Forum Replies Created
-
Posts
-
that was in reference to your information from previous post that “By default, if you have an MTU specified in your Wireguard configuration, all DNS queries will be intercepted and routed through the tunnel to the designated DNS server”. i guess that was a typo?
i do have a DNS (ipv4 and ipv6, though i’m not sure what the ipv6 is for) specified in the config, in the [Interface] section. so in that case my DNS queries should be going to that specified server, but they’re not…?
thank you for your response.
i’m not using the
-lacparameter so i’m guess i’m running it in transparent mode.thank you for explaining the DNS situation, i never really thought about how it’s handled. i think neither sending all DNS queries to my pi-hole or to the DNS specified in my wireguard config is ideal. however, out of all my AllowedApps specified in the config, the only one that could potentially make DNS requests is firefox, and apparently firefox can be forced to use a different DNS by specifying a SOCKS5 proxy. so it seems like an optimal solution exists for my use-case, just have to figure out how to do it.
i’m pretty not good at this, but i’ve had a look at the pcap files with wireshark. seems like what you said about wiresock determining which DNS server to use checks out, my config does not have an MTU specified, thus i see a handful of DNS queries that were sent to my pi-hole and the seemingly correct responses to them. however, when i was having this issue, i was using the ping cmd command to ping a particular website i haven’t visited in a long while (the ping of course failed because it “couldn’t find the host”), and amongst these DNS queries i do not see that website. i don’t know what to make of this.
after almost a month of not having this issue, i just started having this issue again. so i looked deeper.
apparently, wiresock is blocking my DNS requests. my primary DNS on my PC is set to my router’s IP, the secondary is my pi-hole instance. when i relaunched wiresock with log-level all, i found the following lines in the log file (WG_DNS_IP is the DNS set in my wireguard conf file):
2024-02-22 16:43:28 [FILTER]: Skipping disallowed IP: PROTOCOL 6 : PC_IP -> ROUTER_IP 2024-02-22 16:43:34 [FILTER]: Skipping disallowed IP: PROTOCOL 17 : PC_IP -> PIHOLE_IP 2024-02-22 16:43:43 [FILTER]: Skipping disallowed IP: PROTOCOL 6 : PC_IP -> PIHOLE_IP 2024-02-22 16:43:43 [FILTER]: Dnscache : DNS : PC_IP:63211 -> WG_DNS_IP[ROUTER_IP]:53like flicking a switch, shutting down wiresock unclogs DNS traffic and everything works fine.
if this is not enough information, i also have the pcap files. where can i send them to you directly?
thanks for the response. i’m not living anywhere that would cause me extra difficulties in connecting to a VPN, like russia.
to clarify, the wireguard configurations on my pc and phone are identical except for the private and preshared key. both devices connect to the same vpn via same ip:port using the same internet connection – and using them concurrently never caused me issues in the past.
i’ll enable logging to have something to provide for later. by the way, is there a way to force wiresock to save the captured packets file somewhere else, like on another drive?
i don’t know what and why, but after an hour the issue just solved itself. though i’d still be happy to find out what happened.
oh and forgot to add, i also tried to remove wiresock, reboot and install again, didn’t fix it sadly.
not sure if related to this update, but i just had my IP leaked. service was apparently running, but my apps from AllowedApps kept working through my bare connection regardless.
unfortunately i don’t have any logs right now – i had just reinstalled the service and enabled log-level all, so if it happens again, i should hopefully have some logs. right now, the only possibly helpful thing i can mention is that my PC was running for over 24h now. may be related, may be not.
i just tested it by rebooting my wireguard server and sure enough, my apps had no internet connection during the reboot process, and once the server was back up, it was automatically restored. seems to work perfectly!
thank you for your work!
thanks, I’ll try that. for the time being I just made copies of the exe files i want (thankfully these apps didn’t complain) and run them with different names, so they’re not going through wiresock.
for the record, i tried to do this with AllowedIPs by including all the addresses other than my LAN (10.0.0.0/24), so i tried to do this:
AllowedIPs = 0.0.0.0/5,8.0.0.0/7,10.0.1.0/1,128.0.0.0/1,::/0
in theory that should have included the IP range of 0.0.0.0-9.255.255.255 and 10.0.1.0 to 255.255.255.255, leaving a gap for my LAN, 10.0.0.0 to 10.0.0.255. but i guess there’s something else that has to be done? because that won’t work
sorry for a double post but forgot to ask, maybe a silly question, but does wiresock require the official wireguard client to be installed in order to work properly?
brilliant, it works now! thank you <3
somewhat of a relief it was actually a bug and not just me misconfiguring something as I usually happen to do – but glad I helped to find and squash a bug 🙂
the proxy thing is now the only feature i’m missing in this “private tunnel” setup, gotta be careful now since i assume if the WG connection fails for any kind of reason, it can leak my “true” IP at any time without warning, which is kind of spooky. once that’s sorted out, i can wave my commercial VPN goodbye 🙂
i figured it could be a permission problem, but running wiresock from an elevated command prompt results in the same error.
i’ll send an e-mail in just a minute, thanks 🙂
sorry, but if PCAP files are what I think they are (captured network traffic), are they safe to share here? how can i sent them to you privately?
using -lac ends up with this in the logs:
[TUN]: Failed to rename WireSock virtual adapter connection! lasterror: 0
[TUN]: WireSock virtual adapter is not available!
[MGR]: Tunnel has failed to start
[TUN]: cancel_notify_ip_interface_change has failed, lasterror: 6i do have dns servers specified in the config file, but it’s probably not something dns related, because i cannot load sites using direct IP addresses either (testing on a site that does load via IP otherwise).
PS: this anti-vpn mechanism of this site is so getting in my way right now 🙁
