cf054001f8f6e9eb54f80312b60db Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Parm=C3=A9nides=20GV?= <parmegv@sdf.org>
Date: Sat, 2 Apr 2016 15:29:31 +0200
Subject: Update BuildTools to 23.0.3, and plugins

- Android gradle plugin to 1.5.0
- Gson to 2.4
- Support annotations to 23.2.1
- Robotium-solo to 5.5.4
---
 app/build.gradle | 8 ++++----
 build.gradle     | 2 +-
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/app/build.gradle b/app/build.gradle
index 8c8b6d38..e9fe2f60 100644
--- a/app/build.gradle
+++ b/app/build.gradle
@@ -2,7 +2,7 @@ apply plugin: 'com.android.application'
 
 android {
   compileSdkVersion 23
-  buildToolsVersion "23.0.2"
+  buildToolsVersion "23.0.3"
 
   signingConfigs {
     release {
@@ -47,15 +47,15 @@ android {
 }
 
 dependencies {
-  androidTestCompile 'com.jayway.android.robotium:robotium-solo:5.4.1'
+  androidTestCompile 'com.jayway.android.robotium:robotium-solo:5.5.4'
   compile 'com.jakewharton:butterknife:6.1.0'
   provided 'com.squareup.dagger:dagger-compiler:1.2.2'
   compile 'com.github.pedrovgs:renderers:1.5'
   compile 'com.intellij:annotations:12.0'
-  compile 'com.google.code.gson:gson:2.3.1'
+  compile 'com.google.code.gson:gson:2.4'
   compile 'org.thoughtcrime.ssl.pinning:AndroidPinning:1.0.0'
   compile 'mbanje.kurt:fabbutton:1.1.4'
-    compile 'com.android.support:support-annotations:23.1.1'
+    compile 'com.android.support:support-annotations:23.2.1'
 }
 
 def processFileInplace(file, Closure processText) {
diff --git a/build.gradle b/build.gradle
index 5a212651..e094b5bb 100644
--- a/build.gradle
+++ b/build.gradle
@@ -4,7 +4,7 @@ buildscript {
     jcenter()
   }
   dependencies {
-    classpath 'com.android.tools.build:gradle:1.2.3'
+    classpath 'com.android.tools.build:gradle:1.5.0'
   }
 }
 
-- 
cgit v1.2.3


From 2daac1d12c4784443a872492b7f29d02c429d19f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Parm=C3=A9nides=20GV?= <parmegv@sdf.org>
Date: Sun, 3 Apr 2016 17:19:04 +0200
Subject: Bitmask does not show the log if an error happens.

ics-openvpn already shows it if necessary. Our heuristic (just looking
for an "error" keyword in the past N messages of the log) is very weak,
and it returns an annoying false positive: turning off the VPN triggers
the show log error.
---
 app/src/main/java/se/leap/bitmaskclient/VpnFragment.java | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/app/src/main/java/se/leap/bitmaskclient/VpnFragment.java b/app/src/main/java/se/leap/bitmaskclient/VpnFragment.java
index 2e3d7524..9210c6ec 100644
--- a/app/src/main/java/se/leap/bitmaskclient/VpnFragment.java
+++ b/app/src/main/java/se/leap/bitmaskclient/VpnFragment.java
@@ -244,10 +244,7 @@ public class VpnFragment extends Fragment implements Observer {
         Context context = dashboard.getApplicationContext();
         String error = eip_status.lastError(5, context);
 
-        if (!error.isEmpty()) {
-            dashboard.showLog();
-            VoidVpnService.stop();
-        }
+        if (!error.isEmpty()) VoidVpnService.stop();
         updateIcon();
         updateButton();
     }
-- 
cgit v1.2.3


From 287ae0ad2ec3e642f429e15bd1c7a8ca43eb6eec Mon Sep 17 00:00:00 2001
From: kwadronaut <kwadronaut@leap.se>
Date: Mon, 19 Sep 2016 12:24:32 +0200
Subject: remove snappy (closes #8475)

---
 app/snappy | 1 -
 1 file changed, 1 deletion(-)
 delete mode 120000 app/snappy

diff --git a/app/snappy b/app/snappy
deleted file mode 120000
index c44d7d0f..00000000
--- a/app/snappy
+++ /dev/null
@@ -1 +0,0 @@
-../ics-openvpn/main/snappy
\ No newline at end of file
-- 
cgit v1.2.3


From bb6a78c291d671a2f2a4f3fde0e37e676edcdc75 Mon Sep 17 00:00:00 2001
From: kwadronaut <kwadronaut@leap.se>
Date: Mon, 19 Sep 2016 12:48:33 +0200
Subject: bump Android SDK minor revision in README

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 7fe5d630..bbbbce83 100644
--- a/README.md
+++ b/README.md
@@ -25,7 +25,7 @@ the SDK and NDK to `~/dev` on a linux machine, you would add this to your path:
 
 Installable via `android` command (SDK Manager):
 
-* Android SDK Build-tools, 23.0.2
+* Android SDK Build-tools, 23.0.3
 * Android Support Repository, 4+
 
 Finally, install a java compiler. For example:
-- 
cgit v1.2.3


From f4fe35129d33de8998c9641d266c23cf1c870e71 Mon Sep 17 00:00:00 2001
From: kwadronaut <kwadronaut@leap.se>
Date: Mon, 19 Sep 2016 12:52:48 +0200
Subject: update gradle version

---
 build.gradle                             | 2 +-
 gradle/wrapper/gradle-wrapper.properties | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/build.gradle b/build.gradle
index e094b5bb..35bb7bfc 100644
--- a/build.gradle
+++ b/build.gradle
@@ -4,7 +4,7 @@ buildscript {
     jcenter()
   }
   dependencies {
-    classpath 'com.android.tools.build:gradle:1.5.0'
+    classpath 'com.android.tools.build:gradle:2.1.3'
   }
 }
 
diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties
index c8e43f9e..d1c6fba3 100644
--- a/gradle/wrapper/gradle-wrapper.properties
+++ b/gradle/wrapper/gradle-wrapper.properties
@@ -1,6 +1,6 @@
-#Wed Dec 03 00:07:42 CET 2014
+#Mon Sep 19 11:42:08 CEST 2016
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-2.2.1-all.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-2.14.1-all.zip
-- 
cgit v1.2.3


From 99a4d71753f0a840b2e6b46c6d49b7a1043085cd Mon Sep 17 00:00:00 2001
From: kwadronaut <kwadronaut@leap.se>
Date: Mon, 19 Sep 2016 22:17:50 +0200
Subject: Remove pins (solves #8455)

remove pins, because didn\'t work this way (solves #8455)
---
 app/assets/urls/bitmask demo.url | 3 +--
 app/assets/urls/calyx.url        | 4 +---
 app/assets/urls/riseup.url       | 3 +--
 3 files changed, 3 insertions(+), 7 deletions(-)

diff --git a/app/assets/urls/bitmask demo.url b/app/assets/urls/bitmask demo.url
index 81bdba52..1a412055 100644
--- a/app/assets/urls/bitmask demo.url	
+++ b/app/assets/urls/bitmask demo.url	
@@ -1,4 +1,3 @@
 {
-	"main_url" : "https://demo.bitmask.net/",
-	"ca_cert_fingerprint" : "c3f9f39af6d42d1f201195dec918ac7603597049"
+	"main_url" : "https://demo.bitmask.net/"
 }
diff --git a/app/assets/urls/calyx.url b/app/assets/urls/calyx.url
index 9ae902f7..8de04fe9 100644
--- a/app/assets/urls/calyx.url
+++ b/app/assets/urls/calyx.url
@@ -1,5 +1,3 @@
 {
-	"main_url" : "https://calyx.net/",
-	"ca_cert_fingerprint" : "98086aee17b5800acd0bdefe852e7c1ae72bd248"
-
+	"main_url" : "https://calyx.net/"
 }
diff --git a/app/assets/urls/riseup.url b/app/assets/urls/riseup.url
index 4c565076..4548b433 100644
--- a/app/assets/urls/riseup.url
+++ b/app/assets/urls/riseup.url
@@ -1,4 +1,3 @@
 {
-	"main_url" : "https://riseup.net/",
-	"ca_cert_fingerprint" : "aef7a642d7f8e046770521b354961a95cd4a76a8"
+	"main_url" : "https://riseup.net/"
 }
-- 
cgit v1.2.3


From b528b53eea42dbd2f970a628def1465a3439f2a3 Mon Sep 17 00:00:00 2001
From: kwadronaut <kwadronaut@leap.se>
Date: Mon, 19 Sep 2016 22:27:39 +0200
Subject: Update Manifest version

0.9.5RC2
---
 app/src/main/AndroidManifest.xml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/src/main/AndroidManifest.xml b/app/src/main/AndroidManifest.xml
index b4ada5fc..73808ffb 100644
--- a/app/src/main/AndroidManifest.xml
+++ b/app/src/main/AndroidManifest.xml
@@ -17,8 +17,8 @@
 
 <manifest xmlns:android="http://schemas.android.com/apk/res/android"
     package="se.leap.bitmaskclient"
-    android:versionCode="125"
-    android:versionName="0.9.4" >
+    android:versionCode="127"
+    android:versionName="0.9.5RC2" >
 
     <uses-permission android:name="android.permission.INTERNET" />
     <uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
-- 
cgit v1.2.3


From ff3119d0075579ab57e0c9c160a65c5455a93336 Mon Sep 17 00:00:00 2001
From: elijah <elijah@riseup.net>
Date: Tue, 20 Sep 2016 12:48:24 -0700
Subject: updated README.md with correct build-native.sh path

---
 README.md | 27 +++++++++++++++++----------
 1 file changed, 17 insertions(+), 10 deletions(-)

diff --git a/README.md b/README.md
index bbbbce83..6863eff6 100644
--- a/README.md
+++ b/README.md
@@ -1,4 +1,4 @@
-# Bitmask Android App 
+# Bitmask Android App
 
 This repository contains the source code for the [Bitmask](https://bitmask.net/) Android app.
 
@@ -19,9 +19,9 @@ Install from developer.android.com:
 Make sure add the necessary android tools to your bin path. For example, assuming you installed
 the SDK and NDK to `~/dev` on a linux machine, you would add this to your path:
 
-    ~/dev/android-sdk-linux/tools
-    ~/dev/android-sdk-linux/platform-tools
-    ~/dev/android-ndk-r10e/
+    ~/dev/android-sdk-linux/tools/
+    ~/dev/android-sdk-linux/platform-tools/
+    ~/dev/android-sdk-linux/ndk-bundle/
 
 Installable via `android` command (SDK Manager):
 
@@ -33,6 +33,7 @@ Finally, install a java compiler. For example:
    sudo apt-get install default-jdk
 
 If you are using a 64-bit machine, you will need to install some libraries too:
+
     sudo apt-get install lib32stdc++6 lib32z1
 
 ## Update git submodules
@@ -51,21 +52,23 @@ For that reason, it is necessary to initialize and update them before being able
 
 To build NDK sources, you need to issue these commands:
 
-    cd app
-    ./build-native.sh
+    cd ics-openvpn/main
+    misc/build-native.sh
     cd .. (to get back to the project directory)
 
 ### Compiling from the command line
+
 #### Signed APK
 
 If you want to release a signed APK, you'll have to create a gradle.properties file in the project root with the following structure:
-    
+
     storeFileProperty=fullPath
     storePasswordProperty=store password without quotation marks
     keyAliasProperty=key alias without quotation marks
     keyPasswordProperty=key password without quotation marks
-    
+
 #### Actual command
+
     ./gradlew build
 
 The resulting apk(s) will be in `app/build/apk`.
@@ -77,12 +80,14 @@ The resulting apk(s) will be in `app/build/apk`.
 ## Running tests
 
 To run the automated tests:
+
    1. Run an emulator (device doesn't necesarily has root, so testVpnCertificateValidator.testIsValid may fail).
    2. Unlock Android
    3. Issue the command ./gradlew connectedCheck
    4. Pay attention and check the "Trust this app" checkbox, if you don't do so tests won't run.
 
 Due to the nature of some tests, adb will lose its connectivity and you won't receive any tests results. To look for failed tests, do the following:
+
    1. adb kill-server
    2. adb logcat | less
    3. Look for: "failed: test"
@@ -94,13 +99,15 @@ We'll polish this process soon, but right now that's what we're doing (well, in
     cd ics-openvpn
     git remote add upstream https://github.com/schwabe/ics-openvpn.git
     git pull --rebase upstream master
-    
-A bunch of conflicts may arise. The guidelines are: 
+
+A bunch of conflicts may arise. The guidelines are:
+
     1. Methods in HEAD (upstream) completely removed from Bitmask should be removed again (e.g. askPW)
     2. Sometimes, Dashboard.class is in Bitmask while in ics-openvpn it is replaced by MainActivity.class and other classes. Keep removing them to keep Dashboard.class in there.
     3. Some resources files are stripped from several entries. Remove them if possible (check the code we compile is not using anything else new).
 
     ./gradlew updateIcsOpenVpn
+
 ## Acknowledgements
 
 This project bases its work in [ics-openvpn project](https://code.google.com/p/ics-openvpn/).
-- 
cgit v1.2.3


From 9f54528ddd285dc99797483c026fbc7345febb39 Mon Sep 17 00:00:00 2001
From: kwadronaut <kwadronaut@leap.se>
Date: Thu, 13 Oct 2016 09:30:51 +0200
Subject: Handle RequestPermisson sdk>23

closes #8536
---
 app/src/main/AndroidManifest.xml                   |   8 +-
 .../main/java/de/blinkt/openvpn/core/LogItem.java  | 377 +++++++++++++++++++++
 .../de/blinkt/openvpn/core/TestLogFileHandler.java | 119 +++++++
 build.gradle                                       |   2 +-
 4 files changed, 501 insertions(+), 5 deletions(-)
 create mode 100644 app/src/main/java/de/blinkt/openvpn/core/LogItem.java
 create mode 100644 app/src/test/java/de/blinkt/openvpn/core/TestLogFileHandler.java

diff --git a/app/src/main/AndroidManifest.xml b/app/src/main/AndroidManifest.xml
index 73808ffb..7e0c9c0b 100644
--- a/app/src/main/AndroidManifest.xml
+++ b/app/src/main/AndroidManifest.xml
@@ -17,8 +17,8 @@
 
 <manifest xmlns:android="http://schemas.android.com/apk/res/android"
     package="se.leap.bitmaskclient"
-    android:versionCode="127"
-    android:versionName="0.9.5RC2" >
+    android:versionCode="128"
+    android:versionName="0.9.6Beta" >
 
     <uses-permission android:name="android.permission.INTERNET" />
     <uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
@@ -28,7 +28,7 @@
 
     <uses-sdk
         android:minSdkVersion="14"
-        android:targetSdkVersion="21"/>
+        android:targetSdkVersion="24"/>
 
     <application
         android:allowBackup="true"
@@ -65,7 +65,7 @@
 
 	<activity
 	    android:name="se.leap.bitmaskclient.eip.VoidVpnLauncher"
-	    android:theme="@android:style/Theme.NoDisplay" />
+	    android:theme="@android:style/Theme.Translucent.NoTitleBar" />
 	
         <activity
                 android:name="de.blinkt.openvpn.activities.DisconnectVPN" />
diff --git a/app/src/main/java/de/blinkt/openvpn/core/LogItem.java b/app/src/main/java/de/blinkt/openvpn/core/LogItem.java
new file mode 100644
index 00000000..6aefbb2e
--- /dev/null
+++ b/app/src/main/java/de/blinkt/openvpn/core/LogItem.java
@@ -0,0 +1,377 @@
+/*
+ * Copyright (c) 2012-2016 Arne Schwabe
+ * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt
+ */
+
+package de.blinkt.openvpn.core;
+
+import android.annotation.SuppressLint;
+import android.content.Context;
+import android.content.pm.PackageInfo;
+import android.content.pm.PackageManager;
+import android.content.pm.Signature;
+import android.os.Parcel;
+import android.os.Parcelable;
+import android.text.TextUtils;
+import android.util.Log;
+
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.UnsupportedEncodingException;
+import java.nio.ByteBuffer;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.security.cert.CertificateException;
+import java.security.cert.CertificateFactory;
+import java.security.cert.X509Certificate;
+import java.util.Arrays;
+import java.util.FormatFlagsConversionMismatchException;
+import java.util.Locale;
+import java.util.UnknownFormatConversionException;
+
+import se.leap.bitmaskclient.R;
+
+/**
+ * Created by arne on 24.04.16.
+ */
+public class LogItem implements Parcelable {
+    private Object[] mArgs = null;
+    private String mMessage = null;
+    private int mRessourceId;
+    // Default log priority
+    VpnStatus.LogLevel mLevel = VpnStatus.LogLevel.INFO;
+    private long logtime = System.currentTimeMillis();
+    private int mVerbosityLevel = -1;
+
+    private LogItem(int ressourceId, Object[] args) {
+        mRessourceId = ressourceId;
+        mArgs = args;
+    }
+
+    public LogItem(VpnStatus.LogLevel level, int verblevel, String message) {
+        mMessage = message;
+        mLevel = level;
+        mVerbosityLevel = verblevel;
+    }
+
+    @Override
+    public int describeContents() {
+        return 0;
+    }
+
+
+    @Override
+    public void writeToParcel(Parcel dest, int flags) {
+        dest.writeArray(mArgs);
+        dest.writeString(mMessage);
+        dest.writeInt(mRessourceId);
+        dest.writeInt(mLevel.getInt());
+        dest.writeInt(mVerbosityLevel);
+
+        dest.writeLong(logtime);
+    }
+
+    @Override
+    public boolean equals(Object obj) {
+        if (!(obj instanceof LogItem))
+            return obj.equals(this);
+        LogItem other = (LogItem) obj;
+
+        return Arrays.equals(mArgs, other.mArgs) &&
+                ((other.mMessage == null && mMessage == other.mMessage) ||
+                        mMessage.equals(other.mMessage)) &&
+                mRessourceId == other.mRessourceId &&
+                ((mLevel == null && other.mLevel == mLevel) ||
+                        other.mLevel.equals(mLevel)) &&
+                mVerbosityLevel == other.mVerbosityLevel &&
+                logtime == other.logtime;
+
+
+    }
+
+    public byte[] getMarschaledBytes() throws UnsupportedEncodingException {
+        ByteBuffer bb = ByteBuffer.allocate(16384);
+
+
+        bb.put((byte) 0x0);               //version
+        bb.putLong(logtime);              //8
+        bb.putInt(mVerbosityLevel);      //4
+        bb.putInt(mLevel.getInt());
+        bb.putInt(mRessourceId);
+        if (mMessage == null || mMessage.length() == 0) {
+            bb.putInt(0);
+        } else {
+            marschalString(mMessage, bb);
+        }
+        if (mArgs == null || mArgs.length == 0) {
+            bb.putInt(0);
+        } else {
+            bb.putInt(mArgs.length);
+            for (Object o : mArgs) {
+                if (o instanceof String) {
+                    bb.putChar('s');
+                    marschalString((String) o, bb);
+                } else if (o instanceof Integer) {
+                    bb.putChar('i');
+                    bb.putInt((Integer) o);
+                } else if (o instanceof Float) {
+                    bb.putChar('f');
+                    bb.putFloat((Float) o);
+                } else if (o instanceof Double) {
+                    bb.putChar('d');
+                    bb.putDouble((Double) o);
+                } else if (o instanceof Long) {
+                    bb.putChar('l');
+                    bb.putLong((Long) o);
+                } else if (o == null) {
+                    bb.putChar('0');
+                } else {
+                    VpnStatus.logDebug("Unknown object for LogItem marschaling " + o);
+                    bb.putChar('s');
+                    marschalString(o.toString(), bb);
+                }
+
+            }
+        }
+
+        int pos = bb.position();
+        bb.rewind();
+        return Arrays.copyOf(bb.array(), pos);
+
+    }
+
+    public LogItem(byte[] in, int length) throws UnsupportedEncodingException {
+        ByteBuffer bb = ByteBuffer.wrap(in, 0, length);
+        bb.get(); // ignore version
+        logtime = bb.getLong();
+        mVerbosityLevel = bb.getInt();
+        mLevel = VpnStatus.LogLevel.getEnumByValue(bb.getInt());
+        mRessourceId = bb.getInt();
+        int len = bb.getInt();
+        if (len == 0) {
+            mMessage = null;
+        } else {
+            if (len > bb.remaining())
+                throw new IndexOutOfBoundsException("String length " + len + " is bigger than remaining bytes " + bb.remaining());
+            byte[] utf8bytes = new byte[len];
+            bb.get(utf8bytes);
+            mMessage = new String(utf8bytes, "UTF-8");
+        }
+        int numArgs = bb.getInt();
+        if (numArgs > 30) {
+            throw new IndexOutOfBoundsException("Too many arguments for Logitem to unmarschal");
+        }
+        if (numArgs == 0) {
+            mArgs = null;
+        } else {
+            mArgs = new Object[numArgs];
+            for (int i = 0; i < numArgs; i++) {
+                char type = bb.getChar();
+                switch (type) {
+                    case 's':
+                        mArgs[i] = unmarschalString(bb);
+                        break;
+                    case 'i':
+                        mArgs[i] = bb.getInt();
+                        break;
+                    case 'd':
+                        mArgs[i] = bb.getDouble();
+                        break;
+                    case 'f':
+                        mArgs[i] = bb.getFloat();
+                        break;
+                    case 'l':
+                        mArgs[i] = bb.getLong();
+                        break;
+                    case '0':
+                        mArgs[i] = null;
+                        break;
+                    default:
+                        throw new UnsupportedEncodingException("Unknown format type: " + type);
+                }
+            }
+        }
+        if (bb.hasRemaining())
+            throw new UnsupportedEncodingException(bb.remaining() + " bytes left after unmarshaling everything");
+    }
+
+    private void marschalString(String str, ByteBuffer bb) throws UnsupportedEncodingException {
+        byte[] utf8bytes = str.getBytes("UTF-8");
+        bb.putInt(utf8bytes.length);
+        bb.put(utf8bytes);
+    }
+
+    private String unmarschalString(ByteBuffer bb) throws UnsupportedEncodingException {
+        int len = bb.getInt();
+        byte[] utf8bytes = new byte[len];
+        bb.get(utf8bytes);
+        return new String(utf8bytes, "UTF-8");
+    }
+
+
+    public LogItem(Parcel in) {
+        mArgs = in.readArray(Object.class.getClassLoader());
+        mMessage = in.readString();
+        mRessourceId = in.readInt();
+        mLevel = VpnStatus.LogLevel.getEnumByValue(in.readInt());
+        mVerbosityLevel = in.readInt();
+        logtime = in.readLong();
+    }
+
+    public static final Creator<LogItem> CREATOR
+            = new Creator<LogItem>() {
+        public LogItem createFromParcel(Parcel in) {
+            return new LogItem(in);
+        }
+
+        public LogItem[] newArray(int size) {
+            return new LogItem[size];
+        }
+    };
+
+    public LogItem(VpnStatus.LogLevel loglevel, int ressourceId, Object... args) {
+        mRessourceId = ressourceId;
+        mArgs = args;
+        mLevel = loglevel;
+    }
+
+
+    public LogItem(VpnStatus.LogLevel loglevel, String msg) {
+        mLevel = loglevel;
+        mMessage = msg;
+    }
+
+
+    public LogItem(VpnStatus.LogLevel loglevel, int ressourceId) {
+        mRessourceId = ressourceId;
+        mLevel = loglevel;
+    }
+
+    public String getString(Context c) {
+        try {
+            if (mMessage != null) {
+                return mMessage;
+            } else {
+                if (c != null) {
+                    if (mRessourceId == R.string.mobile_info)
+                        return getMobileInfoString(c);
+                    if (mArgs == null)
+                        return c.getString(mRessourceId);
+                    else
+                        return c.getString(mRessourceId, mArgs);
+                } else {
+                    String str = String.format(Locale.ENGLISH, "Log (no context) resid %d", mRessourceId);
+                    if (mArgs != null)
+                        str += join("|", mArgs);
+
+                    return str;
+                }
+            }
+        } catch (UnknownFormatConversionException e) {
+            if (c != null)
+                throw new UnknownFormatConversionException(e.getLocalizedMessage() + getString(null));
+            else
+                throw e;
+        } catch (java.util.FormatFlagsConversionMismatchException e) {
+            if (c != null)
+                throw new FormatFlagsConversionMismatchException(e.getLocalizedMessage() + getString(null), e.getConversion());
+            else
+                throw e;
+        }
+
+    }
+
+
+    // TextUtils.join will cause not macked exeception in tests ....
+    public static String join(CharSequence delimiter, Object[] tokens) {
+        StringBuilder sb = new StringBuilder();
+        boolean firstTime = true;
+        for (Object token : tokens) {
+            if (firstTime) {
+                firstTime = false;
+            } else {
+                sb.append(delimiter);
+            }
+            sb.append(token);
+        }
+        return sb.toString();
+    }
+
+
+    public VpnStatus.LogLevel getLogLevel() {
+        return mLevel;
+    }
+
+
+    @Override
+    public String toString() {
+        return getString(null);
+    }
+
+    // The lint is wrong here
+    @SuppressLint("StringFormatMatches")
+    private String getMobileInfoString(Context c) {
+        c.getPackageManager();
+        String apksign = "error getting package signature";
+
+        String version = "error getting version";
+        try {
+            @SuppressLint("PackageManagerGetSignatures")
+            Signature raw = c.getPackageManager().getPackageInfo(c.getPackageName(), PackageManager.GET_SIGNATURES).signatures[0];
+            CertificateFactory cf = CertificateFactory.getInstance("X.509");
+            X509Certificate cert = (X509Certificate) cf.generateCertificate(new ByteArrayInputStream(raw.toByteArray()));
+            MessageDigest md = MessageDigest.getInstance("SHA-1");
+            byte[] der = cert.getEncoded();
+            md.update(der);
+            byte[] digest = md.digest();
+
+            if (Arrays.equals(digest, VpnStatus.officalkey))
+                apksign = c.getString(R.string.official_build);
+            else if (Arrays.equals(digest, VpnStatus.officaldebugkey))
+                apksign = c.getString(R.string.debug_build);
+            else if (Arrays.equals(digest, VpnStatus.amazonkey))
+                apksign = "amazon version";
+            else if (Arrays.equals(digest, VpnStatus.fdroidkey))
+                apksign = "F-Droid built and signed version";
+            else
+                apksign = c.getString(R.string.built_by, cert.getSubjectX500Principal().getName());
+
+            PackageInfo packageinfo = c.getPackageManager().getPackageInfo(c.getPackageName(), 0);
+            version = packageinfo.versionName;
+
+        } catch (PackageManager.NameNotFoundException | CertificateException |
+                NoSuchAlgorithmException ignored) {
+        }
+
+        Object[] argsext = Arrays.copyOf(mArgs, mArgs.length);
+        argsext[argsext.length - 1] = apksign;
+        argsext[argsext.length - 2] = version;
+
+        return c.getString(R.string.mobile_info, argsext);
+
+    }
+
+    public long getLogtime() {
+        return logtime;
+    }
+
+
+    public int getVerbosityLevel() {
+        if (mVerbosityLevel == -1) {
+            // Hack:
+            // For message not from OpenVPN, report the status level as log level
+            return mLevel.getInt();
+        }
+        return mVerbosityLevel;
+    }
+
+    public boolean verify() {
+        if (mLevel == null)
+            return false;
+
+        if (mMessage == null && mRessourceId == 0)
+            return false;
+
+        return true;
+    }
+}
diff --git a/app/src/test/java/de/blinkt/openvpn/core/TestLogFileHandler.java b/app/src/test/java/de/blinkt/openvpn/core/TestLogFileHandler.java
new file mode 100644
index 00000000..c35df598
--- /dev/null
+++ b/app/src/test/java/de/blinkt/openvpn/core/TestLogFileHandler.java
@@ -0,0 +1,119 @@
+package de.blinkt.openvpn.core;
+
+import android.annotation.SuppressLint;
+
+import junit.framework.Assert;
+
+import org.junit.Before;
+import org.junit.Test;
+
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.io.UnsupportedEncodingException;
+import java.util.Arrays;
+
+public class TestLogFileHandler {
+
+    byte[] testUnescaped = new byte[]{0x00, 0x55, -27, 0x00, 0x56, 0x10, -128, 0x55, 0x54};
+    byte[] expectedEscaped = new byte[]{0x55, 0x00, 0x00, 0x00, 0x09, 0x00, 0x56, 0x00, -27, 0x00, 0x56, 0x01, 0x10, -128, 0x56, 0x00, 0x54};
+    private TestingLogFileHandler lfh;
+
+
+    @Before
+    public void setup() {
+        lfh = new TestingLogFileHandler();
+    }
+
+    @Test
+    public void testWriteByteArray() throws IOException {
+
+        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
+
+        lfh.setLogFile(byteArrayOutputStream);
+
+        lfh.writeEscapedBytes(testUnescaped);
+
+        byte[] result = byteArrayOutputStream.toByteArray();
+        Assert.assertTrue(Arrays.equals(expectedEscaped, result));
+    }
+
+    @Test
+    public void readByteArray() throws IOException {
+
+        ByteArrayInputStream in = new ByteArrayInputStream(expectedEscaped);
+
+        lfh.readCacheContents(in);
+
+        Assert.assertTrue(Arrays.equals(testUnescaped, lfh.mRestoredByteArray));
+
+    }
+
+    @Test
+    public void testMarschal() throws UnsupportedEncodingException {
+        LogItem li = new LogItem(VpnStatus.LogLevel.DEBUG, 72, "foobar");
+        LogItem li2 = marschalAndBack(li);
+        testEquals(li, li2);
+        Assert.assertEquals(li, li2);
+    }
+
+    @Test
+    public void testMarschalArgs() throws UnsupportedEncodingException {
+        LogItem li = new LogItem(VpnStatus.LogLevel.DEBUG, 72, 772, "sinnloser Text", 7723, 723.2f, 7.2);
+        LogItem li2 = marschalAndBack(li);
+        testEquals(li, li2);
+        Assert.assertEquals(li, li2);
+    }
+
+    @Test
+    public void testMarschalString() throws UnsupportedEncodingException {
+        LogItem li = new LogItem(VpnStatus.LogLevel.DEBUG, "Nutzlose Nachricht");
+        LogItem li2 = marschalAndBack(li);
+        testEquals(li, li2);
+        Assert.assertEquals(li, li2);
+    }
+
+
+    private void testEquals(LogItem li, LogItem li2) {
+        Assert.assertEquals(li.getLogLevel(), li2.getLogLevel());
+        Assert.assertEquals(li.getLogtime(), li2.getLogtime());
+        Assert.assertEquals(li.getVerbosityLevel(), li2.getVerbosityLevel());
+        Assert.assertEquals(li.toString(), li2.toString());
+
+    }
+
+    private LogItem marschalAndBack(LogItem li) throws UnsupportedEncodingException {
+        byte[] bytes = li.getMarschaledBytes();
+
+        return new LogItem(bytes, bytes.length);
+    }
+
+
+    @SuppressLint("HandlerLeak")
+    static class TestingLogFileHandler extends LogFileHandler {
+
+        public byte[] mRestoredByteArray;
+
+        public TestingLogFileHandler() {
+            super(null);
+        }
+
+        public void setLogFile(OutputStream out) {
+            mLogFile = out;
+        }
+
+        @Override
+        public void readCacheContents(InputStream in) throws IOException {
+            super.readCacheContents(in);
+        }
+
+        @Override
+        protected void restoreLogItem(byte[] buf, int len) {
+            mRestoredByteArray = Arrays.copyOf(buf, len);
+        }
+    }
+
+
+}
\ No newline at end of file
diff --git a/build.gradle b/build.gradle
index 35bb7bfc..db59f144 100644
--- a/build.gradle
+++ b/build.gradle
@@ -4,7 +4,7 @@ buildscript {
     jcenter()
   }
   dependencies {
-    classpath 'com.android.tools.build:gradle:2.1.3'
+    classpath 'com.android.tools.build:gradle:2.2.1'
   }
 }
 
-- 
cgit v1.2.3


From 87ca37e38bd803b0771ae9385ef1372ae1496a98 Mon Sep 17 00:00:00 2001
From: kwadronaut <kwadronaut@leap.se>
Date: Tue, 14 Mar 2017 16:50:33 +0100
Subject: add .gitlab-ci config for CI building

---
 .gitlab-ci.yml | 12 ++++++++++++
 1 file changed, 12 insertions(+)
 create mode 100644 .gitlab-ci.yml

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
new file mode 100644
index 00000000..8784a5b1
--- /dev/null
+++ b/.gitlab-ci.yml
@@ -0,0 +1,12 @@
+image: "0xacab.org:4567/leap/gitlab-buildpackage:android"
+
+stages:
+  - build
+
+build:
+  stage: build
+  script:
+    - ./gradlew assembleDebug
+  artifacts:
+    paths:
+    - app/build/outputs/
-- 
cgit v1.2.3


From cd06e880fe27e803da21bd604a76d27ccd7052df Mon Sep 17 00:00:00 2001
From: kwadronaut <kwadronaut@leap.se>
Date: Tue, 14 Mar 2017 17:10:25 +0100
Subject: give gitlab builds a try with foreign docker image

---
 .gitlab-ci.yml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 8784a5b1..896b59c8 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -1,4 +1,5 @@
-image: "0xacab.org:4567/leap/gitlab-buildpackage:android"
+#image: "0xacab.org:4567/leap/gitlab-buildpackage:android"
+image: "jacekmarchwicki/android"
 
 stages:
   - build
-- 
cgit v1.2.3


From 128fed3eff14843f743fdb6cd420649afb5e8593 Mon Sep 17 00:00:00 2001
From: kwadronaut <kwadronaut@leap.se>
Date: Tue, 14 Mar 2017 17:15:16 +0100
Subject: gitlab ci with jdk8 docker

---
 .gitlab-ci.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 896b59c8..d5a0757a 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -1,5 +1,5 @@
 #image: "0xacab.org:4567/leap/gitlab-buildpackage:android"
-image: "jacekmarchwicki/android"
+image: "gfx2015/android"
 
 stages:
   - build
-- 
cgit v1.2.3


From a3ed35a4fc5aff4fe6a06f45f0dcaa009759bbd0 Mon Sep 17 00:00:00 2001
From: kwadronaut <kwadronaut@leap.se>
Date: Tue, 14 Mar 2017 17:33:01 +0100
Subject: sync submodules (ics-ovpn) when building

---
 .gitlab-ci.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index d5a0757a..af32b362 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -1,6 +1,9 @@
 #image: "0xacab.org:4567/leap/gitlab-buildpackage:android"
 image: "gfx2015/android"
 
+variables:
+  GIT_SUBMODULE_STRATEGY: "recursive"
+
 stages:
   - build
 
-- 
cgit v1.2.3


From 061a93d7b1312bfb45f6cba4e63474d392e3c078 Mon Sep 17 00:00:00 2001
From: kwadronaut <kwadronaut@leap.se>
Date: Tue, 14 Mar 2017 20:54:42 +0100
Subject: try our own docker image for building

---
 .gitlab-ci.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index af32b362..3a72e9b4 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -1,5 +1,5 @@
-#image: "0xacab.org:4567/leap/gitlab-buildpackage:android"
-image: "gfx2015/android"
+image: "0xacab.org:4567/leap/gitlab-buildpackage:android"
+#image: "gfx2015/android"
 
 variables:
   GIT_SUBMODULE_STRATEGY: "recursive"
-- 
cgit v1.2.3


From 0688c9e8ceab724874bd795f35dc64f498c416b0 Mon Sep 17 00:00:00 2001
From: varac <varacanero@zeromail.org>
Date: Wed, 15 Mar 2017 00:06:09 +0100
Subject: Try with explicit git submodule cloning

---
 .gitlab-ci.yml | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 3a72e9b4..7ad57573 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -1,12 +1,13 @@
 image: "0xacab.org:4567/leap/gitlab-buildpackage:android"
 #image: "gfx2015/android"
 
-variables:
-  GIT_SUBMODULE_STRATEGY: "recursive"
-
 stages:
   - build
 
+before_script:
+  - git submodule sync --recursive
+  - git submodule update --init --recursive
+
 build:
   stage: build
   script:
-- 
cgit v1.2.3


From 9edd5d6b3f9e7019fe01867ad4e37d2753d77e18 Mon Sep 17 00:00:00 2001
From: aguestuser <aguestuser@risup.net>
Date: Wed, 12 Apr 2017 01:13:11 -0400
Subject: [ag] Update README to promote smoother on-boarding

* add detailed instructions on installing and compiling
* provide workarounds for gotchas setting up emulator on debian
* offer instructions for building in docker

side-effects:

* update build tools & gradle version
* fix indentation in build.gradle
* comment out tests in `TestLogFileHandler` causing `build` to break (and provide justification)
---
 README.md                                          | 475 ++++++++++++++++++---
 app/build.gradle                                   |  63 +--
 .../de/blinkt/openvpn/core/TestLogFileHandler.java | 252 ++++++-----
 build.gradle                                       |   2 +-
 gradle/wrapper/gradle-wrapper.properties           |   4 +-
 5 files changed, 583 insertions(+), 213 deletions(-)

diff --git a/README.md b/README.md
index 6863eff6..d827bd6e 100644
--- a/README.md
+++ b/README.md
@@ -1,83 +1,254 @@
-# Bitmask Android App
+# Bitmask Android Client
+
+This repository contains the source code for the [Bitmask](https://bitmask.net/) Android client. Bitmask Android offers one-click free VPN service from trusted providers of the LEAP stack.
+
+To lean about the stack, visit [leap.se](https://leap.se).
+
+Please see the [issues](https://github.com/leapcode/bitmask_android/issues) section to report any bugs or feature requests, and to see the list of known issues.
+
+# Table Of Contents
+
+* [License](#license)
+* [Installing](#installing)
+  * [JDK](#jdk)
+  * [C Libraries](#c-libraries)
+  * [Android SDK](#android-sdk)
+    * [With Android Studio](#with-android-studio)
+    * [With Bash](#with-bash)
+    * [Updating Your PATH](#updating-your-path)
+    * [With Docker](#with-docker)
+  * [Submodules](#submodules)
+* [Compiling](#compiling)
+  * [Just Build It!](#just-build-it)
+  * [Debug APKs](#debug-apks)
+  * [Release APKs](#release-apks)
+  * [Signed Release APKs](#signed-release-apks)
+* [Running Tests](#running-tests)
+* [Debugging in an Emulator](#debugging-in-an-emulator)
+  * [From Android Studio](#from-android-studio)
+  * [From The Shell](#from-the-shell)
+  * [Debian Gotchas](#debian-gotchas)
+    * [Virtualization Not Enabled](#virtualization-not-enabled)
+    * [Unpatched Filepaths Bug](#unpatched-filepaths-bug)
+    * [Outdated GL Libraries](#outdated-gl-libraries)
+* [Updating Submodules](#updating-submodules)
+* [Acknowledgments](#acknowledgments)
+* [Contributing](#contributing)
+
+## License <a name="license"></a>
 
-This repository contains the source code for the [Bitmask](https://bitmask.net/) Android app.
+* [See LICENSE file](https://github.com/leapcode/bitmask_android/blob/master/LICENSE.txt)
 
-Please see the [issues](https://github.com/leapcode/bitmask_android/issues) section to
-report any bugs or feature requests and to see the list of known issues.
 
-## License
+## Installing <a name="installing"></a>
 
-* [See LICENSE file](https://github.com/leapcode/bitmask_android/blob/master/LICENSE.txt)
+We will assume for convenience that you are installing on a Debian- or Ubuntu-based GNU/Linux machine. (Patches welcome with instructions for Mac, Windows, or other GNU/Linux distributions!)
+
+The Bitmask Android Client has the following system-level dependencies:
+
+* JDK v. 1.8
+* Assorted 32-bit C libraries
+* Android SDK Tools, v. 25.0.2, with these packages:
+  * Platform-Tools, v. 25.0.2
+  * Build-Tools, API v. 23-25
+  * Platforms 23-25
+  * Android Support Repository
+  * Google Support Repository
+  * NDK v. r14b (enables C code in Android)
+* For running the app in an emulator, you will also need these packages:
+  * Android Emulator
+  * ARMEABI System Images for Adnroid APIs 23-25
+* The ICS-OpenVpn submodule
+
+You can install them as follows:
+
+### JDK <a name="jdk"></a>
+
+Install with:
+
+```bash
+sudo apt install default-jdk
+```
+
+### C Libraries <a name="c-libraries"></a>
+
+These are necessary to make sure the program cross-compiles to 32-bit architectures successfully from 64-bit GNU/Linux machines:
+
+```
+sudo apt install  lib32stdc++ lib32z1
+```
+
+lib64stdc++
+
+### Android SDK <a name="android-sdk"></a>
+
+#### With Android Studio <a name="with-android-studio"></a>
+
+All of the Android SDK and NDK packages are downloadable through Android Studio, which (sadly) is probably the most hassle-free way to go about things.
+
+You can download Android studio here:
+
+https://developer.android.com/studio/index.html
+
+Once you've got it installed, use the `SDK Manager` tool (Android figure Icon with blue arrow second from the right in the tool pane) to download all the Android SDK and NDK depencencies listed above.
+
+#### With Bash <a name="with-bash"></a>
+
+Alternatley (eg: for build machines), you may download the `android-sdk` tarball from Google as follows:
+
+```
+cd </path/where/you/want/to/install/android-sdk>
+wget -q https://dl.google.com/android/android-sdk_r23.0.3-linux.tgz -O android-sdk.tgz
+tar -xvzf android-sdk.tgz
+rm -f android-sdk.tgz
+```
+
+After updating your PATH (see next step), you may now use the `sdkmanager` tool bundled with `android-sdk` to browse and install new sdk packages from Google.
+
+To browse all available packages, run:
+
+```shell
+sdkmanager --list
+```
+
+To search for available packages of a certain type (eg: `tools`), run:
+
+```shell
+sdkmanager --list | grep tools
+```
 
-## Build Requirements
+To install all of the dependencies listed above (targetting SDK versions 23 - 25), run:
 
-Install from developer.android.com:
+```shell
+# update sdk tools
+sdkmanager tools
 
-* Android SDK, API 23: http://developer.android.com/sdk/index.html
-* Android NDK, r10e: http://developer.android.com/tools/sdk/ndk/index.html
+# get supporting packages
+sdkmanager platform-tools
+sdkmanager extras;android;m2repository
+sdkmanager extras;google;m2repository
 
-Make sure add the necessary android tools to your bin path. For example, assuming you installed
-the SDK and NDK to `~/dev` on a linux machine, you would add this to your path:
+# get build tools and sdk platforms for api v 23 - 25
+sdkmanager build-tools;25.0.2
+sdkmanager build-tools;24.0.3
+sdkmanager build-tools;23.0.3
+sdkmanager platforms;android-25
+sdkmanager platforms;android-24
+sdkmanager platforms;android-23
 
-    ~/dev/android-sdk-linux/tools/
-    ~/dev/android-sdk-linux/platform-tools/
-    ~/dev/android-sdk-linux/ndk-bundle/
+# install NDK (for C code)
+sdkmanager ndk-bundle
+```
 
-Installable via `android` command (SDK Manager):
+#### Updating Your Path <a name="updating-your-path"></a>
 
-* Android SDK Build-tools, 23.0.3
-* Android Support Repository, 4+
+Once you've installed Android SDK & NDK packages, you need to modify your PATH so you can invoke all the programs you just installed. (On GNU/Linux, machines, this is generally `~/Android/Sdk`.)
 
-Finally, install a java compiler. For example:
+You can do that with something like the following in your `~/.shellrc` or `~/.bash_profile`:
 
-   sudo apt-get install default-jdk
+```shell
+export ANDROID_HOME=<path/where/you/installed/android/sdk>
+export ANDROID_NDK_HOME=$ANDROID_HOME/ndk-bundle
+export PATH=$ANDROID_NDK_HOME:$PATH
+export PATH=$ANDROID_HOME/platform-tools:$PATH
+export PATH=$ANDROID_HOME/tools/bin:$PATH
+```
 
-If you are using a 64-bit machine, you will need to install some libraries too:
+#### With Docker <a name="with-docker"></a>
 
-    sudo apt-get install lib32stdc++6 lib32z1
+Geesh! If all that above seems like a lot, it is!
 
-## Update git submodules
+To keep ourselves from messing it up all the time everyone someone new joins the project, we made a Dockerfile that creates the above environment with one line. You can pull the image and run builds from inside it, or consult the [Dockerfile](/docker/android-sdk.dockerfile) itself for requirements that your system might need but be missing.
 
-We build upon ics-openvpn, which meets a submodule in our project structure.
+Assuming you've already [installed docker](https://docs.docker.com/engine/installation/), you can pull the image with:
 
-For that reason, it is necessary to initialize and update them before being able to build Bitmask Android.
+``` shell
+docker pull 0xacab.org:4567/aguestuser/bitmask_android:android-sdk-25
+```
 
-    git submodule init
-    git submodule update
-    cd ics-openvpn
-    git submodule init
-    git submodule update
+Run the image with:
 
-## Build native sources
+``` shell
+docker run -i -t 0xacab.org:4567/aguestuser/bitmask_android:android-sdk-25
+```
+More likely than not, you'll want to run the image with the source code mounted. You can do that with:
 
-To build NDK sources, you need to issue these commands:
+``` shell
+cd <path/to/bitmask_android>
+docker run -i -v`pwd`:/bitmask_android -t 0xacab.org:4567/aguestuser/bitmask_android:android-sdk-25
+```
 
-    cd ics-openvpn/main
-    misc/build-native.sh
-    cd .. (to get back to the project directory)
+*TODO(@aguestuser|04.16.17): move docker registry to 0xacab.org/leap (pending permissions)*
 
-### Compiling from the command line
+### Submodules <a name="submodules"></a>
 
-#### Signed APK
+We depend on [ics-openvpn](https://github.com/schwabe/ics-openvpn) as an interface to Android's OpenVPN implementation. We include it as a [git submodule](https://git-scm.com/book/en/v2/Git-Tools-Submodules) in our project, which requires that we initialize and update it (and its respective upstream submodule dependencies) in order to compile and run Bitmask Android.
 
-If you want to release a signed APK, you'll have to create a gradle.properties file in the project root with the following structure:
+We do so with:
 
-    storeFileProperty=fullPath
-    storePasswordProperty=store password without quotation marks
-    keyAliasProperty=key alias without quotation marks
-    keyPasswordProperty=key password without quotation marks
+```bash
+cd <path/to/bitmask_android>
+git submodule init
+git submodule update --init --recursive
+```
 
-#### Actual command
+## Compiling <a name="compiling"></a>
 
-    ./gradlew build
+You have lots of options for compiling, all of which will output Android-executable `apk` packages to `/bitmask_android/app/build/outputs/apk/`.
 
-The resulting apk(s) will be in `app/build/apk`.
+### Just Build It! <a name="just-build-it"></a>
 
-### Using Android Studio
+You are welcome to run:
 
-* `Import project` => select bitmask_android top folder
+```
+./gradlew build
+```
 
-## Running tests
+This will compile the code and run the tests, but not output any `apk` packages. As such, it's not all that useful. :)
+
+### Debug APKs <a name="debug-apks"></a>
+
+To assemble debug packages for running locally or testing in CI, run:
+
+```bash
+./gradlew assembleDebug
+```
+
+This will output `app-insecure-debug.apk` and `app-production-debug.apk` to `/bitmask_android/app/build/outputs/apk/`.
+
+### Release APKs <a name="release-apks"></a>
+
+To assemble release packages, run:
+
+```bash
+./gradlew assembleRelease
+```
+
+This will output `app-insecure-release.apk` and `app-production-release.apk` to `/bitmask_android/app/build/outputs/apk/`.
+
+### Signed Release APKs <a name="signed-release-apks"></a>
+
+If you want to release a signed APK (which you *must* do to publish the app to the Google Play store), you'll have to create a gradle.properties file in the project root with the following structure:
+
+```properties
+storeFileProperty=<fullPath>
+storePasswordProperty=<store password without quotation marks>
+keyAliasProperty=<key alias without quotation marks>
+keyPasswordProperty=<key password without quotation marks>
+```
+
+### Building In Docker <a name="building-in-docker"></a>
+
+If you want to make sure the environment you use to build APKs matches exactly the environment that Gitlab will use to build and publish artifacts, you can run any of the above build commands from inside Docker. To assemble a release build this way, run the following commands:
+
+``` shell
+$ cd <path/to/bitmask_android>
+$ sudo docker run -i -t `pwd`:/bitmask_android 0xacab.org/aguestuser/bitmask_android:android-sdk-25
+# cd /bitmask_android
+# ./gradlew assembleRelease
+```
+
+## Running Tests <a name="running-tests"></a>
 
 To run the automated tests:
 
@@ -92,33 +263,213 @@ Due to the nature of some tests, adb will lose its connectivity and you won't re
    2. adb logcat | less
    3. Look for: "failed: test"
 
-We'll polish this process soon, but right now that's what we're doing (well, in fact, we run "adb logcat" in Emacs and then search "failed: test" in the corresponding buffer ;) ).
+We'll polish this process soon, but right now that's what we're doing.
+
+## Debugging in an Emulator <a name="debugging-in-an-emulator"></a>
+
+You can run the app in an emulator running any version of Android and simulating (almost) any device. To run it you'll have to create an emulator, run the emulator, and then load an assembled APK of the app onto the emulator. (You can then use all sort of nifty tools in [Anroid Debug Bridge](https://developer.android.com/studio/command-line/adb.html) to tail the logs and debug the app.)
+
+Assuming you've already tackled (or don't need to tackle) the [Debian Gotchas](#debian-gotchas) listed below, you can do that using either Android Studio or a bash shell as follows:
+
+### From Android Studio <a name="from-android-studio"></a>
+
+To create an emulator:
+
+* Select `Tools/Android/AVD Manager` from the application menu
+* Follow the instructions
+
+To run a pre-existing emulator:
+
+* Open the `AVD Manager` as above
+* Press the "Play" button next to the emulator you want to run
+
+To run the app:
+
+* Ensure you have an emulator running
+* Open the left-hand project pane (Meta-1 or Cmd-1, depending on your keybindings)
+* Navigate to `bitmask_android/app/src/main/java/se/leap/bitmaskclient/Dashboard`
+* Right-click over the `Dashboard` filename and click the `Run 'Dashboard'` option (or use Shift-Ctl-F10 or Shift-Ctl-R, depending on your keybindings)
+* After you have done this once, you should be able to simply select `Dashboard` from the dropdown menu next to the big green arrow in the toolbar, then click the green arrow to run the app.
+
+### From the Shell <a name="from-the-shell"></a>
 
-## Updating ics-openvpn
+To list the available avd images for creating an emulator:
 
-    cd ics-openvpn
-    git remote add upstream https://github.com/schwabe/ics-openvpn.git
-    git pull --rebase upstream master
+``` shell
+avdmanager list
+```
 
+To create an emulator:
+
+``` shell
+avdmanager create avd
+```
+
+To list the emulators you have already created:
+
+``` shell
+avdmanager list avd
+```
+
+To run a pre-existing emulator called `Nexus_5_API_25`:
+
+``` shell
+emulator @Nexus_5_API_15
+```
+
+Verify the device is running with:
+
+``` shell
+adb devices
+```
+
+You should see something like:
+
+``` shell
+List of devices attached
+emulator-5554 device
+```
+Install APK with:
+
+``` shell
+abd install <path/to/your>.apk
+```
+
+Uninstall with:
+
+``` shell
+abd uninstall se.leap.bitmaskclient
+```
+Install with option to reinstall:
+
+``` shell
+abd install -r <path/to/your/apk>
+```
+
+### Debian Gotchas <a name="debian-gotchas"></a>
+
+If you are running Debian on a 64-bit machine, your emulator will likely not work out of the gate. Test to see if this is the case by:
+
+* first creating an emulator in Android Studio (with name, eg, `Nexus_5_API_25`)
+* then running:
+   ```shell
+   cd ~/
+   emulator @<name_of_your_emulator>
+   ```
+If you can launch an emulator, HUZZAH! If not, you likely have one of 3 problems:
+
+#### 1. Virtualization Not Enabled <a name="virtualization-not-enabled"></a>
+
+Boo! Try turning it on. The second half of [this article](https://docs.fedoraproject.org/en-US/Fedora/13/html/Virtualization_Guide/sect-Virtualization-Troubleshooting-Enabling_Intel_VT_and_AMD_V_virtualization_hardware_extensions_in_BIOS.html) is a decent enough guide.
+
+#### 2. Unpatched Filepaths Bug <a name="unpatched-filepaths-bug"></a>
+
+**Symptoms:** If you have this bug, you will see something like the following when you try to spin up an emulator:
+
+``` shell
+[140500439390016]:ERROR:./android/qt/qt_setup.cpp:28:Qt library not found at ../emulator/lib64/qt/lib
+Could not launch '../emulator/qemu/linux-x86_64/qemu-system-i386': No such file or directory
+```
+As [documented here](https://stackoverflow.com/questions/42554337/cannot-launch-avd-in-emulatorqt-library-not-found), there is a standing bug in the version of `emulator` packaged for emulator that assumes it always runs from within the `$ANDROID_HOME/emulator` directory, and can thus safely use relative filepaths, when in fact this is almost never the case. (Cool bug!)
+
+**Fixes:**
+
+You have a couple options. The second is more robust:
+
+1. Always run emulator from within its own directory (clunky!):
+
+``` shell
+ cd "$(dirname "$(which emulator)")"
+ emulator <name_of_your_emulator>
+```
+
+2. Insert a line in your `~/.bashrc` to automatically navigate to the correct directory (and back) whenever you invoke `emulator`:
+
+ ```shell
+function emulator { pushd `pwd`; cd "$(dirname "$(which emulator)")" && ./emulator "$@"; popd;}
+```
+
+*** PROBLEM 2: OUTDATED VERSIONS OF GL LIBRARIES
+
+#### 3. Outdated GL Libraries <a name="outdated-gl-libraries"></a>
+
+**Symptoms:** If you have this bug, you will see something like the following:
+
+``` shell
+libGL error: failed to load driver: swrast
+X Error of failed request:  BadValue (integer parameter out of range for  operation)
+# redacted incredibly long stack trace
+```
+
+As documented [here](http://stackoverflow.com/questions/36554322/cannot-start-emulator-in-android-studio-2-0), the current emulator package ships without outdated versions of LibGL libraries. To work around this:
+
+1. Install modern GL libriaries with:
+
+``` shell
+sudo apt-get install mesa-utils
+```
+
+2. Ensure that `emulator` always uses the correct libraries by either:
+
+  a. always calling `emulator` with the `-use-system-libs` flag, like so:
+
+  ``` shell
+  emulator -use-system-libs -avd Nexus_5_API_25
+  ```
+  b. adding the following line to your ~/.bashrc or ~/.bash_profile:
+
+  ```shell
+  export ANDROID_EMULATOR_USE_SYSTEM_LIBS=1
+  ```
+
+**Special Android Studio Debian Bonus Gotcha:**
+
+Assuming you have made all the above fixes (great job!), to be able to launch emulators from Android Studio, you must either:
+
+1. Use the environment variable solution above (option a), then *always* launch Android Studio from a bash shell with:
+
+``` shell
+studio
+```
+
+This means never using the desktop launcher. :(
+
+2. If you want to use the desktop launcher:
+
+  * You must *always* launch emulators from the terminal. :(
+  * But: you can quickly access a terminal inside of Android Studio with `OPTION-F12`
+
+## Updating Submodules <a name="updating-submodules"></a>
+
+If you need to refresh of our upstream dependency on ics-openvpn, you may do so with:
+
+``` shell
+cd <path/to/bitmask_android>
+./gradlew updateIcsOpenVpn
+```
+
+Alternately:
+
+```shell
+cd <path/to/bitmask_android>
+cd ics-openvpn
+git remote add upstream https://github.com/schwabe/ics-openvpn.git
+git pull --rebase upstream master
+```
 A bunch of conflicts may arise. The guidelines are:
 
     1. Methods in HEAD (upstream) completely removed from Bitmask should be removed again (e.g. askPW)
     2. Sometimes, Dashboard.class is in Bitmask while in ics-openvpn it is replaced by MainActivity.class and other classes. Keep removing them to keep Dashboard.class in there.
     3. Some resources files are stripped from several entries. Remove them if possible (check the code we compile is not using anything else new).
 
-    ./gradlew updateIcsOpenVpn
-
-## Acknowledgements
+## Acknowledgments <a name="acknowledgments"></a>
 
 This project bases its work in [ics-openvpn project](https://code.google.com/p/ics-openvpn/).
 
-## Contributing
+## Contributing <a name="contributing"></a>
 
-Please fork this repository and contribute back using
-[pull requests](https://github.com/leapcode/leap_android/pulls).
+Please fork this repository and contribute back using [pull requests](https://github.com/leapcode/leap_android/pulls).
 
 Our preferred method for receiving translations is our [Transifex project](https://www.transifex.com/projects/p/bitmask-android).
 
-Any contributions, large or small, major features, bug fixes, additional
-language translations, unit/integration tests are welcomed and appreciated
-but will be thoroughly reviewed and discussed.
+Any contributions, large or small, major features, bug fixes, additional language translations, unit/integration tests are welcomed and appreciated but will be thoroughly reviewed and discussed.
diff --git a/app/build.gradle b/app/build.gradle
index e9fe2f60..cd7e6e21 100644
--- a/app/build.gradle
+++ b/app/build.gradle
@@ -2,7 +2,7 @@ apply plugin: 'com.android.application'
 
 android {
   compileSdkVersion 23
-  buildToolsVersion "23.0.3"
+  buildToolsVersion '25.0.0'
 
   signingConfigs {
     release {
@@ -13,26 +13,26 @@ android {
     }
   }
 
-    productFlavors {
-        production {
+  productFlavors {
+    production {
 
-        }
-        insecure {
+    }
+    insecure {
 
-        }
     }
+  }
 
   buildTypes {
     release {
       //runProguard true
       if(signingConfigs.contains(release))
-	signingConfig signingConfigs.release.isSigningReady() ? signingConfigs.release : signingConfigs.debug
+        signingConfig signingConfigs.release.isSigningReady() ? signingConfigs.release : signingConfigs.debug
     }
   }
 
-    lintOptions {
-        abortOnError false
-    }
+  lintOptions {
+    abortOnError false
+  }
 
   sourceSets {
     main {
@@ -48,6 +48,7 @@ android {
 
 dependencies {
   androidTestCompile 'com.jayway.android.robotium:robotium-solo:5.5.4'
+  testCompile 'junit:junit:4.12'
   compile 'com.jakewharton:butterknife:6.1.0'
   provided 'com.squareup.dagger:dagger-compiler:1.2.2'
   compile 'com.github.pedrovgs:renderers:1.5'
@@ -55,7 +56,7 @@ dependencies {
   compile 'com.google.code.gson:gson:2.4'
   compile 'org.thoughtcrime.ssl.pinning:AndroidPinning:1.0.0'
   compile 'mbanje.kurt:fabbutton:1.1.4'
-    compile 'com.android.support:support-annotations:23.2.1'
+  compile 'com.android.support:support-annotations:23.2.1'
 }
 
 def processFileInplace(file, Closure processText) {
@@ -82,17 +83,17 @@ task copyIcsOpenVPNClasses( type: Copy ) {
     include '**/dimens.xml'
     include '**/logmenu.xml'
     include '**/core/**.java'
-      include '**/activities/BaseActivity.java'
+    include '**/activities/BaseActivity.java'
 
     includeEmptyDirs = false
-    
+
     filter {
       line -> line.replaceAll('de.blinkt.openvpn.R', 'se.leap.bitmaskclient.R')
     }
     filter {
       line -> line.replaceAll('de.blinkt.openvpn.BuildConfig', 'se.leap.bitmaskclient.BuildConfig')
     }
-    filter {      
+    filter {
       line -> line.replace('package de.blinkt.openvpn;', 'package de.blinkt.openvpn;\n\nimport se.leap.bitmaskclient.R;')
     }
   } into '.'
@@ -107,11 +108,11 @@ task copyIcsOpenVPNXml( type: Copy )  {
     include '**/styles.xml'
     include '**/dimens.xml'
     include '**/refs.xml'
-    include '**/colours.xml'    
+    include '**/colours.xml'
     include '**/logmenu.xml'
     include '**/white_rect.xml'
     includeEmptyDirs = false
-    
+
     rename 'strings.xml', 'strings-icsopenvpn.xml'
     filter {
       line -> line.replaceAll('.*name="app".*', '')
@@ -128,8 +129,8 @@ task copyIcsOpenVPNImages( type: Copy ) {
     include '**/ic_close*.png'
     include '**/ic_edit*.png'
     include '**/ic_check*.png'
-      include '**/ic_pause*.png'
-      include '**/ic_play*.png'
+    include '**/ic_pause*.png'
+    include '**/ic_play*.png'
     includeEmptyDirs = false
   } into '.'
 }
@@ -141,14 +142,14 @@ task removeDuplicatedStrings() {
     if(it.name.equals('strings.xml')) {
       def ics_openvpn_file = file(it.absolutePath.replace('strings.xml', 'strings-icsopenvpn.xml'))
       if(ics_openvpn_file.exists()) {
-	def ics_openvpn_strings_names = (new XmlParser()).parse(ics_openvpn_file)
-	def current_file = it
-      
-	ics_openvpn_strings_names.string.each {
-	  processFileInplace(current_file) { text ->
-	    text.replaceAll('.*name=\"' + it.attribute('name') + '\".*(\n)*.*string>.*\n+', '')
-	  }
-	}
+        def ics_openvpn_strings_names = (new XmlParser()).parse(ics_openvpn_file)
+        def current_file = it
+
+        ics_openvpn_strings_names.string.each {
+          processFileInplace(current_file) { text ->
+            text.replaceAll('.*name=\"' + it.attribute('name') + '\".*(\n)*.*string>.*\n+', '')
+          }
+        }
       }
     }
   }
@@ -167,20 +168,20 @@ task mergeUntranslatable( type: Copy ) {
   ics_openvpn_untranslatable.eachLine { text ->
     if(text.contains('string name=')) {
       if(!bitmask_untranslatable.text.contains(text))
-	bitmask_untranslatable << text
-	if(text.contains('</string>'))
-	  string_continuation = true
+        bitmask_untranslatable << text
+      if(text.contains('</string>'))
+        string_continuation = true
     }
     else if(string_continuation) {
       bitmask_untranslatable << text
     }
-    
+
     if(text.contains('</string>')) {
       string_continuation = false
       bitmask_untranslatable << System.getProperty("line.separator")
     }
   }
-  
+
   bitmask_untranslatable.write(bitmask_untranslatable.text.replaceAll("</resources>", ""))
   bitmask_untranslatable << "</resources>"
 
diff --git a/app/src/test/java/de/blinkt/openvpn/core/TestLogFileHandler.java b/app/src/test/java/de/blinkt/openvpn/core/TestLogFileHandler.java
index c35df598..476d8151 100644
--- a/app/src/test/java/de/blinkt/openvpn/core/TestLogFileHandler.java
+++ b/app/src/test/java/de/blinkt/openvpn/core/TestLogFileHandler.java
@@ -1,119 +1,137 @@
 package de.blinkt.openvpn.core;
 
-import android.annotation.SuppressLint;
-
-import junit.framework.Assert;
-
-import org.junit.Before;
-import org.junit.Test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.io.UnsupportedEncodingException;
-import java.util.Arrays;
-
-public class TestLogFileHandler {
-
-    byte[] testUnescaped = new byte[]{0x00, 0x55, -27, 0x00, 0x56, 0x10, -128, 0x55, 0x54};
-    byte[] expectedEscaped = new byte[]{0x55, 0x00, 0x00, 0x00, 0x09, 0x00, 0x56, 0x00, -27, 0x00, 0x56, 0x01, 0x10, -128, 0x56, 0x00, 0x54};
-    private TestingLogFileHandler lfh;
-
-
-    @Before
-    public void setup() {
-        lfh = new TestingLogFileHandler();
-    }
-
-    @Test
-    public void testWriteByteArray() throws IOException {
-
-        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
-
-        lfh.setLogFile(byteArrayOutputStream);
-
-        lfh.writeEscapedBytes(testUnescaped);
-
-        byte[] result = byteArrayOutputStream.toByteArray();
-        Assert.assertTrue(Arrays.equals(expectedEscaped, result));
-    }
-
-    @Test
-    public void readByteArray() throws IOException {
-
-        ByteArrayInputStream in = new ByteArrayInputStream(expectedEscaped);
-
-        lfh.readCacheContents(in);
-
-        Assert.assertTrue(Arrays.equals(testUnescaped, lfh.mRestoredByteArray));
-
-    }
-
-    @Test
-    public void testMarschal() throws UnsupportedEncodingException {
-        LogItem li = new LogItem(VpnStatus.LogLevel.DEBUG, 72, "foobar");
-        LogItem li2 = marschalAndBack(li);
-        testEquals(li, li2);
-        Assert.assertEquals(li, li2);
-    }
-
-    @Test
-    public void testMarschalArgs() throws UnsupportedEncodingException {
-        LogItem li = new LogItem(VpnStatus.LogLevel.DEBUG, 72, 772, "sinnloser Text", 7723, 723.2f, 7.2);
-        LogItem li2 = marschalAndBack(li);
-        testEquals(li, li2);
-        Assert.assertEquals(li, li2);
-    }
-
-    @Test
-    public void testMarschalString() throws UnsupportedEncodingException {
-        LogItem li = new LogItem(VpnStatus.LogLevel.DEBUG, "Nutzlose Nachricht");
-        LogItem li2 = marschalAndBack(li);
-        testEquals(li, li2);
-        Assert.assertEquals(li, li2);
-    }
-
-
-    private void testEquals(LogItem li, LogItem li2) {
-        Assert.assertEquals(li.getLogLevel(), li2.getLogLevel());
-        Assert.assertEquals(li.getLogtime(), li2.getLogtime());
-        Assert.assertEquals(li.getVerbosityLevel(), li2.getVerbosityLevel());
-        Assert.assertEquals(li.toString(), li2.toString());
-
-    }
-
-    private LogItem marschalAndBack(LogItem li) throws UnsupportedEncodingException {
-        byte[] bytes = li.getMarschaledBytes();
-
-        return new LogItem(bytes, bytes.length);
-    }
-
-
-    @SuppressLint("HandlerLeak")
-    static class TestingLogFileHandler extends LogFileHandler {
-
-        public byte[] mRestoredByteArray;
-
-        public TestingLogFileHandler() {
-            super(null);
-        }
-
-        public void setLogFile(OutputStream out) {
-            mLogFile = out;
-        }
-
-        @Override
-        public void readCacheContents(InputStream in) throws IOException {
-            super.readCacheContents(in);
-        }
-
-        @Override
-        protected void restoreLogItem(byte[] buf, int len) {
-            mRestoredByteArray = Arrays.copyOf(buf, len);
-        }
-    }
-
-
-}
\ No newline at end of file
+//import android.annotation.SuppressLint;
+//
+//import junit.framework.Assert;
+//
+//import org.junit.Before;
+//import org.junit.Ignore;
+//import org.junit.Test;
+//
+//import java.io.ByteArrayInputStream;
+//import java.io.ByteArrayOutputStream;
+//import java.io.IOException;
+//import java.io.InputStream;
+//import java.io.OutputStream;
+//import java.io.UnsupportedEncodingException;
+//import java.util.Arrays;
+
+/**
+ * NOTE [@aguestuser|04.11.17]:
+ *
+ * As the tests below:
+ *
+ * (1) are testing the logic of library code (the openvpn class `LogFileHandler`)
+ *     -- thus making them low-value tests
+ * (2) currently diverge from the signatures of the class under test (overriding non-existent methods, etc.)
+ *     -- thus failing to compile and breaking the build
+ *
+ * I am taking the liberty of commenting them out, and proposing we delete this file altogether
+ * upon feedback from the team.
+ *
+ **/
+
+
+//@Ignore
+//public class TestLogFileHandler {
+//
+//    byte[] testUnescaped = new byte[]{0x00, 0x55, -27, 0x00, 0x56, 0x10, -128, 0x55, 0x54};
+//    byte[] expectedEscaped = new byte[]{0x55, 0x00, 0x00, 0x00, 0x09, 0x00, 0x56, 0x00, -27, 0x00, 0x56, 0x01, 0x10, -128, 0x56, 0x00, 0x54};
+//    private TestingLogFileHandler lfh;
+//
+//
+//    @Before
+//    public void setup() {
+//        lfh = new TestingLogFileHandler();
+//    }
+//
+//    @Test
+//    public void testWriteByteArray() throws IOException {
+//
+//        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
+//
+//        lfh.setLogFile(byteArrayOutputStream);
+//
+//        lfh.writeEscapedBytes(testUnescaped);
+//
+//        byte[] result = byteArrayOutputStream.toByteArray();
+//        Assert.assertTrue(Arrays.equals(expectedEscaped, result));
+//    }
+//
+//    @Test
+//    public void readByteArray() throws IOException {
+//
+//        ByteArrayInputStream in = new ByteArrayInputStream(expectedEscaped);
+//
+//        lfh.readCacheContents(in);
+//
+//        Assert.assertTrue(Arrays.equals(testUnescaped, lfh.mRestoredByteArray));
+//
+//    }
+//
+//    @Test
+//    public void testMarschal() throws UnsupportedEncodingException {
+//        LogItem li = new LogItem(VpnStatus.LogLevel.DEBUG, 72, "foobar");
+//        LogItem li2 = marschalAndBack(li);
+//        testEquals(li, li2);
+//        Assert.assertEquals(li, li2);
+//    }
+//
+//    @Test
+//    public void testMarschalArgs() throws UnsupportedEncodingException {
+//        LogItem li = new LogItem(VpnStatus.LogLevel.DEBUG, 72, 772, "sinnloser Text", 7723, 723.2f, 7.2);
+//        LogItem li2 = marschalAndBack(li);
+//        testEquals(li, li2);
+//        Assert.assertEquals(li, li2);
+//    }
+//
+//    @Test
+//    public void testMarschalString() throws UnsupportedEncodingException {
+//        LogItem li = new LogItem(VpnStatus.LogLevel.DEBUG, "Nutzlose Nachricht");
+//        LogItem li2 = marschalAndBack(li);
+//        testEquals(li, li2);
+//        Assert.assertEquals(li, li2);
+//    }
+//
+//
+//    private void testEquals(LogItem li, LogItem li2) {
+//        Assert.assertEquals(li.getLogLevel(), li2.getLogLevel());
+//        Assert.assertEquals(li.getLogtime(), li2.getLogtime());
+//        Assert.assertEquals(li.getVerbosityLevel(), li2.getVerbosityLevel());
+//        Assert.assertEquals(li.toString(), li2.toString());
+//
+//    }
+//
+//    private LogItem marschalAndBack(LogItem li) throws UnsupportedEncodingException {
+//        byte[] bytes = li.getMarschaledBytes();
+//
+//        return new LogItem(bytes, bytes.length);
+//    }
+//
+//
+//    @SuppressLint("HandlerLeak")
+//    static class TestingLogFileHandler extends LogFileHandler {
+//
+//        public byte[] mRestoredByteArray;
+//
+//        public TestingLogFileHandler() {
+//            super(null);
+//        }
+//
+//        public void setLogFile(OutputStream out) {
+//            mLogFile = out;
+//        }
+//
+//        @Override
+//        public void readCacheContents(InputStream in) throws IOException {
+//            super.readCacheContents(in);
+//        }
+//
+//        @Override
+//        protected void restoreLogItem(byte[] buf, int len) {
+//            mRestoredByteArray = Arrays.copyOf(buf, len);
+//        }
+//    }
+//
+//
+//}
\ No newline at end of file
diff --git a/build.gradle b/build.gradle
index db59f144..dc2396d7 100644
--- a/build.gradle
+++ b/build.gradle
@@ -4,7 +4,7 @@ buildscript {
     jcenter()
   }
   dependencies {
-    classpath 'com.android.tools.build:gradle:2.2.1'
+    classpath 'com.android.tools.build:gradle:2.3.1'
   }
 }
 
diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties
index d1c6fba3..732dce4b 100644
--- a/gradle/wrapper/gradle-wrapper.properties
+++ b/gradle/wrapper/gradle-wrapper.properties
@@ -1,6 +1,6 @@
-#Mon Sep 19 11:42:08 CEST 2016
+#Sat Apr 08 20:47:40 EDT 2017
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-2.14.1-all.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-3.3-all.zip
-- 
cgit v1.2.3


From a7b4f463e4ffc282814ef74daf18c74581fc3a7d Mon Sep 17 00:00:00 2001
From: aguestuser <aguestuser@risup.net>
Date: Mon, 17 Apr 2017 00:34:21 -0400
Subject: [ag] Update dockerfile to match config in passing local build

* PROBLEM: the build fails on gitlab in a debian-based docker container
* BUT: i (@aguestuser) have a recently-achieved passing build on a
  debian laptop
* ATTEMPTED SOLUTION: construct a dockerfile that matches my local
  configuration as precisely as possible
* PROGRESS: the build gets further than it did before -- getting part of
  the way through the `buildNative` gradle script before failing
* REMAINING FAILURE: several arm64 cross-compile steps in the
  `ndk-build` step fail because they depend on
  [neon](https://developer.android.com/ndk/guides/cpu-arm-neon.html):

```shell
[arm64-v8a] Compile        : crypto_static <= aesv8-armx-64.S
openssl/crypto/aes/asm/aesv8-armx-64.S:35:2: error: instruction requires: neon
 eor v0.16b,v0.16b,v0.16b
 ^
openssl/crypto/aes/asm/aesv8-armx-64.S:36:2: error: instruction requires: neon
 ld1 {v3.16b},[x0],#16
 ^
openssl/crypto/aes/asm/aesv8-armx-64.S:38:2: error: instruction requires: neon
 ld1 {v1.4s,v2.4s},[x3],#32
```

* PROPOSED NEXT STEPS:
  * consult team to see if there's any collective wisdom about `neon`
  * look for ways to analyze diff of c dependencies in local machine
    v. docker instance
  * consider using ubuntu or debian:sid as the base image for the
    android container?
---
 app/build.gradle              |  4 +-
 docker/android-sdk.dockerfile | 91 +++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 93 insertions(+), 2 deletions(-)
 create mode 100644 docker/android-sdk.dockerfile

diff --git a/app/build.gradle b/app/build.gradle
index cd7e6e21..b6bb39ff 100644
--- a/app/build.gradle
+++ b/app/build.gradle
@@ -2,8 +2,8 @@ apply plugin: 'com.android.application'
 
 android {
   compileSdkVersion 23
-  buildToolsVersion '25.0.0'
-
+  buildToolsVersion '25.0.2'
+;
   signingConfigs {
     release {
       storeFile project.hasProperty('storeFileProperty') ? file(storeFileProperty) : null
diff --git a/docker/android-sdk.dockerfile b/docker/android-sdk.dockerfile
new file mode 100644
index 00000000..dddf54c6
--- /dev/null
+++ b/docker/android-sdk.dockerfile
@@ -0,0 +1,91 @@
+FROM debian:stretch
+
+MAINTAINER LEAP Encryption Access Project <info@leap.se>
+LABEL Description="Android SDK baseimage based on debian:stretch" Vendor="LEAP" Version="0.0.1"
+
+# ------------------------------------------------------
+# --- Install System Dependencies
+
+# Update Debian
+RUN apt-get update -qq
+
+# Install Debian Packages
+RUN DEBIAN_FRONTEND=noninteractive apt-get install -y \
+  # the basics
+  wget unzip git locales \
+  # java stuff
+  openjdk-8-jdk maven \ 
+  # c libraries
+  make clang lib32stdc++6 lib32z1 # (incl. 32-bit compatible versions)
+
+# libgcc-6-dev-arm64-cross
+
+# Set Locale
+RUN locale-gen en_US.UTF-8  
+RUN localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8
+
+# ------------------------------------------------------
+# --- Install Android SDK Tools
+
+ENV ANDROID_HOME /opt/android-sdk-linux
+ENV SDK_TOOLS_VERSION "25.2.5"
+
+# Install SDK Tools
+RUN cd /opt \
+    && wget -q -O sdk-tools.zip \
+    https://dl.google.com/android/repository/tools_r${SDK_TOOLS_VERSION}-linux.zip \
+    && unzip -q sdk-tools.zip -d ${ANDROID_HOME} \
+    && rm -f sdk-tools.zip
+
+# Update PATH
+ENV PATH ${PATH}:${ANDROID_HOME}/tools:${ANDROID_HOME}/tools/bin:${ANDROID_HOME}/platform-tools
+
+# Install Platform Tools Package
+RUN echo y | sdkmanager "platform-tools" # echo y to accept google licenses
+
+# Install Android Support Repositories
+RUN echo y | sdkmanager "extras;android;m2repository"
+
+# Install Target SDK Packages (Please keep in descending order)
+RUN echo y | sdkmanager "platforms;android-25"
+RUN echo y | sdkmanager "platforms;android-24"
+RUN echo y | sdkmanager "platforms;android-23"
+
+# Install Build Tools (Please keep in descending order)
+RUN echo y | sdkmanager "build-tools;25.0.2"
+RUN echo y | sdkmanager "build-tools;24.0.3"
+RUN echo y | sdkmanager "build-tools;23.0.3"
+
+# ------------------------------------------------------
+# --- Install Android NDK (for running C code)
+
+ENV ANDROID_NDK_HOME ${ANDROID_HOME}/ndk-bundle
+
+# Install NDK packages from sdk tools
+
+RUN echo y | sdkmanager "ndk-bundle"
+RUN echo y | sdkmanager "cmake;3.6.3155560"
+RUN echo y | sdkmanager "lldb;2.3"
+
+# Update PATH
+
+ENV PATH ${PATH}:${ANDROID_NDK_HOME}
+
+
+# ------------------------------------------------------
+# --- Install Android Emulator
+
+
+# RUN echo y | sdkmanager "emulator"
+
+# System Images for emulators
+# RUN echo y | sdkmanager "system-images;android-25;google_apis;armeabi-v7a"
+# RUN echo y | sdkmanager "system-images;android-24;google_apis;armeabi-v7a"
+# RUN echo y | sdkmanager "system-images;android-23;google_apis;armeabi-v7a"
+# RUN echo y | sdkmanager "system-images;android-23;google_apis;arm64-v8a"
+
+# ------------------------------------------------------
+# --- Cleanup
+
+RUN apt-get clean
+
-- 
cgit v1.2.3


From e79058d8797c918d37e406245ca7683cf07240d1 Mon Sep 17 00:00:00 2001
From: aguestuser <aguestuser@risup.net>
Date: Sun, 23 Apr 2017 16:39:03 -0400
Subject: [ag] Fix native build step with revised dockerfile

* PROBLEM:
  * most recent version (r14b) of `android-ndk` uses `clang` for cross-compilation
  * BUT: `openssl` cannot compile successfully w/ `clang`
  * AND: we depend on `openssl` transitively through `ics-openvpn`
    while trying to use `android-ndk` r14b

* FIX:
  * downgrade to `android-ndk` (12b) (most recent versoin that still
    uses `gcc` instead of `clang`)
  * modify some of the default

* REMAINING PROBLEMS:
  * some string translations for Jamaica now break the build (unclear
    why -- outdated country abbreviation? ja for jm???)
  * we are now using a version of ndk that is 2 versions old and a
    version of ics-openvpn (pinned to a 3.1.2016 commit via submodule)
    that depends on an outdated version of `openssl`, which raises
    security concerns. updating to the most recent version will force
    us to wade into all the dependency problems amongst `ics-openvpn`/`openssl`/`ndk`

* REFERENCES:
  * on `openssl` incompatibility w/ clang: https://github.com/openssl/openssl/pull/2229
  * on `ics-openvpn` problems with `ndk`: https://github.com/android-ndk/ndk/issues/144
---
 .gitlab-ci.yml                |  9 ++++-
 docker/android-sdk.dockerfile | 86 ++++++++++++++++++++++++++++++-------------
 2 files changed, 68 insertions(+), 27 deletions(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 7ad57573..920f65d0 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -1,5 +1,12 @@
+# NOTE(@aguestuser|4.23.17):
+# - we would prefer 0xacab.org:4567/leap/bitmask_android:android-sdk
+#   as the build image, but cant do that presently b/c:
+# (1) i do not have permissions to create docker repositories in this repo
+# (2) we need to add whatever image we use to gitlab ci's whitelist
+#     or else we get a message like:
+#     `ERROR: The 0xacab.org:4567/aguestuser/bitmask_android:android-sdk-25 is not present on list of allowed images`
+
 image: "0xacab.org:4567/leap/gitlab-buildpackage:android"
-#image: "gfx2015/android"
 
 stages:
   - build
diff --git a/docker/android-sdk.dockerfile b/docker/android-sdk.dockerfile
index dddf54c6..31b89d4c 100644
--- a/docker/android-sdk.dockerfile
+++ b/docker/android-sdk.dockerfile
@@ -3,6 +3,22 @@ FROM debian:stretch
 MAINTAINER LEAP Encryption Access Project <info@leap.se>
 LABEL Description="Android SDK baseimage based on debian:stretch" Vendor="LEAP" Version="0.0.1"
 
+# ------------------------------------------------------
+# --- Env Vars
+
+
+ENV ANDROID_SDK_VERSION "25.2.5"
+ENV ANDROID_NDK_VERSION "r12b"
+
+# NOTE(@aguestuser|4.23.17)
+# We woud like to use te current version of Android NDK ()
+
+ENV ANDROID_HOME /opt/android-sdk-linux
+ENV ANDROID_NDK_HOME ${ANDROID_HOME}/android-ndk-${ANDROID_NDK_VERSION}
+
+ENV ANDROID_SDK_URL https://dl.google.com/android/repository/tools_r${ANDROID_SDK_VERSION}-linux.zip
+ENV ANDROID_NDK_URL http://dl.google.com/android/repository/android-ndk-${ANDROID_NDK_VERSION}-linux-x86_64.zip
+
 # ------------------------------------------------------
 # --- Install System Dependencies
 
@@ -12,13 +28,11 @@ RUN apt-get update -qq
 # Install Debian Packages
 RUN DEBIAN_FRONTEND=noninteractive apt-get install -y \
   # the basics
-  wget unzip git locales \
+  curl unzip git locales \
   # java stuff
   openjdk-8-jdk maven \ 
   # c libraries
-  make clang lib32stdc++6 lib32z1 # (incl. 32-bit compatible versions)
-
-# libgcc-6-dev-arm64-cross
+  make gcc lib32stdc++6 lib32z1 # (incl. 32-bit compatible versions)
 
 # Set Locale
 RUN locale-gen en_US.UTF-8  
@@ -27,19 +41,54 @@ RUN localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8
 # ------------------------------------------------------
 # --- Install Android SDK Tools
 
-ENV ANDROID_HOME /opt/android-sdk-linux
-ENV SDK_TOOLS_VERSION "25.2.5"
 
 # Install SDK Tools
-RUN cd /opt \
-    && wget -q -O sdk-tools.zip \
-    https://dl.google.com/android/repository/tools_r${SDK_TOOLS_VERSION}-linux.zip \
-    && unzip -q sdk-tools.zip -d ${ANDROID_HOME} \
+RUN curl -L $ANDROID_SDK_URL -o sdk-tools.zip  \
+    && unzip -q sdk-tools.zip -d $ANDROID_HOME \
     && rm -f sdk-tools.zip
 
 # Update PATH
 ENV PATH ${PATH}:${ANDROID_HOME}/tools:${ANDROID_HOME}/tools/bin:${ANDROID_HOME}/platform-tools
 
+# ------------------------------------------------------
+# --- Install Android NDK (for running C code)
+
+RUN curl -L $ANDROID_NDK_URL -o ndk.zip  \
+    && unzip ndk.zip -d $ANDROID_HOME  \
+    && rm -rf ndk.zip
+
+# HACK (@aguestuser|4.23.17):
+
+# BUG:
+#   when installed on a 64-bit machine, ndk r12b
+#   fails to cross-compile for *some* (not all) target architectures
+#   because it looks for prebuilt packages in <path/to/arch>/prebuilt/linux-x86
+#   instead of <path/to/arch>/prebuilt/linux-x86_64 (which is where it installed them)
+
+# PENDING:
+#   (1) a cleaner solution
+#   (2) upgrading to ndk r14b (pending openssl/clang bugfix: https://github.com/openssl/openssl/pull/2229)
+
+# WORKAROUND:
+#   we simply rename all such directories so the cross-compiler can find them
+
+ENV TARGETS "aarch64-linux-android-4.9 \
+             arm-linux-androideabi-4.9 \
+             mipsel-linux-android-4.9 \
+             x86-4.9 \
+             x86_64-4.9"
+
+RUN for target in $TARGETS; do \
+      cd ${ANDROID_NDK_HOME}/toolchains/${target}/prebuilt \
+      && mv linux-x86_64/ linux-x86/; \
+    done
+
+ENV PATH ${PATH}:${ANDROID_NDK_HOME}
+
+# ------------------------------------------------------
+# --- Install Android SDK Tools Packages
+
+
 # Install Platform Tools Package
 RUN echo y | sdkmanager "platform-tools" # echo y to accept google licenses
 
@@ -53,25 +102,10 @@ RUN echo y | sdkmanager "platforms;android-23"
 
 # Install Build Tools (Please keep in descending order)
 RUN echo y | sdkmanager "build-tools;25.0.2"
+RUN echo y | sdkmanager "build-tools;25.0.0"
 RUN echo y | sdkmanager "build-tools;24.0.3"
 RUN echo y | sdkmanager "build-tools;23.0.3"
 
-# ------------------------------------------------------
-# --- Install Android NDK (for running C code)
-
-ENV ANDROID_NDK_HOME ${ANDROID_HOME}/ndk-bundle
-
-# Install NDK packages from sdk tools
-
-RUN echo y | sdkmanager "ndk-bundle"
-RUN echo y | sdkmanager "cmake;3.6.3155560"
-RUN echo y | sdkmanager "lldb;2.3"
-
-# Update PATH
-
-ENV PATH ${PATH}:${ANDROID_NDK_HOME}
-
-
 # ------------------------------------------------------
 # --- Install Android Emulator
 
-- 
cgit v1.2.3


From 215edb9840e5a75ed961fbf8b6ce423116deef28 Mon Sep 17 00:00:00 2001
From: aguestuser <aguestuser@risup.net>
Date: Sun, 23 Apr 2017 20:36:37 -0400
Subject: [ag] eliminate hacky workaround for 64-bit builds

* HACK: replace all toolchain references to `linux-x86_64` with `linux-x86`
* FIX: provide dependency on `file` package that will allow `ndk-build` to
  detect 32-bit userland, making this

* side-effects:
  * group sdk/env vars with installation code that uses them
  * add explanatory note about why we use outdated version of `android-ndk`

------------------

*Explanation:*

More careful analysis of the meaning of the word `file` in this (subtle!) error message:

```shell
/opt/android-sdk-linux/android-ndk-r12b/build/ndk-build: 143: /opt/android-sdk-linux/android-ndk-r12b/build/ndk-build: file: not found
```

led to inspecting line 143 of `ndk-build`, revealing an undefined variable
called `file` that would allow `ndk-build` to detect a 32-bit userland:

```shell
file -L "$SHELL" | grep -q "x86[_-]64"
```
Thus the error messsage was *not* trying to tell us that a file could
not be found, but that the program called `file` could not be
found. FUN! :)
---
 docker/android-sdk.dockerfile | 61 ++++++++++++-------------------------------
 1 file changed, 17 insertions(+), 44 deletions(-)

diff --git a/docker/android-sdk.dockerfile b/docker/android-sdk.dockerfile
index 31b89d4c..468546cf 100644
--- a/docker/android-sdk.dockerfile
+++ b/docker/android-sdk.dockerfile
@@ -3,22 +3,6 @@ FROM debian:stretch
 MAINTAINER LEAP Encryption Access Project <info@leap.se>
 LABEL Description="Android SDK baseimage based on debian:stretch" Vendor="LEAP" Version="0.0.1"
 
-# ------------------------------------------------------
-# --- Env Vars
-
-
-ENV ANDROID_SDK_VERSION "25.2.5"
-ENV ANDROID_NDK_VERSION "r12b"
-
-# NOTE(@aguestuser|4.23.17)
-# We woud like to use te current version of Android NDK ()
-
-ENV ANDROID_HOME /opt/android-sdk-linux
-ENV ANDROID_NDK_HOME ${ANDROID_HOME}/android-ndk-${ANDROID_NDK_VERSION}
-
-ENV ANDROID_SDK_URL https://dl.google.com/android/repository/tools_r${ANDROID_SDK_VERSION}-linux.zip
-ENV ANDROID_NDK_URL http://dl.google.com/android/repository/android-ndk-${ANDROID_NDK_VERSION}-linux-x86_64.zip
-
 # ------------------------------------------------------
 # --- Install System Dependencies
 
@@ -31,8 +15,8 @@ RUN DEBIAN_FRONTEND=noninteractive apt-get install -y \
   curl unzip git locales \
   # java stuff
   openjdk-8-jdk maven \ 
-  # c libraries
-  make gcc lib32stdc++6 lib32z1 # (incl. 32-bit compatible versions)
+  # ndk dependencies
+  make gcc file lib32stdc++6 lib32z1 # (incl. 32-bit compatible versions)
 
 # Set Locale
 RUN locale-gen en_US.UTF-8  
@@ -41,6 +25,9 @@ RUN localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8
 # ------------------------------------------------------
 # --- Install Android SDK Tools
 
+ENV ANDROID_SDK_VERSION "25.2.5"
+ENV ANDROID_HOME /opt/android-sdk-linux
+ENV ANDROID_SDK_URL https://dl.google.com/android/repository/tools_r${ANDROID_SDK_VERSION}-linux.zip
 
 # Install SDK Tools
 RUN curl -L $ANDROID_SDK_URL -o sdk-tools.zip  \
@@ -53,36 +40,22 @@ ENV PATH ${PATH}:${ANDROID_HOME}/tools:${ANDROID_HOME}/tools/bin:${ANDROID_HOME}
 # ------------------------------------------------------
 # --- Install Android NDK (for running C code)
 
+# NOTE(@aguestuser|4.23.17)
+# We woud like to use te current version of Android NDK (r14b) but cannot 
+#   due to pinned dependency on year-old version of `ics-openvpn`
+#   which has transitive dependency on `openssl` which will not compile with `clang`
+#   (starting in 13b, android ndk uses `clang` isntead of `gcc`)
+# Upon rebasing onto to current HEAD of `ics-openvpn` and resolving conflicts, we
+#   should update to current version of `ndk` (if possible).
+
+ENV ANDROID_NDK_VERSION "r12b"
+ENV ANDROID_NDK_HOME ${ANDROID_HOME}/android-ndk-${ANDROID_NDK_VERSION}
+ENV ANDROID_NDK_URL http://dl.google.com/android/repository/android-ndk-${ANDROID_NDK_VERSION}-linux-x86_64.zip
+
 RUN curl -L $ANDROID_NDK_URL -o ndk.zip  \
     && unzip ndk.zip -d $ANDROID_HOME  \
     && rm -rf ndk.zip
 
-# HACK (@aguestuser|4.23.17):
-
-# BUG:
-#   when installed on a 64-bit machine, ndk r12b
-#   fails to cross-compile for *some* (not all) target architectures
-#   because it looks for prebuilt packages in <path/to/arch>/prebuilt/linux-x86
-#   instead of <path/to/arch>/prebuilt/linux-x86_64 (which is where it installed them)
-
-# PENDING:
-#   (1) a cleaner solution
-#   (2) upgrading to ndk r14b (pending openssl/clang bugfix: https://github.com/openssl/openssl/pull/2229)
-
-# WORKAROUND:
-#   we simply rename all such directories so the cross-compiler can find them
-
-ENV TARGETS "aarch64-linux-android-4.9 \
-             arm-linux-androideabi-4.9 \
-             mipsel-linux-android-4.9 \
-             x86-4.9 \
-             x86_64-4.9"
-
-RUN for target in $TARGETS; do \
-      cd ${ANDROID_NDK_HOME}/toolchains/${target}/prebuilt \
-      && mv linux-x86_64/ linux-x86/; \
-    done
-
 ENV PATH ${PATH}:${ANDROID_NDK_HOME}
 
 # ------------------------------------------------------
-- 
cgit v1.2.3


From 7ed7d62015fafe5b9a11097c04419d2ffd0826c1 Mon Sep 17 00:00:00 2001
From: aguestuser <aguestuser@risup.net>
Date: Sun, 23 Apr 2017 20:58:42 -0400
Subject: [ag] use self-contained docker registry in ci build

* for greater compartmentalization and self-documentation,
  use docker registry in this repo to host image used in its build
  rather than registry in `leap/gitlab-buildpackage` as before
---
 .gitlab-ci.yml | 10 +---------
 1 file changed, 1 insertion(+), 9 deletions(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 920f65d0..5321f64d 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -1,12 +1,4 @@
-# NOTE(@aguestuser|4.23.17):
-# - we would prefer 0xacab.org:4567/leap/bitmask_android:android-sdk
-#   as the build image, but cant do that presently b/c:
-# (1) i do not have permissions to create docker repositories in this repo
-# (2) we need to add whatever image we use to gitlab ci's whitelist
-#     or else we get a message like:
-#     `ERROR: The 0xacab.org:4567/aguestuser/bitmask_android:android-sdk-25 is not present on list of allowed images`
-
-image: "0xacab.org:4567/leap/gitlab-buildpackage:android"
+image: "0xacab.org:4567/leap/bitmask_android/android-sdk:latest"
 
 stages:
   - build
-- 
cgit v1.2.3


From 9278f4680d9fdd34803089be875d16d667c0579e Mon Sep 17 00:00:00 2001
From: aguestuser <aguestuser@risup.net>
Date: Sun, 23 Apr 2017 21:32:48 -0400
Subject: [ag] use canonical format for 0xacab docker registry images

* this change was necessitated by prior format failing a whitelisted
  images check here: https://0xacab.org/aguestuser/bitmask_android/builds/9406
* NOTE: this format means we can't label `android-sdk` images by version
  because the tag is reserved for the image name, not the version :(
* ie: the whitelist forces us to specify `bimtask_android:android-sdk`
  rather than `bitmask_android/android-sdk:0.0.1` -- is there a reason for this?
---
 .gitlab-ci.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 5321f64d..8bbe684b 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -1,4 +1,4 @@
-image: "0xacab.org:4567/leap/bitmask_android/android-sdk:latest"
+image: "0xacab.org:4567/leap/bitmask_android:android-sdk"
 
 stages:
   - build
-- 
cgit v1.2.3


From 27b25ef2ea2baed320f7aed7b7e16a4a454d5f64 Mon Sep 17 00:00:00 2001
From: aguestuser <aguestuser@risup.net>
Date: Sun, 23 Apr 2017 21:35:38 -0400
Subject: [ag] clean up README

---
 README.md | 10 +++-------
 1 file changed, 3 insertions(+), 7 deletions(-)

diff --git a/README.md b/README.md
index d827bd6e..70ff6dcd 100644
--- a/README.md
+++ b/README.md
@@ -78,8 +78,6 @@ These are necessary to make sure the program cross-compiles to 32-bit architectu
 sudo apt install  lib32stdc++ lib32z1
 ```
 
-lib64stdc++
-
 ### Android SDK <a name="android-sdk"></a>
 
 #### With Android Studio <a name="with-android-studio"></a>
@@ -142,9 +140,7 @@ sdkmanager ndk-bundle
 
 #### Updating Your Path <a name="updating-your-path"></a>
 
-Once you've installed Android SDK & NDK packages, you need to modify your PATH so you can invoke all the programs you just installed. (On GNU/Linux, machines, this is generally `~/Android/Sdk`.)
-
-You can do that with something like the following in your `~/.shellrc` or `~/.bash_profile`:
+Once you've installed Android SDK & NDK packages, you need to modify your PATH so you can invoke all the programs you just installed. You can do that with something like the following in your `~/.shellrc` or `~/.bash_profile`:
 
 ```shell
 export ANDROID_HOME=<path/where/you/installed/android/sdk>
@@ -154,6 +150,8 @@ export PATH=$ANDROID_HOME/platform-tools:$PATH
 export PATH=$ANDROID_HOME/tools/bin:$PATH
 ```
 
+NOTE: On GNU/Linux machines, Android Studio installs the Android SDK in `~/Android/Sdk/`. Our dockerfile installs it in `/opt/android-sdk-linux`. You can install it wherever you want! Just be sure to remember where so you can add it to your PATH! :)
+
 #### With Docker <a name="with-docker"></a>
 
 Geesh! If all that above seems like a lot, it is!
@@ -389,8 +387,6 @@ You have a couple options. The second is more robust:
 function emulator { pushd `pwd`; cd "$(dirname "$(which emulator)")" && ./emulator "$@"; popd;}
 ```
 
-*** PROBLEM 2: OUTDATED VERSIONS OF GL LIBRARIES
-
 #### 3. Outdated GL Libraries <a name="outdated-gl-libraries"></a>
 
 **Symptoms:** If you have this bug, you will see something like the following:
-- 
cgit v1.2.3


From d1594edf30c4d6f171682b527ebffbb489d6481b Mon Sep 17 00:00:00 2001
From: aguestuser <aguestuser@risup.net>
Date: Sun, 23 Apr 2017 23:29:01 -0400
Subject: [ag] use external docker registry to demonstrate state of build

---
 .gitlab-ci.yml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 8bbe684b..7d2875ac 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -1,4 +1,5 @@
-image: "0xacab.org:4567/leap/bitmask_android:android-sdk"
+#image: "0xacab.org:4567/leap/bitmask_android:android-sdk"
+image: "0xacab.org:4567/leap/gitlab-buildpackage:android"
 
 stages:
   - build
-- 
cgit v1.2.3


From 7ed71d793c24b0b074cf61a85ea96c45c21f07f1 Mon Sep 17 00:00:00 2001
From: aguestuser <aguestuser@risup.net>
Date: Sun, 30 Apr 2017 15:35:42 -0400
Subject: [ag] generate all locales in android-sdk dockerfile to pass build

---
 docker/android-sdk.dockerfile | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/docker/android-sdk.dockerfile b/docker/android-sdk.dockerfile
index 468546cf..753ac6a9 100644
--- a/docker/android-sdk.dockerfile
+++ b/docker/android-sdk.dockerfile
@@ -18,9 +18,16 @@ RUN DEBIAN_FRONTEND=noninteractive apt-get install -y \
   # ndk dependencies
   make gcc file lib32stdc++6 lib32z1 # (incl. 32-bit compatible versions)
 
-# Set Locale
-RUN locale-gen en_US.UTF-8  
+# ------------------------------------------------------
+# --- Set Locales
+
+# Generate All Locales
+RUN cp /usr/share/i18n/SUPPORTED /etc/locale.gen
+RUN locale-gen
+
+# Set Default Locale
 RUN localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8
+ENV LANG en_US.UTF-8
 
 # ------------------------------------------------------
 # --- Install Android SDK Tools
-- 
cgit v1.2.3


From 690364e6debe88ae052d93808d715b9ac79d4bc1 Mon Sep 17 00:00:00 2001
From: aguestuser <aguestuser@risup.net>
Date: Sun, 30 Apr 2017 17:09:41 -0400
Subject: [ag] extract sdk, ndk, emulator configs to separate dockerfiles

---
 docker/android-emulator.dockerfile | 24 ++++++++++++++++++++
 docker/android-ndk.dockerfile      | 32 ++++++++++++++++++++++++++
 docker/android-sdk.dockerfile      | 46 +++-----------------------------------
 3 files changed, 59 insertions(+), 43 deletions(-)
 create mode 100644 docker/android-emulator.dockerfile
 create mode 100644 docker/android-ndk.dockerfile

diff --git a/docker/android-emulator.dockerfile b/docker/android-emulator.dockerfile
new file mode 100644
index 00000000..0201312b
--- /dev/null
+++ b/docker/android-emulator.dockerfile
@@ -0,0 +1,24 @@
+FROM 0xacab.org:4567/leap/bitmask_android/android-sdk:latest
+
+MAINTAINER LEAP Encryption Access Project <info@leap.se>
+LABEL Description="Android SDK baseimage based on debian:stretch" Vendor="LEAP" Version="25"
+
+# ------------------------------------------------------
+# --- System Dependencies
+
+# ensure GL compatibility
+
+RUN apt-get update -qq
+RUN DEBIAN_FRONTEND=noninteractive apt-get install -y mesa-utils 
+ENV ANDROID_EMULATOR_USE_SYSTEM_LIBS=1 
+
+# ------------------------------------------------------
+# --- Install Android Emulator
+
+# Install Android SDK emulator package
+RUN echo y | sdkmanager "emulator"
+
+# Install System Images for emulators
+RUN echo y | sdkmanager "system-images;android-25;google_apis;x86_64"
+RUN echo y | sdkmanager "system-images;android-24;google_apis;x86_64"
+RUN echo y | sdkmanager "system-images;android-23;google_apis;x86_64"
diff --git a/docker/android-ndk.dockerfile b/docker/android-ndk.dockerfile
new file mode 100644
index 00000000..0a3eabfd
--- /dev/null
+++ b/docker/android-ndk.dockerfile
@@ -0,0 +1,32 @@
+FROM 0xacab.org:4567/leap/bitmask_android/android-sdk:latest
+
+MAINTAINER LEAP Encryption Access Project <info@leap.se>
+LABEL Description="Android NDK image based on android-sdk baseimage" Vendor="LEAP" Version="r12b"
+
+# ------------------------------------------------------
+# --- Install System Dependencies
+
+RUN apt-get update -qq
+RUN DEBIAN_FRONTEND=noninteractive apt-get install -y \
+    make gcc file lib32stdc++6 lib32z1 # JNI build dependencies w/ 32-bit compatible C libs
+
+# ------------------------------------------------------
+# --- Install Android NDK (for running C code)
+
+# NOTE(@aguestuser|4.23.17)
+# We woud like to use te current version of Android NDK (r14b) but cannot 
+#   due to pinned dependency on year-old version of `ics-openvpn`
+#   which has transitive dependency on `openssl` which will not compile with `clang`
+#   (starting in 13b, android ndk uses `clang` isntead of `gcc`)
+# Upon rebasing onto to current HEAD of `ics-openvpn` and resolving conflicts, we
+#   should update to current version of `ndk`.
+
+ENV ANDROID_NDK_VERSION "r12b"
+ENV ANDROID_NDK_HOME ${ANDROID_HOME}/android-ndk-${ANDROID_NDK_VERSION}
+ENV ANDROID_NDK_URL http://dl.google.com/android/repository/android-ndk-${ANDROID_NDK_VERSION}-linux-x86_64.zip
+
+RUN curl -L $ANDROID_NDK_URL -o ndk.zip  \
+    && unzip ndk.zip -d $ANDROID_HOME  \
+    && rm -rf ndk.zip
+
+ENV PATH ${PATH}:${ANDROID_NDK_HOME}
diff --git a/docker/android-sdk.dockerfile b/docker/android-sdk.dockerfile
index 753ac6a9..1007735d 100644
--- a/docker/android-sdk.dockerfile
+++ b/docker/android-sdk.dockerfile
@@ -1,22 +1,17 @@
 FROM debian:stretch
 
 MAINTAINER LEAP Encryption Access Project <info@leap.se>
-LABEL Description="Android SDK baseimage based on debian:stretch" Vendor="LEAP" Version="0.0.1"
+LABEL Description="Android SDK baseimage based on debian:stretch" Vendor="LEAP" Version="25.2.5"
 
 # ------------------------------------------------------
 # --- Install System Dependencies
 
-# Update Debian
 RUN apt-get update -qq
-
-# Install Debian Packages
 RUN DEBIAN_FRONTEND=noninteractive apt-get install -y \
   # the basics
   curl unzip git locales \
   # java stuff
-  openjdk-8-jdk maven \ 
-  # ndk dependencies
-  make gcc file lib32stdc++6 lib32z1 # (incl. 32-bit compatible versions)
+  openjdk-8-jdk maven
 
 # ------------------------------------------------------
 # --- Set Locales
@@ -44,31 +39,9 @@ RUN curl -L $ANDROID_SDK_URL -o sdk-tools.zip  \
 # Update PATH
 ENV PATH ${PATH}:${ANDROID_HOME}/tools:${ANDROID_HOME}/tools/bin:${ANDROID_HOME}/platform-tools
 
-# ------------------------------------------------------
-# --- Install Android NDK (for running C code)
-
-# NOTE(@aguestuser|4.23.17)
-# We woud like to use te current version of Android NDK (r14b) but cannot 
-#   due to pinned dependency on year-old version of `ics-openvpn`
-#   which has transitive dependency on `openssl` which will not compile with `clang`
-#   (starting in 13b, android ndk uses `clang` isntead of `gcc`)
-# Upon rebasing onto to current HEAD of `ics-openvpn` and resolving conflicts, we
-#   should update to current version of `ndk` (if possible).
-
-ENV ANDROID_NDK_VERSION "r12b"
-ENV ANDROID_NDK_HOME ${ANDROID_HOME}/android-ndk-${ANDROID_NDK_VERSION}
-ENV ANDROID_NDK_URL http://dl.google.com/android/repository/android-ndk-${ANDROID_NDK_VERSION}-linux-x86_64.zip
-
-RUN curl -L $ANDROID_NDK_URL -o ndk.zip  \
-    && unzip ndk.zip -d $ANDROID_HOME  \
-    && rm -rf ndk.zip
-
-ENV PATH ${PATH}:${ANDROID_NDK_HOME}
-
 # ------------------------------------------------------
 # --- Install Android SDK Tools Packages
 
-
 # Install Platform Tools Package
 RUN echo y | sdkmanager "platform-tools" # echo y to accept google licenses
 
@@ -86,20 +59,7 @@ RUN echo y | sdkmanager "build-tools;25.0.0"
 RUN echo y | sdkmanager "build-tools;24.0.3"
 RUN echo y | sdkmanager "build-tools;23.0.3"
 
-# ------------------------------------------------------
-# --- Install Android Emulator
-
-
-# RUN echo y | sdkmanager "emulator"
-
-# System Images for emulators
-# RUN echo y | sdkmanager "system-images;android-25;google_apis;armeabi-v7a"
-# RUN echo y | sdkmanager "system-images;android-24;google_apis;armeabi-v7a"
-# RUN echo y | sdkmanager "system-images;android-23;google_apis;armeabi-v7a"
-# RUN echo y | sdkmanager "system-images;android-23;google_apis;arm64-v8a"
-
 # ------------------------------------------------------
 # --- Cleanup
 
-RUN apt-get clean
-
+RUN apt clean
-- 
cgit v1.2.3


From 1e8da8edc94a552511e740f9d6a52a0d522432aa Mon Sep 17 00:00:00 2001
From: aguestuser <aguestuser@risup.net>
Date: Sun, 30 Apr 2017 17:12:59 -0400
Subject: [ag] use ndk container from repo registry in build

---
 .gitlab-ci.yml | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 7d2875ac..6f8f92c8 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -1,5 +1,4 @@
-#image: "0xacab.org:4567/leap/bitmask_android:android-sdk"
-image: "0xacab.org:4567/leap/gitlab-buildpackage:android"
+image: "0xacab.org:4567/leap/bitmask_android/android-ndk:latest"
 
 stages:
   - build
-- 
cgit v1.2.3


From 730ab74a2a38cdbe8ac735f2d641d3d19055bf34 Mon Sep 17 00:00:00 2001
From: aguestuser <aguestuser@risup.net>
Date: Sun, 30 Apr 2017 19:03:59 -0400
Subject: [ag] modify sdk dockerfile to ensure android-23 platform installs

* on remote builds, failure of Android SDK Platform 23 to properly
  install was causing build failures undetected in local container.
  see: <https://0xacab.org/aguestuser/bitmask_android/builds/9906>
* to fix this, tweak order of `sdkmanager` calls and remove `echo -y`
  flags to ensure platform installation completes successfully and
  build step never tries to install Platform 23
---
 docker/android-sdk.dockerfile | 20 ++++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/docker/android-sdk.dockerfile b/docker/android-sdk.dockerfile
index 1007735d..4044a7ec 100644
--- a/docker/android-sdk.dockerfile
+++ b/docker/android-sdk.dockerfile
@@ -46,18 +46,18 @@ ENV PATH ${PATH}:${ANDROID_HOME}/tools:${ANDROID_HOME}/tools/bin:${ANDROID_HOME}
 RUN echo y | sdkmanager "platform-tools" # echo y to accept google licenses
 
 # Install Android Support Repositories
-RUN echo y | sdkmanager "extras;android;m2repository"
-
-# Install Target SDK Packages (Please keep in descending order)
-RUN echo y | sdkmanager "platforms;android-25"
-RUN echo y | sdkmanager "platforms;android-24"
-RUN echo y | sdkmanager "platforms;android-23"
+RUN sdkmanager "extras;android;m2repository"
 
 # Install Build Tools (Please keep in descending order)
-RUN echo y | sdkmanager "build-tools;25.0.2"
-RUN echo y | sdkmanager "build-tools;25.0.0"
-RUN echo y | sdkmanager "build-tools;24.0.3"
-RUN echo y | sdkmanager "build-tools;23.0.3"
+RUN sdkmanager "build-tools;25.0.2"
+RUN sdkmanager "build-tools;25.0.0"
+RUN sdkmanager "build-tools;24.0.3"
+RUN sdkmanager "build-tools;23.0.3"
+
+# Install Target SDK Packages (Please keep in descending order)
+RUN sdkmanager "platforms;android-25"
+RUN sdkmanager "platforms;android-24"
+RUN sdkmanager "platforms;android-23"
 
 # ------------------------------------------------------
 # --- Cleanup
-- 
cgit v1.2.3


From 8de794f75268a38b35a9b080d37dad83285da6d8 Mon Sep 17 00:00:00 2001
From: aguestuser <aguestuser@risup.net>
Date: Sun, 30 Apr 2017 19:27:00 -0400
Subject: [ag] update README to reflect correct versions, install process

---
 README.md | 42 ++++++++++++++++++++----------------------
 1 file changed, 20 insertions(+), 22 deletions(-)

diff --git a/README.md b/README.md
index 70ff6dcd..dfd66af0 100644
--- a/README.md
+++ b/README.md
@@ -48,16 +48,16 @@ The Bitmask Android Client has the following system-level dependencies:
 
 * JDK v. 1.8
 * Assorted 32-bit C libraries
-* Android SDK Tools, v. 25.0.2, with these packages:
+* Android SDK Tools, v. 25.2.5, with these packages:
   * Platform-Tools, v. 25.0.2
   * Build-Tools, API v. 23-25
   * Platforms 23-25
   * Android Support Repository
   * Google Support Repository
-  * NDK v. r14b (enables C code in Android)
+  * NDK v. r12b (enables C code in Android)
 * For running the app in an emulator, you will also need these packages:
   * Android Emulator
-  * ARMEABI System Images for Adnroid APIs 23-25
+  * System Images for Android APIs 23-25
 * The ICS-OpenVpn submodule
 
 You can install them as follows:
@@ -75,7 +75,7 @@ sudo apt install default-jdk
 These are necessary to make sure the program cross-compiles to 32-bit architectures successfully from 64-bit GNU/Linux machines:
 
 ```
-sudo apt install  lib32stdc++ lib32z1
+sudo apt make gcc file install lib32stdc++ lib32z1
 ```
 
 ### Android SDK <a name="android-sdk"></a>
@@ -92,13 +92,20 @@ Once you've got it installed, use the `SDK Manager` tool (Android figure Icon wi
 
 #### With Bash <a name="with-bash"></a>
 
-Alternatley (eg: for build machines), you may download the `android-sdk` tarball from Google as follows:
+Alternatley (eg: for build machines), you may download and unzip the `android-sdk` bundle from Google as follows (assuming an install location of `/opt/android-sdk-linux`:
 
 ```
-cd </path/where/you/want/to/install/android-sdk>
-wget -q https://dl.google.com/android/android-sdk_r23.0.3-linux.tgz -O android-sdk.tgz
-tar -xvzf android-sdk.tgz
-rm -f android-sdk.tgz
+curl -L https://dl.google.com/android/android-sdk_r25.2.5-linux.zip -o sdk-tools.zip  \
+    && unzip -q sdk-tools.zip -d /opt/android-sdk-linux \
+    && rm -f sdk-tools.zip
+```
+
+To download the NDK (for cross-compiling and running the C code used in `ics-openvpn`), use:
+
+```
+curl -L http://dl.google.com/android/repository/android-ndk-r12b-linux-x86_64.zip -o ndk.zip  \
+    && unzip ndk.zip -d /opt/android-sdk-linux/android-ndk-r12b \
+    && rm -rf ndk.zip
 ```
 
 After updating your PATH (see next step), you may now use the `sdkmanager` tool bundled with `android-sdk` to browse and install new sdk packages from Google.
@@ -118,24 +125,16 @@ sdkmanager --list | grep tools
 To install all of the dependencies listed above (targetting SDK versions 23 - 25), run:
 
 ```shell
-# update sdk tools
 sdkmanager tools
-
-# get supporting packages
 sdkmanager platform-tools
 sdkmanager extras;android;m2repository
 sdkmanager extras;google;m2repository
-
-# get build tools and sdk platforms for api v 23 - 25
 sdkmanager build-tools;25.0.2
 sdkmanager build-tools;24.0.3
 sdkmanager build-tools;23.0.3
 sdkmanager platforms;android-25
 sdkmanager platforms;android-24
 sdkmanager platforms;android-23
-
-# install NDK (for C code)
-sdkmanager ndk-bundle
 ```
 
 #### Updating Your Path <a name="updating-your-path"></a>
@@ -161,22 +160,21 @@ To keep ourselves from messing it up all the time everyone someone new joins the
 Assuming you've already [installed docker](https://docs.docker.com/engine/installation/), you can pull the image with:
 
 ``` shell
-docker pull 0xacab.org:4567/aguestuser/bitmask_android:android-sdk-25
+docker pull 0xacab.org:4567/aguestuser/bitmask_android:android-ndk:latest
 ```
 
 Run the image with:
 
 ``` shell
-docker run -i -t 0xacab.org:4567/aguestuser/bitmask_android:android-sdk-25
+docker run --rm -it 0xacab.org:4567/aguestuser/bitmask_android:android-ndk:latest
 ```
 More likely than not, you'll want to run the image with the source code mounted. You can do that with:
 
 ``` shell
 cd <path/to/bitmask_android>
-docker run -i -v`pwd`:/bitmask_android -t 0xacab.org:4567/aguestuser/bitmask_android:android-sdk-25
+docker run --rm -it -v`pwd`:/bitmask_android -t 0xacab.org:4567/aguestuser/bitmask_android:android-ndk:latest
 ```
 
-*TODO(@aguestuser|04.16.17): move docker registry to 0xacab.org/leap (pending permissions)*
 
 ### Submodules <a name="submodules"></a>
 
@@ -241,7 +239,7 @@ If you want to make sure the environment you use to build APKs matches exactly t
 
 ``` shell
 $ cd <path/to/bitmask_android>
-$ sudo docker run -i -t `pwd`:/bitmask_android 0xacab.org/aguestuser/bitmask_android:android-sdk-25
+$ sudo docker run --rm -it -v `pwd`:/bitmask_android 0xacab.org/leap/bitmask_android/android-ndk:latest
 # cd /bitmask_android
 # ./gradlew assembleRelease
 ```
-- 
cgit v1.2.3


From 4333fd93e3a1c64f6c0fb42be9ae29879ea2c7f0 Mon Sep 17 00:00:00 2001
From: aguestuser <aguestuser@risup.net>
Date: Sun, 30 Apr 2017 20:14:58 -0400
Subject: [ag] change issues link in readme to point to 0xacab not github

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index dfd66af0..20711e63 100644
--- a/README.md
+++ b/README.md
@@ -4,7 +4,7 @@ This repository contains the source code for the [Bitmask](https://bitmask.net/)
 
 To lean about the stack, visit [leap.se](https://leap.se).
 
-Please see the [issues](https://github.com/leapcode/bitmask_android/issues) section to report any bugs or feature requests, and to see the list of known issues.
+Please see the [issues](https://0xacab.org/leap/bitmask_android/issues) section to report any bugs or feature requests, and to see the list of known issues.
 
 # Table Of Contents
 
-- 
cgit v1.2.3