Open romanrm opened 1 year ago
swgp-go is a packet proxy. It's based on the client-server model, rather than the initiator-responder model used by the Noise protocol. The packets between a swgp-go client and server are obfuscated or encrypted, to varying degrees, depending on your chosen mode.
In the context of censorship circumvention, the user behind the censor is usually the only initiator. Therefore the most common way of deployment is to run a "client" on the user side and a "server" on the remote side. The current design of swgp-go is not suitable for situations where both peers need to be able to actively initiate new sessions after long periods of inactivity.
@database64128 I would like to thank you for your nice work on behalf of myself and community. This is an excellent product! Couldn't have done it better myself.
In order to let people deploy your application faster and certainly for my own purposes I shared a couple of prebuilt Docker images. In my corresponding repository I elaborated on terminology and deployment issues related to migration from pure wireguard to wireguard + swgp-go setup. Hope it helps somebody.
Thank you for your work on the Docker images. One thing to note, you might want to change the Go version in Dockerfile to 1.21, as swgp-go might start requiring it soon.
Hello,
The current page is confusing, firstly because with WG there were never a server and a client, but only peers (nodes);
As such it is unclear which side needs to run swgp-go server and which a client; or do both communicating peers need to run both a server and a client? The latter appears to be the case, because the "server" part talks only about decryption, and the client part is about encryption. Or if not, does this mean that only the traffic flowing from client to server is encrypted, what about the return traffic?
Can there be multiple "servers" and multiple "clients" clauses in the config file, and how they would be matched to each other (or should they be)?
Thanks