jnsgruk / wireguard-over-wss Goto Github PK

I'm new to networking and I need to make a home vpn but I have a windows client. Can you please make a Config for windows or atleast help me by someway by sharing some links. I really need somebody's help but there's very less information on this topic.

Would be also nice to explain NGINX reverse proxy

user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;

events {
    worker_connections  1024;
}

stream {
  resolver 8.8.8.8;

  map $ssl_preread_server_name $selected_upstream {
    YOUR.WIREGUARD.WEBSITE.COM 127.0.0.1:10443;
    default 127.0.0.1:8443; # YOUR EXISTING HTTPS WEBSERVER ADDRESS
  }

  server {
    listen 443; # PORT WE WILL LISTEN ON
    proxy_pass $selected_upstream;
    ssl_preread on;
  }
}

source: WebSocket connection to WireGuard

I'm having trouble realizing your tutorial now. Is it still up to date ? I'm doing all the steps you describe, but then my wireguard interface can load correctly, but cannot work properly (no transfer of data, and a basic command as 'curl' just freeze).
Any advice, way to debugg it ?

Hi, where can I find the source code for the binary?

Regards

ERROR: /etc/wireguard/wstunnel.sh: line 119: dig: command not found

I get the above error when I run $ sudo wg-quick up myvpn on my archlinux machine. Any ideas what's going wrong?

Can you explain about the 4 post up routing?
Specially I don't understand the reason for 128.0.0.0 and 8000::

post_up () {
    local tun=$1
    ip route add 0.0.0.0/1 dev "${tun}" > /dev/null 2>&1
    ip route add ::0/1 dev "${tun}" > /dev/null 2>&1
    ip route add 128.0.0.0/1 dev "${tun}" > /dev/null 2>&1
    ip route add 8000::/1 dev "${tun}" > /dev/null 2>&1
}

**

/etc/systemd/system/wstunnel.service

**
This line is not working
ExecStart=/usr/local/bin/wstunnel -v --server wss://0.0.0.0:443 --restrictTo=127.0.0.1:51820

Error

systemctl status wstunnel.service

wstunnel.service - Tunnel WG UDP over websocket
Loaded: loaded (/etc/systemd/system/wstunnel.service; enabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Wed 2023-12-20 18:27:14 UTC; 6s ago
Process: 942 ExecStart=/usr/local/bin/wstunnel -v --server wss://0.0.0.0:443 --restrictTo=127.0.0.1:51820 (code=exited, status=2)
Main PID: 942 (code=exited, status=2)
CPU: 1ms

Dec 20 18:27:14 wireguard-vpn systemd[1]: Started Tunnel WG UDP over websocket.
Dec 20 18:27:14 wireguard-vpn wstunnel[942]: error: unexpected argument '-v' found
Dec 20 18:27:14 wireguard-vpn wstunnel[942]: Usage: wstunnel
Dec 20 18:27:14 wireguard-vpn wstunnel[942]: For more information, try '--help'.
Dec 20 18:27:14 wireguard-vpn systemd[1]: wstunnel.service: Main process exited, code=exited, status=2/INVALIDARGUMENT
Dec 20 18:27:14 wireguard-vpn systemd[1]: wstunnel.service: Failed with result 'exit-code'.

Please increase version support for the Openwrt system platform in wireguard-over-wss.

since you're running /usr/loca/bin/wstunnel with user=nobody on the client in your script, you should mention that nobody has to have execution permission.

I suggest adding this to the readme:

sudo chmod 705 /usr/local/bin/wstunnel