search

ViRb3 / wgcf

🚤 Cross-platform, unofficial CLI for Cloudflare Warp
MIT License
6.23k stars 690 forks source link

Server Misbehaving #61

Closed admkhalid closed 3 years ago

admkhalid commented 3 years ago

Got the program 3 days ago and followed the instructions. It worked fine for the first two days, but not for the last two days. I even re-registered for a new account and generated a new profile. I connect with: wg-quick up wgcf-profile.conf

Output:

[#] ip link add wgcf-profile type wireguard
[#] wg setconf wgcf-profile /dev/fd/63
[#] ip -4 address add 172.16.0.2/32 dev wgcf-profile
[#] ip -6 address add fd01:5ca1:ab1e:8cc1:76f7:891e:1eb5:130b/128 dev wgcf-profile
[#] ip link set mtu 1280 up dev wgcf-profile
[#] resolvconf -a tun.wgcf-profile -m 0 -x
/etc/resolvconf/update.d/libc: Warning: /etc/resolv.conf is not a symbolic link to /run/resolvconf/resolv.conf
[#] wg set wgcf-profile fwmark 51820
[#] ip -6 route add ::/0 dev wgcf-profile table 51820
[#] ip -6 rule add not fwmark 51820 table 51820
[#] ip -6 rule add table main suppress_prefixlength 0
[#] ip6tables-restore -n
[#] ip -4 route add 0.0.0.0/0 dev wgcf-profile table 51820
[#] ip -4 rule add not fwmark 51820 table 51820
[#] ip -4 rule add table main suppress_prefixlength 0
[#] sysctl -q net.ipv4.conf.all.src_valid_mark=1
[#] iptables-restore -n

Ran wgcf status and wgcf trace and the outputs were: 

2021/01/07 14:26:15 Using config file: wgcf-account.toml
2021/01/07 14:26:22 Get "https://api.cloudflareclient.com/v0a977/reg/fe69c229-7109-4064-86b5-3cdf01f37c9b": dial tcp: lookup api.cloudflareclient.com on 127.0.0.53:53: server misbehaving

and

2021/01/07 14:26:52 Using config file: wgcf-account.toml
2021/01/07 14:26:59 Get "https://cloudflare.com/cdn-cgi/trace": dial tcp: lookup cloudflare.com on 127.0.0.53:53: server misbehaving

respectively.

I also should mention that I'm running STUBBY for DNS over TLS with 1.1.1.1. But I presume that shouldn't matter because the VPN overrides any DNS settings to use its own. Correct me if I'm wrong.

ViRb3 commented 3 years ago

Hello. It looks to me that the DNS is not overriden, since your local DNS 127.0.0.53 is used, and it seems that it can't resolve your domains. I can't provide support for your setup, but if you fixed your DNS, the VPN should work. Try connecting to https://1.1.1.1/, it should work without a DNS.

admkhalid commented 3 years ago

So, I tried it with normal DNS settings (default config file generated by the program has DNS set to 1.1.1.1). It works but the DNS queries are not tunneled/encrypted for some reason. I thought every single data is tunneled on a VPN (correct me if I'm wrong). Even tried adding 1.1.1.1/32 to AllowedIPs in the config file. When using DoT or DoH blocked sites in my country are accessible (I guess my ISP using pretty weak blocking system). But after connecting to WARP with the config, it just keeps on loading. Here's my 1.1.1.1 debug result. It says DNS over WARP is working, but the blocked sites aren't accessible for some reason.