Forum Replies Created
-
Posts
-
Thanks, I have added a validation for these fields.
Could you share the config file you are having trouble with? Another question, did you test adapter (
-lac) or adapterless mode?Regarding mysqld, do you mean that it initiates an outgoing connection? Because otherwise, i.e. mysqld listen for the incoming connections and needs to be reachable through the tunnel, binding to the address of the VPN adapter will probably suffice.
I use DisallowedIPs to exclude my LAN (192.168.1.0/24) for Chrome:
AllowedApps = chrome DisallowedIPs = 192.168.1.0/24Hi!
Have you installed Windows Packet Filter driver?
I will add a proxy option. This can be really useful.
Wiresock VPN Client is standalone, you don’t need the official Wireguard client to make it work.
WireSock VPN Gateway needs an official Wireguard client and allows it to act as a WireGuard server.
The problem was parsing a configuration that expected the Address parameter to have a specified netmask, e.g.
Address = 10.10.0.4/32, 2001:dc8:a260::4/128while in your configuration the Address parameter looked likeAddress = 10.10.0.4 , 2001:dc8:a260::4.I have fixed the configuration parser in 1.2.8. Please give it a try.
Problems with
-lacoptions are caused by insufficient user privileges, please note that Wiresock should be run as administrator.You can email PCAP files directly to [email protected]. We can continue to review the issue privately, after which I will post the final solution here. Unfortunately, without anti-spam, I would have to delete too many users/spam daily…
Hello, could you please provide the generated PCAP files in addition to the application log? Also, could you check if using
-lacmakes a difference? With the latter option, Wiresock works closer to the stock client. One more question, do you have DNS specified in the config file (‘server not found’ points to DNS problem)?Currently, only the process name is checked, the path is ignored. It’s easy to change the check to a fully qualified pathname, but in the current implementation with a config file, this can lead to unwanted collisions. I plan to add an advanced configuration that will allow this.
You definitely read in my mind! I really was considering adding a proxy (as a dedicated process) that would be connected and intercepted by Wiresock. I implemented a similar thing for one side project.
I’m afraid something is wrong with your Dante server configuration. Unfortunately, it is difficult to guess and advise.
Check if you allowed configured UDP port range on Dante server machine, e.g. for 40000-45000 range it can be done by the command below:
iptables -I INPUT -p udp --dport 40000:45000 -j ACCEPTAccording to the wiresock log, the authentication and UDP ASSOCIATE commands succeeded, but the handshake packet did not reach its destination. Most likely, it was blocked by the firewall (iptables or VPS provider). Please check this post for configuration details. They are specific to the Oracle cloud, but should be close to any other VPS.
Unfortunately, the SOCKS5 proxy provided by the SSH client does not support UDP and you cannot use it to forward the handshake. You need to set up a SOCKS5 UDP-enabled proxy (Dante) on the remote machine to use this option.
