Merge pull request #3 from SoftEtherVPN/master

Update 2
2025-06-28 20:05:08 +03:00 · 2021-04-15 19:23:34 +03:00 · 2021-04-15 19:23:34 +03:00 · 98abad9276
commit 98abad9276
parent fbf4a77632 30f707d6c0
246 changed files with 7862 additions and 8126 deletions
--- a/.appveyor.yml
+++ b/.appveyor.yml
@ -1,8 +1,6 @@
 version: '{build}'
-image:
+image: Ubuntu1804
  - Ubuntu1604
  - Ubuntu1804
 configuration: Release
@ -19,38 +17,20 @@ skip_commits:
 init:
  - ps: Update-AppveyorBuild -Version "build-$env:APPVEYOR_BUILD_NUMBER-$($env:APPVEYOR_REPO_COMMIT.substring(0,7))"
-install: git submodule update --init --recursive
+install:
-
+  - sudo apt-get -y install libsodium-dev
-for:
+before_build:
-
+  - sh: "if [ ${APPVEYOR_REPO_TAG} == \"true\" ]; then .ci/appveyor-create-release-tarball.sh\nfi"
-  matrix:
+  - git submodule update --init --recursive
-    only:
+  - ./configure
-      - image: Ubuntu1604
+build_script:
-  before_build:
+  - make package -C build -j $(nproc || sysctl -n hw.ncpu || echo 4)
-    - ./configure
+  - .ci/memory-leak-test.sh
-  build_script:
+test_script:
-    - make package -C build -j $(nproc || sysctl -n hw.ncpu || echo 4)
+  - .ci/appveyor-deb-install-test.sh
-  test_script:
+  - sudo apt-get update && sudo apt-get -y install autoconf libtool liblzo2-dev libpam-dev fping unzip liblz4-dev # openvpn build deps
-    - .ci/appveyor-deb-install-test.sh
+  - sudo .ci/start-se-openvpn.sh
-    - sudo apt-get update && sudo apt-get -y install autoconf libtool liblzo2-dev libpam-dev fping unzip # openvpn build deps
+  - sudo .ci/run-openvpn-tests.sh
    - sudo .ci/start-se-openvpn.sh
    - sudo .ci/run-openvpn-tests.sh
 -
  matrix:
    only:
      - image: Ubuntu1804
  before_build:
    - sh: "if [ ${APPVEYOR_REPO_TAG} == \"true\" ]; then .ci/appveyor-create-release-tarball.sh\nfi"
    - ./configure
  build_script:
    - make package -C build -j $(nproc || sysctl -n hw.ncpu || echo 4)
    - .ci/memory-leak-test.sh
  test_script:
    - .ci/appveyor-deb-install-test.sh
    - sudo apt-get update && sudo apt-get -y install autoconf libtool liblzo2-dev libpam-dev fping unzip # openvpn build deps
    - sudo .ci/start-se-openvpn.sh
    - sudo .ci/run-openvpn-tests.sh
 deploy:
  description: 'automatic release'
--- a/.ci/azure-pipelines/linux.yml
+++ b/.ci/azure-pipelines/linux.yml
@ -1,10 +1,9 @@
 jobs:
- job: ubuntu_x86_64
+- job: Ubuntu_x64
  displayName: 'Ubuntu (x86_64)'
  pool:
-    vmImage: ubuntu-16.04
+    vmImage: ubuntu-18.04
  steps:
-  - script: sudo apt-get -y install cmake gcc g++ ninja-build libncurses5-dev libreadline-dev libssl-dev make zlib1g-dev
+  - script: sudo apt update && sudo apt-get -y install cmake gcc g++ ninja-build libncurses5-dev libreadline-dev libsodium-dev libssl-dev make zlib1g-dev
    displayName: 'Prepare environment'
  - script: "$(Build.SourcesDirectory)/.ci/azure-pipelines/linux_build.sh"
    env:
--- a/.ci/azure-pipelines/macos.yml
+++ b/.ci/azure-pipelines/macos.yml
@ -3,7 +3,7 @@ jobs:
  pool:
    vmImage: macOS-latest
  steps:
-  - script: brew install cmake ninja ncurses readline openssl zlib
+  - script: brew install pkg-config cmake ninja ncurses readline libsodium openssl zlib
    displayName: 'Prepare environment'
  - script: '$(Build.SourcesDirectory)/.ci/azure-pipelines/macos_build.sh'
    env:
--- a/.ci/azure-pipelines/windows-steps.yml
+++ b/.ci/azure-pipelines/windows-steps.yml
@ -15,7 +15,7 @@ steps:
    path: 'C:/vcpkg/installed'
  displayName: 'Environment storage'
 - script: |
-    vcpkg install openssl zlib --triplet ${{parameters.vcpkgTriplet}}
+    vcpkg install libsodium openssl zlib --triplet ${{parameters.vcpkgTriplet}}
  workingDirectory: C:/vcpkg
  displayName: 'Prepare environment'
 - script: '$(Build.SourcesDirectory)/.ci/azure-pipelines/windows_build.bat'
--- a/.ci/azure-pipelines/windows.yml
+++ b/.ci/azure-pipelines/windows.yml
@ -1,17 +1,15 @@
 jobs:
- job: windows_x86_64
+- job: Windows_x64
  displayName: 'Windows (x86_64)'
  pool:
    vmImage: windows-latest
  steps:
  - template: "windows-steps.yml"
    parameters:
-      architecture: "x86_64"
+      architecture: "x64"
      compilerPath: "C:/Program Files (x86)/Microsoft Visual Studio/2019/Enterprise/VC/Tools/Llvm/x64/bin/clang-cl.exe"
      vcpkgTriplet: "x64-windows-static-md"
      vcvarsPath: "C:/Program Files (x86)/Microsoft Visual Studio/2019/Enterprise/VC/Auxiliary/Build/vcvars64.bat"
- job: windows_x86
+- job: Windows_x86
  displayName: 'Windows (x86)'
  pool:
    vmImage: windows-latest
  steps:
--- a/.cirrus.yml
+++ b/.cirrus.yml
@ -13,7 +13,7 @@ FreeBSD_task:
    freebsd_instance:
      image_family: freebsd-12-1
  prepare_script:
-    - pkg install -y cmake git $SSL
+    - pkg install -y pkgconf cmake git libsodium $SSL
    - git submodule update --init --recursive
  configure_script:
    - ./configure
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@ -9,7 +9,7 @@
      - .cirrus.yml
  before_script:
    - REPOSITORY="$PWD" && cd ..
-    - apt-get update && apt-get install -y dpkg-dev wget g++ gcc libncurses5-dev libreadline-dev libssl-dev make zlib1g-dev git file
+    - apt-get update && apt-get install -y dpkg-dev wget g++ gcc libncurses5-dev libreadline-dev libsodium-dev libssl-dev make zlib1g-dev git file
    - wget https://cmake.org/files/v${CMAKE_VERSION%.*}/cmake-${CMAKE_VERSION}.tar.gz && tar -xzf cmake-${CMAKE_VERSION}.tar.gz
    - cd cmake-${CMAKE_VERSION} && ./bootstrap && make install
    - cd "$REPOSITORY" && git submodule update --init --recursive
--- a/.gitmodules
+++ b/.gitmodules
@ -4,3 +4,9 @@
 [submodule "3rdparty/tinydir"]
 	path = 3rdparty/tinydir
 	url = https://github.com/cxong/tinydir.git
 [submodule "3rdparty/BLAKE2"]
 	path = 3rdparty/BLAKE2
 	url = https://github.com/BLAKE2/BLAKE2.git
 [submodule "src/libhamcore"]
 	path = src/libhamcore
 	url = https://github.com/SoftEtherVPN/libhamcore.git
--- a/.travis.yml
+++ b/.travis.yml
@ -1,5 +1,5 @@
 sudo: required
-dist: xenial
+dist: bionic
 language: c
@ -20,7 +20,8 @@ matrix:
      os: linux
      compiler: gcc
    - env: OPENSSL_VERSION="1.1.1c" LABEL="linux-ppc64le" CMAKE_VERSION="3.9.6"
-      os: linux-ppc64le
+      arch: ppc64le
      os: linux
      compiler: gcc
      install:
        - wget https://cmake.org/files/v${CMAKE_VERSION%.*}/cmake-${CMAKE_VERSION}.tar.gz && tar -xzf cmake-${CMAKE_VERSION}.tar.gz
@ -35,6 +36,7 @@ matrix:
      os: linux
      compiler: gcc
      before_install:
        - sudo apt-get -y install libsodium-dev
        - bash .ci/build-libressl.sh > build-deps.log 2>&1 || (cat build-deps.log && exit 1)
    - env: LABEL="check stb files"
      os: linux
@ -49,7 +51,7 @@ matrix:
    - os: osx
      compiler: clang
      before_install:
-        - true
+        - brew install libsodium
      script:
        - ./configure
        - make -C build
@ -62,6 +64,7 @@ cache:
  - ${HOME}/opt
 before_install:
  - sudo apt-get -y install libsodium-dev
  - bash .ci/build-openssl.sh > build-deps.log 2>&1 || (cat build-deps.log && exit 1)
 script:
--- a/3rdparty/BLAKE2
+++ b/3rdparty/BLAKE2
@ -0,0 +1 @@
 Subproject commit b52178a376ca85a8ffe50492263c2a5bc0fa4f46
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@ -1,4 +1,4 @@
-cmake_minimum_required(VERSION 3.7)
+cmake_minimum_required(VERSION 3.10)
 set(BUILD_NUMBER CACHE STRING "The number of the current build.")
@ -25,7 +25,7 @@ else()
 endif()
 # Check that submodules are present only if source was downloaded with git
-if(EXISTS "${TOP_DIRECTORY}/.git" AND NOT EXISTS "${TOP_DIRECTORY}/src/Mayaqua/3rdparty/cpu_features/CMakeLists.txt")
+if(EXISTS "${TOP_DIRECTORY}/.git" AND NOT EXISTS "${TOP_DIRECTORY}/src/libhamcore/CMakeLists.txt")
    message (FATAL_ERROR "Submodules are not initialized. Run\n\tgit submodule update --init --recursive")
 endif()
--- a/CODE_OF_CONDUCT.md
+++ b/CODE_OF_CONDUCT.md
@ -0,0 +1,5 @@
 # Contributor Code of Conduct
 This project adheres to No Code of Conduct.  We are all adults.  We accept anyone's contributions.  Nothing else matters.
 For more information please visit the [No Code of Conduct](https://nocodeofconduct.com) homepage.
--- a/src/BUILD_UNIX.md
+++ b/src/BUILD_UNIX.md
@ -33,18 +33,18 @@ You need to install the following software to build SoftEther VPN for UNIX.
 ```bash
 sudo yum -y groupinstall "Development Tools"
-sudo yum -y install cmake ncurses-devel openssl-devel readline-devel zlib-devel
+sudo yum -y install cmake ncurses-devel openssl-devel libsodium-devel readline-devel zlib-devel
 ```
 ## Install requirements on Debian/Ubuntu
 ```bash
-sudo apt -y install cmake gcc g++ libncurses5-dev libreadline-dev libssl-dev make zlib1g-dev
+sudo apt -y install cmake gcc g++ make libncurses5-dev libssl-dev libsodium-dev libreadline-dev zlib1g-dev
 ```
 ## Install requirements on macOS
 ```bash
 /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install.sh)"
-brew install cmake openssl readline
+brew install cmake openssl libsodium readline
 ```
 # Build from source code and install
--- a/src/BuildFiles/Manifests/common.manifest
+++ b/src/BuildFiles/Manifests/common.manifest
@ -0,0 +1,29 @@
 <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
 <assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0" xmlns:asmv3="urn:schemas-microsoft-com:asm.v3">
 	<dependency>
 		<dependentAssembly>
 			<assemblyIdentity
 				type="win32"
 				name="Microsoft.Windows.Common-Controls"
 				version="6.0.0.0"
 				processorArchitecture="*"
 				publicKeyToken="6595b64144ccf1df"
 				language="*"
 			/>
 		</dependentAssembly>
 	</dependency>
 	<compatibility xmlns="urn:schemas-microsoft-com:compatibility.v1">
 		<application>
 			<supportedOS Id="{8e0f7a12-bfb3-4fe8-b9a5-48fd50a15a9a}"></supportedOS>
 			<supportedOS Id="{1f676c76-80e1-4239-95bb-83d0f6d0da78}"></supportedOS>
 			<supportedOS Id="{4a2f28e3-53b9-4441-ba9c-d69d4a4a6e38}"></supportedOS>
 			<supportedOS Id="{35138b9a-5d96-4fbd-8e2d-a2440225f93a}"></supportedOS>
 			<supportedOS Id="{e2011457-1546-43c5-a5fe-008deee3d3f0}"></supportedOS>
 		</application>
 	</compatibility>
 	<asmv3:application>
 		<asmv3:windowsSettings xmlns="http://schemas.microsoft.com/SMI/2005/WindowsSettings">
 			<dpiAware>true</dpiAware>
 		</asmv3:windowsSettings>
 	</asmv3:application>
 </assembly>
--- a/src/BuildFiles/Manifests/x64_admin.manifest
+++ b/src/BuildFiles/Manifests/x64_admin.manifest
@ -1,29 +0,0 @@
 <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
 <assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0" xmlns:asmv3="urn:schemas-microsoft-com:asm.v3">
  <trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
    <security>
      <requestedPrivileges>
        <requestedExecutionLevel level="requireAdministrator" uiAccess="false"></requestedExecutionLevel>
      </requestedPrivileges>
    </security>
  </trustInfo>
  <dependency>
    <dependentAssembly>
      <assemblyIdentity type="win32" name="Microsoft.Windows.Common-Controls" version="6.0.0.0" processorArchitecture="amd64" publicKeyToken="6595b64144ccf1df" language="*"></assemblyIdentity>
    </dependentAssembly>
  </dependency>
  <compatibility xmlns="urn:schemas-microsoft-com:compatibility.v1">
  	<application>
  		<supportedOS Id="{1f676c76-80e1-4239-95bb-83d0f6d0da78}"></supportedOS>
  		<supportedOS Id="{e2011457-1546-43c5-a5fe-008deee3d3f0}"></supportedOS>
  		<supportedOS Id="{35138b9a-5d96-4fbd-8e2d-a2440225f93a}"></supportedOS>
  		<supportedOS Id="{4a2f28e3-53b9-4441-ba9c-d69d4a4a6e38}"></supportedOS>
  		<supportedOS Id="{8e0f7a12-bfb3-4fe8-b9a5-48fd50a15a9a}"></supportedOS>
  	</application>
  </compatibility>
  <asmv3:application>
  	<asmv3:windowsSettings xmlns="http://schemas.microsoft.com/SMI/2005/WindowsSettings">
  		<dpiAware>true</dpiAware>
  	</asmv3:windowsSettings>
  </asmv3:application>
 </assembly>
--- a/src/BuildFiles/Manifests/x64_user.manifest
+++ b/src/BuildFiles/Manifests/x64_user.manifest
@ -1,29 +0,0 @@
 <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
 <assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0" xmlns:asmv3="urn:schemas-microsoft-com:asm.v3">
  <trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
    <security>
      <requestedPrivileges>
        <requestedExecutionLevel level="asInvoker" uiAccess="false"></requestedExecutionLevel>
      </requestedPrivileges>
    </security>
  </trustInfo>
  <dependency>
    <dependentAssembly>
      <assemblyIdentity type="win32" name="Microsoft.Windows.Common-Controls" version="6.0.0.0" processorArchitecture="amd64" publicKeyToken="6595b64144ccf1df" language="*"></assemblyIdentity>
    </dependentAssembly>
  </dependency>
  <compatibility xmlns="urn:schemas-microsoft-com:compatibility.v1">
  	<application>
  		<supportedOS Id="{1f676c76-80e1-4239-95bb-83d0f6d0da78}"></supportedOS>
  		<supportedOS Id="{e2011457-1546-43c5-a5fe-008deee3d3f0}"></supportedOS>
  		<supportedOS Id="{35138b9a-5d96-4fbd-8e2d-a2440225f93a}"></supportedOS>
  		<supportedOS Id="{4a2f28e3-53b9-4441-ba9c-d69d4a4a6e38}"></supportedOS>
  		<supportedOS Id="{8e0f7a12-bfb3-4fe8-b9a5-48fd50a15a9a}"></supportedOS>
  	</application>
  </compatibility>
  <asmv3:application>
  	<asmv3:windowsSettings xmlns="http://schemas.microsoft.com/SMI/2005/WindowsSettings">
  		<dpiAware>true</dpiAware>
  	</asmv3:windowsSettings>
  </asmv3:application>
 </assembly>
--- a/src/BuildFiles/Manifests/x86_admin.manifest
+++ b/src/BuildFiles/Manifests/x86_admin.manifest
@ -1,29 +0,0 @@
 <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
 <assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0" xmlns:asmv3="urn:schemas-microsoft-com:asm.v3">
  <trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
    <security>
      <requestedPrivileges>
        <requestedExecutionLevel level="requireAdministrator" uiAccess="false"></requestedExecutionLevel>
      </requestedPrivileges>
    </security>
  </trustInfo>
  <dependency>
    <dependentAssembly>
      <assemblyIdentity type="win32" name="Microsoft.Windows.Common-Controls" version="6.0.0.0" processorArchitecture="x86" publicKeyToken="6595b64144ccf1df" language="*"></assemblyIdentity>
    </dependentAssembly>
  </dependency>
  <compatibility xmlns="urn:schemas-microsoft-com:compatibility.v1">
  	<application>
  		<supportedOS Id="{1f676c76-80e1-4239-95bb-83d0f6d0da78}"></supportedOS>
  		<supportedOS Id="{e2011457-1546-43c5-a5fe-008deee3d3f0}"></supportedOS>
  		<supportedOS Id="{35138b9a-5d96-4fbd-8e2d-a2440225f93a}"></supportedOS>
  		<supportedOS Id="{4a2f28e3-53b9-4441-ba9c-d69d4a4a6e38}"></supportedOS>
  		<supportedOS Id="{8e0f7a12-bfb3-4fe8-b9a5-48fd50a15a9a}"></supportedOS>
  	</application>
  </compatibility>
  <asmv3:application>
  	<asmv3:windowsSettings xmlns="http://schemas.microsoft.com/SMI/2005/WindowsSettings">
  		<dpiAware>true</dpiAware>
  	</asmv3:windowsSettings>
  </asmv3:application>
 </assembly>
--- a/src/BuildFiles/Manifests/x86_user.manifest
+++ b/src/BuildFiles/Manifests/x86_user.manifest
@ -1,29 +0,0 @@
 <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
 <assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0" xmlns:asmv3="urn:schemas-microsoft-com:asm.v3">
  <trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
    <security>
      <requestedPrivileges>
        <requestedExecutionLevel level="asInvoker" uiAccess="false"></requestedExecutionLevel>
      </requestedPrivileges>
    </security>
  </trustInfo>
  <dependency>
    <dependentAssembly>
      <assemblyIdentity type="win32" name="Microsoft.Windows.Common-Controls" version="6.0.0.0" processorArchitecture="x86" publicKeyToken="6595b64144ccf1df" language="*"></assemblyIdentity>
    </dependentAssembly>
  </dependency>
  <compatibility xmlns="urn:schemas-microsoft-com:compatibility.v1">
  	<application>
  		<supportedOS Id="{1f676c76-80e1-4239-95bb-83d0f6d0da78}"></supportedOS>
  		<supportedOS Id="{e2011457-1546-43c5-a5fe-008deee3d3f0}"></supportedOS>
  		<supportedOS Id="{35138b9a-5d96-4fbd-8e2d-a2440225f93a}"></supportedOS>
  		<supportedOS Id="{4a2f28e3-53b9-4441-ba9c-d69d4a4a6e38}"></supportedOS>
  		<supportedOS Id="{8e0f7a12-bfb3-4fe8-b9a5-48fd50a15a9a}"></supportedOS>
  	</application>
  </compatibility>
  <asmv3:application>
  	<asmv3:windowsSettings xmlns="http://schemas.microsoft.com/SMI/2005/WindowsSettings">
  		<dpiAware>true</dpiAware>
  	</asmv3:windowsSettings>
  </asmv3:application>
 </assembly>
--- a/src/CMakeLists.txt
+++ b/src/CMakeLists.txt
@ -50,10 +50,7 @@ else()
 endif()
 if(CMAKE_SIZEOF_VOID_P EQUAL 8)
  set(COMPILER_ARCHITECTURE "x64")
  add_definitions(-DCPU_64)
 else()
  set(COMPILER_ARCHITECTURE "x86")
 endif()
 add_definitions(-D_REENTRANT -DREENTRANT -D_THREAD_SAFE -D_THREADSAFE -DTHREAD_SAFE -DTHREADSAFE -D_FILE_OFFSET_BITS=64)
@ -62,7 +59,7 @@ add_definitions(-D_REENTRANT -DREENTRANT -D_THREAD_SAFE -D_THREADSAFE -DTHREAD_S
 include_directories(.)
 if(WIN32)
-  add_definitions(-DWIN32 -D_WINDOWS -D_CRT_SECURE_NO_WARNINGS)
+  add_definitions(-DWIN32 -D_WINDOWS -DOS_WIN32 -D_CRT_SECURE_NO_WARNINGS)
 endif()
 if(UNIX)
@ -70,7 +67,7 @@ if(UNIX)
  set(CMAKE_C_FLAGS_DEBUG "${CMAKE_C_FLAGS_DEBUG} -g")
  set(CMAKE_C_FLAGS_RELEASE "${CMAKE_C_FLAGS_RELEASE} -O2")
-  add_definitions(-DUNIX)
+  add_definitions(-DUNIX -DOS_UNIX)
  if(${CMAKE_SYSTEM_NAME} STREQUAL "Linux")
    add_definitions(-DUNIX_LINUX)
@ -123,9 +120,6 @@ add_subdirectory(Cedar)
 # Mayaqua kernel
 add_subdirectory(Mayaqua)
 # hamcorebuilder utility
 add_subdirectory(hamcorebuilder)
 # vpnserver
 add_subdirectory(vpnserver)
@ -141,6 +135,12 @@ add_subdirectory(vpncmd)
 # vpntest
 add_subdirectory(vpntest)
 # libhamcore
 add_subdirectory(libhamcore)
 # hamcorebuilder utility
 add_subdirectory(hamcorebuilder)
 # hamcore.se2 archive file
 add_custom_target(hamcore-archive-build
  ALL
--- a/src/Cedar/Account.c
+++ b/src/Cedar/Account.c
@ -5,7 +5,18 @@
 // Account.c
 // Account Manager
-#include "CedarPch.h"
+#include "Account.h"
 #include "Hub.h"
 #include "Layer3.h"
 #include "Proto_PPP.h"
 #include "Mayaqua/Internat.h"
 #include "Mayaqua/Kernel.h"
 #include "Mayaqua/Memory.h"
 #include "Mayaqua/Object.h"
 #include "Mayaqua/Str.h"
 #include "Mayaqua/Table.h"
 // Policy items
 POLICY_ITEM policy_item[] =
--- a/src/Cedar/Account.h
+++ b/src/Cedar/Account.h
@ -8,6 +8,10 @@
 #ifndef	ACCOUNT_H
 #define	ACCOUNT_H
 #include "CedarType.h"
 #include "Mayaqua/Encrypt.h"
 #define	USER_MAC_STR_PREFIX		L"MAC:"
 #define	USER_IPV4_STR_PREFIX		L"IPv4:"
--- a/src/Cedar/Admin.c
+++ b/src/Cedar/Admin.c
@ -5,7 +5,42 @@
 // Admin.c
 // RPC Module for Management
-#include "CedarPch.h"
+#include "Admin.h"
 #include "Account.h"
 #include "AzureClient.h"
 #include "BridgeUnix.h"
 #include "BridgeWin32.h"
 #include "Connection.h"
 #include "DDNS.h"
 #include "Layer3.h"
 #include "Link.h"
 #include "Listener.h"
 #include "Nat.h"
 #include "Remote.h"
 #include "Proto.h"
 #include "Proto_IPsec.h"
 #include "Proto_OpenVPN.h"
 #include "Proto_PPP.h"
 #include "Protocol.h"
 #include "Sam.h"
 #include "SecureNAT.h"
 #include "Server.h"
 #include "Session.h"
 #include "Virtual.h"
 #include "Wpc.h"
 #include "Mayaqua/Cfg.h"
 #include "Mayaqua/FileIO.h"
 #include "Mayaqua/Internat.h"
 #include "Mayaqua/HTTP.h"
 #include "Mayaqua/Memory.h"
 #include "Mayaqua/Microsoft.h"
 #include "Mayaqua/Object.h"
 #include "Mayaqua/Pack.h"
 #include "Mayaqua/Str.h"
 #include "Mayaqua/Table.h"
 #include "Mayaqua/Tick64.h"
 // Macro for RPC function declaration
 #define	DECLARE_RPC_EX(rpc_name, data_type, function, in_rpc, out_rpc, free_rpc)		\
@ -1509,6 +1544,9 @@ PACK *AdminDispatch(RPC *rpc, char *name, PACK *p)
 	DECLARE_RPC_EX("GetServerCipherList", RPC_STR, StGetServerCipherList, InRpcStr, OutRpcStr, FreeRpcStr)
 	DECLARE_RPC_EX("GetServerCipher", RPC_STR, StGetServerCipher, InRpcStr, OutRpcStr, FreeRpcStr)
 	DECLARE_RPC_EX("SetServerCipher", RPC_STR, StSetServerCipher, InRpcStr, OutRpcStr, FreeRpcStr)
 	DECLARE_RPC_EX("AddWgk", RPC_WGK, StAddWgk, InRpcWgk, OutRpcWgk, FreeRpcWgk)
 	DECLARE_RPC_EX("DeleteWgk", RPC_WGK, StDeleteWgk, InRpcWgk, OutRpcWgk, FreeRpcWgk)
 	DECLARE_RPC_EX("EnumWgk", RPC_WGK, StEnumWgk, InRpcWgk, OutRpcWgk, FreeRpcWgk)
 	DECLARE_RPC("CreateHub", RPC_CREATE_HUB, StCreateHub, InRpcCreateHub, OutRpcCreateHub)
 	DECLARE_RPC("SetHub", RPC_CREATE_HUB, StSetHub, InRpcCreateHub, OutRpcCreateHub)
 	DECLARE_RPC("GetHub", RPC_CREATE_HUB, StGetHub, InRpcCreateHub, OutRpcCreateHub)
@ -1693,6 +1731,9 @@ DECLARE_SC_EX("GetServerCert", RPC_KEY_PAIR, ScGetServerCert, InRpcKeyPair, OutR
 DECLARE_SC_EX("GetServerCipherList", RPC_STR, ScGetServerCipherList, InRpcStr, OutRpcStr, FreeRpcStr)
 DECLARE_SC_EX("GetServerCipher", RPC_STR, ScGetServerCipher, InRpcStr, OutRpcStr, FreeRpcStr)
 DECLARE_SC_EX("SetServerCipher", RPC_STR, ScSetServerCipher, InRpcStr, OutRpcStr, FreeRpcStr)
 DECLARE_SC_EX("AddWgk", RPC_WGK, ScAddWgk, InRpcWgk, OutRpcWgk, FreeRpcWgk)
 DECLARE_SC_EX("DeleteWgk", RPC_WGK, ScDeleteWgk, InRpcWgk, OutRpcWgk, FreeRpcWgk)
 DECLARE_SC_EX("EnumWgk", RPC_WGK, ScEnumWgk, InRpcWgk, OutRpcWgk, FreeRpcWgk)
 DECLARE_SC("CreateHub", RPC_CREATE_HUB, ScCreateHub, InRpcCreateHub, OutRpcCreateHub)
 DECLARE_SC("SetHub", RPC_CREATE_HUB, ScSetHub, InRpcCreateHub, OutRpcCreateHub)
 DECLARE_SC("GetHub", RPC_CREATE_HUB, ScGetHub, InRpcCreateHub, OutRpcCreateHub)
@ -5390,7 +5431,7 @@ UINT StGetSessionStatus(ADMIN *a, RPC_SESSION_STATUS *t)
 				t->ClientIp = IPToUINT(&s->Connection->ClientIp);
 				if (IsIP6(&s->Connection->ClientIp))
 				{
-					Copy(&t->ClientIp6, &s->Connection->ClientIp.ipv6_addr, sizeof(t->ClientIp6));
+					Copy(&t->ClientIp6, &s->Connection->ClientIp.address, sizeof(t->ClientIp6));
 				}
 				CopyIP(&t->ClientIpAddress, &s->Connection->ClientIp);
@ -9061,9 +9102,12 @@ UINT StGetHub(ADMIN *a, RPC_CREATE_HUB *t)
 	{
 		StrCpy(t->HubName, sizeof(t->HubName), h->Name);
 		t->Online = h->Offline ? false : true;
 		t->HubType = h->Type;
 		t->HubOption.DefaultGateway = h->Option->DefaultGateway;
 		t->HubOption.DefaultSubnet = h->Option->DefaultSubnet;
 		t->HubOption.MaxSession = h->Option->MaxSession;
 		t->HubOption.NoEnum = h->Option->NoEnum;
 		t->HubType = h->Type;
 	}
 	Unlock(h->lock);
@ -9090,7 +9134,6 @@ UINT StSetHub(ADMIN *a, RPC_CREATE_HUB *t)
 		return ERR_INVALID_PARAMETER;
 	}
 	CHECK_RIGHT;
 	NO_SUPPORT_FOR_BRIDGE;
@ -9157,7 +9200,7 @@ UINT StSetHub(ADMIN *a, RPC_CREATE_HUB *t)
 		if (Cmp(t->HashedPassword, hash2, SHA1_SIZE) == 0 || Cmp(t->SecurePassword, hash1, SHA1_SIZE) == 0)
 		{
-			if (a->ServerAdmin == false && a->Rpc->Sock->RemoteIP.addr[0] != 127)
+			if (a->ServerAdmin == false && IsLocalHostIP(&a->Rpc->Sock->RemoteIP) == false)
 			{
 				// Refuse to set a blank password to hub admin from remote host
 				ReleaseHub(h);
@ -9175,8 +9218,12 @@ UINT StSetHub(ADMIN *a, RPC_CREATE_HUB *t)
 		else
 		{
 			h->Type = t->HubType;
 			h->Option->DefaultGateway = t->HubOption.DefaultGateway;
 			h->Option->DefaultSubnet = t->HubOption.DefaultSubnet;
 			h->Option->MaxSession = t->HubOption.MaxSession;
 			h->Option->NoEnum = t->HubOption.NoEnum;
 			if (IsZero(t->HashedPassword, sizeof(t->HashedPassword)) == false &&
 				IsZero(t->SecurePassword, sizeof(t->SecurePassword)) == false)
 			{
@ -9234,8 +9281,6 @@ UINT StCreateHub(ADMIN *a, RPC_CREATE_HUB *t)
 		return ERR_NOT_FARM_CONTROLLER;
 	}
 	if (IsEmptyStr(t->HubName) || IsSafeStr(t->HubName) == false)
 	{
 		return ERR_INVALID_PARAMETER;
@ -9279,6 +9324,8 @@ UINT StCreateHub(ADMIN *a, RPC_CREATE_HUB *t)
 	// Create a hub object
 	Zero(&o, sizeof(o));
 	o.DefaultGateway = t->HubOption.DefaultGateway;
 	o.DefaultSubnet = t->HubOption.DefaultSubnet;
 	o.MaxSession = t->HubOption.MaxSession;
 	o.NoEnum = t->HubOption.NoEnum;
@ -9497,6 +9544,144 @@ UINT StSetServerCert(ADMIN *a, RPC_KEY_PAIR *t)
 	return ERR_NO_ERROR;
 }
 // Add a WireGuard key to the allowed key list
 UINT StAddWgk(ADMIN *a, RPC_WGK *t)
 {
 	UINT ret = ERR_NO_ERROR;
 	SERVER *s = a->Server;
 	CEDAR *c = s->Cedar;
 	LIST *to_add;
 	SERVER_ADMIN_ONLY;
 	to_add = NewListFast(NULL);
 	LockList(c->WgkList);
 	{
 		UINT i;
 		for (i = 0; i < t->Num; ++i)
 		{
 			WGK *rpc_wgk = &t->Wgks[i];
 			WGK *wgk;
 			if (IsEmptyStr(rpc_wgk->Key))
 			{
 				ret = ERR_INVALID_PARAMETER;
 				break;
 			}
 			if (Search(c->WgkList, rpc_wgk) != NULL)
 			{
 				ret = ERR_OBJECT_EXISTS;
 				break;
 			}
 			wgk = Malloc(sizeof(WGK));
 			StrCpy(wgk->Key, sizeof(wgk->Key), rpc_wgk->Key);
 			StrCpy(wgk->Hub, sizeof(wgk->Hub), rpc_wgk->Hub);
 			StrCpy(wgk->User, sizeof(wgk->User), rpc_wgk->User);
 			Add(to_add, wgk);
 		}
 		for (i = 0; i < LIST_NUM(to_add); ++i)
 		{
 			WGK *wgk = LIST_DATA(to_add, i);
 			ret == ERR_NO_ERROR ? Add(c->WgkList, wgk) : Free(wgk);
 		}
 	}
 	UnlockList(c->WgkList);
 	if (ret == ERR_NO_ERROR)
 	{
 		ALog(a, NULL, "LA_ADD_WGK", LIST_NUM(to_add));
 		IncrementServerConfigRevision(a->Server);
 	}
 	ReleaseList(to_add);
 	return ret;
 }
 // Delete a WireGuard key from the allowed key list
 UINT StDeleteWgk(ADMIN *a, RPC_WGK *t)
 {
 	UINT ret = ERR_NO_ERROR;
 	SERVER *s = a->Server;
 	CEDAR *c = s->Cedar;
 	LIST *to_delete;
 	SERVER_ADMIN_ONLY;
 	to_delete = NewListFast(NULL);
 	LockList(c->WgkList);
 	{
 		UINT i;
 		for (i = 0; i < t->Num; ++i)
 		{
 			WGK *wgk = Search(c->WgkList, &t->Wgks[i]);
 			if (wgk == NULL)
 			{
 				ret = ERR_OBJECT_NOT_FOUND;
 				break;
 			}
 			Add(to_delete, wgk);
 		}
 		if (ret == ERR_NO_ERROR)
 		{
 			for (i = 0; i < LIST_NUM(to_delete); ++i)
 			{
 				WGK *wgk = LIST_DATA(to_delete, i);
 				Delete(c->WgkList, wgk);
 				Free(wgk);
 			}
 		}
 	}
 	UnlockList(c->WgkList);
 	if (ret == ERR_NO_ERROR)
 	{
 		ALog(a, NULL, "LA_DELETE_WGK", LIST_NUM(to_delete));
 		IncrementServerConfigRevision(a->Server);
 	}
 	ReleaseList(to_delete);
 	return ret;
 }
 // List the allowed WireGuard keys
 UINT StEnumWgk(ADMIN *a, RPC_WGK *t)
 {
 	SERVER *s = a->Server;
 	CEDAR *c = s->Cedar;
 	SERVER_ADMIN_ONLY;
 	LockList(c->WgkList);
 	{
 		UINT i;
 		t->Num = LIST_NUM(c->WgkList);
 		t->Wgks = Malloc(sizeof(WGK) * t->Num);
 		for (i = 0; i < t->Num; ++i)
 		{
 			WGK *wgk = LIST_DATA(c->WgkList, i);
 			WGK *rpc_wgk = &t->Wgks[i];
 			StrCpy(rpc_wgk->Key, sizeof(rpc_wgk->Key), wgk->Key);
 			StrCpy(rpc_wgk->Hub, sizeof(rpc_wgk->Hub), wgk->Hub);
 			StrCpy(rpc_wgk->User, sizeof(rpc_wgk->User), wgk->User);
 		}
 	}
 	UnlockList(c->WgkList);
 	return ERR_NO_ERROR;
 }
 // Get status of connection to cluster controller
 UINT StGetFarmConnectionStatus(ADMIN *a, RPC_FARM_CONNECTION_STATUS *t)
 {
@ -10021,6 +10206,8 @@ UINT StGetProtoOptions(ADMIN *a, RPC_PROTO_OPTIONS *t)
 	UINT ret = ERR_NO_ERROR;
 	LIST *options;
 	SERVER_ADMIN_ONLY;
 	if (proto == NULL)
 	{
 		return ERR_NOT_SUPPORTED;
@ -12885,6 +13072,8 @@ void InRpcHubOption(RPC_HUB_OPTION *t, PACK *p)
 	}
 	Zero(t, sizeof(RPC_HUB_OPTION));
 	t->DefaultGateway = PackGetInt(p, "DefaultGateway");
 	t->DefaultSubnet = PackGetInt(p, "DefaultSubnet");
 	t->MaxSession = PackGetInt(p, "MaxSession");
 	t->NoEnum = PackGetBool(p, "NoEnum");
 }
@ -12896,6 +13085,8 @@ void OutRpcHubOption(PACK *p, RPC_HUB_OPTION *t)
 		return;
 	}
 	PackAddInt(p, "DefaultGateway", t->DefaultGateway);
 	PackAddInt(p, "DefaultSubnet", t->DefaultSubnet);
 	PackAddInt(p, "MaxSession", t->MaxSession);
 	PackAddBool(p, "NoEnum", t->NoEnum);
 }
@ -14455,6 +14646,64 @@ void FreeRpcKeyPair(RPC_KEY_PAIR *t)
 	FreeK(t->Key);
 }
 // RPC_WGK
 void InRpcWgk(RPC_WGK *t, PACK *p)
 {
 	UINT i;
 	// Validate arguments
 	if (t == NULL || p == NULL)
 	{
 		return;
 	}
 	Zero(t, sizeof(RPC_WGK));
 	t->Num = PackGetIndexCount(p, "Key");
 	if (t->Num == 0)
 	{
 		return;
 	}
 	t->Wgks = ZeroMalloc(sizeof(WGK) * t->Num);
 	for (i = 0; i < t->Num; ++i)
 	{
 		WGK *wgk = &t->Wgks[i];
 		PackGetStrEx(p, "Key", wgk->Key, sizeof(wgk->Key), i);
 		PackGetStrEx(p, "Hub", wgk->Hub, sizeof(wgk->Hub), i);
 		PackGetStrEx(p, "User", wgk->User, sizeof(wgk->User), i);
 	}
 }
 void OutRpcWgk(PACK *p, RPC_WGK *t)
 {
 	UINT i;
 	// Validate arguments
 	if (t == NULL || p == NULL)
 	{
 		return;
 	}
 	for (i = 0; i < t->Num; ++i)
 	{
 		WGK *wgk = &t->Wgks[i];
 		PackAddStrEx(p, "Key", wgk->Key, i, t->Num);
 		PackAddStrEx(p, "Hub", wgk->Hub, i, t->Num);
 		PackAddStrEx(p, "User", wgk->User, i, t->Num);
 	}
 }
 void FreeRpcWgk(RPC_WGK *t)
 {
 	// Validate arguments
 	if (t == NULL)
 	{
 		return;
 	}
 	Free(t->Wgks);
 }
 // NODE_INFO
 void InRpcNodeInfo(NODE_INFO *t, PACK *p)
 {
@ -15121,7 +15370,7 @@ UINT AdminAccept(CONNECTION *c, PACK *p)
 	if (Cmp(secure_null_password, secure_password, SHA1_SIZE) == 0)
 	{
-		if (sock->RemoteIP.addr[0] != 127)
+		if (IsLocalHostIP(&sock->RemoteIP) == false)
 		{
 			// The client tried to use blank password for hub admin mode from remote
 			if (StrLen(hubname) != 0)
--- a/src/Cedar/Admin.h
+++ b/src/Cedar/Admin.h
@ -8,6 +8,14 @@
 #ifndef	ADMIN_H
 #define	ADMIN_H
 #include "Account.h"
 #include "Cedar.h"
 #include "Client.h"
 #include "Hub.h"
 #include "Logging.h"
 #include "Mayaqua/Kernel.h"
 // Windows version
 struct RPC_WINVER
 {
@ -226,9 +234,18 @@ struct RPC_KEY_PAIR
 	UINT Flag1;							// Flag1
 };
 // WireGuard keys
 struct RPC_WGK
 {
 	UINT Num;							// Number of keys
 	WGK *Wgks;							// Keys
 };
 // HUB option
 struct RPC_HUB_OPTION
 {
 	UINT DefaultGateway;				// Default gateway address
 	UINT DefaultSubnet;					// Default subnet mask
 	UINT MaxSession;					// Maximum number of sessions
 	bool NoEnum;						// Not listed
 };
@ -987,6 +1004,9 @@ UINT StGetServerCert(ADMIN *a, RPC_KEY_PAIR *t);
 UINT StGetServerCipherList(ADMIN *a, RPC_STR *t);
 UINT StGetServerCipher(ADMIN *a, RPC_STR *t);
 UINT StSetServerCipher(ADMIN *a, RPC_STR *t);
 UINT StAddWgk(ADMIN *a, RPC_WGK *t);
 UINT StDeleteWgk(ADMIN *a, RPC_WGK *t);
 UINT StEnumWgk(ADMIN *a, RPC_WGK *t);
 UINT StCreateHub(ADMIN *a, RPC_CREATE_HUB *t);
 UINT StSetHub(ADMIN *a, RPC_CREATE_HUB *t);
 UINT StGetHub(ADMIN *a, RPC_CREATE_HUB *t);
@ -1135,6 +1155,9 @@ UINT ScGetServerCert(RPC *r, RPC_KEY_PAIR *t);
 UINT ScGetServerCipherList(RPC *r, RPC_STR *t);
 UINT ScGetServerCipher(RPC *r, RPC_STR *t);
 UINT ScSetServerCipher(RPC *r, RPC_STR *t);
 UINT ScAddWgk(RPC *r, RPC_WGK *t);
 UINT ScDeleteWgk(RPC *r, RPC_WGK *t);
 UINT ScEnumWgk(RPC *r, RPC_WGK *t);
 UINT ScCreateHub(RPC *r, RPC_CREATE_HUB *t);
 UINT ScSetHub(RPC *r, RPC_CREATE_HUB *t);
 UINT ScGetHub(RPC *r, RPC_CREATE_HUB *t);
@ -1392,6 +1415,9 @@ void OutRpcMemInfo(PACK *p, MEMINFO *t);
 void InRpcKeyPair(RPC_KEY_PAIR *t, PACK *p);
 void OutRpcKeyPair(PACK *p, RPC_KEY_PAIR *t);
 void FreeRpcKeyPair(RPC_KEY_PAIR *t);
 void InRpcWgk(RPC_WGK *t, PACK *p);
 void OutRpcWgk(PACK *p, RPC_WGK *t);
 void FreeRpcWgk(RPC_WGK *t);
 void InRpcAddAccess(RPC_ADD_ACCESS *t, PACK *p);
 void OutRpcAddAccess(PACK *p, RPC_ADD_ACCESS *t);
 void InRpcDeleteAccess(RPC_DELETE_ACCESS *t, PACK *p);
--- a/src/Cedar/AzureClient.c
+++ b/src/Cedar/AzureClient.c
@ -5,7 +5,23 @@
 // AzureClient.c
 // VPN Azure Client
-#include "CedarPch.h"
+#include "AzureClient.h"
 #include "Cedar.h"
 #include "Command.h"
 #include "Wpc.h"
 #include "Mayaqua/Encrypt.h"
 #include "Mayaqua/Mayaqua.h"
 #include "Mayaqua/MayaType.h"
 #include "Mayaqua/Memory.h"
 #include "Mayaqua/Network.h"
 #include "Mayaqua/Object.h"
 #include "Mayaqua/Pack.h"
 #include "Mayaqua/Str.h"
 #include "Mayaqua/Tick64.h"
 #include <stdlib.h>
 // Wait for connection request
 void AcWaitForRequest(AZURE_CLIENT *ac, SOCK *s, AZURE_PARAM *param)
--- a/src/Cedar/AzureClient.h
+++ b/src/Cedar/AzureClient.h
@ -8,6 +8,11 @@
 #ifndef	AZURE_CLIENT_H
 #define	AZURE_CLIENT_H
 #include "Cedar.h"
 #include "DDNS.h"
 #include "Mayaqua/MayaType.h"
 // Constants
 #define	AZURE_SERVER_PORT					443
 #define AZURE_PROTOCOL_CONTROL_SIGNATURE	"ACTL"
--- a/src/Cedar/AzureServer.c
+++ b/src/Cedar/AzureServer.c
@ -1,10 +0,0 @@
 // SoftEther VPN Source Code - Developer Edition Master Branch
 // Cedar Communication Module
 // AzureServer.c
 // VPN Azure Server
 #include "CedarPch.h"
--- a/src/Cedar/AzureServer.h
+++ b/src/Cedar/AzureServer.h
@ -1,14 +0,0 @@
 // SoftEther VPN Source Code - Developer Edition Master Branch
 // Cedar Communication Module
 // AzureServer.h
 // Header of AzureServer.c
 #ifndef	AZURE_SERVER_H
 #define	AZURE_SERVER_H
 #endif	// AZURE_SERVER_H
--- a/src/Cedar/Bridge.c
+++ b/src/Cedar/Bridge.c
@ -5,25 +5,19 @@
 // Bridge.c
 // Ethernet Bridge Program (Local Bridge)
-#include <GlobalConst.h>
+#include "Bridge.h"
 #include "BridgeUnix.h"
 #include "BridgeWin32.h"
-#define	BRIDGE_C
+#include "Connection.h"
 #include "Hub.h"
 #include "Session.h"
 #include "Virtual.h"
-#ifdef	WIN32
+#include "Mayaqua/Memory.h"
-#define	OS_WIN32
+#include "Mayaqua/Microsoft.h"
-#endif
+#include "Mayaqua/Object.h"
-
+#include "Mayaqua/Str.h"
 #ifdef	OS_WIN32
 // Win32
 #include "BridgeWin32.c"
 #else
 // Unix
 #include "BridgeUnix.c"
 #endif	// OS_WIN32
 // Hash the list of current Ethernet devices
 UINT GetEthDeviceHash()
--- a/src/Cedar/Bridge.h
+++ b/src/Cedar/Bridge.h
@ -8,20 +8,10 @@
 #ifndef	BRIDGE_H
 #define	BRIDGE_H
-#ifdef	OS_WIN32
+#include "Cedar.h"
 // For Win32
 #include <Cedar/BridgeWin32.h>
 #else
 // For Unix
 #include <Cedar/BridgeUnix.h>
 #endif	// OS_WIN32
 // Constants
-#define	BRIDGE_SPECIAL_IPRAW_NAME		"ipv4_rawsocket_virtual_router"
+#define	BRIDGE_SPECIAL_IPRAW_NAME "ipv4_rawsocket_virtual_router"
 // Bridge
 struct BRIDGE
--- a/src/Cedar/BridgeUnix.c
+++ b/src/Cedar/BridgeUnix.c
@ -4,22 +4,31 @@
 // BridgeUnix.c
 // Ethernet Bridge Program (for UNIX)
 //#define	BRIDGE_C
 //#define	UNIX_LINUX
-#include <GlobalConst.h>
+#ifdef OS_UNIX
-#ifdef	BRIDGE_C
+#include "BridgeUnix.h"
 #include "Server.h"
 #include "VLanUnix.h"
 #include "Mayaqua/Cfg.h"
 #include "Mayaqua/FileIO.h"
 #include "Mayaqua/Memory.h"
 #include "Mayaqua/Object.h"
 #include "Mayaqua/Str.h"
 #include "Mayaqua/TcpIp.h"
 #include "Mayaqua/Unix.h"
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
-#include <wchar.h>
+
 #include <stdarg.h>
 #include <time.h>
 #include <errno.h>
-#include <Mayaqua/Mayaqua.h>
+#include <fcntl.h>
-#include <Cedar/Cedar.h>
+
 #include <net/ethernet.h>
 #include <net/if.h>
 #include <sys/ioctl.h>
 #include <sys/stat.h>
 #ifdef UNIX_SOLARIS
 #include <sys/sockio.h>
@ -27,17 +36,18 @@
 #ifdef BRIDGE_PCAP
 #include <pcap.h>
-#endif // BRIDGE_PCAP
+#endif
 #ifdef BRIDGE_BPF
-#include <sys/ioctl.h>
+#include <ifaddrs.h>
 #include <net/bpf.h>
 #include <net/if_types.h>
 #include <net/if_dl.h>
-#include <ifaddrs.h>
+#endif
-#endif // BRIDGE_BPF
+
 #ifdef UNIX_LINUX
 #include <linux/if_packet.h>
 #ifdef	UNIX_LINUX
 struct my_tpacket_auxdata
 {
 	UINT tp_status;
@ -2688,5 +2698,4 @@ void EthPutPacketLinuxIpRaw(ETH *e, void *data, UINT size)
 	Free(data);
 }
-
+#endif
 #endif	// BRIDGE_C
--- a/src/Cedar/BridgeUnix.h
+++ b/src/Cedar/BridgeUnix.h
@ -5,9 +5,15 @@
 // BridgeUnix.h
 // Header of BridgeUnix.c
 #ifdef OS_UNIX
 #ifndef	BRIDGEUNIX_H
 #define	BRIDGEUNIX_H
 #include "Bridge.h"
 #include "Mayaqua/Network.h"
 // Macro
 #ifndef SOL_PACKET
 #define	SOL_PACKET	263
@ -128,6 +134,6 @@ bool DlipBindRequest(int fd);
 int UnixEthOpenRawSocket();
-#endif	// BRIDGEUNIX_H
+#endif // BRIDGEUNIX_H
 #endif // OS_UNIX
--- a/src/Cedar/BridgeWin32.c
+++ b/src/Cedar/BridgeWin32.c
@ -5,24 +5,27 @@
 // BridgeWin32.c
 // Ethernet Bridge Program (Win32)
-#include <GlobalConst.h>
+#ifdef OS_WIN32
-#ifdef	BRIDGE_C
+#define BRIDGE_C
 #include "BridgeWin32.h"
 #include "Admin.h"
 #include "Connection.h"
 #include "SeLowUser.h"
 #include "Mayaqua/Cfg.h"
 #include "Mayaqua/FileIO.h"
 #include "Mayaqua/Internat.h"
 #include "Mayaqua/Memory.h"
 #include "Mayaqua/Microsoft.h"
 #include "Mayaqua/Object.h"
 #include "Mayaqua/Str.h"
 #include "Mayaqua/Tick64.h"
 #include "Mayaqua/Str.h"
 #include <winsock2.h>
 #include <Ws2tcpip.h>
 #include <windows.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
 #include <wchar.h>
 #include <stdarg.h>
 #include <time.h>
 #include <errno.h>
 #include <Packet32.h>
 #include <Mayaqua/Mayaqua.h>
 #include <Cedar/Cedar.h>
 static WP *wp = NULL;
 static LIST *eth_list = NULL;
@ -466,11 +469,6 @@ bool EnumEthVLanWin32(RPC_ENUM_ETH_VLAN *t)
 	Zero(t, sizeof(RPC_ENUM_ETH_VLAN));
 	if (MsIsWin2000OrGreater() == false)
 	{
 		return false;
 	}
 	if (IsEthSupported() == false)
 	{
 		return false;
@ -1488,7 +1486,7 @@ LIST *GetEthAdapterListInternal()
 		i = 0;
-		if (OS_IS_WINDOWS_NT(GetOsInfo()->OsType))
+		if (true)
 		{
 			// Windows NT
 			if (size >= 2 && buf[0] != 0 && buf[1] != 0)
@ -1526,7 +1524,6 @@ LIST *GetEthAdapterListInternal()
 		}
 		else
 		{
 			// Windows 9x
 ANSI_STR:
 			while (true)
 			{
@ -1564,18 +1561,6 @@ ANSI_STR:
 			StrCpy(a->Title, sizeof(a->Title), &buf[i]);
 			i += StrSize(a->Title);
 			// If device description is "Unknown" in Win9x, skip 1 byte
 			if (OS_IS_WINDOWS_9X(GetOsInfo()->OsType))
 			{
 				if (StrCmp(a->Title, "Unknown") == 0)
 				{
 					if (buf[i] == 0)
 					{
 						i+=sizeof(char);
 					}
 				}
 			}
 			TrimCrlf(a->Title);
 			Trim(a->Title);
 			TrimCrlf(a->Title);
@ -1790,31 +1775,7 @@ bool IsEthSupportedInner()
 // Is the PCD driver supported in current OS
 bool IsPcdSupported()
 {
-	UINT type;
+	return !MsIsWindows10();
 	OS_INFO *info = GetOsInfo();
 	if (MsIsWindows10())
 	{
 		// Windows 10 or later never supports PCD driver.
 		return false;
 	}
 	type = info->OsType;
 	if (OS_IS_WINDOWS_NT(type) == false)
 	{
 		// Only on Windows NT series
 		return false;
 	}
 	if (GET_KETA(type, 100) >= 2)
 	{
 		// Good for Windows 2000 or later
 		return true;
 	}
 	// Not good for Windows NT 4.0 or Longhorn
 	return false;
 }
 // Save build number of PCD driver
@ -2085,8 +2046,7 @@ void GetEthNetworkConnectionName(wchar_t *dst, UINT size, char *device_name)
 	UniStrCpy(dst, size, L"");
 	// Validate arguments
-	if (device_name == NULL || IsEthSupported() == false || 
+	if (device_name == NULL || IsEthSupported() == false)
 		IsNt() == false || MsIsWin2000OrGreater() == false)
 	{
 		return;
 	}
@ -2134,6 +2094,4 @@ void GetEthNetworkConnectionName(wchar_t *dst, UINT size, char *device_name)
 	Free(ncname);
 }
-#endif	// BRIDGE_C
+#endif
--- a/src/Cedar/BridgeWin32.h
+++ b/src/Cedar/BridgeWin32.h
@ -5,9 +5,15 @@
 // BridgeWin32.h
 // Header of BridgeWin32.c
 #ifdef OS_WIN32
 #ifndef	BRIDGEWIN32_H
 #define	BRIDGEWIN32_H
 #include "Bridge.h"
 #include <Packet32.h>
 #define	BRIDGE_WIN32_PACKET_DLL		"Packet.dll"
 #define	BRIDGE_WIN32_PCD_DLL		"|see.dll"
 #define	BRIDGE_WIN32_PCD_SYS		"|DriverPackages\\See\\x86\\See_x86.sys"
@ -18,10 +24,7 @@
 #define	BRIDGE_WIN32_ETH_BUFFER		(1048576)
-
+#ifdef BRIDGE_C
 typedef void *HANDLE;
 #ifdef	BRIDGE_C
 // Header for Internal function (for BridgeWin32.c)
 typedef struct WP
@ -157,6 +160,6 @@ bool Win32IsUsingSeLow();
 void Win32SetEnableSeLow(bool b);
 bool Win32GetEnableSeLow();
-#endif	// BRIDGEWIN32_H
+#endif // BRIDGEWIN32_H
 #endif // OS_WIN32
--- a/src/Cedar/CM.c
+++ b/src/Cedar/CM.c
@ -5,46 +5,33 @@
 // CM.c
 // VPN Client Connection Manager for Win32
-#include <GlobalConst.h>
+#ifdef OS_WIN32
-#ifdef	WIN32
+#define WINUI_C
 #define MICROSOFT_C
 #define	CM_C
 #define	SM_C
 #define	MICROSOFT_C
 #define	_WIN32_WINNT		0x0502
 #define	WINVER				0x0502
 #define	SECURITY_WIN32
 #include <winsock2.h>
 #include <windows.h>
 #include <Iphlpapi.h>
 #include <tlhelp32.h>
 #include <shlobj.h>
 #include <commctrl.h>
 #include <Dbghelp.h>
 #include <setupapi.h>
 #include <regstr.h>
 #include <process.h>
 #include <psapi.h>
 #include <wtsapi32.h>
 #include <Ntsecapi.h>
 #include <security.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
 #include <wchar.h>
 #include <stdarg.h>
 #include <time.h>
 #include <errno.h>
 #include <Mayaqua/Mayaqua.h>
 #include <Cedar/Cedar.h>
 #include "CMInner.h"
 #include "Nat.h"
 #include "Protocol.h"
 #include "Remote.h"
 #include "SMInner.h"
-#include "NMInner.h"
+#include "UT.h"
-#include "EMInner.h"
+#include "Win32Com.h"
 #include "WinUi.h"
 #include "Mayaqua/FileIO.h"
 #include "Mayaqua/Internat.h"
 #include "Mayaqua/Microsoft.h"
 #include "Mayaqua/Memory.h"
 #include "Mayaqua/Object.h"
 #include "Mayaqua/Secure.h"
 #include "Mayaqua/Str.h"
 #include "Mayaqua/Win32.h"
 #include "../PenCore/resource.h"
 #include <shellapi.h>
 // Get the proxy server settings from the registry string of IE
 bool CmGetProxyServerNameAndPortFromIeProxyRegStr(char *name, UINT name_size, UINT *port, char *str, char *server_type)
@ -232,14 +219,7 @@ UINT CmGetSecureBitmapId(char *dest_hostname)
 // Activate the window of UAC
 void CmSetUacWindowActive()
 {
-	HWND hWnd;
+	HWND hWnd = FindWindowA("$$$Secure UAP Dummy Window Class For Interim Dialog", NULL);
 	if (MsIsVista() == false)
 	{
 		return;
 	}
 	hWnd = FindWindowA("$$$Secure UAP Dummy Window Class For Interim Dialog", NULL);
 	if (hWnd == NULL)
 	{
 		return;
@ -1485,22 +1465,8 @@ void CmTrafficRunDlgAddStr(HWND hWnd, wchar_t *str)
 	UniReplaceStrEx(tmp, tmp_size, tmp, L"\r\n", L"\n", false);
 	UniReplaceStrEx(tmp, tmp_size, tmp, L"\n", L"\r\n", false);
-	if (MsIsNt())
+	SendMsg(hWnd, E_EDIT, EM_SETSEL, 0x7fffffff, 0x7fffffff);
-	{
+	SendMsg(hWnd, E_EDIT, EM_REPLACESEL, false, (LPARAM)tmp);
 		SendMsg(hWnd, E_EDIT, EM_SETSEL, 0x7fffffff, 0x7fffffff);
 		SendMsg(hWnd, E_EDIT, EM_REPLACESEL, false, (LPARAM)tmp);
 	}
 	else
 	{
 		char *s = CopyUniToStr(tmp);
 		UINT len;
 		len = GetWindowTextLength(DlgItem(hWnd, E_EDIT));
 		SendMsg(hWnd, E_EDIT, EM_SETSEL, 0x7fffffff, 0x7fffffff);
 		SendMsg(hWnd, E_EDIT, EM_SETSEL, len, len);
 		SendMsg(hWnd, E_EDIT, EM_REPLACESEL, false, (LPARAM)s);
 		Free(s);
 	}
 	Free(tmp);
 }
@ -3568,11 +3534,6 @@ bool CmStopInstallVLan(HWND hWnd)
 		// There is no need to be prohibited if the client is an UNIX
 		return true;
 	}
 	if (cm->Client->Win9x)
 	{
 		// There is no need to prohibit if the client is a Win9x
 		return true;
 	}
 	return true;
@ -5474,27 +5435,12 @@ void CmMainWindowOnCommandEx(HWND hWnd, WPARAM wParam, LPARAM lParam, bool easy)
 		name = CmNewVLanDlg(hWnd);
 		if (name != NULL)
 		{
 			wchar_t tmp[MAX_SIZE];
 			void *helper = NULL;
 			RPC_CLIENT_CREATE_VLAN c;
 			Zero(&c, sizeof(c));
 			StrCpy(c.DeviceName, sizeof(c.DeviceName), name);
 			if (MsIsNt() == false)
 			{
 				// Change the title of the window
 				GetTxt(hWnd, 0, tmp, sizeof(tmp));
 				SetText(hWnd, 0, _UU("CM_VLAN_INSTALLING"));
 			}
 			// Minimize
 			if (MsIsVista() == false)
 			{
 				ShowWindow(hWnd, SW_SHOWMINIMIZED);
 			}
-			if (MsIsVista())
+			helper = CmStartUacHelper();
 			{
 				helper = CmStartUacHelper();
 			}
 			if (CALL(hWnd, CcCreateVLan(cm->Client, &c)))
 			{
@ -5503,17 +5449,9 @@ void CmMainWindowOnCommandEx(HWND hWnd, WPARAM wParam, LPARAM lParam, bool easy)
 			CmStopUacHelper(helper);
 			if (MsIsNt() == false)
 			{
 				// Restore the title of the window
 				SetText(hWnd, 0, tmp);
 			}
 			// Restore
 			if (MsIsVista() == false)
 			{
 				ShowWindow(hWnd, SW_SHOWNORMAL);
 			}
 			Free(name);
 			CmRefresh(hWnd);
 		}
 		break;
 	case CMD_DELETE_VLAN:
@ -5521,39 +5459,29 @@ void CmMainWindowOnCommandEx(HWND hWnd, WPARAM wParam, LPARAM lParam, bool easy)
 		index = LvGetSelected(hWnd, L_VLAN);
 		if (index != INFINITE)
 		{
-			if (cm->Client->Win9x == false)
+			// Windows 2000 or later
 			wchar_t *s = LvGetStr(hWnd, L_VLAN, index, 0);
 			if (s != NULL)
 			{
-				// Windows 2000 or later
+				RPC_CLIENT_CREATE_VLAN c;
-				wchar_t *s = LvGetStr(hWnd, L_VLAN, index, 0);
+				char str[MAX_SIZE];
-				if (s != NULL)
+				CmVoice("delete_vlan_1");
 				if (MsgBoxEx(hWnd, MB_ICONQUESTION | MB_YESNO | MB_DEFBUTTON2, _UU("CM_DELETE_VLAN"), s) == IDYES)
 				{
-					RPC_CLIENT_CREATE_VLAN c;
+					Zero(&c, sizeof(c));
-					char str[MAX_SIZE];
+					UniToStr(str, sizeof(str), s);
-					CmVoice("delete_vlan_1");
+					if (CmPrintNameToVLanName(c.DeviceName, sizeof(c.DeviceName), str))
 					if (MsgBoxEx(hWnd, MB_ICONQUESTION | MB_YESNO | MB_DEFBUTTON2, _UU("CM_DELETE_VLAN"), s) == IDYES)
 					{
-						Zero(&c, sizeof(c));
+						if (CALL(hWnd, CcDeleteVLan(cm->Client, &c)))
 						UniToStr(str, sizeof(str), s);
 						if (CmPrintNameToVLanName(c.DeviceName, sizeof(c.DeviceName), str))
 						{
-							if (CALL(hWnd, CcDeleteVLan(cm->Client, &c)))
+							CmVoice("delete_vlan_2");
 							{
 								CmVoice("delete_vlan_2");
 							}
 						}
 					}
 					Free(s);
 				}
 			}
 			else
 			{
 				// Windows 9x
 				if (MsgBox(hWnd, MB_ICONQUESTION | MB_YESNO, _UU("CM_9X_VLAN_UNINSTALL")) == IDYES)
 				{
 					Run("rundll32.exe", "shell32.dll,Control_RunDLL NETCPL.CPL",
 						false, false);
 				}
 				Free(s);
 			}
 			CmRefresh(hWnd);
 		}
 		break;
 	case CMD_ENABLE_VLAN:
@ -5573,6 +5501,8 @@ void CmMainWindowOnCommandEx(HWND hWnd, WPARAM wParam, LPARAM lParam, bool easy)
 					CALL(hWnd, CcEnableVLan(cm->Client, &c));
 				}
 				Free(s);
 				CmRefresh(hWnd);
 			}
 		}
 		break;
@ -5593,6 +5523,8 @@ void CmMainWindowOnCommandEx(HWND hWnd, WPARAM wParam, LPARAM lParam, bool easy)
 					CALL(hWnd, CcDisableVLan(cm->Client, &c));
 				}
 				Free(s);
 				CmRefresh(hWnd);
 			}
 		}
 		break;
@ -5621,28 +5553,15 @@ void CmMainWindowOnCommandEx(HWND hWnd, WPARAM wParam, LPARAM lParam, bool easy)
 				UniToStr(str, sizeof(str), s);
 				if (CmPrintNameToVLanName(c.DeviceName, sizeof(c.DeviceName), str))
 				{
-					void *helper = NULL;
+					void *helper = CmStartUacHelper();
 					if (MsIsVista() == false)
 					{
 						ShowWindow(hWnd, SW_SHOWMINIMIZED);
 					}
 					if (MsIsVista())
 					{
 						helper = CmStartUacHelper();
 					}
 					CALL(hWnd, CcUpgradeVLan(cm->Client, &c));
 					CmStopUacHelper(helper);
 					if (MsIsVista() == false)
 					{
 						ShowWindow(hWnd, SW_SHOWNORMAL);
 					}
 				}
 				Free(s);
 				CmRefresh(hWnd);
 			}
 		}
 		break;
@ -5710,11 +5629,7 @@ void CmMainWindowOnCommandEx(HWND hWnd, WPARAM wParam, LPARAM lParam, bool easy)
 		break;
 	case CMD_MMCSS:
 		// Optimization utility for Windows Vista
-		if (MsIsVista() == false)
+		if (true)
 		{
 			MsgBox(hWnd, MB_ICONINFORMATION, _UU("VISTA_MMCSS_MSG_4"));
 		}
 		else
 		{
 			if (MsIsAdmin() == false)
 			{
@ -5782,7 +5697,6 @@ void CmConfigDlgInit(HWND hWnd)
 {
 	bool use_alpha;
 	UINT alpha_value;
 	UINT os;
 	CLIENT_CONFIG c;
 	// Validate arguments
 	if (hWnd == NULL)
@ -5817,15 +5731,7 @@ void CmConfigDlgInit(HWND hWnd)
 	SetInt(hWnd, E_ALPHA_VALUE, alpha_value == 0 ? 50 : alpha_value);
 	Check(hWnd, R_ALPHA, use_alpha);
-	os = GetOsInfo()->OsType;
+	Enable(hWnd, R_ALPHA);
 	if (OS_IS_WINDOWS_NT(os) && GET_KETA(os, 100) >= 2)
 	{
 		Enable(hWnd, R_ALPHA);
 	}
 	else
 	{
 		Disable(hWnd, R_ALPHA);
 	}
 	CmConfigDlgRefresh(hWnd);
 }
@ -6427,8 +6333,8 @@ UINT CmNewVLanDlgProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *p
 	switch (msg)
 	{
 	case WM_INITDIALOG:
-		LimitText(hWnd, E_NAME, cm->Client->Win9x ? MAX_DEVICE_NAME_LEN_9X : MAX_DEVICE_NAME_LEN);
+		LimitText(hWnd, E_NAME, MAX_DEVICE_NAME_LEN);
-		FormatText(hWnd, S_INFO, cm->Client->Win9x ? MAX_DEVICE_NAME_LEN_9X : MAX_DEVICE_NAME_LEN);
+		FormatText(hWnd, S_INFO, MAX_DEVICE_NAME_LEN);
 		Zero(&ver, sizeof(ver));
@ -6453,15 +6359,7 @@ UINT CmNewVLanDlgProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *p
 		switch (wParam)
 		{
 		case IDOK:
-			if (cm->Client->Win9x)
+			GetTxtA(hWnd, E_NAME, tmp, MAX_DEVICE_NAME_LEN + 1);
 			{
 				// For Windows 9x, show a confirmation message
 				if (MsgBox(hWnd, MB_ICONQUESTION | MB_OKCANCEL, _UU("CM_9X_VLAN_INSTALL")) == IDCANCEL)
 				{
 					break;
 				}
 			}
 			GetTxtA(hWnd, E_NAME, tmp, (cm->Client->Win9x ? MAX_DEVICE_NAME_LEN_9X : MAX_DEVICE_NAME_LEN) + 1);
 			Trim(tmp);
 			if (CcGetClientVersion(cm->Client, &ver) == ERR_NO_ERROR)
@ -9923,30 +9821,6 @@ void CmConnect(HWND hWnd, wchar_t *account_name)
 		return;
 	}
 	if (hWnd == cm->hMainWnd)
 	{
 		if (LvNum(hWnd, L_VLAN) == 0 && cm->Client->Win9x)
 		{
 			if (MsgBox(hWnd, MB_ICONINFORMATION | MB_YESNO, _UU("CM_NO_VLAN_2")) == IDNO)
 			{
 				return;
 			}
 			else
 			{
 				if (cm->server_name == NULL || cm->Client->Unix)
 				{
 					Command(hWnd, CMD_NEW_VLAN);
 					return;
 				}
 				else
 				{
 					MsgBox(hWnd, MB_ICONINFORMATION, _UU("CM_VLAN_REMOTE_ERROR"));
 				}
 				return;
 			}
 		}
 	}
 	// (If necessary) display a warning
 	if (CmWarningDesktop(hWnd, account_name) == false)
 	{
@ -10085,7 +9959,7 @@ bool CmIsEnabled(HWND hWnd, UINT id)
 	switch (id)
 	{
 	case CMD_LANGUAGE:
-		return MsIsNt();
+		return true;
 	case CMD_SHOWPORT:
 	case CMD_GRID:
 		if (cm->IconView)
@ -10094,7 +9968,7 @@ bool CmIsEnabled(HWND hWnd, UINT id)
 		}
 		return true;
 	case CMD_MMCSS:
-		if (MsIsVista() == false || IsEmptyStr(cm->server_name) == false)
+		if (IsEmptyStr(cm->server_name) == false)
 		{
 			return false;
 		}
@ -10105,12 +9979,7 @@ bool CmIsEnabled(HWND hWnd, UINT id)
 		return true;
 	case CMD_TRAYICON:
 	case CMD_TRAFFIC:
 		return (cm->server_name == NULL);
 	case CMD_NETIF:
 		if (MsIsNt() == false)
 		{
 			return false;
 		}
 		return (cm->server_name == NULL);
 	case CMD_CM_SETTING:
 		return cm->CmSettingSupported;
@ -10172,7 +10041,7 @@ bool CmIsEnabled(HWND hWnd, UINT id)
 		}
 	case CMD_SHORTCUT:
 		// Create a shortcut
-		if (cm->Client->Rpc->Sock->RemoteIP.addr[0] != 127)
+		if (IsLocalHostIP(&cm->Client->Rpc->Sock->RemoteIP) == false)
 		{
 			return false;
 		}
@ -10247,21 +10116,11 @@ bool CmIsEnabled(HWND hWnd, UINT id)
 		}
 		break;
 	case CMD_NEW_VLAN:
-		if (cm->Client->Unix == false && cm->Client->Win9x == false)
+		if (cm->Client->Unix == false && cm->server_name != NULL)
 		{
-			if (cm->server_name != NULL)
+			return false;
 			{
 				return false;
 			}
 		}
 		if (cm->Client->Win9x)
 		{
 			if (LvNum(hWnd, L_VLAN) >= 1)
 			{
 				// You can not install two or more virtual LAN cards in Win9x
 				return false;
 			}
 		}
 		break;
 	case CMD_PROPERTY:
 		name = LvGetSelectedStr(hWnd, L_ACCOUNT, 0);
@ -10286,10 +10145,6 @@ bool CmIsEnabled(HWND hWnd, UINT id)
 		}
 		return LvIsSelected(hWnd, L_VLAN);
 	case CMD_ENABLE_VLAN:
 		if (cm->Client->Win9x)
 		{
 			return false;
 		}
 		if (LvIsMultiMasked(hWnd, L_VLAN))
 		{
 			return false;
@ -10315,10 +10170,6 @@ bool CmIsEnabled(HWND hWnd, UINT id)
 		}
 		break;
 	case CMD_DISABLE_VLAN:
 		if (cm->Client->Win9x)
 		{
 			return false;
 		}
 		if (LvIsMultiMasked(hWnd, L_VLAN))
 		{
 			return false;
@ -10348,7 +10199,7 @@ bool CmIsEnabled(HWND hWnd, UINT id)
 		{
 			return false;
 		}
-		if (cm->Client->Win9x || cm->Client->Unix)
+		if (cm->Client->Unix)
 		{
 			// Upgrading the virtual LAN card on a UNIX system or Win9x is unavailable
 			return false;
@ -10359,24 +10210,7 @@ bool CmIsEnabled(HWND hWnd, UINT id)
 		}
 		return LvIsSelected(hWnd, L_VLAN);
 	case CMD_WINNET:
-		{
+		return (cm->server_name == NULL);
 			UINT os_type = GetOsInfo()->OsType;
 			if (OS_IS_WINDOWS_NT(os_type) && GET_KETA(os_type, 100) >= 2)
 			{
 				if (cm->server_name != NULL)
 				{
 					return false;
 				}
 				return true;
 			}
 			else
 			{
 				return false;
 			}
 		}
 		break;
 	case CMD_EXIT:
 		return cm->TrayInited;
 	}
@ -11264,7 +11098,7 @@ void CmMainWindowOnInit(HWND hWnd)
 	}
 	else
 	{
-		cm->VistaStyle = MsIsVista();
+		cm->VistaStyle = true;
 	}
 	if (MsRegIsValue(REG_CURRENT_USER, CM_REG_KEY, "ShowPort"))
@ -12068,10 +11902,6 @@ RETRY:
 	{
 		cm->CmSettingSupported = true;
 		cm->CmEasyModeSupported = true;
 		if (OS_IS_WINDOWS_9X(a.OsType))
 		{
 			cm->CmEasyModeSupported = false;
 		}
 	}
 	return true;
--- a/src/Cedar/CM.h
+++ b/src/Cedar/CM.h
@ -5,8 +5,14 @@
 // CM.h
 // Header of CM.c
-#ifndef	CM_H
+#ifdef OS_WIN32
-#define	CM_H
+
 #ifndef CM_H
 #define CM_H
 #include "GlobalConst.h"
 #include "Mayaqua/MayaType.h"
 // Constants
 #define	CM_REG_KEY			"Software\\" GC_REG_COMPANY_NAME "\\" CEDAR_PRODUCT_STR " VPN\\Client Manager"
@ -47,6 +53,6 @@ void CmStopUacHelper(void *p);
 void *CmExecUiHelperMain();
 UINT CmGetSecureBitmapId(char *dest_hostname);
-#endif	// CM_H
+#endif // CM_H
 #endif // OS_WIN32
--- a/src/Cedar/CMInner.h
+++ b/src/Cedar/CMInner.h
@ -5,10 +5,21 @@
 // CMInner.h
 // Internal header for the CM.c
 #include "Client.h"
 #include "CM.h"
 #include "Command.h"
 #include "WinUi.h"
 #include "Mayaqua/Table.h"
 #include <stdlib.h>
 #define STARTUP_MUTEX_NAME	GC_SW_SOFTETHER_PREFIX "vpncmgr_startup_mutex"
 #define	NAME_OF_VPN_CLIENT_MANAGER	"vpncmgr"
 typedef struct LVB LVB;
 void CmVoice(char *name);
 typedef struct CM_UAC_HELPER
@ -379,7 +390,7 @@ void CmPolicyDlg(HWND hWnd, CM_STATUS *st);
 UINT CmPolicyDlgProc(HWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, void *param);
 void CmPolicyDlgPrint(HWND hWnd, CM_POLICY *p);
 void CmPolicyDlgPrintEx(HWND hWnd, CM_POLICY *p, bool cascade_mode);
-void CmPolicyDlgPrintEx2(HWND hWnd, CM_POLICY *p, bool cascade_mode, bool ver);
+void CmPolicyDlgPrintEx2(HWND hWnd, CM_POLICY *p, bool cascade_mode, UINT ver);
 void CmNewAccount(HWND hWnd);
 void CmEditAccount(HWND hWnd, wchar_t *account_name);
 void CmGenerateNewAccountName(HWND hWnd, wchar_t *name, UINT size);
--- a/src/Cedar/CMakeLists.txt
+++ b/src/Cedar/CMakeLists.txt
@ -19,6 +19,29 @@ set_target_properties(cedar
  RUNTIME_OUTPUT_DIRECTORY "${BUILD_DIRECTORY}"
 )
 cmake_host_system_information(RESULT HAS_SSE2 QUERY HAS_SSE2)
 set(BLAKE2_SRC_PATH $<IF:$<BOOL:${HAS_SSE2}>,${TOP_DIRECTORY}/3rdparty/BLAKE2/sse,${TOP_DIRECTORY}/3rdparty/BLAKE2/ref>)
 set(BLAKE2_SRC $<IF:$<BOOL:${HAS_SSE2}>,${BLAKE2_SRC_PATH}/blake2s.c,${BLAKE2_SRC_PATH}/blake2s-ref.c>)
 target_include_directories(cedar PUBLIC ${BLAKE2_SRC_PATH})
 target_sources(cedar PRIVATE ${BLAKE2_SRC})
 if(VCPKG_TARGET_TRIPLET)
  find_package(unofficial-sodium CONFIG REQUIRED)
  target_link_libraries(cedar PUBLIC unofficial-sodium::sodium)
 else()
  find_package(PkgConfig REQUIRED)
  pkg_search_module(SODIUM libsodium REQUIRED)
  target_include_directories(cedar PUBLIC ${SODIUM_INCLUDE_DIRS})
  if(NOT ("$ENV{TRAVIS_CPU_ARCH}" STREQUAL ppc64le))
    target_link_libraries(cedar PUBLIC $<IF:$<BOOL:SODIUM_LINK_LIBRARIES>,${SODIUM_LINK_LIBRARIES},${SODIUM_LIBRARIES}>)
  else()
    # TODO: investigate why on ppc64le the use of SODIUM_LINK_LIBRARIES causes undefined references to libsodium functions.
    target_link_libraries(cedar PUBLIC ${SODIUM_LIBRARIES})
  endif()
 endif()
 if(WIN32)
  set_target_properties(cedar
    PROPERTIES
@ -31,10 +54,10 @@ if(WIN32)
 endif()
 if(UNIX)
  find_library(LIB_READLINE readline)
  find_package(Curses REQUIRED)
  find_library(LIB_READLINE readline)
-  target_link_libraries(cedar PRIVATE ${LIB_READLINE} ${CURSES_LIBRARIES})
+  target_link_libraries(cedar PRIVATE ${CURSES_LIBRARIES} ${LIB_READLINE})
  if(${CMAKE_SYSTEM_NAME} STREQUAL "Darwin")
    target_link_libraries(cedar PRIVATE mayaqua pcap)
--- a/src/Cedar/Cedar.c
+++ b/src/Cedar/Cedar.c
@ -5,8 +5,35 @@
 // Cedar.c
 // Cedar Communication Module
 #include "Cedar.h"
-#include "CedarPch.h"
+#include "Admin.h"
 #include "Bridge.h"
 #include "Connection.h"
 #include "Layer3.h"
 #include "Link.h"
 #include "Listener.h"
 #include "Protocol.h"
 #include "Sam.h"
 #include "Server.h"
 #include "Session.h"
 #include "VLanWin32.h"
 #include "WebUI.h"
 #include "Mayaqua/Cfg.h"
 #include "Mayaqua/Encrypt.h"
 #include "Mayaqua/FileIO.h"
 #include "Mayaqua/HTTP.h"
 #include "Mayaqua/Mayaqua.h"
 #include "Mayaqua/Memory.h"
 #include "Mayaqua/Microsoft.h"
 #include "Mayaqua/Object.h"
 #include "Mayaqua/Str.h"
 #include "Mayaqua/Table.h"
 #include "Mayaqua/Tick64.h"
 #include "Mayaqua/Win32.h"
 #include <sodium.h>
 static UINT init_cedar_counter = 0;
 static REF *cedar_log_ref = NULL;
@ -1094,12 +1121,13 @@ void CleanupCedar(CEDAR *c)
 	WuFreeWebUI(c->WebUI);
 	FreeCedarLayer3(c);
-/*
+	for (i = 0; i < LIST_NUM(c->WgkList); ++i)
 	for (i = 0;i < LIST_NUM(c->HubList);i++)
 	{
-		HUB *h = LIST_DATA(c->HubList, i);
+		WGK *wgk = LIST_DATA(c->WgkList, i);
 		Free(wgk);
 	}
-*/
+	ReleaseList(c->WgkList);
 	for (i = 0;i < LIST_NUM(c->CaList);i++)
 	{
 		X *x = LIST_DATA(c->CaList, i);
@ -1491,6 +1519,7 @@ CEDAR *NewCedar(X *server_x, K *server_k)
 	c->Traffic = NewTraffic();
 	c->TrafficLock = NewLock();
 	c->CaList = NewList(CompareCert);
 	c->WgkList = NewList(CompareWgk);
 	c->TrafficDiffList = NewList(NULL);
@ -1600,6 +1629,12 @@ void InitCedar()
 		return;
 	}
 	if (sodium_init() == -1)
 	{
 		Debug("InitCedar(): sodium_init() failed!\n");
 		return;
 	}
 	// Initialize protocol module
 	InitProtocol();
 }
--- a/src/Cedar/Cedar.h
+++ b/src/Cedar/Cedar.h
@ -8,6 +8,10 @@
 #ifndef	CEDAR_H
 #define	CEDAR_H
 #include "CedarType.h"
 #include "GlobalConst.h"
 #include "Mayaqua/Network.h"
 //////////////////////////////////////////////////////////////////////
 // 
@ -24,10 +28,6 @@
 #endif	// VPN_SPEED
 #define	bool	UINT
 #define	BOOL	UINT
 // Version number
 #ifndef	CEDAR_VERSION_MAJOR
 #define	CEDAR_VERSION_MAJOR		0
@ -122,7 +122,6 @@
 #define	MAX_SESSION_NAME_LEN		255		// Session name maximum length
 #define	MAX_CONNECTION_NAME_LEN		255		// Maximum length of connection name
 #define	MAX_DEVICE_NAME_LEN			31		// Device name maximum length
 #define	MAX_DEVICE_NAME_LEN_9X		4		// Maximum length of Virtual LAN card name in Win9x
 #define	MAX_ACCESSLIST_NOTE_LEN		255		// Maximum length of the note of access list entry
 #define	MAX_SECURE_DEVICE_FILE_LEN	255		// Secure device file name maximum length
 #define	MAX_ADMIN_OPTION_NAME_LEN	63		// Management option name
@ -367,6 +366,7 @@
 #define	AUTHTYPE_ROOTCERT				3			// Root certificate which is issued by trusted Certificate Authority
 #define	AUTHTYPE_RADIUS					4			// Radius authentication
 #define	AUTHTYPE_NT						5			// Windows NT authentication
 #define	AUTHTYPE_WIREGUARD_KEY			97			// WireGuard public key authentication
 #define	AUTHTYPE_OPENVPN_CERT    		98			// TLS client certificate authentication
 #define	AUTHTYPE_TICKET					99			// Ticket authentication
@ -892,11 +892,11 @@ typedef struct TRAFFIC_ENTRY
 } TRAFFIC_ENTRY;
 // Traffic data
-typedef struct TRAFFIC
+struct TRAFFIC
 {
 	TRAFFIC_ENTRY Send;				// Transmitted data
 	TRAFFIC_ENTRY Recv;				// Received data
-} TRAFFIC;
+};
 // Non-SSL connection source
 typedef struct NON_SSL
@ -915,7 +915,7 @@ typedef struct TINY_LOG
 } TINY_LOG;
 // CEDAR structure
-typedef struct CEDAR
+struct CEDAR
 {
 	LOCK *lock;						// Lock
 	REF *ref;						// Reference counter
@ -923,6 +923,7 @@ typedef struct CEDAR
 	UINT Type;						// Type
 	LIST *ListenerList;				// Listener list
 	LIST *HubList;					// HUB list
 	LIST *WgkList;					// WireGuard key list
 	LIST *ConnectionList;			// Negotiating connection list
 	LIST *CaList;					// List of CA
 	volatile bool Halt;				// Halt flag
@ -982,7 +983,7 @@ typedef struct CEDAR
 	UINT FifoBudget;				// Fifo budget
 	SSL_ACCEPT_SETTINGS SslAcceptSettings;	// SSL Accept Settings
 	UINT DhParamBits;  // Bits of Diffie-Hellman parameters
-} CEDAR;
+};
 // Type of CEDAR
 #define	CEDAR_CLIENT				0	// Client
@ -990,131 +991,6 @@ typedef struct CEDAR
 #define	CEDAR_FARM_CONTROLLER		2	// Server farm controller
 #define	CEDAR_FARM_MEMBER			3	// Server farm member
 ////////////////////////////
 // Read the header file
 // Type
 #include <Cedar/CedarType.h>
 // Account Manager
 #include <Cedar/Account.h>
 // Listener module
 #include <Cedar/Listener.h>
 // Log storage module
 #include <Cedar/Logging.h>
 // Connection management
 #include <Cedar/Connection.h>
 // Session Management
 #include <Cedar/Session.h>
 // RPC
 #include <Cedar/Remote.h>
 // HUB management
 #include <Cedar/Hub.h>
 // Security Accounts Manager
 #include <Cedar/Sam.h>
 // Radius authentication module
 #include <Cedar/Radius.h>
 // Native protocol
 #include <Cedar/Protocol.h>
 // Inter-HUB link
 #include <Cedar/Link.h>
 // User-mode virtual host
 #include <Cedar/Virtual.h>
 // SecureNAT
 #include <Cedar/SecureNAT.h>
 // Digital watermark
 #include <Cedar/WaterMark.h>
 // Secure data
 #include <Cedar/SecureInfo.h>
 // Console service
 #include <Cedar/Console.h>
 // Vpncmd utility
 #include <Cedar/Command.h>
 // RPC over HTTP
 #include <Cedar/Wpc.h>
 // Layer-2/Layer-3 converter
 #include <Cedar/IPC.h>
 // Third party protocols
 #include <Cedar/Proto.h>
 #include <Cedar/Proto_IPsec.h>
 #include <Cedar/Proto_EtherIP.h>
 #include <Cedar/Proto_IkePacket.h>
 #include <Cedar/Proto_IKE.h>
 #include <Cedar/Proto_L2TP.h>
 #include <Cedar/Proto_OpenVPN.h>
 #include <Cedar/Proto_PPP.h>
 #include <Cedar/Proto_SSTP.h>
 #include <Cedar/Proto_Win7.h>
 // UDP Acceleration
 #include <Cedar/UdpAccel.h>
 // DDNS Client
 #include <Cedar/DDNS.h>
 // VPN Azure Client
 #include <Cedar/AzureClient.h>
 // VPN Azure Server
 #include <Cedar/AzureServer.h>
 // Native IP Stack
 #include <Cedar/NativeStack.h>
 #ifdef	OS_WIN32
 // Neo device driver
 #include <Neo/Neo.h>
 // SeLow User-mode
 #include <Cedar/SeLowUser.h>
 #endif	// OS_WIN32
 // Neo device driver manipulation library
 #include <Cedar/VLan.h>
 // Bridge
 #include <Cedar/Bridge.h>
 // Layer-3 switch
 #include <Cedar/Layer3.h>
 // Virtual LAN card for test
 #include <Cedar/NullLan.h>
 // Client
 #include <Cedar/Client.h>
 // Server
 #include <Cedar/Server.h>
 // License database
 #include <Cedar/Database.h>
 // EtherLogger
 #include <Cedar/EtherLog.h>
 // Management RPC
 #include <Cedar/Admin.h>
 // User-mode Router
 #include <Cedar/Nat.h>
 // Web UI
 #include <Cedar/WebUI.h>
 // VPN Gate Main Implementation
 #include <Cedar/VG.h>
 #ifdef	OS_WIN32
 // Win32 user interface
 #include <Cedar/WinUi.h>
 // Win32 Client Connection Manager
 #include <Cedar/CM.h>
 // Win32 Server Manager
 #include <Cedar/SM.h>
 // Win32 User-mode Router Manager
 #include <Cedar/NM.h>
 // Win32 EtherLogger Manager
 #include <Cedar/EM.h>
 // Win32 Network Utility
 #include <Cedar/UT.h>
 // Win32 Setup Wizard
 #include <Cedar/SW.h>
 // Win32 COM calling module
 #include <Cedar/Win32Com.h>
 #endif
 ////////////////////////////
 // Function prototype
--- a/src/Cedar/CedarPch.c
+++ b/src/Cedar/CedarPch.c
@ -1,9 +0,0 @@
 // SoftEther VPN Source Code - Developer Edition Master Branch
 // Cedar Communication Module
 // CedarPch.c
 // Cedar Pre-compile Header Generating Code
 #include "CedarPch.h"
--- a/src/Cedar/CedarPch.h
+++ b/src/Cedar/CedarPch.h
@ -1,20 +0,0 @@
 // SoftEther VPN Source Code - Developer Edition Master Branch
 // Cedar Communication Module
 // CedarPch.h
 // Header file for grecompile header generation for Cedar
 #include <GlobalConst.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
 #include <wchar.h>
 #include <stdarg.h>
 #include <time.h>
 #include <errno.h>
 #include <Mayaqua/Mayaqua.h>
 #include <Cedar/Cedar.h>
--- a/src/Cedar/CedarType.h
+++ b/src/Cedar/CedarType.h
@ -8,6 +8,9 @@
 #ifndef	CEDARTYPE_H
 #define	CEDARTYPE_H
 typedef struct CEDAR CEDAR;
 typedef struct TRAFFIC TRAFFIC;
 // ==============================================================
 //   Remote Procedure Call
@ -277,6 +280,7 @@ typedef struct HUB_SNAPSHOT HUB_SNAPSHOT;
 typedef struct SERVER_SNAPSHOT SERVER_SNAPSHOT;
 typedef struct SERVER_HUB_CREATE_HISTORY SERVER_HUB_CREATE_HISTORY;
 typedef struct OPENVPN_SSTP_CONFIG OPENVPN_SSTP_CONFIG;
 typedef struct WGK WGK;
 // ==============================================================
 //   Server Admin Tool
@ -299,6 +303,7 @@ typedef struct RPC_ENUM_FARM_ITEM RPC_ENUM_FARM_ITEM;
 typedef struct RPC_ENUM_FARM RPC_ENUM_FARM;
 typedef struct RPC_FARM_CONNECTION_STATUS RPC_FARM_CONNECTION_STATUS;
 typedef struct RPC_KEY_PAIR RPC_KEY_PAIR;
 typedef struct RPC_WGK RPC_WGK;
 typedef struct RPC_HUB_OPTION RPC_HUB_OPTION;
 typedef struct RPC_RADIUS RPC_RADIUS;
 typedef struct RPC_HUB RPC_HUB;
@ -469,6 +474,13 @@ typedef struct WIDE_MACHINE_ID WIDE_MACHINE_ID;
 typedef struct TRIAL_INFO TRIAL_INFO;
 // ==============================================================
 //  Proto
 // ==============================================================
 typedef struct PROTO_OPTION PROTO_OPTION;
 // ==============================================================
 //  IPsec
 // ==============================================================
--- a/src/Cedar/Client.c
+++ b/src/Cedar/Client.c
@ -5,7 +5,43 @@
 // Client.c
 // Client Manager
-#include "CedarPch.h"
+#include "Client.h"
 #include "Account.h"
 #include "Admin.h"
 #include "Cedar.h"
 #include "CM.h"
 #include "Connection.h"
 #include "IPC.h"
 #include "Listener.h"
 #include "Logging.h"
 #include "Protocol.h"
 #include "Remote.h"
 #include "Virtual.h"
 #include "VLanUnix.h"
 #include "VLanWin32.h"
 #include "Win32Com.h"
 #include "WinUi.h"
 #include "Mayaqua/Cfg.h"
 #include "Mayaqua/Encrypt.h"
 #include "Mayaqua/FileIO.h"
 #include "Mayaqua/Internat.h"
 #include "Mayaqua/Kernel.h"
 #include "Mayaqua/MayaType.h"
 #include "Mayaqua/Memory.h"
 #include "Mayaqua/Microsoft.h"
 #include "Mayaqua/Network.h"
 #include "Mayaqua/Object.h"
 #include "Mayaqua/OS.h"
 #include "Mayaqua/Pack.h"
 #include "Mayaqua/Secure.h"
 #include "Mayaqua/Str.h"
 #include "Mayaqua/Table.h"
 #include "Mayaqua/Tick64.h"
 #include "Mayaqua/Win32.h"
 #include <stdlib.h>
 static CLIENT *client = NULL;
 static LISTENER *cn_listener = NULL;
@ -1108,11 +1144,7 @@ void Win32CnNicInfoThreadProc(THREAD *thread, void *param)
 		return;
 	}
-	if (MsIsNt())
+	NicInfo(info);
 	{
 		// Do not show a dialog on Windows 9x system
 		NicInfo(info);
 	}
 	Disconnect(info->Sock);
 }
@ -1370,10 +1402,7 @@ void Win32CnExecDriverInstaller(SOCK *s, PACK *p)
 		return;
 	}
-	if (MsIsVista())
+	helper = CmStartUacHelper();
 	{
 		helper = CmStartUacHelper();
 	}
 	ret = MsExecDriverInstaller(arg);
@ -1506,7 +1535,7 @@ void CnListenerProc(THREAD *thread, void *param)
 	AddRef(s->ref);
 	NoticeThreadInit(thread);
-	if (s->LocalIP.addr[0] == 127)
+	if (IsLocalHostIP(&s->LocalIP))
 	{
 		p = RecvPack(s);
@ -5081,7 +5110,7 @@ void CiRpcAccepted(CLIENT *c, SOCK *s)
 		retcode = 1;
 	}
-	if (c->PasswordRemoteOnly && s->RemoteIP.addr[0] == 127)
+	if (c->PasswordRemoteOnly && IsLocalHostIP(&s->RemoteIP))
 	{
 		// If in a mode that requires a password only remote,
 		// the password sent from localhost is considered to be always correct
@ -5094,7 +5123,7 @@ void CiRpcAccepted(CLIENT *c, SOCK *s)
 		{
 			// If the remote control is prohibited,
 			// identify whether this connection is from remote
-			if (s->RemoteIP.addr[0] != 127)
+			if (IsLocalHostIP(&s->RemoteIP) == false)
 			{
 				retcode = 2;
 			}
@ -5725,7 +5754,6 @@ L_TRY:
 		CcGetClientVersion(ret, &t);
 		ret->OsType = t.OsType;
 		ret->Unix = OS_IS_UNIX(ret->OsType);
 		ret->Win9x = OS_IS_WINDOWS_9X(ret->OsType);
 		ret->IsVgcSupported = t.IsVgcSupported;
 		ret->ShowVgcLink = t.ShowVgcLink;
 		StrCpy(ret->ClientId, sizeof(ret->ClientId), t.ClientId);
@ -6282,17 +6310,12 @@ bool CtConnect(CLIENT *c, RPC_CLIENT_CONNECT *connect)
 		{
 			if (t.NumItem == 0)
 			{
-				// There are no virtual LAN cards in the system
+					// Create a new virtual LAN card named "VPN" automatically
 				if (OS_IS_WINDOWS_NT(GetOsInfo()->OsType) || OS_IS_UNIX(GetOsInfo()->OsType))
 				{
 					// Only in Linux system or Windows NT system,
 					// create a new virtual LAN card which named as "VPN" automatically
 					RPC_CLIENT_CREATE_VLAN t;
 					Zero(&t, sizeof(t));
 					StrCpy(t.DeviceName, sizeof(t.DeviceName), "VPN");
 					CtCreateVLan(c,  &t);
 				}
 			}
 			CiFreeClientEnumVLan(&t);
@ -7641,13 +7664,6 @@ bool CtDeleteVLan(CLIENT *c, RPC_CLIENT_CREATE_VLAN *d)
 #else	// OS_WIN32
 	if (MsIsNt() == false)
 	{
 		// Not available in Win9x
 		CiSetError(c, ERR_NOT_SUPPORTED);
 		return false;
 	}
 	// Check whether the virtual LAN card are present
 	if (MsIsVLanExists(VLAN_ADAPTER_NAME_TAG, d->DeviceName) == false &&
 		MsIsVLanExists(VLAN_ADAPTER_NAME_TAG_OLD, d->DeviceName) == false)
@ -8021,8 +8037,7 @@ bool CtUpgradeVLan(CLIENT *c, RPC_CLIENT_CREATE_VLAN *create)
 {
 	bool use_old_name = false;
-#ifdef	OS_WIN32
+#ifdef OS_WIN32
 	KAKUSHI *k = NULL;
 	MS_DRIVER_VER ver;
 #endif	// OS_WIN32
@ -8042,13 +8057,6 @@ bool CtUpgradeVLan(CLIENT *c, RPC_CLIENT_CREATE_VLAN *create)
 	CiInitDriverVerStruct(&ver);
 	if (MsIsNt() == false)
 	{
 		// Not available in Win9x
 		CiSetError(c, ERR_NOT_SUPPORTED);
 		return false;
 	}
 	// Check whether the LAN card with the specified name already exists
 	if (MsIsVLanExists(VLAN_ADAPTER_NAME_TAG, create->DeviceName) == false &&
 		MsIsVLanExists(VLAN_ADAPTER_NAME_TAG_OLD, create->DeviceName) == false)
@ -8065,47 +8073,19 @@ bool CtUpgradeVLan(CLIENT *c, RPC_CLIENT_CREATE_VLAN *create)
 		use_old_name = true;
 	}
-	if (MsIsVista() == false)
+	// Perform the installation
 	char tmp[MAX_SIZE];
 	Format(tmp, sizeof(tmp), "upgradevlan %s", create->DeviceName);
 	if (CncExecDriverInstaller(tmp) == false)
 	{
-		k = InitKakushi();	
+		// Installation Failed
 		CiSetError(c, ERR_VLAN_INSTALL_ERROR);
 		CiNotify(c);
 		CiSendGlobalPulse(c);
 		return false;
 	}
 	if (MsIsVista() == false)
 	{
 		// Perform the installation (other than Windows Vista)
 		if (MsUpgradeVLan(use_old_name ? VLAN_ADAPTER_NAME_TAG_OLD : VLAN_ADAPTER_NAME_TAG,
 			use_old_name ? VLAN_CONNECTION_NAME_OLD : VLAN_CONNECTION_NAME,
 			create->DeviceName, &ver) == false)
 		{
 			// Installation Failed
 			FreeKakushi(k);
 			CiSetError(c, ERR_VLAN_INSTALL_ERROR);
 			CiNotify(c);
 			CiSendGlobalPulse(c);
 			return false;
 		}
 	}
 	else
 	{
 		// Perform the installation (Windows Vista)
 		char tmp[MAX_SIZE];
 		Format(tmp, sizeof(tmp), "upgradevlan %s", create->DeviceName);
 		if (CncExecDriverInstaller(tmp) == false)
 		{
 			// Installation Failed
 			FreeKakushi(k);
 			CiSetError(c, ERR_VLAN_INSTALL_ERROR);
 			CiNotify(c);
 			CiSendGlobalPulse(c);
 			return false;
 		}
 	}
 	FreeKakushi(k);
 	CLog(c, "LC_UPDATE_VLAN", create->DeviceName);
 	CiNotify(c);
@ -8122,10 +8102,6 @@ bool CtCreateVLan(CLIENT *c, RPC_CLIENT_CREATE_VLAN *create)
 	TOKEN_LIST *t;
 	UINT max_len;
 #ifdef	OS_WIN32
 	KAKUSHI *k = NULL;
 #endif	// OS_WIN32
 	// Validate arguments
 	if (c == NULL || create == NULL)
 	{
@ -8206,25 +8182,6 @@ bool CtCreateVLan(CLIENT *c, RPC_CLIENT_CREATE_VLAN *create)
 	return true;
 #else	// OS_WIN32
 	if (OS_IS_WINDOWS_9X(GetOsInfo()->OsType))
 	{
 		// Only one LAN card is available in the Win9x
 		TOKEN_LIST *t;
 		t = MsEnumNetworkAdapters(VLAN_ADAPTER_NAME, VLAN_ADAPTER_NAME_OLD);
 		if (t != NULL)
 		{
 			if (t->NumTokens >= 1)
 			{
 				FreeToken(t);
 				CiSetError(c, ERR_NOT_SUPPORTED);
 				return false;
 			}
 			FreeToken(t);
 		}
 	}
 	// Check whether the specified name is valid or not
 	if (IsSafeStr(create->DeviceName) == false)
 	{
@ -8233,7 +8190,7 @@ bool CtCreateVLan(CLIENT *c, RPC_CLIENT_CREATE_VLAN *create)
 		return false;
 	}
-	max_len = MsIsNt() ? MAX_DEVICE_NAME_LEN : MAX_DEVICE_NAME_LEN_9X;
+	max_len = MAX_DEVICE_NAME_LEN;
 	if (StrLen(create->DeviceName) > max_len)
 	{
 		// Name is too long
@ -8261,51 +8218,18 @@ bool CtCreateVLan(CLIENT *c, RPC_CLIENT_CREATE_VLAN *create)
 		return false;
 	}
-	if (MsIsNt())
+	// Perform the installation (Windows Vista)
 	char tmp[MAX_SIZE];
 	Format(tmp, sizeof(tmp), "instvlan %s", create->DeviceName);
 	if (CncExecDriverInstaller(tmp) == false)
 	{
-		if (MsIsVista() == false)
+		CiSetError(c, ERR_VLAN_INSTALL_ERROR);
-		{
+		CiNotify(c);
-			k = InitKakushi();
+		CiSendGlobalPulse(c);
-		}
+		return false;
 	}
 	if (MsIsVista() == false)
 	{
 		MS_DRIVER_VER ver;
 		CiInitDriverVerStruct(&ver);
 		// Perform the installation (other than Windows Vista)
 		if (MsInstallVLan(VLAN_ADAPTER_NAME_TAG, VLAN_CONNECTION_NAME, create->DeviceName, &ver) == false)
 		{
 			// Installation Failed
 			FreeKakushi(k);
 			CiSetError(c, ERR_VLAN_INSTALL_ERROR);
 			CiNotify(c);
 			CiSendGlobalPulse(c);
 			return false;
 		}
 	}
 	else
 	{
 		// Perform the installation (Windows Vista)
 		char tmp[MAX_SIZE];
 		Format(tmp, sizeof(tmp), "instvlan %s", create->DeviceName);
 		if (CncExecDriverInstaller(tmp) == false)
 		{
 			// Installation Failed
 			FreeKakushi(k);
 			CiSetError(c, ERR_VLAN_INSTALL_ERROR);
 			CiNotify(c);
 			CiSendGlobalPulse(c);
 			return false;
 		}
 	}
 	FreeKakushi(k);
 	t = MsEnumNetworkAdapters(VLAN_ADAPTER_NAME, VLAN_ADAPTER_NAME_OLD);
 	if (t->NumTokens == 1)
 	{
@ -8340,17 +8264,6 @@ bool CtCreateVLan(CLIENT *c, RPC_CLIENT_CREATE_VLAN *create)
 	CiSaveConfigurationFile(c);
 	if (MsIsNt() == false)
 	{
 		if (GetOsInfo()->OsType == OSTYPE_WINDOWS_ME)
 		{
 			// Show the warning in the case of Windows Me
 			MsgBox(NULL, 0x00000040L, _UU("CM_9X_VLAN_ME_MESSAGE"));
 		}
 		ReleaseThread(NewThread(Win9xRebootThread, NULL));
 	}
 	return true;
 #endif	// OS_WIN32
@ -9741,12 +9654,7 @@ bool CiReadSettingFromCfg(CLIENT *c, FOLDER *root)
 		UINT ostype = GetOsInfo()->OsType;
 		// CM_SETTING
 		CM_SETTING *s = c->CmSetting;
-
+		s->EasyMode = CfgGetBool(cmsetting, "EasyMode");
 		if (OS_IS_UNIX(ostype) || OS_IS_WINDOWS_NT(ostype))
 		{
 			s->EasyMode = CfgGetBool(cmsetting, "EasyMode");
 		}
 		s->LockMode = CfgGetBool(cmsetting, "LockMode");
 		CfgGetByte(cmsetting, "HashedPassword", s->HashedPassword, sizeof(s->HashedPassword));
 	}
@ -10432,16 +10340,6 @@ CLIENT *CiNewClient()
 	// Raise the priority
 	OSSetHighPriority();
 #ifdef	OS_WIN32
 	// For Win9x, release the DHCP address of all the virtual LAN card
 	if (MsIsNt() == false)
 	{
 		Win32ReleaseAllDhcp9x(true);
 	}
 #endif	// OS_WIN32
 	CiChangeAllVLanMacAddressIfMachineChanged(c);
 	CiChangeAllVLanMacAddressIfCleared(c);
@ -10564,14 +10462,6 @@ void CiCleanupClient(CLIENT *c)
 	Free(c);
 #ifdef	OS_WIN32
 	// For Win9x, release the DHCP address of all the virtual LAN card
 	if (MsIsNt() == false)
 	{
 		Win32ReleaseAllDhcp9x(true);
 	}
 #endif	// OS_WIN32
 	StopCedarLog();
 	if (ci_active_sessions_lock != NULL)
@ -10632,9 +10522,6 @@ void CtStartClient()
 		return;
 	}
 	// OS check
 	CiCheckOs();
 #ifdef	OS_WIN32
 	RegistWindowsFirewallAll();
 #endif
@ -10754,27 +10641,6 @@ void CtStopClient()
 	client = NULL;
 }
 // OS check
 void CiCheckOs()
 {
 	// Get the OS type
 	OS_INFO *info = GetOsInfo();
 	if (OS_IS_WINDOWS(info->OsType))
 	{
 		bool ok = IS_CLIENT_SUPPORTED_OS(info->OsType);
 		if (ok == false)
 		{
 			Alert(
 				CEDAR_PRODUCT_STR " VPN Client doesn't support this Windows Operating System.\n"
 				CEDAR_PRODUCT_STR " VPN Client requires Windows 98, Windows Me, Windows 2000, Windows XP, Windows Server 2003 or Greater.\n\n"
 				"Please contact your system administrator.", CEDAR_PRODUCT_STR " VPN Client");
 			exit(0);
 		}
 	}
 }
 // Client status indicator
 void CiClientStatusPrinter(SESSION *s, wchar_t *status)
 {
--- a/src/Cedar/Client.h
+++ b/src/Cedar/Client.h
@ -8,16 +8,14 @@
 #ifndef	CLIENT_H
 #define	CLIENT_H
 #include "Account.h"
 #include "Session.h"
 #include "Wpc.h"
 #define	CLIENT_CONFIG_PORT					GC_CLIENT_CONFIG_PORT		// Client port number
 #define	CLIENT_NOTIFY_PORT					GC_CLIENT_NOTIFY_PORT		// Client notification port number
 #define CLIENT_WAIT_CN_READY_TIMEOUT		(10 * 1000)	// Standby time to start the client notification service
 // Check whether the client can run on the specified OS_TYPE
 #define	IS_CLIENT_SUPPORTED_OS(t)			\
 	((OS_IS_WINDOWS_NT(t) && GET_KETA(t, 100) >= 2) || (OS_IS_WINDOWS_9X(t)))
 // Constants
 #define	CLIENT_CONFIG_FILE_NAME				"$vpn_client.config"
 #define	CLIENT_DEFAULT_KEEPALIVE_HOST		"keepalive.softether.org"
@ -420,7 +418,6 @@ struct REMOTE_CLIENT
 	RPC *Rpc;
 	UINT OsType;
 	bool Unix;
 	bool Win9x;
 	UINT ProcessId;
 	UINT ClientBuildInt;
 	bool IsVgcSupported;
@ -643,7 +640,6 @@ void CiFreeGetCa(RPC_GET_CA *a);
 void CiFreeGetIssuer(RPC_GET_ISSUER *a);
 void CiFreeClientEnumAccount(RPC_CLIENT_ENUM_ACCOUNT *a);
 void CiSetError(CLIENT *c, UINT err);
 void CiCheckOs();
 CLIENT *CiNewClient();
 void CiCleanupClient(CLIENT *c);
 bool CiLoadConfigurationFile(CLIENT *c);
@ -750,11 +746,9 @@ void OutRpcTrafficEx(TRAFFIC *t, PACK *p, UINT i, UINT num);
 void OutRpcCmSetting(PACK *p, CM_SETTING *c);
 void InRpcCmSetting(CM_SETTING *c, PACK *p);
-
+#ifdef OS_WIN32
-#ifdef	OS_WIN32
+typedef struct MS_DRIVER_VER MS_DRIVER_VER;
 void CiInitDriverVerStruct(MS_DRIVER_VER *ver);
 #endif	// OS_EIN32
 #endif	// CLIENT_H
--- a/src/Cedar/Command.c
+++ b/src/Cedar/Command.c
@ -5,7 +5,45 @@
 // Command.c
 // vpncmd Command Line Management Utility
-#include "CedarPch.h"
+#include "Command.h"
 #include "Admin.h"
 #include "AzureClient.h"
 #include "Connection.h"
 #include "Console.h"
 #include "Database.h"
 #include "DDNS.h"
 #include "Layer3.h"
 #include "Nat.h"
 #include "Proto_IPsec.h"
 #include "Proto_WireGuard.h"
 #include "Radius.h"
 #include "Server.h"
 #include "Virtual.h"
 #include "WinUi.h"
 #include "Mayaqua/Cfg.h"
 #include "Mayaqua/FileIO.h"
 #include "Mayaqua/Internat.h"
 #include "Mayaqua/Kernel.h"
 #include "Mayaqua/Memory.h"
 #include "Mayaqua/Microsoft.h"
 #include "Mayaqua/Network.h"
 #include "Mayaqua/Object.h"
 #include "Mayaqua/OS.h"
 #include "Mayaqua/Pack.h"
 #include "Mayaqua/Secure.h"
 #include "Mayaqua/Str.h"
 #include "Mayaqua/Table.h"
 #include "Mayaqua/Tick64.h"
 #include "Mayaqua/Unix.h"
 #include <stdlib.h>
 #ifdef OS_UNIX
 #include <signal.h>
 #include <sys/wait.h>
 #endif
 // System checker definition
 typedef bool (CHECKER_PROC_DEF)();
@ -916,14 +954,7 @@ void VpnCmdInitBootPath()
 		{
 			bool b = false;
 			// Copy the vpncmdsys.exe to system32
-			if (MsIsNt())
+			Format(tmp, sizeof(tmp), "%s\\vpncmd.exe", MsGetSystem32Dir());
 			{
 				Format(tmp, sizeof(tmp), "%s\\vpncmd.exe", MsGetSystem32Dir());
 			}
 			else
 			{
 				Format(tmp, sizeof(tmp), "%s\\vpncmd.exe", MsGetWindowsDir());
 			}
 			if (MsIs64BitWindows() == false || Is64())
 			{
@ -7483,6 +7514,9 @@ void PsMain(PS *ps)
 			{"RouterTableDel", PsRouterTableDel},
 			{"LogFileList", PsLogFileList},
 			{"LogFileGet", PsLogFileGet},
 			{"WgkAdd", PsWgkAdd},
 			{"WgkDelete", PsWgkDelete},
 			{"WgkEnum", PsWgkEnum},
 			{"HubCreate", PsHubCreate},
 			{"HubCreateDynamic", PsHubCreateDynamic},
 			{"HubCreateStatic", PsHubCreateStatic},
@ -7493,6 +7527,7 @@ void PsMain(PS *ps)
 			{"Hub", PsHub},
 			{"Online", PsOnline},
 			{"Offline", PsOffline},
 			{"SetStaticNetwork", PsSetStaticNetwork},
 			{"SetMaxSession", PsSetMaxSession},
 			{"SetHubPassword", PsSetHubPassword},
 			{"SetEnumAllow", PsSetEnumAllow},
@ -10561,6 +10596,137 @@ UINT PsLogFileGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param)
 	return ret;
 }
 // Add a WireGuard key (TODO: ability add multiple keys in a single call)
 UINT PsWgkAdd(CONSOLE *c, char *cmd_name, wchar_t *str, void *param)
 {
 	PS *ps = (PS *)param;
 	RPC_WGK t;
 	UINT ret;
 	LIST *o;
 	PARAM args[] =
 	{
 		{"[key]", CmdPrompt, _UU("CMD_WgkAdd_Prompt_[key]"), CmdEvalNotEmpty, NULL},
 		{"HUB", CmdPrompt, _UU("CMD_WgkAdd_Prompt_HUB"), NULL, NULL},
 		{"USER", CmdPrompt, _UU("CMD_WgkAdd_Prompt_USER"), NULL, NULL}
 	};
 	o = ParseCommandList(c, cmd_name, str, args, sizeof(args) / sizeof(args[0]));
 	if (o == NULL)
 	{
 		return ERR_INVALID_PARAMETER;
 	}
 	Zero(&t, sizeof(t));
 	t.Num = 1;
 	t.Wgks = ZeroMalloc(sizeof(WGK));
 	StrCpy(t.Wgks[0].Key, sizeof(t.Wgks[0].Key), GetParamStr(o, "[key]"));
 	StrCpy(t.Wgks[0].Hub, sizeof(t.Wgks[0].Hub), GetParamStr(o, "HUB"));
 	StrCpy(t.Wgks[0].User, sizeof(t.Wgks[0].User), GetParamStr(o, "USER"));
 	FreeParamValueList(o);
 	ret = ScAddWgk(ps->Rpc, &t);
 	if (ret != ERR_NO_ERROR)
 	{
 		CmdPrintError(c, ret);
 	}
 	FreeRpcWgk(&t);
 	return ret;
 }
 // Delete a WireGuard key (TODO: ability to delete multiple keys in a single call)
 UINT PsWgkDelete(CONSOLE *c, char *cmd_name, wchar_t *str, void *param)
 {
 	PS *ps = (PS *)param;
 	RPC_WGK t;
 	UINT ret;
 	LIST *o;
 	PARAM args[] =
 	{
 		{"[key]", CmdPrompt, _UU("CMD_WgkDelete_Prompt_[key]"), CmdEvalNotEmpty, NULL},
 	};
 	o = ParseCommandList(c, cmd_name, str, args, sizeof(args) / sizeof(args[0]));
 	if (o == NULL)
 	{
 		return ERR_INVALID_PARAMETER;
 	}
 	Zero(&t, sizeof(t));
 	t.Num = 1;
 	t.Wgks = ZeroMalloc(sizeof(WGK));
 	StrCpy(t.Wgks[0].Key, sizeof(t.Wgks[0].Key), GetParamStr(o, "[key]"));
 	FreeParamValueList(o);
 	ret = ScDeleteWgk(ps->Rpc, &t);
 	if (ret != ERR_NO_ERROR)
 	{
 		CmdPrintError(c, ret);
 	}
 	FreeRpcWgk(&t);
 	return ret;
 }
 // List the WireGuard keys
 UINT PsWgkEnum(CONSOLE *c, char *cmd_name, wchar_t *str, void *param)
 {
 	UINT ret = ERR_NO_ERROR;
 	PS *ps = (PS *)param;
 	RPC_WGK t;
 	LIST *o;
 	o = ParseCommandList(c, cmd_name, str, NULL, 0);
 	if (o == NULL)
 	{
 		return ERR_INVALID_PARAMETER;
 	}
 	Zero(&t, sizeof(t));
 	ret = ScEnumWgk(ps->Rpc, &t);
 	if (ret == ERR_NO_ERROR)
 	{
 		UINT i;
 		CT *ct = CtNew();
 		CtInsertColumn(ct, _UU("CMD_WgkEnum_Column_Key"), false);
 		CtInsertColumn(ct, _UU("CMD_WgkEnum_Column_Hub"), false);
 		CtInsertColumn(ct, _UU("CMD_WgkEnum_Column_User"), false);
 		for (i = 0; i < t.Num; ++i)
 		{
 			const WGK *wgk = &t.Wgks[i];
 			wchar_t *key, *hub, *user;
 			key = CopyStrToUni(wgk->Key);
 			hub = CopyStrToUni(wgk->Hub);
 			user = CopyStrToUni(wgk->User);
 			CtInsert(ct, key, hub, user);
 			Free(key);
 			Free(hub);
 			Free(user);
 		}
 		CtFree(ct, c);
 	}
 	else
 	{
 		CmdPrintError(c, ret);
 	}
 	FreeRpcWgk(&t);
 	return ret;
 }
 // Create a New Virtual HUB
 UINT PsHubCreate(CONSOLE *c, char *cmd_name, wchar_t *str, void *param)
 {
@ -11143,6 +11309,53 @@ UINT PsOffline(CONSOLE *c, char *cmd_name, wchar_t *str, void *param)
 	return 0;
 }
 // Set the static IPv4 network parameters for the Virtual HUB
 UINT PsSetStaticNetwork(CONSOLE *c, char *cmd_name, wchar_t *str, void *param)
 {
 	LIST *o;
 	PS *ps = (PS *)param;
 	UINT ret = 0;
 	RPC_CREATE_HUB t;
 	PARAM args[] =
 	{
 		{"GATEWAY", CmdPrompt, _UU("CMD_SetStaticNetwork_Prompt_GATEWAY"), CmdEvalIp, NULL},
 		{"SUBNET", CmdPrompt, _UU("CMD_SetStaticNetwork_Prompt_SUBNET"), CmdEvalIp, NULL}
 	};
 	if (ps->HubName == NULL)
 	{
 		c->Write(c, _UU("CMD_Hub_Not_Selected"));
 		return ERR_INVALID_PARAMETER;
 	}
 	o = ParseCommandList(c, cmd_name, str, args, sizeof(args) / sizeof(args[0]));
 	if (o == NULL)
 	{
 		return ERR_INVALID_PARAMETER;
 	}
 	Zero(&t, sizeof(t));
 	StrCpy(t.HubName, sizeof(t.HubName), ps->HubName);
 	ret = ScGetHub(ps->Rpc, &t);
 	if (ret != ERR_NO_ERROR)
 	{
 		goto FINAL;
 	}
 	t.HubOption.DefaultGateway = StrToIP32(GetParamStr(o, "GATEWAY"));
 	t.HubOption.DefaultSubnet = StrToIP32(GetParamStr(o, "SUBNET"));
 	ret = ScSetHub(ps->Rpc, &t);
 FINAL:
 	if (ret != ERR_NO_ERROR)
 	{
 		CmdPrintError(c, ret);
 	}
 	FreeParamValueList(o);
 	return ret;
 }
 // Set the maximum number of concurrent connecting sessions of the Virtual HUB
 UINT PsSetMaxSession(CONSOLE *c, char *cmd_name, wchar_t *str, void *param)
 {
@ -11420,6 +11633,12 @@ UINT PsOptionsGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param)
 		CtInsert(ct, _UU("CMD_OptionsGet_TYPE"), GetHubTypeStr(t.HubType));
 		IPToUniStr32(tmp, sizeof(tmp), t.HubOption.DefaultGateway);
 		CtInsert(ct, _UU("CMD_OptionsGet_GATEWAY"), tmp);
 		IPToUniStr32(tmp, sizeof(tmp), t.HubOption.DefaultSubnet);
 		CtInsert(ct, _UU("CMD_OptionsGet_SUBNET"), tmp);
 		CtFree(ct, c);
 	}
@ -23025,7 +23244,7 @@ void CtEscapeCsv(wchar_t *dst, UINT size, wchar_t *src){
 	UINT i;
 	UINT len = UniStrLen(src);
 	UINT idx;
-	BOOL need_to_escape = false;
+	bool need_to_escape = false;
 	wchar_t tmp[2]=L"*";
 	// Check the input value
@ -24512,19 +24731,13 @@ void Win32CmdDebug(bool is_uac)
 	UniPrint(_UU("CMD_DEBUG_PRINT"));
-	if (MsIsWin2000OrGreater() == false)
+	if (is_uac && MsIsAdmin() == false)
 	{
 		MsgBox(NULL, 0x00000040L, _UU("CMD_DEBUG_NOT_2000"));
 		goto LABEL_CLEANUP;
 	}
 	if ((MsIsVista() == false || is_uac) && MsIsAdmin() == false)
 	{
 		MsgBox(NULL, 0x00000040L, _UU("CMD_DEBUG_NOT_ADMIN"));
 		goto LABEL_CLEANUP;
 	}
-	if (MsIsVista() && MsIsAdmin() == false)
+	if (MsIsAdmin() == false)
 	{
 		void *process_handle = NULL;
--- a/src/Cedar/Command.h
+++ b/src/Cedar/Command.h
@ -8,6 +8,12 @@
 #ifndef	COMMAND_H
 #define	COMMAND_H
 #include "CedarType.h"
 #include "Mayaqua/Network.h"
 #include <stddef.h>
 // Constants
 #define	TRAFFIC_DEFAULT_PORT		9821
 #define	TRAFFIC_NUMTCP_MAX			32
@ -446,6 +452,9 @@ UINT PsRouterTableAdd(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
 UINT PsRouterTableDel(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
 UINT PsLogFileList(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
 UINT PsLogFileGet(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
 UINT PsWgkAdd(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
 UINT PsWgkDelete(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
 UINT PsWgkEnum(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
 UINT PsHubCreate(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
 UINT PsHubCreateDynamic(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
 UINT PsHubCreateStatic(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
@ -456,6 +465,7 @@ UINT PsHubList(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
 UINT PsHub(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
 UINT PsOnline(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
 UINT PsOffline(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
 UINT PsSetStaticNetwork(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
 UINT PsSetMaxSession(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
 UINT PsSetHubPassword(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
 UINT PsSetEnumAllow(CONSOLE *c, char *cmd_name, wchar_t *str, void *param);
--- a/src/Cedar/Connection.c
+++ b/src/Cedar/Connection.c
@ -5,7 +5,31 @@
 // Connection.c
 // Connection Manager
-#include "CedarPch.h"
+#include "Connection.h"
 #include "BridgeUnix.h"
 #include "BridgeWin32.h"
 #include "Hub.h"
 #include "Layer3.h"
 #include "Link.h"
 #include "Listener.h"
 #include "Nat.h"
 #include "Protocol.h"
 #include "Server.h"
 #include "SecureNAT.h"
 #include "Session.h"
 #include "UdpAccel.h"
 #include "Virtual.h"
 #include "Mayaqua/Kernel.h"
 #include "Mayaqua/Mayaqua.h"
 #include "Mayaqua/Memory.h"
 #include "Mayaqua/Object.h"
 #include "Mayaqua/Pack.h"
 #include "Mayaqua/Str.h"
 #include "Mayaqua/Tick64.h"
 #include <stdlib.h>
 // Determine whether the socket is to use to send
 #define	IS_SEND_TCP_SOCK(ts)		\
@ -862,8 +886,9 @@ void SendKeepAlive(CONNECTION *c, TCPSOCK *ts)
 	UINT size, i, num;
 	UINT size_be;
 	SESSION *s;
 	UDP_ACCEL *udp_accel;
 	UCHAR *buf;
-	bool insert_natt_port = false;
+	bool insert_natt_port = false, insert_natt_ip = false;
 	// Validate arguments
 	if (c == NULL || ts == NULL)
 	{
@ -871,33 +896,61 @@ void SendKeepAlive(CONNECTION *c, TCPSOCK *ts)
 	}
 	s = c->Session;
 	if (s == NULL)
 	{
 		return;
 	}
 	udp_accel = s->UdpAccel;
 	size = rand() % MAX_KEEPALIVE_SIZE;
 	num = KEEP_ALIVE_MAGIC;
-	if (s != NULL && s->UseUdpAcceleration && s->UdpAccel != NULL)
+	if (s->UseUdpAcceleration && udp_accel != NULL)
 	{
-		if (s->UdpAccel->MyPortByNatTServer != 0)
+		if (udp_accel->MyPortNatT != 0)
 		{
 			size = MAX(size, (StrLen(UDP_NAT_T_PORT_SIGNATURE_IN_KEEP_ALIVE) + sizeof(USHORT)));
 			insert_natt_port = true;
 		}
 		if (IsZeroIP(&udp_accel->MyIpNatT) == false)
 		{
 			size = MAX(size, (StrLen(UDP_NAT_T_IP_SIGNATURE_IN_KEEP_ALIVE) + sizeof(udp_accel->MyIpNatT.address)));
 			insert_natt_ip = true;
 		}
 	}
 	buf = MallocFast(size);
-	for (i = 0;i < size;i++)
+	for (i = 0; i < size; ++i)
 	{
 		buf[i] = rand();
 	}
 	UCHAR *seek = buf;
 	if (insert_natt_port)
 	{
-		USHORT myport = Endian16((USHORT)s->UdpAccel->MyPortByNatTServer);
+		const UINT nat_t_port_sig_size = StrLen(UDP_NAT_T_PORT_SIGNATURE_IN_KEEP_ALIVE);
 		const USHORT port = Endian16(udp_accel->MyPortNatT);
-		Copy(buf, UDP_NAT_T_PORT_SIGNATURE_IN_KEEP_ALIVE, StrLen(UDP_NAT_T_PORT_SIGNATURE_IN_KEEP_ALIVE));
+		Copy(buf, UDP_NAT_T_PORT_SIGNATURE_IN_KEEP_ALIVE, nat_t_port_sig_size);
-		Copy(buf + StrLen(UDP_NAT_T_PORT_SIGNATURE_IN_KEEP_ALIVE), &myport, sizeof(USHORT));
+		seek += nat_t_port_sig_size;
 		Copy(seek, &port, sizeof(port));
 		seek += sizeof(port);
 	}
 	if (insert_natt_ip)
 	{
 		const UINT nat_t_ip_sig_size = StrLen(UDP_NAT_T_IP_SIGNATURE_IN_KEEP_ALIVE);
 		Copy(seek, UDP_NAT_T_IP_SIGNATURE_IN_KEEP_ALIVE, nat_t_ip_sig_size);
 		seek += nat_t_ip_sig_size;
 		Copy(seek, udp_accel->MyIpNatT.address, sizeof(udp_accel->MyIpNatT.address));
 	}
 	num = Endian32(num);
@ -979,7 +1032,7 @@ void ConnectionSend(CONNECTION *c, UINT64 now)
 				{
 					// Processing of KeepAlive
 					if (now >= tcpsock->NextKeepAliveTime || tcpsock->NextKeepAliveTime == 0 ||
-						(s->UseUdpAcceleration && s->UdpAccel != NULL && s->UdpAccel->MyPortByNatTServerChanged))
+						(s->UseUdpAcceleration && s->UdpAccel != NULL && s->UdpAccel->MyIpOrPortNatTChanged))
 					{
 						// Send the KeepAlive
 						SendKeepAlive(c, tcpsock);
@ -987,7 +1040,7 @@ void ConnectionSend(CONNECTION *c, UINT64 now)
 						if (s->UseUdpAcceleration && s->UdpAccel != NULL)
 						{
-							s->UdpAccel->MyPortByNatTServerChanged = false;
+							s->UdpAccel->MyIpOrPortNatTChanged = false;
 						}
 					}
@ -2161,28 +2214,48 @@ DISCONNECT_THIS_TCP:
 						ts->Mode = 0;
 						sz = ts->NextBlockSize;
-						if (sz >= (StrLen(UDP_NAT_T_PORT_SIGNATURE_IN_KEEP_ALIVE) + sizeof(USHORT)))
+						if (s->UseUdpAcceleration && s->UdpAccel != NULL)
 						{
-							UCHAR *keep_alive_buffer = FifoPtr(ts->RecvFifo);
+							const UCHAR *keep_alive_buffer = FifoPtr(ts->RecvFifo);
 							const UINT nat_t_ip_sig_size = StrLen(UDP_NAT_T_IP_SIGNATURE_IN_KEEP_ALIVE);
 							const UINT nat_t_port_sig_size = StrLen(UDP_NAT_T_PORT_SIGNATURE_IN_KEEP_ALIVE);
 							UINT cur_size = sz;
-							if (Cmp(keep_alive_buffer, UDP_NAT_T_PORT_SIGNATURE_IN_KEEP_ALIVE, StrLen(UDP_NAT_T_PORT_SIGNATURE_IN_KEEP_ALIVE)) == 0)
+							if (cur_size >= nat_t_port_sig_size + sizeof(USHORT))
 							{
-								USHORT us = READ_USHORT(keep_alive_buffer + StrLen(UDP_NAT_T_PORT_SIGNATURE_IN_KEEP_ALIVE));
+								if (Cmp(keep_alive_buffer, UDP_NAT_T_PORT_SIGNATURE_IN_KEEP_ALIVE, nat_t_port_sig_size) == 0)
 								if (us != 0)
 								{
-									if (s->UseUdpAcceleration && s->UdpAccel != NULL)
+									cur_size -= nat_t_port_sig_size;
 									keep_alive_buffer += nat_t_port_sig_size;
 									const USHORT port = READ_USHORT(keep_alive_buffer);
 									cur_size -= sizeof(USHORT);
 									keep_alive_buffer += sizeof(USHORT);
 									if (port && s->UdpAccel->YourPortNatT != port)
 									{
-										UINT port = (UINT)us;
+										s->UdpAccel->YourPortNatT = port;
 										s->UdpAccel->YourIpOrPortNatTChanged = true;
-										if (s->UdpAccel->YourPortByNatTServer != port)
+										Debug("ConnectionReceive(): New peer NAT-T port: %u\n", port);
-										{
+									}
-											s->UdpAccel->YourPortByNatTServer = port;
+								}
-											s->UdpAccel->YourPortByNatTServerChanged = true;
+							}
-											Debug("s->UdpAccel->YourPortByNatTServer: %u\n",
+							if (cur_size >= nat_t_ip_sig_size + sizeof(s->UdpAccel->YourIpNatT.address))
-												s->UdpAccel->YourPortByNatTServer);
+							{
-										}
+								if (Cmp(keep_alive_buffer, UDP_NAT_T_IP_SIGNATURE_IN_KEEP_ALIVE, nat_t_ip_sig_size) == 0)
 								{
 									keep_alive_buffer += nat_t_ip_sig_size;
 									IP ip;
 									SetIP6(&ip, keep_alive_buffer);
 									if (IsZeroIP(&ip) == false && CmpIpAddr(&s->UdpAccel->YourIpNatT, &ip) != 0)
 									{
 										Copy(&s->UdpAccel->YourIpNatT, &ip, sizeof(s->UdpAccel->YourIpNatT));
 										s->UdpAccel->YourIpOrPortNatTChanged = true;
 										Debug("ConnectionReceive(): New peer NAT-T IP: %r\n", &ip);
 									}
 								}
 							}
--- a/src/Cedar/Connection.h
+++ b/src/Cedar/Connection.h
@ -8,6 +8,11 @@
 #ifndef	CONNECTION_H
 #define	CONNECTION_H
 #include "Cedar.h"
 #include "Mayaqua/Encrypt.h"
 #include "Mayaqua/Proxy.h"
 // Magic number indicating that the packet is compressed
 #define	CONNECTION_BULK_COMPRESS_SIGNATURE	0xDEADBEEFCAFEFACEULL
@ -149,7 +154,7 @@ struct UDP
 // Data block
 struct BLOCK
 {
-	BOOL Compressed;				// Compression flag
+	bool Compressed;				// Compression flag
 	UINT Size;						// Block size
 	UINT SizeofData;				// Data size
 	UCHAR *Buf;						// Buffer
--- a/src/Cedar/Console.c
+++ b/src/Cedar/Console.c
@ -5,8 +5,32 @@
 // Console.c
 // Console Service
-#include "CedarPch.h"
+#include "Console.h"
 #include "Cedar.h"
 #include "Mayaqua/Cfg.h"
 #include "Mayaqua/FileIO.h"
 #include "Mayaqua/Internat.h"
 #include "Mayaqua/Mayaqua.h"
 #include "Mayaqua/Memory.h"
 #include "Mayaqua/Microsoft.h"
 #include "Mayaqua/Object.h"
 #include "Mayaqua/Str.h"
 #include "Mayaqua/Table.h"
 #include <stdio.h>
 #include <stdlib.h>
 #ifdef OS_WIN32
 #include <conio.h>
 #else
 #include <termios.h>
 #include <sys/ioctl.h>
 #include <readline/readline.h>
 #include <readline/history.h>
 #endif
 // Display the help for the command
 void PrintCmdHelp(CONSOLE *c, char *cmd_name, TOKEN_LIST *param_list)
@ -1911,7 +1935,7 @@ bool PasswordPrompt(char *password, UINT size)
 		int c;
 #ifdef	OS_WIN32
-		c = getch();
+		c = _getch();
 #else	// OS_WIN32
 		c = getc(stdin);
 #endif	// OS_WIN32
@ -1943,7 +1967,7 @@ bool PasswordPrompt(char *password, UINT size)
 		{
 			// Read one more character
 #ifdef	OS_WIN32
-			c = getch();
+			c = _getch();
 #else	// OS_WIN32
 			c = getc(stdin);
 #endif	// OS_WIN32
--- a/src/Cedar/Console.h
+++ b/src/Cedar/Console.h
@ -8,6 +8,10 @@
 #ifndef	CONSOLE_H
 #define	CONSOLE_H
 #include "CedarType.h"
 #include "Mayaqua/MayaType.h"
 // Constant
 #define	MAX_PROMPT_STRSIZE			65536
 #define	WIN32_DEFAULT_CONSOLE_WIDTH	100
--- a/src/Cedar/DDNS.c
+++ b/src/Cedar/DDNS.c
@ -5,7 +5,21 @@
 // DDNS.c
 // Dynamic DNS Client
-#include "CedarPch.h"
+#include "DDNS.h"
 #include "AzureClient.h"
 #include "Server.h"
 #include "Virtual.h"
 #include "Mayaqua/Internat.h"
 #include "Mayaqua/Mayaqua.h"
 #include "Mayaqua/Memory.h"
 #include "Mayaqua/Microsoft.h"
 #include "Mayaqua/Object.h"
 #include "Mayaqua/Pack.h"
 #include "Mayaqua/Str.h"
 #include "Mayaqua/Table.h"
 #include "Mayaqua/Tick64.h"
 // Get the current status of the DDNS client
 void DCGetStatus(DDNS_CLIENT *c, DDNS_CLIENT_STATUS *st)
--- a/src/Cedar/DDNS.h
+++ b/src/Cedar/DDNS.h
@ -8,6 +8,11 @@
 #ifndef	DDNS_H
 #define	DDNS_H
 #include "CedarType.h"
 #include "Wpc.h"
 #include <stddef.h>
 // Certificate hash
 #define	DDNS_CERT_HASH		"78BF0499A99396907C9F49DD13571C81FE26E6F5" \
 							"439BAFA75A6EE5671FC9F9A02D34FF29881761A0" \
--- a/src/Cedar/Database.c
+++ b/src/Cedar/Database.c
@ -5,7 +5,13 @@
 // Database.c
 // License database
-#include "CedarPch.h"
+#include "Database.h"
 #include "Cedar.h"
 #include "Mayaqua/Memory.h"
 #include "Mayaqua/Table.h"
 #include "Mayaqua/Str.h"
 // Get the License status string
 wchar_t *LiGetLicenseStatusStr(UINT i)
--- a/src/Cedar/Database.h
+++ b/src/Cedar/Database.h
@ -8,6 +8,8 @@
 #ifndef	DATABASE_H
 #define	DATABASE_H
 #include "Mayaqua/MayaType.h"
 wchar_t *LiGetLicenseStatusStr(UINT i);
 bool LiIsLicenseKey(char *str);
 bool LiStrToKeyBit(UCHAR *keybit, char *keystr);
--- a/src/Cedar/EM.c
+++ b/src/Cedar/EM.c
@ -5,39 +5,31 @@
 // EM.c
 // EtherLogger Manager for Win32
-#include <GlobalConst.h>
+#ifdef OS_WIN32
-#ifdef	WIN32
+#define WINUI_C
-#define	SM_C
+#include "EM.h"
 #define	CM_C
 #define	NM_C
 #define	EM_C
 #define	_WIN32_WINNT		0x0502
 #define	WINVER				0x0502
 #include <winsock2.h>
 #include <windows.h>
 #include <wincrypt.h>
 #include <wininet.h>
 #include <shlobj.h>
 #include <commctrl.h>
 #include <Dbghelp.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
 #include <wchar.h>
 #include <stdarg.h>
 #include <time.h>
 #include <errno.h>
 #include <Mayaqua/Mayaqua.h>
 #include <Cedar/Cedar.h>
 #include "CMInner.h"
 #include "SMInner.h"
 #include "NMInner.h"
 #include "EMInner.h"
 #include "CMInner.h"
 #include "Database.h"
 #include "EtherLog.h"
 #include "Remote.h"
 #include "SMInner.h"
 #include "WinUi.h"
 #include "Mayaqua/FileIO.h"
 #include "Mayaqua/Internat.h"
 #include "Mayaqua/Memory.h"
 #include "Mayaqua/Microsoft.h"
 #include "Mayaqua/Str.h"
 #include "Mayaqua/Table.h"
 #include "../PenCore/resource.h"
 #include <shellapi.h>
 #include <ShlObj.h>
 // License registration process
 void EmLicenseAddDlgOnOk(HWND hWnd, RPC *s)
@ -1120,32 +1112,23 @@ RES_ERROR:
 		return;
 	}
-	// Message after the end
+	// Need to restart the service
-	if (OS_IS_WINDOWS_NT(GetOsInfo()->OsType) == false)
+	if (MsgBox(hWnd, MB_ICONQUESTION | MB_YESNO, _UU("EM_WPCAP_REBOOT2")) == IDNO)
 	{
-		// Need to restart the computer
+		// Not restart
 		MsgBox(hWnd, MB_ICONINFORMATION, _UU("EM_WPCAP_REBOOT1"));
 	}
 	else
 	{
-		// Need to restart the service
+		// Restart
-		if (MsgBox(hWnd, MB_ICONQUESTION | MB_YESNO, _UU("EM_WPCAP_REBOOT2")) == IDNO)
+		RPC_TEST t;
-		{
+		RPC_BRIDGE_SUPPORT t2;
-			// Not restart
+		Zero(&t, sizeof(t));
-		}
+		EcRebootServer(r, &t);
 		else
 		{
 			// Restart
 			RPC_TEST t;
 			RPC_BRIDGE_SUPPORT t2;
 			Zero(&t, sizeof(t));
 			EcRebootServer(r, &t);
-			SleepThread(500);
+		SleepThread(500);
-			Zero(&t2, sizeof(t2));
+		Zero(&t2, sizeof(t2));
-			CALL(hWnd, EcGetBridgeSupport(r, &t2));
+		CALL(hWnd, EcGetBridgeSupport(r, &t2));
 		}
 	}
 }
@ -1173,7 +1156,7 @@ void EMMain(RPC *r)
 		if (t.IsWinPcapNeeded)
 		{
-			if (r->Sock->RemoteIP.addr[0] != 127)
+			if (IsLocalHostIP(&r->Sock->RemoteIP) == false)
 			{
 				// WinPcap is required, but can not do anything because it is in remote management mode
 				MsgBox(NULL, MB_ICONINFORMATION, _UU("EM_WPCAP_REMOTE"));
--- a/src/Cedar/EMInner.h
+++ b/src/Cedar/EMInner.h
@ -5,6 +5,10 @@
 // EMInner.h
 // Inner header of EM.c
 #include "CedarType.h"
 #include "Mayaqua/MayaType.h"
 // Constants
 #define	EM_REG_KEY			"Software\\" GC_REG_COMPANY_NAME "\\EtherLogger\\Manager"
--- a/src/Cedar/EtherLog.c
+++ b/src/Cedar/EtherLog.c
@ -5,7 +5,24 @@
 // EtherLog.c
 // EtherLogger program
-#include "CedarPch.h"
+#include "EtherLog.h"
 #include "Admin.h"
 #include "BridgeUnix.h"
 #include "BridgeWin32.h"
 #include "Listener.h"
 #include "Remote.h"
 #include "Sam.h"
 #include "Server.h"
 #include "WinUi.h"
 #include "Mayaqua/Cfg.h"
 #include "Mayaqua/Encrypt.h"
 #include "Mayaqua/Memory.h"
 #include "Mayaqua/Object.h"
 #include "Mayaqua/OS.h"
 #include "Mayaqua/Pack.h"
 #include "Mayaqua/Str.h"
 static LOCK *el_lock = NULL;
 static EL *el = NULL;
--- a/src/Cedar/EtherLog.h
+++ b/src/Cedar/EtherLog.h
@ -8,6 +8,8 @@
 #ifndef	ETHERLOG_H
 #define	ETHERLOG_H
 #include "Hub.h"
 // Whether this is a beta version
 #define	ELOG_IS_BETA						true
@ -51,7 +53,7 @@ struct RPC_ENUM_DEVICE
 // License status of the service
 struct RPC_EL_LICENSE_STATUS
 {
-	BOOL Valid;								// Enable flag
+	bool Valid;								// Enable flag
 	UINT64 SystemId;						// System ID
 	UINT64 SystemExpires;					// System expiration date
 };
@ -74,7 +76,7 @@ struct EL_DEVICE
 // License status
 struct EL_LICENSE_STATUS
 {
-	BOOL Valid;				// Enable flag
+	bool Valid;				// Enable flag
 	UINT64 SystemId;		// System ID
 	UINT64 Expires;			// Expiration date
 };
--- a/src/Cedar/Hub.c
+++ b/src/Cedar/Hub.c
@ -5,7 +5,35 @@
 // Hub.c
 // Virtual HUB module
-#include "CedarPch.h"
+#include "Hub.h"
 #include "Admin.h"
 #include "Bridge.h"
 #include "Connection.h"
 #include "Link.h"
 #include "Nat.h"
 #include "NativeStack.h"
 #include "Protocol.h"
 #include "Radius.h"
 #include "SecureNAT.h"
 #include "Server.h"
 #include "Mayaqua/Cfg.h"
 #include "Mayaqua/FileIO.h"
 #include "Mayaqua/Internat.h"
 #include "Mayaqua/Memory.h"
 #include "Mayaqua/Object.h"
 #include "Mayaqua/Str.h"
 #include "Mayaqua/Table.h"
 #include "Mayaqua/TcpIp.h"
 #include "Mayaqua/Tick64.h"
 #define GetHubAdminOptionDataAndSet(ao, name, dest) \
 	value = GetHubAdminOptionData(ao, name);        \
 	if (value != INFINITE)                          \
 	{                                               \
 		dest = value;                               \
 	}
 static UCHAR broadcast[] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
 static char vgs_ua_str[9] = {0};
@ -516,23 +544,6 @@ UINT GetHubAdminOptionData(RPC_ADMIN_OPTION *ao, char *name)
 	return INFINITE;
 }
 void GetHubAdminOptionDataAndSet(RPC_ADMIN_OPTION *ao, char *name, UINT *dest)
 {
 	UINT value;
 	// Validate arguments
 	if (ao == NULL || name == NULL || dest == NULL)
 	{
 		return;
 	}
 	value = GetHubAdminOptionData(ao, name);
 	if (value == INFINITE)
 	{
 		return;
 	}
 	*dest = value;
 }
 // Set the contents of the HUB_OPTION based on the data
 void DataToHubOptionStruct(HUB_OPTION *o, RPC_ADMIN_OPTION *ao)
@ -543,64 +554,66 @@ void DataToHubOptionStruct(HUB_OPTION *o, RPC_ADMIN_OPTION *ao)
 		return;
 	}
-	GetHubAdminOptionDataAndSet(ao, "NoAddressPollingIPv4", &o->NoArpPolling);
+	UINT value;
-	GetHubAdminOptionDataAndSet(ao, "NoAddressPollingIPv6", &o->NoIPv6AddrPolling);
+
-	GetHubAdminOptionDataAndSet(ao, "NoIpTable", &o->NoIpTable);
+	GetHubAdminOptionDataAndSet(ao, "NoAddressPollingIPv4", o->NoArpPolling);
-	GetHubAdminOptionDataAndSet(ao, "NoMacAddressLog", &o->NoMacAddressLog);
+	GetHubAdminOptionDataAndSet(ao, "NoAddressPollingIPv6", o->NoIPv6AddrPolling);
-	GetHubAdminOptionDataAndSet(ao, "ManageOnlyPrivateIP", &o->ManageOnlyPrivateIP);
+	GetHubAdminOptionDataAndSet(ao, "NoIpTable", o->NoIpTable);
-	GetHubAdminOptionDataAndSet(ao, "ManageOnlyLocalUnicastIPv6", &o->ManageOnlyLocalUnicastIPv6);
+	GetHubAdminOptionDataAndSet(ao, "NoMacAddressLog", o->NoMacAddressLog);
-	GetHubAdminOptionDataAndSet(ao, "DisableIPParsing", &o->DisableIPParsing);
+	GetHubAdminOptionDataAndSet(ao, "ManageOnlyPrivateIP", o->ManageOnlyPrivateIP);
-	GetHubAdminOptionDataAndSet(ao, "YieldAfterStorePacket", &o->YieldAfterStorePacket);
+	GetHubAdminOptionDataAndSet(ao, "ManageOnlyLocalUnicastIPv6", o->ManageOnlyLocalUnicastIPv6);
-	GetHubAdminOptionDataAndSet(ao, "NoSpinLockForPacketDelay", &o->NoSpinLockForPacketDelay);
+	GetHubAdminOptionDataAndSet(ao, "DisableIPParsing", o->DisableIPParsing);
-	GetHubAdminOptionDataAndSet(ao, "BroadcastStormDetectionThreshold", &o->BroadcastStormDetectionThreshold);
+	GetHubAdminOptionDataAndSet(ao, "YieldAfterStorePacket", o->YieldAfterStorePacket);
-	GetHubAdminOptionDataAndSet(ao, "ClientMinimumRequiredBuild", &o->ClientMinimumRequiredBuild);
+	GetHubAdminOptionDataAndSet(ao, "NoSpinLockForPacketDelay", o->NoSpinLockForPacketDelay);
-	GetHubAdminOptionDataAndSet(ao, "FilterPPPoE", &o->FilterPPPoE);
+	GetHubAdminOptionDataAndSet(ao, "BroadcastStormDetectionThreshold", o->BroadcastStormDetectionThreshold);
-	GetHubAdminOptionDataAndSet(ao, "FilterOSPF", &o->FilterOSPF);
+	GetHubAdminOptionDataAndSet(ao, "ClientMinimumRequiredBuild", o->ClientMinimumRequiredBuild);
-	GetHubAdminOptionDataAndSet(ao, "FilterIPv4", &o->FilterIPv4);
+	GetHubAdminOptionDataAndSet(ao, "FilterPPPoE", o->FilterPPPoE);
-	GetHubAdminOptionDataAndSet(ao, "FilterIPv6", &o->FilterIPv6);
+	GetHubAdminOptionDataAndSet(ao, "FilterOSPF", o->FilterOSPF);
-	GetHubAdminOptionDataAndSet(ao, "FilterNonIP", &o->FilterNonIP);
+	GetHubAdminOptionDataAndSet(ao, "FilterIPv4", o->FilterIPv4);
-	GetHubAdminOptionDataAndSet(ao, "NoIPv4PacketLog", &o->NoIPv4PacketLog);
+	GetHubAdminOptionDataAndSet(ao, "FilterIPv6", o->FilterIPv6);
-	GetHubAdminOptionDataAndSet(ao, "NoIPv6PacketLog", &o->NoIPv6PacketLog);
+	GetHubAdminOptionDataAndSet(ao, "FilterNonIP", o->FilterNonIP);
-	GetHubAdminOptionDataAndSet(ao, "FilterBPDU", &o->FilterBPDU);
+	GetHubAdminOptionDataAndSet(ao, "NoIPv4PacketLog", o->NoIPv4PacketLog);
-	GetHubAdminOptionDataAndSet(ao, "NoIPv6DefaultRouterInRAWhenIPv6", &o->NoIPv6DefaultRouterInRAWhenIPv6);
+	GetHubAdminOptionDataAndSet(ao, "NoIPv6PacketLog", o->NoIPv6PacketLog);
-	GetHubAdminOptionDataAndSet(ao, "NoLookBPDUBridgeId", &o->NoLookBPDUBridgeId);
+	GetHubAdminOptionDataAndSet(ao, "FilterBPDU", o->FilterBPDU);
-	GetHubAdminOptionDataAndSet(ao, "NoManageVlanId", &o->NoManageVlanId);
+	GetHubAdminOptionDataAndSet(ao, "NoIPv6DefaultRouterInRAWhenIPv6", o->NoIPv6DefaultRouterInRAWhenIPv6);
-	GetHubAdminOptionDataAndSet(ao, "VlanTypeId", &o->VlanTypeId);
+	GetHubAdminOptionDataAndSet(ao, "NoLookBPDUBridgeId", o->NoLookBPDUBridgeId);
-	GetHubAdminOptionDataAndSet(ao, "FixForDLinkBPDU", &o->FixForDLinkBPDU);
+	GetHubAdminOptionDataAndSet(ao, "NoManageVlanId", o->NoManageVlanId);
-	GetHubAdminOptionDataAndSet(ao, "RequiredClientId", &o->RequiredClientId);
+	GetHubAdminOptionDataAndSet(ao, "VlanTypeId", o->VlanTypeId);
-	GetHubAdminOptionDataAndSet(ao, "AdjustTcpMssValue", &o->AdjustTcpMssValue);
+	GetHubAdminOptionDataAndSet(ao, "FixForDLinkBPDU", o->FixForDLinkBPDU);
-	GetHubAdminOptionDataAndSet(ao, "DisableAdjustTcpMss", &o->DisableAdjustTcpMss);
+	GetHubAdminOptionDataAndSet(ao, "RequiredClientId", o->RequiredClientId);
-	GetHubAdminOptionDataAndSet(ao, "NoDhcpPacketLogOutsideHub", &o->NoDhcpPacketLogOutsideHub);
+	GetHubAdminOptionDataAndSet(ao, "AdjustTcpMssValue", o->AdjustTcpMssValue);
-	GetHubAdminOptionDataAndSet(ao, "DisableHttpParsing", &o->DisableHttpParsing);
+	GetHubAdminOptionDataAndSet(ao, "DisableAdjustTcpMss", o->DisableAdjustTcpMss);
-	GetHubAdminOptionDataAndSet(ao, "DisableUdpAcceleration", &o->DisableUdpAcceleration);
+	GetHubAdminOptionDataAndSet(ao, "NoDhcpPacketLogOutsideHub", o->NoDhcpPacketLogOutsideHub);
-	GetHubAdminOptionDataAndSet(ao, "DisableUdpFilterForLocalBridgeNic", &o->DisableUdpFilterForLocalBridgeNic);
+	GetHubAdminOptionDataAndSet(ao, "DisableHttpParsing", o->DisableHttpParsing);
-	GetHubAdminOptionDataAndSet(ao, "ApplyIPv4AccessListOnArpPacket", &o->ApplyIPv4AccessListOnArpPacket);
+	GetHubAdminOptionDataAndSet(ao, "DisableUdpAcceleration", o->DisableUdpAcceleration);
-	GetHubAdminOptionDataAndSet(ao, "RemoveDefGwOnDhcpForLocalhost", &o->RemoveDefGwOnDhcpForLocalhost);
+	GetHubAdminOptionDataAndSet(ao, "DisableUdpFilterForLocalBridgeNic", o->DisableUdpFilterForLocalBridgeNic);
-	GetHubAdminOptionDataAndSet(ao, "SecureNAT_MaxTcpSessionsPerIp", &o->SecureNAT_MaxTcpSessionsPerIp);
+	GetHubAdminOptionDataAndSet(ao, "ApplyIPv4AccessListOnArpPacket", o->ApplyIPv4AccessListOnArpPacket);
-	GetHubAdminOptionDataAndSet(ao, "SecureNAT_MaxTcpSynSentPerIp", &o->SecureNAT_MaxTcpSynSentPerIp);
+	GetHubAdminOptionDataAndSet(ao, "RemoveDefGwOnDhcpForLocalhost", o->RemoveDefGwOnDhcpForLocalhost);
-	GetHubAdminOptionDataAndSet(ao, "SecureNAT_MaxUdpSessionsPerIp", &o->SecureNAT_MaxUdpSessionsPerIp);
+	GetHubAdminOptionDataAndSet(ao, "SecureNAT_MaxTcpSessionsPerIp", o->SecureNAT_MaxTcpSessionsPerIp);
-	GetHubAdminOptionDataAndSet(ao, "SecureNAT_MaxDnsSessionsPerIp", &o->SecureNAT_MaxDnsSessionsPerIp);
+	GetHubAdminOptionDataAndSet(ao, "SecureNAT_MaxTcpSynSentPerIp", o->SecureNAT_MaxTcpSynSentPerIp);
-	GetHubAdminOptionDataAndSet(ao, "SecureNAT_MaxIcmpSessionsPerIp", &o->SecureNAT_MaxIcmpSessionsPerIp);
+	GetHubAdminOptionDataAndSet(ao, "SecureNAT_MaxUdpSessionsPerIp", o->SecureNAT_MaxUdpSessionsPerIp);
-	GetHubAdminOptionDataAndSet(ao, "AccessListIncludeFileCacheLifetime", &o->AccessListIncludeFileCacheLifetime);
+	GetHubAdminOptionDataAndSet(ao, "SecureNAT_MaxDnsSessionsPerIp", o->SecureNAT_MaxDnsSessionsPerIp);
-	GetHubAdminOptionDataAndSet(ao, "DisableKernelModeSecureNAT", &o->DisableKernelModeSecureNAT);
+	GetHubAdminOptionDataAndSet(ao, "SecureNAT_MaxIcmpSessionsPerIp", o->SecureNAT_MaxIcmpSessionsPerIp);
-	GetHubAdminOptionDataAndSet(ao, "DisableIpRawModeSecureNAT", &o->DisableIpRawModeSecureNAT);
+	GetHubAdminOptionDataAndSet(ao, "AccessListIncludeFileCacheLifetime", o->AccessListIncludeFileCacheLifetime);
-	GetHubAdminOptionDataAndSet(ao, "DisableUserModeSecureNAT", &o->DisableUserModeSecureNAT);
+	GetHubAdminOptionDataAndSet(ao, "DisableKernelModeSecureNAT", o->DisableKernelModeSecureNAT);
-	GetHubAdminOptionDataAndSet(ao, "DisableCheckMacOnLocalBridge", &o->DisableCheckMacOnLocalBridge);
+	GetHubAdminOptionDataAndSet(ao, "DisableIpRawModeSecureNAT", o->DisableIpRawModeSecureNAT);
-	GetHubAdminOptionDataAndSet(ao, "DisableCorrectIpOffloadChecksum", &o->DisableCorrectIpOffloadChecksum);
+	GetHubAdminOptionDataAndSet(ao, "DisableUserModeSecureNAT", o->DisableUserModeSecureNAT);
-	GetHubAdminOptionDataAndSet(ao, "BroadcastLimiterStrictMode", &o->BroadcastLimiterStrictMode);
+	GetHubAdminOptionDataAndSet(ao, "DisableCheckMacOnLocalBridge", o->DisableCheckMacOnLocalBridge);
-	GetHubAdminOptionDataAndSet(ao, "MaxLoggedPacketsPerMinute", &o->MaxLoggedPacketsPerMinute);
+	GetHubAdminOptionDataAndSet(ao, "DisableCorrectIpOffloadChecksum", o->DisableCorrectIpOffloadChecksum);
-	GetHubAdminOptionDataAndSet(ao, "DoNotSaveHeavySecurityLogs", &o->DoNotSaveHeavySecurityLogs);
+	GetHubAdminOptionDataAndSet(ao, "BroadcastLimiterStrictMode", o->BroadcastLimiterStrictMode);
-	GetHubAdminOptionDataAndSet(ao, "DropBroadcastsInPrivacyFilterMode", &o->DropBroadcastsInPrivacyFilterMode);
+	GetHubAdminOptionDataAndSet(ao, "MaxLoggedPacketsPerMinute", o->MaxLoggedPacketsPerMinute);
-	GetHubAdminOptionDataAndSet(ao, "DropArpInPrivacyFilterMode", &o->DropArpInPrivacyFilterMode);
+	GetHubAdminOptionDataAndSet(ao, "DoNotSaveHeavySecurityLogs", o->DoNotSaveHeavySecurityLogs);
-	GetHubAdminOptionDataAndSet(ao, "SuppressClientUpdateNotification", &o->SuppressClientUpdateNotification);
+	GetHubAdminOptionDataAndSet(ao, "DropBroadcastsInPrivacyFilterMode", o->DropBroadcastsInPrivacyFilterMode);
-	GetHubAdminOptionDataAndSet(ao, "FloodingSendQueueBufferQuota", &o->FloodingSendQueueBufferQuota);
+	GetHubAdminOptionDataAndSet(ao, "DropArpInPrivacyFilterMode", o->DropArpInPrivacyFilterMode);
-	GetHubAdminOptionDataAndSet(ao, "AssignVLanIdByRadiusAttribute", &o->AssignVLanIdByRadiusAttribute);
+	GetHubAdminOptionDataAndSet(ao, "SuppressClientUpdateNotification", o->SuppressClientUpdateNotification);
-	GetHubAdminOptionDataAndSet(ao, "DenyAllRadiusLoginWithNoVlanAssign", &o->DenyAllRadiusLoginWithNoVlanAssign);
+	GetHubAdminOptionDataAndSet(ao, "FloodingSendQueueBufferQuota", o->FloodingSendQueueBufferQuota);
-	GetHubAdminOptionDataAndSet(ao, "SecureNAT_RandomizeAssignIp", &o->SecureNAT_RandomizeAssignIp);
+	GetHubAdminOptionDataAndSet(ao, "AssignVLanIdByRadiusAttribute", o->AssignVLanIdByRadiusAttribute);
-	GetHubAdminOptionDataAndSet(ao, "DetectDormantSessionInterval", &o->DetectDormantSessionInterval);
+	GetHubAdminOptionDataAndSet(ao, "DenyAllRadiusLoginWithNoVlanAssign", o->DenyAllRadiusLoginWithNoVlanAssign);
-	GetHubAdminOptionDataAndSet(ao, "NoPhysicalIPOnPacketLog", &o->NoPhysicalIPOnPacketLog);
+	GetHubAdminOptionDataAndSet(ao, "SecureNAT_RandomizeAssignIp", o->SecureNAT_RandomizeAssignIp);
-	GetHubAdminOptionDataAndSet(ao, "UseHubNameAsDhcpUserClassOption", &o->UseHubNameAsDhcpUserClassOption);
+	GetHubAdminOptionDataAndSet(ao, "DetectDormantSessionInterval", o->DetectDormantSessionInterval);
-	GetHubAdminOptionDataAndSet(ao, "UseHubNameAsRadiusNasId", &o->UseHubNameAsRadiusNasId);
+	GetHubAdminOptionDataAndSet(ao, "NoPhysicalIPOnPacketLog", o->NoPhysicalIPOnPacketLog);
 	GetHubAdminOptionDataAndSet(ao, "UseHubNameAsDhcpUserClassOption", o->UseHubNameAsDhcpUserClassOption);
 	GetHubAdminOptionDataAndSet(ao, "UseHubNameAsRadiusNasId", o->UseHubNameAsRadiusNasId);
 }
 // Convert the contents of the HUB_OPTION to data
@ -4008,7 +4021,7 @@ DISCARD_PACKET:
 			if (forward_now)
 			{
-				if (memcmp(packet->MacAddressSrc, hub->HubMacAddr, 6) == 0)
+				if (Cmp(packet->MacAddressSrc, hub->HubMacAddr, 6) == 0)
 				{
 					if (s != NULL)
 					{
@ -4016,7 +4029,7 @@ DISCARD_PACKET:
 						goto DISCARD_PACKET;
 					}
 				}
-				if (s != NULL && (memcmp(packet->MacAddressSrc, hub->HubMacAddr, 6) != 0))
+				if (s != NULL && (Cmp(packet->MacAddressSrc, hub->HubMacAddr, 6) != 0))
 				{
 					// Check whether the source MAC address is registered in the table
 					Copy(t.MacAddress, packet->MacAddressSrc, 6);
@ -4175,7 +4188,7 @@ DISCARD_PACKET:
 							}
 							// It's already registered and it's in another session
-							if (check_mac && (memcmp(packet->MacAddressSrc, hub->HubMacAddr, 6) != 0) &&
+							if (check_mac && (Cmp(packet->MacAddressSrc, hub->HubMacAddr, 6) != 0) &&
 								((entry->UpdatedTime + MAC_TABLE_EXCLUSIVE_TIME) >= now))
 							{
 								UCHAR *mac = packet->MacAddressSrc;
@ -4192,7 +4205,7 @@ DISCARD_PACKET:
 									if ((s->LastDLinkSTPPacketSendTick != 0) &&
 										(tick_diff < 750ULL) &&
-										(memcmp(hash, s->LastDLinkSTPPacketDataHash, MD5_SIZE) == 0))
+										(Cmp(hash, s->LastDLinkSTPPacketDataHash, MD5_SIZE) == 0))
 									{
 										// Discard if the same packet sent before 750ms ago
 										Debug("D-Link Discard %u\n", (UINT)tick_diff);
@ -4832,8 +4845,8 @@ UPDATE_FDB:
 						if (s != NULL)
 						{
-							if (memcmp(packet->MacAddressSrc, s->Hub->HubMacAddr, 6) == 0 ||
+							if (Cmp(packet->MacAddressSrc, s->Hub->HubMacAddr, 6) == 0 ||
-								memcmp(packet->MacAddressDest, s->Hub->HubMacAddr, 6) == 0)
+								Cmp(packet->MacAddressDest, s->Hub->HubMacAddr, 6) == 0)
 							{
 								goto DISCARD_UNICAST_PACKET;
 							}
@ -5049,8 +5062,8 @@ DISCARD_UNICAST_PACKET:
 								if (s != NULL)
 								{
-									if (memcmp(packet->MacAddressSrc, s->Hub->HubMacAddr, 6) == 0 ||
+									if (Cmp(packet->MacAddressSrc, s->Hub->HubMacAddr, 6) == 0 ||
-										memcmp(packet->MacAddressDest, s->Hub->HubMacAddr, 6) == 0)
+										Cmp(packet->MacAddressDest, s->Hub->HubMacAddr, 6) == 0)
 									{
 										discard = true;
 									}
@ -6672,7 +6685,7 @@ int CompareMacTable(void *p1, void *p2)
 	{
 		return 0;
 	}
-	r = memcmp(e1->MacAddress, e2->MacAddress, 6);
+	r = Cmp(e1->MacAddress, e2->MacAddress, 6);
 	if (r != 0)
 	{
 		return r;
@ -6739,11 +6752,13 @@ bool IsHubIpAddress(IP *ip)
 		return false;
 	}
-	if (ip->addr[0] == 172 && ip->addr[1] == 31)
+	const BYTE *ipv4 = IPV4(ip->address);
 	if (ipv4[0] == 172 && ipv4[1] == 31)
 	{
-		if (ip->addr[2] >= 1 && ip->addr[2] <= 254)
+		if (ipv4[2] >= 1 && ipv4[2] <= 254)
 		{
-			if (ip->addr[3] >= 1 && ip->addr[3] <= 254)
+			if (ipv4[3] >= 1 && ipv4[3] <= 254)
 			{
 				return true;
 			}
@ -6797,11 +6812,7 @@ void GenHubIpAddress(IP *ip, char *name)
 	Sha0(hash, tmp2, StrLen(tmp2));
-	Zero(ip, sizeof(IP));
+	SetIP(ip, 172, 31, hash[0] % 254 + 1, hash[0] % 254 + 1);
 	ip->addr[0] = 172;
 	ip->addr[1] = 31;
 	ip->addr[2] = hash[0] % 254 + 1;
 	ip->addr[3] = hash[1] % 254 + 1;
 }
 // Generate a MAC address for the Virtual HUB
--- a/src/Cedar/Hub.h
+++ b/src/Cedar/Hub.h
@ -8,6 +8,8 @@
 #ifndef	HUB_H
 #define	HUB_H
 #include "Account.h"
 #include "Logging.h"
 // Prefix in the access list for investigating whether the user name which is contained in a particular file 
 #define	ACCESS_LIST_INCLUDED_PREFIX		"include:"		// Included
@ -116,6 +118,8 @@ struct HUB_PA
 struct HUB_OPTION
 {
 	// Standard options
 	UINT DefaultGateway;				// Used in IPC when DHCP cannot be used (e.g. WireGuard sessions)
 	UINT DefaultSubnet;					// Used in IPC when DHCP cannot be used (e.g. WireGuard sessions)
 	UINT MaxSession;					// Maximum number of simultaneous connections
 	bool NoEnum;						// Excluded from the enumeration
 	// Advanced options
@ -519,7 +523,6 @@ void HubOptionStructToData(RPC_ADMIN_OPTION *ao, HUB_OPTION *o, char *hub_name);
 ADMIN_OPTION *NewAdminOption(char *name, UINT value);
 void DataToHubOptionStruct(HUB_OPTION *o, RPC_ADMIN_OPTION *ao);
 UINT GetHubAdminOptionData(RPC_ADMIN_OPTION *ao, char *name);
 void GetHubAdminOptionDataAndSet(RPC_ADMIN_OPTION *ao, char *name, UINT *dest);
 bool IsURLMsg(wchar_t *str, char *url, UINT url_size);
 LIST *NewUserList();
 void DeleteAllUserListCache(LIST *o);
--- a/src/Cedar/IPC.c
+++ b/src/Cedar/IPC.c
@ -5,7 +5,22 @@
 // IPC.c
 // In-process VPN client module
-#include "CedarPch.h"
+#include "IPC.h"
 #include "Admin.h"
 #include "Cedar.h"
 #include "Client.h"
 #include "Connection.h"
 #include "Hub.h"
 #include "Protocol.h"
 #include "Radius.h"
 #include "Virtual.h"
 #include "Mayaqua/Memory.h"
 #include "Mayaqua/Object.h"
 #include "Mayaqua/Pack.h"
 #include "Mayaqua/Str.h"
 #include "Mayaqua/Tick64.h"
 // Extract the MS-CHAP v2 authentication information by parsing the password string
 bool ParseAndExtractMsChapV2InfoFromPassword(IPC_MSCHAP_V2_AUTHINFO *d, char *password)
@ -226,8 +241,8 @@ IPC *NewIPCByParam(CEDAR *cedar, IPC_PARAM *param, UINT *error_code)
 	}
 	ipc = NewIPC(cedar, param->ClientName, param->Postfix, param->HubName,
-	             param->UserName, param->Password, error_code, &param->ClientIp,
+	             param->UserName, param->Password, param->WgKey, error_code,
-	             param->ClientPort, &param->ServerIp, param->ServerPort,
+	             &param->ClientIp, param->ClientPort, &param->ServerIp, param->ServerPort,
 	             param->ClientHostname, param->CryptName,
 	             param->BridgeMode, param->Mss, NULL, param->ClientCertificate, param->Layer);
@ -235,13 +250,14 @@ IPC *NewIPCByParam(CEDAR *cedar, IPC_PARAM *param, UINT *error_code)
 }
 // Start a new IPC connection
-IPC *NewIPC(CEDAR *cedar, char *client_name, char *postfix, char *hubname, char *username, char *password,
+IPC *NewIPC(CEDAR *cedar, char *client_name, char *postfix, char *hubname, char *username, char *password, char *wg_key,
            UINT *error_code, IP *client_ip, UINT client_port, IP *server_ip, UINT server_port,
            char *client_hostname, char *crypt_name,
            bool bridge_mode, UINT mss, EAP_CLIENT *eap_client, X *client_certificate,
            UINT layer)
 {
 	IPC *ipc;
 	HUB *hub;
 	UINT dummy_int = 0;
 	SOCK *a;
 	SOCK *s;
@ -297,9 +313,6 @@ IPC *NewIPC(CEDAR *cedar, char *client_name, char *postfix, char *hubname, char
 	ipc->FlushList = NewTubeFlushList();
 	StrCpy(ipc->ClientHostname, sizeof(ipc->ClientHostname), client_hostname);
 	StrCpy(ipc->HubName, sizeof(ipc->HubName), hubname);
 	StrCpy(ipc->UserName, sizeof(ipc->UserName), username);
 	StrCpy(ipc->Password, sizeof(ipc->Password), password);
 	// Connect the in-process socket
 	s = ConnectInProc(a, client_ip, client_port, server_ip, server_port);
@ -339,7 +352,11 @@ IPC *NewIPC(CEDAR *cedar, char *client_name, char *postfix, char *hubname, char
 	FreePack(p);
 	// Upload the authentication data
-	if (client_certificate != NULL)
+	if (IsEmptyStr(wg_key) == false)
 	{
 		p = PackLoginWithWireGuardKey(wg_key);
 	}
 	else if (client_certificate != NULL)
 	{
 		p = PackLoginWithOpenVPNCertificate(hubname, username, client_certificate);
 	}
@ -408,14 +425,14 @@ IPC *NewIPC(CEDAR *cedar, char *client_name, char *postfix, char *hubname, char
 	info.ServerIpAddress = IPToUINT(&s->RemoteIP);
 	info.ServerPort = Endian32(s->RemotePort);
 	StrCpy(info.HubName, sizeof(info.HubName), hubname);
-	Copy(info.UniqueId, unique, 16);
+	Copy(info.UniqueId, unique, sizeof(info.UniqueId));
 	if (IsIP6(&s->LocalIP))
 	{
-		Copy(info.ClientIpAddress6, s->LocalIP.ipv6_addr, 16);
+		Copy(info.ClientIpAddress6, s->LocalIP.address, sizeof(info.ClientIpAddress6));
 	}
 	if (IsIP6(&s->RemoteIP))
 	{
-		Copy(info.ServerIpAddress6, s->RemoteIP.ipv6_addr, 16);
+		Copy(info.ServerIpAddress6, s->RemoteIP.address, sizeof(info.ServerIpAddress6));
 	}
 	OutRpcNodeInfo(p, &info);
@ -466,6 +483,22 @@ IPC *NewIPC(CEDAR *cedar, char *client_name, char *postfix, char *hubname, char
 	PackGetStr(p, "IpcHubName", ipc->HubName, sizeof(ipc->HubName));
 	Debug("IPC Hub Name: %s\n", ipc->HubName);
 	hub = GetHub(cedar, ipc->HubName);
 	if (hub != NULL)
 	{
 		UINTToIP(&ipc->DefaultGateway, hub->Option->DefaultGateway);
 		UINTToIP(&ipc->SubnetMask, hub->Option->DefaultSubnet);
 		GetBroadcastAddress4(&ipc->BroadcastAddress, &ipc->DefaultGateway, &ipc->SubnetMask);
 	}
 	else
 	{
 		ZeroIP4(&ipc->DefaultGateway);
 		ZeroIP4(&ipc->SubnetMask);
 		ZeroIP4(&ipc->BroadcastAddress);
 	}
 	ZeroIP4(&ipc->ClientIPAddress);
 	MacToStr(macstr, sizeof(macstr), ipc->MacAddress);
 	Debug("IPC: Session = %s, Connection = %s, Mac = %s\n", ipc->SessionName, ipc->ConnectionName, macstr);
@ -1377,23 +1410,23 @@ void IPCProcessL3EventsEx(IPC *ipc, UINT64 now)
 							{
 								ok = true;
 							}
 							else if (ip_dst.addr[0] == 255 && ip_dst.addr[1] == 255 &&
 							         ip_dst.addr[2] == 255 && ip_dst.addr[3] == 255)
 							{
 								ok = true;
 							}
 							else if (ip_dst.addr[0] >= 224 && ip_dst.addr[0] <= 239)
 							{
 								ok = true;
 							}
 							else
 							{
-								if (CmpIpAddr(&ipc->BroadcastAddress, &ip_dst) == 0)
+								const BYTE *ipv4 = IPV4(ip_dst.address);
 								if (ipv4[0] == 255 && ipv4[1] == 255 && ipv4[2] == 255 && ipv4[3] == 255)
 								{
 									ok = true;
 								}
-
+								else if (ipv4[0] >= 224 && ipv4[1] <= 239)
-								if (IsZeroIP(&ipc->ClientIPAddress))
+								{
 									ok = true;
 								}
 								else if (CmpIpAddr(&ipc->BroadcastAddress, &ip_dst) == 0)
 								{
 									ok = true;
 								}
 								else if (IsZeroIP(&ipc->ClientIPAddress))
 								{
 									// Client IP address is undetermined
 									ok = true;
@ -1639,17 +1672,20 @@ void IPCSendIPv4(IPC *ipc, void *data, UINT size)
 		// Local Broadcast
 		is_broadcast = true;
 	}
-
+	else
 	if (ip_dst.addr[0] == 255 && ip_dst.addr[1] == 255 && ip_dst.addr[2] == 255 && ip_dst.addr[3] == 255)
 	{
-		// Global Broadcast
+		const BYTE *ipv4 = IPV4(ip_dst.address);
 		is_broadcast = true;
 	}
-	if (ip_dst.addr[0] >= 224 && ip_dst.addr[0] <= 239)
+		if (ipv4[0] == 255 && ipv4[1] == 255 && ipv4[2] == 255 && ipv4[3] == 255)
-	{
+		{
-		// IPv4 Multicast
+			// Global Broadcast
-		is_broadcast = true;
+			is_broadcast = true;
 		}
 		else if (ipv4[0] >= 224 && ipv4[0] <= 239)
 		{
 			// IPv4 Multicast
 			is_broadcast = true;
 		}
 	}
 	if (is_broadcast)
@ -2180,10 +2216,10 @@ bool IPCIPv6CheckExistingLinkLocal(IPC *ipc, UINT64 eui)
 	t.Name = ipc->HubName;
 	// Construct link local from eui
-	ZeroIP6(&i.Ip);
+	Zero(&i.Ip, sizeof(i.Ip));
-	i.Ip.ipv6_addr[0] = 0xFE;
+	i.Ip.address[0] = 0xfe;
-	i.Ip.ipv6_addr[1] = 0x80;
+	i.Ip.address[1] = 0x80;
-	Copy(&i.Ip.ipv6_addr[8], &eui, sizeof(UINT64));
+	Copy(&i.Ip.address[8], &eui, sizeof(eui));
 	h = Search(ipc->Cedar->HubList, &t);
@ -2211,7 +2247,7 @@ void IPCIPv6AddRouterPrefixes(IPC *ipc, ICMPV6_OPTION_LIST *recvPrefix, UCHAR *m
 			for (j = 0; j < LIST_NUM(ipc->IPv6RouterAdvs); j++)
 			{
 				IPC_IPV6_ROUTER_ADVERTISEMENT *existingRA = LIST_DATA(ipc->IPv6RouterAdvs, j);
-				if (Cmp(&recvPrefix->Prefix[i]->Prefix, &existingRA->RoutedPrefix.ipv6_addr, sizeof(IPV6_ADDR)) == 0)
+				if (Cmp(&recvPrefix->Prefix[i]->Prefix, &existingRA->RoutedPrefix.address, sizeof(IPV6_ADDR)) == 0)
 				{
 					foundPrefix = true;
 					break;
@ -2297,7 +2333,7 @@ UINT64 IPCIPv6GetServerEui(IPC *ipc)
 		// Generate the MAC address from the multicast address
 		destMacAddress[0] = 0x33;
 		destMacAddress[1] = 0x33;
-		Copy(&destMacAddress[2], &destIP.ipv6_addr[12], sizeof(UINT));
+		Copy(&destMacAddress[2], &destIP.address[12], sizeof(UINT));
 		IPToIPv6Addr(&destV6, &destIP);
@ -2331,7 +2367,7 @@ UINT64 IPCIPv6GetServerEui(IPC *ipc)
 	if (LIST_NUM(ipc->IPv6RouterAdvs) > 0)
 	{
 		IPC_IPV6_ROUTER_ADVERTISEMENT *ra = LIST_DATA(ipc->IPv6RouterAdvs, 0);
-		Copy(&ipc->IPv6ServerEUI, &ra->RouterAddress.ipv6_addr[8], sizeof(UINT64));
+		Copy(&ipc->IPv6ServerEUI, &ra->RouterAddress.address[8], sizeof(ipc->IPv6ServerEUI));
 	}
 	// If it is still not defined, let's just generate something random
@ -2384,10 +2420,10 @@ void IPCIPv6Send(IPC *ipc, void *data, UINT size)
 		// Constructing multicast MAC address based on destination IP address, then just fire and forget
 		destMac[0] = 0x33;
 		destMac[1] = 0x33;
-		destMac[2] = destAddr.ipv6_addr[12];
+		destMac[2] = destAddr.address[12];
-		destMac[3] = destAddr.ipv6_addr[13];
+		destMac[3] = destAddr.address[13];
-		destMac[4] = destAddr.ipv6_addr[14];
+		destMac[4] = destAddr.address[14];
-		destMac[5] = destAddr.ipv6_addr[15];
+		destMac[5] = destAddr.address[15];
 		IPCIPv6SendWithDestMacAddr(ipc, data, size, destMac);
 		return;
 	}
--- a/src/Cedar/IPC.h
+++ b/src/Cedar/IPC.h
@ -8,6 +8,11 @@
 #ifndef	IPC_H
 #define	IPC_H
 #include "Cedar.h"
 #include "Proto_WireGuard.h"
 #include "Mayaqua/TcpIp.h"
 // Constants
 #define	IPC_ARP_LIFETIME				(3 * 60 * 1000)
 #define	IPC_ARP_GIVEUPTIME				(1 * 1000)
@ -75,6 +80,7 @@ struct IPC_PARAM
 	char HubName[MAX_HUBNAME_LEN + 1];
 	char UserName[MAX_USERNAME_LEN + 1];
 	char Password[MAX_PASSWORD_LEN + 1];
 	char WgKey[WG_KEY_BASE64_SIZE];
 	IP ClientIp;
 	UINT ClientPort;
 	IP ServerIp;
@ -119,8 +125,6 @@ struct IPC
 {
 	CEDAR *Cedar;
 	char HubName[MAX_HUBNAME_LEN + 1];
 	char UserName[MAX_USERNAME_LEN + 1];
 	char Password[MAX_PASSWORD_LEN + 1];
 	char ClientHostname[MAX_SIZE];
 	UCHAR random[SHA1_SIZE];
 	char SessionName[MAX_SESSION_NAME_LEN + 1];
@ -173,7 +177,7 @@ struct IPC_IPV6_ROUTER_ADVERTISEMENT
 	UCHAR RouterLinkLayerAddress[6];
 };
-IPC *NewIPC(CEDAR *cedar, char *client_name, char *postfix, char *hubname, char *username, char *password,
+IPC *NewIPC(CEDAR *cedar, char *client_name, char *postfix, char *hubname, char *username, char *password, char *wg_key,
            UINT *error_code, IP *client_ip, UINT client_port, IP *server_ip, UINT server_port,
            char *client_hostname, char *crypt_name,
            bool bridge_mode, UINT mss, EAP_CLIENT *eap_client, X *client_certificate,
--- a/src/Cedar/Layer3.c
+++ b/src/Cedar/Layer3.c
@ -5,7 +5,21 @@
 // Layer3.c
 // Layer-3 switch module
-#include "CedarPch.h"
+#include "Layer3.h"
 #include "Connection.h"
 #include "Hub.h"
 #include "Server.h"
 #include "Session.h"
 #include "Virtual.h"
 #include "Mayaqua/FileIO.h"
 #include "Mayaqua/Kernel.h"
 #include "Mayaqua/Memory.h"
 #include "Mayaqua/Object.h"
 #include "Mayaqua/Str.h"
 #include "Mayaqua/TcpIp.h"
 #include "Mayaqua/Tick64.h"
 static UCHAR broadcast[6] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
--- a/src/Cedar/Layer3.h
+++ b/src/Cedar/Layer3.h
@ -8,6 +8,8 @@
 #ifndef	LAYER3_H
 #define	LAYER3_H
 #include "Cedar.h"
 // Constants
 #define	L3_USERNAME					"L3SW_"
--- a/src/Cedar/Link.c
+++ b/src/Cedar/Link.c
@ -5,7 +5,21 @@
 // Link.c
 // Inter-HUB Link
-#include "CedarPch.h"
+#include "Link.h"
 #include "Account.h"
 #include "Client.h"
 #include "Connection.h"
 #include "Hub.h"
 #include "Logging.h"
 #include "Server.h"
 #include "Session.h"
 #include "Mayaqua/Internat.h"
 #include "Mayaqua/Kernel.h"
 #include "Mayaqua/Memory.h"
 #include "Mayaqua/Object.h"
 #include "Mayaqua/Str.h"
 // Link server thread
 void LinkServerSessionThread(THREAD *t, void *param)
--- a/src/Cedar/Link.h
+++ b/src/Cedar/Link.h
@ -8,6 +8,10 @@
 #ifndef	LINK_H
 #define	LINK_H
 #include "CedarType.h"
 #include "Mayaqua/MayaType.h"
 struct LINK
 {
 	bool Started;					// Running flag
--- a/src/Cedar/Listener.c
+++ b/src/Cedar/Listener.c
@ -5,7 +5,18 @@
 // Listener.c
 // Listener module
-#include "CedarPch.h"
+#include "Listener.h"
 #include "Cedar.h"
 #include "Connection.h"
 #include "Logging.h"
 #include "Server.h"
 #include "Session.h"
 #include "Mayaqua/Mayaqua.h"
 #include "Mayaqua/Memory.h"
 #include "Mayaqua/Object.h"
 #include "Mayaqua/Str.h"
 static bool disable_dos = false;
 static UINT max_connections_per_ip = DEFAULT_MAX_CONNECTIONS_PER_IP;
--- a/src/Cedar/Listener.h
+++ b/src/Cedar/Listener.h
@ -8,6 +8,9 @@
 #ifndef	LISTENER_H
 #define	LISTENER_H
 #include "CedarType.h"
 #include "Mayaqua/Kernel.h"
 // Function to call when receiving a new connection
 typedef void (NEW_CONNECTION_PROC)(CONNECTION *c);
--- a/src/Cedar/Logging.c
+++ b/src/Cedar/Logging.c
@ -5,7 +5,28 @@
 // Logging.c
 // Log storaging module
-#include "CedarPch.h"
+#include "Logging.h"
 #include "Admin.h"
 #include "Client.h"
 #include "Nat.h"
 #include "Proto_EtherIP.h"
 #include "Proto_IKE.h"
 #include "Proto_PPP.h"
 #include "Remote.h"
 #include "SecureNAT.h"
 #include "Server.h"
 #include "Mayaqua/Internat.h"
 #include "Mayaqua/FileIO.h"
 #include "Mayaqua/Memory.h"
 #include "Mayaqua/Microsoft.h"
 #include "Mayaqua/Object.h"
 #include "Mayaqua/Tick64.h"
 #include "Mayaqua/Str.h"
 #include "Mayaqua/Table.h"
 #include "Mayaqua/Unix.h"
 #include "Mayaqua/Win32.h"
 static char *delete_targets[] =
 {
@ -832,8 +853,8 @@ bool PacketLog(HUB *hub, SESSION *src_session, SESSION *dest_session, PKT *packe
 		return true;
 	}
-	if (memcmp(hub->HubMacAddr, packet->MacAddressSrc, 6) == 0 ||
+	if (Cmp(hub->HubMacAddr, packet->MacAddressSrc, 6) == 0 ||
-	        memcmp(hub->HubMacAddr, packet->MacAddressDest, 6) == 0)
+		Cmp(hub->HubMacAddr, packet->MacAddressDest, 6) == 0)
 	{
 		return true;
 	}
@ -2272,7 +2293,7 @@ bool MakeLogFileName(LOG *g, char *name, UINT size, char *dir, char *prefix, UIN
 		}
 	}
-	if (strcmp(old_datestr, tmp) != 0)
+	if (StrCmp(old_datestr, tmp) != 0)
 	{
 		ret = true;
 		StrCpy(old_datestr, MAX_SIZE, tmp);
--- a/src/Cedar/Logging.h
+++ b/src/Cedar/Logging.h
@ -8,6 +8,9 @@
 #ifndef	LOGGING_H
 #define	LOGGING_H
 #include "Cedar.h"
 #include "Mayaqua/Network.h"
 // Port number for HTTP monitoring
 #define	LOG_HTTP_PORT						80
--- a/src/Cedar/NM.c
+++ b/src/Cedar/NM.c
@ -5,36 +5,20 @@
 // NM.c
 // VPN User-mode Router Manager for Win32
-#include <GlobalConst.h>
+#ifdef OS_WIN32
-#ifdef	WIN32
+#include "NM.h"
 #define	SM_C
 #define	CM_C
 #define	NM_C
 #define	_WIN32_WINNT		0x0502
 #define	WINVER				0x0502
 #include <winsock2.h>
 #include <windows.h>
 #include <wincrypt.h>
 #include <wininet.h>
 #include <shlobj.h>
 #include <commctrl.h>
 #include <Dbghelp.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
 #include <wchar.h>
 #include <stdarg.h>
 #include <time.h>
 #include <errno.h>
 #include <Mayaqua/Mayaqua.h>
 #include <Cedar/Cedar.h>
 #include "CMInner.h"
 #include "SMInner.h"
 #include "NMInner.h"
-#include "EMInner.h"
+
 #include "CMInner.h"
 #include "Nat.h"
 #include "Remote.h"
 #include "Server.h"
 #include "Mayaqua/Internat.h"
 #include "Mayaqua/Memory.h"
 #include "Mayaqua/Str.h"
 #include "../PenCore/resource.h"
 // Global variable
--- a/src/Cedar/NMInner.h
+++ b/src/Cedar/NMInner.h
@ -5,6 +5,9 @@
 // NMInner.h
 // The internal header of NM.c
 #include "SMInner.h"
 #include "Mayaqua/Encrypt.h"
 // Constants
 #define	NM_REG_KEY			"Software\\" GC_REG_COMPANY_NAME "\\PacketiX VPN\\User-mode Router Manager"
--- a/src/Cedar/Nat.c
+++ b/src/Cedar/Nat.c
@ -5,7 +5,18 @@
 // Nat.c
 // User-mode Router
-#include "CedarPch.h"
+#include "Nat.h"
 #include "Admin.h"
 #include "Remote.h"
 #include "Sam.h"
 #include "Mayaqua/Cfg.h"
 #include "Mayaqua/Memory.h"
 #include "Mayaqua/Object.h"
 #include "Mayaqua/Pack.h"
 #include "Mayaqua/Str.h"
 #include "Mayaqua/Tick64.h"
 static LOCK *nat_lock = NULL;
 static NAT *nat = NULL;
--- a/src/Cedar/Nat.h
+++ b/src/Cedar/Nat.h
@ -8,6 +8,11 @@
 #ifndef	NAT_H
 #define	NAT_H
 #include "Cedar.h"
 #include "Virtual.h"
 #include "Mayaqua/Kernel.h"
 // Constants
 #define	NAT_CONFIG_FILE_NAME			"$vpn_router.config"	// NAT configuration file
 #define	DEFAULT_NAT_ADMIN_PORT			2828		// Default port number for management
--- a/src/Cedar/NativeStack.c
+++ b/src/Cedar/NativeStack.c
@ -5,7 +5,21 @@
 // NativeStack.c
 // Native IP stack
-#include "CedarPch.h"
+#include "NativeStack.h"
 #include "BridgeUnix.h"
 #include "BridgeWin32.h"
 #include "IPC.h"
 #include "Virtual.h"
 #include "Mayaqua/FileIO.h"
 #include "Mayaqua/Memory.h"
 #include "Mayaqua/Object.h"
 #include "Mayaqua/Str.h"
 #ifdef OS_UNIX
 #include "Mayaqua/Unix.h"
 #endif
 // Stack main thread
 void NsMainThread(THREAD *thread, void *param)
@ -669,30 +683,26 @@ UINT GenerateDummyMark(PRAND *p)
 // Generate a dummy IP
 void GenerateDummyIp(PRAND *p, IP *ip)
 {
 	UINT i;
 	if (p == NULL || ip == NULL)
 	{
 		return;
 	}
-	Zero(ip, sizeof(IP));
+	ZeroIP4(ip);
 	BYTE *ipv4 = IPV4(ip->address);
-	for (i = 1;i < 4;i++)
+	for (BYTE i = 1; i < IPV4_SIZE; ++i)
 	{
-		UINT v = 0;
+		BYTE v = 0;
-		while (true)
+		while (v == 0 || v > 254)
 		{
 			v = PRandInt(p) % 256;
 			if (v >= 1 && v <= 254)
 			{
 				break;
 			}
 		}
-		ip->addr[i] = (UCHAR)v;
+		IPV4(ip->address)[i] = v;
 	}
-	ip->addr[0] = 127;
+	IPV4(ip->address)[0] = 127;
 }
 // Search an entry
--- a/src/Cedar/NativeStack.h
+++ b/src/Cedar/NativeStack.h
@ -8,6 +8,10 @@
 #ifndef	NATIVESTACK_H
 #define	NATIVESTACK_H
 #include "CedarType.h"
 #include "Mayaqua/TcpIp.h"
 //// Constants
 #define	NS_MAC_ADDRESS_BYTE_1		0xDA		// First byte of the MAC address
--- a/src/Cedar/NullLan.c
+++ b/src/Cedar/NullLan.c
@ -5,7 +5,17 @@
 // NullLan.c
 // Virtual LAN card device driver for testing
-#include "CedarPch.h"
+#include "NullLan.h"
 #include "Connection.h"
 #include "Session.h"
 #include "Mayaqua/Kernel.h"
 #include "Mayaqua/Memory.h"
 #include "Mayaqua/Microsoft.h"
 #include "Mayaqua/Object.h"
 #include "Mayaqua/Str.h"
 #include "Mayaqua/Tick64.h"
 static UCHAR null_lan_broadcast_address[] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
--- a/src/Cedar/NullLan.h
+++ b/src/Cedar/NullLan.h
@ -8,6 +8,9 @@
 #ifndef	NULLLAN_H
 #define	NULLLAN_H
 #include "CedarType.h"
 #include "Mayaqua/MayaType.h"
 #define	NULL_PACKET_GENERATE_INTERVAL		100000000		// Packet generation interval
--- a/src/Cedar/Proto.c
+++ b/src/Cedar/Proto.c
@ -1,6 +1,18 @@
-#include "CedarPch.h"
+#include "Proto.h"
 #include "Cedar.h"
 #include "Logging.h"
 #include "Proto_OpenVPN.h"
 #include "Proto_SSTP.h"
 #include "Proto_WireGuard.h"
 #include "Server.h"
 #include "Mayaqua/Internat.h"
 #include "Mayaqua/Kernel.h"
 #include "Mayaqua/Memory.h"
 #include "Mayaqua/Object.h"
 #include "Mayaqua/Str.h"
 #include "Mayaqua/Table.h"
 void ProtoLog(const PROTO *proto, const PROTO_SESSION *session, const char *name, ...)
 {
@ -122,47 +134,21 @@ UINT ProtoSessionHash(void *p)
 	}
 	ip = &session->SrcIp;
-	if (IsIP6(ip))
+	for (BYTE i = 0; i < sizeof(ip->address); ++i)
 	{
-		UINT i;
+		ret += ip->address[i];
 		for (i = 0; i < sizeof(ip->ipv6_addr); ++i)
 		{
 			ret += ip->ipv6_addr[i];
 		}
 		ret += ip->ipv6_scope_id;
 	}
 	else
 	{
 		UINT i;
 		for (i = 0; i < sizeof(ip->addr); ++i)
 		{
 			ret += ip->addr[i];
 		}
 	}
 	ret += ip->ipv6_scope_id;
 	ret += session->SrcPort;
 	ip = &session->DstIp;
-	if (IsIP6(ip))
+	for (BYTE i = 0; i < sizeof(ip->address); ++i)
 	{
-		UINT i;
+		ret += ip->address[i];
 		for (i = 0; i < sizeof(ip->ipv6_addr); ++i)
 		{
 			ret += ip->ipv6_addr[i];
 		}
 		ret += ip->ipv6_scope_id;
 	}
 	else
 	{
 		UINT i;
 		for (i = 0; i < sizeof(ip->addr); ++i)
 		{
 			ret += ip->addr[i];
 		}
 	}
 	ret += ip->ipv6_scope_id;
 	ret += session->DstPort;
 	return ret;
@ -213,6 +199,8 @@ PROTO *ProtoNew(CEDAR *cedar)
 	AddRef(cedar->ref);
 	// WireGuard
 	Add(proto->Containers, ProtoContainerNew(WgsGetProtoImpl()));
 	// OpenVPN
 	Add(proto->Containers, ProtoContainerNew(OvsGetProtoImpl()));
 	// SSTP
@ -291,7 +279,7 @@ PROTO_CONTAINER *ProtoContainerNew(const PROTO_IMPL *impl)
 			option->Bool = impl_option->Bool;
 			break;
 		case PROTO_OPTION_STRING:
-			option->String = CopyStr(impl_option->String);
+			option->String = impl_option->String != NULL ? CopyStr(impl_option->String) : impl->OptionStringValue(option->Name);
 			break;
 		default:
 			Debug("ProtoContainerNew(): unhandled option type %u!\n", impl_option->Type);
--- a/src/Cedar/Proto.h
+++ b/src/Cedar/Proto.h
@ -1,6 +1,11 @@
 #ifndef PROTO_H
 #define PROTO_H
 #include "CedarType.h"
 #include "Mayaqua/MayaType.h"
 #include "Mayaqua/Network.h"
 #define PROTO_OPTION_TOGGLE_NAME "Enabled"
 // OpenVPN sends 2 bytes, thus this is the buffer size.
@ -31,7 +36,7 @@ typedef struct PROTO
 	UDPLISTENER *UdpListener;
 } PROTO;
-typedef struct PROTO_OPTION
+struct PROTO_OPTION
 {
 	char *Name;
 	PROTO_OPTION_VALUE Type;
@ -40,15 +45,16 @@ typedef struct PROTO_OPTION
 		bool Bool;
 		char *String;
 	};
-} PROTO_OPTION;
+};
 typedef struct PROTO_IMPL
 {
 	const char *(*Name)();
 	const PROTO_OPTION *(*Options)();
 	char *(*OptionStringValue)(const char *name);
 	bool (*Init)(void **param, const LIST *options, CEDAR *cedar, INTERRUPT_MANAGER *im, SOCK_EVENT *se, const char *cipher, const char *hostname);
 	void (*Free)(void *param);
-	bool (*IsPacketForMe)(const PROTO_MODE mode, const UCHAR *data, const UINT size);
+	bool (*IsPacketForMe)(const PROTO_MODE mode, const void *data, const UINT size);
 	bool (*ProcessData)(void *param, TCP_RAW_DATA *in, FIFO *out);
 	bool (*ProcessDatagrams)(void *param, LIST *in, LIST *out);
 } PROTO_IMPL;
--- a/src/Cedar/Proto_EtherIP.c
+++ b/src/Cedar/Proto_EtherIP.c
@ -5,7 +5,18 @@
 // Proto_EtherIP.c
 // EtherIP protocol stack
-#include "CedarPch.h"
+#include "Proto_EtherIP.h"
 #include "Connection.h"
 #include "IPC.h"
 #include "Logging.h"
 #include "Proto_IKE.h"
 #include "Mayaqua/Memory.h"
 #include "Mayaqua/Object.h"
 #include "Mayaqua/Str.h"
 #include "Mayaqua/Table.h"
 #include "Mayaqua/Tick64.h"
 // IPC connection processing thread
 void EtherIPIpcConnectThread(THREAD *t, void *p)
@ -59,7 +70,7 @@ void EtherIPIpcConnectThread(THREAD *t, void *p)
 		EtherIPLog(s, "LE_START_IPC", id.HubName, id.UserName, mss);
 		ipc = NewIPC(s->Cedar, client_name,
 			(s->L2TPv3 ? ETHERIP_L2TPV3_POSTFIX : ETHERIP_POSTFIX),
-			id.HubName, id.UserName, id.Password,
+			id.HubName, id.UserName, id.Password, NULL,
 			&error_code,
 			&s->ClientIP, s->ClientPort,
 			&s->ServerIP, s->ServerPort,
--- a/src/Cedar/Proto_EtherIP.h
+++ b/src/Cedar/Proto_EtherIP.h
@ -8,8 +8,7 @@
 #ifndef	PROTO_ETHERIP_H
 #define	PROTO_ETHERIP_H
-//// Macro
+#include "Proto_IPsec.h"
 //// Constants
 #define	ETHERIP_VPN_CONNECT_RETRY_INTERVAL		(15 * 1000)	// VPN connection retry interval
--- a/src/Cedar/Proto_IKE.c
+++ b/src/Cedar/Proto_IKE.c
@ -5,7 +5,22 @@
 // Proto_IKE.c
 // IKE (ISAKMP) and ESP protocol stack
-#include "CedarPch.h"
+#include "Proto_IKE.h"
 #include "Cedar.h"
 #include "Connection.h"
 #include "Logging.h"
 #include "Proto_EtherIP.h"
 #include "Proto_IPsec.h"
 #include "Proto_L2TP.h"
 #include "Server.h"
 #include "Mayaqua/Memory.h"
 #include "Mayaqua/Object.h"
 #include "Mayaqua/Str.h"
 #include "Mayaqua/Table.h"
 #include "Mayaqua/TcpIp.h"
 #include "Mayaqua/Tick64.h"
 //#define	RAW_DEBUG
@ -128,8 +143,8 @@ void IPsecSendPacketByIPsecSa(IKE_SERVER *ike, IPSECSA *sa, UCHAR *data, UINT da
 				h.PayloadLength = Endian16(data_size);
 				h.NextHeader = protocol_id;
 				h.HopLimit = 64;
-				Copy(h.SrcAddress.Value, c->TunnelModeServerIP.ipv6_addr, 16);
+				Copy(h.SrcAddress.Value, c->TunnelModeServerIP.address, sizeof(h.SrcAddress.Value));
-				Copy(h.DestAddress.Value, c->TunnelModeClientIP.ipv6_addr, 16);
+				Copy(h.DestAddress.Value, c->TunnelModeClientIP.address, sizeof(h.DestAddress.Value));
 				WriteBuf(b, &h, sizeof(IPV6_HEADER));
@ -344,16 +359,16 @@ void IPsecSendUdpPacket(IKE_SERVER *ike, IKE_CLIENT *c, UINT src_port, UINT dst_
 	{
 		if (IsIPsecSaTunnelMode(c->CurrentIpSecSaSend) == false)
 		{
-			u->Checksum = CalcChecksumForIPv6((IPV6_ADDR *)c->TransportModeServerIP.ipv6_addr,
+			u->Checksum = CalcChecksumForIPv6((IPV6_ADDR *)c->TransportModeServerIP.address,
-				(IPV6_ADDR *)c->TransportModeClientIP.ipv6_addr,
+				(IPV6_ADDR *)c->TransportModeClientIP.address,
 				IP_PROTO_UDP,
 				u,
 				udp_size, 0);
 		}
 		else
 		{
-			u->Checksum = CalcChecksumForIPv6((IPV6_ADDR *)c->TunnelModeServerIP.ipv6_addr,
+			u->Checksum = CalcChecksumForIPv6((IPV6_ADDR *)c->TunnelModeServerIP.address,
-				(IPV6_ADDR *)c->TunnelModeClientIP.ipv6_addr,
+				(IPV6_ADDR *)c->TunnelModeClientIP.address,
 				IP_PROTO_UDP,
 				u,
 				udp_size, 0);
@ -2892,12 +2907,12 @@ void ProcIkeAggressiveModePacketRecv(IKE_SERVER *ike, UDPPACKET *p, IKE_PACKET *
 								if (IsIP6(&sa->IkeClient->ServerIP))
 								{
 									// IPv6 address
-									my_id_payload = IkeNewIdPayload(IKE_ID_IPV6_ADDR, 0, 0, sa->IkeClient->ServerIP.ipv6_addr, 16);
+									my_id_payload = IkeNewIdPayload(IKE_ID_IPV6_ADDR, 0, 0, sa->IkeClient->ServerIP.address, 16);
 								}
 								else
 								{
 									// IPv4 address
-									my_id_payload = IkeNewIdPayload(IKE_ID_IPV4_ADDR, 0, 0, sa->IkeClient->ServerIP.addr, 4);
+									my_id_payload = IkeNewIdPayload(IKE_ID_IPV4_ADDR, 0, 0, IPV4(sa->IkeClient->ServerIP.address), IPV4_SIZE);
 								}
 								// Build the ID payload tentatively
@ -3396,12 +3411,12 @@ void ProcIkeMainModePacketRecv(IKE_SERVER *ike, UDPPACKET *p, IKE_PACKET *header
 							if (IsIP6(&sa->IkeClient->ServerIP))
 							{
 								// IPv6 address
-								my_id_payload = IkeNewIdPayload(IKE_ID_IPV6_ADDR, 0, 0, sa->IkeClient->ServerIP.ipv6_addr, 16);
+								my_id_payload = IkeNewIdPayload(IKE_ID_IPV6_ADDR, 0, 0, sa->IkeClient->ServerIP.address, 16);
 							}
 							else
 							{
 								// IPv4 address
-								my_id_payload = IkeNewIdPayload(IKE_ID_IPV4_ADDR, 0, 0, sa->IkeClient->ServerIP.addr, 4);
+								my_id_payload = IkeNewIdPayload(IKE_ID_IPV4_ADDR, 0, 0, IPV4(sa->IkeClient->ServerIP.address), IPV4_SIZE);
 							}
 							// Build the ID payload tentatively
@ -3672,11 +3687,11 @@ BUF *IkeCalcNatDetectHash(IKE_SERVER *ike, IKE_HASH *hash, UINT64 initiator_cook
 	if (IsIP6(ip))
 	{
-		WriteBuf(b, ip->ipv6_addr, sizeof(ip->ipv6_addr));
+		WriteBuf(b, ip->address, sizeof(ip->address));
 	}
 	else
 	{
-		WriteBuf(b, ip->addr, sizeof(ip->addr));
+		WriteBuf(b, IPV4(ip->address), IPV4_SIZE);
 	}
 	us = Endian16((USHORT)port);
--- a/src/Cedar/Proto_IKE.h
+++ b/src/Cedar/Proto_IKE.h
@ -8,7 +8,7 @@
 #ifndef	PROTO_IKE_H
 #define	PROTO_IKE_H
-//// Macro
+#include "Proto_IkePacket.h"
 //// Constants
--- a/src/Cedar/Proto_IPsec.c
+++ b/src/Cedar/Proto_IPsec.c
@ -5,8 +5,21 @@
 // Proto_IPsec.c
 // IPsec module
-#include "CedarPch.h"
+#include "Proto_IPsec.h"
 #include "Hub.h"
 #include "Proto_IKE.h"
 #include "Proto_L2TP.h"
 #include "Proto_Win7.h"
 #include "Server.h"
 #include "Mayaqua/Kernel.h"
 #include "Mayaqua/Memory.h"
 #include "Mayaqua/Microsoft.h"
 #include "Mayaqua/Object.h"
 #include "Mayaqua/Str.h"
 #include "Mayaqua/Tick64.h"
 #include "Mayaqua/Unix.h"
 static bool ipsec_disable = false;
--- a/src/Cedar/Proto_IPsec.h
+++ b/src/Cedar/Proto_IPsec.h
@ -8,6 +8,8 @@
 #ifndef	PROTO_IPSEC_H
 #define	PROTO_IPSEC_H
 #include "Cedar.h"
 //// Constants
 // UDP port number
--- a/src/Cedar/Proto_IkePacket.c
+++ b/src/Cedar/Proto_IkePacket.c
@ -5,7 +5,11 @@
 // Proto_IkePacket.c
 // IKE (ISAKMP) packet processing
-#include "CedarPch.h"
+#include "Proto_IkePacket.h"
 #include "Mayaqua/Memory.h"
 #include "Mayaqua/Str.h"
 #include "Mayaqua/TcpIp.h"
 // Convert the string to a password
 BUF *IkeStrToPassword(char *str)
@ -378,11 +382,11 @@ BUF *IkeBuildNatOaPayload(IKE_PACKET_NAT_OA_PAYLOAD *t)
 	if (IsIP6(&t->IpAddress))
 	{
-		WriteBuf(ret, t->IpAddress.ipv6_addr, 16);
+		WriteBuf(ret, t->IpAddress.address, sizeof(t->IpAddress.address));
 	}
 	else
 	{
-		WriteBuf(ret, t->IpAddress.addr, 4);
+		WriteBuf(ret, IPV4(t->IpAddress.address), IPV4_SIZE);
 	}
 	return ret;
@ -1229,8 +1233,8 @@ bool IkeParseIdPayload(IKE_PACKET_ID_PAYLOAD *t, BUF *b)
 		return false;
 	}
-	Zero(&ip, sizeof(ip));
+	ZeroIP4(&ip);
-	Zero(&subnet, sizeof(subnet));
+	ZeroIP4(&subnet);
 	// Convert to string
 	Zero(t->StrData, sizeof(t->StrData));
@ -1243,9 +1247,9 @@ bool IkeParseIdPayload(IKE_PACKET_ID_PAYLOAD *t, BUF *b)
 		break;
 	case IKE_ID_IPV4_ADDR:
-		if (t->IdData->Size == 4)
+		if (t->IdData->Size == IPV4_SIZE)
 		{
-			Copy(ip.addr, t->IdData->Buf, 4);
+			Copy(IPV4(ip.address), t->IdData->Buf, IPV4_SIZE);
 			IPToStr(t->StrData, sizeof(t->StrData), &ip);
 		}
@ -1261,12 +1265,12 @@ bool IkeParseIdPayload(IKE_PACKET_ID_PAYLOAD *t, BUF *b)
 		break;
 	case IKE_ID_IPV4_ADDR_SUBNET:
-		if (t->IdData->Size == 8)
+		if (t->IdData->Size == IPV4_SIZE * 2)
 		{
 			char ipstr[MAX_SIZE];
 			char subnetstr[MAX_SIZE];
-			Copy(ip.addr, t->IdData->Buf, 4);
+			Copy(IPV4(ip.address), t->IdData->Buf, IPV4_SIZE);
-			Copy(subnet.addr, ((UCHAR *)t->IdData->Buf) + 4, 4);
+			Copy(IPV4(subnet.address), ((BYTE *)t->IdData->Buf) + IPV4_SIZE, IPV4_SIZE);
 			IPToStr(ipstr, sizeof(ipstr), &ip);
 			MaskToStr(subnetstr, sizeof(subnetstr), &subnet);
--- a/src/Cedar/Proto_IkePacket.h
+++ b/src/Cedar/Proto_IkePacket.h
@ -8,6 +8,11 @@
 #ifndef	PROTO_IKEPACKET_H
 #define	PROTO_IKEPACKET_H
 #include "CedarType.h"
 #include "Mayaqua/Mayaqua.h"
 #include "Mayaqua/Network.h"
 // Constants
 #ifdef	OS_WIN32
 #pragma pack(push, 1)
--- a/src/Cedar/Proto_L2TP.c
+++ b/src/Cedar/Proto_L2TP.c
@ -5,7 +5,20 @@
 // Proto_L2TP.c
 // L2TP protocol stack
-#include "CedarPch.h"
+#include "Proto_L2TP.h"
 #include "Connection.h"
 #include "Logging.h"
 #include "Proto_EtherIP.h"
 #include "Proto_IKE.h"
 #include "Proto_IPsec.h"
 #include "Proto_PPP.h"
 #include "Mayaqua/Memory.h"
 #include "Mayaqua/Network.h"
 #include "Mayaqua/Object.h"
 #include "Mayaqua/Str.h"
 #include "Mayaqua/TcpIp.h"
 // Release the L2TP AVP value
 void FreeL2TPAVP(L2TP_AVP *a)
--- a/src/Cedar/Proto_L2TP.h
+++ b/src/Cedar/Proto_L2TP.h
@ -8,7 +8,9 @@
 #ifndef	PROTO_L2TP_H
 #define	PROTO_L2TP_H
-//// Macro
+#include "CedarType.h"
 #include "Mayaqua/Network.h"
 // Check the sequence number
 #define	L2TP_SEQ_LT(a, b)			(((USHORT)(((USHORT)(a)) - ((USHORT)(b)))) & 0x8000)
--- a/src/Cedar/Proto_OpenVPN.c
+++ b/src/Cedar/Proto_OpenVPN.c
@ -5,7 +5,22 @@
 // Proto_OpenVPN.c
 // OpenVPN protocol stack
-#include "CedarPch.h"
+#include "Proto_OpenVPN.h"
 #include "Cedar.h"
 #include "Connection.h"
 #include "IPC.h"
 #include "Logging.h"
 #include "Proto_EtherIP.h"
 #include "Proto_PPP.h"
 #include "Server.h"
 #include "Mayaqua/Internat.h"
 #include "Mayaqua/Memory.h"
 #include "Mayaqua/Object.h"
 #include "Mayaqua/Str.h"
 #include "Mayaqua/Table.h"
 #include "Mayaqua/Tick64.h"
 // Ping signature of the OpenVPN protocol
 static UCHAR ping_signature[] =
@ -20,6 +35,7 @@ const PROTO_IMPL *OvsGetProtoImpl()
 	{
 		OvsName,
 		OvsOptions,
 		NULL,
 		OvsInit,
 		OvsFree,
 		OvsIsPacketForMe,
@ -69,16 +85,17 @@ void OvsFree(void *param)
 }
 // Check whether it's an OpenVPN packet
-bool OvsIsPacketForMe(const PROTO_MODE mode, const UCHAR *data, const UINT size)
+bool OvsIsPacketForMe(const PROTO_MODE mode, const void *data, const UINT size)
 {
 	if (data == NULL || size < 2)
 	{
 		return false;
 	}
 	if (mode == PROTO_MODE_TCP)
 	{
-		if (data == NULL || size < 2)
+		const UCHAR *raw = data;
-		{
+		if (raw[0] == 0x00 && raw[1] == 0x0E)
 			return false;
 		}
 		if (data[0] == 0x00 && data[1] == 0x0E)
 		{
 			return true;
 		}
@ -2899,7 +2916,7 @@ int OvsCompareSessionList(void *p1, void *p2)
 		return 0;
 	}
-	i = CmpIpAddr(&s1->Protocol, &s2->Protocol);
+	i = Cmp(&s1->Protocol, &s2->Protocol, sizeof(s1->Protocol));
 	if (i != 0)
 	{
 		return i;
--- a/src/Cedar/Proto_OpenVPN.h
+++ b/src/Cedar/Proto_OpenVPN.h
@ -8,6 +8,7 @@
 #ifndef	PROTO_OPENVPN_H
 #define	PROTO_OPENVPN_H
 #include "Proto.h"
 //// Constants
 #define	OPENVPN_UDP_PORT						1194	// OpenVPN default UDP port number
@ -215,11 +216,9 @@ const char *OvsName();
 const PROTO_OPTION *OvsOptions();
 bool OvsInit(void **param, const LIST *options, CEDAR *cedar, INTERRUPT_MANAGER *im, SOCK_EVENT *se, const char *cipher, const char *hostname);
 void OvsFree(void *param);
-bool OvsIsPacketForMe(const PROTO_MODE mode, const UCHAR *data, const UINT size);
+bool OvsIsPacketForMe(const PROTO_MODE mode, const void *data, const UINT size);
 bool OvsProcessData(void *param, TCP_RAW_DATA *in, FIFO *out);
 bool OvsProcessDatagrams(void *param, LIST *in, LIST *out);
 bool OvsIsOk(void *param);
 UINT OvsEstablishedSessions(void *param);
 OPENVPN_SERVER *NewOpenVpnServer(const LIST *options, CEDAR *cedar, INTERRUPT_MANAGER *interrupt, SOCK_EVENT *sock_event);
 void FreeOpenVpnServer(OPENVPN_SERVER *s);
--- a/src/Cedar/Proto_PPP.c
+++ b/src/Cedar/Proto_PPP.c
@ -5,7 +5,22 @@
 // Proto_PPP.c
 // PPP protocol stack
-#include "CedarPch.h"
+#include "Proto_PPP.h"
 #include "Account.h"
 #include "Cedar.h"
 #include "Connection.h"
 #include "Hub.h"
 #include "IPC.h"
 #include "Logging.h"
 #include "Proto_IPsec.h"
 #include "Radius.h"
 #include "Server.h"
 #include "Mayaqua/Memory.h"
 #include "Mayaqua/Object.h"
 #include "Mayaqua/Str.h"
 #include "Mayaqua/Tick64.h"
 // PPP main thread
 void PPPThread(THREAD *thread, void *param)
@ -1519,7 +1534,7 @@ bool PPPProcessPAPRequestPacket(PPP_SESSION *p, PPP_PACKET *pp)
 								// Attempt to connect with IPC
 								UINT error_code;
-								ipc = NewIPC(p->Cedar, p->ClientSoftwareName, p->Postfix, hub, id, password,
+								ipc = NewIPC(p->Cedar, p->ClientSoftwareName, p->Postfix, hub, id, password, NULL,
 								             &error_code, &p->ClientIP, p->ClientPort, &p->ServerIP, p->ServerPort,
 								             p->ClientHostname, p->CryptName, false, p->AdjustMss, NULL, NULL,
 								             IPC_LAYER_3);
@ -2844,7 +2859,7 @@ bool PPPParseMSCHAP2ResponsePacket(PPP_SESSION *p, PPP_PACKET *pp)
 			else if (p->Ipc == NULL)
 			{
 				Debug("MSCHAPv2 creating IPC\n");
-				ipc = NewIPC(p->Cedar, p->ClientSoftwareName, p->Postfix, hub, id, password,
+				ipc = NewIPC(p->Cedar, p->ClientSoftwareName, p->Postfix, hub, id, password, NULL,
 				             &error_code, &p->ClientIP, p->ClientPort, &p->ServerIP, p->ServerPort,
 				             p->ClientHostname, p->CryptName, false, p->AdjustMss, p->EapClient, NULL,
 				             +					IPC_LAYER_3);
@ -3252,7 +3267,7 @@ bool PPPProcessEAPTlsResponse(PPP_SESSION *p, PPP_EAP *eap_packet, UINT eapTlsSi
 				PPPParseUsername(p->Cedar, p->Eap_Identity, &d);
-				ipc = NewIPC(p->Cedar, p->ClientSoftwareName, p->Postfix, d.HubName, d.UserName, "",
+				ipc = NewIPC(p->Cedar, p->ClientSoftwareName, p->Postfix, d.HubName, d.UserName, "", NULL,
 				             &error_code, &p->ClientIP, p->ClientPort, &p->ServerIP, p->ServerPort,
 				             p->ClientHostname, p->CryptName, false, p->AdjustMss, NULL, p->Eap_TlsCtx.ClientCert.X,
 				             IPC_LAYER_3);
--- a/src/Cedar/Proto_PPP.h
+++ b/src/Cedar/Proto_PPP.h
@ -8,6 +8,9 @@
 #ifndef	PROTO_PPP_H
 #define	PROTO_PPP_H
 #include "CedarType.h"
 #include "Mayaqua/TcpIp.h"
 //// Macro
 #define	PPP_LCP_CODE_IS_NEGATIVE(c)			((c) == PPP_LCP_CODE_NAK || (c) == PPP_LCP_CODE_REJECT || (c) == PPP_LCP_CODE_CODE_REJECT || (c) == PPP_LCP_CODE_PROTOCOL_REJECT)
--- a/src/Cedar/Proto_SSTP.c
+++ b/src/Cedar/Proto_SSTP.c
@ -5,7 +5,17 @@
 // Proto_SSTP.c
 // SSTP (Microsoft Secure Socket Tunneling Protocol) protocol stack
-#include "CedarPch.h"
+#include "Proto_SSTP.h"
 #include "Connection.h"
 #include "Proto_PPP.h"
 #include "Server.h"
 #include "Mayaqua/HTTP.h"
 #include "Mayaqua/Kernel.h"
 #include "Mayaqua/Memory.h"
 #include "Mayaqua/Str.h"
 #include "Mayaqua/Tick64.h"
 const PROTO_IMPL *SstpGetProtoImpl()
 {
@ -13,6 +23,7 @@ const PROTO_IMPL *SstpGetProtoImpl()
 	{
 		SstpName,
 		SstpOptions,
 		NULL,
 		SstpInit,
 		SstpFree,
 		NULL,
--- a/src/Cedar/Proto_SSTP.h
+++ b/src/Cedar/Proto_SSTP.h
@ -8,6 +8,8 @@
 #ifndef	PROTO_SSTP_H
 #define	PROTO_SSTP_H
 #include "Proto.h"
 //// Constants
 #define	SSTP_URI				"/sra_{BA195980-CD49-458b-9E23-C84EE0ADCD75}/"		// SSTP HTTPS URI
 #define	SSTP_VERSION_1			0x10							// SSTP Version 1.0
--- a/src/Cedar/Proto_Win7.c
+++ b/src/Cedar/Proto_Win7.c
@ -5,39 +5,26 @@
 // Proto_Win7.c
 // Initialize the helper module for Windows 7 / Windows 8 / Windows Vista / Windows Server 2008 / Windows Server 2008 R2 / Windows Server 2012 / Windows 10
-#include <GlobalConst.h>
+#ifdef OS_WIN32
-#ifdef	WIN32
+#include "Proto_Win7.h"
 #include "Mayaqua/Cfg.h"
 #include "Mayaqua/FileIO.h"
 #include "Mayaqua/Internat.h"
 #include "Mayaqua/Memory.h"
 #include "Mayaqua/Microsoft.h"
 #include "Mayaqua/Str.h"
 #define	_WIN32_WINNT		0x0600
 #define	WINVER				0x0600
 #define	INITGUID
 #include <winsock2.h>
 #include <Ws2tcpip.h>
 #include <windows.h>
 #include <wincrypt.h>
 #include <wininet.h>
 #include <shlobj.h>
 #include <commctrl.h>
 #include <Dbghelp.h>
 #include <Fwpmu.h>
 #include <Fwpmtypes.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
 #include <wchar.h>
 #include <stdarg.h>
 #include <time.h>
 #include <errno.h>
 #include <Mayaqua/Mayaqua.h>
 #include <Cedar/Cedar.h>
 #include "Proto_Win7Inner.h"
 #include <Wfp/Wfp.h>
 #include <stdlib.h>
 #include <fwpmu.h>
 static IPSEC_WIN7_FUNCTIONS *api = NULL;
 static HINSTANCE hDll = NULL;
 // Initialize the IPsec helper module for Windows 7
 IPSEC_WIN7 *IPsecWin7Init()
 {
@ -49,11 +36,6 @@ IPSEC_WIN7 *IPsecWin7Init()
 	Debug("IPsecWin7Init()\n");
 	if (MsIsVista() == false)
 	{
 		return NULL;
 	}
 	if (MsIsAdmin() == false)
 	{
 		return NULL;
@ -173,12 +155,12 @@ void IPsecWin7UpdateHostIPAddressList(IPSEC_WIN7 *w)
 			if (IsIP4(ip))
 			{
 				a.IpVersion = 4;
-				Copy(a.IpAddress.IPv4Address, ip->addr, 4);
+				Copy(a.IpAddress.IPv4Address, IPV4(ip->address), sizeof(a.IpAddress.IPv4Address));
 			}
 			else
 			{
 				a.IpVersion = 6;
-				Copy(a.IpAddress.IPv6Address, ip->ipv6_addr, 16);
+				Copy(a.IpAddress.IPv6Address, ip->address, sizeof(a.IpAddress.IPv6Address));
 			}
 			WriteBuf(buf, &a, sizeof(WFP_LOCAL_IP));
--- a/src/Cedar/Proto_Win7.h
+++ b/src/Cedar/Proto_Win7.h
@ -8,6 +8,9 @@
 #ifndef	PROTO_WIN7_H
 #define	PROTO_WIN7_H
 #include "Proto_IPsec.h"
 #include "Proto_Win7Inner.h"
 // Constants
 #define	IPSEC_WIN7_SRC_SYS_X86	"|pxwfp_x86.sys"
 #define	IPSEC_WIN7_SRC_SYS_X64	"|pxwfp_x64.sys"
--- a/src/Cedar/Proto_Win7Inner.h
+++ b/src/Cedar/Proto_Win7Inner.h
@ -5,8 +5,15 @@
 // Proto_Win7Inner.h
 // Internal header of Proto_Win7.c
-#ifndef	PROTO_WIN7_INNER_H
+#ifdef OS_WIN32
-#define	PROTO_WIN7_INNER_H
+
 #ifndef PROTO_WIN7_INNER_H
 #define PROTO_WIN7_INNER_H
 #include "Mayaqua/MayaType.h"
 #include <rpc.h>
 #include <fwpmtypes.h>
 // API function
 typedef struct IPSEC_WIN7_FUNCTIONS
@ -74,4 +81,6 @@ struct IPSEC_WIN7
 };
-#endif	// PROTO_WIN7_INNER_H
+#endif // PROTO_WIN7_INNER_H
 #endif // OS_WIN32
--- a/src/Cedar/Proto_WireGuard.c
+++ b/src/Cedar/Proto_WireGuard.c
--- a/Show More
+++ b/Show More
		`@ -0,0 +1 @@`
							`Subproject commit b52178a376ca85a8ffe50492263c2a5bc0fa4f46`