How to remove server timeout of 10seconds.

[shanravins0]

Server Logs

● wstunnel.service - Tunnel WireGuard UDP over websocket Loaded: loaded (/etc/systemd/system/wstunnel.service; enabled; vendor preset: enabled) Active: active (running) since Mon 2024-04-08 15:55:04 UTC; 3s ago Main PID: 1847 (wstunnel) Tasks: 2 (limit: 1121) Memory: 1.0M CPU: 4ms CGroup: /system.slice/wstunnel.service └─1847 /usr/local/bin/wstunnel server wss://0.0.0.0:443 --restrict-to 127.0.0.1:51820

Apr 08 15:55:04 ip-172-xx-xx-xx systemd[1]: Started Tunnel WireGuard UDP over websocket. Apr 08 15:55:04 ip-172-xx-xx-xx wstunnel[1847]: 2024-04-08T15:55:04.563653Z INFO wstunnel::embedded_certificate: Loading embedded tls certificate Apr 08 15:55:04 ip-172-xx-xx-xx wstunnel[1847]: 2024-04-08T15:55:04.570723Z INFO wstunnel::embedded_certificate: Loading embedded tls private key Apr 08 15:55:04 ip-172-xx-xx-xx wstunnel[1847]: 2024-04-08T15:55:04.571071Z INFO wstunnel: Starting wstunnel server v9.2.5 with config WsServerConfig { socket_so_mark: None, bind: 0.0.0.0:443, restrict_to: Some(["127.0.0.1:51820"]), restrict_http_upgrade_path_prefix: None, websocket_ping_frequency: None, ### timeout_connect: 10s, websocket_mask_frame: false, tls: true } Apr 08 15:55:04 ip-172-xx-xx-xx wstunnel[1847]: 2024-04-08T15:55:04.571258Z INFO wstunnel::tunnel::server: Starting wstunnel server listening on 0.0.0.0:443 ~

issue

Because of the server timeout my client is not able to conect to the server. I'm getting this erorr.

2024-04-08T15:48:01.305074Z ERROR tunnel{id="xxxxxxxxxxxxxxxxxxxxxxxxxxxxx" remote="127.0.0.1:51820"}: wstunnel::tunnel::client: failed to get a connection to the server from the pool: TimedOut

[erebe]

Hello,

The timeout is client side, not server side (the value is set but not used). For now, the value is set in stone in the code and cannot be changed https://github.com/erebe/wstunnel/blob/main/src/main.rs#L741

But are you sure, you have not misconfigured something ? Because taking more than 10s to do a TCP connect is a very long time. Would you mind sharing the log with the client started with RUST_LOG=trace wstunnel client xxx

[shanravins0]

RUST_LOG=trace wstunnel client xxx

I dont know how to get this.

By the way I want to use wstunnel to obfuscate my wireguard traffic.

my client config for wireguard

[Interface] Address = 192.168.0.2/32 MTU = 1280 SaveConfig = true FwMark = 0xca6c PrivateKey = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx DNS = 1.1.1.1

[Peer] PublicKey = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx AllowedIPs = 0.0.0.0/0, ::/0 Endpoint = 127.0.0.1:51820 PersistentKeepalive = 1

my wstunnel client config

wstunnel client -L 'udp://127.0.0.1:51820:127.0.0.1:51820?timeout_sec=10' wss://SERVER_IP:443

[erebe]

Try to do a curl https://SERVER_IP:443 first to check that your server respond/is reachable.

For your wireguard, be sure to set a static route, as described here https://github.com/erebe/wstunnel?tab=readme-ov-file#wireguard-and-wstunnel- , as you set a catch all AllowedIp

or use https://www.procustodibus.com/blog/2021/03/wireguard-allowedips-calculator/ to configure your AllowedIP. You must exclude the ip of the wstunnel server SERVER_IP

[shanravins0]

I'm able to use wireguard VPN. So that means my server is working.

[erebe]

Can you try to do a curl -vvv https://wstunnel on the server from the client to see how long it takes to get a response ?

[shanravins0]

well some how i fixed the issue. Actually it's not a fix. The issue was with the routing. sudo ip route add 16.xxx.xxx.xxx dev enp2s0 via 192.168.1.1

The routing wasn't persistent. I didn't knew that. Now what i do is after every reboot i add a default route to the server.